Earlier this month, the entire Optus mobile network went offline nationwide following a "routine software upgrade." According to Reuters, "More than 10 million Australians were hit by the 12-hour network blackout [...], triggering fury and frustration among customers and raising wider concerns about the telecommunications infrastructure." Now, according to the Australian Broadcasting Corporation, Optus CEO Kelly Bayer Rosmarin has resigned in the wake of the outage. From the report: She said it "had been an honour to serve" but that "now was an appropriate time to step down." During Friday's Senate hearing into the outage, Ms Bayer Rosmarin rebuffed suggestions she was under pressure to step down. "On Friday, I had the opportunity to appear before the Senate to expand on the cause of the network outage and how Optus recovered and responded," she said in a statement on Monday. "I was also able to communicate Optus's commitment to restore trust and continue to serve customers. Having now had time for some personal reflection, I have come to the decision that my resignation is in the best interest of Optus moving forward."

Ms Bayer Rosmarin will be replaced in the interim by chief financial officer Michael Venter. Yuen Kuan Moon, the chief executive of Optus's Singaporean parent company Singtel Group, said the company understood her decision to resign. Mr Yuen said Singtel recognised "the need for Optus to regain customer trust and confidence as the team works through the impact and consequences of the recent outage and continues to improve." He said Optus's priority was about "setting on a path of renewal for the benefit of the community and customers." Singtel said Optus had also created a new chief operating officer position, which would be carried out by former Optus Business Managing Director Peter Kaliaropoulos.

"The Chinese government has built up the world's largest known online disinformation operation," reports CNN, "and is using it to harass US residents, politicians, and businesses."

CNN reports that disinformation operation is even "at times threatening its targets with violence, a CNN review of court documents and public disclosures by social media companies has found." The onslaught of attacks — often of a vile and deeply personal nature — is part of a well-organized, increasingly brazen Chinese government intimidation campaign targeting people in the United States, documents show. The U.S. State Department says the tactics are part of a broader multi-billion-dollar effort to shape the world's information environment and silence critics of Beijing that has expanded under President Xi Jinping... Victims face a barrage of tens of thousands of social media posts that call them traitors, dogs, and racist and homophobic slurs.

They say it's all part of an effort to drive them into a state of constant fear and paranoia. Often, these victims don't know where to turn. Some have spoken to law enforcement, including the FBI — but little has been done. While tech and social media companies have shut down thousands of accounts targeting these victims, they're outpaced by a slew of new accounts emerging virtually every day. Known as "Spamouflage" or "Dragonbridge," the network's hundreds of thousands of accounts spread across every major social media platform have not only harassed Americans who have criticized the Chinese Communist Party, but have also sought to discredit U.S. politicians, disparage American companies at odds with China's interests and hijack online conversations around the globe that could portray the CCP in a negative light.
Some numbers from the article:

• Meta "announced in August it had taken down a cluster of nearly 8,000 accounts attributed to this group in the second quarter of 2023 alone."

• YouTube owner Google "told CNN it had shut down more than 100,000 associated accounts in recent years."

• X "has blocked hundreds of thousands of China 'state-backed' or "state-linked" accounts, according to company blogs."

An anonymous reader quotes a report from SecurityWeek: Moving to clamp down on the growing scourge of SIM-swapping and port-out fraud, the Federal Communications Commission (FCC) has unveiled new rules mandating telcos to give consumers greater control of their mobile phone accounts. Under the new rules, wireless carriers are required to notify customers of any SIM transfer requests, a measure designed to thwart fraudulent attempts by cybercriminals. The FCC has also revised its customer proprietary network information and local number portability rules, making it more challenging for scammers to access sensitive subscriber information.

The new protective measures (PDF) are meant to address SIM-swapping and port-out attacks widely documented in cybercriminal attacks against businesses and consumers. The attack technique is used to hijack mobile accounts, change and steal passwords, bypass MFA roadblocks and raid bank accounts. Studies have found that major mobile carriers in the US are vulnerable to SIM-swapping with the Federal Bureau of Investigation (FBI) receiving thousands of consumer complaints every year.

