Crime

Sheriff's Facebook Post Announces Sentencing of 70-Year-Old Man For a 1980 Cold Case (go.com) 104

In 1980 a 23-year-old woman was shot multiple times by an unknown assailant in a small county in central Kansas.

44 years later, the county sheriff made a Facebook post... Over the years, dozens of law enforcement officers looked at the case to no avail. In mid-2022 I was approached by Detective Sgt. Adam Hales to reopen the case using new techniques and technology that were now available at the time of the murder. In all honesty, it was with some degree of skepticism that I authorized the expenditure of manpower and resources... Many of the witnesses as well as law enforcement officers that were originally involved in the case had died and interviews were not possible.
A statement from the Kansas attorney general's office says the police investigation culminated with an interview with Steven Hanks, a neighbor of the woman, who admitted to the killing. Hanks (who is now 70 years old) was arrested and charged with murder and second-degree, according to the county sheriff's Facebook post: On a personal note, I was 18 years old and a senior in high school when this homicide occurred. I remember it well. By 1982 I had started with the Sheriff's Office as a reserve deputy and have been associated with the Barton County Sheriff's Office ever since. I worked for the four Sheriff's that preceded me and this homicide has haunted all of us. It bothers me that many of the people who were so affected by this tragic crime have since passed away prior to bringing the suspect to justice. I consider myself fortunate that I had the resources and the diligent personnel to close this case.
The Facebook post ends with a 1980 photo of 23-year-old Mary Robin Walter — who besides being a nursing school student was also a wife and mother — next to a booking photo of 70-year-old Steven Hanks.

Hanks has been sentenced to up to 25 years in prison
Crime

$50M In Counterfeit Vintage Consoles and Videogames Seized From Italian Crime Ring (bbc.com) 30

Police in Italy "smashed" a videogame trafficking ring, reports the BBC. They seized fake vintage Nintendo, Sega and Atari consoles that didn't meet strict safety standards, as well as counterfeit games — including Mario Bros., Street Fighter and Star Wars — that together were worth almost €50m ($55.5m) Around 12,000 consoles holding over 47 million pirated video games were seized by police, Alessandro Langella, head of the economic crime unit for Turin's financial police, told the AFP news agency... They were "all from China" and were imported to be sold in specialised shops or online, Mr Langella said...

The seized games have been destroyed. Nine Italian nationals have been arrested and charged with trading in counterfeited goods. If found guilty, they face up to eight years in prison.

NASA

Underfunded, Aging NASA May Be On Unsustainable Path, Report Warns (msn.com) 119

More details on that report about NASA from the Washington Post: NASA is 66 years old and feeling its age. Brilliant engineers are retiring. Others have fled to higher-paying jobs in the private space industry. The buildings are old, their maintenance deferred. The Apollo era, with its huge taxpayer investment, is a distant memory. The agency now pursues complex missions on inadequate budgets. This may be an unsustainable path for NASA, one that imperils long-term success. That is the conclusion of a sweeping report, titled "NASA at a Crossroads," written by a committee of aerospace experts and published Tuesday by the National Academies of Sciences, Engineering and Medicine. The report suggests that NASA prioritizes near-term missions and fails to think strategically. In other words, the space agency isn't sufficiently focused on the future.

NASA's intense focus on current missions is understandable, considering the unforgiving nature of space operations, but "one tends to neglect the probably less glamorous thing that will determine the success in the future," the report's lead author, Norman Augustine, a retired Lockheed Martin chief executive, said Tuesday. He said one solution for NASA's problems is more funding from Congress. But that may be hard to come by, in which case, he said, the agency needs to consider canceling or delaying costly missions to invest in more mundane but strategically important institutional needs, such as technology development and workforce training. Augustine said he is concerned that NASA could lose in-house expertise if it relies too heavily on the private industry for newly emerging technologies. "It will have trouble hiring innovative, creative engineers. Innovative, creative engineers don't want to have a job that consists of overseeing other people's work," he said...

The report is hardly a blistering screed. The tone is parental. It praises the agency — with a budget of about $25 billion — for its triumphs while urging more prudent decision-making and long-term strategizing.

