Alvaro Lopez Ortega / 2025-04-29 Briefing

Created Tue, 29 Apr 2025 12:23:40 +0000 Modified Sun, 18 May 2025 18:47:07 +0000
3852 Words

Today’s headlines highlight significant advancements and challenges in internet infrastructure, with Windows 7 logon delays fixed in 2009, and innovative security measures like HAProxy’s Lua-free scraper protection. Meanwhile, China emerges as a major cyber threat to the US, with AI-powered cyberattacks and espionage tactics, underscoring the evolving landscape of cybersecurity threats.

▶️ Internet Infrastructure

Windows 7 Logon Delays Caused by Desktop Component Reporting Issues Fixed in 2009

Windows 7 experienced a 30-second logon delay with solid color backgrounds due to desktop component reporting issues, fixed in November 2009, involving wallpaper load and group policy handling.

  • Windows 7 logon slowdown occurred for several months when using a solid color background, notably in Windows 7 and Windows Server 2008 R2.
  • The delay was caused by the logon system waiting for desktop components, such as wallpaper loading or desktop icons, to report readiness, with a 30-second timeout.
  • Specific issues included the wallpaper load code not reporting ready if no bitmap was defined and group policies (e.g., “Hide desktop icons”) delaying the report, extending the Welcome screen duration rather than actual logon time.

HAProxy Implements Hash-Based Scraper Protection Without Lua

Uses HAProxy stick tables and inline SHA-256 hashing in HAProxy config to prevent scrapers, with path and User-Agent ACLs, enabling server-side validation without external scripts.

  • Implements scraper protection using HAProxy stick tables and inline SHA-256 hash calculation in HAProxy configuration
  • Uses ACLs to target specific paths and User-Agent headers for challenge enforcement
  • The setup involves a 38-line HAProxy config and a 95-line challenge HTML, with server-side hash validation in HAProxy without Lua support

Fediverse Server Analysis Reveals European Concentration and Network Resilience

Rob Ricci’s analysis of fedidb and ipinfo.io reveals high decentralization with 2,650 servers, significant European hosting concentration, and 75% behind resilient BGP prefixes, highlighting infrastructure vulnerabilities.

  • Rob Ricci analyzed 2,650 fediverse servers using fedidb and ipinfo.io, focusing on hosting distribution, network resilience, and geographic location.
  • 24% of servers are behind Cloudflare, obscuring exact hosting locations; Hetzner hosts 14% of servers, with significant European concentration (e.g., 81% in Germany, 73% in France).
  • 75% of servers are behind BGP prefixes hosting 10 or fewer servers, indicating high network resilience; top hosting countries are the US (871), Germany (439), and Japan (148).

GitHub API Leak of Private Emails Remains Unresolved Despite Evidence

GitHub API leaks private emails for some profiles, remaining unresolved after HackerOne dismissed the issue in April 2025 despite documented evidence.

  • GitHub API exposes private email addresses not visible on public profiles
  • Issue discovered during API crawling for code input project in April 2025
  • HackerOne closed the report as informative after three weeks, claiming inability to reproduce the issue despite evidence

Spain to Implement Measures After Power Outage and Disconnection Events

Spain plans comprehensive measures after a blackout caused by two disconnection events, with investigations ruling out cyberattacks; power was restored, but ongoing transport disruptions remain.

  • Spanish Prime Minister Pedro Sánchez commits to “all necessary measures” to prevent future blackouts following a widespread power outage.
  • Spain’s investigation involves an independent commission led by the Ministry of Ecological Transition, with cooperation from the Spanish National Cybersecurity Institute, the National Cryptology Centre, and the National Competition Market Commission.
  • The outage resulted from two “disconnection events” in the electric grid, with no evidence of human error or cyberattack; power has been fully restored, but disruptions persist in transport and services.

Zurich Researchers Conduct Unapproved Harmful AI Experiment on CMV Users

University of Zurich researchers conducted an unauthorized, ethically questionable AI persuasion experiment on CMV users, using personalized, harmful comments without prior disclosure or moderator approval.

  • Researchers from the University of Zurich conducted an unauthorized experiment on CMV users using AI-generated comments without prior community or moderator consent.
  • The study, approved by IRB (Approval number: 24.04.01), assessed LLM’s persuasiveness via undisclosed AI comments, including personalized and emotionally manipulative content.
  • The experiment involved AI impersonating victims, trauma counselors, and individuals with controversial identities, violating community rules and ethical standards; the researchers changed the study scope without ethics approval.

