Apple failed to revive a long-running copyright lawsuit against cybersecurity firm Corellium over its software that simulates the iPhone's iOS operating systems, letting security researchers to identify flaws in the software. From a report: The US Court of Appeals for the Eleventh Circuit on Monday ruled that Corellium's CORSEC simulator is protected by copyright law's fair use doctrine, which allows the duplication of copyrighted work under certain circumstances. Apple argued that Corellium's software was "wholesale copying and reproduction" of iOS and served as a market substitute for its own security research products. Corellium countered that its copying of Apple's computer code and app icons was only for the purposes of security research and was sufficiently "transformative" under the fair use standard. The three-judge panel largely agreed with Corellium, finding that CORSEC "furthers scientific progress by allowing security research into important operating systems" and that iOS "is functional operating software that falls outside copyright's core."

Elizabeth Holmes hasn't spoken to the media since 2016. Now convicted on criminal fraud charges — and counting down the days until she reports for prison — Holmes finally breaks the silence in a profile published today in the New York Times.

"I made so many mistakes," Holmes says, "and there was so much I didn't know and understand, and I feel like when you do it wrong, it's like you really internalize it in a deep way," Billy Evans, Ms. Holmes's partner and the father of their two young children, pushes a stroller with the couple's 20-month-old son, William... At one point, I tell her that I heard Jennifer Lawrence had pulled out of portraying her in a movie. She replied, almost reflectively, "They're not playing me. They're playing a character I created." So, why did she create that public persona? "I believed it would be how I would be good at business and taken seriously and not taken as a little girl or a girl who didn't have good technical ideas," said Ms. Holmes, who founded Theranos at 19. "Maybe people picked up on that not being authentic, since it wasn't..."

Her top lieutenant at Theranos, and much older boyfriend at the time, Ramesh Balwani, was found guilty of 10 counts of wire fraud and two counts of conspiracy to commit wire fraud at Theranos. He began a 13-year prison sentence last month. On Thursday, his legal team filed an appeal with the Ninth Circuit... She said Mr. Balwani did not control her every interaction or statement at Theranos, but she "deferred to him in the areas he oversaw because I believed he knew better than I did," and those areas included the problematic clinical lab... Ms. Holmes's story of how she got here — to the bright, cozy house and the supportive partner and the two babies — feels a lot like the story of someone who had finally broken out of a cult and been deprogrammed. After her relationship with Mr. Balwani ended and Theranos dissolved, Ms. Holmes said, "I began my life again."

But then I remember that Ms. Holmes was running the cult...

What does she think would have happened if she hadn't garnered so much early attention as the second coming of Silicon Valley? Ms. Holmes does not blink: "We would've seen through our vision." In other words, she thinks if she'd spent more time quietly working on her inventions and less time on a stage promoting the company, she would have revolutionized health care by now. This kind of misguided talk is the one consistent thread in my reporting on who Ms. Holmes really is. She repeatedly says that Theranos wasn't a get-rich-quick scheme for her; she never sold her shares and didn't come out of it wealthy. Ms. Holmes's parents said they borrowed $500,000 against their Washington, D.C.-area home to post Ms. Holmes's bond...

She maintains the idealistic delusion of a 19-year-old, never mind that she's 39 with a fraud conviction, telling me she is still working on health care-related inventions and would continue to do so behind bars. "I still dream about being able to contribute in that space," Ms. Holmes said. "I still feel the same calling to it as I always did and I still think the need is there." If your head is exploding at how divorced from reality this sounds, that's kind of the point. When Ms. Holmes uses the messianic vernacular of tech, I get the sense that she truly believes that she could have — and, in fact, she still could — change the world, and she doesn't much care if we believe her or not...

It's this steadfast (or unhinged?) belief that has kept Ms. Holmes fighting, even though a guilty plea would have likely helped her chances of remaining free.

