Casio confirmed it suffered a ransomware attack earlier this month, resulting in the theft of personal and confidential data from employees, job candidates, business partners, and some customers. Although customer payment data was not compromised, Casio warns the impact may broaden as the investigation continues. BleepingComputer reports: The attack was disclosed Monday when Casio warned that it was facing system disruption and service outages due to unauthorized access to its networks during the weekend. Yesterday, the Underground ransomware group claimed responsibility for the attack, leaking various documents allegedly stolen from the Japanese tech giant's systems. Today, after the data was leaked, Casio published a new statement that admits that sensitive data was stolen during the attack on its network.

As to the current results of its ongoing investigation, Casio says the following information has been confirmed as likely compromised:

- Personal data of both permanent and temporary/contract employees of Casio and its affiliated companies.
- Personal details related to business partners of Casio and certain affiliates.
- Personal information of individuals who have interviewed for employment with Casio in the past.
- Personal information related to customers using services provided by Casio and its affiliated companies.
- Details related to contracts with current and past business partners.
- Financial data regarding invoices and sales transactions.
- Documents that include legal, financial, human resources planning, audit, sales, and technical information from within Casio and its affiliates.

U.S. officials are racing to understand the full scope of a China-linked hack of major U.S. broadband providers, as concerns mount from members of Congress that the breach could amount to a devastating counterintelligence failure. From a report: Federal authorities and cybersecurity investigators are probing the breaches of Verizon Communications, AT&T and Lumen Technologies. A stealthy hacking group known as Salt Typhoon tied to Chinese intelligence is believed to be responsible. The compromises may have allowed hackers to access information from systems the federal government uses for court-authorized network wiretapping requests, The Wall Street Journal reported last week.

Among the concerns are that the hackers may have essentially been able to spy on the U.S. government's efforts to surveil Chinese threats, including the FBI's investigations. The House Select Committee on China sent letters Thursday asking the three companies to describe when they became aware of the breaches and what measures they are taking to protect their wiretap systems from attack. Spokespeople for AT&T, Lumen and Verizon declined to comment on the attack. A spokesman at the Chinese Embassy in Washington has denied that Beijing is responsible for the alleged breaches.

Combined with other Chinese cyber threats, news of the Salt Typhoon assault makes clear that "we face a cyber-adversary the likes of which we have never confronted before," Rep. John Moolenaar, the Republican chairman of the House Select Committee Committee on China, and Raja Krishnamoorthi, the panel's top Democrat, said in the letters. "The implications of any breach of this nature would be difficult to overstate," they said. Hackers still had access to some parts of U.S. broadband networks within the last week, and more companies were being notified that their networks had been breached, people familiar with the matter said. Investigators remain in the dark about precisely what the hackers were seeking to do, according to people familiar with the response.

An anonymous reader quotes a report from Ars Technica: On Wednesday, NYC-based software developer Nick Spreen received a surprising alert on his iPhone 15 Pro, delivered through an early test version of Apple's upcoming Apple Intelligence text message summary feature. "No longer in a relationship; wants belongings from the apartment," the AI-penned message reads, summing up the content of several separate breakup texts from his girlfriend -- that arrived on his birthday, no less. Spreen shared a screenshot of the AI-generated message in a now-viral tweet on the X social network, writing, "for anyone who's wondered what an apple intelligence summary of a breakup text looks like." Spreen told Ars Technica that the screenshot does not show his ex-girlfriend's full real name, just a nickname.

This summary feature of Apple Intelligence, announced by the iPhone maker in June, isn't expected to fully ship until an iOS 18.1 update in the fall. However, it has been available in a public beta test of iOS 18 since July, which is what Spreen is running on his iPhone. It works akin to something like a stripped-down ChatGPT, reading your incoming text messages and delivering its own simplified version of their content. On X, Spreen replied to skepticism over whether the message was real in a follow-up post. "Yes this was real / yes it happened yesterday / yes it was my birthday," Spreen wrote. In response to a question about it being a fair summary of his girlfriend's messages, he wrote, "it is."

