Resources

‘Greenwashing’: Tree-Planting Schemes Are Just Creating Tree Cemeteries

Thousands of cylindrical plastic tree guards line the grassland here, so uniform that, from a distance, it looks like a war memorial. This open space at the edge of King’s Lynn, a quiet market town in the east of England, was supposed to be a new carbon sink for Norfolk, offering 6,000 trees to tackle the climate crisis. The problem is that almost all of the trees that the guards were supposed to protect have died.

not only were they planted at the wrong time of year, but that they were planted on species-rich grassland that was already carbon negative, which has now been mostly destroyed by tree planting. Environmentalists also point out that the trees were planted so shallowly into the ground that most were unlikely to ever take root.

278

Facebook Misinformation Is Bad Enough, The Metaverse Will Be Worse

The Rand Corporation is an American (nonprofit) think tank. And veliath (Slashdot reader #5,435) spotted their recent warning about “a plausible scenario that could soon take place in the metaverse.”
A political candidate is giving a speech to millions of people. While each viewer thinks they are seeing the same version of the candidate, in virtual reality they are actually each seeing a slightly different version. For each and every viewer, the candidate’s face has been subtly modified to resemble the viewer…. The viewers are unaware of any manipulation of the image. Yet they are strongly influenced by it: Each member of the audience is more favorably disposed to the candidate than they would have been without any digital manipulation.

This is not speculation. It has long been known that mimicry can be exploited as a powerful tool for influence. A series of experiments by Stanford researchers has shown that slightly changing the features of an unfamiliar political figure to resemble each voter made people rate politicians more favorably. The experiments took pictures of study participants and real candidates in a mock-up of an election campaign. The pictures of each candidate were modified to resemble each participant. The studies found that even if 40 percent of the participant’s features were blended into the candidate’s face, the participants were entirely unaware the image had been manipulated.

In the metaverse, it’s easy to imagine this type of mimicry at a massive scale.

At the heart of all deception is emotional manipulation. Virtual reality environments, such as Facebook’s (now Meta’s) metaverse, will enable psychological and emotional manipulation of its users at a level unimaginable in today’s media…. We are not even close to being able to defend users against the threats posed by this coming new medium…. In VR, body language and nonverbal signals such as eye gaze, gestures, or facial expressions can be used to communicate intentions and emotions. Unlike verbal language, we often produce and perceive body language subconsciously….

We must not wait until these technologies are fully realized to consider appropriate guardrails for them. We can reap the benefits of the metaverse while minimizing its potential for great harm.

They recommend developing technology that detect the application of this kind of VR manipulation.

“Society did not start paying serious attention to classical social media — meaning Facebook, Twitter, and the like — until things got completely out of hand. Let us not make the same mistake as social media blossoms into the metaverse.”

273

Ethanol Plants Are Allowed To Pollute More Than Oil Refineries

In 2007, the U.S. Congress mandated the blending of biofuels such as corn-based ethanol into gasoline. One of the top goals: reducing greenhouse gas emissions. But today, the nation’s ethanol plants produce more than double the climate-damaging pollution, per gallon of fuel production capacity, than the nation’s oil refineries, according to a Reuters analysis of federal data. The average ethanol plant chuffed out 1,187 metric tons of carbon emissions per million gallons of fuel capacity in 2020, the latest year data is available. The average oil refinery, by contrast, produced 533 metric tons of carbon.

The ethanol plants’ high emissions result in part from a history of industry-friendly federal regulation that has allowed almost all processors to sidestep the key environmental requirement of the 2007 law, the Renewable Fuel Standard (RFS), according to academics who have studied ethanol pollution and regulatory documents examined by Reuters. The rule requires individual ethanol processors to demonstrate that their fuels result in lower carbon emissions than gasoline. The Environmental Protection Agency (EPA) is charged with writing the regulations to meet the goals set by Congress. For processors, that translates to an EPA requirement that the plants use certain emissions-control processes the agency assumes will result in lower-than-gasoline emissions. But the agency has exempted more than 95% of U.S. ethanol plants from the requirement through a grandfathering provision that excused plants built or under construction before the legislation passed. Today, these plants produce more than 80% of the nation’s ethanol, according to the EPA.

