Sometime in 2014, a group of analysts walked into the office of Eugene Kaspersky, the ebullient founder of Russian cybersecurity firm Kaspersky Lab, to deliver some sobering news. The analysts were in possession of a cache of files belonging to the Equation Group, an extraordinarily powerful band of hackers that would later be exposed as an arm of the U.S. National Security Agency. But the analysts were worried; the files were classified.

“They immediately came to my office,” Kaspersky recalled, “and they told me that they have a problem.”

According to him, there was no hesitation about what to do with the cache.

“It must be deleted,” Kaspersky says he told them.

The incident, recounted by Kaspersky during a brief telephone interview on Monday and supplemented by a preliminary timeline provided by company officials, could not be immediately corroborated. But it’s the first public acknowledgement of a story that has been building for the past three weeks — that Kaspersky’s popular anti-virus program uploaded powerful digital espionage tools belonging to the NSA and sent them to servers in Moscow.

The account provides new perspective on the U.S. government’s recent move to blacklist Kaspersky from federal computer networks, even if it still leaves important questions unanswered.

To hear Kaspersky tell it, the incident was an accident borne of carelessness.

Kaspersky was already on the trail of the Equation Group when one of its customers in the United States — Kaspersky referred to them as a “malware developer” — ran at least two anti-virus scans on their home computer after it was infected by a pirated copy of Microsoft Office 2013, according to Kaspersky’s timeline. That triggered an alert for Equation Group files hidden in a compressed archive which was spirited to Moscow for analysis.

Kaspersky’s story at least partially matches accounts published in The New York Times, The Washington Post and The Wall Street Journal. All three publications recently reported that someone at the NSA’s elite hacking unit lost control of some of the agency’s powerful surveillance tools after they brought their work home with them, leaving what should have been closely guarded code on a personal computer running Kaspersky’s anti-virus software.

But information security experts reading the bits of information dropped by anonymous government officials are still puzzling at whether Kaspersky is suspected of deliberately hunting for confidential data or was merely doing its job by sniffing out suspicious files.

Much of the ambiguity is down to the nature of modern anti-virus software, which routinely submits rogue files back to company servers for analysis. The software can easily be quietly tweaked to scoop up other files too: perhaps classified documents belonging to a foreign rival’s government, for example.

Concerns have been fanned by increasingly explicit warnings from U.S. government officials after tensions with Russia escalated in the wake of the 2016 presidential election.

Kaspersky denied any inappropriate link to the Russian government, and said in his interview that any classified documents inadvertently swept up by his software would be destroyed on discovery.

“If we see confidential or classified information, it will be immediately deleted and that was exactly [what happened in] this case,” he said, adding that the order had since been written into company policy.

An AP request for a copy of that policy wasn’t immediately granted.

Kaspersky’s account still has some gaps. How did the analysts know, for example, that the data was classified? And why not alert American authorities to what happened? Several reports alleged that the U.S. learned that Kaspersky had acquired the NSA’s tools via an Israeli spying operation.

Kaspersky declined to say whether he had ever alerted U.S. authorities to the incident.

“Do you really think that I want to see in the news that I tried to contact the NSA to report this case?” he said at one point. “Definitely I don’t want to see that in the news.”

So did he alert the NSA to the incident or not?

“I’m afraid I can’t answer the question,” he said.

Even if some questions linger, Kaspersky’s explanation sounds plausible, said Jake Williams, a former NSA analyst and the founder of Augusta, Georgia-based Rendition InfoSec. He noted that Kaspersky was pitching itself at the time to government clients in the United States and may not have wanted the risk of having classified documents on its network.

“It makes sense that they pulled those up and looked at the classification marking and then deleted them,” said Williams. “I can see where it’s so toxic you may not want it on your systems.”

As for the insinuation that someone at the NSA not only walked highly classified software out of the building but put it on a computer running a bootleg version of Office, Williams called it “absolutely wild.”

“It’s hard to imagine a worse PR nightmare for the NSA,” he said.
…

After a deadly earthquake in 1985, authorities in Mexico City decided they must start constructing houses that can withstand strong shakes. Government buildings, hospitals and schools are now built according to stricter rules, while architects are pushing for their application to other structures too, especially high rise apartment buildings. VOA’s George Putic reports.
…

Facebook Inc said on Monday it was testing the idea of dividing its News F eed in two, separating commercial posts from personal news in a move that could lead some businesses to increase advertising.

The Facebook News Feed, the centerpiece of the world’s largest social network service, is a streaming series of posts such as photos from friends, updates from family members, advertisements and material from celebrities or other pages that a user has liked.

The test, which is occurring in six smaller countries, now  offers two user feeds, according to a statement from the company: one feed focused on friends and family and a second dedicated to the pages that the customer has liked.

