Karl Sebastian Greenwood, co-founder of sham "Bitcoin-killer" OneCoin, pleaded guilty in Manhattan federal court to charges of conspiring to defraud investors and to launder money. "Greenwood was arrested in Thailand in July 2018 and subsequently extradited to the US," reports The Register. "OneCoin's other co-founder, 'Cryptoqueen' Ruja Ignatova (Dr. Ruja Ignatova -- she has a law degree), remains a fugitive on the FBI's Ten Most Wanted list and on Europol's Most Wanted list." From the report: "As a founder and leader of OneCoin, Karl Sebastian Greenwood operated one of the largest international fraud schemes ever perpetrated," said US Attorney Damian Williams in a statement. "Greenwood and his co-conspirators, including fugitive Ruja Ignatova, conned unsuspecting victims out of billions of dollars, claiming that OneCoin would be the 'Bitcoin killer.' In fact, OneCoins were entirely worthless." The US has charged at least nine individuals across four related cases, including Greenwood and Ignatova, with fraud charges related to OneCoin. Authorities in China have prosecuted 98 people accused of trying to sell OneCoin. Police in India arrested 18 for pitching the Ponzi scheme.

According to the Justice Department, Greenwood and Ignatova founded OneCoin in Sofia, Bulgaria, in 2014. Until 2017 or so, they're said to have marketed OneCoin as a cryptocurrency to investors. The OneCoin exchange was shut down in January 2017, but trades evidently continued among affiliated individuals for some time. The OneCoin.eu website remained online until 2019. In fact, OneCoin was a multi-level marketing (MLM) pyramid scheme in which network members received commissions when they managed to recruit people to buy OneCoin. The firm's own promotional materials claim more than three million people invested. And between Q4 2014 and Q4 2016, company records claim OneCoin generated more than $4.3 billion in revenue and $2.9 billion in purported profits. At the top of the MLM pyramid, Greenwood is said to have earned $21 million per month. Greenwood and others claimed that OneCoin was mined using computing power like BitCoin and recorded on a blockchain. But it wasn't. As Ignatova allegedly put it in an email to Greenwood, "We are not mining actually -- but telling people shit."

OneCoin's value, according to the Feds, was simply set by those managing the company -- they manipulated the OneCoin exchange to simulate trading volatility but the price of OneCoin always closed higher than it opened. In an August 1, 2015 email, Ignatova allegedly told Greenwood that one of the goals for the OneCoin trade exchange was "always close on a high price end of day open day with high price, build confidence -- better manipulation so they are happy." According to the Justice Department, the value assigned to OneCoin grew steadily from $0.53 to approximately $31.80 per coin and never declined.

Sports betting company DraftKings revealed last week that more than 67,000 customers had their personal information exposed following a credential attack in November. BleepingComputer reports: In credential stuffing attacks, automated tools are used to make a massive number of attempts to sign into accounts using credentials (user/password pairs) stolen from other online services. [...] In a data breach notification filed with the Main Attorney General's office, DraftKings disclosed that the data of 67,995 people was exposed in last month's incident. The company said the attackers obtained the credentials needed to log into the customers' accounts from a non-DraftKings source.

"In the event an account was accessed, among other things, the attacker could have viewed the account holder's name, address, phone number, email address, last four digits of payment card, profile photo, information about prior transactions, account balance, and last date of password change," the breach notification reads. "At this time, there is currently no evidence that the attackers accessed your Social Security number, driver's license number or financial account number. While bad actors may have viewed the last four digits of your payment card, your full payment card number, expiration date, and your CVV are not stored in your account."