Some of the exempted plants produced much less pollution, including some owned by the same companies producing the highest emissions. The EPA said about a third meet the law’s environmental standard even though they are not required to do so. But as a group, the plants freed from regulation produced 40% more pollution per gallon of fuel capacity, on average, than the plants required to comply, the Reuters analysis found.

246

Negative-prompt AI-Generated Images of Women Generate Gore and Horror

AI image generators like DALL-E and Midjourney have become an especially buzzy topic lately, and it’s easy to see why. Using machine learning models trained on billions of images, the systems tap into the allure of the black box, creating works that feel both alien and strangely familiar. Naturally, this makes fertile ground for all sorts of AI urban legends, since nobody can really explain how the complex neural networks are ultimately deciding on the images they create. The latest example comes from an AI artist named Supercomposite, who posted disturbing and grotesque generated images of a woman who seems to appear in response to certain queries.

The woman, whom the artist calls “Loab,” was first discovered as a result of a technique called “negative prompt weights,” in which a user tries to get the AI system to generate the opposite of whatever they type into the prompt. To put it simply, different terms can be “weighted” in the dataset to determine how likely they will be to appear in the results. But by assigning the prompt a negative weight, you essentially tell the AI system, “Generate what you think is the opposite of this prompt.” In this case, using a negative-weight prompt on the word “Brando” generated the image of a logo featuring a city skyline and the words “DIGITA PNTICS.” When Supercomposite used the negative weights technique on the words in the logo, Loab appeared. “Since Loab was discovered using negative prompt weights, her gestalt is made from a collection of traits that are equally far away from something,” Supercomposite wrote in a thread on Twitter. “But her combined traits are still a cohesive concept for the AI, and almost all descendent images contain a recognizable Loab.”

The images quickly went viral on social media, leading to all kinds of speculation on what could be causing the unsettling phenomenon. Most disturbingly, Supercomposite claims that generated images derived from the original image of Loab almost universally veer into the realm of horror, graphic violence, and gore. But no matter how many variations were made, the images all seem to feature the same terrifying woman. “Through some kind of emergent statistical accident, something about this woman is adjacent to extremely gory and macabre imagery in the distribution of the AI’s world knowledge,” Supercomposite wrote.

260

Facebook Button is Disappearing From Websites as Consumers Demand Better Privacy

Other big brands, including Best Buy, Ford Motor, Pottery Barn, Nike, Patagonia, Match and Amazon’s video-streaming service Twitch have removed the ability to sign on with Facebook. It’s a marked departure from just a few years ago, when the Facebook login was plastered all over the internet, often alongside buttons that let you sign in with Google, Twitter or LinkedIn. Jen Felch, Dell’s chief digital and chief information officer, said people stopped using social logins, for reasons that include concerns over security, privacy and data-sharing.

321

GPS Jammers Are Being Used to Hijack Trucks and Down Drones

The world’s freight-carrying trucks and ships use GPS-based satellite tracking and navigation systems, reports ZDNet. But “Criminals are turning to cheap GPS jamming devices to ransack the cargo on roads and at sea, a problem that’s getting worse….”
Jammers work by overpowering GPS signals by emitting a signal at the same frequency, just a bit more powerful than the original. The typical jammers used for cargo hijackings are able to jam frequencies from up to 5 miles away rendering GPS tracking and security apparatuses, such as those used by trucking syndicates, totally useless. In Mexico, jammers are used in some 85% of cargo truck thefts. Statistics are harder to come by in the United States, but there can be little doubt the devices are prevalent and widely used. Russia is currently availing itself of the technology to jam commercial planes in Ukraine.

As we’ve covered, the proliferating commercial drone sector is also prey to attack…. During a light show in Hong Kong in 2018, a jamming device caused 46 drones to fall out of the sky, raising public awareness of the issue.

