Peer-To-Peer News - The Week In Review - April 8th, ’23

[JackSpratts]

Since 2002































April 8th, 2023




The Broad, Vague RESTRICT Act Is a Dangerous Substitute for Comprehensive Data Privacy Legislation
Jason Kelley and David Greene

The recently introduced RESTRICT Act (S. 686, Sen. Warner and Sen. Thune) rightfully is causing a lot of concern. This bill is being called a “TikTok ban,” but it’s more complicated than that. As we wrote in our initial review of the bill, the RESTRICT Act would authorize the executive branch to block “transactions” and “holdings” of “foreign adversaries” that involve “information and communication technology” and create “undue or unacceptable risk” to national security and more.

We've explained our opposition to the RESTRICT Act and urged everyone who agrees to take action against it. But we've also been asked to address some of the concerns raised by others. We do that here in this post.

At its core, RESTRICT would exempt certain information services from the federal statute, known as the Berman Amendments, which protects the free flow of information in and out of the United States and supports the fundamental freedom of expression and human rights concerns. RESTRICT would give more power to the executive branch and remove many of the commonsense restrictions that exist under the Foreign Intelligence Services Act (FISA) and the aforementioned Berman Amendments.

But S. 686 also would do a lot more.

EFF opposes the bill, and encourages you to reach out to your representatives to ask them not to pass it. Our reasons for opposition are primarily that this bill is being used as a cudgel to protect data from foreign adversaries, but under our current data privacy laws, there are many domestic adversaries engaged in manipulative and invasive data collection as well. Separately, handing relatively unchecked power over to the executive branch to make determinations about what sort of information technologies and technology services are allowed to enter the U.S. is dangerous. If Congress is concerned about foreign powers collecting our data, it should focus on comprehensive consumer data privacy legislation that will have a real impact, and protect our data no matter what platform it’s on—TikTok, Facebook, Twitter, or anywhere else that profits from our private information. That’s why EFF supports such consumer data privacy legislation. Foreign adversaries won't be able to get our data from social media companies if the social media companies aren't allowed to collect, retain, and sell it in the first place.

Would the RESTRICT Act result in a “ban” on the personal use of TikTok? It’s unclear.

This bill is not a “ban” on personal use, or even on a technology directly. The bill may result in a ban on TikTok because it grants the Commerce Department such broad authority. That ban may take the form of removing it from app stores or a forced sale, or other mitigation measures imposed against the owners of the technologies. The RESTRICT Act makes use of mitigation measures that have been used under the International Emergency Economic Powers Act and by the Committee on Foreign Investment in the United States. The bill applies to six “foreign adversaries” (China, Cuba, Iran, North Korea, Russia, and Venezuela), and could be expanded to other countries. Though the bill is being referred to as a TikTok ban by many, it can be applied to other companies, like Huawei or Kaspersky, which are headquartered in those countries; indeed, Sen. Warner, the bill’s co-sponsor has identified those companies as the bill’s primary targets.

As of yet, the U.S. government has not shared information that would justify a forced sale or ban of TikTok from app stores, or other possible mitigation measures. As we’ve written, the government will have to demonstrate that any mitigation measure is narrowly tailored to prevent the harm it has identified.

Unfortunately, three provisions of the RESTRICT Act make it less likely that the public would ever learn whether U.S. officials actually have information to justify the mitigation measures authorized by the bill.

First, while Congress can override the designation or de-designation of a “foreign adversary,” it has no other role.

Second, any lawsuit challenging a ban would be constrained in scope and the amount of discovery—again, limiting what the public could learn about how the bill is applied. Discovery can lead to the release of information that helps the public learn how a law is applied and why, but this law would limit what the public could learn, as well as the ways in which a case could proceed.

Third, the executive branch need not publicly explain its application of the law if doing so is not “practicable” and “consistent with … national security and law enforcement interests.” Those “interests” are also not defined, and we have written many times before about the problems with overclassification of national security information. In this case, that means crucial transparency is missing from the process.

Overall, the law authorizes the executive branch to make decisions about which technologies can enter the U.S. with extremely limited oversight by the public or its representatives about the law’s application.

Could a person be punished under the law for using a VPN to access TikTok if its U.S. access is restricted? Potentially.

Recent comments by one of the authors, Sen. Warner, indicate that the bill is meant to be used to punish companies, not users who might access a product like TikTok after it is restricted. But the law does not itself place limits on mitigation measures or bar individual user prohibitions, and the resulting uncertainty is troubling.

The bill authorizes the Department of Commerce to impose “mitigation measures” without any restrictions on what those measures might be. Couple that with a vague enforcement provision that grants the power to broadly punish any person who “evades” these undefined “mitigation measures,” and the result is a law that can be read as criminalizing common practices like using a VPN to get a prohibited app, side-loaded installations, or using an app that was lawfully downloaded somewhere else.

