RSnake Report 20250106

Hello, and thanks for reading! It has already been an interesting start to the new year, and I am excited to see what comes of it. Of course, my fans weren’t especially happy with a small delay in the report, which they were quick to remind me in meme form… 😆 

Let’s begin with Russia/Ukraine where the Russian push in Pokrovsk has intensified, with forces inching just 1.5 kilometers from the town. Fierce battles are raging across nearby villages like Pishchane, Zvirove, and Kotlyne, while Ukrainian troops are attempting to reclaim recently lost positions in Khaziv Yar. Meanwhile, Kursk is heating up with reports of a build up and then finally Ukraine launching an offensive while Russian forces retaliate with their largest counter-offensive in the area to date. The fact that they are both doing counter offensives at the same time is a little ironic/funny, but here we are. I think both sides know that Kursk is a massive bargaining chip for Ukraine if they can keep it just a handful more weeks for when Trump enters office and begins negotiations.

The chaos has been compounded by the disastrous debut of North Korean troops, who appear more adept at taking catastrophic losses than contributing to the Russian effort. At best, they are a distraction that allows Russian troops to focus on more strategically advantageous maneuvering.

If this is Cold War 2.0, it’s coming with drones, fiber optics, and a heavy dose of irony: Ukraine’s new fiber-optic-controlled drones said to be resistant to electronic warfare, are devastating Russian equipment. Russians are predicting the imminent deployment of hundreds of thousands of these new fiber optic drones entering service by Ukraine, based on purchases by Ukraine of vast quantities of fiber optics from China. In these quantities, it’s virtually impossible to pass through a denied area as long as they have the manpower to manage the drone piloting - that is where AI will eventually come into play. Bryan Dean Wright made an interesting point on his podcast where he said that Ukraine has been logging all of the footage of the drones, not just for propaganda, but to train their future AI systems. I would do the same thing if I were them. The Russians are using the same tactics, and as seen here: they use those FPV drones quite well against the Ukrainians in Pokrovsk. It’s unclear what the manufacturing capacity, along with the delta of foreign supplier capacity and willingness to supply parts and equipment, is between the nations in this regard.

Meanwhile, we have more information on that Ukrainian sea drone that shot down a Russian Mi-8 helicopter off Crimea—a first in naval history. It made waves when it used R-73 heat-seeking missiles. Now we get a better look at its design specs including two PTZ cameras to help it navigate and operate the fire control - I assume one for each purpose, not for redundancy, but it’s not clear.

From an oil depot in Smolensk torched by drones to a chemical plant in Rostov now enveloped in suspicious white smoke and the largest sea trade port in Leningrad getting attacked by drones, Russian infrastructure is taking a hit. Some of these, like the sea-trade port, are 800+ miles from the front, making me believe that at least some of these might have been launched by sea, if not by piercing extremely long distances through Russian territory.

Even their once-vaunted Mediterranean submarine presence has retreated, leaving experts questioning the Kremlin’s next move. It’s not clear why, actually. Is it because of more mining operations, is it because of counter-sub operations, or because they need to protect the Baltic shadow fleet? Either way, that’s likely very good news for Ukraine but unknown for whoever is the beneficiary of their presence when they are re-assigned.

Ukraine claims to have destroyed a $100 million Nebo-M radar system and disrupted Russian military supply lines with sabotage operations in Tver. From the video, it is difficult to tell what actually happened or if the damage is meaningful. It is worth noting that this is not the first time they have destroyed one of these systems, but not only are they hard to replace but they tend to be used to detect NATO ballistic missile launches as well. This more or less blinds the Kremlin in certain places, and I am certain NATO experts and Ukraine target tasking officers are well aware of that.

Meanwhile, crypto miners in Russia have been banned from operating, as the country’s power grid buckles under the pressure. It does make sense when power shortages are in play - I think the same is true of AI operations in training or academic situations vs military/government use. That said, think about what this means for Russia - the greatest international exporter of oil to date, cannot keep the power on reliably. That may be partly due to transmission disruptions like the power substation fire that we saw, or it might simply be that power capacity isn’t there due to generators not getting the oil they require.

Similarly, we saw that a railroad relay cabinet was set ablaze, and as we know, most of the Russian supply chain is managed by rail. These are all soft targets. But I do think we need to pay attention to this one because the power substation getting hit is not something the US is impervious to. A well-thought-out strike against no more than a dozen soft targets would take out the whole of the United States - or at least anyone without backup power. Get solar and/or a generator, folks, and enough water and food to last you until you think those systems can be restored. 💡 

Onto European news, where Moldova’s reliance on Romania for power is now a lifeline as Russian gas supplies have all but evaporated. I am surprised Romania has that much extra capacity, but good for them; it will pay to be a net energy exporter this year.