259

Scope creep: Woman Whose Rape Kit DNA Led To Her Arrest

A rape victim whose DNA from her sexual assault case was used by San Francisco police to arrest her in an unrelated property crime on Monday filed a lawsuit against the city. During a search of a San Francisco Police Department crime lab database, the woman’s DNA was tied to a burglary in late 2021. Her DNA had been collected and stored in the system as part of a 2016 domestic violence and sexual assault case, then-District Attorney Chesa Boudin said in February in a shocking revelation that raised privacy concerns. “This is government overreach of the highest order, using the most unique and personal thing we have — our genetic code — without our knowledge to try and connect us to crime,” the woman’s attorney, Adante Pointer, said in a statement.

The revelation prompted a national outcry from advocates, law enforcement, legal experts and lawmakers. Advocates said the practice could affect victims’ willingness to come forward to law enforcement authorities. Federal law already prohibits the inclusion of victims’ DNA in the national Combined DNA Index System. There is no corresponding law in California to prohibit local law enforcement databases from retaining victims’ profiles and searching them years later for entirely different purposes.

Boudin said the report was found among hundreds of pages of evidence against a woman who had been recently charged with a felony property crime. After learning the source of the DNA evidence, Boudin dropped the felony property crime charges against the woman. The police department’s crime lab stopped the practice shortly after receiving a complaint from the district attorney’s office and formally changed its operating procedure to prevent the misuse of DNA collected from sexual assault victims, Police Chief Bill Scott said. Scott said at a police commission meeting in March that he had discovered 17 crime victim profiles, 11 of them from rape kits, that were matched as potential suspects using a crime victims database during unrelated investigations. Scott said he believes the only person arrested was the woman who filed the lawsuit Monday.

259

World Heading Into ‘Uncharted Territory of Destruction,’ Says Climate Report

Despite intensifying warnings in recent years, governments and businesses have not been changing fast enough, according to the United in Science report published on Tuesday. The consequences are already being seen in increasingly extreme weather around the world, and we are in danger of provoking “tipping points” in the climate system that will mean more rapid and in some cases irreversible shifts.

Recent flooding in Pakistan, which the country’s climate minister claimed had covered a third of the country in water, is the latest example of extreme weather that is devastating swathes of the globe. The heatwave across Europe including the UK this summer, prolonged drought in China, a megadrought in the US and near-famine conditions in parts of Africa also reflect increasingly prevalent extremes of weather. The secretary general of the United Nations, Antonio Guterres, said: “There is nothing natural about the new scale of these disasters. They are the price of humanity’s fossil fuel addiction. This year’s United in Science report shows climate impacts heading into uncharted territory of destruction.”

262

Plastic Might Be Making You Obese

The global obesity epidemic is getting worse, especially among children, with rates of obesity rising over the past decade and shifting to earlier ages. In the US, roughly 40% of today’s high school students were overweight by the time they started high school. Globally, the incidence of obesity has tripled since the 1970s, with fully one billion people expected to be obese by 2030. The consequences are grave, as obesity correlates closely with high blood pressure, diabetes, heart disease and other serious health problems. Despite the magnitude of the problem, there is still no consensus on the cause, although scientists do recognize many contributing factors, including genetics, stress, viruses and changes in sleeping habits. Of course, the popularity of heavily processed foods — high in sugar, salt and fat — has also played a role, especially in Western nations, where people on average consume more calories per day now than 50 years ago. Even so, recent reviews of the science conclude that much of the huge rise in obesity globally over the past four decades remains unexplained.

An emerging view among scientists is that one major overlooked component in obesity is almost certainly our environment — in particular, the pervasive presence within it of chemicals which, even at very low doses, act to disturb the normal functioning of human metabolism, upsetting the body’s ability to regulate its intake and expenditure of energy. Some of these chemicals, known as “obesogens,” directly boost the production of specific cell types and fatty tissues associated with obesity. Unfortunately, these chemicals are used in many of the most basic products of modern life including plastic packaging, clothes and furniture, cosmetics, food additives, herbicides and pesticides. Ten years ago the idea of chemically induced obesity was something of a fringe hypothesis, but not anymore.

