An anonymous reader quotes a report from Ars Technica: The Federal Communications Commission gave Starlink and T-Mobile emergency authority to provide satellite-to-phone coverage in areas hit by Hurricane Helene. "SpaceX and T-Mobile have been given emergency special temporary authority by the FCC to enable Starlink satellites with direct-to-cell capability to provide coverage for cell phones in the affected areas of Hurricane Helene," SpaceX said yesterday. "The satellites have already been enabled and started broadcasting emergency alerts to cell phones on all networks in North Carolina. In addition, we may test basic texting (SMS) capabilities for most cell phones on the T-Mobile network in North Carolina."

SpaceX warned of limits since the service isn't ready for a commercial rollout. "SpaceX's direct-to-cell constellation has not been fully deployed, so all services will be delivered on a best-effort basis," the company said. Starlink is being used to provide wireless emergency alerts to cell phones from all carriers in North Carolina, according to Ben Longmier, senior director of satellite engineering for SpaceX. "We are also closely monitoring Hurricane Milton and standing by ready to take action in Florida," he wrote.

The FCC said (PDF) the approval "enabl[es] SpaceX to operate Supplemental Coverage from Space (SCS) in the 1910-1915 MHz and 1990-1995 MHz frequency bands leased from T-Mobile in areas affected by the Hurricane Helene." An FCC spokesperson told Ars that the approval is for all areas affected by Hurricane Helene, although it's only active in North Carolina so far. The FCC also said (PDF) that it is granting "special temporary authorities to licensees and issuing rule waivers to help communications providers maintain and restore service, support emergency operations, and assist public safety, including search and rescue efforts." Separately, the FCC last week waived (PDF) certain Lifeline program eligibility rules to help people in disaster areas (PDF) apply for discounted phone and broadband service.

The decline of journalism has been attributed to many factors, from slow adaptation to the internet to the dominance of tech giants in advertising. But a veteran journalist offers a new perspective: the death of the hyperlink could be changing the fundamental nature of the internet, with significant implications for the news industry. Matt Pearce: There is a real bias against hyperlinking that has developed on platforms and apps over the last five years in particular. It's something that's kind of operating hand-in-hand with the rise of algorithmic recommendations. You see this on Elon Musk's version of Twitter, where posts with hyperlinks are degraded. Facebook itself has decided to detach itself from displaying a lot of links. That's why you get so much AI scum on Facebook these days. Instagram itself has always been kind of hostile to linking. TikTok as well...

If you degrade hyperlinks, and you degrade this idea of the internet as something that refers you to other things, you instead have this stationary internet where a generative AI agent will hoover up and summarize all the information that's out there, and place it right in front of you so that you never have to leave the portal... That was a real epiphany to me, because the argument against one form of this legislation was, "My God, you'll destroy this fundamental way of how the internet works." I'm like, dude, these companies are already destroying the fundamental way of how the internet works.

[...] If you look at what technology has done to journalism over the last 10 years, it was journalists who figured out how to make Twitter work for them. It was journalists who figured out how to be really good on Instagram and Tik Tok. I know there's this argument about content creators and versus journalists, but I'm like, we're all in the same ecosystem. If you're performing the functions of a journalist, you're a journalist. Some people are really good on different platforms. But it's hard to imagine a scenario where Google is going to be the party that creates a more humane, intelligent, responsive form of journalism.

An anonymous Slashdot reader shared the EFF's "Deeplink" blog post: EFF, along with the ACLU and the ACLU of Mississippi, filed an amicus brief on Thursday asking a federal appellate court to continue to block Mississippi's HB 1126 — a bill that imposes age verification mandates on social media services across the internet. Our friend-of-the-court brief, filed in the U.S. Court of Appeals for the Fifth Circuit, argues that HB 1126 is "an extraordinary censorship law that violates all internet users' First Amendment rights to speak and to access protected speech" online.