Even if the bills’ sponsors do not intend it, giving the Commerce Department broad authority to impose crushing criminal penalties on any person trying to evade a “mitigation measure” is dangerous. For example, in the case of a mitigation measure that bars the importation of TikTok into the U.S., it authorizes penalties, including 25 years of prison time, for any person who brings TikTok into the U.S., whether by use of a VPN or downloading it while in another country.

Congress absolutely should tighten this penalty language to remove all possibility of prosecution against individuals who use an app.

Is the RESTRICT Act a surveillance bill that would allow the government access to your devices? Not exactly. But it is far too broad in the power it gives to investigate potential user data.

Under the bill, the Commerce Secretary can demand information from “any party to a transaction or holding under review or investigation.” In theory, a company designated under the bill, such as TikTok, could be required to cough up user data during these investigations. There are some important confidentiality requirements protecting this data, but it could be shared with other government entities in some specific circumstances.

We find another concern that others have raised to be largely misplaced. Some have read the bill as authorizing investigations into any website that has a foreign entity's pixel embedded in it. These companies would then have to produce user data to the Commerce Department. We don't share this concern because it would require interpreting the law to say that merely using a website pixel means your site is a holding of a foreign adversary. Thankfully, the definition of “holding” under the bill is not this broad.

This misinterpretation and other overly strained readings of the law have been shared widely on both social media and in the news, and are understandable given the broad language in the bill. This is sweeping legislation that would have Congress abdicate much of its responsibility in holding the executive branch accountable, and leaving any room for misinterpretation is a problem. The confusing language here is another failure of the bill.

For those concerned about such sweeping surveillance powers, we encourage you to ask your representative to reform Section 702 of the Foreign Intelligence Surveillance Act. Under Section 702, the FBI conducted up to 3.4 million warrantless searches of Section 702 data to find Americans’ communications in 2021 alone. Join this fight and you will be in good company: we and a large number of civil liberties and civil rights groups have been fighting for FISA reform for a decade.

Take Action

The RESTRICT Act is absolutely the wrong approach to protecting data privacy. It would open the door to wide-ranging government bans on hardware or software from foreign countries with no explanations needed, little transparency, limited challenges via litigation, and limited congressional oversight.

The law also intentionally removes current checks on executive power, which are necessary even in the realm of foreign relations. RESTRICT skirts these checks by providing only minimal Congressional review. The free flow of information, even if it’s your enemy speaking, is an essential democratic principle. The U.S. government often condemns similar actions that restrict certain communications technologies in other countries. Going around these protocols could weaken our credibility when doing so in the future.

RESTRICT is also vague and broadly written, and could be interpreted (and has) in various troubling ways. Numerous organizations oppose the bill, including ACLU, Fight for the Future, and the Center for Democracy and Technology. As such, we encourage you to reach out to your representative to tell them not to pass the bill.
https://www.eff.org/deeplinks/2023/0...e-data-privacy





The Tor Project’s New Privacy-Focused Browser Doesn’t Use the Tor Network

The Mullvad browser is meant to be used with a VPN, not an onion network.
Mitchell Clark

The Tor Project, the organization behind the anonymous network and browser, is helping launch a privacy-focused browser that’s made to connect to a VPN instead of a decentralized onion network. It’s called the Mullvad browser, named after the Mullvad VPN company it’s partnered with on the project, and it’s available for Windows, Mac, or Linux.

The Mullvad browser’s main goal is to make it harder for advertisers and other companies to track you across the internet. It does this by working to reduce your browser’s “fingerprint,” a term that describes all the metadata that sites can collect to uniquely identify your device. Your fingerprint can be made up of simple things, like what browser and operating system you’re using, to more invasive info, like what fonts and extensions you have installed, and what input / output devices your browser has access to.

Looking at all those factors can make it easy to uniquely identify you just based on your fingerprint, without the need for things like cookies or other tracking tech. There are various tools that can show you how fingerprintable your browser is, but I personally recommend the EFF’s because it does a good job of explaining the results.

By default, Mullvad browser makes it harder for websites to fingerprint you by masking that metadata. It also blocks third-party cookies and trackers, and comes with few pre-installed plugins to reduce your fingerprint even further. (Other privacy-focused browsers like Brave say they block fingerprinting but come with a lot of extensions that could be identified if a website’s able to get around their protections.)

It’s possible to configure a browser like FireFox, which Mullvad browser (and the Tor Browser) is based on, to have similar protections. However, doing so would require at least some level of technical savvy, as you have to know which switches to flip and have the confidence that you’ve caught everything.

The idea with Mullvad is to take care of all of that for you; you can just open it and feel reasonably confident that you’re not particularly easy to track. “Developing this browser with Mullvad is about providing people with more privacy options for everyday browsing and to challenge the current business model of exploiting people’s behavioral data,” said Isabela Fernandes, executive director of The Tor Project, who is quoted in a press release.

To be clear, these measures are less helpful if you’re trying to hide from government and law enforcement tracking like the NSA, FBI, or parties working for other governments around the world. For anyone with enough resources, there are ways to track internet activity that go well beyond tracking pixels and third-party cookies.