252

This law makes it illegal for companies to collect third-party data to profile you. But they do anyway.

When you purchase a product or service from a company, fill out an online form, or sign up for a newsletter, you might provide only the necessary data such as your name, email, delivery address and/or payment information.

That company may then turn to other retailers or data brokers to purchase or exchange extra data about you. This could include your age, family, health, habits and more.

This allows them to build a more detailed individual profile on you, which helps them predict your behaviour and more precisely target you with ads.

For almost ten years, there has been a law in Australia that makes this kind of data enrichment illegal if a company can “reasonably and practicably” request that information directly from the consumer. And at least one major data broker has asked the government to “remove” this law.

The burning question is: why is there not a single published case of this law being enforced against companies “enriching” customer data for profiling and targeting purposes?

263

Facebook Engineers: We Have No Idea Where We Keep All Your Personal Data

In March, two veteran Facebook engineers found themselves grilled about the company’s sprawling data collection operations in a hearing for the ongoing lawsuit over the mishandling of private user information stemming from the Cambridge Analytica scandal.

The hearing, a transcript of which was recently unsealed, was aimed at resolving one crucial issue: What information, precisely, does Facebook store about us, and where is it? The engineers’ response will come as little relief to those concerned with the company’s stewardship of billions of digitized lives: They don’t know.

The dispute over where Facebook stores data arose when, as part of the litigation, now in its fourth year, the court ordered Facebook to turn over information it had collected about the suit’s plaintiffs. The company complied but provided data consisting mostly of material that any user could obtain through the company’s publicly accessible “Download Your Information” tool.

Facebook contended that any data not included in this set was outside the scope of the lawsuit, ignoring the vast quantities of information the company generates through inferences, outside partnerships, and other nonpublic analysis of our habits — parts of the social media site’s inner workings that are obscure to consumers. Briefly, what we think of as “Facebook” is in fact a composite of specialized programs that work together when we upload videos, share photos, or get targeted with advertising. The social network wanted to keep data storage in those nonconsumer parts of Facebook out of court.

In 2020, the judge disagreed with the company’s contention, ruling that Facebook’s initial disclosure had indeed been too sparse and that the company must reveal data obtained through its oceanic ability to surveil people across the internet and make monetizable predictions about their next moves.

Facebook’s stonewalling has been revealing on its own, providing variations on the same theme: It has amassed so much data on so many billions of people and organized it so confusingly that full transparency is impossible on a technical level.

257

Overrun by Influencers, Historic Sites Are Banning TikTok Creators in Nepal

They come in hordes, strike funny poses, dance to loud music, trample over crops, and often stir up unmanageable crowds that cause traffic jams. TikTok creators in Nepal have earned a reputation for disrespecting religious and historic places in their quest to create viral videos, and are now facing a backlash. Over the last two years, several prominent tourist and religious sites in Nepal have erected “No TikTok” signs to keep creators from shooting at the premises.

These sites include the Buddhist pilgrimage site Lumbini, Kathmandu’s famous Boudhanath Stupa, Ram Janaki Temple in Janakpur, and Gadhimai temple in Bara, among others. According to authorities, officials keep a close eye at these places and rule-breakers are warned or asked to leave. “Making TikTok by playing loud music creates a nuisance for pilgrims from all over the world who come to the birthplace of Gautama Buddha,” Sanuraj Shakya, a spokesperson for the Lumbini Development Trust, which manages the shrines in Lumbini, told Rest of World. “We have banned TikTok-making in and around the sacred garden, where the main temples are located.”

254

Too Many Servers Could Mean No New Homes In Parts of the UK

Data centers have caused skyrocketing power demand in parts of London. Now, new housing construction could be banned for more than a decade in some neighborhoods of the UK’s biggest city because the electricity grid is reaching capacity, as first reported on by the Financial Times. The reason: too many data centers are taking up too much electricity and hogging available fiber optic cables. The Financial Times obtained multiple letters sent from the city’s government, the Greater London Authority (GLA), to developers. “Major new applicants to the distribution network… including housing developments, commercial premises and industrial activities will have to wait several years to receive new electricity connections,” said one note, according to the news outlet.