The technology has become the standard LAN worldwide. From a report: Ethernet became commercially available in 1980 and quickly grew into the industry LAN standard. To provide computer companies with a framework for the technology, in June 1983 Ethernet was adopted as a standard by the IEEE 802 Local Area Network Standards Committee. Currently, the IEEE 802 family consists of 67 published standards, with 49 projects under development. The committee works with standards agencies worldwide to publish certain IEEE 802 standards as international guidelines.

A plaque recognizing the technology is displayed outside the PARC facility. It reads: "Ethernet wired LAN was invented at Xerox Palo Alto Research Center (PARC) in 1973, inspired by the ALOHAnet packet radio network and the ARPANET. In 1980 Xerox, DEC, and Intel published a specification for 10 Mbps Ethernet over coaxial cable that became the IEEE 802.3-1985 Standard. Later augmented for higher speeds, and twisted-pair, optical, and wireless media, Ethernet became ubiquitous in home, commercial, industrial, and academic settings worldwide."

One of the world's most active ransomware groups has taken an unusual -- if not unprecedented -- tactic to pressure one of its victims to pay up: reporting the victim to the US Securities and Exchange Commission. From a report: The pressure tactic came to light in a post published on Wednesday on the dark web site run by AlphV, a ransomware crime syndicate that's been in operation for two years. After first claiming to have breached the network of the publicly traded digital lending company MeridianLink, AlphV officials posted a screenshot of a complaint it said it filed with the SEC through the agency's website. Under a recently adopted rule that goes into effect next month, publicly traded companies must file an SEC disclosure within four days of learning of a security incident that had a "material" impact on their business.

"We want to bring to your attention a concerning issue regarding MeridianLink's compliance with the recently adopted cybersecurity incident disclosure rules," AlphV officials wrote in the complaint. "It has come to our attention that MeridianLink, in light of a significant breach compromising customer data and operational information, has failed to file the requisite disclosure under item 1.05 of form 8-K within the stipulated four business days, as mandated by the new SEC rules." The violation category selected in the online report was "Material misstatement or omission in a company's filings or financial statements or a failure to file."

An anonymous reader quotes a report from The Verge: The Federal Communications Commission has approved (PDF) a new set of rules aiming to prevent "digital discrimination." It means the agency can hold telecom companies accountable for digitally discriminating against customers -- or giving certain communities poorer service (or none at all) based on income level, race, or religion. The new rules come as part of the Biden Administration's 2021 Bipartisan Infrastructure Law, which requires the FCC to develop and adopt anti-digital discrimination rules. "Many of the communities that lack adequate access to broadband today are the same areas that suffer from longstanding patterns of residential segregation and economic disadvantage," FCC Chairwoman Jessica Rosenworcel said following today's vote. "It shows that minority status and income correlate with broadband access."

Under the new rules, the FCC can fine telecom companies for not providing equal connectivity to different communities "without adequate justification," such as financial or technical challenges of building out service in a particular area. The rules are specifically designed to address correlations between household income, race, and internet speed. Last year, a joint report from The Markup and the Associated Press found that AT&T, Verizon, and other internet service providers offer different speeds depending on the neighborhood in cities throughout the US. The report revealed neighborhoods with lower incomes and fewer white people get stuck with slower internet while still having to pay the same price as those with faster speeds. At the time, USTelecom, an organization that represents major telecom providers, blamed the higher price on having to maintain older equipment in certain communities.

The FCC was nearly divided on the new set of rules, as it passed with a 3-2 vote. Critics of the new policy argue the rules are an overextension of the FCC's power. Jonathan Spalter, the CEO of USTelecom, says the FCC is "taking overly intrusive, unworkably vague, and ultimately harmful steps in the wrong direction." Spalter adds the framework "is counter" to Congress' goal of giving customers equal access to the internet. Still, supporters of the new rules believe they can go a long way toward improving fractured broadband coverage throughout the US. The FCC will also establish an "improved" customer portal, where the agency will field and review complaints about digital discrimination. It will take things like broadband deployment, network upgrades, and maintenance across communities into account when evaluating providers for potential rule violations, giving it the authority to hopefully finally address the disparities in internet access throughout the US.

