TikTok Spied On Forbes Journalists

ByteDance confirmed it used TikTok to monitor three journalists’ physical location using their IP addresses, reports Forbes, “to unearth the source of leaks inside the company following a drumbeat of stories exposing the company’s ongoing links to China.”

As a result of the investigation into the surveillance tactics, ByteDance fired Chris Lepitak, its chief internal auditor who led the team responsible for them. The China-based executive Song Ye, who Lepitak reported to and who reports directly to ByteDance CEO Rubo Liang, resigned…. “It is standard practice for companies to have an internal audit group authorized to investigate code of conduct violations,” TikTok General Counsel Erich Andersen wrote in a second internal email shared with Forbes. “However, in this case individuals misused their authority to obtain access to TikTok user data….”

“This new development reinforces serious concerns that the social media platform has permitted TikTok engineers and executives in the People’s Republic of China to repeatedly access private data of U.S. users despite repeated claims to lawmakers and users that this data was protected,” Senator Mark Warner told Forbes….

ByteDance is not the first tech giant to use an app to monitor specific users. In 2017, the New York Times reported that Uber had identified various local politicians and regulators and served them a separate, misleading version of the Uber app to avoid regulatory penalties…. Both Uber and Facebook also reportedly tracked the location of journalists reporting on their apps.

Ironically, TikTok’s journalist-tracking project involved the company’s Chief Security and Privacy Office, according to Forbes, and targeted three Forbes journalists who had formerly worked at BuzzFeed News.

It was back in October that Forbes first reported ByteDance had discussed tracking journallists. ByteDance had immediately denied the charges on Twitter, saying “TikTok has never been used to ‘target’ any members of the U.S. government, activists, public figures or journalists,” and that “TikTok could not monitor U.S. users in the way the article suggested.”

Forbes also notes that in 2021, TikTok became the most visited website in the world. Thanks to long-time Slashdot reader newbie_fantod for submitting the story!

Read more of this story at Slashdot.

NORAD Answers Questions About Their Annual Santa-Tracking Operation

The North American Aerospace Defense Command is a US/Canada organization protecting the air sovereignty of the two nations.

But every year on December 24th, they also tell you where Santa is. From NORADSanta.org:

The modern tradition of tracking Santa began in 1955 when a young child accidentally dialed the unlisted phone number of the Continental Air Defense Command Operations Center upon seeing an newspaper advertisement telling kids to call Santa. The Director of Operations, Colonel Harry Shoup, answered the phone and instructed his staff to check the radar for indications of Santa making his way south from the North Pole…. Each year since, NORAD has dutifully reported Santa’s location on Dec. 24 to millions of children and families across the globe. NORAD receives calls from around the world on Dec. 24 asking for Santa’s location. Children, families and fans also keep track of Santa’s location on the NORAD Tracks Santa® website and our social media platforms.

The page lists the NORAD technologies involved in tracking Santa — including 47 radar installations and geo-synchronous satellites with infrared heat sensors. (“Rudolph’s nose gives off an infrared signature similar to a missile launch…”)
And this year NORAD also produced a special video highlighting the various military fleets protecting Santa. (“He may know when you’re sleeping, he may know when you’re awake… ” it tells viewers. “But for 67 years now, when he takes flight, we’ll know.”)

More from NORADSanta.org:
Canadian NORAD fighter pilots, flying the CF-18, take off out of Newfoundland and welcome Santa to North America. Then at numerous locations in Canada other CF-18 fighter pilots escort Santa. While in the United States, American NORAD fighter pilots in either the F-15s, F16s or F-22s get the thrill of flying with Santa and the famous Reindeer…

Q: How can Santa travel the world within 24 hours?

A: NORAD intelligence reports indicate that Santa does not experience time the way we do. His trip seems to take 24 hours to us, but to Santa it might last days, weeks or even months. Santa would not want to rush the important job of delivering presents to children and spreading joy to everyone, so the only logical conclusion is that Santa somehow functions within his own time-space continuum….

How does Santa get down chimneys?

Although NORAD has different hypotheses and theories as to how Santa actually gets down the chimneys, we don’t have definitive information to explain the magical phenomenon.