However, most users don’t feel the need to have that kind of protection, and the truth of the matter is that getting it isn’t convenient. For all its privacy upsides, the standard Tor Browser isn’t necessarily the most user-friendly, with the biggest downside being that it’s often slow as molasses, and sites built for regular web traffic won’t always play nice with it. Those are functions of how it keeps you safe — by encrypting your traffic and bouncing it all over the world — but that can be completely overkill if all you’re trying to do is avoid creepy ads.

According to Pavel Zoneff, a spokesperson for The Tor Project, Mullvad browser is very similar to the Tor Browser, it just connects to the internet through a VPN rather than the Tor network. (It doesn’t have to be Mullvad’s VPN either; if you use another service you trust, or if you have made your own then you can use that.) Mullvad browser also doesn’t offer the Tor browser’s censorship circumnavigation user experience, access to onion sites or services, or “circuit isolation and the integration with new-identity.” But again, if you don’t know what those things are, it’s probably not a huge concern.

Mullvad browser will still likely have some usability quirks that you wouldn’t find in Chrome or another mainstream browser. Some websites get cranky about certain privacy settings and won’t work properly, and if you continuously use its cookie-cleaning feature, you may end up having to sign into services more often. But if you’re willing to make those trade-offs for a chance of being more private on the web, it may be a good place to start — though it’s worth keeping in mind that to hide in a crowd, there actually has to be a crowd. If you’re the only person using Mullvad browser, it could be pretty easy to fingerprint you; having less of a fingerprint can still be pretty identifiable if everyone else has one.
https://www.theverge.com/2023/4/3/23...rivacy-browser





Users Fume after My Cloud Network Breach Locks them Out of their Data

The compromise allowed hackers to steal data, raising the specter of ransomware.
Dan Goodin

Users of the Western Digital My Cloud service are fuming after a network breach has locked them out of their data for more than 24 hours and has put company-handled information into the hands of currently unknown hackers.

The inability to access data stored in My Cloud was reported on social media by multiple users, including this one, who indicated the outage started sometime on Saturday. Since then, the number of users (and their anxiety levels) have only ratcheted up.

Sounds like ransomware

By early morning California time on Monday, Western Digital issued a release saying that a week ago Sunday the company learned that an “unauthorized third party gained access to a number of the Company’s systems.” The release added: “Based on the investigation to date, the Company believes the unauthorized party obtained certain data from its systems and is working to understand the nature and scope of that data.”

The status page for My Cloud was updated on Sunday to show that services including My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS5, SanDisk ibi, and SanDisk Ixpand Wireless Charger are completely down. The page provided no estimate on when service may be restored. The outage means that users cannot access any data they stored in My Cloud. The outage also extends to the ability to use proxy, web, authentication, email, and push notifications.

There are currently no details available about the unauthorized access of Western Digital’s network and the theft of its data. Brett Callow, a ransomware expert at security firm Emsisoft, said: “It's impossible to say for sure, but it sounds like Western Digital may have a #ransomware incident.” That raises the possibility that data stored in My Cloud or code needed for customers to access it has fallen into the hands of criminal hackers.

Locked out

Many users took to social media to report that the outage locked them out of data they needed to perform work tasks. “The login service for WD My Cloud Home is unavailable,” one user wrote on Sunday. “Thank you @westerndigital for not letting me access my data that I have in the living room.” On Monday morning, another user wrote: “@westerndigital When are you gonna fix the 503 error? I need to access the information �� Since Saturday i cannot enter in the cloud.”

While Western Digital provides customers with a storage device that stores data locally, the accompanying My Cloud service allows them to back it up to an off-premises server and to access the contents remotely over the Internet. According to posts like this one on Western Digital’s customer support pages, users by default must authenticate themselves on MyCloud.com to enable local network access to My Cloud data. With home.mycloud.com delivering a 503 error, many users are effectively locked out.

Western Digital representatives didn’t respond to an email asking what the current status of the outage is and what, if any, steps users can take to regain access to their data while it continues.

Western Digital is warning that the incident “has caused and may continue to cause disruption to parts of the Company’s business operations." The company also said it is “implementing proactive measures” and is working to restore affected infrastructure and services. The company added that it retained an unnamed security firm to investigate and is also coordinating with law enforcement.
https://arstechnica.com/information-...of-their-data/





China Seethes as US Chip Controls Threaten Tech Ambitions
Joe McDonald

Furious at U.S. efforts that cut off access to technology to make advanced computer chips, China’s leaders appear to be struggling to figure out how to retaliate without hurting their own ambitions in telecoms, artificial intelligence and other industries.

President Xi Jinping’s government sees the chips that are used in everything from phones to kitchen appliances to fighter jets as crucial assets in its strategic rivalry with Washington and efforts to gain wealth and global influence. Chips are the center of a “technology war,” a Chinese scientist wrote in an official journal in February.