However, it is a different story in Transnistria, the locals are resorting to firewood amid rolling blackouts—proof that being a Russian satellite isn’t all it’s cracked up to be. The advice on the ground is to huddle into a single room, like a kitchen, that will be easier to heat/use. It isn’t clear what Ukraine’s end goal is here, but I wouldn’t be terribly surprised if they opened a front against Transnistria for future negotiations with Putin.

Over in Hungary, Viktor Orbán’s pro-Kremlin antics cost his country €1 billion in EU funds. Basically, what the EU is doing is punishing other EU countries for working with Putin. I don’t know how much a billion euros means to Hungary, and Orbán in particular, but maybe it is just an opening salvo. Also, it should be noted that this isn’t a fine, but frozen funding, which means it could get unfrozen.

The EU’s woes don’t stop there: Germany saw massive protests, with fatalities and hundreds of arrests making headlines. We are seeing a lot of anti-immigrant news, and the more these protests lead to arrests and fatalities, the greater the chance I think they will lose badly in the elections. Europe is slowly coming to the conclusion that open borders with Middle Eastern and African countries is no longer sustainable. Maybe it should have never happened in the first place, but now regular attacks, gang rapes, and violent protests occur and the voters seem to be becoming less and less tolerant. Watch this chilling video to get a sense of how Muslim gang rapists view their victims - spoiler, they don’t even recognize the pain they cause. If their own people won’t police their activity, it seems the only remaining action is to prevent them from entering Europe wholesale and deporting criminal aliens.

And let’s not forget Greenland, whose ironic and deceptive namesake is becoming more strategically important, where whispers of independence from Denmark have grown louder. Is it independence fever, or is someone listening a little too closely to Donald Trump’s real estate ambitions? Do they want to be purchased and become US citizens or become autonomous? Either way, it looks like Donald Trump’s online comments are having a big effect there.

Onto South East Asia, where China’s tightening grip on exports of EV battery components could disrupt Western green initiatives. The one comment was, “It’s okay, we won’t need them soon anyway,” - implying that once Trump is in office, those green initiatives will evaporate and, therefore, the need for EV batteries along with them. That said, this may be just another negotiating point to get some leverage with Trump’s stated plans for Chinese tariffs and not a real block.

Add to that a damaged Taiwanese communication cable, courtesy of a Chinese vessel, and the tension in the region continues to simmer. This is the latest of many such attacks over the last few months, so I am not one to shrug and say it might be coincidental. I think we are likely well past any coincidences of undersea cable disruptions by China or Russia for a while. Now, the question is, does Taiwan do anything about it? Do they seize the ship? Are there any real consequences?

The Japanese are looking at China more and more warily, it appears. They are preparing very large arms transfers including one story I caught of a transfer of 1,200 air-to-air missiles. That’s a lot of air combat they are expecting, and probably mostly with the intention of taking down long-range cruise missiles and drones inbound from a future belligerent China.

Onto the Middle East, where Northern Syria might be shaping into an independent Kurdish state as U.S. forces reinforce their presence there, in what appears to be the construction of a new base. There is a video of a huge convoy of trucks with these huge concrete wall sections on them. This won’t be a small base, whatever it is. This is amid US officials saying we aren’t building a base. Then… what are these US-flagged base-like walls doing moving into US-backed Kurdish force-controlled areas in Northern Syria? 🤔 

But Turkey has other plans, launching artillery strikes on Kurdish villages. Turkey is no longer just backing anti-Assad forces; they are not rolling through Syria. What will happen if we start building a base there and it comes under attack by Turkish forces in northern Syria? NATO on NATO? What a disaster zone.

All the while, Israel now controls significant water resources in Syria and Jordan. Okay, now to a bit of speculation - I think the US is going to back a separatist northern Syrian area of Kurdistan to be a new country. Turkey will hate that idea, but it might actually lead to a de-escalation if the Kurds from surrounding states move there and create a peaceful home. The Turkish-backed anti-Assad SNA forces likely would be okay with it because they have their own country to run, even while Israel disarms them and pacifies their people in the south. I am not saying that Israel will try to take all of Syria, but they have a lot of incentive to control it, given that SNA is mostly former ISIS. I do get the distinct impression they want to be more moderate, and the Kurds have long been protected by the US, including back in the Iraq wars.

So there you have it - my prediction. The US pushes for a new Kurdish nation in the north of Syria and then a ceasefire, the Israelis roll through the country disarming the Syrians, and we get a new moderate and largely pacified Syria, and the Turks get a US-backed foe with long-standing grievances on their eastern border. Lovely.