Do your planes ever intercept Santa?

Over the past 65 years, our fighter jets (F-16s, F-15s, F-22s and CF-18s) have intercepted Santa many, many times. When the jets intercept Santa, they tip their wings to say, “Hello Santa! NORAD is tracking you again this year!” Santa always waves. He loves to see the pilots…!

How many people support this effort, and are they active duty military personnel?

More than 1,250 Canadian and American uniformed personnel and DOD civilians volunteer their time on December 24th to answer the thousands of phone calls and emails that flood in from around the world. In addition to the support provided by our corporate contributors to make this program possible, NORAD has two lead project officers who manage the program.
How much money is spent on this project?

The NORAD Tracks Santa program is made possible by volunteers and through the generous support of corporate licensees who bear virtually all of the costs.
Corporate contributors include Microsoft (with separate contributions from Microsoft’s search engine Bing and from Microsoft Azure), AWS (and Amazon’s Alexa), Verizon, and HP.

NORADSanta.org also boasts extra features like an “arcade” of online games, a jukebox of Christmas tunes, and a library of online books about Santa. And the site even provides some technical data on the weight of Santa’s sleigh — although the unit of measurement used is gumdrops.

Read more of this story at Slashdot.

Could We Make It To Mars Without NASA?

Reason.com notes NASA’s successful completion of its Artemis I mission, calling it “part of NASA’s ambitious program to bring American astronauts back to the moon for the first time in half a century. And then on to Mars.”

But then they ask if the project is worth the money, with the transportation policy director at the libertarian “Reason Foundation” think tank, Robert W. Poole, arguing instead that NASA “isn’t particularly interested in cost savings, and its decision making is overly driven by politics.”

NASA would have been better off replacing the costly and dated Space Launch System used in the Artemis program. But it didn’t. This probably has a lot to do with the fact that it was largely constructed and engineered in Alabama, the home state of Senate Appropriations Committee Chair Richard Shelby, who has a history of strong-arming NASA to preserve jobs for his constituents.

Long-time Slashdot reader SonicSpike shared the article, which ultimately asks whether it’d be faster and cheaper to just rely on private companies:
In 2009, the private sector saw one of its biggest champions ascend to become the number two person at NASA. Lori Garver pushed to scrap the Constellation program as a way to entice the private sector to fill in the gaps. She also spearheaded the Commercial Crew Program, which continues to employ commercial contractors to ferry astronauts to the International Space Station. Today, companies like Elon Musk’s SpaceX are launching rockets at a faster pace and for a fraction of what NASA spends. In 2022, the company successfully launched 61 rockets, each with a price tag between $100 million and 150 million.

Private companies already design and lease NASA much of its hardware. Poole says there’s no reason NASA can’t take it a step further and just use the SpaceX starship to cover the entire journey from Earth to the moon and eventually to Mars. “If the current NASA plan goes ahead to have the SpaceX Starship actually deliver the astronauts from the lunar outpost orbit to the surface of the moon and bring them back, that would be an even more dramatic refutation of the idea that only NASA should be doing space transportation,” he says.

Poole says that instead of flying its own missions, NASA should play a more limited and supportive role. “The future NASA role that makes the most sense is research and development to advance science,” he says.

But for a contrary opinion, Slashdot reader youn counters that “You can bash NASA all you want but a big reason the private sector is where it is at is because it funded research 12 years ago.” They share a CNET article noting the $6 billion NASA budgeted over five years “to kick-start development of a new commercial manned spaceflight capability.”

And Slashdot reader sg_oneill argues that “Its gonna be a century before we’re really colonizing the moon and/or Mars… because we have a lot of science to do first. How do you do a civilization with zero energy inputs from the rest of humanity? How do we deal with radiation? How do bodies work in low G? (Mars is about 1/3 the gravbity of earth). This needs science, and to get science we need NASA, even if private enterprise is building the rockets.”

Read more of this story at Slashdot.

