Tag Archives: Information technology

Technology

Apple Plans New Encryption System to Ward Off Hackers and Protect iCloud Data

Leave a comment

Apple Inc.

AAPL -1.38%

is planning to significantly expand its data-encryption practices, a step that is likely to create tensions with law enforcement and governments around the world as the company continues to build new privacy protections for millions of iPhone users.

The expanded end-to-end encryption system, an optional feature called Advanced Data Protection, would keep most data secure that is stored in iCloud, an Apple service used by many of its users to store photos, back up their iPhones or save specific device data such as Notes and Messages. The data would be protected in the event that Apple is hacked, and it also wouldn’t be accessible to law enforcement, even with a warrant.

While Apple has drawn attention in the past for being unable to help agencies such as the Federal Bureau of Investigation access data on its encrypted iPhones, it has been able to provide much of the data stored in iCloud backups upon a valid legal request. Last year, it responded to thousands of such requests in the U.S., according to the company. 

With these new security enhancements, Apple would no longer have the technical ability to comply with certain law-enforcement requests such as for iCloud backups—which could include iMessage chat logs and attachments and have been used in many investigations.

Apple has added additional methods to help users recover their end-to-end encrypted data.



Photo:

Apple

The company said the security enhancements, which were announced Wednesday, are designed to protect Apple customers from the most sophisticated attackers.

“As customers have put more and more of their personal information of their lives into their devices, these have become more and more the subject of attacks by advanced actors,” said

Craig Federighi,

Apple’s senior vice president of software engineering, in an interview. Some of these actors are going to great lengths to get their hands on the private information of people they have targeted, he said.

The FBI said it was “deeply concerned with the threat end-to-end and user-only-access encryption pose,” according to a statement provided by an agency spokeswoman. “This hinders our ability to protect the American people from criminal acts ranging from cyberattacks and violence against children to drug trafficking, organized crime and terrorism,” the statement said. The FBI and law enforcement agencies need “lawful access by design,” it said.

A spokesman for the Justice Department declined to comment.

Former Western law-enforcement and intelligence officials said they were surprised by Apple’s decision in part because the company had refrained in the past from rolling out such encryption settings for iCloud. The officials said Apple would sometimes point authorities to the iCloud as a possible means of collecting information that could be useful for criminal investigations.

Ciaran Martin,

former chief of the U.K.’s National Cyber Security Centre, said the announcement by Apple could pose legal complications for the company in multiple democracies that in recent years have adopted or weighed restrictions on technology that can’t be responsive to law-enforcement demands.

“Things will only be clearer when further technical details are given,” Mr. Martin said. “But on the face of it, existing legislation in Australia and looming legislation in the U.K. would seem to give those governments the power to tell Apple in those countries effectively not to do this.”

Last year, Apple proposed software for the iPhone that would identify child sexual-abuse material on the iPhone. Apple now says it has stopped development of the system, following criticism from privacy and security researchers who worried that the software could be misused by governments or hackers to gain access to sensitive information on the phone.

SHARE YOUR THOUGHTS

What do you think about Apple’s new security feature? Join the conversation below.

Mr. Federighi said Apple’s focus related to protecting children has been on areas such as communication and giving parents tools to protect children in iMessage. “Child sexual abuse can be headed off before it occurs,” he said. “That’s where we’re putting our energy going forward.”

Apple released a feature in December 2021 called “Communication Safety” in Messages, which offers tools for parents that warn their children when they have received or attempt to send photos that contain nudity. The option is part of Apple’s “Screen Time” parental-controls software.

The new encryption system, to be tested by early users starting Wednesday, will roll out as an option in the U.S. by year’s end, and then worldwide including China in 2023, Mr. Federighi said.

“This development will prompt questions at home and abroad, including whether the government of China will really accept a loss of data access,” said Sumon Dantiki, a former senior FBI and Justice Department official who worked on cyber investigations and is now a partner at the King & Spalding law firm. U.S. officials have long pointed to China’s increasingly strict demands for access to data on companies that operate within its borders as a national-security concern.

In addition to Advanced Data Protection, Apple is also modifying its Messages app to make it harder for messages to be snooped on, and it will now allow users to log in to their Apple accounts with hardware-based security keys made by other companies such as Yubico.

Privacy groups have long called on Apple to strengthen encryption on its cloud servers. But because the Advanced Protection encryption keys will be controlled by users, the system will restrict Apple’s ability to restore lost data. 

Apple has added additional methods to help users recover their end-to-end encrypted data.