In Southern Lebanon, Israel is dragging its heels on a military withdrawal, citing Lebanon’s lack of commitment to ceasefire terms. It does make sense, though - get your forces in place, and then we’ll back out. They don’t want to become another example of the US withdrawal/disaster in Afghanistan.

In North American news, a Tesla Cybertruck packed with explosives went off outside the Trump International Hotel in Las Vegas. Investigators suspect fireworks and gas canisters but are digging deeper into the history of the alleged perpetrator, a former Green Beret turned whistleblower.

Questions about his motivations seem to be a mix of theories about advanced drone tech and a bizarre connection to U.S. war crimes in Afghanistan. You can read an email from him here, and more details about him are coming from the likes of Tim Kennedy, who starred with him on a short-lived TV show. Sadly, this looks like a mix of whistleblowing on war crimes mixed with a suicide.

In New York City, a massive pro-Palestinian rally unfolded amid ongoing tensions. To be clear, some of the chants they are saying imply or state outwardly that they will honor martyrs and they want to export the global intifada. These are enemy combatants, in their own words. It is amazing we don’t have laws on the books to prevent calls to terroristic acts and acts of violence. Oh wait… The New Orleans attacker appears to have been a lone wolf but, clearly radicalized by his faith.

Meanwhile, hypervelocity cannons for missile defense have entered the Pentagon’s pipeline. I see this as being a more expensive but totally worthwhile endeavor when over-the-horizon defense is preferable to the short-range kinetic or laser weapons that simply cannot see the target.

And yes, Kamala Harris will make history by certifying her own electoral loss, proving that even in defeat, politics remains the greatest reality show on Earth. She made a short but strange public announcement about it, with a subtle dig at those who would not respect a peaceful transition of power - IE., Trump.

Onto a little tech news where a new UI redressing exploit or click-jacking is turning double-clicks into a new variant of the old exploit class. It’s a bit complicated, but they turned the exploit that Jeremiah Grossman and I came up with years ago into a slightly more complex exploit where if you can get the user to double-click instead of single-click, you can often bypass “are you sure” type messages. Of course the usual defenses apply - don’t let people frame your website.

If that wasn’t bad enough, a Tenable Nessus plugin update caused a denial of service for agents worldwide. Your cybersecurity team might need an extra pot of coffee today, send them a gift basket. This is similar to what happened with Crowdstrike - a bad update. This happened only a day before Amit Yoran, their previous CEO passed away. He had been battling cancer for a while, though they said something about it being very treatable. I’m not sure why they lied about that detail, but it likely was to retain investor confidence. For those who do not know, I used to report through the CTO to him talked with him often, and even was on a chat group with him and a few other like-minded people. He was always very nice to me and I am sorry that such a young, intelligent man passed away. Talk about a shitty week for Tenable. He died at 54. Very sad.

Okay, onto the articles!

Israeli military operations in Gaza have resulted in over 200 Palestinian deaths within three days, with the majority of casualties being women and children. Hospitals in the region are overwhelmed with a high influx of injured individuals, while medical facilities are experiencing direct attacks and severe supply shortages due to a tight siege imposed by Israel.

• Israeli attacks in Gaza have resulted in significant civilian casualties, particularly among women and children.

• Hospitals are facing critical shortages and overwhelming numbers of injured patients due to ongoing military operations.

[RSnake: This is what happens when they allow or even help Hamas militants amongst them. Their people need to rise up and stop Hamas from operating where they live and work if they want to stop atrocities from continuing to occur. What’s the alternative for Israel, let Hamas operate every time any civilian is nearby?]

Source: https://www.aljazeera.com/gallery/2025/1/5/israeli-attacks-on-gaza-kill-200-in-three-days-overwhelming-hospitals?traffic_source=rss

An Indian journalist, Mukesh Chandrakar, was found dead in a septic tank after going missing on New Year's Day. He had reported on corruption in construction projects, and his death has led to the arrest of three individuals, including relatives, as officials investigate the circumstances surrounding his death.

• Mukesh Chandrakar's body was discovered in a septic tank after being reported missing.

• Three people have been arrested in connection with his death, sparking demands for a thorough investigation.

[RSnake: That is impressive police work. The killers placed a huge concrete slab on top of the septic tank to hide it. Most police would have taken one look at it and shrugged and moved on.]

Source: https://www.bbc.com/news/articles/clygl0rjy2no

A terrorist attack in New Orleans resulted in 14 fatalities when a truck drove through a crowd on Bourbon Street.

• A truck attack in New Orleans on New Year's Day killed 14 people.

