Telegram is enhancing its platform for businesses with the introduction of Telegram Business, offering specialized features like customizable start pages, business hours, and chat management tools, while also initiating an ad-revenue sharing model for public channels with at least 1,000 subscribers. "As a whole, the features could introduce competition into a market where Meta's apps like Messenger, Instagram and WhatsApp have a hold on business communication," reports TechCrunch. From the report: The features arrived just a couple of weeks after Telegram founder Pavel Durov told the Financial Times in an interview that he expected the app, which now has over 900 million users, to become profitable by 2025. Telegram Business is clearly part of that push, leading up to a future IPO, as it's an offering that requires users to subscribe to the paid Premium version to access. Telegram Premium is a bundle of upgraded features that cost $4.99 per month on iOS and Android and is also available as a three-month, six-month or one-year plan.

Telegram Business will likely give Premium another bump as it offers tools and features that can be used by business customers without needing to know how to code. For instance, businesses can choose to display their hours of operation and location on a map, and greet customers with a customized start page for empty chats where they can choose the text and sticker users see before beginning a conversation. Similar to features available on WhatsApp, Telegram Business will offer "quick replies," which are shortcuts to preset messages that support formatting, links, media, stickers and files.

Businesses can also set their own custom greeting messages for customers who engage with the company for the first time, and they can specify a period after which the greeting would be shown again. They can manage their availability using away messages while the business is closed or the owner is on vacation. Plus, the businesses can categorize their chats using colored labels based on what chat folders they're in, like delivery, claim, orders, VIP, feedback, or any others that make sense for them. In addition, businesses can create links to chat that will instantly open a Telegram chat with a request to take an action like tracking an order or reserving a table, among other things. Business customers can also add Telegram bots, including those from other tools or AI assistants, to answer messages on their behalf. The company said more features will roll out to Telegram Business in future updates.

The Federal Trade Commission (FTC) has a new way to combat the impersonation scams that it says cost people $1.1 billion last year alone. Effective today, the agency's rule "prohibits the impersonation of government, businesses, and their officials or agents in interstate commerce." The rule also lets the FTC directly file federal court complaints to force scammers to return money stolen by business or government impersonation. From a report: Impersonation scams are wide-ranging -- creators are on the lookout for fake podcast invites that turn into letting scammers take over their Facebook pages via a hidden "datasets" URL, while Verge reporters have been impersonated by criminals trying to steal cryptocurrency via fake Calendly meeting links.

Linus Media Group was victimized by a thief who pretended to be a potential sponsor and managed to take over three of the company's YouTube channels. Some scams can also be very intricate, as in The Cut financial columnist Charlotte Cowles' story of how she lost a shoebox holding $50,000 to an elaborate scam involving a fake Amazon business account, the FTC, and the CIA. (See also: gift card scams.) The agency is also taking public comment until April 30th on changes to the rule that would allow it to also target impersonation of individuals, such as through the use of video deepfakes or AI voice cloning. That would let it take action against, say, scams involving impersonations of Elon Musk on X or celebrities in YouTube ads. Others have used AI for more sinister fraud, such as voice clones of loved ones claiming to be kidnapped.

An anonymous reader shares a report: Generative AI search engine Perplexity, which claims to be a Google competitor and recently snagged a $73.6 million Series B funding from investors like Jeff Bezos, is going to start selling ads, the company told ADWEEK. Perplexity uses AI to answer users' questions, based on web sources. It incorporates videos and images in the response and even data from partners like Yelp. Perplexity also links sources in the response while suggesting related questions users might want to ask.

These related questions, which account for 40% of Perplexity's queries, are where the company will start introducing native ads, by letting brands influence these questions, said company chief business officer Dmitry Shevelenko. When a user delves deeper into a topic, the AI search engine might offer organic and brand-sponsored questions. Perplexity will launch this in the upcoming quarters, but Shevelenko declined to disclose more specifics. While Perplexity touts on its site that search should be "free from the influence of advertising-driven models," advertising was always in the cards for the company. "Advertising was always part of how we're going to build a great business," said Shevelenko.

Poland has fined Amazon close to $8 million for misleading consumers about the conclusion of sales contracts on its online marketplace. The sanction "also calls out the e-commerce giant for deceptive design elements which may inject a false sense of urgency into the purchasing process and mislead shoppers about elements like product availability and delivery dates," reports TechCrunch. From the report: The country's consumer and competition watchdog, the UOKiK, has been looking into complaints about Amazon's sales practices since September 2021, following complaints from shoppers, including some who did not receive their purchases. The authority opened a formal investigation into Amazon's practices in February 2023. Wednesday's sanction is the conclusion of that probe. The UOKiK found consumers who ordered products on Amazon could have their purchases subsequently cancelled by the tech giant as it does not treat the moment of purchase as the conclusion of a sales contract, despite sending consumers confirmation of their order -- even after consumers have paid for the product. For Amazon, the conclusion of a sales contract only occurs once it has sent information about the actual shipment. [...]