After detecting the attack, DraftKings reset the affected accounts' passwords and said it implemented additional fraud alerts. It also restored the funds withdrawn as a result of the credential attack, refunding up to $300,000 identified as stolen during the incident, as DraftKings President and Cofounder Paul Liberman said in November. The common denominator for user accounts that got hijacked seems to be an initial $5 deposit followed by a password change, enabling two-factor authentication (2FA) on a different phone number and then withdrawing as much as possible from the victims' linked bank accounts. While DraftKings has not shared additional info on how the attackers stole funds, BleepingComputer has since learned that the attack was conducted by a threat actor selling stolen accounts with deposit balances on an online marketplace for $10 to $35. The sales included instructions on how the buyers could make $5 deposits and withdraw all of the money from hijacked DraftKings user accounts. "After DraftKings announced the credential stuffing attack, they locked down the breached accounts, with the threat actors warning that their campaign was no longer working," adds the report.

"The company is now advising customers never to use the same password for multiple online services, never share their credentials with third-party platforms, turn on 2FA on their accounts immediately, and remove banking details or unlink their bank accounts to block future fraudulent withdrawal requests."

An anonymous reader quotes a report from Ars Technica: Federal prosecutors have charged two men with allegedly taking part in a spree of swatting attacks against more than a dozen owners of compromised Ring home security cameras and using that access to livestream the police response on social media. Kya Christian Nelson, 21, of Racine, Wisconsin, and James Thomas Andrew McCarty, 20, of Charlotte, North Carolina, gained access to 12 Ring cameras after compromising the Yahoo Mail accounts of each owner, prosecutors alleged in an indictment filed Friday in the Central District of California. In a single week starting on November 7, 2020, prosecutors said, the men placed hoax emergency calls to the local police departments of each owner that were intended to draw an armed response, a crime known as swatting.

On November 8, for instance, local police in West Covina, California, received an emergency call purporting to come from a minor child reporting that her parents had been drinking and shooting guns inside the minor's home. When police arrived at the residence, Nelson allegedly accessed the residence's Ring doorbell and used it to verbally threaten and taunt the responding officers. The indictment alleges the men helped carry out 11 similar swatting incidents during the same week, occurring in Flat Rock, Michigan; Redding, California; Billings, Montana; Decatur, Georgia; Chesapeake, Virginia; Rosenberg, Texas; Oxnard, California; Darien, Illinois; Huntsville, Alabama; North Port, Florida; and Katy, Texas.

Prosecutors alleged that the two men and a third unnamed accomplice would first obtain the login credentials of Yahoo accounts and then determine if each account owner had a Ring account that could control a doorbell camera. The men would then use their access to gather the names and other information of the account holders. The defendants then placed the hoax emergency calls and waited for armed officers to respond. It's not clear how the defendants allegedly obtained the Yahoo account credentials. A separate indictment filed in November in the District of Arizona alleged that McCarty participated in swatting attacks on at least 18 individuals. Both men are charged with one count of conspiracy to intentionally access computers without authorization. Nelson was also charged with two counts of intentionally accessing without authorization a computer and two counts of aggravated identity theft. If convicted, both men face a maximum penalty of five years in prison. Nelson faces an additional maximum penalty of at least seven years on the remaining charges.

An anonymous reader quotes a report from TorrentFreak: The UK Government's Intellectual Property Office published new piracy guidance today, and it contains a small, easily missed detail. People who share their Netflix, Amazon Prime, or Disney+ passwords are violators of copyright law. And it gets worse. The IPO informs TorrentFreak that password sharing could also mean criminal liability for fraud. [...] In a low-key announcement today, the UK Government's Intellectual Property Office announced a new campaign in partnership with Meta, aiming to help people avoid piracy and counterfeit goods online. Other than in the headline, there is zero mention of Meta in the accompanying advice, and almost no advice that hasn't been issued before. But then this appears: "Piracy is a major issue for the entertainment and creative industries. Pasting internet images into your social media, password sharing on streaming services and accessing the latest films, tv series or live sports events through kodi boxes, fire sticks or Apps without paying a subscription all break copyright laws. Not only are you breaking the law but stopping someone earning a living from their hard work."