HB 1126 forces social media sites to verify the age of every user and requires minors to get explicit parental consent before accessing online spaces. It also pressures them to monitor and censor content on broad, vaguely defined topics — many of which involve constitutionally protected speech. These sweeping provisions create significant barriers to the free and open internet and "force adults and minors alike to sacrifice anonymity, privacy, and security to engage in protected online expression." A federal district court already prevented HB 1126 from going into effect, ruling that it likely violated the First Amendment.

At the heart of our opposition to HB 1126 is its dangerous impact on young people's free expression. Minors enjoy the same First Amendment right as adults to access and engage in protected speech online. "No legal authority permits lawmakers to burden adults' access to political, religious, educational, and artistic speech with restrictive age-verification regimes out of a concern for what minors might see" [argues the brief]. "Nor is there any legal authority that permits lawmakers to block minors categorically from engaging in protected expression on general purpose internet sites like those regulated by HB 1126..."
"The law requires all users to verify their age before accessing social media, which could entirely block access for the millions of U.S. adults who lack government-issued ID..." And it also asks another question. "Would you want everything you do online to be linked to your government-issued ID?"

And the blog post makes one more argument. "in an era where data breaches and identity theft are alarmingly common." So the bill "puts every user's personal data at risk... No one — neither minors nor adults — should have to sacrifice their privacy or anonymity in order to exercise their free speech rights online."

An anonymous reader shared this report from Engadget: Three new theft protection features that Google announced earlier this year have reportedly started rolling out on Android. The tools — Theft Detection Lock, Offline Device Lock and Remote Lock — are aimed at giving users a way to quickly lock down their devices if they've been swiped, so thieves can't access any sensitive information. Android reporter Mishaal Rahman shared on social media that the first two tools had popped up on a Xiaomi 14T Pro, and said some Pixel users have started seeing Remote Lock.

Theft Detection Lock is triggered by the literal act of snatching. The company said in May that the feature "uses Google AI to sense if someone snatches your phone from your hand and tries to run, bike or drive away." In such a scenario, it'll lock the phone's screen.
The Android reporter summarized the other two locking features in a post on Reddit:

• Remote Lock "lets you remotely lock your phone using just your phone number in case you can't sign into Find My Device using your Google account password."

• Offline Device Lock "automatically locks your screen if a thief tries to keep your phone disconnected from the Internet for an extended period of time."

"All three features entered beta in August, starting in Brazil. Google told me the final versions of these features would more widely roll out this year, and it seems the features have begun expanding."

"A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers," reports the Wall Street Journal, "potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests.

"For months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S. requests for communications data, according to people familiar with the matter, which amounts to a major national security risk." The attackers also had access to other tranches of more generic internet traffic, they said. Verizon Communications, AT&T and Lumen Technologies are among the companies whose networks were breached by the recently discovered intrusion, the people said.

The widespread compromise is considered a potentially catastrophic security breach and was carried out by a sophisticated Chinese hacking group dubbed Salt Typhoon. It appeared to be geared toward intelligence collection, the people said... The surveillance systems believed to be at issue are used to cooperate with requests for domestic information related to criminal and national security investigations. Under federal law, telecommunications and broadband companies must allow authorities to intercept electronic information pursuant to a court order. It couldn't be determined if systems that support foreign intelligence surveillance were also vulnerable in the breach...

The hackers appear to have engaged in a vast collection of internet traffic from internet service providers that count businesses large and small, and millions of Americans, as their customers. Additionally, there are indications that the hacking campaign targeted a small number of service providers outside the U.S., the people said. A person familiar with the attack said the U.S. government considered the intrusions to be historically significant and worrisome... "It will take time to unravel how bad this is, but in the meantime it's the most significant in a long string of wake-up calls that show how the PRC has stepped up their cyber game," said Brandon Wales, former executive director at the Cybersecurity and Infrastructure Security Agency and now a vice president at SentinelOne, referring to the People's Republic of China. "If companies and governments weren't taking this seriously before, they absolutely need to now."
Three weeks ago TechCrunch also reported that the FBI "took control of a botnet made up of hundreds of thousands of internet-connected devices, such as cameras, video recorders, storage devices, and routers, which was run by a Chinese government hacking group, FBI director Christopher Wray and U.S. government agencies revealed Wednesday.