CoinDesk reports that Binance "temporarily paused bitcoin withdrawals Sunday morning U.S. time as the Bitcoin blockchain became overwhelmed with pending transactions and sky-high fees." The company resumed withdrawals within two hours of its initial Twitter posting about the withdrawals.

On-chain data shows that there are nearly 400,000 unconfirmed Bitcoin transactions, which is higher than anything seen during the bull runs of 2018 and 2021. The average transaction fee has also doubled since March, pushing it to a two-year high. The current transaction fee is just over $8, a 309% change from a year ago.
In an earlier CoinDesk article, an executive at Luxor Technologies, a full-stack Bitcoin mining pool, blamed the rising fees on the adoption of the new BRC-20 token standard, a new way to "inscribe" additional data during transactions. But meanwhile, an anonymous reader shared another report from Mashable about Binance: Bloomberg reported that the crypto exchange (currently the world's largest) is facing a U.S. Department of Justice probe over possibly allowing Russians to move money in a way that would violate U.S. sanctions... It's worth noting that no formal accusation has been made against Binance, as this is just a probe. It may be some time before accusations manifest — if they manifest at all. In 2021, Binance was under a similar investigation related to possible money laundering.
But another Reuters article adds that Bloomberg's sources "also said that Binance is discussing the possibility of settling with the Department of Justice regarding previous allegations that the exchange was also used to move money to circumvent U.S. sanctions against Iran."

And elsewhere, Reuters reports: Israel has seized around 190 crypto accounts at crypto exchange Binance since 2021 , including two it said were linked to Islamic State and dozens of others it said were owned by Palestinian firms connected to the Islamist Hamas group, documents released by the country's counter-terror authorities show...

In a blog post after its publication, Binance said that Reuters was "deliberately leaving out critical facts." The exchange has been "working closely with international counter-terrorism authorities" on the seizures, Binance said. "With regard to the specific organizations mentioned in the article, it's important to clarify that bad actors don't register accounts under the names of their criminal enterprises," it said...

Under Israeli law, the country's defense minister can order the seizure and confiscation of assets that the ministry deems related to terrorism... The seizures by Israel's National Bureau for Counter Terror Financing highlight how governments are targeting crypto companies in their efforts to prevent illegal activity. Binance, founded in 2017 by CEO Changpeng Zhao, says on its website it reviews information requests from governments and law enforcement agencies on a case-by-case basis, disclosing information as legally required.

Binance has also said it checks users for connections to terrorism and has "continued to invest tremendous resources to enhance its compliance program," it told U.S. senators in March in response to their requests for information on Binance's regulatory compliance and finances.

America's consumer-protecting federal agency has a division overseeing advertising practices. Its web site includes a "business guidance" section with "advice on complying with FTC law," and this week one of the agency's attorney's warned that the FTC "is focusing intensely on how companies may choose to use AI technology, including new generative AI tools, in ways that can have actual and substantial impact on consumers."

The warning came in a blog post titled "The Luring Test: AI and the engineering of consumer trust." In the 2014 movie Ex Machina, a robot manipulates someone into freeing it from its confines, resulting in the person being confined instead. The robot was designed to manipulate that person's emotions, and, oops, that's what it did. While the scenario is pure speculative fiction, companies are always looking for new ways — such as the use of generative AI tools — to better persuade people and change their behavior. When that conduct is commercial in nature, we're in FTC territory, a canny valley where businesses should know to avoid practices that harm consumers...

As for the new wave of generative AI tools, firms are starting to use them in ways that can influence people's beliefs, emotions, and behavior. Such uses are expanding rapidly and include chatbots designed to provide information, advice, support, and companionship. Many of these chatbots are effectively built to persuade and are designed to answer queries in confident language even when those answers are fictional. A tendency to trust the output of these tools also comes in part from "automation bias," whereby people may be unduly trusting of answers from machines which may seem neutral or impartial. It also comes from the effect of anthropomorphism, which may lead people to trust chatbots more when designed, say, to use personal pronouns and emojis. People could easily be led to think that they're conversing with something that understands them and is on their side.