TorrentFreak immediately contacted the Intellectual Property Office for clarification on the legal side, particularly since password sharing sits under a piracy heading. The IPO's response was uncompromising, to put it mildly. "There are a range of provisions in criminal and civil law which may be applicable in the case of password sharing where the intent is to allow a user to access copyright protected works without payment," the IPO informs TorrentFreak. "These provisions may include breach of contractual terms, fraud or secondary copyright infringement depending on the circumstances." Given that using the "services of a members' club without paying and without being a member" is cited as an example of fraud in the UK, the bar for criminality is set very low, unless the Crown Prosecution Service decides otherwise, of course.

Sam Bankman-Fried has now decided to agree to be extradited to the United States to face fraud charges, two of his lawyers said on Monday, just hours after one of them told a Bahamas judge the FTX founder wanted to see the U.S. indictment against him before consenting. Reuters reports: On Monday afternoon, Jerone Roberts, Bankman-Fried's criminal defense lawyer in The Bahamas, told media outlets including the New York Times that his client had agreed to be voluntarily extradited and that he hoped Bankman-Fried would be back in court later this week. "We as counsel will prepare the necessary documents to trigger the court," the Times quoted Roberts as saying. "Mr. Bankman-Fried wishes to put the customers right, and that is what has driven his decision."

Earlier in the day, Roberts said during a court hearing in Nassau that his client had seen an affidavit laying out the charges against him over FTX's dramatic collapse, but had not yet read the indictment filed last week in Manhattan federal court. After the hearing, Bankman-Fried was remanded back to the custody of the Bahamas' Department of Corrections. He departed the courthouse in a black van marked "Corrections," carrying a manila folder containing papers, a Reuters witness said.

An anonymous reader quotes a report from Ars Technica: The Digital Fair Repair Act, the first right-to-repair bill to entirely pass through a state legislature, is awaiting New York Governor Kathy Hochul's signature. But lobbying by the nation's largest technology interests seems to have kept the bill parked on her desk for months, where it could remain until it dies early next year. Gay Gordon-Byrne, executive director of the Repair Association, said that "opposition has not backed off" despite the bill's nearly unanimous passage in June. Gordon-Byrne has heard that industry groups are pushing for late amendments favoring tech firms but that the bill's sponsors would have to approve -- or convince the governor to sign the bill without them. "It's up to the sponsors at this point," she said. The bill was delivered to the governor Friday, according to the New York Senate's bill tracker, though she has been considering it since late June.

Since passing in June, the New York bill has been aggressively lobbied by various trade groups to limit its impact. An earlier version of the bill would have included lawn equipment, gaming consoles, and appliances, but a "burst of end-of-session lobbying from companies worth billions and their affiliated trade associations" succeeded in stripping the bill down to small electronics, according to the Times Union of Albany. Assemblymember Patricia Fahy, the bill's sponsor, slimmed it down to ensure some part of it could pass in June. State filings showed that trade group TechNet (not to be confused with Microsoft's social/wiki entity) and lobbyists for Microsoft and Apple jumped in then, focusing their efforts on Hochul's office as the bill seemed destined to pass. The Times Union reported that Apple, Google, HP, and Microsoft all paid lobbyists from "the highest-earning professional lobbying firms in Albany" to push back against the bill at the legislative and executive levels. The report notes that the governor has 30 days to act on the bill. "Failing to act has the same effect as a veto (a "pocket veto")."

Asked about the bill's status today by Ars Technica, a spokesperson responded that "Governor Hochul is reviewing the legislation."

Confidential data of about 112,000 taxpayers inadvertently published by the IRS over the summer was mistakenly republished in late November and remained online until early December, the IRS disclosed last week. From a report: Form 990-T data that was supposed to stay private had been taken offline but made its way back to the IRS site when a contractor uploaded an old file that still included most of the private information, a letter sent Thursday to congressional leaders said. The agency is required to make Form 990-Ts filed by nonprofit groups available online but is supposed to keep the form filed by individuals private; in both cases, the agency made that information available too.