China has its own chip foundries, but they supply only low-end processors used in autos and appliances. The U.S. government, starting under then-President Donald Trump, is cutting off access to a growing array of tools to make chips for computer servers, AI and other advanced applications. Japan and the Netherlands have joined in limiting access to technology they say might be used to make weapons.

Xi, in unusually pointed language, accused Washington in March of trying to block China’s development with a campaign of “containment and suppression.” He called on the public to “dare to fight.”

Despite that, Beijing has been slow to retaliate against U.S. companies, possibly to avoid disrupting Chinese industries that assemble most of the world’s smartphones, tablet computers and other consumer electronics. They import more than $300 billion worth of foreign chips every year.

The ruling Communist Party is throwing billions of dollars at trying to accelerate chip development and reduce the need for foreign technology.

China’s loudest complaint: It is blocked from buying a machine available only from a Dutch company, ASML, that uses ultraviolet light to etch circuits into silicon chips on a scale measured in nanometers, or billionths of a meter. Without that, Chinese efforts to make transistors faster and more efficient by packing them more closely together on fingernail-size slivers of silicon are stalled.

Making processor chips requires some 1,500 steps and technologies owned by U.S., European, Japanese and other suppliers.

“China won’t swallow everything. If damage occurs, we must take action to protect ourselves,” the Chinese ambassador to the Netherlands, Tan Jian, told the Dutch newspaper Financieele Dagblad.

“I’m not going to speculate on what that might be,” Tan said. “It won’t just be harsh words.”

The conflict has prompted warnings the world might decouple, or split into separate spheres with incompatible technology standards that mean computers, smartphones and other products from one region wouldn’t work in others. That would raise costs and might slow innovation.

“The bifurcation in technological and economic systems is deepening,” Prime Minister Lee Hsien Loong of Singapore said at an economic forum in China last month. “This will impose a huge economic cost.”

U.S.-Chinese relations are at their lowest level in decades due to disputes over security, Beijing’s treatment of Hong Kong and Muslim ethnic minorities, territorial disputes and China’s multibillion-dollar trade surpluses.

Chinese industries will “hit a wall” in 2025 or 2026 if they can’t get next generation chips or the tools to make their own, said Handel Jones, a tech industry consultant.

China “will start falling behind significantly,” said Jones, CEO of International Business Strategies.

Beijing might have leverage, though, as the biggest source of batteries for electric vehicles, Jones said.

Chinese battery giant CATL supplies U.S. and Europe automakers. Ford Motor Co. plans to use CATL technology in a $3.5 billion battery factory in Michigan.

“China will strike back,” Jones said. “What the public might see is China not giving the U.S. batteries for EVs.”

On Friday, Japan increased pressure on Beijing by joining Washington in imposing controls on exports of chipmaking equipment. The announcement didn’t mention China, but the trade minister said Tokyo doesn’t want its technology used for military purposes.

A Chinese foreign ministry spokeswoman, Mao Ning, warned Japan that “weaponizing sci-tech and trade issues” would “hurt others as well as oneself.”

Hours later, the Chinese government announced an investigation of the biggest U.S. memory chip maker, Micron Technology Inc., a key supplier to Chinese factories. The Cyberspace Administration of China said it would look for national security threats in Micron’s technology and manufacturing but gave no details.

The Chinese military also needs semiconductors for its development of stealth fighter jets, cruise missiles and other weapons.

Chinese alarm grew after President Joe Biden in October expanded controls imposed by Trump on chip manufacturing technology. Biden also barred Americans from helping Chinese manufacturers with some processes.

To nurture Chinese suppliers, Xi’s government is stepping up support that industry experts say already amounts to as much as $30 billion a year in research grants and other subsidies.

China’s biggest maker of memory chips, Yangtze Memory Technologies Corp., or YMTC, received a 49 billion yuan ($7 billion) infusion this year from two official funds, according to Tianyancha, a financial information provider.

One was the government’s main investment vehicle, the China National Integrated Circuit Industry Investment Fund, known as the Big Fund. It was founded in 2014 with 139 billion yuan ($21 billion) and has invested in hundreds of companies.

The Big Fund launched a second entity, known as the Big Fund II, in 2019 with 200 billion yuan ($30 billion).

In January, chip manufacturer Hua Hong Semiconductor said Big Fund II would contribute 1.2 billion yuan ($175 million) for a planned 6.7 billion yuan ($975 million) wafer fabrication facility in eastern China’s Wuxi.

In March, the Cabinet promised tax breaks and other support for the industry. It gave no price tag. The government also has set up “integrated circuit talent training bases” at 23 universities and six at other schools.

“Semiconductors are the ‘main battlefield’ of the current China-U.S. technology war,” Junwei Luo, a scientist at the official Institute of Semiconductors, wrote in the February issue of the journal of the Chinese Academy of Sciences. Luo called for “self-reliance and self-improvement in semiconductors.”

The scale of spending required is huge. The global industry leader, Taiwan Semiconductor Manufacturing Corp., or TSMC, is in the third year of a three-year, $100 billion plan to expand research and production.

