US NIST Unveils Winning Encryption Algorithm For IoT Data Protection

The National Institute of Standards and Technology (NIST) announced that ASCON is the winning bid for the “lightweight cryptography” program to find the best algorithm to protect small IoT (Internet of Things) devices with limited hardware resources. BleepingComputer reports: ASCON was selected as the best of the 57 proposals submitted to NIST, several rounds of security analysis by leading cryptographers, implementation and benchmarking results, and feedback received during workshops. The whole program lasted for four years, having started in 2019. NIST says all ten finalists exhibited exceptional performance that surpassed the set standards without raising security concerns, making the final selection very hard.

ASCON was eventually picked as the winner for being flexible, encompassing seven families, energy efficient, speedy on weak hardware, and having low overhead for short messages. NIST also considered that the algorithm had withstood the test of time, having been developed in 2014 by a team of cryptographers from Graz University of Technology, Infineon Technologies, Lamarr Security Research, and Radboud University, and winning the CAESAR cryptographic competition’s “lightweight encryption” category in 2019.

Two of ASCON’s native features highlighted in NIST’s announcement are AEAD (Authenticated Encryption with Associated Data) and hashing. AEAD is an encryption mode that provides confidentiality and authenticity for transmitted or stored data, combining symmetric encryption and MAC (message authentication code) to prevent unauthorized access or tampering. Hashing is a data integrity verification mechanism that creates a string of characters (hash) from unique inputs, allowing two data exchange points to validate that the encrypted message has not been tampered with. Despite ASCON’s lightweight nature, NIST says the scheme is powerful enough to offer some resistance to attacks from powerful quantum computers at its standard 128-bit nonce. However, this is not the goal or purpose of this standard, and lightweight cryptography algorithms should only be used for protecting ephemeral secrets. For more details on ASCON, check the algorithm’s website, or read the technical paper (PDF) submitted to NIST in May 2021.

Read more of this story at Slashdot.

Bob Iger Announces 7,000 Layoffs As Disney+ Loses Subscribers

Bob Iger, in his first earnings call since returning to the company, announced Walt Disney Co. will shed 7,000 jobs as part of a broader effort to save $5.5 billion in costs. Disney is facing pressure to control costs and boost profits as it continues to lose money from its key streaming business, which includes Disney+. The Los Angeles Times reports: The company’s marquee streaming service Disney+ lost 2.4 million subscribers during the first quarter, bringing its total count to 161.8 million, mainly stemming from declines in its Disney+Hotstar product in India. The service gained subscribers elsewhere, adding 1.4 million subscribers in the U.S. and internationally, not including Hotstar. Overall, Disney’s streaming apps — Disney+, Hulu and ESPN+ — have 235 million subscribers.

Disney’s streaming business continued to bleed cash, losing more than $1 billion during the three months that ended in December. Nonetheless, Disney reported earnings and revenues that beat Wall Street estimates. The company generated sales of $23.5 billion, up 8% from the same quarter a year ago. Analysts on average had been expecting $23.4 billion in revenue. Disney’s profit was $1.28 billion, up 11%. The Burbank entertainment giant’s earnings of 99 cents a share exceeded projections of 78 cents. “After a solid first quarter, we are embarking on a significant transformation, one that will maximize the potential of our world-class creative teams and our unparalleled brands and franchises,” Iger said in a statement. “We believe the work we are doing to reshape our company around creativity, while reducing expenses, will lead to sustained growth and profitability for our streaming business, better position us to weather future disruption and global economic challenges, and deliver value for our shareholders.”
Last November, Disney reappointed Iger as CEO after Iger’s hand-picked successor as CEO, Bob Chapek, came under fire for his management of the entertainment giant.

Read more of this story at Slashdot.

