Bipartisan Harvard panel recommends hacking safeguards for elections

November 20, 2017

By Joseph Menn

SAN FRANCISCO (Reuters) – A bipartisan Harvard University project aimed at protecting elections from hacking and propaganda will release its first set of recommendations today on how U.S. elections can be defended from hacking attacks.

The 27-page guidebook shown to Reuters ahead of publication calls for campaign leaders to emphasize security from the start and insist on practices such as two-factor authentication for access to email and documents and fully encrypted messaging via services including Signal and Wickr.

The guidelines are intended to reduce risks in low-budget local races as well as the high-stakes Congressional midterm contests next year. Though most of the suggestions cost little or nothing to implement and will strike security professionals as common sense, notorious attacks including the leak of the emails of Hillary Clinton’s campaign chair, John Podesta, have succeeded because basic security practices were not followed.

The ongoing effort is being led by the Belfer Center for Science and International Affairs, based at the Harvard Kennedy School of Government, and is drawing on top security executives from companies including Google, Facebook and the cyber security firm CrowdStrike. The guidebook will be available online (https://www.belfercenter.org/cyberplaybook).

“We heard from campaigns that there is nothing like this that exists,” said Debora Plunkett, a 31-year veteran of the National Security Agency who joined the Belfer Center this year. “We had security experts who understood security and election experts who understood campaigns, and both sides were eager to learn how the other part worked.”

Plunkett said the goal was a digestible outline that was both realistic and helpful, and that leadership buy-in was critical.

The handbook is the first effort from the Belfer Center’s four-month-old Defending Digital Democracy program, whose leadership includes top campaign officials from both the Republican and Democratic parties. Belfer co-director Eric Rosenbach said another guidebook, scheduled for spring, will aim at state election officials, who oversee the actual vote-counting and might also have to deal with propaganda intended to mislead or dissuade voters or sow suspicions about election integrity.

“Deterring information operations is inherently a government responsibility, and the technology firms will decide how to act on their platforms, but state organizations are the victims,” Rosenbach said.

The Belfer Center is also sending students out to the states to understand various voting technologies and procedures. The idea is to recommend best practices for each type of set-up, which could include mandated software updates, paper back-ups and audits.

Thus far, the project has offered no advice for the internet companies that are under fire for allowing Russian advertising and false claims to polarize Americans. That could come later, as could a broader program for quick sharing of threat information.

(Reporting by Jonathan Weber; editing by Diane Craft)

Toshiba $5 billion stock issue results in huge dilution but delisting risk removed

November 20, 2017

By Makiko Yamazaki and Ayai Tomisawa

TOKYO (Reuters) – Toshiba Corp’s plan to raise some $5.4 billion through a sale of new shares will help it avoid a delisting, but will also see more than 30 overseas investors, including activist funds, own 35 percent of the embattled conglomerate.

The move, decided at a board meeting on Sunday, will allow Toshiba to pay off billions of dollars in liabilities at its bankrupt U.S. nuclear power business, Westinghouse. That in turn gives it the funds to return to positive net worth by the end of the financial year in March, as an $18 billion sale of its prized memory chip unit is unlikely to close before then.

The issue of 2.28 billion new shares at 262.8 yen per share, a 10 percent discount to Friday’s close, will result in a massive 54 percent dilution in earnings per share.

Toshiba’s shares were, however, down just 5 percent in early afternoon trade as the delisting risk was removed and as the capital raising had been expected. The stock was last trading at 277 yen – a level above the sale price.

“Toshiba’s fund raising news eliminates the risk of Toshiba being delisted so that part is positive,” said Takatoshi Itoshima, chief portfolio manager at Commons Asset Management.

“What’s also positive is that the fund raising will improve the company’s financial health. There is an argument that the company will be left with nothing (without the chip business), but it’s good that the company’s capital will recover.”

Third Point LLC, Oasis Management Company and Cerberus Capital Management were among the more than 30 investors which invested through some 60 funds.

Singapore-based fund Effissimo Capital Management, established by former colleagues of Japan’s best-known activist investor, Yoshiaki Murakami, will become the largest shareholder in Toshiba with an 11.34 percent stake.

Payments for the new investment are due to be completed on Dec. 5.

Toshiba also confirmed that it is looking at selling Westinghouse assets.

Sources told Reuters in September that Westinghouse is working with investment bank PJT Partners Inc on a sale process.

Private equity firms Blackstone Group LP and Apollo Global Management LLC have teamed up to bid for the business while Cerberus Capital Management LP was in talks with U.S. nuclear power plant component provider BWX Technologies Inc about submitting a joint bid, the sources said at the time.