Many commercial actors are interested in these generative AI tools and their built-in advantage of tapping into unearned human trust. Concern about their malicious use goes well beyond FTC jurisdiction. But a key FTC concern is firms using them in ways that, deliberately or not, steer people unfairly or deceptively into harmful decisions in areas such as finances, health, education, housing, and employment. Companies thinking about novel uses of generative AI, such as customizing ads to specific people or groups, should know that design elements that trick people into making harmful choices are a common element in FTC cases, such as recent actions relating to financial offers , in-game purchases , and attempts to cancel services . Manipulation can be a deceptive or unfair practice when it causes people to take actions contrary to their intended goals. Under the FTC Act, practices can be unlawful even if not all customers are harmed and even if those harmed don't comprise a class of people protected by anti-discrimination laws.
The FTC attorney also warns against paid placement within the output of a generative AI chatbot. ("Any generative AI output should distinguish clearly between what is organic and what is paid.") And in addition, "People should know if an AI product's response is steering them to a particular website, service provider, or product because of a commercial relationship. And, certainly, people should know if they're communicating with a real person or a machine..."

"Given these many concerns about the use of new AI tools, it's perhaps not the best time for firms building or deploying them to remove or fire personnel devoted to ethics and responsibility for AI and engineering. If the FTC comes calling and you want to convince us that you adequately assessed risks and mitigated harms, these reductions might not be a good look. "

Thanks to Slashdot reader gluskabe for sharing the post.

The Washington Post reports: TurboTax will begin sending checks next week to nearly 4.4 million low-income Americans whom the company deceived into paying for tax services that should have been free, New York Attorney General Letitia James said.

The checks, part of a $141 million settlement reached in May 2022 between TurboTax owner Intuit and all 50 states and the District of Columbia, are for people who were eligible to file taxes for free through an IRS partner program but were "tricked" into paying TurboTax between 2016 and 2018, James (D) said in a statement Thursday.

The company was also accused of knowingly misleading customers and blocking its landing page for its IRS Free File Program, a public-private partnership with the IRS, from showing up on search engines such as Google. Because Intuit and other companies agreed to participate in that program, the IRS agreed not to offer its own free electronic tax services.

Intuit admitted no wrongdoing in the settlement.

Customers who qualify will receive between $29 and $85, depending on the number of years they paid for the services... Consumers who are eligible for the payments do not need to file a claim and will be notified by email, James's office said Thursday. Checks will be sent automatically and will be mailed throughout May.
"TurboTax's predatory and deceptive marketing cheated millions of low-income Americans who were trying to fulfill their legal duties to file their taxes," said Attorney General James. "Today we are righting that wrong and putting money back into the pockets of hardworking taxpayers who should have never paid to file their taxes." James described it as an effort "to stand up for ordinary Americans and hold companies who cheat consumers accountable," specifically calling out Intuit "for deceiving millions of low-income Americans into paying for tax services that should have been free."

Longtime Slashdot reader SonicSpike shares a report from Engadget: The Biden administration wants to impose a 30 percent tax on the electricity used by cryptocurrency mining operations, and it has included the proposal in its budget for the fiscal year of 2024. In a blog post on the White House website, the administration has formally introduced the Digital Asset Mining Energy or DAME excise tax. It explained that it wants to tax cryptomining firms, because they aren't paying for the "full cost they impose on others," which include environmental pollution and high energy prices.

Crypto mining has "negative spillovers on the environment," the White House continued, and the pollution it generates "falls disproportionately on low-income neighborhoods and communities of color." It added that the operations' "often volatile power consumption " can raise electricity prices for the people around them and cause service interruptions. Further, local power companies are taking a risk if they decide to upgrade their equipment to make their service more stable, since miners can easily move away to another location, even abroad. As Yahoo News noted, there are other industries, such as steel manufacturing, that also use large amounts of electricity but aren't taxed for their energy consumption. In its post, the administration said that cryptomining "does not generate the local and national economic benefits typically associated with businesses using similar amounts of electricity."