The GLA also confirmed the grid issue to Gizmodo in an email, and sent along text from one of the letters, which noted that for some areas utilities are saying “electricity connections will not be available for their sites until 2027 to 2030.” Though the Financial Times reported that at least one letter indicated making the necessary electric grid updates in London could take up until 2035. […] “Data centres use large quantities of electricity, the equivalent of towns or small cities, to power servers and ensure resilience in service,” one of the GLA letters seen by the Financial Times reportedly said. […] Developers are “still getting their heads round this, but our basic understanding is that developments of 25 units or more will be affected. Our understanding is that you just can’t build them,” said David O’Leary, policy director at the Home Builders Federation, a trade body. Combined, those sections of London contain about 5,000 homes and make up about 11% of the city’s housing supply, according the Financial Times.

242

Police Across US Bypass Warrants With Mass Location-Tracking Tool

As summer winds down, researchers warned this week about systemic vulnerabilities in mobile app infrastructure, as well as a new iOS security flaw and one in TikTok. And new findings about ways to exploit Microsoft’s Power Automate tool in Windows 11 show how it can be used to distribute malware, from ransomware to keyloggers and beyond.

Fog Reveal Tool Gives Law Enforcement Cheap Access to US Location-Tracking Data From Smartphones

The data broker Fog Data Science has been selling access to what it claims are billions of location data points from over 250 million smartphones to local, state, and federal law enforcement agencies around the US. The data comes from tech companies and cell phone towers and is collected in the Fog Reveal tool from thousands of iOS and Android apps. Crucially, access to the service is cheap, often costing local police departments less than $10,000 per year, and investigations by the Associated Press and Electronic Frontier Foundation found that law enforcement sometimes pulls location data without a warrant. The EFF conducted its investigation through more than 100 public records requests filed over several months. “Troublingly, those records show that Fog and some law enforcement did not believe Fog’s surveillance implicated people’s Fourth Amendment rights and required authorities to get a warrant,” the EFF wrote.

252

Inside the biggest human surveillance experiment on the planet

It was in this techno-authoritarian wave that a facial recognition mania costing tens of billions of dollars began. Government policies with sci-fi names like SkyNet and Sharp Eyes laid out ambitious plans to blanket the country with cameras linked to police stations that shared data across the country. The vision was clear: just like on the internet, anonymity could be erased in real life. With accurate facial recognition, police could identify, categorise and follow a single person among 1.4 billion Chinese citizens.

228

Amazon’s empire of surveillance

Through recent billion-dollar acquisitions of health care services and smart home devices, the tech giant is leveraging its monopoly power to track ‘every aspect’ of our lives

Every step of the way, from its beginnings as an alternative to brick and mortar bookstores to snatching up over half of the online retail market, Amazon has relied on surveillance to dominate the competition, according to Evan Greer, director of the nonprofit advocacy group Fight for the Future.

261

As US Crypto Mining Surges, Lawmakers Demand Disclosure of Emissions and Energy Data

The world has changed since China banned cryptomining, the Guardian reports. And now “more than a third of the global computing power dedicated to mining bitcoin comes from the US, Senator Elizabeth Warren and five other Democrats reported in a letter to the Environmental Protection Agency…”

But the Guardian also notes there’s two problems with this:
– The largest US cryptomining companies have the capacity to use as much electricity as nearly every home in Houston, Texas; energy use that is contributing to rising utility bills, according to an investigation by Democratic lawmakers…

– “The results of our investigation … are disturbing … revealing that cryptominers are large energy users that account for a significant — and rapidly growing — amount of carbon emissions,” the letter states.

“It is imperative that your agencies work together to address the lack of information about cryptomining’s energy use and environmental impacts.” The congressional Democrats have asked the EPA and the Department of Energy to require cryptominers to disclose emissions and energy use, noting that regulators know little about the full environmental impact of the industry….