The change could force those who run pages, everyone from news outlets to musicians to sports teams, to pay to run advertisements if they want to be seen in the feed that is for friends and family.

The test is taking place in Bolivia, Cambodia, Guatemala, Serbia, Slovakia and Sri Lanka, and it will likely go on for months, Adam Mosseri, the Facebook executive in charge of the News Feed, said in a blog post.

Mosseri said the company has no plans for a global test of the two separate feeds for its 2 billion users.

Facebook also does not currently plan to force commercial pages “to pay for all their distribution,” he said.

Facebook, based in Menlo Park, California, frequently tests changes big and small as it tries to maximize the time people spend scrolling and browsing the network. Sometimes it makes changes permanent, and other times not.

Depending on how people respond, two news feeds could mean that they see fewer links to news stories. News has proved to be a tricky area for Facebook, as hoaxes and false news stories have sometimes spread easily on the network.

The test has already affected website traffic for smaller media outlets in recent days, Slovakian journalist Filip Struharik wrote over the weekend in a post on Medium.

Publishers might need to buy more Facebook ads to be seen, he wrote: “If you want your Facebook page posts to be seen in old newsfeed, you have to pay.”

 
…

Amazon said Monday that it received 238 proposals from cities and regions in the United States, Canada and Mexico hoping to be the home of the company’s second headquarters.

The online retailer kicked off its hunt for a second home base in September, promising to bring 50,000 new jobs and spend more than $5 billion on construction. Proposals were due last week, and Amazon made clear that tax breaks and grants would be a big deciding factor on where it chooses to land.

Amazon.com Inc. said the proposals came from 43 U.S. states as well as Washington, D.C., and Puerto Rico, three Mexican states and six Canadian provinces. In a tweet, the company said it was “excited to review each of them.”

Besides looking for financial incentives, Amazon had stipulated that it was seeking to be near a metropolitan area with more than a million people; be able to attract top technical talent; be within 45 minutes of an international airport; have direct access to mass transit; and be able to expand that headquarters to as much as 8 million square feet in the next decade.

Generous tax breaks and other incentives can erode a city’s tax base. For the winner, it could be worth it, since an Amazon headquarters could draw other tech businesses and their well-educated, highly paid employees.

The seven U.S. states that Amazon said did not apply were: Arkansas, Hawaii, Montana, North Dakota, South Dakota, Vermont and Wyoming.

Ahead of the deadline, some cities turned to stunts to try and stand out: Representatives from Tucson, Arizona, sent a 21-foot tall cactus to Amazon’s Seattle headquarters; New York lit the Empire State Building orange to match Amazon’s smile logo.

The company plans to remain in its sprawling Seattle headquarters, and the second one will be “a full equal” to it, founder and CEO Jeff Bezos said in September. Amazon has said that it will announce a decision sometime next year.
…

Electric cars are steadily gaining ground in the global auto market, but it’s a slow process. Along with their high price, one of the main reasons for the consumers’ reluctance is the scarcity of infrastructure needed for charging the cars’ batteries. VOA’s George Putic looks at efforts to remove one of the obstacles on the road towards the electric future.
…

The bumper sticker on the back of Scott Wilson’s car reads, “This is what the end of gasoline looks like.”

And what does that car look like? A sleek, sci-fi experimental vehicle? A $100,000 Tesla luxury car? 

Nope. It’s just a Kia Soul EV, the battery-powered version of the Korean automaker’s boxy hatchback.

Once the domain of concept cars and hobbyists, electric vehicles are no longer so exotic. And sales are picking up. A record 150,000 of them sold last year in the United States.

“It used to be I knew everyone I saw that was driving an electric car,” said Wilson, the vice president of the Electric Vehicle Association of Greater Washington, D.C. “Now, I don’t.”

There are about to be a lot more strangers in EVs on the roads, many experts say.

Big carmakers, big plans

Volvo says every car it makes in 2019 and beyond will have an electric motor. General Motors says the company “believes in an all-electric future.” Bloomberg New Energy Finance (BNEF) predicts that in just over two decades, EVs will make up more than half of all vehicles sold.

Other analysts have more modest expectations. But even Exxon Mobil sees EVs topping 10 percent of the market by 2040.

Automakers hit a significant milestone in the past year. In December, General Motors launched the Chevrolet Bolt EV, the first car with a price tag under $40,000 and a range of more than 320 kilometers.

Automakers hit a significant milestone in the past year. In December, General Motors launched the Chevrolet Bolt EV, the first car with a price tag under $40,000 and a range of more than 320 kilometers.

That range is “basically double anything else that’s available at a comparable price,” said Chevrolet spokesman Fred Ligouri. Those figures “do wonders for getting beyond” what’s known as range anxiety, potential buyers’ fear of draining the battery before reaching their destination.