• Survivor Jeremi Sensky recounted being thrown from his wheelchair during the incident.

[RSnake: He had an ISIS flag on the back of his vehicle.]

Source: https://timesofindia.indiatimes.com/world/us/my-wheelchair-was-completely-bashed-survivor-of-new-orleans-attack-recalls-harrowing-experience/articleshow/116973556.cms

President Joe Biden plans to impose a permanent ban on new offshore oil and gas drilling across approximately 625 million acres of U.S. coastal waters, including areas in the Atlantic, Pacific, and the eastern Gulf of Mexico. This decision aims to protect marine ecosystems and coastal communities from potential hazards associated with fossil fuel development, while still allowing for oil leasing in certain regions of the central and western Gulf that have historically been drilled.

• The Biden administration is set to ban new offshore oil and gas development in a significant portion of U.S. waters.

• This ban is intended to provide long-lasting protections for vulnerable coastal areas and marine ecosystems.

[RSnake: I do find it interesting that this is happening now. He could have done this before the election, but now, after it is clear they will have no power to do so going forward, he is enacting the kinds of things that make energy production harder instead of easier. It’s not like it mattered, but still.]

Source: https://gcaptain.com/?p=219937

NATO is preparing for a potential Russian military offensive targeting Finland, Norway, and the Baltic states, with estimates of up to 600,000 Russian troops ready for action. Intelligence indicates that Russian forces could engage in multi-front attacks aimed at establishing buffer zones and possibly restoring historical territories, prompting NATO to revise its defense strategy and conduct large-scale military exercises in response to the escalating threat.

• NATO sources confirm a detailed Russian military plan for a potential offensive against its eastern flank.

• The alliance is conducting military exercises and revising its defense strategies to counter expected aggression.

[RSnake: Key word here is potential. But I have a hunch that is what those subs are being recalled to prepare for. Norway has a pretty good naval defense, and Sweden isn’t too bad itself. I saw this photo the other day that is worth sharing - that is some insane camo of a Swedish ship.]

Source: https://euromaidanpress.com/?p=313288

In early January 2025, Russia launched over 300 drones and 20 missiles against Ukraine, resulting in civilian casualties and significant damage to infrastructure, particularly in winter months. Ukraine's President Zelenskyy stated that ongoing assaults have necessitated the enhancement of air defense capabilities and increased replenishment of anti-missile stockpiles to counter these threats.

• Russia has launched an extensive aerial attack on Ukraine, deploying drones and missiles.

• Ukrainian President emphasizes the need for enhanced air defenses and replenishment of anti-missile capabilities.

[RSnake: I think we’ll see a greater and greater ramp-up from both sides over the next two weeks. Let’s just hope they can keep this contained to their region. More on that here.]

Source: https://euromaidanpress.com/?p=313056

Europe is ending its long-standing dependence on Russian gas due to various geopolitical shifts and the impact of the Russo-Ukrainian war. As of January 1, 2025, Ukraine will cease the transit of Russian gas, marking a significant transition in the energy landscape, with Europe actively seeking alternative sources and reducing reliance on Russian supplies.

• Ukraine will stop the transit of Russian gas through its territory starting January 1, 2025.

• Europe is aggressively seeking alternatives to Russian gas, which impacts Russia's economic leverage.

[RSnake: Well, yes, and Ukraine is also breaking ties for them. Europe has almost no stomach to do its own dirty work in that regard. It’s politically nightmarish to turn off your own energy supply.]

Source: https://euromaidanpress.com/?p=313178

Great Britain is facing a scandal involving the systemic grooming and rape of young girls, reportedly by predominantly Pakistani men, with allegations of negligence and complicity among authorities. Elon Musk and other public figures have called for the resignation of Labour Prime Minister Keir Starmer, who was previously head of the Crown Prosecution Service during the time these cases unfolded. The scandal has sparked widespread outrage and demands for accountability for both the perpetrators and officials who ignored the abuse.

• Years of systemic abuse and grooming of British girls has been brought to light.

• Public outcry is directed at government officials for their inaction during the scandals.

[RSnake: This will get a lot of press, mainly because the per-capita attacker is so much higher for immigrants than it is for people who were born in that country. It’s made worse because the government has done just about everything it can to allow such behavior or downplay it in the name of anti-racism. Those choices have consequences.]

Source: https://www.dailywire.com/news/great-britain-explodes-over-mass-rape-of-british-girls-musk-leads-charge-to-oust-starmer

A Tesla Cybertruck was used in a bombing incident in front of the Trump Hotel in Las Vegas, with the suspect renting the vehicle days prior and appearing to act normally during the rental process. The suspect, a former U.S. Army Special Forces member, was found dead from a self-inflicted gunshot wound after the explosion, which is being investigated as an act of terror. Authorities are currently investigating a possible motive for the incident, and law enforcement is conducting further inquiries related to the suspect's activities leading up to the attack.