The power demands of the industry are also coming at a cost to consumers, the letter states, citing a study that found cryptomining operations in upstate New York led to a rise in electric bills by roughly $165m for small businesses and $79m for individuals.

The main operator of Texas’s grid admitted this week to the Verge that by 2026 crypto mining is set to increase demand on the state’s power grid by a whopping 27 gigawatts — or nearly a third of the grid’s current maximum capacity.

And an associate professor at Rochester Institute of Technology with a background in electricity system policy warns the site that “The more crypto mining that comes into the state, the higher the residents should expect the electricity prices to become.”

242

High Water Temperatures Compound Problems for France’s Nuclear Power Operator

“High water temperatures threaten to reduce France’s already unusually low nuclear output,” Reuters reported last week, “piling more pressure on operator EDF at a time when half its reactors are offline due to maintenance and corrosion issues.”

Because river water is used to cool the plants, “reactor production is limited during times of high heat to prevent the hot water re-entering rivers from damaging wildlife.”

“Given the relative rarity of intense heat waves and outages due to storms, the climate-related hiccups have a small impact on energy production overall — affecting less than 1 percent of annual output for EDF on average…” reports Wired. (Though EDF “recently told reporters that it expects more cuts in the coming months as water levels continue to fall.”) But Reuters points out this all comes at a bad time:
EDF has already been forced to cut planned output several times this year because of a host of problems at its reactors — and expects an 18.5 billion euros ($18.6 billion) hit to its 2022 core earnings because of production losses.

Now EDF’s debt “is projected to reach 60 billion euros by the end of the year,” reported Agence France-Presse on Tuesday, adding that the “highly indebted” utility saw announcements of a take-over bid by France’s national government to shareholders (at a cost of 9.7 billion euros ($9.9 billion):
EDF’s finances have been weighed down by declining output from France’s ageing nuclear power stations, which it manages, and the state-imposed policy to sell energy at below cost to consumers in an effort to help them pay their energy bills…. The public tender offer is the simplest way to take back full control of EDF, analysts said, without the need for full legal nationalisation — of which there has been none in France since 1981….

Currently over half of France’s 56 nuclear reactors are idle, either for maintenance or corrosion problems linked to ageing…. Nuclear energy currently covers some 70 percent of France’s electricity needs.

281

Bitcoin-Mining “Hurting” [sic] Texas’ Power Grid

“Record-breaking heat across Texas has pushed its fragile power grid to the brink,” reports NBC News. “But extreme temperatures are doing something else in the famously pro-business state: stirring opposition to energy-guzzling crypto miners who’ve flocked there seeking low-cost energy and a deregulatory stance.”

Ten industrial-scale crypto miners will consume an estimated 18 gigawatts in years to come — though the state’s current capacity is around 80 gigawatts (though it’s expected to grow).

The case against them?
The energy crypto miners use puts “an almost unprecedented burden” on the Texas grid, according to Ben Hertz-Shargel, global head of Grid Edge, a unit of Wood Mackenzie, an energy consulting firm. Mining “pushes the system closer to dangerous system peaks at all times,” he told NBC News. “It is completely inessential and consuming physical resources, time and money that should be going to decarbonize and strengthen the grid….”

Unlike other electricity systems, the Texas grid does not connect to other states’ grids; that means it cannot receive power from other areas in emergencies. Because of their high demand for electricity, crypto miners raise costs for other consumers of power, Hertz-Shargel said. And, on the Texas grid, miners can get paid for powering down during peak demand periods, like the one that recently hit the state. Miners and other industrial customers with these types of arrangements receive revenues for not using electricity; the costs of those revenues are passed on to other electricity customers…. During peak periods, miners can also resell to the grid the electricity they would otherwise have used. Because their contracts can let them buy power at low cost, energy resales when demand is high can generate significant financial benefits in the form of credits against future use….

Electricity customers across the state will cover those credits, said Andrew Dessler, professor of atmospheric sciences at Texas A&M University. “Ratepayers in Texas are going to be paying it off a little bit every month for decades,” Dessler said. “It angers me so much.”

