SpaceX has partnered with telecommunications company One NZ to offer satellite-to-cell Starlink texting service to customers in New Zealand. It marks the first time a nationwide satellite text messaging service has been powered by Starlink. Engadget reports: Now onto the caveats, and there are a couple of big ones. Starlink texting is incredibly slow when compared to traditional methods. One NZ says that most messages should be sent and received within three minutes during the initial rollout, but admits that timeframe could increase to "10 minutes or longer." It is for this reason that the company continues to urge folks to carry a personal locator beacon when traveling to a remote area.

The service is also only supported by four smartphone models, which includes the Samsung Galaxy Z Flip 6, Samsung Galaxy Z Fold 6, Samsung Galaxy S24 Ultra and OPPO Find X8 Pro. This list of eligible devices is expected to grow next year. The company also intends to eventually expand the service to include voice calling and data. The satellite service is free for existing One NZ customers on paid-monthly plans, but we don't know the pricing scheme for new customers or for those signed up for other types of contracts. Starlink is working with T-Mobile to do something similar in the U.S. Last month, the FCC approved a license for T-Mobile and SpaceX's Starlink to provide supplemental telecommunications coverage from space.

An anonymous reader quotes a report from Gizmodo: Hackers aligned with the Chinese government have infiltrated U.S. telecommunications infrastructure so deeply that it allowed the interception of unencrypted communications on a number of people, according to reports that first emerged in October. The operation, dubbed Salt Typhoon, apparently allowed hackers to listen to phone calls and nab text messages, and the penetration has been so extensive they haven't even been booted from the telecom networks yet. The Cybersecurity and Infrastructure Security Agency (CISA) issued guidance this week on best practices for protecting "highly targeted individuals," which includes a new warning (PDF) about text messages.

"Do not use SMS as a second factor for authentication. SMS messages are not encrypted—a threat actor with access to a telecommunication provider's network who intercepts these messages can read them. SMS MFA is not phishing-resistant and is therefore not strong authentication for accounts of highly targeted individuals," the guidance, which has been posted online, reads. Not every service even allows for multi-factor authentication and sometimes text messages are the only option. But when you have a choice, it's better to use phishing-resistant methods like passkeys or authenticator apps. CISA prefaces its guidance by insisting it's only really speaking about high-value targets. The telecommunications hack mentioned above has been called the "worst hack in our nation's history," according to Sen. Mark Warner (D-VA).

Congress approved $3 billion Wednesday for a long-languishing project to cull Chinese equipment from networks nationwide over fears they are vulnerable to cyberattacks, underscoring the risk Beijing-sponsored hackers pose to phone and internet networks. From a report: The new funding comes as the Commerce Department reviews whether to ban routers made by the Chinese-owned company TP-Link, which account for more than half of the U.S. retail router market.

The actions reflect the heightened attention among Washington policymakers to the threat posed by Chinese state-linked hackers. U.S. officials revealed the "Volt Typhoon" hack last year and in recent months have expressed alarm over the even bigger "Salt Typhoon" hack. In both cases, Chinese government hackers successfully penetrated major U.S. phone networks and critical infrastructure facilities, and U.S. officials said they still have not been able to expel the Salt Typhoon interlopers.

Longtime Slashdot reader sinij shares a report from Car and Driver with the caption: "As someone that uses back seats to carry some luggage, I am not a fan of this requirement." From the report: Previously, federal standards governing seatbelt warnings only required manufacturers to monitor the driver's seat, issuing a chime if its seatbelt was unbuckled when the vehicle was underway. Now, a new rule has been finalized, requiring all new passenger vehicles sold in the U.S. to have enhanced front seatbelt warnings by September 1, 2026, and rear seatbelt warnings by September 1, 2027.

It's exactly 50 years since Congress attempted to mandate ignition interlocks tied to seatbelt use, in an effort to reduce deaths on the road. In that instance, the public revolted and the House blinked, repealing the interlock requirement later in the same year. [...] The National Highway Traffic Safety Administration (NHTSA) estimates that these new regulations will save about 50 lives per year, and reduce injuries by 500.