• A Tesla Cybertruck was rented by a suspect prior to an explosion at the Trump Hotel.

• The incident is being treated as an act of terrorism, with ongoing investigations into the suspect's background and motives.

[RSnake: The worst possible choice. But the fact that it was filled with fireworks almost proves that he wanted more of a display than an area-affect weapon.]

Source: https://www.dailywire.com/news/exclusive-owner-of-tesla-cybertruck-used-in-vegas-bombing-recalls-hour-spent-with-suspect

The Supreme Court is set to hear a critical case regarding TikTok's operations in the United States, as the government calls for the app to be sold or shut down due to concerns over its Chinese ownership and the implications for user privacy and free speech. The decision could significantly impact the access of 170 million American users to the platform that provides entertainment and news.

• The Supreme Court is facing a case that could determine TikTok's future in the U.S.

• The case involves debates over First Amendment rights and the influence of China on the app.

[RSnake: Judging by the briefs, it is likely this will come down to a First Amendment dispute, which the right-leaning court is pre-disposed to wanting to protect. That said, both sides are unified against Chinese software, so we shall see.]

Source: https://www.nytimes.com/2025/01/03/us/politics/tiktok-ban-supreme-court.html

Windows 10 is nearing the end of support, with critical security updates ceasing after October 2025, prompting cybersecurity experts to recommend that users upgrade to Windows 11 or switch to alternative operating systems like Linux. This shift is vital as around 32 million computers in Germany alone still run Windows 10, exposing users to significant security vulnerabilities and potential cyber attacks as new threats emerge.

• Windows 10 will stop receiving free security updates after October 2025.

• ESET estimates 32 million Windows 10 users in Germany could face security risks if they do not upgrade.

[RSnake: That’s a hot take - switching to Linux from Windows 10. Talk about weird advice and a massive learning curve. If you know Windows, stick with it. If you want to switch, go to MacOS. Use Linux only if you have a lot of time and are prepared for a nightmare of software incompatibility.]

Source: https://www.bleepingcomputer.com/news/microsoft/windows-10-users-urged-to-upgrade-to-avoid-security-fiasco/

A new type of cyberattack known as DoubleClickjacking has emerged, allowing attackers to trick users into authorizing sensitive actions by exploiting double-clicks without using traditional clickjacking methods. This vulnerability affects a wide range of websites and online services, potentially exposing user accounts and sensitive information.

• DoubleClickjacking exploits the timing of double-clicks to deceive users into authorizing actions on legitimate websites.

• This attack circumvents existing clickjacking defenses, putting many online accounts at risk.

[RSnake: It’s fun to see this old exploit we came up with making its rounds again.]

Source: https://www.bleepingcomputer.com/news/security/new-doubleclickjacking-attack-exploits-double-clicks-to-hijack-accounts/



A new method for explainable anomaly detection has been developed, employing multimodal Vision Language Models (VLMs) that demonstrate a high performance in identifying anomalies in visual content. This approach potentially transforms the landscape of anomaly detection by reducing the need for extensive prior knowledge and manual annotations in various applications such as industrial inspection.

• The research explores the application of autoregressive multimodal Vision Language Models for logical anomaly detection.

• The method achieves state-of-the-art performance on public benchmarks, significantly improving upon existing techniques.

[RSnake: Interesting. I saw some AI photos that looked real by all accounts, but the landscape was slightly off - a weird collection of rocks here, a few too many sconces on the wall there, etc. It will get harder and harder to discern, though.]

Source: https://arxiv.org/abs/2501.01767

AI-generated phishing attacks have demonstrated a 50% click-through rate, significantly surpassing previous human and automated methods. These phishing emails are highly personalized using open-source intelligence and have proven to be cost-effective, reducing operational costs dramatically. Current cybersecurity systems struggle to detect such tailored attacks, raising challenges for existing defense measures.

• AI-generated phishing achieves a click-through rate exceeding 50%, outperforming both human experts and traditional phishing methods.

• The efficiency and cost-effectiveness of these AI-driven attacks present significant challenges to current cybersecurity defenses.

[RSnake: If only marketing could get those kinds of numbers. That’s pretty impressive.]

Source: https://www.lesswrong.com/posts/GCHyDKfPXa5qsG2cP/human-study-on-ai-spear-phishing-campaigns

A significant cybersecurity vulnerability affecting BeyondTrust instances has been reported, with nearly 9,000 systems still open to the Internet despite a warning of exploitation by state-sponsored actors. This vulnerability, associated with Privileged Remote Access and Remote Support, poses a high risk as the majority of the affected instances are located in the United States.

