The FBI silently removed Russian malware to thwart global cyberattacks

Attorney General Merrick B. Garland has revealed that the United States secretly removed malware from computer networks around the world over the past few weeks to pre-empt Russian cyberattacks. As The New York Times reports, Garland’s announcement comes shortly after the White House warned companies that Russia could attack critical infrastructure in the country, such as financial institutions and the electric grid. Apparently, the malware the US removed enabled the intelligence arm of the Russian military called the GRU to create botnets out of the infected computer networks. 

According to the Justice Department, the malware was designed to infect firewalls and made the compromised networks part of a botnet called Cyclops Blink. It’s controlled by Sandworm, a notorious group that the US government had previously connected to the GRU. Cyclops Blink is Sandworm’s latest known botnet, and it only came to light back in February. It’s still unclear what Russia was planning to do with the hijacked computers, but botnets are typically used to perform large-scale Distributed Denial of Service (DDoS) attacks, as well as to send spam and to compromise sensitive information. 

In its press release, the DOJ said the FBI notified owners of infected devices in the US before Cyclops Blink was identified in February 23rd. It also notified companies outside the country through local law enforcement partners. However, US authorities didn’t want to wait to find out what the botnet would be used for. 

The Justice Department and the FBI obtained secret court orders in the US and secured the help of governments worldwide to quietly remove the malware from infected devices. Those court orders even gave them the power to remotely remove the malware from American companies’ networks without their knowledge. After the feds disinfected the compromised machines, they also closed the external management ports Sandworm was using for access.

Over the past months, the Biden administration has been exposing as much intelligence on Russia as possible without giving away its actions to catch Putin off guard. This disclosure is just its latest effort to send a message to the Russian president. The fact that Sandworm infiltrated networks around the world to create a botnet just shows, however, that there’s a cyber warfare going on that might end up affecting countries other than Ukraine. If you’ll recall, a major cyberattack took down Ukraine’s government websites before the Russian invasion of the country began. Ukraine’s government, as well as US and UK authorities, blamed the attacks on the GRU.

Windows 11 的檔案總管將新增分頁的功能

除了在系統層面提升視訊通話體驗之外,Windows 11 的下個更新還會在介面等各方面帶來更多的變化。這當中最重要的非檔案總管莫屬,將會增加和網頁瀏覽器的「分頁」極為相像的功能,讓你可以最常用到的資料夾留在顯眼處,也避免同時開啟多個檔案總管視窗的麻煩。…

Jack Dorsey regrets his role in creating a centralized internet

Twitter founder Jack Dorsey would like you to know he too misses the early days of the internet when protocols like IRC made the web seem like a place of boundless possibility. He also knows he’s partly to blame for the current state of things.

“The days of Usenet, IRC, the web… even email (with PGP)… were amazing,” Dorsey said on Saturday in a tweet spotted by Mashable. “Centralizing discovery and identity into corporations really damaged the internet. I realize I’m partially to blame, and regret it.”

Dorsey’s tweet is a remarkable admission by a tech executive who made billions creating a platform that centralized the way we consume news. Twitter may not be as big as Facebook and TikTok, but the effect it has had on the information economy is undeniable. Many of us turn to Twitter when we want to follow ongoing events in close to real-time as possible, but at times the company has struggled to combat misinformation, much to the harm of our public institutions. 

This isn’t Dorsey’s first time lamenting the current state of the internet. In December, he went on a rant about how Web3 had already been co-opted by investors. “You don’t own ‘Web3,’” he said at the time. “The VCs and their LPs do. It will never escape their incentives.”

Eero’s newest mesh routers include a WiFi 6E model

Eero is relatively late to WiFi 6E, but it’s showing up in style — and making WiFi 6 more practical in the process. The Amazon brand has launched two new mesh routers led by the Eero Pro 6E (pictured below). The hardware takes advantage of the 6GHz band to offer up to a 1.3Gbps wireless connection for as many as 100 devices. Each unit has both 2.5Gbps and 1Gbps Ethernet jacks, and should cover up to 2,000 square feet each. Don’t worry if you don’t have the super-fast internet service to do it justice, though, as we’ve had some hands-on time with a more affordable option.