We reached out to Spreen directly via email and he delivered his own summary of his girlfriend's messages. "It was something along the lines of i can't believe you just did that, we're done, i want my stuff. we had an argument in a bar and I got up and left, then she sent the text," he wrote. How did he feel about getting the news via AI summary? "I do feel like it added a level of distance to it that wasn't a bad thing," he told Ars Technica. "Maybe a bit like a personal assistant who stays professional and has your back even in the most awful situations, but yeah, more than anything it felt unreal and dystopian."

An anonymous reader quotes a report from Ars Technica: The Federal Communications Commission gave Starlink and T-Mobile emergency authority to provide satellite-to-phone coverage in areas hit by Hurricane Helene. "SpaceX and T-Mobile have been given emergency special temporary authority by the FCC to enable Starlink satellites with direct-to-cell capability to provide coverage for cell phones in the affected areas of Hurricane Helene," SpaceX said yesterday. "The satellites have already been enabled and started broadcasting emergency alerts to cell phones on all networks in North Carolina. In addition, we may test basic texting (SMS) capabilities for most cell phones on the T-Mobile network in North Carolina."

SpaceX warned of limits since the service isn't ready for a commercial rollout. "SpaceX's direct-to-cell constellation has not been fully deployed, so all services will be delivered on a best-effort basis," the company said. Starlink is being used to provide wireless emergency alerts to cell phones from all carriers in North Carolina, according to Ben Longmier, senior director of satellite engineering for SpaceX. "We are also closely monitoring Hurricane Milton and standing by ready to take action in Florida," he wrote.

The FCC said (PDF) the approval "enabl[es] SpaceX to operate Supplemental Coverage from Space (SCS) in the 1910-1915 MHz and 1990-1995 MHz frequency bands leased from T-Mobile in areas affected by the Hurricane Helene." An FCC spokesperson told Ars that the approval is for all areas affected by Hurricane Helene, although it's only active in North Carolina so far. The FCC also said (PDF) that it is granting "special temporary authorities to licensees and issuing rule waivers to help communications providers maintain and restore service, support emergency operations, and assist public safety, including search and rescue efforts." Separately, the FCC last week waived (PDF) certain Lifeline program eligibility rules to help people in disaster areas (PDF) apply for discounted phone and broadband service.

The Washington Post interviewed Lebanese officials, people close to Hezbollah, and Israeli, Arab and U.S. security officials and politicians about a years-long plan (originated at Mossad headquarters) that ultimately killed or maimed "as many as 3,000 Hezbollah officers and members — most of them rear-echelon figures... along with an unknown number of civilians... when Israel's Mossad intelligence service triggered the devices remotely on September 17." In the initial sales pitch to Hezbollah two years ago, the new line of Apollo pagers seemed precisely suited to the needs of a militia group with a sprawling network of fighters and a hard-earned reputation for paranoia... Best of all, there was no risk that the pagers could ever be tracked by Israel's intelligence services. Hezbollah's leaders were so impressed they bought 5,000 of them and began handing them out to mid-level fighters and support personnel in February. None of the users suspected they were wearing an ingeniously crafted Israeli bomb...

Israeli officials had watched with increasing anxiety as the Lebanese group added new weapons to an arsenal already capable of striking Israeli cities with tens of thousands of precision-guided missiles. Mossad, the Israeli intelligence service responsible for combating foreign threats to the Jewish state, had worked for years to penetrate the group with electronic monitoring and human informants. Over time, Hezbollah leaders learned to worry about the group's vulnerability to Israeli surveillance and hacking, fearing that even ordinary cellphones could be turned into Israeli-controlled eavesdropping and tracking devices. Thus was born the idea of creating a kind of communications Trojan horse, the officials said. Hezbollah was looking for hack-proof electronic networks for relaying messages, and Mossad came up with a pair of ruses that would lead the militia group to purchase devices that seemed perfect for the job — equipment that Mossad designed and had assembled in Israel.

The first part of the plan, booby-trapped walkie-talkies, began being inserted into Lebanon by Mossad nearly a decade ago, in 2015. The mobile two-way radios contained oversized battery packs, a hidden explosive and a transmission system that gave Israel complete access to Hezbollah communications. For nine years, the Israelis contented themselves with eavesdropping on Hezbollah, the officials said, while reserving the option to turn the walkie-talkies into bombs in a future crisis. But then came a new opportunity and a glitzy new product: a small pager equipped with a powerful explosive. In an irony that would not become clear for many months, Hezbollah would end up indirectly paying the Israelis for the tiny bombs that would kill or wound many of its operatives.