Toshiba had initially planned to use funds from the sale of its chip unit to cover its Westinghouse liabilities, but a highly competitive and contentious auction process led to delays in deciding on the buyer and has meant that Toshiba may not obtain the necessary anti-trust clearance by the end of March.

The chip deal still faces legal challenges from its chip joint venture partner Western Digital, which argues no deal can proceed without its consent and has sought an injunction through an international arbitration court.

Toshiba is demanding that Western Digital drop the litigation as a condition over a coming round of a joint investment in Toshiba’s new flash-memory chip production line in Yokkaichi, Japan. The two companies held talks in the United States last week for settlements, but have yet to agree on details, sources familiar with the matter said.

(This story adds dropped word “than” in first paragraph, clarifies number of investors in paragraph 7.)

(Additional reporting by Ran Kim and Naomi Tajitsu in Tokyo and Miyoung Kim in Singapore; Editing by Edwina Gibbs)

Driverless cars set for UK budget boost: finance ministry

November 19, 2017

LONDON (Reuters) – British finance minister Philip Hammond’s budget statement this week will include measures to encourage the development of driverless and electric cars, artificial intelligence and telecommunications, the finance ministry said on Sunday.

Hammond is under pressure to turn around the fortunes of Prime Minister Theresa May with Wednesday’s budget, but with Brexit weighing on the economy he has limited options.

Measures to drive technological improvements would chime with his desire to improve UK productivity, which is growing very slowly, and create high quality jobs.

The finance ministry said Hammond would announce regulatory changes to the driverless car industry so that developers could apply to test their vehicles on UK roads without a human operator for the first time. He wants fully self-driving cars to be on UK roads in as little as three years.

The ministry said a new 400 million pound ($530 million) Charging Infrastructure Investment Fund would also be created, improving access to finance for businesses to develop charge points across the UK. Also 100 million pounds would be provided in grants to help people buy battery-electric vehicles.

Other investments include 75 million pounds in the artificial intelligence industry, 160 million pounds for next-generation 5G mobile networks across the UK, 100 million pounds for an additional 8,000 computer science teachers and 76 million pounds to boost digital and construction skills.

On Saturday the finance ministry said the budget statement was expected to include a consultation on taxing and charging environmentally damaging single-use plastics. 

(Reporting by James Davey; Editing by Toby Chopra)

China Citic, Baidu launch direct bank in fintech push

November 18, 2017

BEIJING (Reuters) – China Citic Bank Corp <601998.SS> and search engine giant Baidu Inc launched on Saturday a direct banking joint venture, dubbed AiBank, to capitalize on China’s rapidly growing fintech sector.

AiBank is one among several tie-ups between an internet firm and a lender in China’s booming online finance market where technology gurus like Alibaba Group Holding Ltd and Tencent Holdings Ltd <0700.HK> have already set up their own finance arms to offer a range of financial products including payment, wealth management and micro loans.

A direct bank offers services over the internet instead of through physical branches.

AiBank will focus on lending to individuals and small businesses while leveraging big data and artificial intelligence to build new risk control models, Li Rudong, president of the new bank said at a launch event in Beijing.

Li said 60 percent of the new bank’s employees will be technology staff.

“AiBank is the future of intelligent finance…It is an institution that understands customers best and understands finance best,” said Baidu Chief Operating Officer Lu Qi.

Mid-tier lender Citic Bank owns 70 percent of the joint venture, while Baidu controls the remaining 30 percent. The direct bank has a registered capital of 2 billion yuan.

China’s banking regulator approved the establishment of AiBank earlier this year.

(Reporting by Shu Zhang and Elias Glenn; Editing by Muralikumar Anantharaman)

Brazil speaker wants city rules for Uber, other car-hailing apps

November 17, 2017

BRASILIA (Reuters) – The head of Brazil’s lower house of Congress said on Friday he hopes that the chamber will approve the Senate version of a bill regulating ride-hailing apps such as Uber Technologies Inc [UBER.UL].

Speaker Rodrigo Maia told Reuters that car-hailing apps should be regulated by the municipal authorities of each city as proposed in the original bill submitted to his chamber, before lawmakers added amendments stipulating more onerous regulations.

The bill amended by the Senate on Oct. 1 dropped the requirements that drivers own their cars and use the same red license plates used by public taxis, which would class them as public transport subject to city permits.

Maia criticized the amendments approved in the lower house, saying that ride-hailing apps should be regulated by each city as it sees fit.