The equally new Eero 6+ (above) is ‘just’ a dual-band WiFi 6 model with two 1Gbps Ethernet ports, 1,500 square feet of coverage per router and a 75-device cap, but it now has access to a 160MHz radio channel that promises faster wireless data. Eero pitches this as the best choice for anyone with reasonably fast internet up to a gigabit.

We’ve briefly tried the 6+, and it works like much you’d expect if you’re familiar with Eero. It has no trouble wringing the most out of a 500Mbps cable internet plan despite the modem and devices living on different floors of a modestly-sized house. The Amazon tie-ins both simplify setup (including reconnecting if you change the network name or password) and controlling the router with Alexa. You can ask the voice assistant to halt internet access for specific users, for instance. Just be aware that this doesn’t have the tri-band wireless some rivals use to lighten the load on a busy network, so you may want to pass if you have multiple heavy users who can’t afford slowdowns.

Eero Pro 6E WiFi mesh router
Eero Pro 6E
Eero

The pricing is in line with the performance. You can buy the Eero Pro 6E now in a $499 two-pack or $699 three-pack. A single unit is available to pre-order for $299. The Eero 6+ is decidedly easier to justify for most people, based on our experience. It’s selling now at a $239 for a two-pack and $299 for a three-pack, with pre-orders open for a $139 one-device kit. And if you don’t mind using 2020-era hardware, the earlier Eero 6 has dropped to $89 for one router, $139 for two and $199 for three.

Undersea Google internet cable will connect Togo to Europe

The first branch of Google’s Equiano underwater internet cable — which will eventually run from Cape Town, South Africa to Lisbon, Portugal — has landed in Lomé, Togo, the company announced Friday. The massive fiber optic cable will be Google’s first t…

Google’s domain name registrar is out of beta after seven years

Seven long, long years ago, Google started offering users a way to buy a domain without having to deal with a host provider. Now, Google Domains is at last out of beta as a full-fledged product. 

Google says, to date, millions of people have used the service to manage a domain. It has added more features and tools to Domains over the years. Folks in 26 countries can now use the full version of the service.

Of course, Domains ties in with other Google services. Customers can, of course, use their domain in their email address. You can build a website or store with Google Sites and use it on a business profile on Maps and in Search. Google’s DNS and security tools are available too. There’s also the option to build a site or store for a domain purchased through Google via platforms like Wix, Shopify, Squarespace, Weebly and Bluehost.

To mark the occasion of Domains becoming a fully formed entity, Google’s offering new and returning users a discount until April 15th. You can get 20 percent off a single domain registration or transfer-in of a domain from another registrar with the code DOMAINS20.

For a bunch of reasons, it feels like a lifetime has passed since 2015, so I wouldn’t blame anyone for forgetting the existence of Google Domains. Still, it has finally emerged from incubation without being scuttled off to the long list of products Google has killed.

DuckDuckGo will demote Russian propaganda in search results

The search engine DuckDuckGo will be down-ranking sites that spread Russian propaganda and disinformation. In a tweet, founder and CEO Gabriel Weinberg wrote that the privacy-focused search engine would be releasing updates that would ensure Russian disinformation sites rank further down in search results. Earlier this month, DuckDuckGo announced it would pause its relationship with Russian-state owned search engine Yandex.

A number of platforms including the Meta-owned Facebook and Instagram have also demoted posts from Russian state media. Google has been down-ranking search results from Russian state news agencies since 2017.

Known for being a “privacy-minded” search engine, DuckDuckGo does not track its users or sell data to third parties. The company primarily makes money from affiliate links and non-targeted, contextual ads. DuckDuckGo, which regularly donates to digital rights groups like the Electronic Frontier Foundation and non-profit newsroom The Markup, has also been embraced by conspiracy theorists and far-right groups in recent years. A number of studies highlighted in the New York Times found that Bing’s search algorithm, which powers DuckDuckGo, surfaces more sites that promote conspiracy theories than Google.

Many fans of DuckDuckGo criticized the search engine for its decision on Russia, likening it to “censorship”. It’s unclear whether DuckDuckGo will make a wider effort to down-rank disinformation. 

Weinberg did not detail in his tweet which Russian propaganda sites DuckDuckGo would target, or whether the search engine will target other types of disinformation, such as on climate change or COVID-19. 