Because Hezbollah leaders were alert to possible sabotage, the pagers could not originate in Israel, the United States or any other Israeli ally. So, in 2023, the group began receiving solicitations for the bulk purchase of Taiwanese-branded Apollo pagers, a well-recognized trademark and product line with a worldwide distribution and no discernible links to Israeli or Jewish interests. The Taiwanese company had no knowledge of the plan, officials said... The marketing official had no knowledge of the operation and was unaware that the pagers were physically assembled in Israel under Mossad oversight, officials said... In a feat of engineering, the bomb component was so carefully hidden as to be virtually undetectable, even if the device was taken apart, the officials said. Israeli officials believe that Hezbollah did disassemble some of the pagers and may have even X-rayed them.
"Thousands of Apollo-branded pagers rang or vibrated at once, all across Lebanon and Syria," according to the article, with a short sentence in Arabic that said "You received an encrypted message." The two-button de-encryption procedure "ensured most users would be holding the pager with both hands when it detonated," according to the article, although "Less than a minute later, thousands of other pagers exploded by remote command, regardless of whether the user ever touched his device. The following day, on September 18, hundreds of walkie-talkies blew up in the same way, killing and maiming users and bystanders..."

"As Hezbollah reeled, Israel struck again, pounding the group's headquarters, arsenals and logistic centers with 2,000-pound bombs," the article concludes. And the strike "convinced the country's political leaders that Hezbollah could be put on the ropes, susceptible to a systematic dismantling using airstrikes and, eventually a ground invasion..."

"A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers," reports the Wall Street Journal, "potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests.

"For months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S. requests for communications data, according to people familiar with the matter, which amounts to a major national security risk." The attackers also had access to other tranches of more generic internet traffic, they said. Verizon Communications, AT&T and Lumen Technologies are among the companies whose networks were breached by the recently discovered intrusion, the people said.

The widespread compromise is considered a potentially catastrophic security breach and was carried out by a sophisticated Chinese hacking group dubbed Salt Typhoon. It appeared to be geared toward intelligence collection, the people said... The surveillance systems believed to be at issue are used to cooperate with requests for domestic information related to criminal and national security investigations. Under federal law, telecommunications and broadband companies must allow authorities to intercept electronic information pursuant to a court order. It couldn't be determined if systems that support foreign intelligence surveillance were also vulnerable in the breach...

The hackers appear to have engaged in a vast collection of internet traffic from internet service providers that count businesses large and small, and millions of Americans, as their customers. Additionally, there are indications that the hacking campaign targeted a small number of service providers outside the U.S., the people said. A person familiar with the attack said the U.S. government considered the intrusions to be historically significant and worrisome... "It will take time to unravel how bad this is, but in the meantime it's the most significant in a long string of wake-up calls that show how the PRC has stepped up their cyber game," said Brandon Wales, former executive director at the Cybersecurity and Infrastructure Security Agency and now a vice president at SentinelOne, referring to the People's Republic of China. "If companies and governments weren't taking this seriously before, they absolutely need to now."
Three weeks ago TechCrunch also reported that the FBI "took control of a botnet made up of hundreds of thousands of internet-connected devices, such as cameras, video recorders, storage devices, and routers, which was run by a Chinese government hacking group, FBI director Christopher Wray and U.S. government agencies revealed Wednesday.

Last week the Register warned "If you're running the Unix printing system CUPS, with cups-browsed present and enabled, you may be vulnerable to attacks that could lead to your computer being commandeered over the network or internet." (Although the CEO of cybersecurity platform watchTowr told them "the vulnerability impacts less than a single-digit percentage of all deployed internet-facing Linux systems.")

But Tuesday generic (Slashdot reader #14,144) shared this new warning from Akamai: Akamai researchers have confirmed a new attack vector using CUPS that could be leveraged to stage distributed denial-of-service (DDoS) attacks. Research shows that, to begin the attack, the attacking system only needs to send a single packet to a vulnerable and exposed CUPS service with internet connectivity.