NASA pursues spectacular missions. It has sent swarms of robotic probes across the solar system and even into interstellar space. Astronauts have continuously been in orbit for more than two decades. The most ambitious program, Artemis, aims to put astronauts back on the moon in a few short years. And long-term, NASA hopes to put astronauts on Mars. But a truism in the industry is that space is hard. The new report contends that NASA has a mismatch between its ambitions and its budget, and needs to pay attention to fundamentals such as fixing its aging infrastructure and retaining in-house talent. NASA's overall physical infrastructure is already well beyond its design life, and this fraction continues to grow," the report states.

NASA Administrator Bill Nelson said the report "aligns with our current efforts to ensure we have the infrastructure, workforce, and technology that NASA needs for the decades ahead," according to the article.

Nelson added that the agency "will continue to work diligently to address the committee's recommendations."
Networking

'Samba' Networking Protocol Project Gets Big Funding from the German Sovereign Tech Fund (samba.plus) 33

Samba is "a free software re-implementation of the SMB networking protocol," according to Wikipedia. And now the Samba project "has secured significant funding (€688,800.00) from the German Sovereign Tech Fund to advance the project," writes Jeremy Allison — Sam (who is Slashdot reader #8,157 — and also a long standing member of Samba's core team): The investment was successfully applied for by [information security service provider] SerNet. Over the next 18 months, Samba developers from SerNet will tackle 17 key development subprojects aimed at enhancing Samba's security, scalability, and functionality.

The Sovereign Tech Fund is a German federal government funding program that supports the development, improvement, and maintenance of open digital infrastructure. Their goal is to sustainably strengthen the open source ecosystem.

The project's focus is on areas like SMB3 Transparent Failover, SMB3 UNIX extensions, SMB-Direct, Performance and modern security protocols such as SMB over QUIC. These improvements are designed to ensure that Samba remains a robust and secure solution for organizations that rely on a sovereign IT infrastructure. Development work began as early as September the 1st and is expected to be completed by the end of February 2026 for all sub-projects.

All development will be done in the open following the existing Samba development process. First gitlab CI pipelines have already been running and gitlab MRs will appear soon!

Back in 2000, Jeremy Allison answered questions from Slashdot readers about Samba.

Allison is now a board member at both the GNOME Foundation and the Software Freedom Conservancy, a distinguished engineer at Rocky Linux creator CIQ, and a long-time free software advocate.
Privacy

23andMe To Pay $30 Million In Genetics Data Breach Settlement (bleepingcomputer.com) 36

23andMe has agreed to pay $30 million to settle a lawsuit over a data breach that exposed the personal information of 6.4 million customers in 2023. BleepingComputer reports: The proposed class action settlement (PDF), filed Thursday in a San Francisco federal court and awaiting judicial approval, includes cash payments for affected customers, which will be distributed within ten days of final approval. "23andMe believes the settlement is fair, adequate, and reasonable," the company said in a memorandum filed (PDF) Friday.

23andMe has also agreed to strengthen its security protocols, including protections against credential-stuffing attacks, mandatory two-factor authentication for all users, and annual cybersecurity audits. The company must also create and maintain a data breach incident response plan and stop retaining personal data for inactive or deactivated accounts. An updated Information Security Program will also be provided to all employees during annual training sessions.
"23andMe denies the claims and allegations set forth in the Complaint, denies that it failed to properly protect the Personal Information of its consumers and users, and further denies the viability of Settlement Class Representatives' claims for statutory damages," the company said in the filed preliminary settlement.

"23andMe denies any wrongdoing whatsoever, and this Agreement shall in no event be construed or deemed to be evidence of or an admission or concession on the part of 23andMe with respect to any claim of any fault or liability or wrongdoing or damage whatsoever."
The Courts

Sam Bankman-Fried Files Appeal For Fraud Conviction (cointelegraph.com) 58

Former FTX CEO Sam Bankman-Fried's legal team has filed an appeal challenging his conviction on seven felony counts and his 25-year prison sentence. They argue that he was not presumed innocent, that the jury received incomplete information about FTX user funds, and that the prosecution's narrative was biased. CoinTelegraph reports: In a Sept. 13 filing in the United States Court of Appeals for the Second Circuit, SBF's lawyers filed a 102-page brief claiming that the former FTX CEO was "never presumed innocent," subject to scrutiny that allegedly affected prosecutors, the presiding judge, and treatment by the media. Bankman-Fried's legal team announced in April -- a few weeks after a federal judge sentenced him to 25 years in prison -- that they intended to appeal. According to the appeal, SBF's lawyers alleged the jury was "only allowed to see half the picture" with FTX user funds, claiming prosecutors had "presented a false narrative" that the money was permanently lost and Bankman-Fried intentionally caused that loss. They also claimed that counsel for the FTX debtors worked with the US government in a way that was above and beyond "cooperation," providing information allegedly as an "arm of the prosecution."