Developers including Huawei Technologies Ltd. and VeriSilicon Holdings Co. can design logic chips for smartphones as powerful as those from Intel Corp., Apple Inc., South Korea’s Samsung Electronics Co. or Britain’s Arm Ltd., according to industry researchers. But they cannot be manufactured without the precision technology of TSMC and other foreign foundries.

Trump in 2019 crippled Huawei’s smartphone brand by blocking it from buying U.S. chips or other technology. American officials say Huawei, China’s first global tech brand, might facilitate Chinese spying, an accusation the company denies. In 2020, the White House tightened controls, blocking TSMC and others from using U.S. technology to produce chips for Huawei.

Washington threw up new hurdles for Chinese chip designers in August by imposing restrictions on software known as EDA, or electronic design automation, along with European, Asian and other governments to limit the spread of “dual use” technologies that might be used to make weapons.

In December, Biden added YMTC, the memory chip maker, and some other Chinese companies to a blacklist that limits access to chips made anywhere using U.S. tools or processes.

China’s foundries can etch circuits as small as 28 nanometers apart. By contrast, TSMC and other global competitors can etch circuits just three nanometers apart, ten times the Chinese industry’s precision. They are moving toward two nanometers.

To make the latest chips, “you need EUV (extreme ultraviolet lithography) tools, a very complicated process recipe and not just a couple of billion dollars but tens and tens of billions of dollars,” said Peter Hanbury, who follows the industry for Bain & Co.

“They’re not going to be able to produce competitive server, PC and smartphone chips,” Hanbury said. “You have to go to TSMC to do that.”

China’s ruling party is trying to develop its own tool vendors, but researchers say it is far behind a global network spread across dozens of countries.

Huawei said in a video on its website in December it was working on EUV technology. But creating a machine comparable to ASML’s might cost $5 billion and require a decade of research, according to industry experts. Huawei didn’t respond to a request for comment.

The day when China can supply its own EUV machine is “very far away,” said Hanbury.

___

AP researcher Yu Bing in Beijing and AP Writer Mike Corder in Amsterdam contributed.
https://apnews.com/article/china-us-...83cc3b49a9cc57





Exclusive: China Plans $500 Million Subsea Internet Cable to Rival US-Backed Project
Joe Brock

Chinese state-owned telecom firms are developing a $500 million undersea fiber-optic internet cable network that would link Asia, the Middle East and Europe to rival a similar U.S.-backed project, four people involved in the deal told Reuters. The plan is a sign that an intensifying tech war between Beijing and Washington risks tearing the fabric of the internet.

China's three main carriers – China Telecommunications Corporation (China Telecom), China Mobile Limited and China United Network Communications Group Co Ltd(China Unicom) – are mapping out one of the world’s most advanced and far-reaching subsea cable networks, according to the four people, who have direct knowledge of the plan.

Known as EMA (Europe-Middle East-Asia), the proposed cable would link Hong Kong to China’s island province of Hainan, before snaking its way to Singapore, Pakistan, Saudi Arabia, Egypt and France, the four people said. They asked not to be named because they were not allowed to discuss potential trade secrets.

The cable, which would cost approximately $500 million to complete, would be manufactured and laid by China’s HMN Technologies Co Ltd, a fast-growing cable firm whose predecessor company was majority-owned by Chinese telecom giant Huawei Technologies Co Ltd, the people said.

They said HMN Tech, which is majority-owned by Shanghai-listed Hengtong Optic-Electric Co Ltd, would receive subsidies from the Chinese state to build the cable.

China Mobile, China Telecom, China Unicom, HMN Tech, and Hengtong did not respond to requests for comment.

The Chinese foreign ministry said in a statement to Reuters that it "has always encouraged Chinese enterprises to carry out foreign investment and cooperation" without commenting directly on the EMA cable project.

News of the planned cable comes in the wake of a Reuters report last month that revealed how the U.S. government, concerned about Beijing eavesdropping on internet data, has successfully thwarted a number of Chinese undersea cable projects abroad over the past four years. Washington has also blocked licenses for planned private subsea cables that would have connected the United States with the Chinese territory of Hong Kong, including projects led by Google LLC, Meta Platforms, Inc and Amazon.com Inc.

Undersea cables carry more than 95% of all international internet traffic. These high-speed conduits for decades have been owned by groups of telecom and tech companies that pool their resources to build these vast networks so that data can move seamlessly around the world.

But these cables, which are vulnerable to spying and sabotage, have become weapons of influence in an escalating competition between the United States and China. The superpowers are battling to dominate the advanced technologies that could determine economic and military supremacy in the decades ahead.

The China-led EMA project is intended to directly rival another cable currently being constructed by U.S. firm SubCom LLC, called SeaMeWe-6 (Southeast Asia-Middle East-Western Europe-6), which will also connect Singapore to France, via Pakistan, Saudi Arabia, Egypt, and half a dozen other countries along the route.