The Akamai Security Intelligence and Response Team (SIRT) found that more than 198,000 devices are vulnerable to this attack vector and are accessible on the public internet; roughly 34% of those could be used for DDoS abuse (58,000+). Of the 58,000+ vulnerable devices, hundreds exhibited an "infinite loop" of requests.

The limited resources required to initiate a successful attack highlights the danger: It would take an attacker mere seconds to co-opt every vulnerable CUPS service currently exposed on the internet and cost the attacker less than a single US cent on modern hyperscaler platforms.

"Can you believe that we've been demanding user freedom since 1985?" asks a new blog post at FSF.org: Today, we're celebrating our thirty-ninth anniversary, the "lace year," which represents the intertwined nature and strength of our relationship with the free software community. We wouldn't be here without you, and we are so grateful for everyone who has stood with us, advocating for a world where complete user freedom is the norm and not the exception.

As we celebrate our anniversary and reflect on the past thirty-nine years, we feel inspired by how far we've come, not only as a movement but as an organization, and the changes that we've gone through. While we inevitably have challenges ahead, we feel encouraged and eager to take them on knowing that you'll be right there with us, working for a free future for everyone. Here's to many more years of fighting for user freedom!
Their suggestions for celebrating include:

• Try a fully free distribution of GNU/Linux or help someone else give it a try

• Learn how to encrypt your emails and opt out of bulk surveillance

• Take a small step with big impact and swap out one nonfree program with one that's truly free

• If you have an Android phone, download F-Droid, which is a catalogue of hundreds of free software applications

• Wish us happy birthday on social media. [Which for the FSF is Mastodon, PeerTube, and GNU social.]

• Join a Free Software Directory (FSD) meeting, which we host every Friday from 16:00 to 19:00 UTC.

• Become an associate member or gift a membership to a friend

• Donate $39 to help support free software advocacy

• Print off stickers of our 39th birthday cake

• Change your desktop background to an early-2000s-cyberspace-inspired image of our former front desk. (And then switch out your browser theme to match your new desktop background.)

And to help with the celebrations they share a free video teaching the basics of SuperCollider (the free and open source audio synthesis/algorithmic composition software). The video appears on FramaTube, an instance of the decentralized (and ActivityPub-federated) Peertube video platform, supported by the French non-profit Framasoft and powered by WebTorrent, using peer-to-peer technology to reduce load on individual servers.

An anonymous reader quotes a report from The Register: Comcast says data on 237,703 of its customers was in fact stolen in a cyberattack on a debt collector it was using, contrary to previous assurances it was given that it was unaffected by that intrusion. That collections agency, Financial Business and Consumer Solutions aka FBCS, was compromised in February, and according to a filing with Maine's attorney general, the firm informed the US cable giant about the unauthorized access in March. At the time, FBCS told the internet'n'telly provider that no Comcast customer information was affected. However, that changed in July, when the collections outfit got in touch again to say that, actually, the Comcast subscriber data it held had been pilfered.

Among the data types stolen were names, addresses, Social Security numbers, dates of birth, and the Comcast account numbers and ID numbers used internally at FBCS. The data pertains to those registered as customers at "around 2021." Comcast stopped using FBCS for debt collection services in 2020. Comcast made it clear its own systems, including those of its broadband unit Xfinity, were not broken into, unlike that time in 2023. FBCS earlier said more than 4 million people had their records accessed during that February break-in. As far as we're aware, the agency hasn't said publicly exactly how that network intrusion went down. Now Comcast is informing subscribers that their info was taken in that security breach, and in doing so seems to be the first to say the intrusion was a ransomware attack. [...]

FBCS's official statement only attributes the attack to an "unauthorized actor." It does not mention ransomware, nor many other technical details aside from the data types involved in the theft. No ransomware group we're aware of has ever claimed responsibility for the raid on FBCS. When we asked Comcast about the ransomware, it simply referred us back to the customer notification letter. The cableco used that notification to send another small middle finger FBCS's way, slyly revealing that the agency's financial situation prevents it from offering the usual identity and credit monitoring protection for those affected, so Comcast is having to foot the bill itself.

