Dan Drollette shares an article by two staffers at the Center for Global Security Research at Lawrence Livermore National Laboratory from The Bulletin of Atomic Scientists.

"Indian officials acknowledged on October 30th that a cyberattack occurred at the country's Kudankulam nuclear power plant," they write, adding that "According to last Monday's Washington Post, Kudankulam is India's biggest nuclear power plant, 'equipped with two Russian-designed and supplied VVER pressurized water reactors with a capacity of 1,000 megawatts each.'"

So what did we learn? While reactor operations at Kudankulam were reportedly unaffected, this incident should serve as yet another wake-up call that the nuclear power industry needs to take cybersecurity more seriously. There are worrying indications that it currently does not: A 2015 report by the British think tank Chatham House found pervasive shortcomings in the nuclear power industry's approach to cybersecurity, from regulation to training to user behavior. In general, nuclear power plant operators have failed to broaden their cultures of safety and security to include an awareness of cyberthreats. (And by cultures of safety and security, those in the field -- such as the Fissile Materials Working Group -- refer to a broad, all-embracing approach towards nuclear security, that takes into account the human factor and encompasses programs on personnel reliability and training, illicit trafficking interception, customs and border security, export control, and IT security, to name just a few items. The Hague Communique of 2014 listed nuclear security culture as the first of its three pillars of nuclear security, the other two being physical protection and materials accounting.)

This laxness might be understandable if last week's incident were the first of its kind. Instead, there have been over 20 known cyber incidents at nuclear facilities since 1990. This number includes relatively minor items such as accidents from software bugs and inadequately tested updates along with deliberate intrusions, but it demonstrates that the nuclear sector is not somehow immune to cyber-related threats. Furthermore, as the digitalization of nuclear reactor instrumentation and control systems increases, so does the potential for malicious and accidental cyber incidents alike to cause harm.

This record should also disprove the old myth, unfortunately repeated in Kudankulam officials' remarks, that so-called air-gapping effectively secures operational networks at plants. Air-gapping refers to separating the plant's internet-connected business networks from the operational networks that control plant processes; doing so is intended to prevent malware from more easily infected business networks from affecting industrial control systems. The intrusion at Kudankulam so far seems limited to the plant's business networks, but air gaps have failed at the Davis-Besse nuclear power plant in Ohio in 2003 and even classified U.S. military systems in 2008. The same report from Chatham House found ample sector-wide evidence of employee behavior that would circumvent air gaps, like charging personal phones via reactor control room USB slots and installing remote access tools for contractors... [R]evealing the culprits and motives associated with the Kudankulam attack matters less for the nuclear power industry than fixing the systemic lapses that enabled it in the first place.
"The good news is that solutions abound..." the article concludes, noting guidance, cybersecurity courses, technical exchanges, and information through various security-minded public-private partnerships. "The challenge now is integrating this knowledge into the workforce and maintaining it over time...

"But last week's example of a well-established nuclear power program responding to a breach with denial, obfuscation, and shopworn talk of so-called 'air-gaps' demonstrates how dangerously little progress the industry has made to date."

Microsoft is planning to bring its Defender antivirus to Linux systems next year, reports ZDNet: Microsoft announced the brand change from Windows Defender to Microsoft Defender in March after giving security analysts the tools to inspect enterprise Mac computers for malware via the Microsoft Defender console.

Rob Lefferts, corporate vice president for Microsoft's M365 Security, told ZDNet that Microsoft Defender for Linux systems will be available for customers in 2020.
In October TechSpot reported that Defender placed in the top 10 among all major antivirus programs, narrowly beating established software like Bitdefender, Kaspersky, and Mcafee with an online protection rate of 99.96%, according to testing by independent lab AV-Comparative.

Long-time Slashdot reader taiwanjohn shared this article from Live Science: The mind-bending calculations required to predict how three heavenly bodies orbit each other have baffled physicists since the time of Sir Isaac Newton. Now artificial intelligence (A.I.) has shown that it can solve the problem in a fraction of the time required by previous approaches.