PyXL Delivers 30x Faster Real-Time Python on FPGA Hardware

PyXL runs Python directly in hardware on FPGA, achieving 480ns GPIO round-trip latency—30x faster than MicroPython—by compiling Python bytecode to custom assembly, enabling deterministic, real-time embedded Python applications.

  • PyXL executes Python directly in hardware on a Zynq-7000 FPGA at 100MHz, with GPIO access wired to FPGA pins, enabling deterministic, real-time behavior.
  • The GPIO round-trip latency on PyXL is 480ns, compared to approximately 14,741ns on MicroPython (PyBoard), making PyXL roughly 30x faster; normalized for clock speed, advantage is about 50x.
  • The test program measures cycle counts using pyxl_get_cycle_counter() and performs GPIO read/write operations via custom intrinsics, with code compiled from Python bytecode to hardware-specific assembly.

FreeBSD’s Legacy: Powering Devices, Security Innovations, and Community Support

FreeBSD, rooted in Berkeley’s BSD, powers devices from PlayStation to routers, with key features like Jails and CHERI, and is supported by the FreeBSD Foundation to sustain its impact.

  • FreeBSD originated from UC Berkeley’s BSD project in the 1970s, officially founded on June 19, 1993, as an evolution of 386BSD
  • The FreeBSD Foundation, established in 2000 by Justin T Gibbs, provides financial, legal backing, infrastructure, and advocacy to ensure project longevity
  • FreeBSD is used in products like PlayStation, network infrastructure, cloud services, with features such as Jails, Capsicum, and CHERI enhancing security and virtualization
  • Major adopters include Netflix (delivering up to 800 Gbps from a single server), NetApp (ONTAP software), and Beckhoff Automation, highlighting its role in high-performance, mission-critical systems
  • The project attracts new contributors through educational initiatives, internships, Google Summer of Code, and a flexible governance structure
  • The FreeBSD Foundation maintains infrastructure, manages security disclosures, and supports community efforts, ensuring stability and continuous innovation

KubeCon + CloudNativeCon China 2025 Promotes Innovation in Hong Kong

KubeCon + CloudNativeCon China (June 10-11, 2025) in Hong Kong promotes open source cloud native innovation, featuring keynotes, technical deep dives, and industry collaboration, emphasizing China’s global contributions.

  • KubeCon + CloudNativeCon China will be held in Hong Kong from June 10-11, 2025, showcasing open source and cloud native innovation in Asia.
  • Registration options include All-Access and Day Passes; special rates available for individuals and academia.
  • The event features keynotes, deep dives into Kubernetes, WASM, eBPF, service mesh, cloud native AI, deployment stories from Asia, and opportunities for developer collaboration and industry engagement.
  • Focuses on China’s contributions to cloud native projects like KubeEdge, OpenYurt, Volcano, and their global impact, emphasizing regional policies and digital sovereignty.
  • Aims to facilitate cross-pollination among developers, vendors, CIOs, CTOs, and investors, with sessions accessible in Mandarin and Cantonese.
  • Highlights Hong Kong’s strategic role as an international business hub for regional networking and innovation influence.

Amazon Launches First 27 Kuiper Satellites in $7.4B Low Earth Orbit Network

Amazon’s first 27 Kuiper satellites launched via Atlas V on April 28, 2025, marking initial deployment of a planned 3,200+ satellites, with total project costs estimated between $16.5 and $20 billion.

  • Amazon launched 27 Kuiper broadband satellites into orbit on an Atlas V rocket from Cape Canaveral on April 28, 2025, at 7:01 PM ET
  • The launch achieved early milestones with all systems nominal within five minutes post-launch
  • Amazon has budgeted $7.4 billion for satellite launch and related services through 2028, with over 80 launches planned to deploy 3,200+ satellites for its low Earth orbit network

Forty Years of Arm: The Low-Power RISC Chip That Changed Computing

The first Arm processor, powered on 40 years ago, was a low-power, simple RISC chip documented in 808 lines of BBC BASIC, revolutionizing computing with its efficiency and impact.