• Nearly 9,000 BeyondTrust instances remain vulnerable to exploitation.

• The vulnerability is being actively exploited by Chinese state-sponsored threat actors.

[RSnake: This is how the US Treasury got popped.]

Source: https://www.darkreading.com/threat-intelligence/thousands-of-buggy-beyondtrust-systems-still-exposed

Starting in 2025, new cybersecurity regulations will be implemented for healthcare organizations in the US, aimed at improving the protection of electronic health information. The proposed changes to the existing HIPAA security standards will impose stricter compliance requirements across all organizations, regardless of size or budget, potentially leading to significant financial burdens for many healthcare providers.

• New cybersecurity rules for healthcare organizations will enforce stricter compliance starting in 2025.

• The proposed changes eliminate flexibility in compliance, impacting organizations of all sizes.

[RSnake: I am wary of this law but, at least it’s thinking in the right direction. Right now, around half of all US citizens have had their healthcare records compromised. Half!]

Source: https://www.darkreading.com/vulnerabilities-threats/hipaa-security-rules-pull-no-punches

In 2024, scammers have stolen $494 million worth of cryptocurrency through wallet drainer attacks, representing a 67% increase from the previous year. These attacks primarily targeted Ethereum wallets, with attacks employing advanced phishing techniques to compromise accounts.

• Scammers targeted over 300,000 wallet addresses to steal significant amounts of cryptocurrency.

• The rise in crypto thefts has been linked to increasing Bitcoin prices and sophisticated phishing methods.

[RSnake: This is largely North Korea and Chinese hackers, purportedly.]

Source: https://www.bleepingcomputer.com/news/security/cryptocurrency-wallet-drainers-stole-494-million-in-2024/

The US Department of Treasury has sanctioned Chinese cybersecurity company Integrity Technology Group for its involvement in cyber-intrusions targeting US critical infrastructure, attributed to the state-sponsored group Flax Typhoon. This company is part of a broader effort by the US government to respond to Chinese cyber threats affecting various sectors, including telecommunications.

• The Treasury Department has imposed sanctions on Integrity Technology Group for facilitating cyber-attacks against US entities.

• The action is part of a larger strategy to combat Chinese state-sponsored cyber espionage in critical infrastructure sectors.

[RSnake: Sanctions aren’t going to cut it. That will simply be the cost of doing business for the CCP. A knowable potential downside.]

Source: https://www.darkreading.com/cybersecurity-operations/treasury-department-sanctions-chinese-tech-vendor

A stealthy backdoor leverage attack has been proposed against cooperative multi-agent deep reinforcement learning systems, which can attack the entire team by embedding the backdoor in a single agent. The attack method, BLAST, introduces adversary spatiotemporal behavior patterns as the backdoor trigger and hacks the original reward function of the backdoor agent to achieve a leverage attack effect. This attack has been evaluated against 3 classic algorithms and 2 popular environments.

• BLAST is a stealthy backdoor leverage attack that attacks cooperative multi-agent deep reinforcement learning systems by embedding the backdoor in a single agent.

• The BLAST method introduces adversary spatiotemporal behavior patterns as the backdoor trigger and hacks the original reward function of the backdoor agent to achieve a leverage attack effect.

[RSnake: If you are in computer security, just realize that very smart people are now actually building back-doors in agents with malicious goals. Would you use a foreign-supplied LLM in production, knowing that this research is ongoing?]

Source: https://arxiv.org/abs/2501.01593

Sexual deepfake material has become increasingly prevalent, leading to the emergence of marketplaces for its buying and selling, such as MrDeepFakes. These deepfakes are utilized for various motivations, including harassment and humiliation, with little enforcement of existing rules regarding their creation and distribution.

• The prevalence of sexual deepfake material has exploded over the past several years.

• MrDeepFakes has become a prominent marketplace for sexual deepfake content.

[RSnake: It’s not going anywhere. Brace for it. We’ll all have our HD-quality nudes online soon enough. This is part of the promise of things like the Apple Vision Pro - you get to see people how you want to see them. If someone wants to see you nude while talking to you, that tech will be here soon.]

Source: https://arxiv.org/abs/2410.11100

A new Android malware called 'FireScam' is being distributed as a fake version of the Telegram app through phishing sites that mimic Russia's RuStore app market. This malware can steal sensitive information by monitoring device activity and exfiltrating data such as login credentials and financial details.

• FireScam malware poses as a legitimate app to steal user data.

• It employs advanced techniques for data theft and monitoring user activity.