Last week the Register warned "If you're running the Unix printing system CUPS, with cups-browsed present and enabled, you may be vulnerable to attacks that could lead to your computer being commandeered over the network or internet." (Although the CEO of cybersecurity platform watchTowr told them "the vulnerability impacts less than a single-digit percentage of all deployed internet-facing Linux systems.")

But Tuesday generic (Slashdot reader #14,144) shared this new warning from Akamai: Akamai researchers have confirmed a new attack vector using CUPS that could be leveraged to stage distributed denial-of-service (DDoS) attacks. Research shows that, to begin the attack, the attacking system only needs to send a single packet to a vulnerable and exposed CUPS service with internet connectivity.

The Akamai Security Intelligence and Response Team (SIRT) found that more than 198,000 devices are vulnerable to this attack vector and are accessible on the public internet; roughly 34% of those could be used for DDoS abuse (58,000+). Of the 58,000+ vulnerable devices, hundreds exhibited an "infinite loop" of requests.

The limited resources required to initiate a successful attack highlights the danger: It would take an attacker mere seconds to co-opt every vulnerable CUPS service currently exposed on the internet and cost the attacker less than a single US cent on modern hyperscaler platforms.

Days after a hurricane struck America's southeast, Florida's state's fire marshall "confirmed 16 lithium-ion battery fires related to storm surge," according to local news reports. "Officials said six of those fires are associated with electric vehicles and they are working with fire departments statewide to gather more data." (Earlier this year America's federal transportation safety agency estimated that after a 2022 hurricane "about 36 EVs caught on fire. In several instances, the fire erupted while the impacted EVs were being towed on their flatbed trailers.")

But Tuesday, when over 1 million Americans were without electricity, the Atlantic pointed out the other side of the story. "EV owners are using their cars to keep the lights on." When Hurricane Helene knocked out the power in Charlotte, North Carolina, on Friday, Dustin Baker, like many other people across the Southeast, turned to a backup power source. His just happened to be an electric pickup truck. Over the weekend, Baker ran extension cords from the back of his Ford F-150 Lightning, using the truck's battery to keep his refrigerator and freezer running. It worked so well that Baker became an energy Good Samaritan. "I ran another extension cord to my neighbor so they could run two refrigerators they have," he told me.

Americans in hurricane territory have long kept diesel-powered generators as a way of life, but electric cars are a leap forward. An EV, at its most fundamental level, is just a big battery on wheels that can be used to power anything, not only the car itself. Some EVs pack enough juice to power a whole home for several days, or a few appliances for even longer. In the aftermath of Helene, as millions of Americans were left without power, many EV owners did just that. A vet clinic that had lost power used an electric F-150 to keep its medicines cold and continue seeing patients during the blackout. One Tesla Cybertruck owner used his car to power his home after his entire neighborhood lost power.
One Louisiana man just ran cords straight from the outlets in the bed of his Tesla Cybertruck, according to the article. "We were able to run my internet router and TV, [plus] lamps, refrigerator, a window AC unit, and fans, as well as several phone, watch, and laptop chargers." Over the course of about 24 hours, he said, all of this activity ran his Cybertruck battery down from 99 percent to 80 percent...

Bidirectional charging may prove to be the secret weapon that sells electrification to the South, which has generally remained far behind the West and the Northeast in electric-vehicle purchases. If EVs become widely seen as the best option for blackouts, they could entice not just the climate conscious but also the suburban dads in hurricane country with a core belief in prepping for anything. It will take a lot to overcome the widespread distrust of EVs and anxiety about a new technology, but our loathing of power outages just might do the trick.
The article notes that Tesla has confirmed all its electric vehicles will support bidirectional charging by 2025.