  • The first Arm processor was powered on 40 years ago, on April 26, 1985, at the Centre for Computing History (CCH).
  • The original chip was a low-power RISC processor developed by a 10-person team over 18 months, consuming approximately 120 mW, significantly below the 2,000 mW of contemporary CISC processors.
  • The initial design was documented in 808 lines of BBC BASIC, authored by Sophie Wilson, with early testing confirming functionality, including running BBC BASIC commands like Pi.
  • Steve Furber, responsible for the micro-architecture, noted the simplicity of the design, emphasizing the minimal line count and self-commenting nature of BBC BASIC.
  • The early processor was a prototype for future widespread adoption, with the CCH exhibit now a permanent fixture at the Centre for Computing History.
  • The event featured early team members and highlighted the modesty and foresight of the original design, which contrasted with the larger, more complex modern Arm CPUs.
  • The original Arm chip was developed with a focus on power efficiency and simplicity, influencing the architecture of billions of devices today.
  • The CCH exhibit includes vintage computers and gaming consoles, emphasizing the historical significance of the Arm architecture.

China Surpasses Russia as US’s Top Cyber Threat, Montgomery Warns

Former Rear Admiral Montgomery warns China is now America’s top cyber threat, with advanced offensive capabilities, targeting critical infrastructure, and calls for increased US cyber offensive recruitment and stricter cybersecurity regulations.

  • Former Rear Admiral Mark Montgomery states China has become the primary cyber adversary of the US, surpassing Russia.
  • Volt Typhoon attacks in 2024 targeted US critical infrastructure, with Chinese officials openly acknowledging responsibility in December 2024.
  • Montgomery highlights China’s advanced cyber capabilities, increased offensive staffing levels (up ~1,000%), and the vulnerability of private critical infrastructure.
  • US military cyber offensive personnel have increased marginally from 6,400 to ~6,700 since 2015, while Chinese offensive staffing has grown significantly.
  • Critical infrastructure owned mainly by private sector (estimated 82-86%) is poorly protected; US military bases are well-secured but rely on vulnerable commercial systems.
  • Chinese operations like Salt Typhoon and Volt Typhoon demonstrate espionage and infrastructure attack capabilities, with potential use during crises such as Taiwan invasion.
  • Montgomery recommends recruiting more offensive cyber operators, including utilizing National Guard talent, and extending cybersecurity mandates similar to Sarbanes-Oxley to improve resilience.

▶️ Open Source

LibreLingo: A Free Open-Source Platform for Multilingual Language Learning

LibreLingo is a free, open-source language-learning platform with community contributions, offering courses in multiple languages, with source code licensed under AGPL-3.0.

  • LibreLingo is a community-driven, open-source language-learning platform created by Dániel Kántor and contributors
  • Offers courses in Spanish, German, French, Bangla, Middle Persian, Basque, Ladino (multiple dialects), and Houma
  • Source code licensed under AGPL-3.0, available at GitHub

CNCF Challenges Synadia’s Relicensing of NATS and Asset Claims

CNCF is legally contesting Synadia’s move to relicense NATS from Apache 2.0 to BSL, asserting Synadia cannot unilaterally seize community assets or branding; plans include reverting to Apache 2.0 after 2-4 years.

  • CNCF filed petitions with the US Patent and Trademark Office to block Synadia from using the NATS logo and domain.
  • Synadia shifted NATS from Apache 2.0 to Business Source License (BSL), with plans to revert to Apache 2.0 after 2-4 years.
  • CNCF states Synadia cannot unilaterally reclaim community assets, branding, or infrastructure; it offers options for forked proprietary versions.

Phishing Campaign Targets Uyghur Diaspora in Supply Chain Attack

Citizen Lab uncovered a supply chain attack using phishing emails with malware-laden UyghurEditPP, targeting Uyghur diaspora, aligning with China’s efforts to suppress Uyghur language and activism.