[RSnake: Those off-market stores are a cesspool of malware. If you use Android, buyer beware.]

Source: https://www.bleepingcomputer.com/news/security/new-firescam-android-data-theft-malware-poses-as-telegram-premium-app/

Magic links and passkeys are emerging as alternatives to traditional password-based authentication systems, with passkeys offering enhanced security and ease of use. Industry platforms are increasingly exploring these technologies as a means to improve user experience while addressing common frustrations associated with current login methods.

• Magic links allow users to sign in via an emailed one-time link instead of a password.

• Passkeys are being integrated into web authentication to provide a faster and more secure login experience.

[RSnake: I do like passwordless auth, until it doesn’t work. I had an issue over the week where I lost access to an email account due to a DNS failure at one of the registrars I use. In turn, I could no longer get the email OTP, so I could not log in. Therefore, I could not fix the error. See the issue? Fallback systems are tricky. This one involved secret questions, pins, taking live photos of me, of my passport, getting on a Zoom call, bending my passport, etc. It was a nightmare that lasted two days.]

Source: https://rmondello.com/2025/01/02/magic-links-and-passkeys/

Artificial intelligence benchmarks that measure the capabilities of language models are being outperformed by newer systems, rendering many traditional tests ineffective for evaluating AI progress. This shift indicates significant advancements in AI reasoning and problem-solving skills, particularly as models begin to surpass average human performance across a range of tasks.

• Many established AI benchmarks have been defeated by advanced language models.

• The Turing Test is no longer a relevant measure of intelligence as modern LLMs consistently pass it.

[RSnake: Most of these benchmarks are ultimately made either by humans and, therefore flawed for that reason or made by existing data, which can be trained on. So I am always wary of them. I do have a few tests of my own by which I determine how useful a system is. Such as edge-case coding tests, logic tests, some tests around ethics, some tests around game theory, and, of course, censorship tests. Maybe I’ll formalize them someday.]

Source: https://r0bk.github.io/killedbyllm/

OpenAI's CEO Sam Altman announced that the company has developed a method for creating artificial general intelligence (AGI), which is expected to start affecting the workforce in 2025. Altman mentioned that AGI could surpass human cognitive abilities and lead to significant increases in productivity and innovation.

• OpenAI claims to have developed a method for creating AGI.

• AGI is projected to impact the workforce significantly by 2025.

[RSnake: AGI by OpenAI - now with more bias and even less open source! With each iteration of OpenAI’s services they introduce even more bias in my testing. I can’t wait until their AGI doesn’t work on critical problems because of the potential harm it might inflict on a make-believe set of people. That is coming.]

Source: https://www.dailywire.com/news/openais-sam-altman-we-know-how-to-build-agi-will-hit-workforce-in-2025

Tesla's annual shipments from its Shanghai plant declined for the first time since its opening in 2020, reflecting increased local competition and weak global demand. In 2024, Tesla delivered 916,660 electric vehicles from the facility, a 3% decrease from the previous year, contributing to a drop in the company's overall global sales for the first time in over a decade.

• Tesla's first-ever drop in annual shipments from its Shanghai plant suggests increased competition.

• The decrease in global deliveries challenges Tesla's growth objectives for 2025.

[RSnake: China is not a market for US companies. There, I said it, and I will keep saying it until the West figures that out. That said, there is a global drop here, not just within China. It makes sense; the Cybertruck was a visual mess, so they will need to get more in line with what average consumers want. I do think things like the new RAM truck will be a game changer - it’s basically a generator on four electric motors, so it can work as a generator for your house, and it is very fast to refuel, like a car.]

Source: https://www.supplychainbrain.com/articles/40928-tesla-annual-china-shipments-from-shanghai-drop-for-first-time

Germany's solar industry is currently experiencing significant challenges due to a slump in consumer demand, resulting in bankruptcies and layoffs among installation and distribution companies. As prices of solar panels decrease due to oversupply, the market faces intense competition, particularly from cheap imports, while rising interest rates are also affecting financing costs, jeopardizing the country's climate goals.

• Germany's solar market is suffering from reduced consumer demand leading to bankruptcies and layoffs.

• Intense competition from low-cost imports and rising financing costs are complicating the industry's recovery.

[RSnake: The worst possible time for Germany’s companies to abandon alternative energy sources. They’ll need every watt. I’m not saying as government sources, but rather as individual companies and buildings - off-grid will be extremely handy if blackouts begin.]