An anonymous reader quotes a report from The Register: Comcast says data on 237,703 of its customers was in fact stolen in a cyberattack on a debt collector it was using, contrary to previous assurances it was given that it was unaffected by that intrusion. That collections agency, Financial Business and Consumer Solutions aka FBCS, was compromised in February, and according to a filing with Maine's attorney general, the firm informed the US cable giant about the unauthorized access in March. At the time, FBCS told the internet'n'telly provider that no Comcast customer information was affected. However, that changed in July, when the collections outfit got in touch again to say that, actually, the Comcast subscriber data it held had been pilfered.

Among the data types stolen were names, addresses, Social Security numbers, dates of birth, and the Comcast account numbers and ID numbers used internally at FBCS. The data pertains to those registered as customers at "around 2021." Comcast stopped using FBCS for debt collection services in 2020. Comcast made it clear its own systems, including those of its broadband unit Xfinity, were not broken into, unlike that time in 2023. FBCS earlier said more than 4 million people had their records accessed during that February break-in. As far as we're aware, the agency hasn't said publicly exactly how that network intrusion went down. Now Comcast is informing subscribers that their info was taken in that security breach, and in doing so seems to be the first to say the intrusion was a ransomware attack. [...]

FBCS's official statement only attributes the attack to an "unauthorized actor." It does not mention ransomware, nor many other technical details aside from the data types involved in the theft. No ransomware group we're aware of has ever claimed responsibility for the raid on FBCS. When we asked Comcast about the ransomware, it simply referred us back to the customer notification letter. The cableco used that notification to send another small middle finger FBCS's way, slyly revealing that the agency's financial situation prevents it from offering the usual identity and credit monitoring protection for those affected, so Comcast is having to foot the bill itself.

An anonymous reader quotes a report from the Associated Press: Google said Friday it will stop linking to New Zealand news content and will reverse its support of local media outlets if the government passes a law forcing tech companies to pay for articles displayed on their platforms. The vow to sever Google traffic to New Zealand news sites -- made in a blog post by the search giant on Friday -- echoes strategies the firm deployed as Australia and Canada prepared to enact similar laws in recent years. It followed a surprise announcement by New Zealand's government in July that lawmakers would advance a bill forcing tech platforms to strike deals for sharing revenue generated from news content with the media outlets producing it.

The government, led by center-right National, had opposed the law in 2023 when introduced by the previous administration. But the loss of more than 200 newsroom jobs earlier this year -- in a national media industry that totaled 1,600 reporters at the 2018 census and has likely shrunk since -- prompted the current government to reconsider forcing tech companies to pay publishers for displaying content. The law aims to stanch the flow offshore of advertising revenue derived from New Zealand news products. If the media law passes, Google New Zealand Country Director Caroline Rainsford said the firm would need to change its involvement in the country. "Specifically, we'd be forced to stop linking to news content on Google Search, Google News, or Discover surfaces in New Zealand and discontinue our current commercial agreements and ecosystem support with New Zealand news publishers."

Google's licensing program in New Zealand contributed "millions of dollars per year to almost 50 local publications," she added.

Google is testing a new verification feature in search, in a move aimed at helping users avoid fake or fraudulent websites. The Verge's Jess Weatherbed reports: My colleague Jay Peters spotted checkmarks next to official site links for Microsoft, Meta, Epic Games, Apple, Amazon, and HP, but these were no longer displayed once he logged into a different Google account -- meaning this experiment isn't being rolled out widely just yet. Hovering over a checkmark will display a message that explains "Google's signals suggest that this business is the business that it says it is," which is determined by things like website verification, Merchant Center data, and manual reviews according to Shaheen.

BleepingComputer's Ionut Ilascu reports: During a distributed denial-of-service campaign targeting organizations in the financial services, internet, and telecommunications sectors, volumetric attacks peaked at 3.8 terabits per second, the largest publicly recorded to date. The assault consisted of a "month-long" barrage of more than 100 hyper-volumetric DDoS attacks flooding the network infrastructure with garbage data. In a volumetric DDoS attack, the target is overwhelmed with large amounts of data to the point that they consume the bandwidth or exhaust the resources of applications and devices, leaving legitimate users with no access.