Photo:

Uncredited

To set up Advanced Data Protection, users will have to enable at least one data-recovery method. This could be a recovery key—a long list of numbers and characters that users could print out and store in a secure location—or the user could assign a friend or family member as a recovery contact.  

Over the past two decades, businesses and consumers have moved much of their data off computer systems that they control and onto the cloud—data centers filled with servers that are operated by large technology companies. That trend has made these cloud systems an attractive target for cyber intruders. 

Mr. Federighi said that Apple isn’t aware of any customer data being taken from iCloud by hackers but that the Advanced Protection system will make things harder for them. “All of us in the industry who manage customer data are under constant attack by entities that are attempting to breach our systems,” he said. “We have to stay ahead of future attacks with new protections.”

As Apple has locked down its systems, governments worldwide have become increasingly interested in the data stored on phones and cloud computers. That interest has led to friction between Apple and law-enforcement agencies, along with a growing market for iPhone hacking tools. In 2020, Attorney General

William Barr

pressured Apple for a way to crack the iPhone’s encryption to help with a terror investigation into a shooting that killed three people at a Florida Navy base.  

Advanced Protection will reduce the amount of iCloud information that Apple can provide to law-enforcement agencies, who frequently request iPhone data from Apple as part of their investigations. Apple received requests for information on 7,122 Apple accounts from U.S. authorities in the first six months of 2021, the last period for which the company has provided information.

Apple had already offered end-to-end encryption for some of its services, but the protection will now extend to 23 services, including iPhone backups and Photos. However, three services—Mail, Contacts and Calendar—won’t qualify for Advanced Protection because they use older technology protocols, Mr. Federighi said.

Mr. Federighi said Apple believes it shares the same mission as law enforcement and governments: keeping people safe. If sensitive information were to get in the hands of an attacker, a foreign adversary or some other bad actor, it could be disastrous, he said. 

“We’re giving users the option to keep that key only on their devices, which means that even if an attacker were to successfully breach the cloud and access all that data, it would be nonsense to them,” Mr. Federighi said. “They’d lack the key to decrypt it.”

Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

Read original article here

Business

Elon Musk Unveils Prototype of Tesla’s Humanoid Robot Optimus, Says It Will Cost Less Than a Car

Leave a comment

Mr. Musk first laid out the vision for the robot, called Optimus, a little more than a year ago at Tesla’s first-ever AI day. At the time, a dancer in a costume appeared onstage. This time, Mr. Musk presented a prototype at the gathering that unfolded late Friday in Palo Alto, Calif.

The early prototype, which still had wires showing, took a few steps, waved to the crowd, and performed some basic dance moves.

Tesla’s robot is expected to cost less than a car, with a price point below $20,000, Elon Musk said.



Photo:

Tesla

Mr. Musk quipped the robot could do a lot more, but limited its activity for fear it could fall on its face. The robot’s appearance on stage marked the first time it operated without a tether, Mr. Musk said.

“Our goal is to make a useful humanoid robot as quickly as possible,” he said, with the aspiration of being able to make them at high volume and low cost. “It is expected to cost much less than a car,” he said, with a price point below $20,000. Customers should be able to receive the robot, once ordered, in three to five years, Mr. Musk said. It isn’t yet for sale.

He later showed off a nonfunctioning, sleeker model that he said was closer to the production version.

“There’s still a lot of work to be done to refine Optimus,” he said, saying that the concept could evolve over time. “It won’t be boring.”

The battery-powered robot should be able to handle difficult chores, Tesla said, including lifting a half-ton, 9-foot concert grand piano. Mr. Musk added it would have conversational capabilities and feature safeguards to prevent wrongdoing by the machine.

Elon Musk last year unveiled the idea of the robot Optimus with a dancer in a costume.



Photo:

TESLA/via REUTERS

“I’m a big believer in AI safety,” said Mr. Musk, who has previously expressed concerns about how such technology could be used. He said he thinks there should be a regulatory authority at the government level.

The Tesla boss painted a vision of Optimus as helping Tesla make cars more efficiently, starting with simple tasks and then expanded uses. He has also suggested the robot could serve broader functions and potentially alleviate labor shortages.

“It will, I think, turn the whole notion of what’s an economy on its head, at the point at which you have no shortage of labor,” Mr. Musk said Aug. 4 at Tesla’s annual shareholder meeting. On Friday, he added: “It really is a fundamental transformation of civilization as we know it.”