Gene-edited Hens May End Cull of Billions of Chicks

Israeli researchers say they have developed gene-edited hens that lay eggs from which only female chicks hatch. From a report: The breakthrough could prevent the slaughter of billions of male chickens each year, which are culled because they don’t lay eggs. The female chicks, and the eggs they lay when they mature, have no trace of the original genetic alteration Animal welfare group, Compassion in World Farming, has backed the research. Dr Yuval Cinnamon from the Volcani institute near Tel Aviv, who is the project’s chief scientist, told BBC News that the development of what he calls the ”Golda hen” will have a huge impact on animal welfare in the poultry industry.

“I am very happy that we have developed a system that I think can truly revolutionise the industry, first of all for the benefit of the chickens but also for all of us, because this is an issue that affects every person on the planet,” he said. The scientists have gene edited DNA into the Golda hens that can stop the development of any male embryos in eggs that they lay. The DNA is activated when the eggs are exposed to blue light for several hours. Female chick embryos are unaffected by the blue light and develop normally. The chicks have no additional genetic material inside them nor do the eggs they lay, according to Dr Cinnamon. “Farmers will get the same chicks they get today and consumers will get exactly the same eggs they get today,” he said. “The only minor difference in the production process is that the eggs will be exposed to blue light.”

Read more of this story at Slashdot.

FTX Asks Judge For Help In Fight Over Robinhood Shares Worth About $450 Million

FTX sought a U.S. bankruptcy court’s help amid a battle over ownership of about $450 million worth of stock in Robinhood Markets (HOOD), according to a filing (PDF) Thursday. CoinDesk reports: At issue are about 56 million shares of the brokerage owned by Emergent Fidelity Technologies Ltd., a corporate entity organized in Antigua and Barbuda and 90% controlled by former FTX CEO Sam Bankman-Fried, according to the filing. Three parties, the filing says, have tried to get control of those shares: BlockFi (a lender that FTX had helped prop up earlier this year), Yonathan Ben Shimon (an FTX creditor appointed as a receiver in Antigua and granted permission to sell the shares under supervision of a court there) and Bankman-Fried himself (who has legal bills).

FTX’s bankruptcy estate told ED&F Man Capital Markets, the brokerage where the shares are parked, to freeze the stock around the time the Chapter 11 case began on Nov. 11. FTX has determined that Emergent only “nominally” owns the shares and that they truly belong to FTX. “Emergent is a special-purpose holding company that appears to have no other business,” the crypto exchange said in the filing. The judge overseeing the bankruptcy case should force the shares to remain frozen while FTX tries to figure out how to repay all its creditors, FTX argued in the filing.

Read more of this story at Slashdot.

LastPass: Hackers Stole Customer Vault Data In Cloud Storage Breach

LastPass revealed today that attackers stole customer vault data after breaching its cloud storage earlier this year using information stolen during an August 2022 incident. BleepingComputer reports: This follows a previous update issued last month when the company’s CEO, Karim Toubba, only said that the threat actor gained access to “certain elements” of customer information. Today, Toubba added that the cloud storage service is used by LastPass to store archived backups of production data. The attacker gained access to Lastpass’ cloud storage using “cloud storage access key and dual storage container decryption keys” stolen from its developer environment.

“The threat actor copied information from backup that contained basic customer account information and related metadata including company names, end-user names, billing addresses, email addresses, telephone numbers, and the IP addresses from which customers were accessing the LastPass service,” Toubba said today. “The threat actor was also able to copy a backup of customer vault data from the encrypted storage container which is stored in a proprietary binary format that contains both unencrypted data, such as website URLs, as well as fully-encrypted sensitive fields such as website usernames and passwords, secure notes, and form-filled data.”

Fortunately, the encrypted data is secured with 256-bit AES encryption and can only be decrypted with a unique encryption key derived from each user’s master password. According to Toubba, the master password is never known to LastPass, it is not stored on Lastpass’ systems, and LastPass does not maintain it. Customers were also warned that the attackers might try to brute force their master passwords to gain access to the stolen encrypted vault data. However, this would be very difficult and time-consuming if you’ve been following password best practices recommended by LastPass. If you do, “it would take millions of years to guess your master password using generally-available password-cracking technology,” Toubba added. “Your sensitive vault data, such as usernames and passwords, secure notes, attachments, and form-fill fields, remain safely encrypted based on LastPass’ Zero Knowledge architecture.”

Read more of this story at Slashdot.