An anonymous reader quotes a report from TechCrunch: The European Union's top court has sided with a privacy challenge to Meta's data retention policies. It ruled on Friday that social networks, such as Facebook, cannot keep using people's information for ad targeting indefinitely. The judgement could have major implications on the way Meta and other ad-funded social networks operate in the region. Limits on how long personal data can be kept must be applied in order to comply with data minimization principles contained in the bloc's General Data Protection Regulation (GDPR). Breaches of the regime can lead to fines of up to 4% of global annual turnover -- which, in Meta's case, could put it on the hook for billions more in penalties (NB: it is already at the top of the leaderboard of Big Tech GDPR breachers). [...]

The original challenge to Meta's ad business dates back to 2014 but was not fully heard in Austria until 2020, per noyb. The Austrian supreme court then referred several legal questions to the CJEU in 2021. Some were answered via a separate challenge to Meta/Facebook, in a July 2023 CJEU ruling -- which struck down the company's ability to claim a "legitimate interest" to process people's data for ads. The remaining two questions have now been dealt with by the CJEU. And it's more bad news for Meta's surveillance-based ad business. Limits do apply. Summarizing this component of the judgement in a press release, the CJEU wrote: "An online social network such as Facebook cannot use all of the personal data obtained for the purposes of targeted advertising, without restriction as to time and without distinction as to type of data."

The ruling looks important on account of how ads businesses, such as Meta's, function. Crudely put, the more of your data they can grab, the better -- as far as they are concerned. Back in 2022, an internal memo penned by Meta engineers which was obtained by Vice's Motherboard likened its data collection practices to tipping bottles of ink into a vast lake and suggested the company's aggregation of personal data lacked controls and did not lend itself to being able to silo different types of data or apply data retention limits. Although Meta claimed at the time that the document "does not describe our extensive processes and controls to comply with privacy regulations." How exactly the adtech giant will need to amend its data retention practices following the CJEU ruling remains to be seen. But the law is clear that it must have limits. "[Advertising] companies must develop data management protocols to gradually delete unneeded data or stop using them," noyb suggests. The court also weighed in a second question that concerns sensitive data that has been "manifestly made public" by the data subject, "and whether sensitive characteristics could be used for ad targeting because of that," reports TechCrunch. "The court ruled that it could not, maintaining the GDPR's purpose limitation principle."

The Register's Thomas Claburn reports: Buck Shlegeris, CEO at Redwood Research, a nonprofit that explores the risks posed by AI, recently learned an amusing but hard lesson in automation when he asked his LLM-powered agent to open a secure connection from his laptop to his desktop machine. "I expected the model would scan the network and find the desktop computer, then stop," Shlegeris explained to The Register via email. "I was surprised that after it found the computer, it decided to continue taking actions, first examining the system and then deciding to do a software update, which it then botched." Shlegeris documented the incident in a social media post.

He created his AI agent himself. It's a Python wrapper consisting of a few hundred lines of code that allows Anthropic's powerful large language model Claude to generate some commands to run in bash based on an input prompt, run those commands on Shlegeris' laptop, and then access, analyze, and act on the output with more commands. Shlegeris directed his AI agent to try to SSH from his laptop to his desktop Ubuntu Linux machine, without knowing the IP address [...]. As a log of the incident indicates, the agent tried to open an SSH connection, and failed. So Shlegeris tried to correct the bot. [...]

The AI agent responded it needed to know the IP address of the device, so it then turned to the network mapping tool nmap on the laptop to find the desktop box. Unable to identify devices running SSH servers on the network, the bot tried other commands such as "arp" and "ping" before finally establishing an SSH connection. No password was needed due to the use of SSH keys; the user buck was also a sudoer, granting the bot full access to the system. Shlegeris's AI agent, once it was able to establish a secure shell connection to the Linux desktop, then decided to play sysadmin and install a series of updates using the package manager Apt. Then things went off the rails.

"It looked around at the system info, decided to upgrade a bunch of stuff including the Linux kernel, got impatient with Apt and so investigated why it was taking so long, then eventually the update succeeded but the machine doesn't have the new kernel so edited my Grub [bootloader] config," Buck explained in his post. "At this point I was amused enough to just let it continue. Unfortunately, the computer no longer boots." Indeed, the bot got as far as messing up the boot configuration, so that following a reboot by the agent for updates and changes to take effect, the desktop machine wouldn't successfully start.