Spanish police have uncovered a major clue in the year-long investigation of a missing Cuban man, JLPO, after Google Street View images showed a man loading a body-shaped package into a car and pushing a wheelbarrow with a large white package. These images led to the discovery of the victim's dismembered remains in a cemetery and the arrest of two suspects, including the victim's wife and a bar worker. The Independent reports: Spanish police have said the pictures are a "decisive" clue in case, with detectives reportedly launching a murder investigation and arresting two people in connection with the man's death. According to El Pais, police are still investigating the case -- and it appears neither have yet appeared charged before a court.

Longtime Slashdot reader sinij shares a report from Wired with the caption: "This story will be an on-going payday for traffic ticket lawyers. I am ordering one now." From the report: Digital license plates, already legal to buy in a growing number of states and to drive with nationwide, offer a few perks over their sheet metal predecessors. You can change their display on the fly to frame your plate number with novelty messages, for instance, or to flag that your car has been stolen. Now one security researcher has shown how they can also be hacked to enable a less benign feature: changing a car's license plate number at will to avoid traffic tickets and tolls -- or even pin them on someone else.

Josep Rodriguez, a researcher at security firm IOActive, has revealed a technique to "jailbreak" digital license plates sold by Reviver, the leading vendor of those plates in the US with 65,000 plates already sold. By removing a sticker on the back of the plate and attaching a cable to its internal connectors, he's able to rewrite a Reviver plate's firmware in a matter of minutes. Then, with that custom firmware installed, the jailbroken license plate can receive commands via Bluetooth from a smartphone app to instantly change its display to show any characters or image. That susceptibility to jailbreaking, Rodriguez points out, could let drivers with the license plates evade any system that depends on license plate numbers for enforcement or surveillance, from tolls to speeding and parking tickets to automatic license plate readers that police use to track criminal suspects. "You can put whatever you want on the screen, which users are not supposed to be able to do," says Rodriguez. "Imagine you are going through a speed camera or if you are a criminal and you don't want to get caught."

Worse still, Rodriguez points out that a jailbroken license plate can be changed not just to an arbitrary number but also to the number of another vehicle -- whose driver would then receive the malicious user's tickets and toll bills. "If you can change the license plate number whenever you want, you can cause some real problems," Rodriguez says. All traffic-related mischief aside, Rodriguez also notes that jailbreaking the plates could also allow drivers to use the plates' features without paying Reviver's $29.99 monthly subscription fee. Because the vulnerability that allowed him to rewrite the plates' firmware exists at the hardware level -- in Reviver's chips themselves -- Rodriguez says there's no way for Reviver to patch the issue with a mere software update. Instead, it would have to replace those chips in each display. That means the company's license plates are very likely to remain vulnerable despite Rodriguez's warning -- a fact, Rodriguez says, that transport policymakers and law enforcement should be aware of as digital license plates roll out across the country. "It's a big problem because now you have thousands of licensed plates with this issue, and you would need to change the hardware to fix it," he says.

The U.S. government is urging senior government officials and politicians to ditch phone calls and text messages following intrusions at major American telecommunications companies blamed on Chinese hackers. From a report: In written guidance, opens new tab released on Wednesday, the Cybersecurity and Infrastructure Security Agency said "individuals who are in senior government or senior political positions" should "immediately review and apply" a series of best practices around the use of mobile devices.

The first recommendation: "Use only end-to-end encrypted communications." End-to-end encryption -- a data protection technique which aims to make data unreadable by anyone except its sender and its recipient -- is baked into various chat apps, including Meta's WhatsApp, Apple's iMessage, and the privacy-focused app Signal. Neither regular phone calls nor text messages are end-to-end encrypted, which means they can be monitored, either by the telephone companies, law enforcement, or - potentially - hackers who've broken into the phone companies' infrastructure.