Newton was the first to formulate the problem in the 17th century, but finding a simple way to solve it has proved incredibly difficult. The gravitational interactions between three celestial objects like planets, stars and moons result in a chaotic system -- one that is complex and highly sensitive to the starting positions of each body. Current approaches to solving these problems involve using software that can take weeks or even months to complete calculations. So researchers decided to see if a neural network -- a type of pattern recognizing A.I. that loosely mimics how the brain works -- could do better.

The algorithm they built provided accurate solutions up to 100 million times faster than the most advanced software program, known as Brutus. That could prove invaluable to astronomers trying to understand things like the behavior of star clusters and the broader evolution of the universe, said Chris Foley, a biostatistician at the University of Cambridge and co-author of a paper to the arXiv database, which has yet to be peer-reviewed.

Lorenzo Franceschi-Bicchierai and Joseph Cox, reporting for Motherboard: In early 2018, Google's parent conglomerate Alphabet announced the birth of a new "independent" startup that was supposed to revolutionize cybersecurity. Chronicle was meant to be a new type of startup. One of its products was designed to structure, organize, and help companies understand their security related data -- a "Google Photos for businesses' network security," as Forbes put it when the company announced its first product this year. The promise was radical: Chronicle would leverage machine learning and Alphabet's near-endless well of security telemetry data about known malware and internet infrastructure and use it to help security teams at companies detect intrusions that could threaten a company's network. Crucially, Chronicle would also remain independent from Google, according to Stephen Gillett, the startup's CEO.

"We want to 10x the speed and impact of security teams' work by making it much easier, faster and more cost-effective for them to capture and analyze security signals that have previously been too difficult and expensive to find," Gillett wrote in a blog post announcing Chronicle. "We know this mission is going to take years, but we're committed to seeing it through." At the time it was unclear what Chronicle was going to be. But industry observers were excited for what they thought was going to be a significant disruptor in an industry that is full of relatively old technologies such as antivirus and firewalls, is rife with products that offer solutions in search of a problem and outright snake oil. "Chronicle is dead," a current employee told Motherboard. "Stephen [Gillett] and Google killed it." Employees have left because of a combination of Chronicle losing its original vision, a distant CEO, a lack of clarity about Chronicle's future, and disappointment that the startup has been swallowed into Google, according to interviews with five current and former employees who were present across different stages of Chronicle's growth.

A million Americans a year are arrested for drunken driving, and most stops begin the same way: flashing blue lights in the rearview mirror, then a battery of tests that might include standing on one foot or reciting the alphabet. What matters most, though, happens next. From a report: By the side of the road or at the police station, the drivers blow into a miniature science lab that estimates the concentration of alcohol in their blood. If the level is 0.08 or higher, they are all but certain to be convicted of a crime. But those tests -- a bedrock of the criminal justice system -- are often unreliable, a New York Times investigation found. The devices, found in virtually every police station in America, generate skewed results with alarming frequency, even though they are marketed as precise to the third decimal place. Judges in Massachusetts and New Jersey have thrown out more than 30,000 breath tests in the past 12 months alone, largely because of human errors and lax governmental oversight. Across the country, thousands of other tests also have been invalidated in recent years. The machines are sensitive scientific instruments, and in many cases they haven't been properly calibrated, yielding results that were at times 40 percent too high. Maintaining machines is up to police departments that sometimes have shoddy standards and lack expertise. In some cities, lab officials have used stale or home-brewed chemical solutions that warped results. In Massachusetts, officers used a machine with rats nesting inside.

"California's electricity system is failing," argues Vox, in an article shared by Slashdot reader nickwinlund77. But they're proposing a way "to make California's electricity system cleaner, more reliable, and more resilient." In a nutshell, it is accelerating the evolution from a centralized, top-down, long-distance, one-way energy system to a more decentralized, bottom-up, local, networked system. In the energy world, this is summed up as a more distributed energy system. It puts more power, both electrical and political, in local hands. Though it is still in early days, and only hints of what's to come are yet visible, the evolution to a more distributed system is inevitable...