DuckDuckGo provided Engadget with the following statement regarding this change:

The primary utility of a search engine is to provide access to accurate information. Disinformation sites that deliberately put out false information to intentionally mislead people directly cut against that utility. Current examples are Russian state-sponsored media sites like RT and Sputnik. It’s also important to note that down-ranking is different from censorship. We are simply using the fact that that these sites are engaging in active disinformation campaigns as a ranking signal that the content they produce is of lower quality, just like there are signals for spammy sites and other lower-quality content. In addition to this approach, for newsworthy topics we’re also continuing to highlight reputable news coverage and reliable “instant answers” at the top of our search results where they are seen and clicked the most. We’re also in the process of thinking about other types of interventions.

Update, 3/11/22 2:45PM ET: This story has been updated with DuckDuckGo’s statement on the move. We’ve also updated the headline and added additional context to this story based on DuckDuckGo’s statement.

EU tells Google to delist Russian state media websites from search

The European Commission has sent Google a request to remove Russian state media results for searches performed in countries within the EU. As The Washington Post reports, Google has uploaded a letter from EU officials to a database of government requests. In it, the officials explain how the commission’s official order to ban the broadcast of RT and Sputnik in the European Union also applies to search engines and internet companies in general.

If you’ll recall, the commission issued a ban on the state media outlets a few days after Russia’s invasion of Ukraine began. Ursula von der Leyen, President of the European Commission, said back then that by doing so, the outlets “will no longer be able to spread their lies to justify Putin’s war.” While it wasn’t quite clear how the order applies to internet companies, Facebook, Twitter and TikTok promptly restricted access to RT and Sputnik across Europe. Google also announced its own restrictions, but only for the outlets’ YouTube channels.

In the letter Google has uploaded, officials explained that search engines play a major role in disseminating content and that if the company doesn’t delist the outlets, it would facilitate the public’s access to them. Part of the letter reads:

“The activity of search engines plays a decisive role in the overall dissemination of content in that it renders the latter accessible to any internet user making a search on the basis of the content indication or related terms, including to internet users who otherwise would not have found the web page on which that content is published…Consequently, if search engines such as Google did not delist RT and Sputnik, they would facilitate the public’s access to the content of RT and Sputnik, or contribute to such access. 

It follows from the foregoing that by virtue of the Regulation, providers of Internet search services must make sure that i) any link to the Internet sites of RT and Sputnik and ii) any content of RT and Sputnik, including short textual descriptions, visual elements and links to the corresponding websites do not appear in the search results delivered to users located in the EU.”

Google didn’t return The Post’s request for comment, but the publication says a search conducted within the EU didn’t bring up links for “Russia Today.” RT links still showed up for us, however, when we conducted searches using Google Austria and France. 

The letter also said that the order applies to “posts made by individuals that reproduce the content of RT and Sputnik” — for example, screenshots of articles from those outlets — and that social networks must delete those posts if they get published. That could create a deluge of additional work for social media websites already struggling to moderate content posted by their users. According to The Post, though, the actual sanctions law doesn’t define the order in the way that’s written in the letter, so the officials’ interpretation could be challenged in court. 

Lumen is the second major US internet provider to leave Russia

Cogent isn’t the only large American internet provider pulling out of Russia following that country’s invasion of Ukraine. The Washington Postreports Lumen is “immediately” halting business in the country. The company is disconnecting over concerns of an “increased security risk” inside Russia, fears of government action and a desire to protect the integrity of the Internet at large.

The company claimed that its services are “extremely small and very limited” in Russia, and that it only has a handful of enterprise customers. However, analysts at Kentik noted that Lumen is a major source of international data within the country, and that those customers include state-owned telecoms like Rostelecom and TransTelekom. Russia should feel the impact, in other words.

This could hurt Russians’ access to internet services hosted outside of the country, and might make them reliant on state propaganda. However, it comes as many US tech companies are limiting or pulling products, including Apple, Google, Meta and Microsoft. Lumen is joining a united front, then. Support is growing, too, as Amazon Web Services said it would stop accepting new customers from either Russia or Belarus.

This isn’t going as far as Ukraine wanted. It called on ICANN to boot Russia from the internet. It’s still a significant move, though, and it suggests many tech heavyweights aren’t worried about the threat of Russian retaliation.