A cybersquatting scheme targeting prominent writers and entrepreneurs has exposed flaws in Bluesky's domain-based verification system, newsletter Tedium reports, citing users.

Bloomberg columnist Conor Sen reported receiving an extortion attempt this week when an anonymous user who had purchased his namesake domain demanded payment to transfer ownership. The episode has unraveled wider revelations of similar attacks targeting at least five other well-known users, including political blogger Matt Yglesias and The Hustle founder Sam Parr.

The platform's moderation team initially banned Parr's legitimate account while leaving the impersonator active, Sen told Tedium. The fake account was only removed after users escalated the issue to senior Bluesky staff.

Microsoft bought twice as many of Nvidia's flagship chips as any of its largest rivals in the US and China this year, as OpenAI's biggest investor accelerated its investment in artificial intelligence infrastructure. From a report: Analysts at Omdia, a technology consultancy, estimate that Microsoft bought 485,000 of Nvidia's "Hopper" chips this year. That put Microsoft far ahead of Nvidia's next biggest US customer Meta, which bought 224,000 Hopper chips, as well as its cloud computing rivals Amazon and Google.

With demand outstripping supply of Nvidia's most advanced graphics processing units for much of the past two years, Microsoft's chip hoard has given it an edge in the race to build the next generation of AI systems. This year, Big Tech companies have spent tens of billions of dollars on data centres running Nvidia's latest chips, which have become the hottest commodity in Silicon Valley since the debut of ChatGPT two years ago kick-started an unprecedented surge of investment in AI.

An anonymous reader quotes a report from The Guardian: The UK's first driverless bus service, originally heralded as a breakthrough of global significance, is being withdrawn from service because too few passengers used it. The autonomous buses, operated by Stagecoach, have been running between Fife and Edinburgh along a 14-mile route over the Forth road bridge since May 2023 to relieve the heavy congestion which can bring traffic to a standstill.

The CAVForth service, a collaboration between Fusion Processing, the coach-building company Alexander Dennis, Napier University in Edinburgh and the Bristol Robotics Lab -- a joint venture between the University of Bristol and the University of the West of England -- was touted as the most ambitious and complex in the world. Built at an estimated cost of more than 6 million pounds, partly funded by the UK government, the fleet of five single-decker buses had the capacity to carry 10,000 passengers a week but needed two crew on board for safety reasons. Stagecoach said in a statement: "We are proud to have achieved a world first with our CAVForth autonomous bus service, demonstrating the potential for self-driving technology on a real-world registered timetable in East Scotland. Although passenger adoption did not meet expectations, the trial has significantly advanced the understanding of the operational and regulatory requirements for autonomous services, delivering what was expected from this demonstrator project. The partners remain committed to exploring new opportunities for self-driving technology in other areas across the UK, ensuring that this exciting innovation can play a transformative role in future transport networks."

The European Commission has launched formal proceedings against TikTok over concerns about its failure to limit election interference, particularly in last month's Romanian presidential vote. Reuters reports: The Commission said it will request information and look into TikTok's policy on political advertisements and paid-for political content as well as TikTok's systems to generate recommendations and the risks of them being manipulated. The opening of formal proceedings empowers the Commission to take further enforcement steps and to accept commitments made by TikTok. There is no specific deadline to complete proceedings.

Japanese automakers Honda and Nissan are reportedly in merger talks to form a holding company, potentially integrating Mitsubishi Motors to compete with industry giants like Toyota and Volkswagen. CNBC reports: The combined Nissan-Honda-Mitsubishi enterprise would equate to more than 8 million vehicle sales annually, according to Nikkei. That would place the company among the world's largest automakers, but still below fellow Japanese automaker Toyota Motor, at 11.2 million in 2023, as well as German automaker Volkswagen, which last year reported sales of 9.2 million vehicles.