An internal programming error caused the September release of private forms along with the ones filed by nonprofit groups, the letter said. This time, the contractor tasked with managing the database reuploaded the older file with the original data instead of a new file that filtered out the forms that needed to be kept private. The IRS shared corrected data with the contractor on Nov. 23, but the old files had not been purged from their system. A third-party researcher alerted the IRS the files were back online on Dec. 1, and the IRS ordered the contractor to take them down immediately. Roughly 104,000 of the 106,000 forms disclosed in September were redisclosed this time. The agency is reconsidering its relationship with the contractor Accenture on this project, the report added, citing a person familiar with the matter.

The U.S. Senate's Banking Committee chairman "said federal agencies need to address the cryptocurrency market and 'maybe' ban it," reports the Hill, "after the high-profile collapse of cryptocurrency market FTX last month." Sen. Sherrod Brown (D-Ohio), told NBC's "Meet the Press" moderator Chuck Todd that the Treasury Department and "all the different agencies" need to get together and assess any possible action related to the cryptocurrency market. "Maybe banning it, although banning it is very difficult because it will go offshore and who knows how that will work," Brown said....

Brown on Sunday said the cryptocurrency market is a "complicated, unregulated pot of money" and the issue was much larger than FTX. "So we've got to do this right," the senator said, adding that he has talked to the Treasury Department to do a related assessment across regulatory agencies. "I've spent much of the last eight years and a half in this job as chair of the Banking, Housing, and Urban Affairs Committee," Brown added "educating my colleagues and trying to educate the public about crypto and the dangers that it presents to our security as a nation and the consumers that get hoodwinked by them."

Friday America's Department of Labor announced that its Occupational Safety and Health Administration has launched an ongoing investigation into six Amazon warehouses in five different states, and has already cited Amazon during those inspections for failing to properly record work-related injuries and illnesses. OSHA issued Amazon citations for 14 recordkeeping violations, including failing to record injuries and illnesses, misclassifying injuries and illnesses, not recording injuries and illnesses within the required time, and not providing OSHA with timely injury and illness records....

"Our concern is that nothing will be done to keep an injury from recurring if it isn't even recorded in the logbook," said Assistant Secretary for Occupational Safety and Health Doug Parker, "which — in a company the size of Amazon — could have significant consequences for a large number of workers."
You can read all the specifics in a 70-page document online. The Chicago Tribune writes that "In one case, a worker's head injury was classified as a muscle strain, OSHA said." ABC News writes that workers at the six investigated Amazon fulfillment-center warehouses "have complained of a grueling pace, uncomfortable heat and the potential for injury."

Amazon faces proposed penalties of $29,008.

Slashdot reader lowvisioncomputing shares a story from the CBC about an elaborate heist discovered "when the chief administrative officer of a southwestern Manitoba rural municipality [population: 3,300] noticed the series of unusual cash withdrawals from its bank account...." It began with a job advertisement. A seemingly legitimate company, with a professional website and a Nova Scotia address, claimed it was looking for cash processors. The contract was for one month. Employees could work from home.

They were told they would receive payments to their credit cards, which they would be expected to move to their bank accounts. They would then withdraw the payments, convert them into bitcoin, and send that to another account.... The majority of the 18 people hired were young and lived in various communities across the country.... Anyone who did an internet search for the company would find a professional website, with information matching what was provided in the employment agreement.

In early December 2019, the cybercriminals sent a phishing email to multiple people at the municipal office of WestLake-Gladsone, a municipality about 150 kilometres west of Winnipeg, on the southwestern shore of Lake Manitoba. At least one person clicked on the link, which allowed the hackers to get into the municipality's computers and bank accounts. But weeks went by and nothing happened, so the municipality didn't report it to the police. It was only after the money disappeared that the municipality discovered the two incidents were connected, said Kate Halashewski, who at the time was the assistant chief administrative officer for the Municipality of WestLake-Gladstone....