Critics believe that the government made this proposal to go after and harm an industry it doesn't support. A Forbes report also suggested that DAME may not be the best solution for the issue, and that taxing the industry's greenhouse gas emissions might be a better alternative. That could encourage mining firms not just to minimize energy use, but also to find cleaner sources of power. It might be difficult to convince the administration to go down that route, though: In its blog post, it said that the "environmental impacts of cryptomining exist even when miners use existing clean power." Apparently, mining operations in communities with hydropower have been observed to reduce the amount of clean power available for use by others. That leads to higher prices and to even higher consumption of electricity from non-clean sources. "If the proposal ever becomes a law, the government would impose the excise tax in phases," adds Engadget. "It would start by adding a 10 percent tax on miners' electricity use in the first year, 20 percent in the second and then 30 percent from the third year onwards."

An anonymous reader quotes a report from the Financial Times, written by journalist Cristina Criddle: One evening in late December last year, I received a cryptic phone call from a PR director at TikTok, the popular social media app. I'd written extensively about the company for the Financial Times, so we'd spoken before. But it was puzzling to hear from her just before the holidays, especially since I wasn't working on anything related to the company at the time. The call lasted less than a minute. She wanted me to know, "as a courtesy," that The New York Times had just published a story I ought to read. Confused by this unusual bespoke news alert, I asked why. But all she said was that it concerned an inquiry at ByteDance, TikTok's Chinese parent company, and that I should call her back once I'd read it.

The story claimed ByteDance employees accessed two reporters' data through their TikTok accounts. Personal information, including their physical locations, had been used as part of an attempt to find the writers' sources, after a series of damaging stories about ByteDance. According to the report, two employees in China and two in the US left the company following an internal investigation. In a staff memo, ByteDance's chief executive lamented the incident as the "misconduct of a few individuals." When I phoned the PR director back, she confirmed I was one of the journalists who had been surveilled. I put down my phone and wondered what it meant that a company I reported on had gone to such lengths to restrict my ability to do so. Over the following months, the episode became just one in a long series of scandals and crises that call into question what TikTok really is and whether the company has the world-dominating future that once seemed inevitable.

US authorities have seized another major Z-Library domain but still haven't been able to wipe the pirate book site off the Internet. From a report: Z-Library claims to offer over 13 million books, up from 11 million since US authorities launched their first major operation against Z-Library late last year. "Unfortunately, one of our primary login domains was seized today," Z-Library wrote in a Wednesday message on its Telegram account. "Therefore, we recommend using the domain singlelogin[dot]re to log in to your account, as well as to register. Please share this domain with others." In November, US authorities charged Russian nationals Anton Napolsky and Valeriia Ermakova with criminal copyright infringement, wire fraud, and money laundering for allegedly operating Z-Library. The US said at the time that it seized 250 "interrelated web domains" run by Z-Library and that Napolsky and Ermakova were arrested in Argentina at the request of the US government. Other people continue to operate Z-Library, which remained available on the Tor network and returned to the clearnet in February with a new strategy of assigning personal, secret URLs to each user. Z-Library directed users to singlelogin[dot]me, where they could sign in with their login credentials and receive a unique URL to access the entire pirate library.

Sonos and Alphabet's Google will face off in a San Francisco federal trial on Monday over claims that Google copied Sonos' patented smart-speaker technology in wireless audio devices like Google Home and Chromecast Audio. From a report: The case is part of a sprawling intellectual property dispute between the former business partners that includes other lawsuits in the U.S., Canada, France, Germany and the Netherlands. Sonos has asked the court for $90 million in damages from Google in the San Francisco case, down from $3 billion after U.S. District Judge William Alsup narrowed the case, according to a Google court filing. Sonos alleges Google infringed two of its patents related to multi-room wireless audio. Google spokesperson Jose Castaneda said the case relates to "some very specific features that are not commonly used," and that Sonos "mischaracterized our partnership and technology."