One-third of buyers have never owned an electric vehicle before.

“They went from (an) internal combustion engine vehicle right into pure electric,” an encouraging sign, Ligouri said.

The Bolt’s performance has impressed critics as well. Motor Trend magazine named the Bolt the 2017 Car of the Year.

The Bolt beat industry upstart Tesla to the mid-priced market. A modest 15,000 or so have been sold so far. But nearly a half-million people have ordered the Tesla Model 3, the company’s entrant into the mass market, despite long waits and slow production.

“Those are signals that there’s unmet demand for some of these new technologies,” said the World Resources Institute’s Eliot Metzger.

Electrification is cheaper than ever as the price of lithium ion batteries plummets faster than analysts expected. As costs come down, experts are moving up the date when electric vehicles can compete with internal combustion engines on price. BNEF puts that date in the second half of the next decade.

“We’re much further along than most researchers (and) industry insiders would have projected just two or three years ago,” said Nic Lutsey at the International Council on Clean Transportation.

China syndrome

Another reason the industry is moving fast: China.

Officials in the world’s biggest auto market will require carmakers to meet an electric vehicle quota starting in 2019.

Beijing aims to increase EVs’ share of the market from 1 to 2 percent today to around 4 percent in 2020.

“That’s a very large scale up within just several years,” Lutsey noted, but automakers say they can do it.

The push for electric vehicles is part of the government’s plan to clean up the toxic air in China’s major cities. Chinese officials are considering a ban on gas- and diesel-powered cars.

But it’s not just China. Pollution concerns in France, the United Kingdom, and India have officials there considering bans, too.

In the United States, the Trump administration aims to relax vehicle emissions standards, though state policies will likely complicate those efforts.

Without a push from government, experts say electric vehicles will have a hard time making major gains as long as gas prices are relatively low.

But as electric vehicle driver Wilson points out, that can change at any time.

“After the next crisis, when gas is $5 a gallon, then there will be waiting lists for cars like this,” he said.
…

Electric cars have been a futuristic promise for decades. And electric vehicles finally appear poised to enter the mainstream. Major carmakers, from Volvo to General Motors, are proclaiming the future is electric. VOA’s Steve Baragona has a look at how soon that future may arrive.
…

The FBI hasn’t been able to retrieve data from more than half of the mobile devices it tried to access in less than a year, FBI Director Christopher Wray said Sunday, turning up the heat on a debate between technology companies and law enforcement officials trying to recover encrypted communications.

In the first 11 months of the fiscal year, federal agents were unable to access the content of more than 6,900 mobile devices, Wray said in a speech at the International Association of Chiefs of Police conference in Philadelphia.

“To put it mildly, this is a huge, huge problem,” Wray said. “It impacts investigations across the board – narcotics, human trafficking, counterterrorism, counterintelligence, gangs, organized crime, child exploitation.”

The FBI and other law enforcement officials have long complained about being unable to unlock and recover evidence from cellphones and other devices seized from suspects even if they have a warrant, while technology companies have insisted they must protect customers’ digital privacy.

The long-simmering debate was on display in 2016, when the Justice Department tried to force Apple to unlock an encrypted cellphone used by a gunman in a terrorist attack in San Bernardino, California. The department eventually relented after the FBI said it paid an unidentified vendor who provided a tool to unlock the phone and no longer needed Apple’s assistance, avoiding a court showdown.

The Justice Department under President Donald Trump has suggested it will be aggressive in seeking access to encrypted information from technology companies. But in a recent speech, Deputy Attorney General Rod Rosenstein stopped short of saying exactly what action it might take.

“I get it, there’s a balance that needs to be struck between encryption and the importance of giving us the tools we need to keep the public safe,” Wray said.

In a wide-ranging speech to hundreds of police leaders from across the globe, Wray also touted the FBI’s partnerships with local and federal law enforcement agencies to combat terrorism and violent crime.

“The threats that we face keep accumulating, they are complex, they are varied,” Wray said, describing threats from foreign terror organizations and homegrown extremists.

Wray also decried a potential “blind spot” for intelligence gathering if Congress doesn’t reauthorize an intelligence surveillance law set to expire at the end of the year. The Foreign Intelligence Surveillance Act allows the government to collect information about militants, people suspected of cyber crimes or proliferation of weapons of mass destruction, and other foreign targets outside the United States. Intelligence and law enforcement officials say the act is vital to national security.

A section of the act permits the government, under the oversight of the Foreign Intelligence Surveillance Court, to target non-Americans outside the United States.

“If it doesn’t get renewed or reauthorized, essentially in the form that it already is, we’re about to get another blind spot,” Wray said.
…

The Department of Homeland Security and Federal Bureau of Investigation warned in a report distributed by email late on Friday that the nuclear, energy, aviation, water and critical manufacturing industries have been targeted along with government entities in attacks dating back to at least May.