Solar+storage+smart inverter systems work better and more seamlessly [than diesel generators] during a blackout. What's more, when they are connected together into a microgrid, their collective generation and consumption can be balanced out, maximizing backup power... The knock on microgrids has traditionally been that they're expensive, but they are already reaching cost parity with California grid power in some places. And while it is true that, on an upfront-capital basis, they are more expensive than diesel generators, they are not more expensive on a lifetime basis because clean distributed-energy resources, unlike diesel generators, can provide useful services even when there's no blackout... As Public Safety Power Shutoff events continue, emergency-backup benefits will be enough to kick-start a decent microgrid market. It's already happening, especially around Tier 1 loads. And customers are herding to solar+storage systems, as Tesla and other companies eye big growth...

The core problem with California's electricity system is that its millions of customers are overwhelmingly dependent on power generated by large, remote power plants and carried over long distances on overhead power lines, often through hilly, mountainous, and/or forested territory becoming dryer and more fire-prone by the year... [U]tilities are still operating with a 20th-century hangover, a model that forces them to prefer big investments in big grid infrastructure.
The article also notes "vehicle-to-grid" technology which will offer electric cars bidirectional energy-storage and demand-shifting capabilities, and argues that a network of distributed-energy resources can ultimately be installed quickly and will lower the need for long-distance power transmission lines.

But it argues the transition won't happen until the state's government makes a more ambitious push.

"Top domain name registrars NetworkSolutions.com, Register.com and Web.com are asking customers to reset their passwords after discovering an intrusion in August 2019 in which customer account information was accessed," reports security researcher Brian Krebs: "On October 16, 2019, Web.com determined that a third-party gained unauthorized access to a limited number of its computer systems in late August 2019, and as a result, account information may have been accessed," Web.com said in a written statement. "No credit card data was compromised as a result of this incident." The Jacksonville, Fla.-based Web.com said the information exposed includes "contact details such as name, address, phone numbers, email address and information about the services that we offer to a given account holder...."

Both Network Solutions and Register.com are owned by Web.com. Network Solutions is now the world's fifth-largest domain name registrar, with almost seven million domains in its stable, according to domainstate.com; Register.com listed at #17 with 1.7 million domains.... Web.com said it has reported the incident to law enforcement and hired an outside security firm to investigate further, and is in the process of notifying affected customers through email and via its website....

Web.com wasn't clear how long the intrusion lasted, but if the breach wasn't detected until mid-October that means the intruders potentially had about six weeks inside unnoticed. That's a long time for an adversary to wander about one's network, and plenty of time to steal a great deal more information than just names, addresses and phone numbers.

dryriver shares a report from CNN: Several rival companies may be hard at work trying to get Elon Musk's Hyperloop concept off the ground, but hurtling across country -- maybe even across continents -- at 600 miles per hour in a low-pressure steel tube still feels far from reality. But 13-year-old New York student Caroline Crouchley may have invented a more economically viable and eco-friendly Hyperloop solution. Crouchley's idea, which just won second place in the annual 3M Young Scientist Challenge, is to build pneumatic tubes next to existing train tracks. Magnetic shuttles would travel through these vacuum tubes, connected via magnetic arm to trains traveling on the existing tracks. This system would utilize current train tracks, thereby cutting infrastructure costs and, Crouchley says, eradicating the potential safety risk posed by propelling passengers in a vacuum. There'd be no need for trains to use diesel or electric motors, making the trains lighter and more fuel-efficient. This is important to Crouchley, who aims to devise active solutions to the climate crisis. "I pinpointed transportation as something I wanted to work on because if we can make trains more efficient, then we can eliminate the amount of cars, trucks and buses on the road," Crouchley tells CNN Travel.