"From day one, the prevailing narrative -- initially spun by the lawyers who took over FTX, quickly adopted by their contacts at the US Attorney's Office -- was that Bankman-Fried had stolen billions of dollars of customer funds, driven FTX to insolvency, and caused billions in losses," said the appeal. "Now, nearly two years later, a very different picture is emerging -- one confirming FTX was never insolvent, and in fact had assets worth billions to repay its customers. But the jury at Bankman-Fried's trial never got to see that picture." The legal team requested the appellate court grant SBF a new trial with a different judge. It's unclear whether the Second Circuit could rule to affirm Bankman-Fried's conviction in the US District Court for the Southern District of New York or reverse the decision and set the groundwork for a new trial.

Privacy

Apple Vision Pro's Eye Tracking Exposed What People Type 7

An anonymous reader quotes a report from Wired: You can tell a lot about someone from their eyes. They can indicate how tired you are, the type of mood you're in, and potentially provide clues about health problems. But your eyes could also leak more secretive information: your passwords, PINs, and messages you type. Today, a group of six computer scientists are revealing a new attack against Apple's Vision Pro mixed reality headset where exposed eye-tracking data allowed them to decipher what people entered on the device's virtual keyboard. The attack, dubbed GAZEploit and shared exclusively with WIRED, allowed the researchers to successfully reconstruct passwords, PINs, and messages people typed with their eyes. "Based on the direction of the eye movement, the hacker can determine which key the victim is now typing," says Hanqiu Wang, one of the leading researchers involved in the work. They identified the correct letters people typed in passwords 77 percent of the time within five guesses and 92 percent of the time in messages.

To be clear, the researchers did not gain access to Apple's headset to see what they were viewing. Instead, they worked out what people were typing by remotely analyzing the eye movements of a virtual avatar created by the Vision Pro. This avatar can be used in Zoom calls, Teams, Slack, Reddit, Tinder, Twitter, Skype, and FaceTime. The researchers alerted Apple to the vulnerability in April, and the company issued a patch to stop the potential for data to leak at the end of July. It is the first attack to exploit people's "gaze" data in this way, the researchers say. The findings underline how people's biometric data -- information and measurements about your body -- can expose sensitive information and beused as part of the burgeoning surveillance industry.

The GAZEploit attack consists of two parts, says Zhan, one of the lead researchers. First, the researchers created a way to identify when someone wearing the Vision Pro is typing by analyzing the 3D avatar they are sharing. For this, they trained a recurrent neural network, a type of deep learning model, with recordings of 30 people's avatars while they completed a variety of typing tasks. When someone is typing using the Vision Pro, their gaze fixates on the key they are likely to press, the researchers say, before quickly moving to the next key. "When we are typing our gaze will show some regular patterns," Zhan says. Wang says these patterns are more common during typing than if someone is browsing a website or watching a video while wearing the headset. "During tasks like gaze typing, the frequency of your eye blinking decreases because you are more focused," Wang says. In short: Looking at a QWERTY keyboard and moving between the letters is a pretty distinct behavior.

The second part of the research, Zhan explains, uses geometric calculations to work out where someone has positioned the keyboard and the size they've made it. "The only requirement is that as long as we get enough gaze information that can accurately recover the keyboard, then all following keystrokes can be detected." Combining these two elements, they were able to predict the keys someone was likely to be typing. In a series of lab tests, they didn't have any knowledge of the victim's typing habits, speed, or know where the keyboard was placed. However, the researchers could predict the correct letters typed, in a maximum of five guesses, with 92.1 percent accuracy in messages, 77 percent of the time for passwords, 73 percent of the time for PINs, and 86.1 percent of occasions for emails, URLs, and webpages. (On the first guess, the letters would be right between 35 and 59 percent of the time, depending on what kind of information they were trying to work out.) Duplicate letters and typos add extra challenges.
The Almighty Buck