“Minimal” federal regulations allow ride hailing to exist within the law, but rules should be set by town councils and applied by municipal authorities according to each city’s needs, he said in an interview.

“I hope the house will vote the initial text without the (lower house) amendments,” Maia said. No date has been set for such a vote, he said.

Uber has said that the law, if approved in its original form, would undermine its ability to operate in Brazil, its second-biggest market, by making it too expensive and bureaucratic for many of its 500,000 drivers.

(This version of the story corrects paragraphs 1-6 to make clear Maia’s opposition to amendments approved in the lower house, not Senate)

(Reporting by Anthony Boadle; Editing by Susan Thomas)

U.S. regulator votes to loosen media ownership rules

November 16, 2017

By David Shepardson

WASHINGTON (Reuters) – The U.S. Federal Communications Commission on Thursday voted to remove key roadblocks to increased consolidation among media companies, potentially unleashing new deals among TV, radio and newspaper owners as they seek to better compete with online media.

The Republican-led FCC voted 3-2 to eliminate the 42-year-old ban on cross-ownership of a newspaper and TV station in a major market. It also voted to make it easier for media companies to buy additional TV stations in the same market, and for local stations to jointly sell advertising time and for companies to buy additional radio stations in some markets.

Big media companies including Tegna Inc, CBS Corp and Nexstar Media Group Inc have cited the expected rule change as motivation for considering expansion opportunities.

“This is really about helping large media companies grow even bigger,” said Democratic FCC Commissioner Mignon Clyburn, adding that Republicans were “more intent on granting the industry’s holiday wish list early rather than looking out for the public interest.”

FCC Chairman Ajit Pai defended the rule change, saying it was “utter nonsense” that rules banning cross ownership of a newspaper and broadcast station were still in place after massive changes in media over the last four decades.

The decision could also allow Sinclair Broadcast Group Inc, which is seeking approval for its proposed $3.9 billion acquisition of Tribune Media Co, to avoid some divestitures in order to gain approval of the deal.

Moody’s said on Thursday the move was credit-positive for TV broadcasters. “Under the revised FCC rules, U.S. television broadcasters will benefit from the ability to consolidate local market ownership through acquisitions and station swaps,” said Jason Cuomo, author of the Moody’s report. “Broadcasters that increase their scale in local markets will attract more advertising, improve their negotiating leverage and bring down their costs.”

A federal appeals court, which has been grappling with the FCC’s media ownership rules for more than a decade, is expected to hear challenges to the new rules.

U.S. Senator Bill Nelson, a Florida Democrat, said the vote “will pave the way for massive broadcast conglomerates to increasingly provide local viewers with nationalized cookie-cutter news and corporate propaganda that’s produced elsewhere.”

But the National Association of Broadcasters said the rules were “not only irrational in today’s media environment, but they have also weakened the newspaper industry, cost journalism jobs and forced local broadcast stations onto unequal footing with our national pay-TV and radio competitors.”

Pai is also expected to call for an initial vote in December to rescind rules prohibiting one company from owning stations that serve more than 39 percent of U.S. television households, Reuters reported on Wednesday, citing two people briefed on the matter.

In April, the FCC voted to reverse a 2016 decision that limits the number of television stations some broadcasters could buy.

(Reporting by David Shepardson in Washington; Editing by Matthew Lewis)

Qualcomm could win EU approval for NXP by end of year: Bloomberg

November 16, 2017

(Reuters) – U.S. smartphone chipmaker Qualcomm Inc may win European Union approval for its bid to acquire NXP Semiconductors NV by the end of the year, Bloomberg reported on Thursday, citing people familiar with the matter.

Qualcomm, which supplies chips to Android smartphone makers and Apple Inc , is set to become the leading supplier to the fast growing automotive chip market following the deal, the largest-ever in the semiconductor industry.

Regulators have dropped their concerns after accepting Qualcomm’s pledge not to acquire standard essential and system-level patents belonging to NXP, according to the Bloomberg report. (https://bloom.bg/2A5VN8E)

Qualcomm recently rejected rival Broadcom Ltd’s $103-billion takeover bid in November, saying the offer undervalued the company and would face regulatory hurdles.

Qualcomm said in June it was confident of addressing EU’s antitrust concerns and expected to close the NXP deal by the end of 2017.

The European Commissioner for Competition Margrethe Vestager said on Wednesday a ruling on Qualcomm’s proposed acquisition of NXP may come in 2018.

Qualcomm and NXP did not immediately respond to requests for comment, while the European Commission was not immediately available for comment.