Huawei and China Mobile have built a 3,000 kilometer (1,860-mile) internet network linking Beijing to the south, which the country is touting as its latest technological breakthrough. From a report: The two firms teamed up with Tsinghua University and research provider Cernet.com to build what they claim is the world's first internet network to achieve a "stable and reliable" bandwidth of 1.2 terabits per second, several times faster than typical speeds around the world. Trials began July 31 and it's since passed various tests verifying that milestone, the university said in a statement.

Tsinghua, Chinese President Xi Jinping's alma mater, is plugging the project as an industry-first built entirely on homegrown technology, and credits Huawei prominently in its statement. The Chinese firm in August made waves when it released a 5G smartphone with a sophisticated made-in-China processor, inspiring celebration in Chinese state and social media. That event also spurred debate in Washington about whether the Biden administration has gone far enough in attempts to contain Chinese technological achievement.

Programmer and writer James Somers, writing for New Yorker: Yes, our jobs as programmers involve many things besides literally writing code, such as coaching junior hires and designing systems at a high level. But coding has always been the root of it. Throughout my career, I have been interviewed and selected precisely for my ability to solve fiddly little programming puzzles. Suddenly, this ability was less important.

I had gathered as much from Ben (friend of the author), who kept telling me about the spectacular successes he'd been having with GPT-4. It turned out that it was not only good at the fiddly stuff but also had the qualities of a senior engineer: from a deep well of knowledge, it could suggest ways of approaching a problem. For one project, Ben had wired a small speaker and a red L.E.D. light bulb into the frame of a portrait of King Charles, the light standing in for the gem in his crown; the idea was that when you entered a message on an accompanying Web site the speaker would play a tune and the light would flash out the message in Morse code. (This was a gift for an eccentric British expat.) Programming the device to fetch new messages eluded Ben; it seemed to require specialized knowledge not just of the microcontroller he was using but of Firebase, the back-end server technology that stored the messages. Ben asked me for advice, and I mumbled a few possibilities; in truth, I wasn't sure that what he wanted would be possible. Then he asked GPT-4. It told Ben that Firebase had a capability that would make the project much simpler. Here it was -- and here was some code to use that would be compatible with the microcontroller.

Afraid to use GPT-4 myself -- and feeling somewhat unclean about the prospect of paying OpenAI twenty dollars a month for it -- I nonetheless started probing its capabilities, via Ben. We'd sit down to work on our crossword project, and I'd say, "Why don't you try prompting it this way?" He'd offer me the keyboard. "No, you drive," I'd say. Together, we developed a sense of what the A.I. could do. Ben, who had more experience with it than I did, seemed able to get more out of it in a stroke. As he later put it, his own neural network had begun to align with GPT-4's. I would have said that he had achieved mechanical sympathy. Once, in a feat I found particularly astonishing, he had the A.I. build him a Snake game, like the one on old Nokia phones. But then, after a brief exchange with GPT-4, he got it to modify the game so that when you lost it would show you how far you strayed from the most efficient route. It took the bot about ten seconds to achieve this. It was a task that, frankly, I was not sure I could do myself.

In chess, which for decades now has been dominated by A.I., a player's only hope is pairing up with a bot. Such half-human, half-A.I. teams, known as centaurs, might still be able to beat the best humans and the best A.I. engines working alone. Programming has not yet gone the way of chess. But the centaurs have arrived. GPT-4 on its own is, for the moment, a worse programmer than I am. Ben is much worse. But Ben plus GPT-4 is a dangerous thing.

India's capital, New Delhi, is preparing a new weapon in the fight against deadly air pollution: cloud seeding. From a report: The experiment, which could take place as early as next week, would introduce chemicals like silver iodide into a cloudy sky to create rain and, it's hoped, wash away the fine particulate matter hovering over one of the world's largest cities. The need is desperate. Delhi has already tried traffic restriction measures, multimillion-dollar air filtration towers, and the use of fleets of water-spraying trucks to dissolve the particulate matter in the air -- but to no avail.

