Longtime Slashdot reader tlhIngan writes: In what is perhaps the greatest irony ever, the operators of RedNote (known as Xiaohongshu) have decided to "wall off" US TikTok refugees fleeing to its service as the TikTok ban looms. The reason? The Chinese Communist Party (CCP) wants to prevent American influence from spreading to Chinese citizens. The ban is expected to be in place next week, while many believe that the influx of Americans to be temporary and just a reaction to the TikTok ban to move to another Chinese app. Many Chinese users are not happy with the influx as having "ruined" their ability to connect with "Chinese culture, Chinese values and Chinese news."

The U.S. Department of the Treasury's OFAC has sanctioned Yin Kecheng and Sichuan Juxinhe Network Technology Co. for their roles in a recent Treasury breach and espionage operations targeting U.S. telecommunications. BleepingComputer reports: "Yin Kecheng has been a cyber actor for over a decade and is affiliated with the People's Republic of China Ministry of State Security (MSS)," reads the Treasury's announcement. "Yin Kecheng was associated with the recent compromise of the Department of the Treasury's Departmental Offices network," says the agency.

OFAC also announced sanctions against Sichuan Juxinhe Network Technology Co., a Chinese cybersecurity firm believed to be directly involved with the Salt Typhoon state hacker group. Salt Typhoon was recently linked to several breaches on major U.S. telecommunications and internet service providers to spy on confidential communications of high-profile targets. "Sichuan Juxinhe Network Technology Co., LTD. (Sichuan Juxinhe) had direct involvement in the exploitation of these U.S. telecommunication and internet service provider companies," the U.S. Treasury explains, adding that "the MSS has maintained strong ties with multiple computer network exploitation companies, including Sichuan Juxinhe." [...]

The sanctions imposed on Kecheng and the Chinese cybersecurity firm under Executive Order (E.O.) 13694 block all property and financial assets located in the United States or are in the possession of U.S. entities, including banks, businesses, and individuals. Additionally, U.S. entities are prohibited from conducting any transactions with the sanctioned entities without OFAC's explicit authorization. It's worth noting that these sanctions come after OFAC sanctioned Beijing-based cybersecurity company Integrity Tech for its involvement in cyberattacks attributed to the Chinese state-sponsored Flax Typhoon hacking group. U.S. Treasury's announcement reiterates that the U.S. Department of State offers, through its Rewards for Justice program, up to $10,000,000 for information leading to uncovering the identity of hackers who have targeted the U.S. government or critical infrastructure in the country.

An anonymous reader quotes a report from the New York Times: A Russian organization linked to the Kremlin's covert influence campaigns posted more than 8,000 political advertisements on Facebook despite European and American restrictions barring companies from doing business with the organization, according to three organizations that track disinformation online. The Russian group, the Social Design Agency, evaded lax enforcement by Facebook to place an estimated $338,000 worth of ads aimed at European users over a period of 15 months that ended in October, even though the platform itself highlighted the threat, the three organizations said in a report released on Friday.

The Social Design Agency has faced punitive sanctions in the European Union since 2023 and in the United States since April for spreading propaganda and disinformation to unsuspecting users on social media. The ad campaigns on Facebook raise "critical questions about the platform's compliance" with American and European laws, the report said. [...] The Social Design Agency is a public relations company in Moscow that, according to American and European officials, operates a sophisticated influence operation known as Doppelganger. Since 2022, Doppelganger has created cartoon memes and online clones of real news sites, like Le Monde and The Washington Post, to spread propaganda and disinformation, often about the war in Ukraine.

[...] The organizations documenting the campaign -- Check First, a Finnish research company, along with Reset.Tech in London and AI Forensics in Paris -- focused on efforts to sway Facebook users in France, Germany, Poland and Italy. Doppelganger has been also linked to influence operations in the United States, Israel and other countries, but those are not included in the report's findings. [...] The researchers estimated that the ads resulted in more than 123,000 clicks by users and netted Meta at least $338,000 in the European Union alone. The researchers acknowledged that the figures provide only one, incomplete example of the Russian agency's efforts. In addition to propagating Russia's views on Ukraine, the agency posted ads in response to major news events, including theHamas attack on Israel on Oct. 7, 2023, and a terrorist attack in a Moscow suburb last March that killed 145 people. The ads would often appear within 48 hours, trying to shape public perceptions of events. After the Oct. 7 attacks, the ads pushed false claims that Ukraine sold weapons to Hamas. The ads reached more than 237,000 accounts over two to three days, "underscoring the operation's capacity to weaponize current events in support of geopolitical narratives," the researcher's report said.

Microsoft's $13 billion investment in OpenAI raises concerns that the tech giant could extend its dominance in cloud computing into the nascent AI market, the Federal Trade Commission said in a report released Friday. From a report: The commission said Microsoft's deal with OpenAI, as well as Amazon and Google's partnerships with AI company Anthropic, raise the risk that AI developers could be "fully acquired" by the tech giants in the future.