EV Batteries Getting Second Life On California Power Grid

Hundreds of used electric vehicle battery packs are enjoying a second life at a California facility connected to the state’s power grid, according to a company pioneering technology it says will dramatically lower the cost of storing carbon-free energy. Reuters reports: B2U Storage Solutions, a Los Angeles-based startup, said it has 25 megawatt-hours of storage capacity made up of 1,300 former EV batteries tied to a solar energy facility in Lancaster, California. The project is believed to be the first of its kind selling power into a wholesale market and earned $1 million last year, according to Chief Executive Freeman Hall. B2U’s technology allows the EV battery packs to be bundled together without having to be taken apart first. Founded in 2019, the company is backed by Japanese trading company Marubeni Corp.

By extending the batteries’ lives, project developers can save both resources and costs. Hall estimates that a system like B2U’s could lower grid-scale battery capital costs by about 40%. “Second life and re-use helps the overall lifecycle be more energy efficient, given all the efforts that go into making that battery,” Hall said in an interview. “So you’re getting maximum value out of it.” Batteries are worked hard during their years powering vehicles, and over time their range deteriorates. But they still hold value as stationary storage, which has gentler demands, Hall said. The batteries in the B2U system are up to 8-years old and once powered vehicles built by Honda and Nissan.

Read more of this story at Slashdot.

Wyze Security Cameras Will Go Offline Tonight For Two Hours

If you have Wyze cameras or a Wyze home security system, you will need to make other arrangements to monitor your property from 12AM PT to 2AM PT tomorrow morning. The Verge reports: The smart home company sent an email to its customers this week stating that system maintenance on February 8th at 12AM PT will impact every feature of the system that relies on the app or website. That includes being able to alert Noonlight, the professional monitoring company Wyze uses for its Sense security system, about a potential break-in. Not only will your security system be down, but if you use Wyze cameras to keep an eye on things going bump in the night, you’ll have to stay awake. Wyze cameras won’t be able to upload any video to the cloud or send alerts for motion or other events to the app.

While it’s a good thing that Wyze is giving customers a heads-up, the flip side is that everyone is getting a heads-up. It’s posting a sign that any location using this equipment will be unprotected between these hours, with basically no notice to create a backup plan or take other precautions, depending on your security concerns. It’s also worrisome that the professional security customers have paid for and rely on can be completely disabled for “maintenance.”

Read more of this story at Slashdot.

Maryland Motor Vehicles Agency Wants To Know About Your Sleep Apnea

“Man goes to the doctor for a sleep apnea diagnosis, a few months later he gets a letter from the state of Maryland about his sleep apnea — and they won’t tell him how they found out about it,” writes Slashdot reader schwit1. NBC4 Washington reports: Dr. David Allick, a dentist in Rockville, was diagnosed with mild sleep apnea in June 2022. Months later, he received a letter from the MVA requesting additional information about his diagnosis in order “to determine your fitness to drive.” The September 2022 letter noted failure to return the required forms, which included a report from his physician, could result in the suspension of his license. Allick said he isn’t clear how the state learned about his medical diagnosis. But more importantly, he said he was previously unaware of a little-known Maryland law requiring people to report their sleep apnea diagnosis to state driving authorities. Allick said he still has questions about what prompted the ordeal. “Everybody I talked to — nobody’s heard of anything like this,” he said, also acknowledging: “I’m sure they want to keep the roads safe.” schwit1 adds: “How is this not a HIPAA violation?”

The investigation team at NBC4 Washington found that Allick is one of 1,310 people whose sleep apnea diagnoses “have led to medical reviews by the Maryland MVA.” The state department didn’t have data on how many of these Maryland drivers have had their license suspended.

Read more of this story at Slashdot.

Single-Use Plastic Production Rose Between 2019 and 2021 Despite Pledges

Polluting single-use plastic production rose globally by 6 million tons per year from 2019 to 2021 despite tougher worldwide regulations, with producers making “little progress” to tackle the problem and boost recycling, new research showed on Monday. Reuters reports: Single-use plastics have emerged as one of the world’s most pressing environmental threats, with vast amounts of waste buried in landfills or dumped untreated in rivers and oceans. The manufacturing process is also a major source of climate-warming greenhouse gas. But while growth has slowed recently, the production of single-use plastic from “virgin” fossil fuel sources is still nowhere near its peak, and the use of recycled feedstocks remains “at best a marginal activity,” Australia’s Minderoo Foundation said in its Plastic Waste Makers Index. “Make no mistake, the plastic waste crisis is going to get significantly worse before we see an absolute year-on-year decline in virgin single-use plastic consumption,” it said.

