source: securityweek.com

Dutch intelligence services are investigating Huawei for possibly spying for the Chinese government by leaving a "back door" to data of customers of major telecoms firms, a report said Thursday.

The probe, reported by De Volkskrant newspaper, comes as a series of western countries weigh the risks of allowing the Chinese telecoms giant to become involved in the new 5G mobile phone infrastructure.

Volkskrant said the AIVD refused to confirm the report.

AIVD spokesman Hilbert Bredemeijer declined to comment, saying the spy agency "does not comment on possible individual cases" when contacted by AFP.

Huawei was quoted by the newspaper as denying the report, adding: "In every country where we do business, we abide by the laws and regulations and we protect the privacy of our customers."

The story, quoting intelligence sources, said Huawei was believed to have hidden secret access to customer information of three major Dutch networks, Vodafone/Ziggo, T-Mobile /Tele2 and KPN.

It added that the AIVD was now probing whether there was a link with Chinese espionage efforts.

The report comes at a sensitive time as the cabinet of Dutch Prime Minister Mark Rutte is due shortly to decide about Huawei's involvement in the Netherlands' new 5G network.

KPN said in April that it had signed a deal with the Chinese firm to modernise its existing 4G network but that it would look to a western provider for 5G.

The Dutch debate is part of a wider battle between China and the United States over trade and global influence.

 source:  sciencedaily.com

Computer scientists at The University of Texas at Austin have taught an artificial intelligence agent how to do something that usually only humans can do -- take a few quick glimpses around and infer its whole environment, a skill necessary for the development of effective search-and-rescue robots that one day can improve the effectiveness of dangerous missions. The team, led by professor Kristen Grauman, Ph.D. candidate Santhosh Ramakrishnan and former Ph.D. candidate Dinesh Jayaraman (now at the University of California, Berkeley) published their results today in the journal Science Robotics.

Most AI agents -- computer systems that could endow robots or other machines with intelligence -- are trained for very specific tasks -- such as to recognize an object or estimate its volume -- in an environment they have experienced before, like a factory. But the agent developed by Grauman and Ramakrishnan is general purpose, gathering visual information that can then be used for a wide range of tasks.

"We want an agent that's generally equipped to enter environments and be ready for new perception tasks as they arise," Grauman said. "It behaves in a way that's versatile and able to succeed at different tasks because it has learned useful patterns about the visual world."

The scientists used deep learning, a type of machine learning inspired by the brain's neural networks, to train their agent on thousands of 360-degree images of different environments.

Now, when presented with a scene it has never seen before, the agent uses its experience to choose a few glimpses -- like a tourist standing in the middle of a cathedral taking a few snapshots in different directions -- that together add up to less than 20 percent of the full scene. What makes this system so effective is that it's not just taking pictures in random directions but, after each glimpse, choosing the next shot that it predicts will add the most new information about the whole scene. This is much like if you were in a grocery store you had never visited before, and you saw apples, you would expect to find oranges nearby, but to locate the milk, you might glance the other way. Based on glimpses, the agent infers what it would have seen if it had looked in all the other directions, reconstructing a full 360-degree image of its surroundings.

 source: msn.com - Contributed by Artemus FAN, Betsy Q.

Orbiting 22,000 miles above Earth, a fleet of American-built satellites is serving the Chinese government in ways that challenge the U.S.

Nine of these satellites have been part of efforts to connect Chinese soldiers on contested outposts in the South China Sea, strengthen police forces against social unrest and make sure state messaging penetrates far and wide, according to corporate records, stock filings and interviews with executives.

A tenth satellite, under construction by Boeing Co., would enhance China’s competitor to the U.S. Global Positioning System. Besides civilian uses, the navigation system could help China in a potential conflict, such as in guiding missiles to their targets.

U.S. law effectively prohibits American companies from exporting satellites to China, where domestic technology lags well behind America’s. But the U.S. doesn’t regulate how a satellite’s bandwidth is used once the device is in space. That has allowed China to essentially rent the capacity of U.S.-built satellites it wouldn’t be allowed to buy, a Wall Street Journal investigation found.

Tangled webs of satellite ownership and offshore firms have helped China’s government achieve its goals. Some of America’s biggest companies, including private-equity firm Carlyle Group in addition to Boeing, have indirectly facilitated China’s efforts, the Journal found.

All this appears to run counter to the U.S.’s stance of confronting China’s military buildup and condemning what international watchdog groups describe as widespread human-rights abuses by China’s police. That includes in far-flung territories, where the satellites help the government beam communications. Current and former U.S. officials who reviewed the Journal’s findings called the satellite deals worrisome examples of China using U.S. commercial technology for strategic gain.

“It’s a serious ethical and moral problem as well as a national-security issue,” said Larry Wortzel, a former chairman of the bipartisan U.S.-China Economic and Security Review Commission, a group that advises Congress.

 source: nakedsecurity.sophos.com

If the security of Internet of Things (IoT) devices is one of tech’s big worries, how might this be turned around?

In the UK, the Government just published new details of its surprising and unfashionable answer – a sticky label.

Called ‘Secure by Design’ since first being mooted in 2018, this won’t simply be a nice to have sticker. In time it could become a legal requirement to display it on anything sold with IoT features, such as internet TVs, home security cameras, IoT toys, and home appliances.

Right now, the legal bit remains an aspiration subject to further consultation, but legislation appears to be on the cards at some point, perhaps by next year.

Rather than get mired in complicated security concepts, Secure by Design cleverly zeros in on three fundamental problems that bedevil IoT devices and device security in general.

“IoT device passwords must be unique and not resettable to any universal factory setting.”

The industry has been getting better at avoiding this pitfall in recent years (witness the way broadband routers now ship with unique admin and Wi-Fi passwords) but a lot of mass-market IoT gadgets still ignore this simple principle.

“Manufacturers of IoT products provide a public point of contact as part of a vulnerability disclosure policy.”

A simple and radical suggestion – if you make something there should be a way for researchers to tell you that something’s broken in it that needs fixing. There’s plenty of anecdotal evidence that some mass-market manufacturers at least, are completely oblivious to this concept.