Its enforcement also calls out Amazon for using deceptive design to encourage shoppers to click buy by presenting misleading information about product availability and delivery windows -- such as by listing how many items were in stock to be purchased and providing a countdown clock to order an item in order to get it on a particular delivery date. Its investigation found Amazon does not always meet these deadlines for orders, nor ship products immediately as they may be out of stock despite claims to the contrary shown to consumers. "Amazon treats the data it provides on availability and shipping date as indicative but the way it is presented does not indicate this," the UOKiK noted, adding: "Consumers can only find out about this in the terms of sale on the platform."

While Amazon does offer a delivery guarantee -- offering a refund if items do not ship within the stated time -- the authority found it failed to provide consumers with information about the rules of this service before placing an order. It only offers details at the order summary stage. And then only "if the consumer decides to read the subsequent links specifying delivery details." Shoppers who did not follow the link to read more may not have been aware of their right to apply for and receive a refund from Amazon if there is a delay in shipment. It also found the e-commerce giant failed to provide information about the "Delivery Guarantee" in the purchase confirmation sent to shoppers. Amazon said it will appeal the fine. The company also writes: "Fast and reliable delivery across a wide selection of products is a top priority for us, and Amazon.pl has millions of items available with fast and free Prime delivery. Since launching Amazon.pl in 2021, we have continuously invested and worked hard to provide customers with a clear, reliable delivery promise at check out, and while the vast majority of our deliveries arrive on time, customers can contact us in the rare event that they experience a delay or order cancellation, and we will make it right.

Over the last year, we have collaborated with the Office of Competition and Consumer Protection (UOKiK), and proposed multiple voluntary amendments to continue to improve the customer experience on Amazon.pl. We strictly follow legal standards in all countries where we operate and we strongly disagree with the assessment and penalty issued by the UOKiK. We will appeal this decision."

"If you've ever jokingly wondered if your search or viewing history is going to 'put you on some kind of list,' your concern may be more than warranted," writes Mashable : In now unsealed court documents reviewed by Forbes, Google was ordered to hand over the names, addresses, telephone numbers, and user activity of Youtube accounts and IP addresses that watched select YouTube videos, part of a larger criminal investigation by federal investigators.

The videos were sent by undercover police to a suspected cryptocurrency launderer... In conversations with the bitcoin trader, investigators sent links to public YouTube tutorials on mapping via drones and augmented reality software, Forbes details. The videos were watched more than 30,000 times, presumably by thousands of users unrelated to the case. YouTube's parent company Google was ordered by federal investigators to quietly hand over all such viewer data for the period of Jan. 1 to Jan. 8, 2023...
"According to documents viewed by Forbes, a court granted the government's request for the information," writes PC Magazine, adding that Google was asked "to not publicize the request." The requests are raising alarms for privacy experts who say the requests are unconstitutional and are "transforming search warrants into digital dragnets" by potentially targeting individuals who are not associated with a crime based simply on what they may have watched online.
That quote came from Albert Fox-Cahn, executive director at the Surveillance Technology Oversight Project, who elaborates in Forbes' article. "No one should fear a knock at the door from police simply because of what the YouTube algorithm serves up. I'm horrified that the courts are allowing this."

Thanks to long-time Slashdot reader schwit1 for sharing the article.

An anonymous reader shared this report from The Register: Chinese spies exploited a couple of critical-severity bugs in F5 and ConnectWise equipment earlier this year to sell access to compromised U.S. defense organizations, UK government agencies, and hundreds of other entities, according to Mandiant.

The Google-owned threat hunters said they assess, "with moderate confidence," that a crew they track as UNC5174 was behind the exploitation of CVE-2023-46747, a 9.8-out-of-10-CVSS-rated remote code execution bug in the F5 BIG-IP Traffic Management User Interface, and CVE-2024-1709, a path traversal flaw in ConnectWise ScreenConnect that scored a perfect 10 out of 10 CVSS severity rating.