The agencies warned that hackers had succeeded in compromising some targeted networks, but did not identify specific victims or describe any cases of sabotage.

The objective of the attackers is to compromise organizational networks with malicious emails and tainted websites to obtain credentials for accessing computer networks of their targets, the report said.

U.S. authorities have been monitoring the activity for months, which they initially detailed in a confidential June report first reported by Reuters. That document, which was privately distributed to firms at risk of attacks, described a narrower set of activity focusing on the nuclear, energy and critical manufacturing sectors.

Department of Homeland Security spokesman Scott McConnell declined to elaborate on the information in the report or say what prompted the government to go public with the information at this time.

“The technical alert provides recommendations to prevent and mitigate malicious cyber activity targeting multiple sectors and reiterated our commitment to remain vigilant for new threats,” he said.

The FBI declined to comment on the report, which security researchers said described an escalation in targeting of infrastructure in Europe and the United States that had been described in recent reports from private firms, including Symantec Corp.

“This is very aggressive activity,” said Robert Lee, an expert in securing industrial networks.

Lee, chief executive of cyber-security firm Dragos, said the report appears to describe hackers working in the interests of the Russian government, though he declined to elaborate. Dragos is also monitoring other groups targeting infrastructure that appear to be aligned with China, Iran, North Korea, he said.

The hacking described in the government report is unlikely to result in dramatic attacks in the near term, Lee said, but he added that it is still troubling: “We don’t want our adversaries learning enough to be able to do things that are disruptive later.”

The report said that hackers have succeeded in infiltrating some targets, including at least one energy generator, and conducting reconnaissance on their networks. It was accompanied by six technical documents describing malware used in the attacks.

Homeland Security “has confidence that this campaign is still ongoing and threat actors are actively pursuing their objectives over a long-term campaign,” the report said.

The report said the attacker was the same as one described by Symantec in a September report that warned advanced hackers had penetrated the systems controlling operations of some U.S.

and European energy companies.

Symantec researcher Vikram Thakur said in an email that much of the contents of Friday’s report were previously known within the security community.

Cyber-security firm CrowdStrike said the technical indicators described in the report suggested the attacks were the work of a hacking group it calls Berserk Bear, which is affiliated with the Russian Federation and has targeted the energy, financial and transportation industries.

“We have not observed any destructive action by this actor,” CrowdStrike Vice President Adam Meyers said in an email.
…

Environmental pollution, from filthy air to contaminated water, kills at least 9 million people a year, according to a new study published by the medical journal The Lancet. Two entrepreneurs from Georgia have invented a wearable filter they say can produce clean, fresh air. Faith Lapidus reports.
…

The Group of Seven industrialized nations threw their support behind a new technology industry alliance aimed at detecting and blunting online propaganda, saying Friday it had a “major role” to play in combating extremism on the internet.

G-7 interior ministers meeting in Italy invited representatives from Google, Microsoft, Facebook and Twitter to a session Friday dedicated to the fight against terrorism. In a final communique, the ministers pressed the industry as a whole to do more.

“Internet companies will continue to take a proactive role and ensure decisive action in making their platforms more hostile to terrorism, and will support actions aimed at empowering civil society partners in the development of alternative narratives online,” the statement said.

Social media companies have long seen themselves as neutral platforms for other people to share information, and have traditionally been cautious about taking down objectionable material. But as social media platforms have increasingly been used to recruit jihadis, radicalize young people, share fake news and incite extremism, they have come under pressure from governments to take action.

Facebook, Google, Twitter and YouTube in June created the Global Internet Forum to Combat Terrorism, which got an early boost when British Prime Minister Theresa May used a speech to the U.N. General Assembly to applaud the initiative and demand internet companies develop technology to more quickly identify and remove terrorist content.

The alliance says it is committed to developing new content detection technology, to helping smaller companies combat extremism and to promoting “counter-speech,” content meant to blunt the impact of extremist material.

The G-7 endorsed the aims and pledged to work collaboratively across the industry to counter the “misuse of technology” by terrorist organizations.

Italian Interior Minister Marco Minniti said “a great alliance” had been formed between world governments and major internet providers. While stressing the internet has been an important tool for promoting freedom, “at the same time we all together have agreed that al-Qaida and Islamic State are enemies of our freedoms.”

Several ministers said that while the industry had made progress to quickly remove extremist content, more needed to be done, and faster.

“Our enemies are moving at the speed of a tweet, so we have to counter them just as quickly,” said acting U.S. Homeland Security Secretary Elaine Duke.
…

An aquatic robot, small and nimble enough to fit inside the smallest of openings, is being tested in Japan ahead of being deployed into the damaged core of the Fukushima Daiichi Nuclear Power Plant. Faith Lapidus reports.
…