Many of the attacks aimed at the target's network infrastructure (network and transport layers L3/4) exceeded two billion packets per second (pps) and three terabits per second (Tbps). According to researchers at internet infrastructure company Cloudflare, the infected devices were spread across the globe but many of them were located in Russia, Vietnam, the U.S., Brazil, and Spain. The threat actor behind the campaign leveraged multiple types of compromised devices, which included a large number of Asus home routers, Mikrotik systems, DVRs, and web servers. Cloudflare mitigated all the DDoS attacks autonomously and noted that the one peaking at 3.8 Tbps lasted 65 seconds.

After fifteen years of fighting to make the web safer and more accessible, the World Wide Web Foundation is shutting down. From a report: In a letter shared via the organization's website, co-founders Sir Tim Berners-Lee -- inventor of the World Wide Web -- and Rosemary Leith explain that the organization's mission has been somewhat accomplished and a new battle needs to be waged. When the foundation was founded in 2009, just over 20 percent of the world had access to the web and relatively few organizations were trying to change that, say Sir Tim and Leith. A decade and a half later, with nearly 70 percent of the world online, there are many similar non-governmental organizations trying to make the web more accessible and affordable.

The two founders thank their supporters over the years who "have enabled us to move the needle in a big way" with regard to access and affordability. But the issues facing the web have changed, they insist, and the foundation believes other advocacy groups can take it from here. Chief among the more pressing problems, claim Sir Tim and Leith, is the social media business model that commoditized user data and concentrates power with platforms, contrary to Sir Tim's original vision for the web. To address that threat, Sir Tim intends to dismantle his foundation so he can focus on decentralized technology. "We, along with the Web Foundation board, have been asking ourselves where we can have the most impact in the future," the authors say. "The conclusion we have reached is that Tim's passion on restoring power over and control of data to individuals and actively building powerful collaborative systems needs to be the highest priority going forward. In order to best achieve this, Tim will focus his efforts to support his vision for the Solid Protocol and other decentralized systems."

Russian authorities are considering a ban on Discord, citing unspecified legal violations. According to the Russian daily newspaper Kommersant, the ban may happen "in the coming days." PC Gamer reports: The opening salvo has already been fired. The Russian state media regulator Roskomnadzor has issued five separate rulings relating to Discord since September 20, which can all now be used as justification for an upcoming ban. Say what you will about authoritarian regimes, but they love their bureaucracy. Kommersant quotes an anonymous official source as saying the ban is being considered for violations of Russian law: needless to say, these violations have not been detailed, nor are likely to be.

Russian users have also complained about periodic outages on Discord over September, with many resorting to VPNs, and both the web and mobile versions of the platform affected. Should the ban become a reality, the big losers will be Russian players and developers, with no obvious domestic replacement. "The problem is that for Russian developers, communication with the community, including the international one, and technical support are implemented through Discord," said Vasily Ovchinnikov, head of Russia's Organization for the Development of the Video Game Industry. Today, a Moscow court fined Discord 3.5 million roubles ($37,675) for, apparently, failing to restrict access to banned information.

The National Highway Traffic Safety Administration (NHTSA) said it has fined Cruise $1.5 million for failing to disclose that a pedestrian was seriously injured by one of its driverless vehicles in San Francisco last year. The Verge reports: Last October, a Cruise vehicle hit a pedestrian and then dragged her 20 feet after she was initially struck by a human driver in a hit-and-run incident. In the aftermath, Cruise disclosed that its vehicle had struck a pedestrian but omitted details about the victim being dragged. As a result, the California Department of Motor Vehicles pulled the GM-backed company's permit to operate self-driving cars in the state, and the National Highway Traffic Safety Administration launched an investigation into the incident.

Today, NHTSA announced the $1.5 million penalty as part of a broader consent order with Cruise that includes additional requirements around safety and disclosure. The company submitted several "incomplete reports" under the agency's Standing General Order, which requires crash reports to be filed within a certain period of time, depending on their severity. In its first report to NHTSA, filed one day after the incident, Cruise failed to disclose "that the Cruise vehicle had dragged the pedestrian," the consent order reads. The company also filed an additional report 10 days later in which it also failed to disclose the dragging incident.