The consortium on the SeaMeWe-6 cable – which originally had included China Mobile, China Telecom, China Unicom and telecom carriers from several other nations – initially picked HMN Tech to build that cable. But a successful U.S. government pressure campaign flipped the contract to SubCom last year, Reuters reported in March.

The U.S. blitz included giving millions of dollars in training grants to foreign telecom firms in return for them choosing SubCom over HMN Tech. The U.S. Commerce Department also slapped sanctions on HMN Tech in December 2021, alleging the company intended to acquire American technology to help modernize China’s People’s Liberation Army. That move undermined the project's viability by making it impossible for owners of an HMN-built cable to sell bandwidth to U.S. tech firms, usually their biggest customers.

China Telecom and China Mobile pulled out of the project after SubCom won the contract last year and, along with China Unicom, began planning the EMA cable, the four people involved said. The three state-owned Chinese telecom firms are expected to own more than half of the new network, but they are also striking deals with foreign partners, the people said.

The Chinese carriers this year signed separate memoranda of understanding with four telecoms, the people said: France’s Orange SA, Pakistan Telecommunication Company Ltd (PTCL), Telecom Egypt and Zain Saudi Arabia, a unit of the Kuwaiti firm Mobile Telecommunications Company K.S.C.P.

The Chinese companies have also held talks with Singapore Telecommunications Limited, a state-controlled firm commonly known as Singtel, while other countries in Asia, Africa and the Middle East are being approached to join the consortium as well, the people involved said.

Orange declined to comment. Singtel, PTCL, Telecom Egypt and Zain did not respond to requests for comment.

American cable firm SubCom declined to comment on the rival cable. The Department of Justice, which oversees an interagency task force to safeguard U.S. telecommunication networks from espionage and cyberattacks, declined to comment about the EMA cable.

A State Department spokesperson said the U.S. supports a free, open and secure internet. Countries should prioritize security and privacy by “fully excluding untrustworthy vendors” from wireless networks, terrestrial and undersea cables, satellites, cloud services and data centers, the spokesperson said, without mentioning HMN Tech or China. The State Department did not respond to questions about whether it would mount a campaign to persuade foreign telecoms not to participate in the EMA cable project.

The Chinese foreign ministry said in its statement that it was opposed to the United States' "violation of established international rules" around submarine cable cooperation.

"The U.S. should stop fabricating and spreading rumours about so-called 'data surveillance activities' and stop slandering and smearing Chinese companies," the statement said.

DIVIDING THE WORLD

Large undersea cable projects typically take at least three years to move from conception to delivery. The Chinese firms are hoping to finalize contracts by the end of the year and have the EMA cable online by the end of 2025, the people involved said.

The cable would give China strategic gains in its tussle with the United States, one of the people involved in the deal told Reuters.

Firstly, it would create a super-fast new connection between Hong Kong, China and much of the rest of the world, something Washington wants to avoid. Secondly, it gives China’s state-backed telecom carriers greater reach and protection in the event they are excluded from U.S.-backed cables in the future.

“It’s like each side is arming itself with bandwidth,” one telecom executive working on the deal said.

The construction of parallel U.S.- and Chinese-backed cables between Asia and Europe is unprecedented, the four people involved in the project said. It is an early sign that global internet infrastructure, including cables, data centers and mobile phone networks, could become divided over the next decade, two security analysts told Reuters.

Countries could also be forced to choose between using Chinese-approved internet equipment or U.S.-backed networks, entrenching divisions across the world and making tools that fuel the global economy, like online banking and global-positioning satellite systems, slower and less reliable, said Timothy Heath, a defense researcher at the RAND Corporation, a U.S.-based think tank.

“It seems we are headed down a road where there will be a U.S.-led internet and a Chinese-led internet ecosystem,” Heath told Reuters. “The more the U.S. and Chinese disengage from each other in the information technology domain, the more difficult it becomes to carry out global commerce and basic functions.”

Antonia Hmaidi, an analyst at the Berlin-based Mercator Institute for China Studies, said the internet works so well because no matter where data needs to travel, it can zip along multiple different routes in the time it takes to read this word.

Hmaidi said if data has to follow routes that are approved in Washington and Beijing, then it will become easier for the United States and China to manipulate and spy on that data; internet users will suffer a degradation of service; and it will become more difficult to interact or do business with people around the world.

“Then suddenly the whole fabric of the internet doesn't work as it was intended,” Hmaidi said.

The tit-for-tat battle over internet hardware mirrors the conflict taking place over social media apps and search engines created by U.S. and Chinese firms.

The United States and its allies have banned the use of Chinese-owned short video app TikTok from government-owned devices due to national security concerns. Numerous countries have raised fears about the Chinese government gaining access to the data that TikTok collects on its users around the world.

China, meanwhile, already restricts what websites its citizens can see and blocks the apps and networks of many Western technology giants, including Google, YouTube, Facebook and Twitter.