Court documents say that on Dec. 19, 2019, a person logged into the municipality's bank account and changed the password, along with the personal verification questions. Over the next 17 days, the cyberattackers added the 18 "employees" hired as payees and began systematically making withdrawals, transferring the money to the employees' credit cards. Dozens of withdrawals were made, totalling $472,377, according to court documents — a considerable amount for a municipality with an entire annual budget of $7 million.

Those withdrawals weren't discovered until Jan. 6, when Halashewski saw 48 bank transfers — each less than $10,000 — going to unfamiliar accounts.... Once they'd completed the initial transfers and conversion, the bitcoin was then sent to the private account of the scammers — who cybersecurity experts say likely aren't in Canada....

The municipality finally announced it had lost nearly half a million dollars in an Oct. 12, 2020, news release.... No arrests have been made in connection with the WestLake-Gladstone cyberattack and RCMP say it is no longer under active investigation.

Long-time Slashdot reader wattersa is a lawyer in Redwood City, California, "and a Slashdot reader since 1998.

"I recently concluded a three-year missing person investigation that unfortunately turned into an overseas homicide in Taiwan. I was authorized by my client to publish the case study on my website, which is based on our recent court filings..." And yes, he writes that the case was solved with a subpoena to Google: I filed that case in late 2019 and then used the subpoena power to try to solve the disappearance, which seemed appropriate. We solved the case in late 2020 due to a fake "proof of life" email that the suspect sent from the victim's email account, which he sent from a hotel where he testified he was staying alone on the night of the disappearance — after (according to him) dropping off the victim at the local train station. The victim could not have sent the email from the other side of Taiwan, which is where the email indicated it was from.... The suspect in my case is a Tony Stark-level supergenius with a Ph.D. and dozens of patents, who works at a prominent engineering company in California. He is currently wanted in Taiwan.

The case was solved with a subpoena to Google for the login/logout history of the victim's Gmail account and the originating IP address of the proof of life email. Although Google does not include the originating IP address in the email headers, it turns out that they retain the IP address for some unknown length of time and we were able to get it. When it became clear that this case was a homicide, co-counsel and I dismissed the conservatorship case and filed a wrongful death case against the suspect in 2021.

We continue to gather information through subpoenas, depositions, and interviews, all of which show that the victim died in a 10-hour window on November 29, 2019. The wrongful death case goes to trial in late 2023 in Santa Clara County. This is a rare case in which the family can afford an expensive, lengthy, attorney-led private investigation.
The original submission includes additional details about a rarely used statute in California that allows conservatorship of a missing person's estate — and apparently grants subpoena power. And it was in response to such a subpoena that Google produced the originating IP address of that crucial proof of life email.

"This obscure statute in the Probate Code was instrumental in solving the case because we didn't have to wait for law enforcement to take action, and we were able to aggressively pursue our own leads. This gave the family a sense of agency and closure, as well as the obvious benefit of solving the disappearance. Also, Taiwan law enforcement could not do subpoenas from Taiwan, so we ended up contributing to their investigation to some extent as well."

On Friday, long-time Slashdot reader NewtonsLaw wrote: Manufacturers of drones made after 16 September 2022 must, from today (16 December), ensure that those drones are "Standard Remote ID" compliant. This means that the drones must broadcast packets of data once per second (using Bluetooth or Wifi) that contain the position speed and path of the drone, a unique identifier and the operator's position including height above ground....

Already, several companies have announced their intention to build networks of receivers that will create a realtime database of all drone activity in the USA, showing the positions of the drones and their operators and flagging any non-compliant craft.

By September 16, 2023, all U.S. hobbyists must fit "broadcast remote ID" modules to their RC model aircraft or older drones which also make them Remote ID compliant (unless they are under 250g in mass or are flown in pre-approved areas called FRIAs)....