"The FTC's report sheds light on how partnerships by big tech firms can create lock-in, deprive start-ups of key AI inputs, and reveal sensitive information that can undermine fair competition," FTC Chair Lina Khan said in a statement. The FTC has the power to open market studies to glean more information about industry trends. The findings can be used to inform future actions. It's unclear what the agency's new leadership under the Trump administration will do with the report.

Tech news and research site SemiAccurate is reporting that an unidentified company is seeking to acquire Intel in its entirety. The publication -- citing a confidential email that it reviewed and a subsequent confirmation from a second source -- said the prospective buyer has not publicly disclosed its interest but has sufficient resources to purchase Intel at current valuations (about $85 billion).

Indonesia plans to issue a regulation to set a minimum age for users of social media, a move aimed at protecting children, its communications minister has said. From a report: The plans follows Australia's decision to ban children under 16 from accessing social media, with fines for tech giants from Instagram and Facebook owner Meta to TikTok if they failed to prevent children accessing their platforms. Minister Meutya Hafid did not say what the minimum age would be in Indonesia. Her remarks, made late on Jan 13, came after she discussed the plan with President Prabowo Subianto.

The FTC announced Thursday that it's banned General Motors and its subsidiary OnStar from selling customer geolocation and driving behavior data for five years. The Verge reports: The settlement comes after a New York Times investigation found that GM had been collecting micro-details about its customers' driving habits, including acceleration, braking, and trip length -- and then selling it to insurance companies and third-party data brokers like LexisNexis and Verisk. Clueless vehicle owners were then left wondering why their insurance premiums were going up.

FTC accused GM of using a "misleading enrollment process" to get vehicle owners to sign up for its OnStar connected vehicle service and Smart Driver feature. The automaker failed to disclose to customers that it was collecting their data, nor did GM seek out their consent to sell it to third parties. After the Times exposed the practice, GM said it was discontinuing its OnStar Smart Driver program. The settlement also requires GM to obtain consent from customers before collecting their driving behavior data, and allow them to request and delete their data if they choose.

According to Axios, Google has told the EU it will not add fact checks to search results and YouTube videos or use them in ranking or removing content, despite the requirements of a new EU law. From the report: In a letter written to Renate Nikolay, the deputy director general under the content and technology arm at the European Commission, Google's global affairs president Kent Walker said the fact-checking integration required by the Commission's new Disinformation Code of Practice "simply isn't appropriate or effective for our services" and said Google won't commit to it. The code would require Google to incorporate fact-check results alongside Google's search results and YouTube videos. It would also force Google to build fact-checking into its ranking systems and algorithms.

Walker said Google's current approach to content moderation works and pointed to successful content moderation during last year's "unprecedented cycle of global elections" as proof. He said a new feature added to YouTube last year that enables some users to add contextual notes to videos "has significant potential." (That program is similar to X's Community Notes feature, as well as new program announced by Meta last week.)

The EU's Code of Practice on Disinformation, introduced in 2022, includes several voluntary commitments that tech firms and private companies, including fact-checking organizations, are expected to deliver on. The Code, originally created in 2018, predates the EU's new content moderation law, the Digital Services Act (DSA), which went into effect in 2022.

The Commission has held private discussions over the past year with tech companies, urging them to convert the voluntary measures into an official code of conduct under the DSA. Walker said in his letter Thursday that Google had already told the Commission that it didn't plan to comply. Google will "pull out of all fact-checking commitments in the Code before it becomes a DSA Code of Conduct," he wrote. He said Google will continue to invest in improvements to its current content moderation practices, which focus on providing people with more information about their search results through features like Synth ID watermarking and AI disclosures on YouTube.

Ars Technica's Jon Brodkin reports: AT&T has stopped offering its 5G home Internet service in New York instead of complying with a new state law that requires ISPs to offer $15 or $20 plans to people with low incomes. New York started enforcing its Affordable Broadband Act yesterday after a legal battle of nearly four years. [...] The law requires ISPs with over 20,000 customers in New York to offer $15 broadband plans with download speeds of at least 25Mbps, or $20-per-month service with 200Mbps speeds. The plans only have to be offered to households that meet income eligibility requirements, such as qualifying for the National School Lunch Program, Supplemental Nutrition Assistance Program, or Medicaid. [...]

Ending home Internet service in New York is relatively simple for AT&T because it is outside the 21-state wireline territory in which the telco offers fiber and DSL home Internet service. "AT&T Internet Air is currently available only in select areas and where AT&T Fiber is not available. New York is outside of our wireline service footprint, so we do not have other home Internet options available in the state," the company said. AT&T will continue offering its 4G and 5G mobile service in New York, as the state law only affects home Internet service. People with smartphones or other mobile devices connected to the AT&T wireless network should thus see no change.