(Reporting by Pushkala Aripaka and Laharee Chatterjee in Bengaluru; Editing by Shounak Dasgupta)

FCC plans to vote to overturn U.S. net neutrality rules in December: sources

November 16, 2017

By David Shepardson

WASHINGTON (Reuters) – The head of the Federal Communications Commission is set to unveil plans next week for a final vote to reverse a landmark 2015 net neutrality order barring the blocking or slowing of web content, two people briefed on the plans said.

In May, the FCC voted 2-1 to advance Republican FCC Chairman Ajit Pai’s plan to withdraw the former Obama administration’s order reclassifying internet service providers as if they were utilities. Pai now plans to hold a final vote on the proposal at the FCC’s Dec. 14 meeting, the people said, and roll out details of the plans next week.

Pai asked in May for public comment on whether the FCC has authority or should keep any regulations limiting internet providers’ ability to block, throttle or offer “fast lanes” to some websites, known as “paid prioritization.” Several industry officials told Reuters they expect Pai to drop those specific legal requirements but retain some transparency requirements under the order.

An FCC spokesman declined to comment.

Internet providers including AT&T Inc, Comcast Corp and Verizon Communications Inc say ending the rules could spark billions in additional broadband investment and eliminate the possibility a future administration could regulate internet pricing.

Critics say the move could harm consumers, small businesses and access to the internet.

In July, a group representing major technology firms including Alphabet Inc and Facebook Inc urged Pai to drop plans to rescind the rules.

Advocacy group Free Press said Wednesday “we’ll learn the gory details in the next few days, but we know that Pai intends to dismantle the basic protections that have fueled the internet’s growth.”

Pai, who argues the Obama order was unnecessary and harms jobs and investment, has not committed to retaining any rules, but said he favors an “open internet.” The proposal to reverse the Obama rules reclassifying internet service has drawn more than 22 million comments.

Pai is mounting an aggressive deregulatory agenda since being named by President Donald Trump to head the FCC.

On Thursday the FCC will vote on Pai’s proposal to eliminate the 42-year-old ban on cross-ownership of a newspaper and TV station in a major market. The proposal would make it easier for media companies to buy additional TV stations in the same market.

Pai is also expected to call for an initial vote in December to rescind rules that say one company may not own stations serving more than 39 percent of U.S. television households, two people briefed on the matter said.

(Reporting by David Shepardson; Editing by Chris Reese)

Exclusive: Apple to help India develop anti-spam app after face-off with regulator

November 15, 2017

By Aditya Kalra

NEW DELHI (Reuters) – Apple Inc has agreed to give limited help to the Indian government to develop an anti-spam mobile application for its iOS platform, after refusing to do so based on privacy concerns, according to sources and documents seen by Reuters.

The U.S. tech giant has been locked in a tussle with India’s telecoms regulator for more than a year. Officials complained Apple dragged its feet on advising the government how to develop an app that would allow iPhone users to report unsolicited marketing texts or calls as spam.

The government app was launched on Google’s Android platform last year, but an industry source with direct knowledge of the matter said Apple pushed back on requests for an iOS version due to concerns that a government app with access to call and text logs could compromise its customers’ privacy.

Facing public criticism from the regulator, Apple executives flew to New Delhi last month and told officials the company would help develop the app, but only with limited capabilities, according to a government official aware of the matter.

Apple’s executives have told India that its current iOS platform might not allow for some of the government’s requests, such as making call logs available within the app that would allow users to report them as spam, the official said.

“They (Apple) will help develop an app which, to an extent, can solve the requirements,” said the official.

An Apple spokesman confirmed that the new iOS features to combat spam text messages would help the government build the app, but did not comment on the app’s potential inability to access call logs for reporting spam, as the Android version does.

The spokesman said Apple had not changed its stance on privacy.

Apple’s stand-off with the regulator comes at a time when it is seeking greater access in India, the world’s third-largest smartphone market. The company has been lobbying the government for tax breaks to expand its phone assembly operations in the country, where it reported doubling its revenue versus the previous year for the quarter ending Sept. 30.

Balancing growth and market share with protecting customer privacy has become a defining challenge for global tech companies such as Apple, which regularly clash with governments over allowing access to content on their devices, especially for law enforcement needs.

“This has now become more of an ego tussle between Apple and the regulator,” said Neil Shah of Hong Kong-based technology research firm Counterpoint Research. He added that Apple was unlikely to agree to any requests specific to India because of the precedent that would set.

The chairman of the Telecom Regulatory Authority of India (TRAI) R.S. Sharma said he was unhappy with Apple for not responding swiftly to the government’s requests.