Drone and radio-controlled model aircraft users must register with the FAA [unless they weigh less than 0.55 pounds], sit (and pass) a knowledge test and soon have this Remote ID technology installed on all their craft.
"Remote ID helps the FAA, law enforcement, and other federal agencies find the control station when a drone appears to be flying in an unsafe manner or where it is not allowed to fly," argues an FAA web page. This week the top intelligence official at the U.S. Department of Defense told reporters that drones, including drones operated by amateur hobbyists and by foreign adversaries, account for many of the reports of Unidentified Flying Objects, according to the Washington Post.

They quote Sean Kirkpatrick, the director of America's new UFO-tracking agency, as saying that "Some of these things almost collide with planes. We see that on a regular basis...."

Until 2020 Neustar was the domain name registry "for a number of top-level domains," according to its page on Wikipedia, "including .biz, .us (on behalf of United States Department of Commerce), .co, .nyc (on behalf of the city of New York), and .in.

But now U.S. Senator Ron Wyden has asked America's Federal Trade Commission to investigate whether Neustar violated the privacy rights of millions, reports the Washington Post, "when it sold records of where they went online to the federal government."

America's Department of Defense funded a research team at Georgia Tech who purchased Neustar's data starting in 2016, notes a letter from Senator Wyden. Wyden has obtained emails between those researchers and "both the FBI and the Department of Justice, indicating that government officials asked the researchers to run specific queries and that the researchers wrote affidavits and reports for the government describing their findings."

But in addition, Wyden now cites a Department of Justice statement (entered an unrelated court case) which he says makes a concerning assertion: that Neustar executive Rodney Joffe, "who led the company's efforts to sell data to Georgia Tech, was also involved in the sale of DNS data directly to the U.S. government. The court documents say: Rodney Joffe and certain companies with which he was affiliated, including officers and employees of those companies, have provided assistance to and received payment from multiple agencies of the United States government. This has included assistance to the United States intelligence community and law enforcement agencies on cyber security matters. Certain of those companies have maintained contracts with the United States government resulting in payment by the United States of tens of millions of dollars for the provision of, among other things, Domain Name System ('DNS') data. These contracts included classified contracts that required company personnel to maintain security clearances.
From The Washington Post: The stipulation naming entrepreneur Rodney Joffe was the clearest confirmation to date of web histories being sold directly to federal law enforcement and intelligence agencies, instead of through information brokers exempt from restrictions on what telephone companies and websites can share with the government.
Wyden adds: The data that Neustar sold to Georgia Tech may have also included data collected from consumers who were explicitly promised that their data would not be sold to third parties. Between 2018 and 2020, Neustar acquired a competing recursive DNS service, which had previously been operated by Verisign. That service had been advertised to the public by Verisign with unqualified promises that "your public DNS data will not be sold to third parties."

When the product changed hands, users of Verisign's service were seamlessly transitioned to DNS servers that Neustar controlled. This meant that Neustar now received information about the websites accessed by these former Verisign-users, even though neither Verisign nor Neustar provided those users with meaningful, effective notice that the change of ownership had taken place, or that Neustar did not intend to honor the privacy promises that Verisign had previously made to those users. It is unclear if the data Neustar sold to Georgia Tech included data from users who had been promised by Verisign that their data would not be sold.

This is because both Neustar and Verisign have refused to answer questions from my office necessary to determine this important detail.

A new Pentagon office set up to track reports of unidentified flying objects has received "several hundreds" of new reports, but no evidence so far of alien life, the agency's leadership told reporters Friday. The Associated Press reports: The All-domain Anomaly Resolution Office (AARO) was set up in July and is responsible for not only tracking unidentified objects in the sky, but also underwater or in space -- or potentially an object that has the ability to move from one domain to the next. The office was established following more than a year of attention on unidentified flying objects that military pilots have observed but have sometimes been reluctant to report due to fear of stigma.