An anonymous reader quotes a report from Fast Company: Motorola Solutions (not to be confused with Motorola Mobility, which makes the smartphones you know), the biggest global player in these LMR walkies, is releasing what appears to be the most advanced walkie-talkie ever. Called the APX Next, it's a chunky black brick with a thick antenna and a giant push-to-talk button on its side. Much like an iPhone, it also features a touchscreen on its front -- but don't be distracted by that. Its real innovation was born from 2,000 hours of interviews and testing with more than 50 emergency service agencies, including SWAT teams and detectives. It's a voice-recognition system that can operate in extremely loud environments, with artificial intelligence software that can look up 95 of the most common things a police officer or firefighter would call into dispatch -- like a driver's license, or license plate -- without any human operator on the other end of the line. But its ultimate promise is simply to free up the user's hands as much as possible, ensuring that someone is as safe and capable as possible during an emergency.

APX Next is a walkie-talkie and a cellphone combined. It has both the high-powered radio chip for land communications and a low-powered 4G/LTE chip for cell-tower data. These two chips can work at the same time, which is an engineering challenge, especially because the walkie-radio has 25 times the wattage of the 4G chip. The core buttons, including the large talk button, are all designed as you'd expect, to ensure they can be used without looking, and purely by muscle memory in stressful situations. Four separate microphones capture your voice, with programming designed specifically to cancel out exceptionally loud noises. But it isn't always listening for a wake word like the Echo or Google Home. You need to hit a button to cue the assistant. The company says it's using unnamed third parties to handle the natural language processing in the cloud. "What Motorola did was train the model specifically to handle things like ten-codes and even regionally specific dialects across the U.S," the report says.

"Once a question is sent to the cloud, the AI is able to scour a city or force's database for the same private information a dispatcher would be looking up." What's also neat is that the AI won't automatically read sensitive information out loud. Instead, the radio will beep when it has an answer, and the user can get to a private place, if they wish, before hitting a button to hear the results.

Gartner research has announced 10 "strategic technology trends that will drive significant disruption and opportunity over the next 5 to 10 years." And the trends include "hyperautomation" -- applying advanced technologies like AI and machine learning to tasks "that once required humans," combining robotic process automation with intelligent business management software to provide "real-time, continuous intelligence about the organization...with a goal of increasingly AI-driven decision making."

They also predict "autonomous things," including drones, appliances, robots, and even ships, sometimes working in collaborative swarms, that "exploit AI to perform tasks usually done by humans." Trend #6 is "the empowered edge," where IoT devices become the foundation for "smart spaces" that move services and applications closer to where they're actually used, creating a world of smart buildings and city spaces. Plus, they're also predicting a movement from centralized public clouds to distributed public clouds which allow data centers to be located anywhere. ("This solves both technical issues like latency and also regulatory challenges like data sovereignty.")

Trend #10 looks at the possibility of AI-enhanced security solutions -- and AI-powered security threats -- as well as the need to provide security for our new AI-powered systems. But they also envision a trend that "replaces technology-literate people with people-literate technology" providing sophisticated "multiexperiences" though "multisensory and multitouchpoint interfaces like wearables and advanced computer sensors." They even predict "fully-scalable" blockchain by 2023, while also predicting its impact on the economy will be felt through integrations with "complementary technologies" like AI and IoT. ("For example, a car would be able to negotiate insurance prices directly with the insurance company based on data gathered by its sensors.")

Trend #3 is "Democratization of technology" (or "citizen access"), a prediction which includes "AI-driven development" of data science models for automated testing. And interestingly, trend #5 is transparency and traceability: The evolution of technology is creating a trust crisis. As consumers become more aware of how their data is being collected and used, organizations are also recognizing the increasing liability of storing and gathering the data. Additionally, AI and ML are increasingly used to make decisions in place of humans, evolving the trust crisis and driving the need for ideas like explainable AI and AI governance.

This trend requires a focus on six key elements of trust: Ethics, integrity, openness, accountability, competence and consistency.
Trend #4 even predicts humans will merge with technology. "[W]hat if scientists could augment the brain to increase memory storage, or implant a chip to decode neural patterns? What if exoskeletons became a standard uniform for autoworkers, enabling them to lift superhuman weights? What if doctors could implant sensors to track how drugs travel inside a body...?"

An anonymous reader quotes Popular Mechanics: An assistant professor from the University of New South Wales Sydney in Australia has developed a new method for multiplying giant numbers together that's more efficient than the "long multiplication" so many are taught at an early age. "More technically, we have proved a 1971 conjecture of Schönhage and Strassen about the complexity of integer multiplication," associate professor David Harvey says in this video...