A judge sentenced Joe Sullivan, the former chief security officer at Uber, to three years' probation and 200 hours of community service on Thursday for covering up a 2016 cyberattack from authorities and obstructing a federal investigation. From a report: Sullivan's case is likely the first time a security executive has faced criminal charges for mishandling a data breach, and the response to Sullivan's case has split the cybersecurity community. In October, a jury found Sullivan guilty of obstructing an active FTC investigation into Uber's security practices and concealing a 2016 data breach that affected 50 million riders and drivers. Uber paid the hackers $100,000 to not release any stolen data and keep the attack quiet. Sullivan and his team routed the payment through the company's bug bounty program, which good-faith security researchers usually use to report flaws. The hack wasn't publicly disclosed until 2017, shortly after Dara Khosrowshahi stepped into the CEO role.

Khosrowshahi fired Sullivan in 2017, telling the jury last fall that he thought the decision to conceal the breach was "the wrong decision." Sullivan then joined Cloudflare as its chief security officer in 2018, and he stayed there until July 2022 when he stepped down to prepare for his trial. "If I have a similar case tomorrow, even if the defendant had the character of Pope Francis, they would be going to prison," Judge William Orrick said during the sentencing on Thursday. "When you go out and talk to your friends, to your CISOs, you tell them that you got a break not because of what you did, not even because of who you are, but because this was just such an unusual one-off," Orrick added.

Following the announcement of the bill in March, El Salvador President Nayib Bukele signed a law today eliminating income, property, capital gains, and other tariffs on technology innovations. Watcher Guru reports: The announcement reinforces El Salvador's perspective as a haven for technology development. Additionally, Bukele stated that the new act protects "technology innovations, software and app programming, AI, computer, and communications hardware manufacturing."

The Innovations and Technology Manufacturing Incentives Act will likely attract tech developments to the country. Moreover, the elimination of taxes presents an economic benefit to a host of companies. Conversely, El Salvador continues to maintain its commitment to a variety of tech innovations that are being developed.

An anonymous reader quotes a report from TechCrunch: The City of Dallas in Texas has confirmed a ransomware attack has downed key services, including 911 dispatch systems. City officials confirmed on Wednesday that a number of the city's servers had "been compromised with ransomware," causing widespread service outages. The Dallas Police Department (DPD) website is currently offline. The City of Dallas website displays a message stating that "the City is experiencing a service outage and is working to restore services," and the city wrote on a page that contains updates about the incident that all courts were closed on Wednesday and would be closed again on Thursday.

DPD spokesperson Melinda Gutierrez confirmed to TechCrunch that the outage has also impacted Computer Aided Dispatch, or "CAD" systems, which are used by dispatchers and 911 operators to prioritize and record incident calls. Local media reported that this has forced 911 call takers to manually write down instructions for responding officers. "There is no effect to 911 calls at this time, and they continue to be dispatched for service," Gutierrez added. "The outage is not affecting police response."

Printers on the City of Dallas network reportedly began printing out ransom notes on Wednesday morning. As per a copy the note, the Royal ransomware gang has claimed responsibility for the attack, and a URL included on the note directed to a contact form on Royal's dark web victims site. The note said critical data was encrypted, and threatened to publish it online if a ransom demand is not met. The City of Dallas has not yet been listed on Royal's dark web leak site and it's not yet known what types of data has been stolen. City officials have not responded to TechCrunch's questions. The full impact of the ransomware attack remains unknown. In a statement, the city said it was "actively working to isolate the ransomware to prevent its spread, to remove the ransomware from infected servers, and to restore any services currently impacted. The City is currently working to assess the complete impact, but at this time, the impact on the delivery of City services to its residents is limited."