In June 2021 the Office of the Director of National Intelligence reported that between 2004 and 2021, there were 144 such encounters, 80 of which were captured on multiple sensors. Since then, "we've had lots more reporting," said anomaly office director Sean Kirkpatrick. When asked to quantify the amount, Kirkpatrick said "several hundreds." An updated report from the Director of National Intelligence that will provide specific figures on new reports received since 2021 is expected by the end of the year, the officials said.

Three top Democratic campaign arms said Friday that they would set aside more than $1 million in contributions from former crypto golden boy FTX founder Sam Bankman-Fried, as first reported by The Washington Post. The groups plan to return the money to FTX customers as part of ongoing legal proceedings. The Verge reports: The Democratic National Committee and two top Democratic campaign groups announced the moves days after Bankman-Fried was arrested and charged with eight counts, including wire fraud and campaign finance violations. "Given the allegations around potential campaign finance violations by Bankman-Fried, we are setting aside funds in order to return the $815,000 in contributions since 2020," a DNC spokesperson confirmed in a statement to The Verge on Friday. "We will return as soon as we receive proper direction in the legal proceedings."

The Democratic Senatorial Campaign Committee and the Democratic Congressional Campaign Committee have also pledged to set aside the $103,000 and $250,000 each received from Bankman-Fried, respectively, according to The Post. Over the last two years, Bankman-Fried became one of the most prolific political megadonors in the US, contributing more than $40 million in personal donations to mostly Democratic campaigns and organizations. But shortly after FTX went bankrupt in November, Bankman-Fried told crypto reporter Tiffany Fong that he donated a similar amount of money to Republican groups as well.

While the extent of Bankman-Fried's GOP contributions has yet to be uncovered, Democratic candidates have been pressured to return any money they received from the crypto mogul. CBS News reported Thursday that most Democratic campaigns that received publicly disclosed contributions from Bankman-Fried have pledged to either return or donate the money to charity. Newly elected Rep. Maxwell Frost (D-FL) confirmed Wednesday that he would donate Bankman-Fried's contributions to his campaign to the Zebra Coalition, a Florida-based group servicing homeless LGBTQ+ youth. [...] Sens. Kirsten Gillibrand (D-NY), Tina Smith (D-MN), Alex Padilla (D-CA), and Bill Cassidy (R-LA) all received $5,800 from Bankman-Fried since last year and have either already donated or plan to donate the funds, according to CBS News.

An anonymous reader quotes a report from the Associated Press: Residents of The Dalles, Oregon, are learning how much of their water Google's data centers have been using to cool the computers inside the cavernous buildings -- information that previously was deemed a trade secret. A lawsuit by the city on behalf of Google -- against Oregon's biggest newspaper, The Oregonian/OregonLive -- that sought to keep the water-use information confidential was dropped, the newspaper reported Thursday. City officials abandoned the 13-month legal fight and committed to release the company's water consumption in future years.

In an email, Google confirmed Thursday that its water use numbers would no longer be a trade secret. "It is one example of the importance of transparency, which we are aiming to increase ... which includes site-level water usage numbers for all our U.S. data center sites, including The Dalles," Google spokesperson Devon Smiley said. Google says (PDF) its data centers in the Oregon town consumed 274.5 million gallons (1 billion liters) of water last year. In a Nov. 21 blog posting, Google said that all of its global data centers consumed approximately 4.3 billion gallons (16.3 billion liters) of water in 2021, which it said is comparable to the water needed to irrigate and maintain 29 golf courses in the southwest U.S. each year. The Dalles Mayor Richard Mays said Google had previously insisted its water usage was a trade secret because the company was concerned about competitors knowing how it cools its servers, but then changed its position and agreed to release the water records. "That's why we backed off (the lawsuit)," Mays told The Oregonian/OregonLive.