Existing New York-based users of AT&T Internet Air can only keep it for 45 days and won't be charged during that time, AT&T said. "During this transition, customers will be able to keep their existing AT&T Internet Air service for up to 45 days, at no charge, as they find other options for broadband. We will work closely with our customers throughout this transition," AT&T said. Residential users will be sent "a recovery kit with instructions on how to return their AIA equipment, while business customers can keep any device they purchased at no charge," AT&T said.

An anonymous reader quotes a report from Reuters: Toyota Motor unit Hino Motors has agreed a $1.6 billion settlement with U.S. agencies and will plead guilty over excess diesel engine emissions in more than 105,000 U.S. vehicles, the company and U.S. government said on Wednesday. The Japanese truck and engine manufacturer was charged with fraud in U.S. District Court in Detroit for unlawfully selling 105,000 heavy-duty diesel engines in the United States from 2010 through 2022 that did not meet emissions standards. The settlement, which still must be approved by a U.S. judge, includes a criminal penalty of $521.76 million, $442.5 million in civil penalties to U.S. authorities and $236.5 million to California.

A company-commissioned panel said in a report in 2022 Hino had falsified emissions data on some engines going back to at least 2003. Hino agreed to plead guilty to engaging in a multi-year criminal conspiracy and serve a five-year term of probation, during which it will be barred from importing any diesel engines it has manufactured into the U.S., and carry out a comprehensive compliance and ethics program, the Justice Department and Environmental Protection Agency said. [...] The settlement includes a mitigation program, valued at $155 million, to offset excess air emissions from the violations by replacing marine and locomotive engines, and a recall program, valued at $144.2 million, to fix engines in 2017-2019 heavy-duty trucks

The EPA said Hino admitted that between 2010 and 2019, it submitted false applications for engine certification approvals and altered emission test data, conducted tests improperly and fabricated data without conducting any underlying tests. Hino President Satoshi Ogiso said the company had improved its internal culture, oversight and compliance practices. "This resolution is a significant milestone toward resolving legacy issues that we have worked hard to ensure are no longer a part of Hino's operations or culture," he said in a statement. Toyota's Hino Motors isn't the only automaker to admit to selling vehicles with excess diesel emissions. Volkswagen had to pay billions in fines after it admitted in 2015 to cheating emissions tests by installing "defeat devices" and sophisticated software in nearly 11 million vehicles worldwide. Daimler (Mercedes-Benz), BMW, Opel/Vauxhall (General Motors), and Fiat Chrysler have been implicated in similar practices.

Google has cut code migration time in half by deploying AI tools to assist with large-scale software updates, according to a new research paper from the company's engineers. The tech giant used large language models to help convert 32-bit IDs to 64-bit across its 500-million-line codebase, upgrade testing libraries, and replace time-handling frameworks. While 80% of code changes were AI-generated, human engineers still needed to verify and sometimes correct the AI's output. In one project, the system helped migrate 5,359 files and modify 149,000 lines of code in three months.

An anonymous reader quotes a report from Ars Technica: Lots of startups use Google's productivity suite, known as Workspace, to handle email, documents, and other back-office matters. Relatedly, lots of business-minded webapps use Google's OAuth, i.e. "Sign in with Google." It's a low-friction feedback loop -- up until the startup fails, the domain goes up for sale, and somebody forgot to close down all the Google stuff. Dylan Ayrey, of Truffle Security Co., suggests in a report that this problem is more serious than anyone, especially Google, is acknowledging. Many startups make the critical mistake of not properly closing their accounts -- on both Google and other web-based apps -- before letting their domains expire.

Given the number of people working for tech startups (6 million), the failure rate of said startups (90 percent), their usage of Google Workspaces (50 percent, all by Ayrey's numbers), and the speed at which startups tend to fall apart, there are a lot of Google-auth-connected domains up for sale at any time. That would not be an inherent problem, except that, as Ayrey shows, buying a domain allows you to re-activate the Google accounts for former employees if the site's Google account still exists.

With admin access to those accounts, you can get into many of the services they used Google's OAuth to log into, like Slack, ChatGPT, Zoom, and HR systems. Ayrey writes that he bought a defunct startup domain and got access to each of those through Google account sign-ins. He ended up with tax documents, job interview details, and direct messages, among other sensitive materials. A Google spokesperson said in a statement: "We appreciate Dylan Ayrey's help identifying the risks stemming from customers forgetting to delete third-party SaaS services as part of turning down their operation. As a best practice, we recommend customers properly close out domains following these instructions to make this type of issue impossible. Additionally, we encourage third-party apps to follow best-practices by using the unique account identifiers (sub) to mitigate this risk."