Schönhage and Strassen predicted that an algorithm multiplying n-digit numbers using n * log(n) basic operations should exist, Harvey says. His paper is the first known proof that it does...

The [original 1971] Schönhage-Strassen method is very fast, Harvey says. If a computer were to use the squared method taught in school on a problem where two numbers had a billion digits each, it would take months. A computer using the Schönhage-Strassen method could do so in 30 seconds. But if the numbers keep rising into the trillions and beyond, the algorithm developed by Harvey and collaborator Joris van der Hoeven at École Polytechnique in France could find solutions faster than the 1971 Schönhage-Strassen algorithm.

"It means you can do all sorts of arithmetic more efficiently, for example division and square roots," he says. "You could also calculate digits of pi more efficiently than before. It even has applications to problems involving huge prime numbers.
"The question is, how deep does n have to be for this algorithm to actually be faster than the previous algorithms?" the assistant professor says in the video. "The answer is we don't know.

"It could be billions of digits. It could be trillions. It could be much bigger than that. We really have no idea at this point."

Five years after CBS publicized the fact that the Air Force still used eight-inch floppy disks to store data critical to operating the Air Force's intercontinental ballistic missile command, the aerial and space warfare service branch decided it was time to officially retire them. Ars Technica reports: The system, once called the Strategic Air Command Digital Network (SACDIN), relied on IBM Series/1 computers installed by the Air Force at Minuteman II missile sites in the 1960s and 1970s. Despite the contention by the Air Force at the time of the 60 Minutes report that the archaic hardware offered a cybersecurity advantage, the service has completed an upgrade to what is now known as the Strategic Automated Command and Control System (SACCS), as Defense News reports. SAACS is an upgrade that swaps the floppy disk system for what Lt. Col. Jason Rossi, commander of the Air Force's 595th Strategic Communications Squadron, described as a "highly secure solid state digital storage solution." The floppy drives were fully retired in June.

But the IBM Series/1 computers remain, in part because of their reliability and security. And it's not clear whether other upgrades to "modernize" the system have been completed. Air Force officials have acknowledged network upgrades that have enhanced the speed and capacity of SACCS' communications systems, and a Government Accountability Office report in 2016 noted that the Air Force planned to "update its data storage solutions, port expansion processors, portable terminals, and desktop terminals by the end of fiscal year 2017." But it's not clear how much of that has been completed.

The US Federal Bureau of Investigation (FBI) last month sent a security advisory to private industry partners about the rising threat of attacks against organizations and their employees that can bypass multi-factor authentication (MFA) solutions. From a report: "The FBI has observed cyber actors circumventing multi-factor authentication through common social engineering and technical attacks," the FBI wrote in a Private Industry Notification (PIN) sent out on September 17. While nowadays there are multiple ways of bypassing MFA protections, the FBI alert specifically warned about SIM swapping, vulnerabilities in online pages handling MFA operations, and the use of transparent proxies like Muraen and NecroBrowser.

The U.S. Supreme Court on Monday declined to hear Amazon's bid to avoid a lawsuit seeking to ensure that warehouse workers for the e-commerce giant get paid for the time it takes them to go through extensive post-shift security screenings. From a report: The justices, on the first day of their new term, turned away an appeal by Amazon and a contractor of a lower court ruling reviving the workers' claims under Nevada state law. The decision comes five years after the Supreme Court issued a ruling in the case that barred similar claims under federal law. A group of Amazon warehouse workers who package and ship merchandise filed a proposed class action lawsuit in 2010 against the contractor, Integrity Staffing Solutions, which provides some of the hourly employees for Amazon. The workers sought compensation for submitting to what they called mandatory "post-9/11 type of airport security" screenings that are aimed at preventing employee theft. The workers have said the screening takes around 25 minutes to complete. Amazon called the plaintiffs' description of the protocol "grossly inaccurate" in court papers.