You Can Now Legally Bet On the 2024 Congressional Elections (apnews.com) 94

A U.S. District Court judge on Thursday allowed New York-based startup Kalshi to legally offer betting on the outcome of the November Congressional elections (Warning: source paywalled; alternative source), despite opposition from the Commodity Futures Trading Commission (CFTC), which plans to appeal the decision due to concerns about potential market manipulation and public trust in the electoral process. Within minutes of the ruling, people began placing bets on Kalshi's website. It's currently the only legal opportunity for Americans to bet on U.S. elections under government regulation. Fortune reports: A startup company on Thursday began taking what amounts to bets on the outcome of the November Congressional elections after a judge refused to block them from doing so. The ruling by U.S. District Court Judge Jia Cobb in Washington permitted the only legally sanctioned bets on U.S. elections by an American jurisdiction. It enabled, at least temporarily, New York-based Kalshi to offer prediction contracts -- essentially yes-or-no bets -- on which party will win control of the Senate and the House in November. The company and its lawyer did not respond to requests for comment, but within 90 minutes of the judge's ruling, the bets were being advertised on the company's web site. Earlier in the day, the website had said they were "coming soon."

It was not clear how long such betting might last; the Commodity Futures Trading Commission, which last year prohibited the company from offering them, said it would appeal the ruling as quickly as possible. Contrasting his client with foreign companies who take bets from American customers on U.S. elections without U.S. government approval, Roth said Kalshi is trying to do things the right way, under government regulation. "It invested significantly in these markets," he said during Thursday's hearing. "They spent millions of dollars. It would be perverse if all that investment went up in smoke."

But Raagnee Beri, an attorney for the commission, said allowing such bets could invite malicious activities designed to influence the outcome of elections and undermine already fragile public confidence in the voting process. "These contracts would give market participants a $100 million incentive to influence the market on the election," she said. "There is a very severe public interest threat." She used the analogy of someone who has taken an investment position in corn commodities. "Somebody puts out misinformation about a drought, that a drought is coming," she said. "That could move the market on the price of corn. The same thing could happen here. The commission is not required to suffer the flood before building a dam."

Privacy

How SEC Mobile Phones Can Signal an Imminent Stock Price Drop 34

Mobile phone location data has linked site visits by US securities watchdogs to the headquarters of companies with measurable drops in their share prices -- even when no enforcement action is taken. From a report: When insiders sold shares right around a non-public visit by staff from the Securities and Exchange Commission, they avoided average losses of 4.9 per cent in the three months after the visit, according to a study led by researchers at four Midwestern universities. By matching commercially available data with share price moves, the study offers a window into the secretive world of securities enforcement beyond publicly announced cases. It also raises questions about the rules around insider trading.

"Maybe we should be thinking about what the rules are when the SEC shows up," said Marcus Painter, assistant professor of finance at Saint Louis University and one of the authors. The research used geolocation data to identify mobile phones that spent significant amounts of time at the SEC's various offices around the country. They then tracked those phones to corporate headquarters around the world in the 12-month period right before Covid-19 lockdowns led to extensive working from home.
The Courts

Court Clears Researchers of Defamation For Identifying Manipulated Data (arstechnica.com) 21

An anonymous reader quotes a report from Ars Technica: Earlier this year, we got a look at something unusual: the results of an internal investigation conducted by Harvard Business School that concluded one of its star faculty members had committed research misconduct. Normally, these reports are kept confidential, leaving questions regarding the methods and extent of data manipulations. But in this case, the report became public because the researcher had filed a lawsuit that alleged defamation on the part of the team of data detectives that had first identified potential cases of fabricated data, as well as Harvard Business School itself. Now, the court has ruled (PDF) on motions to dismiss the case. While the suit against Harvard will go on, the court has ruled that evidence-backed conclusions regarding fabricated data cannot constitute defamation -- which is probably a very good thing for science.

The researchers who had been sued, Uri Simonsohn, Leif Nelson, and Joe Simmons, run a blog called Data Colada where, among other things, they note cases of suspicious-looking data in the behavioral sciences. As we detailed in our earlier coverage, they published a series of blog posts describing an apparent case of fabricated data in four different papers published by the high-profile researcher Francesca Gino, a professor at Harvard Business School. The researchers also submitted the evidence to Harvard, which ran its own investigation that included interviewing the researchers involved and examining many of the original data files behind the paper. In the end, Harvard determined that research misconduct had been committed, placed Gino on administrative leave and considered revoking her tenure. Harvard contacted the journals where the papers were published to inform them that the underlying data was unreliable.