"It is vitally important for companies developing automated driving systems to prioritize safety and transparency from the start," NHTSA Deputy Administrator Sophie Shulman said. "NHTSA is using its enforcement authority to ensure operators and manufacturers comply with all legal obligations and work to protect all road users." After its permit was suspended, Cruise hired a law firm to conduct an investigation into what went wrong. The firm's report concluded that the company had tried to send a 45-second video to regulators that showed its vehicle dragging the victim but was hampered by "internet connectivity issues." Also, Cruise employees failed to point out the dragging incident in subsequent conversations with regulators.

Thousands of Verizon users across the United States reported having little or no cellphone service on Monday morning in major cities, including in Atlanta, Chicago, Denver, New York and Phoenix. From a report: According to the website Downdetector, which tracks user reports of internet disruptions, more than 104,000 cases of Verizon outages were reported across the country as of 11:20 a.m. Eastern, more than an hour after the first issues were reported.

A map posted on the site showed cities with the most reports. On the site, many users said their cellphones were intermittently displaying SOS mode and that they could not place calls or send or receive text messages. "We're aware of the issue affecting service for some customers," a spokesman for Verizon, Ilya Hemlin, said in a telephone interview at 11:30 a.m. "Our engineers are engaged and we are working quickly to solve the issue," he added.

An anonymous reader shared this report from the Washington Post: Look at the top right corner of your phone. You might see an icon with "5G" and another with vertical bars showing the strength of your internet connection. Those symbols don't mean what you think they do.

If your phone shows "5G," you're not necessarily connected to the latest and zippiest cellphone network technology. It might just mean that 5G connections are available nearby. And the bars are a cellular version of a shrug. There is no standard measure of how much signal strength each bar represents. "The connection icon is a lie," said Avi Greengart, president of the technology analysis firm Techsponential...

The good news is you might not need 5G, anyway. Most of the time, your phone calls, texting and web surfing are perfectly fine on the prior generation of wireless technology called 4G or sometimes "LTE." Many phone networks will funnel you over 5G service when it makes a real difference, like if you're on a video call or playing an intense video game.

If you see more specific types of 5G icons, like "5G UW" used by Verizon or "5G UC" if you're on T-Mobile service, Hyers said you're probably connected to a 5G network at that moment. Those extra letters or symbols sometimes indicate types of 5G technology that are capable of faster and more reliable connections, but they aren't always better, depending on your circumstances. Confusingly, AT&T has showed "5G E" icons on phones. That is not 5G service at all.
Here's how major carriers responded to the Post's reporter:

• "AT&T said its '5G' indicators on phones line up with a telecommunications standards organization that established the icon to mean 5G networks are available."

• "Verizon didn't respond to my questions."

• "T-Mobile said for most of its cellphone network, your phone accurately reflects if you're on 5G."

The article suggests setting your phone to just automatically switch to 5G networks when high-bandwidth applications are in use...

J. Doyne Farmer is the director of the complexity economics program at the Institute for New Economic Thinking in Oxford's research and policy unit. And he reminds us that solar and wind energy "are very likely to get even less expensive and grow quickly," pointing out that "the rate at which a given kind of technology improves is remarkably predictable." The best-known example is Moore's Law... Like computer chips, many other technologies also get exponentially more affordable, though at different rates. Some of the best examples are renewable energy technologies such as solar panels, lithium batteries and wind turbines. The cost of solar panels has dropped an average of 10% a year, making them about 10,000 times cheaper than they were in 1958, the year of their pioneering use to power the Vanguard 1 satellite. Lithium batteries have cheapened at a comparable pace, and the cost of wind turbines has dropped steadily too, albeit at a slower rate.

Not all technologies follow this course, however. Fossil fuels cost roughly what they did a century ago, adjusted for inflation, and nuclear power is no cheaper than it was in 1958. (In fact, partly due to heightened safety concerns, it's somewhat more expensive.)