The use of cloud seeding, if it goes ahead, would be controversial. "It's not at all a good use of resources because it's not a solution, it's like a temporary relief," says Avikal Somvanshi, a researcher at the Center for Science and Environment in New Delhi. Environmentalists and scientists worry that most of the government's response is focused on mitigating the pollution rather than trying to cut off its source. "There is just no political intent to solve this, that is one of the biggest problems," says Bhavreen Kandhari, an activist and cofounder of Warrior Moms, a network of mothers demanding clean air.

[...] Now, Delhi officials are seeking permission from federal agencies in India to try cloud seeding. The technique involves flying an aircraft to spray clouds with salts like silver or potassium iodide or solid carbon dioxide, also known as dry ice, to induce precipitation. The chemical molecules attach to moisture already in the clouds to form bigger droplets that then fall as rain. China has used artificial rain to tackle air pollution in the past -- but for cloud seeding to work properly, you need significant cloud cover with reasonable moisture content, which Delhi generally lacks during the winter. If weather conditions are favorable, scientists leading the project at the Indian Institute of Technology in Kanpur plan to carry out cloud seeding around November 20.

In research published in Science today, Google DeepMind's model, GraphCast, was able to predict weather conditions up to 10 days in advance, more accurately and much faster than the current gold standard. From a report: GraphCast outperformed the model from the European Centre for Medium-Range Weather Forecasts (ECMWF) in more than 90% of over 1,300 test areas. And on predictions for Earth's troposphere -- the lowest part of the atmosphere, where most weather happens -- GraphCast outperformed the ECMWF's model on more than 99% of weather variables, such as rain and air temperature. Crucially, GraphCast can also offer meteorologists accurate warnings, much earlier than standard models, of conditions such as extreme temperatures and the paths of cyclones. In September, GraphCast accurately predicted that Hurricane Lee would make landfall in Nova Scotia nine days in advance, says Remi Lam, a staff research scientist at Google DeepMind. Traditional weather forecasting models pinpointed the hurricane to Nova Scotia only six days in advance.

[...] Traditionally, meteorologists use massive computer simulations to make weather predictions. They are very energy intensive and time consuming to run, because the simulations take into account many physics-based equations and different weather variables such as temperature, precipitation, pressure, wind, humidity, and cloudiness, one by one. GraphCast uses machine learning to do these calculations in under a minute. Instead of using the physics-based equations, it bases its predictions on four decades of historical weather data. GraphCast uses graph neural networks, which map Earth's surface into more than a million grid points. At each grid point, the model predicts the temperature, wind speed and direction, and mean sea-level pressure, as well as other conditions like humidity. The neural network is then able to find patterns and draw conclusions about what will happen next for each of these data points.

According to Reuters, banks on the payment app Zelle have begun refunding victims of imposter scams to address consumer protection concerns raised by U.S. lawmakers and the federal consumer watchdog. From the report: The 2,100 financial firms on Zelle, a peer-to-peer network owned by seven banks including JPMorgan Chase and Bank of America, began reversing transfers as of June 30 for customers duped into sending money to scammers claiming to be from a government agency, bank or existing service provider, said Early Warning Services (EWS), the banks' company that owns Zelle. That's "well above existing legal and regulatory requirements," Ben Chance, chief fraud risk officer at EWS, told Reuters.

Federal rules require banks to reimburse customers for payments made without their authorization, such as by hackers, but not when customers themselves make the transfer. While Zelle disclosed Aug. 30 that it had introduced a new reimbursement benefit for "specific scam types," it has not previously provided details on its new imposter scam refund policy due to worries doing so might encourage criminals to make false scam claims, a spokesperson said. The new policy marks a major shift from last year when bankers, including JPMorgan CEO Jamie Dimon, told lawmakers worried about rising scams that it was unreasonable to require banks to refund transfers that customers were tricked into approving.