Reporting by Joe Brock Additional reporting by Brenda Goh in Shanghai; Ryan Woo and Michel Rose in Beijing; Ariba Shahid in Karachi; Aziz El Yaakoubi in Riyadh and Silvia Aloisi in Paris Editing by Marla Dickerson
https://www.reuters.com/world/china/...ct-2023-04-06/





Starlink Internet is Going from Rural Savior to Unreliable Luxury

Starlink satellite internet has afforded me and others opportunities in a connected world. But recently has become an expensive liability.
Chris Wedel

When SpaceX's residential satellite internet company, Starlink, was first introduced, I had high hopes. Legitimate high-speed internet isn't widely available where I live in rural Kansas. Over the past 11 years, I've had to make do with an OG Verizon data-only plan for a hotspot, HughesNet satellite internet, US Cellular home internet, local fixed wireless, T-Mobile Home Internet, and more. But as of spring 2021, I have primarily relied on Starlink to provide internet to my home.

Don't get me wrong. Without Starlink, I wouldn't have been able to cut the cord, work from home, or participate in other modern connected amenities I now enjoy. Initially, I averaged around 100-150/10-25Mbps for my speeds and rarely disconnected. Coming from 15/3, if I was lucky, this was borderline life-changing.

However, since I first began using these low-orbit satellites to power my internet, not only has the price gone up $30 per month, but the speeds and reliability have degraded significantly. I've talked to others in my area who use Starlink, and since January, we've experienced frequent downtime and fluctuating speeds between 30-50/2-10Mbps. I'm aware Starlink states that what I'm getting served is within stated expectations. I could deal with that if it were consistent and reliable and also if I wasn't getting charged $120 per month.

The cost of connectivity is nearing a breaking point

I recently attended a town hall meeting hosted by the Kansas Office of Broadband Development, where there was a discussion about the state of the internet in Kansas. It was both surprising and not to hear how shocked the hosts were that the poor state of rural broadband was affecting not only households but businesses. One family with a relatively large farming operation that manages both livestock and crops, mentioned how, without proper broadband or mobile connectivity, there are times when they can't even make a phone call in the field due to no connectivity. They also noted how they missed crucial market changes because their internet isn't stable at home. This isn't just about connectivity; it's about these people's livelihoods.

The point of this discussion and others that the Kansas Office of Broadband Development will have across the state is to get a better idea of how the high-speed internet situation is affecting those in rural areas. Because many places, not just in Kansas, don't have ISPs that will serve their home with hardwired internet or wirelessly. Some can't even get Starlink because it isn't available in their area or the queue is full.

For many areas like mine, Starlink is supposed to be a sort of savior for those underserved by either terrible internet or no internet at all. In a way, Starlink is largely responsible for me letting me become a full-time mobile phone editor. But it was always an expensive service to buy into. If you want Starlink internet — assuming it is available at your address — you have to purchase the equipment, which is $599, and, after 30 days, is non-refundable, according to its website. Paying the $599 Starlink cost stung due to the price but also because I had to do the installation of the dish and wiring myself. But I didn't have much choice, and I had no intention of needing another provider — that was until the service began to degrade and the monthly cost went up.

This degradation hasn't forced me offline entirely, but there have been many times when I couldn't have my video on during an online meeting or online documents failed to save. Since I have to rely on Wi-Fi calling at my home due to poor cellular connectivity, I can't even reliably make phone calls. I use apps like Telegram to contact people instead, but those alternatives don't help much when, for example, the pharmacy calls to say medication is ready for pickup; it's not going to call me through Telegram.

Starlink is quickly becoming a luxury, and even if someone was willing to put up with the frequent outages, there's a good chance it will be too expensive. In the latest price increase, Starlink stated that for areas with "excess capacity," the price went down to $90 per month, and for those with "limited capacity," the cost is now $120 per month. What determines capacity isn't transparent. When I started with Starlink, I paid $90, then last fall, it went up to $110, and now it's $120 per month, and I don't know why.

This has forced me to look for alternate options. For the last two months, I've gone back to T-Mobile Home Internet because I can get T-Mobile for only $50 per month and because speed and reliability are on par with what I'd been getting from Starlink. But even getting T-Mobile at my house required some extra work and money on my part. If you can believe it, I had to first walk into the store and ask for a modem and reassure them that I knew my experience might not be great because, officially, according to the T-Mobile website, the internet isn't available at my home. I also had to purchase a $400 external antenna kit designed to connect directly to the router since I don't get a good cellular signal from any U.S. carrier at my house, and I need the

Some things never change

Despite all of this trouble, I still haven't canceled my Starlink service. One reason is that I don't know if I could get it again; when I put my address on its website, I'm told I'm on a waiting list. I would love to ask the Starlink support team for more information since I own the equipment, but I can't because there's no email address, phone number, chat, or other way to message support. There was the ability once to message the team through the app, but that is currently not an option. I've only had to reach out to the support team twice, and it was more to get an answer to questions that weren't covered in any FAQs, which they were quick to respond to.

But I have to take that chance with Starlink because I can't keep paying for two internet services, and I need to pay a difference in monthly fees to offset the price of the Starlink equipment and the external antenna for T-Mobile Home Internet. There's also the upside that owning my Starlink equipment means I can take it with me during my camping excursions and have a way to communicate with the world should I need to.