Gino then filed suit alleging that Harvard had breached their contract with her, defamed her, and interfered with her relationship with the publisher of her books. She also added defamation accusations against the Data Colada team. Both Harvard and the Data Colada collective filed a motion to have all the actions dismissed, which brings us to this new decision. Harvard got a mixed outcome. This appears to largely be the result that the Harvard Business School adopted a new and temporary policy for addressing research misconduct when the accusations against Gino came in. This, according to the court, leaves questions regarding whether the university had breached its contract with her. However, most of the rest of the suit was dismissed. The judge ruled that the university informing Gino's colleagues that Gino had been placed on administrative leave does not constitute defamation. Nor do the notices requesting retractions sent to the journals where the papers were published. "I find the Retraction Notices amount 'only to a statement of [Harvard Business School]'s evolving, subjective view or interpretation of its investigation into inaccuracies in certain [data] contained in the articles,' rather than defamation," the judge decided.

More critically, the researchers had every allegation against them thrown out. Here, the fact that the accusations involved evidence-based conclusions, and were presented with typical scientific caution, ended up protecting the researchers. The court cites precedent to note that "[s]cientific controversies must be settled by the methods of science rather than by the methods of litigation" and concludes that the material sent to Harvard "constitutes the Data Colada Defendants' subjective interpretation of the facts available to them." Since it had already been determined that Gino was a public figure due to her high-profile academic career, this does not rise to the standard of defamation. And, while the Data Colada team was pretty definitive in determining that data manipulation had taken place, its members were cautious about acknowledging that the evidence they had did not clearly indicate Gino was the one who had performed the manipulation. Finally, it was striking that the researchers had protected themselves by providing links to the data sources they'd used to draw their conclusions. The decision cites a precedent that indicates "by providing hyperlinks to the relevant information, the articles enable readers to review the underlying information for themselves and reach their own conclusions."

AI

White House Gets Voluntary Commitments From AI Companies To Curb Deepfake Porn (engadget.com) 50

In a statement today, the White House said it has received commitments from several AI companies to curb the creation and distribution of deepfake porn, also known as image-based sexual abuse material. Engadget reports: The participating businesses have laid out the steps they are taking to prevent their platforms from being used to generate non-consensual intimate images (NCII) of adults and child sexual abuse material (CSAM). Specifically, Adobe, Anthropic, Cohere, Common Crawl, Microsoft and OpenAI said they'll be: "responsibly sourcing their datasets and safeguarding them from image-based sexual abuse."

All of the aforementioned except Common Crawl also agreed they'd be: "incorporating feedback loops and iterative stress-testing strategies in their development processes, to guard against AI models outputting image-based sexual abuse" and "removing nude images from AI training datasets" when appropriate. [...] The notable absences from today's White House release are Apple, Amazon, Google and Meta.

AI

Facebook Admits To Scraping Every Australian Adult User's Public Photos and Posts To Train AI, With No Opt-out Option (abc.net.au) 56

Facebook has admitted that it scrapes the public photos, posts and other data of Australian adult users to train its AI models and provides no opt-out option, even though it allows people in the European Union to refuse consent. From a report: Meta's global privacy director Melinda Claybaugh was pressed at an inquiry as to whether the social media giant was hoovering up the data of all Australians in order to build its generative artificial intelligence tools, and initially rejected that claim. Labor senator Tony Sheldon asked whether Meta had used Australian posts from as far back as 2007 to feed its AI products, to which Ms Claybaugh responded "we have not done that".

But that was quickly challenged by Greens senator David Shoebridge.

Shoebridge: "The truth of the matter is that unless you have consciously set those posts to private since 2007, Meta has just decided that you will scrape all of the photos and all of the texts from every public post on Instagram or Facebook since 2007, unless there was a conscious decision to set them on private. That's the reality, isn't it?
Claybaugh: "Correct."

Ms Claybaugh added that accounts of people under 18 were not scraped, but when asked by Senator Sheldon whether public photos of his own children on his account would be scraped, Ms Claybaugh acknowledged they would.