Source: https://www.zerohedge.com/markets/lot-distress-germanys-solar-industry-crushed-demand-slump-bankruptcies-and-layoffs

The American health insurance system is facing challenges, with issues such as high costs and complexity leading to widespread dissatisfaction among consumers and providers. Despite attempts to address these problems, which include employer-sponsored plans, Medicare, and Medicaid, many Americans continue to struggle with their health coverage, and nearly 26 million remain uninsured. A variety of stakeholders, including insurance companies, health care providers, and lawmakers, are exploring potential reforms to improve the system's effectiveness and transparency.

• The American health insurance system is perceived as expensive and complicated, resulting in low consumer satisfaction.

• A significant portion of the population is uninsured, and many stakeholders are discussing potential reforms to address the system's problems.

[RSnake: No kidding. They need to come to heel a bit. Maybe we shouldn’t be killing their CEOs, but if their claims/denial rates get too high, what, exactly, are we being forced to pay for, other than their salaries?]

Source: https://www.zerohedge.com/medical/us-health-insurance-what-are-its-problems-and-potential-solutions

As we move into 2025, Treasury inflation-protected securities (TIPS) are becoming increasingly appealing for retirees due to their protection against inflation and default risk. These bonds, issued by the U.S. government, offer semi-annual interest payments and adjust their value with consumer price changes, making them a secure investment option.

• TIPS provide protection against inflation and are backed by the U.S. government.

• These bonds pay interest twice a year and adjust their face value according to consumer prices.

[RSnake: Interesting, I hadn’t heard of these vehicles. Let’s hope they are as stable as they sound!]

Source: https://www.marketwatch.com/story/these-ideal-investments-for-retirees-have-almost-never-been-this-attractive-heading-into-2025-5e520a14?mod=mw_rss_topstories

Georgia's stable electricity market is attracting significant business investments, particularly in the data center and electric vehicle sectors, due to its predictable utility regulations. The state has seen considerable economic growth, with over $20 billion in investments and the creation of tens of thousands of jobs, largely driven by its infrastructure and regulatory framework. In contrast, deregulated states face challenges such as higher energy costs and volatility, which deter large industrial investments.

• Georgia's stable utility regulations support significant economic growth and investment.

• The state has become an attractive location for major industries, including data centers and electric vehicle manufacturing.

[RSnake: They also have great tax incentives there for film and TV production, incidentally. They’re business-savvy.]

Source: https://www.zerohedge.com/energy/georgia-proves-it-stable-electricity-markets-attract-business-and-growth

President Joe Biden has blocked the takeover of US Steel by Nippon Steel, citing national security concerns and emphasizing the importance of maintaining a strong domestic steel industry. This decision has sparked disappointment from Japanese officials and raised questions about future investments between the US and Japan, with both companies suggesting they may take legal action over the rejected deal.

• Biden's decision to block the steel deal is driven by national security and domestic industry priorities.

• The move has caused concern in Japan about the implications for future US-Japan economic relations.

[RSnake: Dumb move, but… hey… whatever. Now, the next question is who will buy them and for how much less?]

Source: https://www.bbc.com/news/articles/cx2vz83pg9eo

The U.S. Treasury has finalized regulations for hydrogen production tax credits after a two-year waiting period, crucial for the hydrogen industry to move forward in reducing fossil fuel dependency. The new rules emphasize minimizing greenhouse gas emissions in hydrogen production and allow existing nuclear and fossil fuel plants to contribute to this process.

• The finalized rules provide tax credits based on the lifecycle emissions of hydrogen production.

• Hydrogen producers must source renewable or clean power and prove compliance to qualify for the credits.

[RSnake: At first blush, it might seem that there will be more energy production of some kind happening, though ultimately, to make hydrogen, you need another kind of power plan to strip the hydrogen from water using electrolysis. So, where does that power come from? I never understood this as an alternative energy source unless you need to power something hyper-local and small, like a farm, where power might be spotty, but local stores of hydrogen can power your farm equipment and homes.]

Source: https://techcrunch.com/?p=2939036

There are widespread allegations of fraud related to property tax valuations in the United States, which may be violating various state and federal laws. Property owners are reportedly facing significant overtaxation due to manipulated real estate values, with claims that this situation is leading to a financial burden that threatens homeownership for many citizens. Proposed solutions include eliminating property taxes and implementing a uniform sales tax to alleviate the financial strain on taxpayers.

• Fraudulent property tax valuations are leading to significant financial strain on homeowners.

• There are calls for reform including replacing property taxes with a uniform sales tax.

[RSnake: Good luck getting your money back. Once the money is spent, the only way to get it back into the hands of the US taxpayer is to tax them and give them that tax money out of revenue from taxes. You might get a check, but it’ll come out of your own pocket.]

Source: https://www.zerohedge.com/economics/why-property-tax-illegal