Elon Musk unveiled a prototype of Tesla’s humanoid robot Optimus, part of an effort to shape perception of the company as more than just a car maker. The Tesla CEO said the robot is expected to cost less than a car. Photo: Tesla

When he first unveiled the Optimus concept, Mr. Musk said such a robot could have such an impact on the labor market it could make it necessary to provide a universal basic income, or a stipend to people without strings attached.

Tesla has also encountered problems with automation. Early efforts to rely heavily on automated tools to scale up vehicle production suffered setbacks, and the company had to rely more heavily than planned on factory workers. Mr. Musk later tweeted: “Yes, excessive automation at Tesla was a mistake. To be precise, my mistake. Humans are underrated.”

One of the big questions around Tesla’s humanoid robot is its central purpose, said

Chris Atkeson,

a Carnegie Mellon University robotics professor. If Tesla’s main goal is to improve manufacturing, a quadruped likely would have been easier to build than a humanoid robot, in part because additional legs make it easier to balance, he said.

SHARE YOUR THOUGHTS

What do you think of the Tesla robot? Join the conversation below.

Mr. Musk, who has been instrumental in popularizing electric vehicles and pioneered landing rocket boosters with his company SpaceX, also has a record of making bold predictions that don’t immediately pan out. Three years ago at an event about automation, he projected that more than a million Tesla vehicles would be able to operate without a driver by the middle of 2020, positioning the company to launch a robot taxi service. That hasn’t happened.

Mr. Musk for some time has said Tesla aimed to be more than just a car company and reiterated that message on Friday. He called the company “a series of startups.”

Mr. Musk billed the latest event, like last year’s, as one aimed at recruiting engineers in fields such as artificial intelligence, robotics and chips.

Tesla has long bet on automation to keep the company ahead of competitors. The company’s cars are outfitted with an advanced driver-assistance system, known as Autopilot, that helps drivers with tasks such as maintaining a safe distance from other vehicles on the road and staying centered in a lane.

Tesla engineers detailed some of the AI work the company is doing, including to underpin its driver-assistance technology. Mr. Musk said the company’s development of a powerful, AI-focused computer could allow Tesla to offer the number-crunching capability as a service to others, not unlike cloud-computing offerings provided by the likes of

Amazon.com Inc.

The company is developing and selling an enhanced version of Autopilot that brings more automated driving into cities. Tesla calls the system Full Self-Driving, or FSD, although it doesn’t actually make vehicles autonomous and the company tells drivers to keep their hands on the wheel while operating the car.

Tesla said Friday that it now has 160,000 customers with the software. Mr. Musk said rollout of the technology beyond the U.S. and Canada depends on gaining regulatory approval, though it should be feasible from a technology perspective by year-end.

Tesla has steadily raised the price of FSD, which now retails for $15,000. AI has been at the heart of Tesla’s efforts to develop more advanced driver-assistance features and, eventually, fully autonomous vehicles.

Tesla said the software that is used to take on more driving functions also underpins operations of the humanoid robot.

Tesla’s pursuit of automation has increasingly come under scrutiny. The National Highway Traffic Safety Administration, which regulates auto safety, opened a probe into Autopilot last year after a series of crashes involving Teslas that struck first-responder vehicles stopped for roadway emergencies.

Two U.S. senators have also asked the Federal Trade Commission to investigate whether Tesla has been deceptive in its marketing of Autopilot and FSD.

The electric-car maker has long said that driving with Autopilot engaged is safer than doing so without it. Tesla points to internal data showing that crashes were less common when drivers were using Autopilot, though some researchers have criticized the company’s methodology.

Write to Meghan Bobrowsky at Meghan.Bobrowsky@wsj.com and Rebecca Elliott at rebecca.elliott@wsj.com

Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

Read original article here

World

Polish leader admits country bought powerful Israeli spyware

Leave a comment

WARSAW, Poland — Poland’s most powerful politician has acknowledged that the country bought advanced spyware from the Israeli surveillance software maker NSO Group, but denied that it was being used to target his political opponents.

Jaroslaw Kaczynski, the leader of Poland’s ruling conservative party, Law and Justice, said in an interview that the secret services in many countries are using the Pegasus software to combat crime and corruption.

Kaczynski said the use of such spyware arose in response to the growing use of encryption to mask data in transit, which defeated earlier monitoring technologies. By hacking phones, it lets authorities monitor communications, as well as real-time conversations where they are not encrypted.

“It would be bad if the Polish services did not have this type of tool,” Kaczynski said in an interview to be published in the Monday edition of weekly magazine Sieci. The wPolityce.pl news portal published excerpts on Friday.

The interview follows exclusive reports by The Associated Press that Citizen Lab, a cyber watchdog group at the University of Toronto, found that three Polish government critics were hacked with NSO’s Pegasus.