Last week Infoworld reported on a reunion of more than 1,000 former employees of Sun Microsystems including all four founders of the company -- Andreas Bechtolsheim, Vinod Khosla, Scott McNealy, and Bill Joy -- at just their second reunion since the 2010 Oracle acquisition. Prior to the formal festivities, the company founders met with a small group of press persons. Pondering recent developments in computing, Bill Joy, who is now concentrating on climate change solutions, recalled that Sun tried to do natural language processing, but the hardware was not fast enough. Regarding the emergence of the iPhone, Joy said the advent of mobility and data networks has been transformational for society. He noted that Sun had that kind of vision with Java ME, with Sun trying to do programmable smartphones. "But the hardware was just really nascent at the time," Joy said. Machine learning, though, will be as transformational as the smartphone, he added.

McNealy emphasized Sun's willingness to share technology, such as the Network File System (NFS), which helped to bring about the open source software movement now prevalent today. "We didn't invent open source but we [made it] happen. We were the leader of that parade." Asked if Sun should have moved from Sparc Risc processors and Solaris Unix to Intel processors and Linux, McNealy said he did not want to talk about mistakes he had made as Sun CEO but such a switch was not what Sun should have done....

Among those proudest of Sun's achievements was Sun founder and CEO Scott McNealy, who, taking the stage, had some sharp words for Facebook, which now occupies one of Sun's former Silicon Valley campuses, without mentioning Facebook by name. "I remember some company moved into one of our old headquarters buildings," McNealy said. "And the CEO said, we're going to leave the [Sun Microsystems] logos up because we want everybody in our company to remember what can happen to you if you don't pay attention. This company could do well to do one-one-hundredth of what we did."

ugen (Slashdot reader #93,902) writes: Something I discovered today, while trying to change a MAC address on a new MacBook Air (as I did for years on other MacBooks): ifconfig en0 ether "new mac" no longer works. It appears that this is a change made sometime last year, applicable to all Apple newer MacBooks.

Implications of permanently fixed MAC addresses on privacy and security are hard to underestimate. Given that Windows now supports complete Wifi MAC address randomization — I am sad to admit that Microsoft looks like a champion of privacy here. What are your thoughts? Solutions anyone knows of (I'll take a reasonable technical hack).

Here are a few mentions of this elsewhere:
Mac Rumors forums
The GitHub repo for SpoofMAC
A discussion on Stack Overflow
I've seen other theories about what's going on, though the bigger question is still what's the solution? Leave your own thoughts and suggestions in the comments.

And did MacOS stop allowing changes to wifi MAC addresses?

BuzzFeed says they've identified two firms which "misappropriated names and personal information as part of a bid to submit more than 1.5 million statements" pretending to oppose net neutrality regulations: The anti-net neutrality comments harvested on behalf of Broadband for America, the industry group that represented telecommunications giants including AT&T, Cox, and Comcast, were uploaded to the FCC website by Media Bridge founder Shane Cory, a former executive director of both the Libertarian Party and the conservative sting group Project Veritas. Cory has claimed credit for "20 or 30" major public advocacy campaigns in recent years, including, he says, record-setting submissions to the IRS, Environmental Protection Agency, Bureau of Land Management, Bureau of Ocean Energy Management, and "probably a handful of others." On Media Bridge's website, the company has described itself as having expertise in "overwhelming government agencies" with avalanches of public submissions, and has publicly dubbed its approach to marshaling comments the "Big Hammer." In the FCC campaign, Cory was working for Ralph Reed -- a high-powered political strategist and titan of the Christian right who himself was working for Broadband for America. Cory, in turn, enlisted LCX Digital to find the commenters...

BuzzFeed News ran large samples of the email addresses in those files through Have I Been Pwned, a website that identifies whether an address has been exposed in any of hundreds of major data breaches. The results were stark: In one particular group of 1.9 million comments, according to BuzzFeed News' analysis, 94% of the email addresses belonged to people who had fallen victim to a hack known as the Modern Business Solutions data breach, in which millions of people's personal information, including full names, birthdates, home addresses, and email addresses, had been stolen... All these comments were uploaded by Cory, using his Media Bridge email address. (Some of the comments were full duplicates; after removing them, there were just over 1.5 million comment-and-email combinations.)