But Lee Bratcher, founder of the Texas Blockchain Council, makes the case for industrial-scale bitcoin mines:
Bratcher and the crypto miners he represents say they provide three benefits to Texas. Because they can turn off their electricity use during high-demand periods, they can help stabilize the grid and rein in runaway power prices. “Power pricing is set off at peaks and the miners are specifically trying to turn off during peaks,” he said. In addition, crypto miners’ 24/7 demand for electricity can provide an incentive for wind and solar developers to bring more green power to the grid while new jobs and tax revenues “lead to orders of magnitude of human flourishing in communities where the mines set up,” Bratcher said.

Still, 800 locals have signed a petition against plans to built America’s largest bitcoin-mining facility — a facility which will consume 1.4 million gallons of water a day and 1 gigawatt of electricity (enough to power 200,000 homes).
Jackie Sawicky, a small-business owner, is organizing the opposition to the Riot facility. “There are over 7,000 people in poverty and 8,000 seniors living on fixed incomes here,” she told NBC News. “We cannot afford increased water costs and electricity.”

According to a 2020 economic impact report commissioned by the Rockdale Municipal Development District, an entity run by area businesspeople, the facility will deliver an estimated $28.5 million in economic benefits to the community over 10 years. The operation employs “nearly 200 full-time benefited employees…”

276

Pegasus Spyware Used Against Thailand’s Pro-Democracy Movement

NSO Group’s Pegasus spyware was used to target Thai pro-democracy protesters and leaders calling for reforms to the monarchy. “We forensically confirmed that at least 30 individuals were infected with NSO Group’s Pegasus spyware,” reports Citizen Lab. “The observed infections took place between October 2020 and November 2021.” Here’s an excerpt from the report:
Introduction: Surveillance & Repression in Thailand: The Kingdom of Thailand is a constitutional monarchy with a parliamentary-style government divided into executive, legislative, and judiciary branches. The country has been beset by intense political conflict since 2005, during the government of former Prime Minister Thaksin Shinawatra. Corruption allegations against the regime culminated in a military coup on September 19, 2006 that ousted Thaksin. The military launched another coup on May 22, 2014 and seized power following mass protests against the civilian government led by Thaksin’s sister, Yingluck Shinawatra. The junta claimed that the 2014 coup was needed to restore order and called itself the National Council for Peace and Order (NCPO).

Findings: Pegasus Infections in Thailand: On November 23, 2021, Apple began sending notifications to iPhone users targeted by state-backed attacks with mercenary spyware. The recipients included individuals that Apple believes were targeted with NSO Group’s FORCEDENTRY exploit. Many Thai civil society members received this warning. Shortly thereafter, multiple recipients of the notification made contact with the Citizen Lab and regional groups. In collaboration with Thai organizations iLaw and DigitalReach, forensic evidence was obtained from notification recipients, and other suspected victims, who consented to participate in a research study with the Citizen Lab. We then performed a technical analysis of forensic artifacts to determine whether these individuals were infected with Pegasus or other spyware. Victims publicly named in this report consented to be identified as such, while others chose to remain anonymous, or have their cases described with limited detail.

Civil Society Pegasus Infections: We have identified at least 30 Pegasus victims among key civil society groups in Thailand, including activists, academics, lawyers, and NGO workers. The infections occurred from October 2020 to November 2021, coinciding with a period of widespread pro-democracy protests, and predominantly targeted key figures in the pro-democracy movement. In numerous cases, multiple members of movements or organizations were infected. Many of the victims included in this report have been repeatedly detained, arrested, and imprisoned for their political activities or criticism of the government. Many of the victims have also been the subject of lese-majeste prosecutions by the Thai government. While many of the infections were detected on the devices of prominent figures, hacking was also observed against individuals who are not publicly involved in the protests. Speculatively, this may reflect the attackers’ intent to uncover details about how opposition movements were organized, and may have been prompted by specific financial transactions that would have been known to Thai financial institutions and the government, but not the public.

277