On Thursday, Amnesty International independently verified Citizen Lab’s finding that Sen. Krzysztof Brejza was hacked multiple times in 2019 when he was running the opposition’s parliamentary election campaign.

Text messages stolen from Brejza’s phone were doctored and aired by state-controlled TV in Poland as part of a smear campaign in the heat of the race, which the populist ruling party went on to narrowly win.

Brejza now maintains that the election was unfair since the ruling party would have had access to his campaign’s tactical thinking and plans.

The hacking revelations have rocked Poland, drawing comparisons to the 1970s Watergate scandal in the United States and eliciting calls for an investigative commission in parliament.

Kaczynski said he saw no reason to set up such a commission, and he denied that the surveillance played any role in the outcome of the 2019 election.

“There is nothing here, no fact, except the hysteria of the opposition. There is no Pegasus case, no surveillance,” Kaczynski said. “No Pegasus, no services, no secretly obtained information played any role in the 2019 election campaign. They lost because they lost. They shouldn’t look for such excuses today.”

The other two Polish targets confirmed by Citizen Lab were Roman Giertych, a lawyer who represents opposition politicians in a number of politically sensitive cases, and Ewa Wrzosek, an independent-minded prosecutor.

When asked by the AP in December if Poland had purchased Pegasus, state security spokesman Stanislaw Zaryn would neither confirm nor deny it. However, many Kaczynski allies publicly cast doubt on suggestions of government Pegasus use.

Polish Prime Minister Mateusz Morawiecki called the Citizen Lab-AP findings “fake news” and suggested a foreign intelligence service could have done the spying — an idea dismissed by critics who said no other government would have any interest in the three Polish targets.

Deputy Defense Minister Wojciech Skurkiewicz in late December said “the Pegasus system is not in the possession of the Polish services. It is not used to track or surveil anyone in our country.”

Polish media reports say Poland purchased Pegasus in 2017, using money from the so-called Justice Fund, which is meant to help the victims of crimes and to rehabilitate criminals.

According to investigations by broadcaster TVN and daily newspaper Gazeta Wyborcza, the software is used by the Central Anti-Corruption Bureau, a special service created to combat corruption in public life that is under the political control of the ruling party.

“The public money was spent on an important public purpose, related to the fight against crime and the protection of citizens,” Kaczynski said.

Dozens of high-profile cases of Pegasus abuse have been uncovered since 2015, many by a global media consortium last year, showing the NSO Group malware was employed to eavesdrop on journalists, politicians, diplomats, lawyers and human rights activists from the Middle East to Mexico.

The Polish hacks are considered particularly egregious because they occurred not in a repressive autocracy but in a European Union member state.

Amnesty International’s Poland director, Anna Błaszczak, alleged in a statement Friday that spying on the opposition would be consistent with the Polish government’s behavior under Law and Justice. The EU has increasingly criticized Poland for judicial interference and other actions regarded as anti-democratic.

“These findings are shocking but not surprising. They raise serious concerns not only for politicians, but for the whole Poland’s civil society in general, particularly given the context of the government’s record of persistently subverting human rights and the rule of law,” Blaszczak said.

Read original article here

Business

Cathie Wood says stocks have corrected into ‘deep value territory’ and won’t let benchmarks ‘hold our strategies hostage’

Leave a comment

ARK Invest founder Cathie Wood offered the latest defense of the once-highflying, disruptive innovation strategies that had made her suite of exchange-traded funds among the most popular, and best-performing, on Wall Street in 2020.

In a Friday evening blog post, Wood said that despite a brutal stretch that has compelled the operators of the ARK Invest ETFs, including the flagship Ark Innovation
ARKK,
+5.80%
fund, to do some soul-searching, the fund manager is sticking to her game plan.

‘With a five-year investment time horizon, our forecasts for these platforms suggest that our strategies today could deliver a 30-40% compound annual rate of return during the next five years.’


— Cathie Wood, ARK Invest founder and CEO, in a Friday blog post

“We won’t let benchmarks and tracking errors hold our strategies hostage to the existing world order,” Wood wrote. She described the success of the ARK ETFs as one not solely bolstered by fervor for “stay at home” investment opportunities, amid the COVID pandemic, but rooted in identifying paradigm-shifting innovation, from blockchain and bitcoin
BTCUSD,
-1.06%
to electric vehicles.

“Critical to investment success will be moving to the right side of change, avoiding industries and companies caught in the crosshairs of ‘creative destruction’ and embracing those on the leading edge of ‘disruptive innovation,’” Wood wrote.