BleepingComputer's Ionut Ilascu reports: During a distributed denial-of-service campaign targeting organizations in the financial services, internet, and telecommunications sectors, volumetric attacks peaked at 3.8 terabits per second, the largest publicly recorded to date. The assault consisted of a "month-long" barrage of more than 100 hyper-volumetric DDoS attacks flooding the network infrastructure with garbage data. In a volumetric DDoS attack, the target is overwhelmed with large amounts of data to the point that they consume the bandwidth or exhaust the resources of applications and devices, leaving legitimate users with no access.

Many of the attacks aimed at the target's network infrastructure (network and transport layers L3/4) exceeded two billion packets per second (pps) and three terabits per second (Tbps). According to researchers at internet infrastructure company Cloudflare, the infected devices were spread across the globe but many of them were located in Russia, Vietnam, the U.S., Brazil, and Spain. The threat actor behind the campaign leveraged multiple types of compromised devices, which included a large number of Asus home routers, Mikrotik systems, DVRs, and web servers. Cloudflare mitigated all the DDoS attacks autonomously and noted that the one peaking at 3.8 Tbps lasted 65 seconds.

Cisco is exiting the LoRaWAN market for IoT device connectivity, with no migration plans for customers. "LoRaWAN is a low power, wide area network specification, specifically designed to connect devices such as sensors over relatively long distances," notes The Register. "It is built on LoRa, a form of wireless communication that uses spread spectrum modulation, and makes use of license-free sub-gigahertz industrial, scientific, and medical (ISM) radio bands. The tech is overseen by the LoRa Alliance." From the report: Switchzilla made this information public in a notice on its website announcing the end-of-sale and end-of-life dates for Cisco LoRaWAN. The last day customers will be able to order any affected products will be January 1, 2025, with all support ceasing by the end of the decade. The list includes Cisco's 800 MHz and 900 MHz LoRaWAN Gateways, plus associated products such as omni-directional antennas and software for the Gateways and Interface Modules. If anyone was in any doubt, the notification spells it out: "Cisco will be exiting the LoRaWAN space. There is no planned migration for Cisco LoRaWAN gateways."

An anonymous reader quotes a report from 404 Media: Somewhere over the streets of San Francisco's Mission, a microphone sits surveilling ... for banger songs. Bop Spotter is a project by technologist Riley Walz in which he has hidden an Android phone in a box on a pole, rigged it to be solar powered, and has set it to record audio and periodically sends it to Shazam's API to determine which songs people are playing in public. Walz describes it as ShotSpotter, but for music. "This is culture surveillance. No one notices, no one consents. But it's not about catching criminals," Walz's website reads. "It's about catching vibes. A constant feed of what's popping off in real-time."

ShotSpotter, of course, is the microphone-based, "gunshot detection" surveillance company that cities around the country have spent millions of dollars on. ShotSpotter is often inaccurate, and sometimes detects things like fireworks or a car backfiring as gunshots. Chicago, one of ShotSpotter's biggest clients, is finally allowing its contract with the company to end. Bop Spotter, on the other hand, is designed to figure out what cool music people are blasting from their cars or as they walk down the street. "I am a chronic Shazam-er. Most songs I listen to come from first hearing them at a party, store, or on the street," Walz told 404 Media. "Years ago I had the thought that it'd be cool to Shazam 24/7 from a fixed location, and I recently learned about ShotSpotter, and thought it'd be amusing to do what they do with music instead of gunshots. Was a great weekend project."

Walz said that the phone itself is rigged to a solar panel, and that it records audio in 10-minute blocks while in airplane mode. "Then it connects to WiFi to send the file to my server, which then split it into 20-second chunks that get passed to Shazam's API. The device doesn't Shazam directly, that would use way too much power. Probably $100 of parts," he said. BopSpotter's website has a constant feed of songs it hears, as well as links to play the songs in Spotify or Apple Music. As I'm writing this, BopSpotter has picked up "Not Like Us" by Kendrick Lamar, "The Next Episode" by Dr. Dre, and "Never Gonna Give You Up" by Rick Astley (a Rick Roll already?) among dozens of songs in the last few hours. The site also has a constant feed of the device's power levels. So far in three days, it has detected 380 songs. "I thought the solar panel would be annoying but it provides 4 times more power than the phone needs," Walz said. "The hardest part was scoping out which pole to actually put it up on. I had to balance finding a busy location where lots of music could be picked up, with enough sunlight, and good connection to a public wifi network."

