Notices by Frederic Jacobs (fj@mastodon.social)

☀️ Chinese Solar inverter allegedly bricked in Pakistan, USA and UK.

“This inverter is not allowed use at Pakistan/USA/UK”

⚠️ Your solar installation does represent a geopolitical and ransomware risk. Choose wisely.

https://fosstodon.org/@bert_hubert/113503297556344965

Does anyone have recommendations of any open source or European solar photovoltaic controller/monitoring solution?

Heard of Fronius, curious to get feedback or other recommendations.

This starts to look coordinated:
"Following Finnish media reports that an unexplained failure of an undersea telecommunications cable has disrupted communication services between Finland and Germany, Telia’s Chief Technology Officer Andrius Šemeškevičius says that the communications cable between Lithuania and Sweden was also damaged." (via @ErikJonker)
https://www.lrt.lt/en/news-in-english/19/2416006/undersea-cable-between-lithuania-and-sweden-damaged-telia

#SubmarineCables #Russia

Giving OpenVibe a shot because their app supports both Mastodon and Bluesky
https://openvibe.social

One of the reasons I like Mastodon is because I know that it's not playing games like Threads of not showing ads until it reaches critical network effect, then locks in users and grows revenue by flooding the feed with undesirable content.

"Meta wants to avoid overloading Threads with ads, which could turn off users as they’re trying out the app.”

https://www.theinformation.com/articles/meta-to-launch-ads-on-threads-in-early-2025?rc=sfxzc3

🚩Red flags in supply chain security

- "There is a significant amount of unaccounted for mass”
- Hezbollah noticed the battery was draining faster than
expected
- Salesperson who conveyed the offer made a very inexpensive proposition for the pagers, and kept bringing the price down until he was pulled in

https://www.reuters.com/graphics/ISRAEL-PALESTINIANS/HEZBOLLAH-PAGERS/mopawkkwjpa/

China successfully compromised for months the infrastructure used to do wiretaps on the AT&T and Verizon networks.

This is a huge "told you so" moment for the cryptographic community that has been saying that such infrastructure does present a huge risk to national security. China reportedly used this capability for intelligence collection, obviously without a warrant ...

https://www.wsj.com/tech/cybersecurity/u-s-wiretap-systems-targeted-in-china-linked-hack-327fc63b?st=C5ywbp&reflink=desktopwebshare_permalink

In a world where people use stochastic parrots to decompress their thoughts, more than ever, I value blog posts, emails ... that are succinct and go straight to the point.

If you're emailing me, please send me the input prompt instead of the bloated LLM response that adds no value.

Good reminder that France is one of the rare countries in the world to have a declaration obligation when **importing** cryptography.

While one doesn’t need approval, it is critical to file an accurate declaration of the encryption system to the Cybersecurity agency ANSSI.

According to prosecutors, Telegram failed to accurately complete its declaration.

https://cyber.gouv.fr/faq-demande-dautorisation
https://hachyderm.io/@evacide/113029696954871293

US intelligence discovered earlier this year that the Russian government planned to assassinate Armin Papperger, the CEO of Rheinmetall.
https://edition.cnn.com/2024/07/11/politics/us-germany-foiled-russian-assassination-plot/index.html

The US military is once again irresponsibly weaponizing public health.

Reuters reports on an anti-vax propaganda campaign to spread fear of China’s vaccine. Health experts say this scenario is similar to when the CIA used a fake vaccination program to hunt for Bin Laden. Discovery of the ruse led to a backlash against an unrelated polio vaccination campaign, including attacks on healthcare workers, contributing to the reemergence of the deadly disease in the country.

https://www.reuters.com/investigates/special-report/usa-covid-propaganda/

🆕 on the Security Blog: Private Cloud Compute

Built with custom Apple silicon and a hardened operating system, Private Cloud Compute extends the industry-leading security and privacy of Apple devices into the cloud, making sure that personal user data sent to PCC isn’t accessible to anyone other than the user — not even to Apple.

https://security.apple.com/blog/private-cloud-compute/

Apple Intelligence is designed to protect your privacy at every step. It’s integrated into the core of your iPhone, iPad, and Mac through on-device processing. So it’s aware of your personal information without collecting your personal information. And with groundbreaking Private Cloud Compute, Apple Intelligence can draw on larger server-based models, running on Apple silicon, to handle more complex requests for you while protecting your privacy.
https://www.apple.com/apple-intelligence/

Proposal: A global tax, where you pay per kilogram of junk you burn up in the stratosphere.

Musk just spouting misinformation because he can't stand anyone defending digital commons (like Signal, Wikipedia ... ), and actually do good.

It's really laughable to make any claims like that given the despicable security of X “encrypted" DMs.

GitHub Pages are useful, but be careful to not set it up with a DNS Wildcard.
It allows anyone on GitHub to host content on your subdomains, and it's actively being used, by paid GitHub accounts, to host scams

https://www.fredericjacobs.com/blog/2024/04/11/DNS-GitHubPages/

“Last year, CO2 increased by 3.36 parts-per-million. That’s a 10% greater jump than the previous record, which was set just a few years ago.

In sheer weight, last year’s surge added a record 26 billion tonnes of CO2 to the atmosphere — more than three tonnes per human.”
https://www.nationalobserver.com/2024/03/27/analysis/co2-jumped-record-amount-last-year

#ClimateChange

Bitcoin, less efficient than ever per block.
Consuming a broader percentage of USA electricity every year.

> “we estimate electricity usage from Bitcoin mining based in the United States to range from 25 TWh to 91 TWh. That estimate represents 0.6% to 2.3% of all United States electricity demand in 2023”

https://www.eia.gov/todayinenergy/detail.php?id=61364

💬🔒⚛️ Delighted to announce iMessage PQ3, our formally-verified protocol for end-to-end encryption that provides the strongest post-quantum protections against “Harvest Now, Decrypt Later” attackers by not only performing a quantum-secure key establishment, but also performing post-quantum ongoing rekeying.

Support for PQ3 will start to roll out with the public releases of iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4
https://security.apple.com/blog/imessage-pq3/

~100 more Starlink v1 satellites will be burning up in the upper atmosphere in the next 6 months, bringing up the total number of de-orbited Starlink satellites to ~500 out of 6000 launched
https://api.starlink.com/public-files/Commitment%20to%20Space%20Sustainability.pdf

De-orbiting satellites by burning them up did work when the volume of satellites was small, but already 10% of aerosol particules in the stratosphere contain aluminum/other metals.
The problem is only going to get worse with the launch of megaconstellations https://www.pnas.org/doi/full/10.1073/pnas.2313374120