On Friday, ARK Innovation ended the session up nearly 6% and produced its second straight sharp weekly gain, up 1.1%, following a 1.8% advance in the prior week. The advance for ARK Innovation still leaves the actively managed fund down nearly 22% in the year to date, as the broader S&P 500
SPX,
-1.03%,
the Dow Jones Industrial Average
DJIA,
-1.48%
and the technology Nasdaq Composite Index
COMP,
-0.07%
have faced whipsawing volatility derived primarily from concerns about more transmissible strains of COVID, surging inflation and global monetary policy’s reaction to those pricing pressures. Year-to-date the S&P 500 index is up 864.57 points or 23.02%.

ARK’s seven ETFs returned an average of 141% in 2020, on the back of gains from companies such as Tesla Inc.
TSLA,
+0.61%,
 and Teladoc Health Inc.
TDOC,
+11.83%,
 making Wood the toast of Wall Street. But those funds, focused primarily on companies that aren’t yet profitable, have been limping lower since hitting a peak back in February, and their woeful performance has raised questions about the prospects for the ETFs in the months and years to come.

Wood urged investors to maintain their support of the ARK complex and said that maintaining a long-term, five-year time horizon would be the best way to judge the fund manager’s true performance.

“With a five-year investment time horizon, our forecasts for these platforms suggest that our strategies today could deliver a 30-40% compound annual rate of return during the next five years,” the ARK CEO wrote.

“In other words, if our research is correct—and I believe that our research on innovation is the best in the financial world—then our strategies will triple to quintuple in value over the next five years,” Wood added.

The ARK founder also made the case that the Nasdaq and S&P 500 could be the bigger disappointment to return-eager investors in the longer-term because they are more overvalued than the disruptive investments that comprise her funds.

“Unlike many innovation-related stocks, equity benchmarks are selling at record high prices and near record high valuations, 26x for the S&P 500 and 127x for the Nasdaq on a trailing twelve-month basis,” Wood wrote.

She said that the “five major innovation platforms which involve 14 technologies are likely to transform the existing world order and that so-called tried and true investment strategies “will disappoint during the next five to ten years as DNA sequencing, robotics, energy storage, artificial intelligence, and blockchain technology scale and converge.”

Wood also made the case that the so-called wall of worry, with inflation fears representing perhaps the biggest concern, provided an ideal backdrop for further advances in innovation stocks in the longer run because the dot-com markets of the late-1990s weren’t properly buffeted by investor concerns. The thinking is that “walls of worry” tend to limit market euphoria.

“In our view, the wall of worry built on the back of high multiple stocks bodes well for equities in the innovation space,” she wrote. “No wall of worry existed or tested the equity market in 1999. This time around, the wall of worry has scaled to enormous heights,” Wood said.

On the macroeconomic front, Wood said that deflation, rather than inflation, could be a bigger problem for markets in the coming months.

“That said, my conviction is growing that the bigger surprise to the markets will be price deflation – both cyclical and secular – and that, after collapsing this year, higher multiple stocks could turn around dramatically during the next year,” she wrote.

Read original article here

Business

Hewlett Packard Enterprise Stock Tumbles. Why Goldman Sachs Says Sell.

Leave a comment

Text size


Dreamstime

Shares of


Hewlett Packard Enterprise

dropped Friday after receiving a downgrade to Sell from a Goldman Sachs analyst, who cited weakening spending environment for U.S. information technology.

Analyst Rod Hall downgraded the IT hardware and software company’s stock to Sell from Neutral and cut his price target to $14 from $16.

Shares of Hewlett Packard Enterprise (ticker:


HPE

) declined 7.4% to $14.76 on Friday.

Hall’s predictive model suggested that the IT spending environment will weaken by late 2021 or early 2022, spurring the downgrade. Goldman’s spending predictive index for October was +1.1, well below record highs of +4 and +5 from April to June this year, he said.

The analyst also was wary of declining prices for DRAM memory storage, which were down 4% in October. Lower DRAM prices could result in lower prices for servers that could harm volume demand, Hall said.

For Hall, HP Enterprise was “expensive” compared with competitors. The stock was trading at 11 times the next 12 months’ cash flow, compared with


Dell

(


DELL

) trading at 7 times the company’s cash flow with the potential to regain market share in the near future.

“Overall, we see both Dell and


Cisco

(


CSCO

) as better options for investors within our enterprise IT hardware coverage,” Hall wrote.

There could still be an upside for HP Enterprise. Hall noted that the company’s “substantial” backlog could “offset some of these headwinds in the near term.”