UNC5174 uses the online persona Uteus, and has bragged about its links to China's Ministry of State Security (MSS) — boasts that may well be true. The gang focuses on gaining initial access into victim organizations and then reselling access to valuable targets... Just last month, Mandiant noticed the same combination of tools, believed to be unique to this particular Chinese gang, being used to exploit the ConnectWise flaw and compromise "hundreds" or entities, mostly in the U.S. and Canada. Also between October 2023 and February 2024, UNC5174 exploited CVE-2023-22518 in Atlassian Confluence, CVE-2022-0185 in Linux kernels, and CVE-2022-3052, a Zyxel Firewall OS command injection vulnerability, according to Mandiant.

These campaigns included "extensive reconnaissance, web application fuzzing, and aggressive scanning for vulnerabilities on internet-facing systems belonging to prominent universities in the U.S., Oceania, and Hong Kong regions," the threat intel team noted.
More details from The Record. "One of the strangest things the researchers found was that UNC5174 would create backdoors into compromised systems and then patch the vulnerability they used to break in. Mandiant said it believes this was an 'attempt to limit subsequent exploitation of the system by additional unrelated threat actors attempting to access the appliance.'"

Apple has launched a new "Documentation" page to its website that provides links to user guides, repair manuals, tech specs, software downloads, and more for a variety of its products. MacRumors reports: Some of this information was previously found across separate pages on Apple's website, and it has now been combined in one place for convenient access. The page includes categories for the Mac, iPhone, iPad, iPod, Vision Pro, Apple Watch, Apple TV, AirPods, HomePod, displays like the Studio Display and Pro Display XDR, accessories like the Apple Pencil and Magic Keyboard, and software. There is also a search tool on the page that provides links to support documents and other relevant information based on the keywords entered.

Motorola's 2024 Moto G Power impresses with its soft-touch back and contoured edges at a $300 price point, despite an underwhelming camera and LCD panel. Except one thing: the bloatware. The Verge: Scroll through the app drawer and you'll see a handful of automatically downloaded "folders." They are not folders; they are apps. I first encountered them on last year's Moto G Stylus 5G, and I hate them very much. There are three main offenders -- Shopping, Entertainment, and GamesHub -- and each of these apps acts as a little hub. Icons for apps that you have legitimately downloaded will appear in the corresponding "folder." You'll also find tons of other suggested apps to download -- pages and pages of them! Apps as far as the eye can see!

Dismissing the suggested apps section replaces it with a "Discover" section. In the shopping app, it invites you to "Unlock the power of shopping" with links to buy stuff like kitschy Easter decor from TJ Maxx. Mercifully, there's a toggle to hide this section. These apps are all made by a company called Swish, and you can't opt out of downloading any of them during the setup process. You can (and should!) opt out of downloading a third-party lock screen from a different service called Glance. The more I dig into the software on this phone, the more I hate it. The preinstalled weather app is festooned with ads and even more suggested apps, plus pithy insights like "Gotta love air conditioning at these high levels of humidity." If you tap the option to remove ads, a pop-up asks you to pay $4 for 1Weather Pro.

Epic Games, which makes the popular video game "Fortnite," on Wednesday accused Apple of violating an injunction governing its lucrative App Store, and asked a U.S. judge to hold Apple in contempt and end its "sham" compliance. From a report: A September 2021 injunction by U.S. District Judge Yvonne Gonzalez Rogers in Oakland, California, let developers provide links and buttons that direct consumers to other means to pay for digital content.

In a filing with the California court, Epic alleged that Apple is in "blatant violation" of that injunction, despite the Cupertino, California-based company's assurance in a Jan. 16 court notice that it had "fully complied." Epic said Apple has imposed new rules and a new 27% fee on developers for some purchases, which taken together make the links "commercially unusable." The Cary, North Carolina-based developer also said Apple continues to "categorically prohibit" buttons, and still forbids some apps from telling users they have other purchasing options.

Jess Weatherbed reports via The Verge: Midjourney says it has banned Stability AI staffers from using its service, accusing employees at the rival generative AI company of causing a systems outage earlier this month during an attempt to scrape Midjourney's data. Midjourney posted an update to its Discord server on March 2nd that acknowledged an extended server outage was preventing generated images from appearing in user galleries. In a summary of a business update call on March 6th, Midjourney claimed that "botnet-like activity from paid accounts" -- which the company specifically links to Stability AI employees -- was behind the outage.

According to Midjourney user Nick St. Pierre on X, who listened to the call, Midjourney said that the service was brought down because "someone at Stability AI was trying to grab all the prompt and image pairs in the middle of a night on Saturday." St. Pierre said that Midjourney had linked multiple paid accounts to an individual on the Stability AI data team. In its summary of the business update call on March 6th (which Midjourney refers to as "office hours"), the company says it's banning all Stability AI employees from using its service "indefinitely" in response to the outage. Midjourney is also introducing a new policy that will similarly ban employees of any company that exercises "aggressive automation" or causes outages to the service.