“We’ve told them they are harming their consumers,” Sharma told Reuters in an interview. “I hope good sense prevails upon them.”

Apple did not comment on TRAI’s criticism, but said that it had taken time to develop a privacy-friendly solution.

APP TUSSLE, PRIVACY WOES

Pesky marketing calls and unsolicited commercial text messages have become a big problem in India.

Despite mobile users having the option to register themselves under a so-called “do not disturb” service to block marketers, businesses have gamed the system by using multiple phone numbers for promotions.

TRAI’s anti-spam mobile application, also called Do Not Disturb, has been downloaded more than 100,000 times from the Google Android app section.

Before the app launches, it asks the user to allow it access to contacts and view text messages. Users can then start reporting numbers as spam.

A spokesman for Google, a unit of Alphabet Inc, did not directly comment on the app, but said: “We believe in openness and in the ability of users to make purchasing and downloading choices without top-down enforcement or censorship. Users are prompted with requests for permissions that they can choose to accept or decline.”

Apple, however, has been worried.

“The app can peep into logs, Apple had conveyed that their (privacy) policy does not allow this,” said the industry source familiar with the matter.

TRAI said the app does not raise any privacy concerns.

MEETINGS, E-MAILS

Apple has flown in several overseas-based executives to resolve the dispute with the Indian regulator, including its senior director for global privacy, and former Google executive, Jane Horvath.

At least seven meetings have been held between the two sides and dozens of emails exchanged since last year, according to government officials and documents reviewed by Reuters.

In August this year, months after the talks began, Apple wrote to TRAI saying that a technical meeting would help them establish “what is possible and not possible”.

The TRAI pushed back.

“The whole exercise in organizing the proposed meeting would be a waste of resources … please share concrete solutions that have a likelihood of addressing the issues we have been discussing over the past one year,” the regulator wrote in September.

Later that month, Apple again approached the TRAI saying it had identified potential solutions but they would require additional discussions with the regulator’s technical staff.

Horvath and other Apple executives met TRAI officials in October and conveyed they would help them develop the first version of the app with limited features.

“They (Apple) are adopting dilatory tactics,” said Sharma, the TRAI chief. “They’ve had meetings, meetings and meetings.”

(Additional reporting by Peter Henderson in San Francisco; Editing by Tom Lasseter and Alex Richardson)

Trump administration to release rules on disclosing cyber flaws: source

November 15, 2017

By Dustin Volz

WASHINGTON (Reuters) – The Trump administration is expected to publicly release on Wednesday its rules for deciding whether to disclose cyber security flaws or keep them secret, a national security official told Reuters.

The move is an attempt by the U.S. government to address criticism that it too often jeopardizes internet security by stockpiling the cyber vulnerabilities it detects in order to preserve its ability to launch its own attacks on computer systems.

The revised rules, expected to be published on whitehouse.gov, are intended to make the process for how various federal agencies weigh the costs of keeping a flaw secret more transparent, said the official, who spoke on condition of anonymity because the rules were not yet public.

Under former President Barack Obama, the U.S. government created an inter-agency review, known as the Vulnerability Equities Process, to determine what to do with flaws unearthed primarily by the National Security Agency.

The process is designed to balance law enforcement and U.S. intelligence desires to hack into devices with the need to warn manufacturers so that they can patch holes before criminals and other hackers take advantage of them.

The new Trump administration rules will name the agencies involved in the process and include more of them than before, such as the Departments of Commerce, Treasury and State, the official said.

Rob Joyce, the White House cyber security coordinator, has previewed the new rules in recent public appearances.

“It will include the criteria that the panel weighs, and it will also include the participants,” Joyce said last month at a Washington Post event. He said the Trump administration wanted to end the “smoke-filled room mystery” surrounding the process.

Some security experts have long criticized the process as overly secretive and too often erring against disclosure.

The criticism grew earlier this year when a global ransomware attack known as WannaCry infected computers in at least 150 countries, knocking hospitals offline and disrupting services at factories.

The attack was made possible because of a flaw in Microsoft’s Windows software that the NSA had used to build a hacking tool for its own use.

But in a breach U.S. investigators are still working to understand, that tool and others ended up in the hands of a mysterious group called the Shadow Brokers, which then published them online.

Suspected North Korean hackers spotted the Windows flaw and repurposed it to unleash the WannaCry attack, according to cyber experts. North Korea has routinely denied involvement in cyber attacks against other countries.

(Reporting by Dustin Volz; editing by Grant McCool)