In late October, HP Enterprise gave upbeat guidance for fiscal 2022 and the next three-year period, telling analysts the company was expecting 2022 fiscal revenue growth of 3% to 4% in constant currency.

The stock has generally outperformed the market this week, including outperforming some of its competitors. The stock has gained nearly 40% this year.

Write to Sabrina Escobar at sabrina.escobar@barrons.com

Read original article here

Business

How Washington and Big Tech won the global tax fight – POLITICO

Leave a comment

Press play to listen to this article

Washington may have fallen out of love with Big Tech. But when it comes to revamping the world’s tax system, the United States backed Silicon Valley against the world.

The U.S. government fended off a largely European push to force the likes of Google, Facebook and Amazon to pay more into national coffers worldwide. Instead of targeting digital — and almost exclusively American — companies, Washington succeeded in convincing countries to agree on a tax regime that requires the world’s largest companies, digital or not, to pay more tax in countries wherever they have local operations.

Those negotiations, overseen by the Organisation for Economic Cooperation and Development (OECD), come to a close Thursday. While talks are ongoing, the U.S. and Silicon Valley are on track to avoid the worst-case scenarios that had initially appeared likely, including national taxes in countries like France and the U.K. that would have solely targeted American tech companies.

The new system, expected to be approved by the Group of 20’s finance ministers on July 9, will also set a global minimum tax rate of roughly 15 percent to stop multinational firms from shopping around for international jurisdictions where they can pay the least amount of tax.

In Washington, the upcoming global tax announcement is already being framed as a win for the U.S. economy. It follows a long-standing strategy, one that has bipartisan support, to oppose other countries’ efforts to pocket more tax revenue from Silicon Valley’s biggest names — revenue that would otherwise go to U.S. coffers.

“Making sure we actually get rid of these discriminatory taxes has an enormous impact on our country, and I have made it clear the Biden administration actually has to get it done,” U.S. Senator Ron Wyden (D-Ore.), who chairs the Senate’s Finance Committee, told POLITICO. 

Big Tech disrupts tax

Under the prospective tax agreement, the largest U.S. tech companies will still have to pay more tax overseas in a complex formula where profits, above a certain threshold, will be divided among countries.

But by expanding the global tax overhaul to encompass the entire economy – and not just the digital world — U.S. policymakers and Silicon Valley sidestepped a charge, led by the European Union, to slap new levies exclusively on the tech giants. Under the new agreement, German carmaker Volkswagen or British bank HSBC will be just as liable to pay up as Google or Facebook.

Many EU leaders believed U.S. tech giants disproportionately benefited during the COVID-19 crisis, as much of everyday life moved online. U.S. tech companies argue it’s unfair to single out the sector as the entire economy becomes more digitized every year. 

“We should do what we can to avoid any arbitrary distinctions,” said Megan Funkhouser, director of tax and trade policy at the Information Technology Industry Council, a trade group that counts Amazon, Google, Microsoft, Twitter and other tech companies as members. 

The culmination of the years-long negotiations in the coming days highlights how the tech sector, which has already upended large parts of the global economy, became a catalyst in disrupting the international tax system, according to tax officials, trade groups and independent analysts. 

“We’re at a point where it’s bigger than tech,” said Sam Rizzo, director of policy at ITI, the trade group, said in reference to the global tax talks. “It’s about what is a sustainable tax policy from a U.S. foreign policy perspective.”

Thanks to the U.S., initial efforts to capture profits from online advertising and other digital services — often parked in low-tax regimes like Ireland and Luxembourg — have now morphed into a comprehensive global tax overhaul whose effects will be felt in almost every industry and capitals worldwide.

“What the U.S. did was to jumpstart the talks,” said William Reinch, a senior adviser to the Center for Strategic and International Studies, a Washington-based think tank, and former Clinton-era official. “These talks will go down to the wire. But if successful, they represent a watershed moment.”

A united front

Silicon Valley is still fighting U.S. policymakers on multiple fronts, including the big tech companies’ role in enabling the spread of election-related misinformation and alleged abuse of market dominance.

But policymakers put those fights aside when it came to tax policy. In recent months, they have been keen to keep their doors open to tech giants, which provided regular updates on how digital services taxes worldwide were affecting them and offered suggestions on how the U.S. can intervene to protect them. 

The detente is because on taxes, U.S. foreign policy and Big Tech’s interests are aligned. 

Washington is eager to hold on to the lion’s share of tax from these extremely profitable companies, which means ensuring other countries don’t dole out their own digital levies. 