Outside my issues with Starlink, the bigger picture is that a service that once had been, and in many cases still is, a sort of savior to many areas is now just another over-priced and difficult-to-use ISP. Those I know who are using Starlink have grown frustrated with the service struggles and increased price, leaving many looking at options from the likes of T-Mobile Home Internet or other local wireless internet providers. Unfortunately, for more than a few, there aren't other options to even consider — even with more affordable prepaid carriers. This leaves those with a tough decision, stick with an expensive degrading service in order to remain connected or step backward into a more analog world.

With the renewed push to expand broadband coverage in my state, and I've seen similar efforts in other areas as well, there is hope that reliable and affordable internet can become more widespread. But it might not be with Starlink.
https://www.xda-developers.com/starl...liable-luxury/





2 Charged with Cutting Wires; 40,000 Lose Internet Service
AP

Connecticut police have charged two people with cutting more than 2,000 fiber optic cables, leaving over 40,000 homes and businesses without internet service in the southwestern part of the state.

Norwalk police said they arrested Asheville, North Carolina, residents Jillian Persons and Austin Geddings on Saturday during a surveillance operation. Both were charged with larceny and criminal mischief crimes, as well as interfering with police. Persons also was accused of giving a false statement to police.

Both were detained on $200,000 bail. It was not immediately clear if they have lawyers who could respond to the allegations.

Police said they responded to the reported damage of the Optimum cables on March 24 in Norwalk and quickly identified suspects and their vehicle. Authorities did not release details of how they made the identifications.

Officers arrested Persons while staking out a business in Bridgeport, and Geddings was found a short time later in a wooded area in Stratford, police said Sunday.

Police said Persons and Geddings are scheduled to appear in court April 11.

The outages caused by the cable cutting have since been restored, according to Optimum’s website.
https://apnews.com/article/internet-...61373b8b0d5a1d





I Don't Want Streaming Music, I Just Want to Stream My Music
Cory Dransfeldt

I don't want your streaming music service, I just want the music I've collected and care about available to stream.

Apple Music kind of offers this, with some serious sharp edges to watch out for. Spotify doesn't offer this, neither does YouTube Music. Want to stream music? Sign up for a service, hope your favorite artists and albums don't rot out of their catalogue and run with the algorithmic recommendations sourced from that ever-shifting catalogue[1].

I have the audio files for the music I care about and I've spent a long time collecting them. They're all tagged and named consistently using Meta[2], shuffled off to an external hard drive, encrypted and mirrored up to B2 and GCP. I just want to listen to them without using all of my local storage to do so.

I leaned on iTunes Match to do this for a while but, funnily enough, Apple will still dedupe your audio against their cloud catalog, overriding meta tags and audio availability as they see fit.[3] You can sync music into Spotify via playlists, but that's not a scalable solution to, well, much of anything.

I've got a bucket of files locally that I want to listen to — I want a bucket in the cloud with a player attached that'll send data to Last.fm[4]. I want a solution that lets me play my music without a cloud providers algorithmic nonsense and restrictions applied to it.

This leaves me in a place where I've ruled out the popular streaming music providers and looking for something considerably more niche. Here's what I've explored:

• VOX Music Cloud: this does what I need, but I don't like any of their player software. It works, but it doesn't feel right — their desktop app feels like a mini player, the new beta is missing features and the iOS app isn't enjoyable to navigate.
• Astiga: nicely designed, supports the Subsonic music API and lets you source music from cloud storage. Awesome. Not awesome: I don't particularly like any of the available iOS apps and scrobbling from iOS to Last.fm is inconsistent. Not perfect — absolutely worth keeping an eye on as it develops.
• Roon: a very promising service, but one geared more towards the audiophile audience and with hardware requirements I'm not interested in investing in at this point.

Pretty limited, right? My solution and the one I'm really enjoying is Plexamp. I knew Plex supported music playback — I didn't realize they had an excellent, bespoke app to support it.[5] Plex scrobbles to Last.fm from the server, auto-populates artist metadata, does a stellar job matching similar artists and building playlists from your own collection. That's it, that's what I wanted. I don't want the collection to drift, I'll add to it when I find music that I want to listen to more than once and sometimes, I want to throw on a station or playlist constrained to that set of artists.

So here we are: I have a cloud-based Plex instance, it's used solely for music playback, the artist images match up with Last.fm and my now page. The metadata is defined the way I've elected to define it and it's available via an rclone mount to Google Drive. This is all more complicated than listening to music should be, but I can hit play and listen to what I want to (and get decent recommendations too). Apparently that's too much to ask for from most services, or maybe I'm just out of touch.[6]
https://coryd.dev/posts/2023/i-dont-...reaming-music/

















Until next week,

- js.



















Current Week In Review





Recent WiRs -

April 1st, March 25th, March 18th, March 11th

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public." - Hugo Black