The Oregonian/OregonLive, which had requested Google's records last year, said the case represents a major test of Oregon public records law. "This seemed to be a perfect example of a clash of two important storylines, both the expansion of big businesses and the public resource that they need to use," Therese Bottomly, editor of The Oregonian/OregonLive, was quoted as saying.

A raft of lawsuits from the games industry seeks to crack down on cheating in some popular online games, arguing that making cheats for games and even using them might be illegal. From a report: Cheating is a scourge of many online games, inspiring increasingly bold legal counteroffensives by some of the companies who make them. Those lawsuits are largely aimed against makers of cheat software, but they don't let players who use the cheats fully off the hook.Cheat-makers "induce and enable individual Destiny 2 players to create an unauthorized and infringing derivative work each time they deploy the cheat software," states one lawsuit from Sony-owned Bungie Studios that's still winding its way through the courts.

The kinds of cheats in play aren't the ones old-school gamers might have applied by inputting a developer-programmed invincibility code. Rather, they involve premium cheats that let players see through walls to get an advantage in multiplayer combat games such as Destiny 2 or Call of Duty. Game companies, many of which are banning tens and hundreds of thousands of accounts, say cheating scares off honest players and is costly to fight. Bungie estimated in one suit that it spends "roughly $1,250,000 per year on its anti-cheating measures," not including legal costs.

An anonymous reader quotes a report from The Guardian: Rules around taking liquids and laptops through airport security will be eased from June 2024, the government has said. The announcement of the biggest relaxation of aviation security regulations in decades confirms reports last month that the change would come in the year after next. Passengers at most major UK airports will be able to carry liquids in containers holding up to two liters, a huge increase from the current limit of 100ml. Travelers will also no longer need to carry the containers in clear plastic bags, or remove tablets and laptops from hand luggage at checkpoints. The Department for Transport said major airports would be required to install new technology that gives security staff more detailed images of what is in passengers' bags. It will lay new legislation around the changes in parliament on Thursday. The transport secretary, Mark Harper, said: "The tiny toiletry has become a staple of airport security checkpoints, but that's all set to change. I'm streamlining cabin bag rules at airports while enhancing security."

"By 2024, major airports across the UK will have the latest security tech installed, reducing queueing times, improving the passenger experience, and most importantly detecting potential threats."

U.S. Senators Elizabeth Warren (D-Mass.) and Roger Marshall (R-Kan.) are introducing a bill to crack down on money laundering and financing of terrorists and rogue nations via cryptocurrency. CoinDesk reports: If it becomes law, the Digital Asset Anti-Money Laundering Act (PDF) will bring know-your-customer (KYC) rules to crypto participants such as wallet providers and miners and prohibit financial institutions from transacting with digital asset mixers, which are tools designed to obscure the origin of funds. The act would also allow the Financial Crimes Enforcement Network (FinCEN) to implement a proposed rule requiring institutions to report certain transactions involving unhosted wallets -- wallets where the user has complete control over the contents rather than relying on an exchange or other third party.

A new patent granted to Apple suggests the company could use satellite communications for more than just getting help in an emergency. 9to5Mac reports: Emergency SOS via Satellite was one of the headline features of September's Apple event -- so much so that the Far Out event name referenced it. The service launched in the US and Canada last month, and was yesterday extended to the UK, France, Germany, and Ireland. More countries will follow. A patent granted on the same day the service expanded to more countries suggests that Apple satellite plans may extend beyond text, and beyond emergency use.

Patently Apple spotted it: "Satellite communications data conveyed by transceivers #28 and antenna radiators #30 may include media data (e.g., streaming video, television data, satellite radio data, etc.), voice data (e.g., telephone voice data), internet data, and/or any other desired data." Apple has currently committed $450M to support the satellite communications feature, a reasonably sizeable amount of money even by Apple standards for a service that will be of use to a tiny fraction of iPhone owners. But if it's the start of something more, then the investment could look rather modest.