Exxon Mobil was at the top of the list of global petrochemical companies producing virgin polymers used in single-use plastics, followed by China’s Sinopec. Sinopec also leads the way when it comes to building new production facilities over the 2019-2027 period, the report said, with more than 5 million tons of annual capacity planned. Exxon Mobil was second with around 4 million tons. […] Around 137 million tons of single-use plastics were produced from fossil fuels in 2021, and it is expected to rise by another 17 million tons by 2027, the researchers said.

Read more of this story at Slashdot.

Power Grid Worries Force Amazon To Run Oregon Datacenters Using Fuel Cells

Unable to get the power it needs to feed its growing datacenter footprint, Amazon plans to transition some of its Oregon datacenters over to natural gas fuel cells. The Register reports: First reported by local media, Amazon’s initial plan would involve installing just shy of 75 megawatts of fuel cell capacity across three datacenters with the option to expand that to four additional sites in the future. Fuel cells extract electricity from a fuel like natural gas or hydrogen without the need for combustion. With hydrogen, the only byproducts of this reaction are electricity and water vapor, but with natural gas, CO2 — a potent greenhouse gas — is still produced.

For Amazon, these natural gas fuel cells will be used as the primary energy supply, delivering 24.3 megawatts of power to each of the three datacenter sites. “We are investing in fuel cells as a way to power a small number of our operations in Oregon,” an Amazon spokesperson told The Register in an email. “We continually innovate to minimize our impact on our neighbors, local resources, and the environment and this technology provides a pathway for less carbon intensive solutions in the region.”

Continuing to use fossil fuels to power its datacenters is at odds with Amazon’s stated sustainability goals — which include transitioning facilities to 100 percent renewable energy by 2025. However, sources familiar with the matter tell The Register that Amazon’s decision to use natural gas fuel cells was made in part due to challenges associated with power transmission infrastructure in the region. Oregon Live notes that the e-tail giant has had problems with landowners, who have objected to having high-voltage transmission lines cross their properties. Fuel cells provide Amazon a way to circumvent these headaches by generating the power onsite. However, regulators are concerned that the decision could actually increase Amazon’s carbon footprint in the region as the power supplied by local utilities includes a mix of hydroelectric power. In documents filed with the state, it’s estimated the fuel cells would generate 250,000 metric tons of carbon dioxide annually.

Read more of this story at Slashdot.

Binance To Suspend US Dollar Bank Transfers This Week

Binance, the world’s largest cryptocurrency exchange, will suspend U.S. dollar deposits and withdrawals, the company said Monday, without providing a reason for the decision. CNBC reports: Binance US, a unit of the company that’s regulated by the Treasury Department’s Financial Crimes Enforcement Network, said in a tweet that it’s not affected by the suspension. Thus the move applies only to non-U.S. customers who transfer money to or from bank accounts in dollars. Data from Arkham Intelligence shows that following the announcement, there was a sharp spike in outflows from Binance’s crypto wallets, as millions of dollar-pegged stablecoins such as tether and USDC flowed to rival exchanges or individual wallets.

Binance’s net U.S. dollar outflow was over $172 million for the day, based on data from DefiLlama. That represents a tiny amount of money for a company that has $42.2 billion worth of crypto assets, according to Arkham. “We’re still overwhelmingly net-positive on net deposits,” the spokesperson said. “Outflows always tick up when prices start to level off following a bullish market swing like we saw last week as some users take profits.” Bitcoin rose more than 38% in January, its best month since October 2021.