In its letter to BuzzFeed News, Media Bridge contested the idea that email addresses showing up in breached databases were a sign of improprieties. In fact, it said, a "high match rate" is a sign of validity, since most Americans appear in breached databases....
Two of the commenters were named Luke Skywalker and Boba Fett -- and yet mysteriously "the names and street addresses were exactly as they appeared in that breach... A separate spot check by BuzzFeed News of 100 randomly selected Media Bridge comments revealed a similar pattern -- even down to a street address that used underscores instead of spaces."

In addition, Buzzfeed found that "almost all" of the remaining 6% appears to just be "recycled" identities drawn from comments left in 2016 when the FCC was considering a new rule that would allow cable consumers to use their own set-top boxes -- a regulation that the cable industry opposed. "One year later, 99.9% of those exact same names and addresses appeared on the FCC's website, weighing in on an entirely different policy debate -- net neutrality. They were uploaded by Media Bridge."

Dutch police have taken down this week a bulletproof hosting provider that has sheltered tens of IoT botnets that have been responsible for hundreds of thousands of DDoS attacks around the world, ZDNet reports. From the report: Servers were seized, and two men were arrested yesterday at the offices of KV Solutions BV (KV hereinafter), a so-called bulletproof hosting provider, a term used to describe web hosting providers that ignore abuse reports and allow cybercrime operations to operate on their servers. For two years, the company has provided hosting infrastructure to internet criminals, and has been one of the most serious offender at that, hosting all sorts of badies, from phishing pages to vulnerability scanners, and from crypto-mining operations to malware repositories. But above all, the company has made a reputation in cyber-security circles for being a hotspot for DDoS botnets, with cyber-criminals renting KV servers to host their bot scanners, malware, and command-and-control (C&C) servers, knowing they'd be safe from "harm."

Jon Schuppe, reporting for NBC News: The surveillance tools have been installed in schools and public housing, deployed on roads and public transit, and worn by police officers. They've been developed by an array of technology firms competing for government business. And many are now owned by a company seeking to grab a bigger piece of a booming market. Motorola, a brand typically associated with cellphones and police radios, has joined the race among tech firms to deliver new ways of monitoring the public. Since 2017, the Chicago-based tech company -- now known as Motorola Solutions, after Motorola spun off its mobile phone business -- has invested $1.7 billion to support or acquire companies that build police body cameras; train cameras to spot certain faces or behavior; sift through video for suspicious people; and track the movement of cars by their license plates.

By consolidating these tools within a single corporation, and potentially combining them into a single product, Motorola Solutions is boosting its stature in the surveillance industry -- and amplifying concerns about the government's growing power to watch people almost anywhere they go. "Your privacy is more protected when information about you is scattered among agencies and entities. When all that is unified under one roof, that sharpens the privacy issues," said Jay Stanley, a senior policy analyst for the American Civil Liberties Union, where he researches technology's impact on privacy. "I don't know exactly what kind of synergies a company like Motorola Solutions might get from assembling all these pieces, but in general it's a scary prospect."

UPS said today that it is the first to receive the official nod from the Federal Aviation Administration (FAA) to operate a full "drone airline," that will allow it to expand its current small drone delivery service pilots into a country-wide network. From a report: In its announcement of the news, UPS said that it will start by building out its drone delivery solutions specific to hospital campuses nationwide in the U.S., and then to other industries outside of healthcare. UPS racks up a number of firsts as a result of this milestone, thanks to how closely it has been working with the FAA throughout its development and testing process for drone deliveries. As soon as it was awarded the certification, it did a delivery for WakeMed hospital in Raleigh, N.C. using a Matternet drone, and it also became the first commercial operator to perform a drone delivery for an actual paying customer outside of line of sight thanks to an exemption it received from the government. This certification, officially titled FAA's "Part 135 Standard certification," offers far-reaching and broad license to companies who attain it -- much more freedom than any commercial drone operation has had previously in the U.S.