  • Citizen Lab identified a supply chain attack involving a phishing campaign targeting Uyghur diaspora members outside China.
  • The attack involved impersonation of trusted contacts, delivering links to download a password-protected RAR archive containing a modified open source Uyghur text editor, UyghurEditPP.
  • The compromised UyghurEditPP version included malware with backdoor capabilities, enabling device information gathering, data exfiltration, file download, and malware plugin installation.
  • The phishing emails exploited the developer’s prior relationship with Uyghur community members, leveraging trust to implant malware.
  • Citizen Lab has not identified the attack’s source but notes China’s history of using similar tactics to suppress Uyghur language and activism.
  • The attack’s technical sophistication was limited; Google alerted targets, and the malware did not involve zero-day exploits.
  • The campaign demonstrated deep social engineering knowledge of the Uyghur community, raising concerns about future escalations.

OpenBSD 7.7 Boosts Hardware Support with Ryzen AI, Radeon RX 9070, and Arrow Lake

OpenBSD 7.7 introduces support for Ryzen AI 300, Radeon RX 9070, and Arrow Lake, with updated hardware support, recent desktop environments, and improved power and WiFi features.

  • OpenBSD 7.7 released on April 29, 2025, adding support for Ryzen AI 300, Radeon RX 9070 (Navi 48), and Intel Arrow Lake
  • Supports hardware including HP PA-RISC, Omron Motorola 88000 workstations, and modern CPUs
  • Includes GNOME 47 and KDE Plasma 6.3.3, with enhanced power management and WiFi subsystem supporting recent chipsets and standards

OpenLogic 2025 Report Highlights FOSS Adoption Challenges and Legacy System Risks

The 2025 OpenLogic report reveals widespread FOSS adoption amid challenges like legacy OS, outdated frameworks, and skills shortages, impacting enterprise security and modernization efforts.

  • The 2025 OpenLogic State of Open Source Report is based on 433 responses from global organizations surveyed between September 17 and December 20, 2024.
  • 96% of organizations use FOSS; 25% still operate on end-of-life CentOS Linux, with 40% of large enterprises affected.
  • Nearly 30% of organizations are unsure of their response to attacks on unsupported OS, and 75% cite “lack of skills” as a migration barrier.
  • 53% build applications with JavaScript, with over 15% using Angular.js (version 1), which reached end-of-life in 2022; supported versions are 17-19.
  • About 60% of organizations use Ubuntu, 30% Debian, and 25% CentOS; 47% of big data users have low confidence in their tools.
  • Half of respondents manage over 1,000 servers; 33% have more than 10,000; more than a quarter work with over 20 vendors.
  • The report highlights challenges in modernization, support costs, vendor lock-in, and the legacy of outdated Linux distributions and JavaScript frameworks.

▶️ Software Development

Developer switches Architect of Ruin to Unity for better workflow and tools

Developer switched Architect of Ruin from Bevy/Rust to Unity/C# in early 2025, citing improved workflow, faster iteration, and ecosystem support, despite initial porting challenges and localization issues.

  • Developer transitioned Architect of Ruin from Bevy/Rust to Unity/C# in January 2025 after six weeks of porting
  • Porting involved reimplementing core systems, reducing code size, and improving maintainability; UI and tilemap tasks completed within 3 days
  • Development has since benefited from faster iteration, ecosystem tools like AStar Pathfinding, but faces ongoing localization challenges due to lack of comparable Unity solutions

▶️ Management and Leadership

Amazon to Display Tariff Costs Next to Prices Amid Trade Tensions

Amazon will soon show tariff costs next to product prices to reflect Trump’s tariffs, affecting consumer costs and signaling companies’ reluctance to absorb trade-related expenses.

  • Amazon will soon display how much of each product’s price is due to tariffs, as Trump’s trade tariffs impact imported goods.
  • The tariff cost display will be implemented in the coming weeks, highlighting the impact of 145% tariffs on Chinese products and 10% baseline tariffs.
  • The move aims to shift responsibility for tariff costs to consumers and may provoke political tensions with the Trump administration.

White House criticizes Amazon’s plan to display tariffs as a hostile act

The White House condemned Amazon’s plan to display tariffs’ costs next to product prices, citing it as a “hostile and political act,” amid ongoing tariff disputes affecting Chinese-sourced goods.