Australian telecoms provider Optus said on Monday that a massive outage which effectively cut off 40% of the country's population and triggered a political firestorm was caused by "changes to routing information" after a "routine software upgrade." From a report: More than 10 million Australians were hit by the 12-hour network blackout at the Singapore Telecommunications-owned telco on Nov. 8, triggering fury and frustration among customers and raising wider concerns about the telecommunications infrastructure.

Optus said in a statement that an initial investigation found the company's network was affected by "changes to routing information from an international peering network" early that morning, "following a routine software upgrade." It added: "These routing information changes propagated through multiple layers in our network and exceeded preset safety levels on key routers which could not handle these. This resulted in those routers disconnecting from the Optus IP Core network to protect themselves." The project to reconnect the routers was so large that "in some cases (it) required Optus to reconnect or reboot routers physically, requiring the dispatch of people across a number of sites in Australia", it added.

Around 40% of goods entering and leaving Australia are managed by a single ports operator. But from Friday to Monday morning, they were suffering from a cyberattack that had "crippled" their facilities in Melbourne, Sydney, Brisbane and Perth, reports the BBC: The outage has not affected the supply of goods to major Australian supermarkets, the BBC understands. DP World Australia, a unit of the Dubai state-owned DP World, said its ports resumed operations at 9am local time "following successful tests of key systems overnight". It added "The company expects that approximately 5,000 containers will move out of the four Australian terminals today...."

DP World said it halted internet connectivity at its ports on Friday to prevent "any ongoing unauthorised access" to its network. Going offline meant trucks had been unable to transport containers in and out of the affected sites. The resumption of service on Monday is the first step towards tackling the attack on its network. DP World said it was still in the process of investigating the disruption and guarding its systems against cyber attacks.

SysAid's system management software has "a vulnerability actively being exploited to deploy Clop ransomware," according to SiliconAngle: The warning came from Microsoft Corp.'s Threat Intelligence team, which wrote on X that it had discovered the exploitation of a zero-day vulnerability in SysAid's IT support software that's being exploited by the Lace Tempest ransomware gang.

Lace Tempest first emerged earlier this year from its attacks involving the MOVEit Transfer and GoAnywhere MFT. This group has been characterized by its sophisticated attack methods, often exploiting zero-day vulnerabilities to infiltrate organizations' systems to deploy ransomware and exfiltrate sensitive data...

In a blog post, SysAid said that the vulnerability, tracked as CVE-2023-47246, was first discovered on Novembers 2 and is a path traversal vulnerability leading to code execution within the SysAid on-prem software... "Given the scale and impact of the MOVEit breach, which was considered one of the largest in recent history, the potential for the SysAid vulnerability to reach similar levels of disruption is not inconceivable, though several factors would influence this outcome," Craig Jones, vice president of security operations at managed detection and response provider Ontinue Inc., told SiliconANGLE. "The MOVEit breach, exploited by the Clop ransomware group, impacted over 1,000 organizations and more than 60 million individuals," Jones explained. "Comparatively, SysAid claims more than 5,000 customers across various industries globally. The potential damage from the SysAid vulnerability would depend on factors such as how widespread the exploitation is, how quickly the patch is applied and the sensitivity of the accessed data."
SysAid's blog post confirms the zero-day vulnerability, and says they've begun "proactively communicating with our on-premise customers to ensure they could implement a mitigation solution we had identified..."

"We urge all customers with SysAid on-prem server installations to ensure that your SysAid systems are updated to version 23.3.36, which remediates the identified vulnerability, and conduct a comprehensive compromise assessment of your network..." The attacker uploaded a WAR archive containing a WebShell and other payloads into the webroot of the SysAid Tomcat web service [which] provided the attacker with unauthorized access and control over the affected system.Subsequently, the attacker utilized a PowerShell script, deployed through the WebShell, to execute a malware loader named user.exe on the compromised host, which was used to load the GraceWire trojan...

After this initial access and the deployment of the malware, the attacker utilized a second PowerShell script to erase evidence associated with the attacker's actions from the disk and the SysAid on-prem server web logs... Given the severity of the threat posed, we strongly recommend taking immediate steps according to your incident response playbook and install any patches as they become available.