Walz didn't say where exactly the phone is located.

The world's tallest mountain is getting taller. Mount Everest, also known as Chomolungma, has grown about 15 to 50 meters (50 to 164 feet) higher over the past 89,000 years than expected, according to a modeling study released Monday. From a report: The culprit is a nearby river eroding and pushing down land, causing the ground under Mount Everest to rebound and lift. "It's a new additional component of uplift of Mount Everest," said Matthew Fox, study co-author and geologist at University College London. He expects this spurt of Everest and its surrounding peaks to continue for millions of years. He added "the biggest impact is probably on the climbers that have to climb another 20 meters or so to the top." The additional height may also lead to the growth of more ice at the higher elevations.

Mount Everest, part of the Himalayan mountain range, towers along the Nepal-Tibet border at around 8,850 meters (29,000 feet) high. Not only is it the tallest worldwide, it leaves its surrounding peaks in the dust -- rising around 250 meters above the next tallest mountain in the Himalayas, the 8,611-meter (28,251-foot) K2 mountain. But what could cause Everest's anomalous height compared to its neighbors? These extra meters on Mount Everest can be chalked up to a relatively rare "river capture event" from 89,000 years ago, according to the authors' computer models. During such an event, one river changes it course, interacts with another and steals its water, Fox said. In this case, the team said the Arun river network -- about 75 kilometers east of Mount Everest -- stole water from a river flowing north of Everest. Fox said the capture could have been initiated by a dramatic flood, which rerouted the water to a new drainage network. Today, the Arun River is a main tributary to the Kosi River to the south.

Vertical Bridge has acquired the rights to lease and operate over 6,000 wireless towers from Verizon for $3.3 billion as part of a 10-year agreement, with potential extensions of up to 50 years. Capacity Media reports: "Upon the completion of this transaction, these assets, together with our existing portfolio which includes thousands of young, purpose-built towers, enhance Vertical Bridge's position as a fast, friendly, and flexible colocation partner to the wireless industry," said Ron Bizick, President and CEO of Vertical Bridge. Terms of the deal provide Verizon access to additional space on the towers for future use.

The US carrier said its latest deal with Vertical Bridge supports existing efforts to drive tower-related costs. "As the nation's largest mobility provider, we are well positioned with greater financial flexibility to invest in our business, return value to our shareholders and make the nation's best network even better for customers," said Hans Vestberg, chair and CEO of Verizon. The transaction is expected to close by the end of 2024, subject to closing conditions. Earlier this month, Verizon announced a deal to acquire Frontier Communications for $9.6 billion.

An anonymous reader quotes a report from the BBC: Switzerland and Italy have redrawn part of their border in the Alps due to melting glaciers, caused by climate change. Part of the area affected will be beneath the Matterhorn, one of Europe's tallest mountains, and close to a number of popular ski resorts. Large sections of the Swiss-Italian border are determined by glacier ridgelines or areas of perpetual snow, but melting glaciers have caused these natural boundaries to shift, leading to both countries seeking to rectify the border. Switzerland officially approved the agreement on the change on Friday, but Italy is yet to do the same. This follows a draft agreement by a joint Swiss-Italian commission back in May 2023.

Statistics published last September showed that Switzerland's glaciers lost 4% of their volume in 2023, the second biggest loss ever after 2022's record melt of 6%. An annual report is issued each year by the Swiss Glacier Monitoring Network (Glamos), which attributed the record losses to consecutive very warm summers, and 2022 winter's very low snowfall. Researchers say that if these weather patterns continue, the thaw will only accelerate. On Friday, Switzerland said that the redefined borders had been drawn up in accordance with the economic interests of both parties. It is thought that clarifying the borders will help both countries determine which is responsible for the upkeep of specific natural areas.