The merger report follows the two Japanese automakers entering into a strategic partnership earlier this year on shared automotive components and software. Such a tie-up would be the largest automotive industry merger since Fiat Chrysler joined with France-based PSA Groupe to form Stellantis in January 2021. Honda and Nissan said in similar statements: "The reported content was not released by our company," Honda said. "As announced in March of this year, Honda and Nissan are exploring various possibilities for future collaboration, leveraging each other's strengths. We will inform our stakeholders of any updates at an appropriate time."

The Supreme Court has rejected the broadband industry's challenge to a New York law that requires Internet providers to offer $15- or $20-per-month service to people with low incomes. From a report: In August, six trade groups representing the cable, telecom, mobile, and satellite industries filed a petition asking the Supreme Court to overturn an appeals court ruling that upheld the state law. But the Supreme Court won't take up the case. The Supreme Court denied the telecom groups' petition without comment in a list of orders released yesterday.

Although a US District Court judge blocked the law in 2021, that judge's ruling was reversed by the US Court of Appeals for the 2nd Circuit in April 2024. The Supreme Court's denial of the industry petition leaves the 2nd Circuit ruling in place. The appeals court ruling is an important one for the broader question of how states can regulate broadband providers when the Federal Communications Commission isn't doing so. Trade groups claimed the state law is preempted by former FCC Chairman Ajit Pai's repeal of net neutrality rules, which ended Title II common-carrier regulation of ISPs.

In a 2-1 opinion, a panel of 2nd Circuit appeals court judges said the Pai-era FCC "order stripped the agency of its authority to regulate the rates charged for broadband Internet, and a federal agency cannot exclude states from regulating in an area where the agency itself lacks regulatory authority."

Hundreds of websites will be shut down on the day that Britain's Online Safety Act comes into effect, in what are believed to be the first casualties of the new internet laws. From a report: Microcosm, a web forum hosting service that runs 300 sites including cycling forums and local community hubs, said that the sites would go offline on March 16, the day that Ofcom starts enforcing the Act.

Its owner said they were unable to comply with the lengthy requirements of the Act, which created a "disproportionately high personal liability." The new laws, which were designed to crack down on illegal content and protect children, threaten fines of at least $23 million for sites that fail to comply with the laws. On Monday, Ofcom set out more than 40 measures that it expects online services to follow by March, such as carrying out risk assessments about their sites and naming senior people accountable for ensuring safety.

The Department of Homeland Security (DHS) believes that China, Russia, Iran, and Israel are the "primary" countries exploiting security holes in telecommunications networks to spy on people inside the United States, which can include tracking their physical movements and intercepting calls and texts, according to information released by Senator Ron Wyden. 404 Media: The news provides more context around use of SS7, the exploited network and protocol, against phones in the country. In May, 404 Media reported that an official inside DHS's Cybersecurity Insurance and Security Agency (CISA) broke with his department's official narrative and publicly warned about multiple SS7 attacks on U.S. persons in recent years. Now, the newly disclosed information provides more specifics on where at least some SS7 attacks are originating from.

The information is included in a letter the Department of Defense (DoD) wrote in response to queries from the office of Senator Wyden. The letter says that in September 2017 DHS personnel gave a presentation on SS7 security threats at an event open to U.S. government officials. The letter says that Wyden staff attended the event and saw the presentation. One slide identified the "primary countries reportedly using telecom assets of other nations to exploit U.S. subscribers," it continues.

Nvidia unveiled a $249 version of its Jetson AI computer Tuesday, targeting hobbyists and small companies with a device that offers 70% more processing power than its predecessor at half the cost.

The Jetson Orin Nano Super functions as a portable AI brain for robotics and industrial automation, allowing developers to run AI computations directly without data center connections. The palm-sized device, demonstrated by Nvidia founder Jensen Huang, uses less advanced chips than the company's high-end products. While Nvidia primarily serves major companies and AI startups, the budget-friendly Jetson line aims to make AI development more accessible to students and smaller developers working on drones and cameras.