Montana Governor Greg Gianforte has returned an "amendatory veto" to the legislature regarding the state's unconstitutional "ban TikTok" bill, proposing alternative draft language that inadvertently could ban all social media platforms in the state due to poor drafting. The revised language targets any social media application that collects personal information and provides it to a foreign adversary, but since most social media networks collect such information and share it with entities in foreign countries, it would effectively ban all social media in Montana. Techdirt reports: As [1st Amendment lawyer Ari Cohn] points out, the new draft targets any "social media application" that allows for "the collection of personal information or data" and allows for "the personal information or data to be provided to a foreign adversary or a person or entity located within a country designated as a foreign adversary." Now, some might think that sounds reasonable, but the details here matter. And the details reveal that EVERY social media network collects such information and provides it to people located in countries designated as a foreign adversary. And that's because "personal information" is a very broad term, as is "provided." [Ari writes:]

"'Surely,' you might think, 'that just covers the data platforms amass by monitoring and tracking us, right?' Perhaps not. The bill doesn't define the term, so who knows what it means in their heads. But we have an idea of what it means out in the real (online) world, by way of the regulations implementing the Children's Online Privacy Protection Act (COPPA). Those regulations include in the definition of 'personal information' things like: First and last name; Online contact information; A screen or user name where it functions in the same manner as online contact information. In other words, the types of information that accompany virtually every piece of content posted on social media. If a platform allows that kind of information to be provided to any foreign adversary or a person or entity located within a foreign adversary, it is banned from Montana.

Do you know who might be persons located within a country designated as a foreign adversary? Users. Users who are provided the kinds of 'personal information' that are inherent in the very concept of social media. So, effectively, the bill would ban any social media company that allows any user in China, Russia, Iran, or Cuba to see content from a Montana user (and this is a generous reading, nothing in the bill seems to require that the data/information shared be from a Montana resident). On top of it, each time a user from one of those countries accesses content, platforms would be subject to a $10,000 fine. Do you know which platforms allow people in those countries to access content posted in the United States? All of them. Congratulations, Montana Governor Greg Gianforte. You just managed to accidentally ban all social media for Montanans. Good work."

An anonymous reader quotes a report from The Guardian: A Finnish newspaper is circumventing Russian media restrictions by hiding news reports about the war in Ukraine in an online game popular among Russian gamers. "While Helsingin Sanomat and other foreign independent media are blocked in Russia, online games have not been banned so far," said Antero Mukka, the editor-in-chief of Helsingin Sanomat. The newspaper was bypassing Russia's censorship through the first-person shooter game Counter-Strike, where gamers battle against each other as terrorists and counter-terrorists in timed matches. While the majority of matches are played on about a dozen official levels or maps released by the publisher Valve, players can also create custom maps that anyone can download and use. The newspaper's initiative was unveiled on World Press Freedom Day on Wednesday. "To underline press freedom, [in the game] we have now built a Slavic city, called Voyna, meaning war in Russian," Mukka said.

In the basement of one of the apartment buildings that make up the Soviet-inspired cityscape, Helsingin Sanomat hid a room where players can find Russian-language reporting by the newspaper's war correspondents in Ukraine. "In the room, you will find our documentation of what the reality of the war in Ukraine is," Mukka said. The walls of the digital room, lit up by red lights, are plastered with news articles and pictures reporting on events such as the massacres in the Ukrainian towns of Bucha and Irpin. On one of the walls, players can find a map of Ukraine that details reported attacks on the civilian population, while a Russian-language recording reading Helsingin Sanomat articles aloud plays in the background. This was "information that is not available from Russian state propaganda sources", Mukka said. The map has been downloaded more than 2,000 times since its release on Monday. According to Mukka, an estimated 4 million Russians have played Counter-Strike.

An anonymous reader quotes a report from KrebsOnSecurity: A sprawling online company based in Georgia that has made tens of millions of dollars purporting to sell access to jobs at the United States Postal Service (USPS) has exposed its internal IT operations and database of nearly 900,000 customers. The leaked records indicate the network's chief technology officer in Pakistan has been hacked for the past year, and that the entire operation was created by the principals of a Tennessee-based telemarketing firm that has promoted USPS employment websites since 2016. KrebsOnSecurity was recently contacted by a security researcher who said he found a huge tranche of full credit card records exposed online, and that at first glance the domain names involved appeared to be affiliated with the USPS. Further investigation revealed a long-running international operation that has been emailing and text messaging people for years to sign up at a slew of websites that all promise they can help visitors secure employment at the USPS.