The global deployment of technologies follows another pattern, called an S curve, increasing exponentially at first and then leveling out. Careful analysis of the spread of many technologies, from canals to the internet, makes it possible to predict the pace of technological adoption. When a technology is new, predictions are difficult, but as it develops, they get easier. Applying these ideas to the energy transition indicates that key technologies such as solar, wind, batteries and green-hydrogen-based fuels are likely to grow rapidly, dominating the energy system within the next two decades. And they will continue to get cheaper and cheaper, making energy far more affordable than it has ever been. This will happen in electricity generation first and then in sectors that are harder to decarbonize, including aviation and long-range shipping.
And in addition, "The future savings more than offset present investments to the extent that the transition would make sense from a purely economic standpoint even if we weren't worried about climate change.

"The sooner we make investments and adopt policies that enable the transition, the sooner we will realize the long-term savings."

Longtime Slashdot reader penciling_in shares a report from CircleID: Starlink, SpaceX's satellite-based internet service, has hit a major milestone by surpassing 4 million subscribers worldwide. SpaceX confirmed the news on Thursday after company President Gwynne Shotwell hinted earlier in the week that the service would reach the mark within days. Since its beta launch in October 2020, Starlink has rapidly scaled, growing from 1 million subscribers by December 2022, to 2 million by September 2023, and now 4 million just months later. The service operates through a vast constellation of nearly 6,000 satellites, providing satellite internet to users in almost 100 countries, including expanding into previously underserved regions like Africa and the Pacific islands. [While competition from OneWeb and Amazon's Project Kuiper looms, Starlink remains the market leader. However, challenges like slowing U.S. growth and concerns over satellite interference with radio astronomy persist.] Starlink is coming to United Airlines' entire fleet and Hawaiian Airlines Airbus flights. Air France also announced yesterday that it, too, will support free Starlink Wi-Fi on all its aircraft.

SpzToid shares a report: Today, a group of independent security researchers revealed that they'd found a flaw in a web portal operated by the carmaker Kia that let the researchers reassign control of the Internet-connected features of most modern Kia vehicles -- dozens of models representing millions of cars on the road -- from the smartphone of a car's owner to the hackers' own phone or computer. By exploiting that vulnerability and building their own custom app to send commands to target cars, they were able to scan virtually any Internet-connected Kia vehicle's license plate and within seconds gain the ability to track that car's location, unlock the car, honk its horn, or start its ignition at will.

After the researchers alerted Kia to the problem in June, Kia appears to have fixed the vulnerability in its web portal, though it told WIRED at the time that it was still investigating the group's findings and hasn't responded to WIRED's emails since then. But Kia's patch is far from the end of the car industry's web-based security problems, the researchers say. The web bug they used to hack Kias is, in fact, the second of its kind that they've reported to the Hyundai-owned company; they found a similar technique for hijacking Kias' digital systems last year. And those bugs are just two among a slew of similar web-based vulnerabilities they've discovered within the last two years that have affected cars sold by Acura, Genesis, Honda, Hyundai, Infiniti, Toyota, and more.

Hot on the heels of United Airlines' Starlink announcement, Hawaiian Airlines said it, too, is offering "fast and free Starlink Wi-Fi" across its entire Airbus fleet. CNET reports: Hawaiian Airlines is now the first major carrier to use Elon Musk's satellite internet service, which taps more than 7,000 satellites in low earth orbit to deliver high-speed internet worldwide. "In Starlink's low earth orbit constellation of advanced satellites, the latest of which utilize a revolutionary laser mesh network, we found an ideal solution to ensure reliable, high-speed, low-latency Wi-Fi on transpacific flights," a Hawaiian Airlines representative told CNET. "Working with Starlink has allowed us to offer a fast and consistent in-flight connectivity experience that meets our high standard for guest service."

The company first debuted Starlink on its planes in February on a flight from Honolulu to Long Beach, California. It first struck a deal with Starlink in 2022 and has now completed installation across its entire Airbus fleet, which includes 24 A330 planes and 18 A321neos. Hawaiian Airlines will also deploy the service on its two Boeing 787-9 planes, but not its Boeing 717 aircraft, which are used on shorter flights between the Hawaiian Islands.