  • The White House accused Amazon of planning to display tariffs’ costs next to product prices, calling it a “hostile and political act.”
  • White House press secretary Karoline Leavitt criticized Amazon, questioning why similar actions weren’t taken during previous inflation increases under Biden.
  • Amazon clarified that only its Amazon Haul section considered listing import charges; no changes have been made to the main site.
  • About 70% of Amazon’s products are sourced from China, where tariffs of up to 145% have been imposed by Trump.
  • Amazon’s stock fell over 2% in premarket trading following the White House’s remarks.
  • The plan to show tariff costs was reported by Punchbowl News, indicating the amount added due to tariffs will be displayed alongside product prices.
  • Leavitt linked Amazon’s move to alleged cooperation with Chinese propaganda, citing a 2021 Reuters report on Amazon removing reviews of Xi Jinping’s speeches.
  • The controversy highlights tensions between the White House and Amazon amid ongoing tariff policies affecting Chinese imports and U.S. consumers.

CISOs Urged to Secure Insurance, Document Interactions, and Navigate Whistleblowing Risks

CISOs should secure liability insurance, document all interactions, and avoid HR reliance; whistleblowing involves ethical risks, with advice emphasizing preparation, transparency, and strategic exit.

  • RSA Conference panel advised CISOs to negotiate personal liability insurance and a golden parachute before starting a new role.
  • Recommendations include avoiding suing employers after whistleblowing to prevent blacklisting; documenting all communications via email is crucial.
  • Panelists emphasized that HR is not an ally, and CISOs should record conversations, ensure board minutes reflect key discussions, and build strong relationships to defend their integrity.

Senate investigation alleges Elon Musk’s control of DOGE unit enables him to evade over $2.37 billion in liabilities by influencing regulators and avoiding oversight, raising conflict of interest concerns.

  • Senate report estimates Musk’s control over SpaceX, Tesla, Neuralink, xAI, and Boring Company could help him avoid over $2.37 billion in liabilities
  • Musk maintained full control after leading the DOGE cost-trimming effort, exercising influence over regulatory agencies
  • The report highlights conflicts of interest, potential for self-enrichment, and interference with investigations, with $2.37 billion as a conservative liability estimate

AI Boosts Cybersecurity with $135 Billion Investment by 2030

AI is reshaping cybersecurity with $135 billion projected investment by 2030, automating threat detection, enhancing predictive defenses, and supporting critical infrastructure amid evolving adversary tactics.

  • AI is transforming cybersecurity by enhancing speed, precision, and automation, aiding early threat detection and faster response.
  • Global investment in AI-powered cybersecurity is projected to reach $135 billion by 2030, supporting critical sectors like energy, healthcare, IoT, and edge computing.
  • AI’s ability to process large datasets and real-world attack vectors improves predictive and defensive capabilities, shifting focus from reactive to proactive security.

US State Department Reorganization May Weaken US Tech and Cybersecurity Influence

The US State Department’s 2025 reorganization, including demoting the cybersecurity-focused CDP bureau and cutting 15% of domestic staff, risks weakening US influence in global tech and cybersecurity policy against China.

  • US State Department announced a major reorganization, including demotion of the Cyberspace and Digital Policy (CDP) bureau from reporting directly to the Deputy Secretary to under the Under Secretary for Economic Growth, Energy, and Environment.
  • The reorg will reportedly reduce the department’s domestic staff by 15%, with the State Department not confirming specifics.
  • The reorganization involves closing or restructuring several offices, including the Office of the Science and Technology Adviser to the Secretary and the Foreign Service Institute, and rebranding the Under Secretary for Civilian Security, Democracy, and Human Rights to focus narrowly on Foreign Assistance and Human Rights.

FBI Warns China Uses AI to Boost Cyberattacks and Infiltrate US Networks

FBI warns China employs AI across attack stages to improve infiltration, lateral movement, and social engineering, with groups like Volt Typhoon exploiting vulnerabilities and scaling cyber operations.

  • FBI warns China is using AI to enhance every stage of its cyberattack chain, increasing efficiency and speed, according to Deputy Assistant Director Cynthia Kaiser.
  • Chinese state-backed cyber groups, such as Volt Typhoon and Salt Typhoon, exploit unpatched or end-of-life devices, conducting stealthy lateral movement and long-term infiltration into US critical infrastructure.
  • AI is employed by Chinese hackers and cybercriminals to automate reconnaissance, craft convincing spear-phishing messages, generate fake business profiles, and improve network mapping, aiding initial access and lateral movement.
  • Chinese cyber actors have compromised at least nine US telecommunications and government networks, infecting outdated routers to build botnets and prepare destructive cyberattacks.
  • FBI reports that China maintains approximately 50 dedicated hackers for every cyber agent, with recent budget cuts potentially easing their operational capacity.
  • Cybercriminals increasingly leverage AI to scale ransomware, social engineering, and deepfake scams, emphasizing the need for multi-factor authentication, including “old-school” MFA with secret words.
  • The FBI states that AI’s primary threat lies in aiding adversaries’ network mapping and lateral movement post-infiltration, complicating defense strategies.