“It’s not that they are tech companies, it’s that they are American companies,” said one Democratic aide, who spoke on the condition of anonymity. “It happens to be that there’s a single industry that is very large and successful and important and profitable that is almost exclusively American. It’s hard to think of another industry where the U.S. has such a strong position.”

On tax issues, tech companies and U.S. officials share memos, jump on Zoom calls and debrief each other regularly, according to seven officials, congressional aides, trade body representatives and corporate executives. Many spoke on the condition of anonymity because they were not authorized to speak publicly about the interactions. 

The global digital tax conversations are separate from ongoing discussions about contentious policy topics like content moderation, privacy and antitrust. There’s little, if any, “cross-pollination” among those issues, those people said, adding company executives who handle tax policy often don’t handle other tech issues. 

It helps that in government, tax policy falls under the U.S. Congress’ finance-focused committees, not panels that oversee privacy and Big Tech’s content legal liability protections.

American officials view other countries’ unilateral digital taxes as discriminatory, and have threatened billions of dollars in retaliatory tariffs if the likes of France and Spain don’t back down. Tech executives have been eager to promote that message, warning international policymakers they risk starting a potential transatlantic trade war if they pursue their own domestic taxes.

Sharing intel

The U.S. Treasury has kept the industry up to speed in its ongoing talks, while tech officials have shared details from their conversations with international policymakers, according to those aides, officials and executives who spoke on the condition of anonymity. 

In late 2020, for instance, tech companies alerted Capitol Hill staffers when France started collecting its digital services taxes after promising to postpone the levy while international talks continued. 

“We wouldn’t have known that until the companies said, ‘Hey just so you know, we got a bill from the French government,’” said another Democratic aide, who spoke on the condition of anonymity.

OECD experts and politicians from business-friendly countries like Ireland — home to many of these companies’ international operations — have routinely met with tax experts from Microsoft, Facebook and others over the last two years to discuss the ongoing international negotiations, according to freedom of information requests to the Irish government submitted by POLITICO.

“One of my teams has been actively providing technical inputs to the OECD Secretariat for a good two years now to help them kind of work out how to do this,” Nick Clegg, head of Facebook’s global public policy and communications team, said in reference to the ongoing talks. “You can imagine what our interest is, and obviously I’ve also got a self interest, in having clear non-discriminatory rules, which are evenly applied and easy for us to follow.” 

Washington has been public in its support for the tech sector.

When the Office of the United States Trade Representative (USTR) first began investigating France’s digital services taxes in 2019, eight of the 10 witnesses at its public hearings represented at least one of the top tech companies. Jennifer McCloskey, who participated as ITI’s vice president of policy, subsequently became a senior tax manager for Google in 2020, where she continues to work on the issue. 

Hearings held by President Joe Biden’s USTR on numerous countries’ digital services taxes earlier this year mostly featured representatives of the tech companies, particularly through ACT, a lobby group, which counts Apple as a member.

Despite their political differences, Biden and former President Donald Trump have pursued almost identical digital tax policies, although the new administration dropped proposals from Biden’s predecessor that would have made the pending global tax overhaul merely voluntary for companies worldwide.

Tax all companies

A turning point in the yearslong tax talks came in early April.

The U.S. unveiled a plan to reinvigorate the stuttering negotiations, which had descended into tit-for-tat threats from European capitals over imposing unilateral digital taxes, and from Washington about slapping foreign companies with retaliatory tariffs.

By focusing on the biggest firms — those with revenues of at least $20 billion and profit margins of more than 10 percent — the Biden administration hoped to streamline the global tax overhaul into a more manageable system that could be quickly approved, according to three officials involved in the discussions, who spoke on the condition of anonymity because they were not authorized to speak publicly.

Both sides gave ground.

After France balked that Amazon, whose profit margins are below the 10 percent threshold, may not be included in the new regime, negotiators tweaked the deal so that a company’s profitable business units would be included even if its overall profit margin didn’t make the cut. That allowed the company’s cloud business, Amazon Web Services, to be part of the prospective deal even as the e-commerce giant’s overall profit margin hovered under 7 percent. 

The United Kingdom fought hard to keep its domestic financial services sector, which competes with that of New York, out of the pact. But U.S. officials rejected such a carve-out, arguing that if the U.S. tech companies were included, so too should other countries’ high-profile industries.

Negotiators are still finalizing the tax deal, expected to be announced Thursday, and details may still change, according to the officials close to the ongoing talks. 

Yet as the hours count down to a likely agreement, it is Washington and Silicon Valley, not other national capitals, that have the most to rejoice.