Crime

Former Samsung Execs Arrested For Using Stolen Tech To Build Chip Factory In China (tomshardware.com) 18

South Korean police have arrested two former Samsung executives for allegedly leaking $3.2 billion worth of Samsung secrets to China to aid in building 20nm DRAM chips. Tom's Hardware reports: The authorities reported that one of the arrested suspects, 66-year-old Mr. Choi, set up a joint venture building chips in China alongside some local officials and served as its CEO. He was allegedly assisted by a plant designer, Mr. Oh, in this venture, while he also attempted to recruit other South Korean experts to work for him. However, Choi's arrest comes after being suspected of leaking Samsung memory technologies to build 20nm DRAM chips at the Chinese factory, Chengdu Gaozhen.

Samsung is one of the leading memory manufacturers, working with other major companies like Nvidia to produce VRAM while offering its own storage and memory solutions. The police said Choi's move "weakened the nation's competitiveness when the countries are in a global chip war." With the capture of the company's head, the authorities claim that this will stop the operation of the Chinese venture. However, investigators are still looking into the case to determine if other cases of industrial espionage will spring up from this case.

The Internet

Malaysia's Plan To Block Overseas DNS Dies After a Day (theregister.com) 30

Malaysia's telecom regulator has abandoned a plan to block overseas DNS services a day after announcing it, following a sharp backlash and accusations of government overreach. From a report: Last Friday, the Malaysian Communications and Multimedia Commission (MCMC) published an FAQ that stated it had instructed all ISPs to redirect traffic headed for offshore DNS servers to services operated by Malaysian ISPs -- a move it claimed would prevent access to malicious and harmful websites such as those concerning gambling, pornography, copyright infringement or scams. "No, the DNS redirection will not affect your connection speed or browsing experience for legitimate websites," the Commission promised in its FAQ.

But opposition to the plan quickly emerged, on grounds that it could amount to censorship and therefore represented government overreach. Musician turned state legislator Syed Ahmad Syed Abdul Rahman Alhadad labelled the decision "draconian" and a negative for Malaysia's digital economy. Fellow state assemblyperson Lim Yi Wei described the policy as "ill-advised," censorship, inefficient, and unsecure -- as well as counterproductive to government efforts to develop tech startups, innovation and datacenters.

Crime

Pacific Islands Submit Court Proposal For Recognition of Ecocide As a Crime 58

Vanuatu, Fiji, and Samoa have proposed a change to the International Criminal Court (ICC) to recognize ecocide as a crime, allowing for the prosecution of individuals responsible for significant environmental harm. If successful, the change would recognize ecocide as a crime alongside genocide and war crimes. The Guardian reports: Vanuatu, Fiji and Samoa have proposed a formal recognition by the court of the crime of ecocide, defined as "unlawful or wanton acts committed with knowledge that there is a substantial likelihood of severe and either widespread or long-term damage to the environment being caused by those acts." The proposal was tabled before the ICC in New York on Monday afternoon, and will have to be discussed in full at a later date. Holding full discussions on the proposal is a process likely to take some years, and will face fierce opposition, though much of it will be behind the scenes as most countries will not wish to openly speak out against it.

Philippe Sands KC, a prominent international lawyer and professor of law at University College London, acted as a co-chair of the independent expert panel for the legal definition of ecocide, convened by the Stop Ecocide Foundation. He told the Guardian he was "100% certain" that ecocide would eventually be recognized by the court. "The only question is when," he said. "I was skeptical at first, but now I am a true believer. There has already been real change, as some countries have put it in domestic law. I think this is the right idea at the right time." Belgium recently adopted ecocide as a crime, and the EU has changed some of its guidance on international crime to include it as a "qualified" offense. Mexico is also considering such a law. [...]

Getting to the point where the ICC will consider the proposal has taken years. Stop Ecocide International has been campaigning on the issue since 2017, and Vanuatu made the first call for the crime to be recognized by the ICC in 2019. Although it could take as long as a decade from now before anyone is charged with ecocide even if the changes were implemented by the ICC, the proposal tabled on Monday was vital to gaining broader acceptance of the concept, according to [Jojo Mehta, a co-founder of the Stop Ecocide International campaigning group, which is an observer to the ICC]. "There has been growing progress, as people are increasingly aware of the threat of climate [breakdown]," she said. "People are saying that this much harm to the planet is just not acceptable."
Government

US Proposes Requiring Reporting For Advanced AI, Cloud Providers (reuters.com) 11