An anonymous reader quotes a report from The Record: One of the nation's largest private radiology companies agreed to pay a $450,000 fine after a 2021 ransomware attack led to the exposure of sensitive information from nearly 200,000 patients. In an agreement announced on Wednesday, New York Attorney General Letitia James said US Radiology failed to remediate a vulnerability announced by security company SonicWall in January 2021. US Radiology used the company's firewall to protect its network and provide managed services for many of its partner companies, including the Windsong Radiology Group, which has six facilities across Western New York.

The vulnerability highlighted by the attorney general -- CVE-2021-20016 -- was used by ransomware gangs in several attacks. US Radiology was unable to install the firmware patch for the zero-day because its SonicWall hardware was at an end-of-life stage and was no longer supported. The company planned to replace the hardware in July 2021, but the project was delayed "due to competing priorities and resource restraints." The vulnerability was never addressed, and the company was attacked by an unnamed ransomware gang on December 8, 2021.

An investigation determined that the hacker was able to gain access to files that included the names, dates of birth, patient IDs, dates of service, provider names, types of radiology exams, diagnoses and/or health insurance ID numbers of 198,260 patients. The data exposed during the incident also included driver's license numbers, passport numbers, and Social Security numbers for 82,478 New Yorkers. [...] In addition to the $450,000 penalty, the company will have to upgrade its IT network, hire someone to manage its data security program, encrypt all sensitive patient information and develop a penetration testing program. The company will have to delete patient data "when there is no reasonable business purpose to retain it" and submit compliance reports to the state for two years. "When patients visit a medical facility, they deserve confidence in knowing that their personal information will not be compromised when they are receiving care," said Attorney General James. "US Radiology failed to protect New Yorkers' data and was vulnerable to attack because of outdated equipment. In the face of increasing cyberattacks and more sophisticated scams to steal private data, I urge all companies to make necessary upgrades and security fixes to their computer hardware and systems."

A partnership between Qualcomm and Iridium to bring satellite connectivity to Android phones has fallen apart, almost a year after the deal was announced. From a report: In January, the two companies debuted the Snapdragon Satellite platform, a way to bring satellite-based SMS and emergency messaging to high-end smartphones. But on Thursday, Iridium said Qualcomm will cancel the partnership, effective Dec. 3. "The companies successfully developed and demonstrated the technology; however, notwithstanding this technical success, smartphone manufacturers have not included the technology in their devices," Iridium said in the announcement. "Due to this, on November 3, 2023, Qualcomm notified Iridium that it has elected to terminate the agreements."

Qualcomm didn't immediately respond to a request for comment. But the statement from Iridium suggests the Snapdragon Satellite platform suffered from technical issues, or perhaps failed to attract interest from smartphone vendors. Back in January, the companies also indicated that the Snapdragon Satellite platform would require supported phones to be manufactured with modems that could communicate with the Iridum network's L-Band radio frequencies.

Michael Kan reports via PCMag: Encrypted messaging service Signal is now testing usernames, which will offer people a more private way to share their contact details on the app. Signal kicked off the public test today through a new beta build available in its community forums. "After rounds of internal testing, we have hit the point where we think the community that powers these forums can help us test even further before public launch," says Signal VP of Engineering Jim O'Leary.

The development is a big deal since Signal -- an end-to-end encrypted messaging app -- has long required users to sign up with a phone number. That same number also needs to be shared in order to message other users on the app. This can be problematic since sharing your phone number exposes you to privacy and hacking risks. For example, a contact on Signal could choose to call and message your number over an unencrypted cellular network or pass off the number to someone else.

Long-time Slashdot reader RobHart writes: During the night, the entire Optus mobile network went down and remains down. This is the second largest mobile network in Australia and it is the first time a network has gone down nationwide. It is affecting the trains in Melbourne and any business across Australia that uses the Optus service for phones or data. "Optus is aware of an issue that may be impacting some of our mobile and internet customers," the company wrote in a statement. "We are currently working to identify the cause and apologize for any inconvenience. In case of an emergency customers can still call triple zero."

Authorities are checking whether the outage is the result of a cyberattack, although they don't believe it is.