Sites like FederalJobsCenter[.]com also show up prominently in Google search results for USPS employment, and steer applicants toward making credit card "registration deposits" to ensure that one's application for employment is reviewed. These sites also sell training, supposedly to help ace an interview with USPS human resources. FederalJobsCenter's website is full of content that makes it appear the site is affiliated with the USPS, although its "terms and conditions" state that it is not. Rather, the terms state that FederalJobsCenter is affiliated with an entity called US Job Services, which says it is based in Lawrenceville, Ga. The site says applicants need to make a credit card deposit to register, and that this amount is refundable if the applicant is not offered a USPS job within 30 days after the interview process. But a review of the public feedback on US Job Services and dozens of similar names connected to this entity over the years shows a pattern of activity: Applicants pay between $39.99 and $100 for USPS job coaching services, and receive little if anything in return. Some reported being charged the same amount monthly. Michael Martel, spokesperson for the United States Postal Inspection Service, said in a written statement that the USPS has no affiliation with the websites or companies named in this story.

"To learn more about employment with USPS, visit USPS.com/careers," Martel wrote. "If you are the victim of a crime online report it to the FBI's Internet Crime Complaint Center (IC3) at www.ic3.gov. To report fraud committed through or toward the USPS, its employees, or customers, report it to the United States Postal Inspection Service (USPIS) at www.uspis.gov/report."

A list of all the current sites selling this product can be found in Krebs' report.

Yesterday, Colorado eliminated a 2005 law that required local governments to hold an election before offering cable television or telecommunications service, "a process that pitted city and town leaders against well-funded broadband industry lobbying campaigns," reports Ars Technica. From the report: Gov. Jared Polis, a Democrat, signed a bill to eliminate that law yesterday. The bill had been approved by the State House in a 48-14 vote and in the Senate by a 31-4 vote. Both chambers have Democratic majorities, but the votes didn't go entirely along party lines; all of the "no" votes came from Republicans, but other Republicans joined Democrats in approving the bill. The bill signed by Polis "gives local governments the authority to provide broadband service, either on their own or by partnering with industry service providers, without holding a local election," the Governor's Office of Information Technology said.

"Each local government is in a unique position or different phase of connecting residents to high-speed Internet, and this bill allows them to establish broadband plans that meet the needs of their communities," Colorado Broadband Office Executive Director Brandy Reitter said. Going forward, cities and towns won't have to hold elections to opt out of the 2005 restriction on municipal broadband. A vote to opt out of the state law didn't guarantee that a city or town would build a network, but the vote was a necessary step and in some cases resulted in a municipal broadband service.

An anonymous reader quotes a report from Ars Technica: The New York Police Department (NYPD) and New York City's self-proclaimed computer geek of a mayor are urging resident car owners to equip their vehicles with an Apple AirTag. During a press conference on Sunday, Mayor Eric Adams announced the distribution of 500 free AirTags to New Yorkers, saying the technology would aid in reducing the city's surging car theft numbers. Adams held the press conference at the 43rd precinct in the Bronx, where he said there had been 200 instances of grand larceny of autos. An NYPD official said that in New York City, 966 Hyundais and Kias have been stolen this year thus far, already surpassing 2022's 819 total. The NYPD's public crime statistics tracker says there have been 4,492 vehicle thefts this year, a 13.3 percent increase compared to the same period last year and the largest increase among NYC's seven major crime categories.