An anonymous reader quotes a report from Reuters: The U.S. Commerce Department said Monday it is proposing to require detailed reporting requirements for advanced artificial intelligence developers and cloud computing providers to ensure the technologies are safe and can withstand cyberattacks. The proposal from the department's Bureau of Industry and Security would set mandatory reporting to the federal government about development activities of "frontier" AI models and computing clusters. It would also require reporting on cybersecurity measures as well as outcomes from so-called red-teaming efforts like testing for dangerous capabilities including the ability to assist in cyberattacks or lowering barriers to entry for non-experts to develop chemical, biological, radiological, or nuclear weapons. External red-teaming has been used for years in cybersecurity to identify new risks, with the term referring to U.S. Cold War simulations where the enemy was termed the "red team." [...] Commerce said the information collected under the proposal "will be vital for ensuring these technologies meet stringent standards for safety and reliability, can withstand cyberattacks, and have limited risk of misuse by foreign adversaries or non-state actors." Further reading: Biden Signs Executive Order To Oversee and Invest in AI
Google

US Prepares To Challenge Google's Online Ad Dominance (reuters.com) 24

An anonymous reader quotes a report from the New York Times: For years, Google has faced complaints about how it dominates the online advertising market. Many of the concerns stem from the internet giant's suite of software known as Google Ad Manager, which websites around the world use to sell ads on their sites. The technology conducts split-second auctions to place ads each time a user loads a page. The dominance of that technology has landed Google in federal court. On Monday, Judge Leonie Brinkema of the U.S. District Court for the Eastern District of Virginia will preside over the start of a trial in which the Department of Justice accuses the company of abusing control of its ad technology and violating antitrust law (Warning: source may be paywalled; alternative source).

It would be Google's second antitrust trial in less than a year. In August, a federal judge ruled in a separate case that Google had illegally maintained a monopoly in online search, a major victory for the Justice Department. The new trial is the latest salvo by federal antitrust regulators against Big Tech, testing a century-old competition law against companies that have reshaped the way people shop, communicate and consume information. Federal regulators have also filed antitrust lawsuits against Apple,Amazon and Meta, which owns Facebook, Instagram and WhatsApp, saying those companies have also abused their power.
Google's vice president for regulatory affairs, Lee-Anne Mulholland, said in a blog post on Sunday that the Justice Department was "picking winners and losers in a highly competitive industry."

"With the cost of ads going down and the number of ads sold going up, the market is working," she said. "The DOJ's case risks inefficiencies and higher prices -- the last thing that America's economy or our small businesses need right now."
Privacy

The NSA Has a Podcast (wired.com) 14

Steven Levy, writing for Wired: My first story for WIRED -- yep, 31 years ago -- looked at a group of "crypto rebels" who were trying to pry strong encryption technology from the government-classified world and send it into the mainstream. Naturally I attempted to speak to someone at the National Security Agency for comment and ideally get a window into its thinking. Unsurprisingly, that was a no-go, because the NSA was famous for its reticence. Eventually we agreed that I could fax (!) a list of questions. In return I got an unsigned response in unhelpful bureaucratese that didn't address my queries. Even that represented a loosening of what once was total blackout on anything having to do with this ultra-secretive intelligence agency. For decades after its post-World War II founding, the government revealed nothing, not even the name, of this agency and its activities. Those in the know referred to it as "No Such Agency."

In recent years, the widespread adoption of encryption technology and the vital need for cybersecurity has led to more openness. Its directors began to speak in public; in 2012, NSA director Keith Alexander actually keynoted Defcon. I'd spent the entire 1990s lobbying to visit the agency for my book Crypto; in 2013, I finally crossed the threshold of its iconic Fort Meade Headquarters for an on-the-record conversation with officials, including Alexander. NSA now has social media accounts on Twitter, Instagram, Facebook. And there is a form on the agency website for podcasters to request guest appearances by an actual NSA-ite.

So it shouldn't be a total shock that NSA is now doing its own podcast. You don't need to be an intelligence agency to know that pods are a unique way to tell stories and hold people's attention. The first two episodes of the seven-part season dropped this week. It's called No Such Podcast, earning some self-irony points from the get-go. In keeping with the openness vibe, the NSA granted me an interview with an official in charge of the project -- one of the de facto podcast producers, a title that apparently is still not an official NSA job posting. Since NSA still gotta NSA, I can't use this person's name. But my source did point out that in the podcast itself, both the hosts and the guests -- who are past and present agency officials -- speak under their actual identities.