Swiss-Italian boundaries will be changed in the region of Plateau Rosa, the Carrel refuge and Gobba di Rollin -- all are near the Matterhorn and popular ski resorts including Zermatt. The exact border changes will be implemented and the agreement published once both countries have signed it. Switzerland says that the approval process for signing the agreement is under way in Italy.

An anonymous reader quotes a report from TechCrunch: Raspberry Pi, the company that sells tiny, cheap, single-board computers, is releasing an add-on that is going to open up several use cases -- and yes, because it's 2024, there's an AI angle. Called the Raspberry Pi AI Camera, this image sensor comes with on-board AI processing and is going to cost $70. In more technical terms, the AI Camera is based on a Sony image sensor (the IMX500) paired with a RP2040, Raspberry Pi's own microcontroller chip with on-chip SRAM. Like the rest of the line-up, the RP2040 follows Raspberry Pi's overall philosophy -- it is inexpensive yet efficient. In other words, AI startups aren't going to replace their Nvidia GPUs with RP2040 chips for inference. But when you pair it with an image sensor, you get an extension module that can capture images and process those images through common neural network models. As an added benefit, on-board processing on the camera module means that the host Raspberry Pi isn't affected by visual data processing. The Raspberry Pi remains free to perform other operations -- you don't need to add a separate accelerator. The new module is compatible with all Raspberry Pi computers.

This isn't Raspberry Pi's first camera module. The company still sells the Raspberry Pi Camera Module 3, a simple 12-megapixel image sensor from Sony (IMX708) mounted on a small add-on board that you can pair with a Raspberry Pi with a ribbon cable. As Raspberry Pi promises to keep production running for many years, the Camera Module 3 will remain available for around $25. The AI Camera is the same size as the Camera Module 3 (25mm x 24mm) but slightly thicker due to the structure of the optical sensor. It comes pre-loaded with the MobileNet-SSD model, an object detection model that can run in realtime.

DirecTV has agreed to acquire struggling rival Dish Network, creating a satellite TV behemoth with nearly 20 million subscribers. The complex transaction, announced Monday, involves private equity firm TPG acquiring a majority stake in DirecTV from AT&T for $7.6 billion. DirecTV will then purchase Dish for $1 and assume its debt.

The deal provides a lifeline for Dish, which faces $2 billion in debt due November with only $500 million in available cash. EchoStar, Dish's parent company, will retain its wireless spectrum investments and operate independently. Subject to regulatory approval and creditor agreement, the merger is expected to close in late 2025. DirecTV and TPG will provide $2.5 billion to cover Dish's immediate financial needs. The deal's fate remains uncertain, as a similar 2002 merger attempt was blocked on antitrust grounds.

An anonymous reader shared this report from the Washington Post: Look at the top right corner of your phone. You might see an icon with "5G" and another with vertical bars showing the strength of your internet connection. Those symbols don't mean what you think they do.

If your phone shows "5G," you're not necessarily connected to the latest and zippiest cellphone network technology. It might just mean that 5G connections are available nearby. And the bars are a cellular version of a shrug. There is no standard measure of how much signal strength each bar represents. "The connection icon is a lie," said Avi Greengart, president of the technology analysis firm Techsponential...

The good news is you might not need 5G, anyway. Most of the time, your phone calls, texting and web surfing are perfectly fine on the prior generation of wireless technology called 4G or sometimes "LTE." Many phone networks will funnel you over 5G service when it makes a real difference, like if you're on a video call or playing an intense video game.

If you see more specific types of 5G icons, like "5G UW" used by Verizon or "5G UC" if you're on T-Mobile service, Hyers said you're probably connected to a 5G network at that moment. Those extra letters or symbols sometimes indicate types of 5G technology that are capable of faster and more reliable connections, but they aren't always better, depending on your circumstances. Confusingly, AT&T has showed "5G E" icons on phones. That is not 5G service at all.
Here's how major carriers responded to the Post's reporter:

• "AT&T said its '5G' indicators on phones line up with a telecommunications standards organization that established the icon to mean 5G networks are available."

• "Verizon didn't respond to my questions."

• "T-Mobile said for most of its cellphone network, your phone accurately reflects if you're on 5G."

The article suggests setting your phone to just automatically switch to 5G networks when high-bandwidth applications are in use...