Meta has been fined around $263 million in the European Union for a Facebook security breach that affected millions of users which the company disclosed back in September 2018. From a report: The penalty, issued on Tuesday by Ireland's Data Protection Commission (DPC) -- enforcing the bloc's General Data Protection Regulation (GDPR) -- is far from being the largest GDPR fine Meta has been hit with since the regime came into force over five years ago but is notable for being a substantial sanction for a single security incident.

The breach it relates to dates back to July 2017 when Facebook, as the company was still known then, rolled out a video upload function that included a "View as" feature which let the user see their own Facebook page as it would be seen by another user. A bug in the design allowed users making use of the feature to invoke the video uploader in conjunction with Facebook's 'Happy Birthday Composer' facility to generate a fully permissioned user token that gave them full access to the Facebook profile of that other user. They could then use the token to exploit the same combination of features on other accounts -- gaining unauthorized access to multiple users' profiles and data, per the DPC.

An anonymous reader quotes a report from the New York Times: TikTokasked the Supreme Court on Monday to temporarily block a law that would effectively ban it in the United States in a matter of weeks. Saying that the law violates both its First Amendment rights and those of its 170 million American users, TikTok, which is controlled by a Chinese parent company, urged the justices to maintain the status quo while they decide whether to hear an appeal. "Congress's unprecedented attempt to single out applicants and bar them from operating one of the most significant speech platforms in this nation presents grave constitutional problems that this court likely will not allow to stand," lawyers for TikTok wrote in their emergency application.

President Biden signed the law this spring after it was enacted with wide bipartisan support. Lawmakers said the app's ownership represented a risk because the Chinese government's oversight of private companies would allow it to retrieve sensitive information about Americans or to spread propaganda, though they have not publicly shared evidence that this has occurred. They have also noted that American platforms like Facebook and YouTube are banned in China, and that TikTok itself is not allowed in the country.

Waymo will begin testing its autonomous vehicles in Tokyo in early 2025, marking its first deployment outside the U.S. TechCrunch reports: The move to Japan is part of Waymo's "road trips," a development program that involves bringing its technology to a variety of cities and testing it -- with each city having different challenges. In Tokyo, the Waymo robotaxis will face left-hand driving and a dense urban environment. [...] Waymo said it will partner with taxi-hailing app GO and taxi company Nihon Kotsu as part of its Japanese "road trip." Nihon Kotsu will oversee the management and servicing of the Waymo vehicles, according to the company.

Initially, Nihon Kotsu drivers will operate the vehicles manually to map key areas of the Japanese capital, including Minato, Shinjuku, Shibuya, Chiyoda, Chuo, Shinagawa, and Koto. Waymo said it is working with Nihon Kotsu's team to train its employees how to operate Waymo's self-driving Jaguar I-Pace vehicles.

An anonymous reader quotes a report from TechCrunch: Uber has 30 days to require certain drivers to get fingerprinted if the ride-hail giant intends to continue transporting unaccompanied teens in California. The California Public Utilities Commission (CPUC) issued a ruling Thursday that requires taxi and ride-hail drivers who are carrying unaccompanied minors in the state to pass a fingerprint background check. The ruling also requires transport companies to pay for the cost of those background checks. "When an adult is being tasked to provide a service to a minor, the adult is placed in a position of trust, responsibility, and control over California's most vulnerable citizenry -- children," reads the decision. "Not conducting a fingerprint-based background check to identify adults with disqualifying arrests or criminal records would place the unaccompanied minor in a potentially dangerous, if not life-threatening situation." [...]

The CPUC's ruling also requires transport companies that intend to transport minors share information with the agency on how they implement live trip tracking for parents, what safety procedures they implement at pickup and drop-off locations, and what sort of driver training the companies implement specifically around transporting unaccompanied minors. The ruling also says that each company is responsible for paying for the checks. Uber has also argued against this stipulation, saying that forcing the company -- which has a market cap of around $150 billion as of December -- to pay for fingerprinting would result in a price hike for the Uber for Teens service.