In an attempt to boost broadband competition, Canada's telecom regulator is forcing large phone companies to open their fiber networks to competitors. Smaller companies will be allowed to buy network capacity and use it to offer competing broadband plans to consumers. From a report: Evidence received during a comment period "shows that competition in the Internet services market is declining," the Canadian Radio-television and Telecommunications Commission (CRTC) said in its announcement. The CRTC said the "decrease is most significant in Ontario and Quebec, where independent competitors now serve 47 percent fewer customers than they did just two years ago. At the same time, several competitors have been bought out by larger Internet providers. This has left many Canadians with fewer options for high-speed Internet services."

The CRTC hasn't made a final decision on fiber resale. But in the meantime, until a more permanent ruling is made, large telcos in Ontario and Quebec will be "required to provide competitors with access to their fibre-to-the-home networks within six months," the CRTC said. The six-month period is intended to give companies time to prepare their networks and develop information technology and billing systems, the agency said. "On a temporary and expedited basis, the CRTC is providing competitors with a workable way to sell Internet services using the fibre-to-the-home networks of large telephone companies in Ontario and Quebec, where competition has declined most significantly," the agency said. "The CRTC is also setting the interim rates that competitors will pay when selling services over these fibre-to-the-home networks. These rates were chosen to allow Canada's large Internet companies to continue investing in their networks to deliver high-quality services to Canadians."

An anonymous reader quotes a report from the New York Times: Later this month, delegations from around the world will head to a conference in Dubai to discuss international treaties involving radio frequencies, satellite coordination and other tricky technical issues. These include the nagging problem of the clocks. For 50 years, the international community has carefully and precariously balanced two different ways of keeping time. One method, based on Earth's rotation, is as old as human timekeeping itself, an ancient and common-sense reliance on the position of the sun and stars. The other, more precise method coaxes a steady, reliable frequency from the changing state of cesium atoms and provides essential regularity for the digital devices that dominate our lives.

The trouble is that the times on these clocks diverge. The astronomical time, called Universal Time, or UT1, has tended to fall a few clicks behind the atomic one, called International Atomic Time, or TAI. So every few years since 1972, the two times have been synced by the insertion of leap seconds — pausing the atomic clocks briefly to let the astronomic one catch up. This creates UTC, Universal Coordinated Time. But it's hard to forecast precisely when the leap second will be required, and this has created an intensifying headache for technology companies, countries and the world's timekeepers.

"Having to deal with leap seconds drives me crazy," said Judah Levine, head of the Network Synchronization Project in the Time and Frequency Division at the National Institute of Standards and Technology in Boulder, Colo., where he is a leading thinker on coordinating the world's clocks. He is constantly badgered for updates and better solutions, he said: "I get a bazillion emails." On the eve of the next international discussion, Dr. Levine has written a paper that proposes a new solution: the leap minute. The idea is to sync the clocks less frequently, perhaps every half-century, essentially letting atomic time diverge from cosmos-based time for 60 seconds or even a tad longer, and basically forgetting about it in the meantime. The proposal from Levine may face opposition from vested interests and strong opinions in the international community -- notably, the Russians and the Vatican. "The head of the IBWM (or BIPM in French) said in November 2022 that Russia opposed the dropping of leap seconds because it wanted to wait until 2040," reports Ars Technica. "The nation's satellite positioning system, GLONASS, was built with leap seconds in mind, and reworking the system would seemingly be taxing."

"There's also the Vatican, which has concerned itself with astronomy since at least the Gregorian Calendar, and may also oppose the removal of leap seconds. The Rev. Paul Gabor, astrophysicist and vice director of the Vatican Observatory Research Group in Tucson, Arizona, has been quoted and cited as opposing the deeper separation of human and planetary time. Keeping proper time, Gabor wrote his 2017 book The Science of Time, is 'one of the oldest missions of astronomy.'"

"In the current Leap Second Debate, there are rational arguments, focused on practical considerations, and there is a certain unspoken unease, emerging from the symbolic substrata of the issues involved," Gabor writes.