Regarding Monday’s suspension, a Binance representative told CNBC in an email that “Binance.US has its own banking partners and does not have any issues.” The main Binance exchange does not serve U.S. users. Binance said customers can still use other fiat currencies or payment methods to purchase crypto. For the small number affected, “we’ll have a new partner to announce for those users in the next couple weeks,” the spokesperson said.

Read more of this story at Slashdot.

TikTok Unveils New US-Based ‘Transparency and Accountability Center’

The Verge was part of “a handful” of journalists invited to Los Angeles to tour TikTok’s new “Transparency and Accountability Center…. part of a multi-week press blitz by TikTok to push Project Texas, a novel proposal to the US government that would partition off American user data in lieu of a complete ban.”
TikTok says it has already taken thousands of people and over $1.5 billion to create Project Texas. The effort involves TikTok creating a separate legal entity dubbed USDS with an independent board from ByteDance that reports directly to the US government. More than seven outside auditors, including Oracle, will review all data that flows in and out of the US version of TikTok. Only American user data will be available to train the algorithm in the US, and TikTok says there will be strict compliance requirements for any internal access to US data. If the proposal is approved by the government, it will cost TikTok an estimated $700 million to $1 billion per year to maintain…..
At one point during the tour, I tried asking what would hypothetically happen if, once Project Texas is greenlit, a Bytedance employee in China makes an uncomfortable request to an employee in TikTok’s US entity. I was quickly told by a member of TikTok’s PR team that the question wasn’t appropriate for the tour.

Other notes from the tour:

The journalists weren’t allowed to enter a special server room “housing the app’s source code for outside auditors to review.”

A room that explained TikTok’s algorithm using iMacs running “code simulators” was “frustratingly vague”

“Despite it being called a transparency center, TikTok’s PR department made everyone agree to not quote or directly attribute comments made by employees leading the tour.”

The Verge ultimately concludes TikTok’s Transparency and Accountability Center is “a lot of smoke and mirrors designed to give the impression that it really cares.”

Read more of this story at Slashdot.

Are Citywide Surveillance Cameras Effective?

The Washington Post looks at the effectiveness — and the implications — of “citywide surveillance” networks, including Memphis’s SkyCop , “built on 2,100 cameras that broadcast images back to a police command center every minute of every day.”

Known for their blinking blue lights, the SkyCop cameras now blanket many of the city’s neighborhoods, gas stations, sidewalks and parks. The company that runs SkyCop, whose vice president of sales previously worked for the Memphis police, promotes it as a powerful crime deterrent that can help “neighborhoods take back their streets.” But after a decade in which Memphis taxpayers have paid $10 million to expand the surveillance system, crime in the city has gone up….

No agency tracks nationwide camera installation statistics, but major cities have invested heavily in such networks. Police in Washington, D.C., said they had deployed cameras at nearly 300 intersections by 2021, up from 48 in 2007. In Chicago, more than 30,000 cameras are viewable by police; in parts of New York City, the cameras watch every block. Yet researchers have found no substantive evidence that the cameras actually reduce crime….

In federal court, judges have debated whether round-the-clock police video recording could constitute an unreasonable search as prohibited by the Fourth Amendment. Though the cameras are installed in public areas, they also capture many corners of residential life, including people’s doors and windows. “Are we just going to put these cameras in front of everybody’s house and monitor them and see if anybody’s up to anything?” U.S. Circuit Judge O. Rogeriee Thompson said during oral arguments for one such case in 2021….

Dave Maass, a director at the digital rights group Electronic Frontier Foundation who researches police surveillance technology, said these systems have expanded rapidly in the United States without real evidence that they have led to a drop in crime. “This often isn’t the community coming in and asking for it, it’s police going to conferences where … vendors are promising the world and that they’ll miraculously solve crimes,” Maass said. “But it’s just a commercial thing. It’s just business.”
Nonetheless, the Post notes that in Memphis many SkyCop cameras are even outfitted “with license-plate recognition software that records the time and location of every passing car.”

Read more of this story at Slashdot.