Some U.S. tech giants will be part of the overall tax revamp. But other countries’ industrial champions will also have to pay more — a recognition that to persuade the U.S. to sign on to the global deal, mostly-European policymakers had to give up their ambition to target Big Tech with new digital levies.

“If anybody has integrity. I think they’re going to say all companies are in for whatever criteria we finally adopt and let the chips fall where they may,” said Peter Barnes, a lawyer at the tax firm Caplin and Drysdale who was previously a senior international tax counsel for General Electric. “That’s the only way a deal is going to last.”

Want more analysis from POLITICO? POLITICO Pro is our premium intelligence service for professionals. From financial services to trade, technology, cybersecurity and more, Pro delivers real time intelligence, deep insight and breaking scoops you need to keep one step ahead. Email [email protected] to request a complimentary trial.

for(var key in aepc_pixel_args) args[key] = aepc_pixel_args[key];

return args; };

// Extend args if ( 'yes' === aepc_pixel.enable_advanced_events ) { aepc_pixel_args.userAgent = navigator.userAgent; aepc_pixel_args.language = navigator.language;

if ( document.referrer.indexOf( document.domain ) < 0 ) { aepc_pixel_args.referrer = document.referrer; } } !function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod? n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n; n.push=n;n.loaded=!0;n.version='2.0';n.agent="dvpixelcaffeinewordpress";n.queue=[];t=b.createElement(e);t.async=!0; t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window, document,'script','https://connect.facebook.net/en_US/fbevents.js'); fbq('init', aepc_pixel.pixel_id, aepc_pixel.user); setTimeout( function() { fbq('track', "PageView", aepc_pixel_args); }, aepc_pixel.fire_delay * 1000 );

Read original article here

Business

Chinese Hackers Have Been Exploiting A Microsoft Email Product to Steal Data

Leave a comment

Photo: Drew Angerer (Getty Images)

In the latest in a string of security-related headaches for Microsoft, the company warned customers Tuesday that state sponsored hackers from China have been exploiting flaws in one of its widely used email products, Exchange, in order to target American companies for data theft.

In several recently published blog posts, the company listed four newly discovered zero-day vulnerabilities associated with the attacks, as well as patches and a list of compromise indicators. Users of Exchange have been urged to update to avoid getting hacked.

Microsoft researchers have dubbed the main hacker group behind the attacks “HAFNIUM,” describing it as a “highly skilled and sophisticated actor” focused on conducting espionage via data theft. In past campaigns, HAFNIUM has been known to target a wide variety of entities throughout the U.S., including “infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks and NGOs,” they said.

In the case of Exchange, these attacks have meant data exfiltration from email accounts. Exchange works with mail clients like Microsoft Office, synchronizing updates to devices and computers, and is widely used by companies, universities, and other large organizations.

G/O Media may get a commission

Attacks on the product have unfolded like this: hackers will leverage zero days to gain entry to an Exchange server (they also sometimes used compromised credentials). They then typically will deploy a web shell (a malicious script), hijacking the server remotely. Hackers can then steal data from an associated network, including whole tranches of emails. The attacks were conducted from U.S.-based private servers, according to Microsoft.

Microsoft Corporate Vice President of Customer Security Tom Burt said Tuesday that customers should work quickly to update associated security flaws:

Even though we’ve worked quickly to deploy an update for the Hafnium exploits, we know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems. Promptly applying today’s patches is the best protection against this attack.

The situation was originally brought to Microsoft’s attention by researchers at two different security firms, Volexity and Dubex. According to KrebsOnSecurity, Volexity initially found evidence of the intrusion campaigns on Jan. 6. In a blog post Tuesday, Volexity researchers helped break down what the malicious activity looked like in one particular case:

Through its analysis of system memory, Volexity determined the attacker was exploiting a zero-day server-side request forgery (SSRF) vulnerability in Microsoft Exchange (CVE-2021-26855). The attacker was using the vulnerability to steal the full contents of several user mailboxes. This vulnerability is remotely exploitable and does not require authentication of any kind, nor does it require any special knowledge or access to a target environment. The attacker only needs to know the server running Exchange and what account from which they want to extract e-mail.

These recent hacking campaigns—which Microsoft has said are “limited and targeted” in nature—are unassociated with the ongoing “SolarWinds” attacks that the tech giant is also currently embroiled in. The company hasn’t said how many organizations were targeted or successfully compromised by the campaign, though other threat actors besides HAFNIUM may also be involved. Microsoft says it has briefed federal authorities on the incidents.

Read original article here