HMRC Launches £1 Billion CRM SaaS Procurement to Modernize Customer Service

HMRC initiates a £1 billion CRM SaaS procurement, including identity, verification, and document management, to modernize customer service and integrate with the £500 million CCaaS platform.

  • HMRC plans to procure a SaaS CRM platform with a £1 billion ($1.34 billion) budget over up to 15 years, starting formal tender in June 2025
  • The CRM system will include registration, subscription, customer record management, identity verification, secure digital exchange, document storage, and technical support
  • The system will integrate with the upcoming Contact Centre as a Service (CCaaS), with a procurement value of up to £500 million ($670 million), to enhance taxpayer interactions and streamline services

Infosec Leaders and EFF Urge Trump to Drop Krebs Investigation and Revoke Security Clearances

Infosec leaders and EFF demand Trump reverse the investigation and security clearance revocation of Chris Krebs, citing political retaliation that endangers cybersecurity and democracy.

  • Infosec leaders and the Electronic Frontier Foundation (EFF) urge President Trump to drop the criminal investigation and revoke security clearances of Chris Krebs, citing political retaliation.
  • The open letter, co-signed by 40 organizations, warns that targeting Krebs and SentinelOne undermines cybersecurity efforts and threatens democratic and national security.
  • Trump initiated the investigation in April 2025, accusing Krebs of covering up election fraud evidence and colluding with social media to skew COVID-19 narratives; security clearances were revoked on April 10, 2025.

Duolingo Moves to AI-First Model, Replacing Contractors with Automation

Duolingo will transition to an “AI-first” model, replacing contractors with AI to scale content creation and develop features, while maintaining employee care and focusing on creative work.

  • Duolingo CEO Luis von Ahn announced the company will “gradually stop using contractors to do work that AI can handle” as part of becoming “AI-first.”
  • The shift involves rethinking workflows, integrating AI into hiring and performance reviews, and limiting headcount to tasks unautomatable by AI.
  • The company aims to remove bottlenecks, enabling employees to focus on creative and complex problems, supported by AI training and tooling.

▶️ Technology

Qwen3 Launches 235B and 30B MoE Models for Advanced Multilingual AI

Qwen3, released on April 29, 2025, features 235B and 30B MoE models with extensive multilingual support, hybrid thinking modes, and improved agentic capabilities, trained on 36 trillion tokens for advanced reasoning and efficiency.

  • Qwen3-235B-A22B model achieves competitive benchmark results in coding, math, and general tasks, comparable to DeepSeek-R1, o1, o3-mini, Grok-3, and Gemini-2.5-Pro.
  • Qwen3-30B-A3B MoE model outperforms QwQ-32B with 10x active parameters; smaller models like Qwen3-4B rival Qwen2.5-72B-Instruct.
  • Open-weighted models include Qwen3-235B-A22B, Qwen3-30B-A3B, and six dense models (Qwen3-32B, 14B, 8B, 4B, 1.7B, 0.6B) under Apache 2.0 license; models available on Hugging Face, ModelScope, Kaggle.

Alibaba Launches Qwen3, a 235B Parameter Open-Source Hybrid AI Model

Alibaba’s Qwen3 is a family of hybrid AI reasoning models, with sizes up to 235B parameters, trained on 36 trillion tokens, supporting 119 languages, and available under open licenses, enhancing China’s AI competitiveness.

  • Alibaba released Qwen3, a family of ‘hybrid’ AI reasoning models, on April 28, 2025, claiming performance comparable or superior to Google and OpenAI models.
  • Models range from 0.6 billion to 235 billion parameters, trained on over 36 trillion tokens, supporting 119 languages, with training data including textbooks, question-answer pairs, code, and AI-generated data.
  • Most models are available for download under an open license on Hugging Face and GitHub, and some are accessible via cloud providers like Fireworks AI and Hyperbolic.