Independent developer Sebastian Vogelsang is building a photo-sharing app for the decentralized social network Bluesky, leveraging its AT Protocol and his earlier app, Skeets. The app, called Flashes, will offer features like photo and short video posts while integrating seamlessly with Bluesky. TechCrunch reports: When launched, Flashes could tap into growing consumer demand for alternatives to Big Tech's social media monopoly. [...] To make this work, Flashes simply filters Bluesky's existing timeline for posts with photos and video posts. (In the future, Vogelsang also plans to add metadata to Flashes' posts so Bluesky users would have a way to keep their feeds on Bluesky's main app from being flooded with photo posts if that became a problem.) Flashes didn't take too long to build because it was able to reuse Skeets' existing code. The app will also be able to market to Skeets' existing user base, who have now downloaded the app some 30,500 times to date.

Vogelsang says he's now working to integrate subscription-based features from both his apps so users don't have to pay twice for the premium features, like Skeets' bookmarks, drafts, muting, rich push notifications, and others specific to Flashes. (Both apps are free to use without a subscription, we should note.) Later, Vogelsang says he wants to launch a video-only app, too, called Blue Screen.

At launch, Flashes will support photo posts of up to four images and videos of up to 1 minute in length, just like Bluesky. Users who post to Flashes will also have their posts appear on Bluesky and comments on those posts will also feed back into the app as if it were just another Bluesky client. It will also support Bluesky's direct messages. The developer expects to be able to launch Flashes to the public in a matter of weeks with a TestFlight beta arriving ahead of that. Interested users can follow Flashes' account on Bluesky for further updates. Flashes could satiate the growing demand for alternatives to Big Tech's social media monopoly, especially after Meta CEO Mark Zuckerberg announced that he will end fact-checking on its platforms.

An anonymous reader quotes a report from CoinTelegraph: Social media platform Meta has confirmed that its fact-checking feature on Facebook, Instagram and Threads will only be removed in the US for now, according to a Jan. 13 letter sent to Brazil's government. "Meta has already clarified that, at this time, it is terminating its independent Fact-Checking Program only in the United States, where we will test and refine the community notes [feature] before expanding to other countries," Meta told Brazil's Attorney General of the Union (AGU) in a Portuguese-translated letter.

Meta's letter followed a 72-hour deadline Brazil's AGU set for Meta to clarify to whom the removal of the third-party fact verification feature would apply. [...] Brazil has expressed dissatisfaction with Meta's removal of its fact check feature, Brazil Attorney-General Jorge Messias said on Jan. 10. "Brazil has rigorous legislation to protect children and adolescents, vulnerable populations, and the business environment, and we will not allow these networks to transform the environment into digital carnage or barbarity." Last Tuesday, Meta CEO Mark Zuckerberg announced an end to fact-checking on Facebook and Instagram -- a move he described as an attempt to restore free expression on its platforms. He likened his company's fact-checking process to a George Orwell novel, saying it "something out of 1984" and let to a broad belief that Meta fact-checkers "were too biased."

hackingbear shares a report from the Associated Press: As the threat of a TikTok ban looms, U.S. TikTok users are flocking to the Chinese social media app Xiaohongshu -- making it the top downloaded app in the U.S. Xiaohongshu, which in English means "Little Red Book" is a Chinese social media app that combines e-commerce, short video and posting functions, enticing mostly Chinese young women from mainland China and regions with with a Chinese diaspora such as Malaysia and Taiwan who use it as a de-facto search engine for product, travel and restaurant recommendations, as well as makeup and skincare tutorials. After the justices seemed inclined to let the law stand, masses of TikTok users began creating accounts on Xiaohongshu, including hashtags such as #tiktokrefugee or #tiktok to their posts. "

I like your makeup," a Xiaohongshu user from Beijing comments one of the posts by Alexis Garman, a 21-year-old TikTok user in Oklahoma with nearly 20,000 followers, and Garman thanks them in a reply. A user from the southwestern province of Sichuan commented "I am your Chinese spy please surrender your personal information or the photographs of your cat (or dog)." "TikTok possibly getting banned doesn't just take away an app, it takes away jobs, friends and community," Garman said. "Personally, the friends and bond I have with my followers will now be gone." Xiaohongshu doesn't even have an English user interface. Reuters reports: In only two days, more than 700,000 new users joined Xiaohongshu, a person close to the company told Reuters. Xiaohongshu [which was founded in 2013 and is backed by investors such as Alibaba, Tencent and Sequoia], did not immediately respond to a request for comment. U.S. downloads of RedNote were up more than 200% year-over-year this week, and 194% from the week prior, according to estimates from app data research firm Sensor Tower. The second most-popular free app on Apple's App Store list on Tuesday, Lemon8, another social media app owned by ByteDance, experienced a similar surge last month, with downloads jumping by 190% in December to about 3.4 million.