Crime

US Government Asks 3D Printing Industry to Help Stop the Printing of Machine Gun Conversion Devices (apnews.com) 348

U.S. Justice Department officials "are turning to the 3D-printing industry to help stop the proliferation of tiny pieces of plastic transforming weapons into illegal homemade machine guns," reports the Associated Press: "Law enforcement cannot do this alone," [U.S. Deputy Attorney General Lisa Monaco said Friday] during a gathering in Washington of federal law enforcement officials, members of the 3D-printing industry and academia. "We need to engage software developers, technology experts and leaders in the 3-D-printing industry to identify solutions in this fight...."

Guns with conversion devices have been used in several mass shootings, including one that left four dead at a sweet sixteen party in Alabama last year... Monaco on Friday also announced several other efforts designed to crack down on the devices, including a national training initiative for law enforcement and prosecutors.

The deputy attorney general is also launching a committee designed to help spot trends and gather intelligence.

Crime

How an Engineer Exposed an International Bike Theft Ring - By Its Facebook Friends (msn.com) 50

Security engineer Bryan Hance co-founded the nonprofit Bike Index, back in 2013, reports the Los Angeles Times, "where cyclists can register their bikes and contact information, making it easier to reunite lost or stolen bikes with their owners." It now holds descriptions and serial numbers of about 1.3 million bikes worldwide.

"But in spring 2020, Hance was tipped to something new: Scores of high-end bikes that matched the descriptions of bikes reported stolen from locations across the Bay Area were turning up for sale on Facebook Marketplace and Instagram pages attached to someone in Mexico, thousands of miles away..." The Facebook page he first spotted disappeared, replaced by pages that were blocked to U.S. computers; Hance managed to get in anyway, thanks to creative use of a VPN. He started reaching out to the owners whose stolen bikes he suspected he was seeing for sale. "Can you tell me a little bit about how your bike was stolen," he would ask. Often, the methods were sophisticated and selective. Thieves would break into a bicycle room at an apartment complex with a specialized saw and leave minutes later with only the fanciest mountain bikes...

Over time, he spoke to more than a dozen [police] officers in jurisdictions across the Bay Area, including Alameda, Santa Clara, Santa Cruz, Marin, Napa and Sonoma counties... [H]ere was Hance, telling officers that he believed he had located a stolen bike, in Mexico. "That's gone," the officer would inform him. Or, one time, according to Hance: "We're not Interpol." Hance also tried to get Meta to do something. After all, he had identified what could be hundreds of stolen bikes being sold on its platforms, valued, he estimated, at well over $2 million. He said he got nowhere...

[Hance] believed he'd figured out the identity of the seller in Jalisco, and was monitoring that person's personal social media accounts. In early 2021, he had spotted something that might break open the case: the name of a person who was sending the Jalisco seller photos of bikes that matched descriptions of those reported stolen by Bay Area cyclists. Hance theorized that person could be a fence who was collecting stolen bikes on this side of the border and sending photos to Jalisco so they could be posted for sale. Hance hunted through the Jalisco seller's Facebook friends until he found the name there: Victor Romero, of San Jose. More sleuthing revealed that a man by the name of Victor Romero ran an auto shop in San Jose, and, judging by his own Facebook photos, was an avid mountain biker. There was something else: Romero's auto shop in San Jose had distinctive orange shelves. One photo of a bike listed for sale on the Jalisco seller's site had similar orange shelves in the backdrop.

Hance contacted a San Francisco police detective who had seemed interested in what he was doing. Check out this guy's auto shop, he advised. San Francisco police raided Romero in the spring of 2021. They found more than $200,000 in cash, according to a federal indictment, along with screenshots from his phone they said showed Romero's proceeds from trafficking in stolen bikes. They also found a Kona Process 153 mountain bike valued at about $4,700 that had been reported stolen from an apartment garage in San Francisco, according to the indictment. It had been disassembled and packaged for shipment to Jalisco.

In January, a federal grand jury indicted Victoriano Romero on felony conspiracy charges for his alleged role in a scheme to purchase high-end stolen bicycles from thieves across the Bay Area and transport them to Mexico for resale.

But bikes continue to be stolen, and "The guy is still operating," Hance told the Los Angeles Times.

"We could do the whole thing again."

Slashdot Top Deals