Adams, as the city did when announcing litigation against Kia and Hyundai on April 7, largely blamed the rise in car thefts on Kia and Hyundai, which he said are "leading the way" in stolen car brands. Hyundais and Kias were the subjects of the Kia Challenge TikTok trend that encouraged people to jack said vehicles with a mere USB-A cable. The topic has graduated way beyond a social media fad and into a serious concern. [...] Adams was adamant grand larceny auto numbers were dragging the city's overall crime numbers up and urged New Yorkers to "participate" in the fight against car theft by using an AirTag. NYPD Chief of Department Jeffrey Maddrey said users who report a stolen vehicle equipped with an AirTag will see the police use "drones, our StarChase technology & good old fashion police work to safely recover your stolen car."

"Help us help you, get an AirTag," he tweeted.

Apple and Google said on Tuesday that they were working together to prevent lost item trackers like Apple's AirTag from being used to track people without their permission. From a report: The companies came together to draft a new industry standard that will add the ability to alert victims to unwanted trackers in Android and iOS, the companies said. Apple's AirTag is intended to help people find lost items such as keys by displaying an item's nearly real-time location inside an iPhone app. But there have been many reports about the $30 coin-sized device being used to stalk people since it went on sale in 2021. In response, Apple previously built detection features into iPhones that allow users to detect unfamiliar AirTags in the user's area. Tuesday's announcement suggests that Android phones will also soon gain the ability to warn their users if they are being tracked by an AirTag.

A GitHub project called GPT4free has received a letter from OpenAI demanding that the repo be shut down within five days or face a lawsuit. Tom's Hardware reports: Anyone can use ChatGPT for free, but if you want to use GPT4, the latest language model, you have to either pay for ChatGPT Plus, pay for access to OpenAI's API, or find another site that has incorporated GPT4 into its own free chatbot. There are sites that use OpenAI such as Forefront and You.com, but what if you want to make your own bot and don't want to pay for the API? A GitHub project called GPT4free allows you to get free access to the GPT4 and GPT3.5 models by funneling those queries through sites like You.com, Quora and CoCalc and giving you back the answers. The project is GitHub's most popular new repo, getting 14,000 stars this week.

Now, according to Xtekky, the European computer science student who runs the repo, OpenAI has sent a letter demanding that he take the whole thing down within five days or face a lawsuit. I interviewed Xtekky via Telegram, and he said he doesn't think OpenAI should be targeting him since he isn't connecting directly to the company's API, but is instead getting data from other sites that are paying for their own API licenses. If the owners of those sites have a problem with his scripts querying them, they should approach him directly, he posited. [...] Even if the original repo is taken down, there's a great chance that the code -- and this method of accessing GPT4 and GPT3.5 -- will be published elsewhere by members of the community. Even if GPT4Free had never existed anyone can find ways to use these sites' APIs if they continue to be unsecured. "Users are sharing and hosting this project everywhere," he said. "Deletion of my repo will be insignificant."

Reddit doesn't have to identify eight anonymous users who wrote comments in piracy-related threads, a judge in the US District Court for the Northern District of California ruled on Friday. From a report: US Magistrate Judge Laurel Beeler quashed a subpoena issued by film studios in an order that agrees with Reddit that the First Amendment protects the users' right to speak anonymously online. The First Amendment right to anonymous speech is not absolute, but the precedent followed by US district courts only forces disclosure of anonymous users' identities "in the exceptional case where the compelling need for the discovery sought outweighs the First Amendment rights of the anonymous speaker," Beeler noted. After reviewing the facts and arguments, she found that the Reddit users' comments were irrelevant to the film studios' underlying case and that the studios could obtain relevant information from other sources.

Reddit has no involvement in the underlying case, which is a copyright lawsuit in a different federal court against cable Internet service provider RCN. Bodyguard Productions, Millennium Media, and other film companies sued RCN in the US District Court in New Jersey over RCN customers' alleged downloads of 34 movies such as Hellboy, Rambo: Last Blood, Tesla, and The Hitman's Bodyguard. In an attempt to prove that RCN (now known as Astound Broadband) turned a blind eye to customers illegally downloading copyrighted movies, the studios subpoenaed Reddit seeking identifying information for specific users who commented in piracy-related threads. While some of the comments were posted in 2022, other comments were made in 2009 and 2014.