St. Pierre flagged the accusations to Stability AI CEO Emad Mostaque, who replied on X, saying he was investigating the situation and that Stability hadn't ordered the actions in question. "Very confusing how 2 accounts would do this team also hasn't been scraping as we have been using synthetic & other data given SD3 outperforms all other models," said Mostaque, referring to the Stable Diffusion 3 AI model currently in preview. He claimed that if the outage was caused by a Stability employee, then it was unintentional and "obviously not a DDoS attack." Midjourney founder David Holz responded to Mostaque in the same thread, claiming to have sent him "some information" to help with his internal investigation.

Ubuntu-based Linux Mint includes HexChat software by default "to offer a way for users of the distro to talk to, ask questions, and get support from other users," according to the Linux blog OMG Ubuntu.

But in February HexChat's developer announced its final release... That got devs thinking. As is, IRC isn't user-friendly. It's a kind of an arcane magic involving strange commands. Its onboarding is obtuse. And the protocol doesn't natively support things like media sharing (screenshots are useful when troubleshooting), clickable links, or other modern "niceties". And yet, IRC is a fast, established, open, and versatile protocol... It's free and immediate (no sign-up required to use it) which makes it ideal for 'when you need it' use.

So work has begun on a new dedicated "chat room" app to replace HexChat, called Jargonaut. Linux Mint's goal is not to build a fully-featured IRC client, or even an IRC client at all. Jargonaut is a chat app that just happens to use IRC as its underlying chat protocol. Users won't need to know what IRC is nor learn its syntax, as Jargonaut isn't going to respond to standard IRC commands... When the app is opened Linux Mint's official support channels are there, ready to engage with. A real-time support chat app built on IRC — with additional bells:

"[Jargonaut] will support pastebin/imgur via DND, uploading your system specifications, troubleshooting and many features which have nothing to do with IRC," says Linux Mint lead Clement Lefebvre in the distro's latest monthly update. "HexChat was a great IRC client which helped us make a relatively good support chat room. We're hoping Jargonaut will help us make this chat room even better and much easier to use."
"Like most of Linux Mint's home-grown XApps the new app is hosted on Github," the article points out, "which is where you should go t to check in on Jargonaut's current status, check out the code and compile it, or contribute to its development with your own fair hands."

The article also argues that IRC "isn't as trendy as Discord or Telegram, but it is a free, open standard that no single entity controls, is relatively low-bandwidth, interoperable, and efficient."

Mexico is waiting for the United States to provide evidence that shows imported genetically modified corn is safe for human consumption. "In a written submission to a panel of the United States-Mexico-Canada Agreement, Mexico, the top buyer of U.S. corn, argued that science proves GM corn and the herbicide glyphosate are harmful to human health and its native varieties, and that its decree to ban GM corn for human consumption is within its right," reports Reuters. From the report: [Deputy Agriculture Secretary Victor Suarez] said the onus is now on the United States to show GM corn is not harming Mexico's population, which consumes a higher amount of corn than many countries through daily diet staples like nixtamalized dough and tortilla. The United States "argues that the decisions in Mexico are not based on science and that their decisions are," Suarez told Reuters in an interview. "But we still haven't seen the science of the United States or the companies. We are looking forward to that study with great pleasure."

A spokesman for the U.S. Department of Agriculture said Mexico's approach to biotechnology runs counter to "decades' worth of evidence demonstrating its safety." A senior official for the U.S. Trade Representative said, "Scientific authorities, including in Mexico, have consistently found biotech products like corn to be safe over a period of decades." [...] Mexico's written response cited studies it said showed links between GM corn consumption and glyphosate exposure to liver inflammation in people and impacts to immune response in animals, saying it considers the risk to human health "extremely serious."

The United States in August requested a dispute settlement panel under the USMCA over Mexico's decree to ban GM corn for human consumption, specifically in the use of making flour for tortillas. The decree allows the use of GM yellow corn in animal feed, which accounts for the majority of Mexico's nearly $5.9 billion worth of U.S. corn imports annually. Washington argues Mexico's decree banning imports of GM corn used for tortillas is not based on science and violates its commitments under the USMCA, which has been in place since 2020. "There is no impact on trade," Suarez said of Mexico's decree. "The value and volume of exports of GM corn to Mexico has increased."

Mexico's decree also calls for the gradual substitution of GM corn, a point of contention highlighted by U.S. officials. In its written response, Mexico argued that no specific time frame has been established and therefore it has had no trade impact. "It is a strategic goal, like the United States would like to have energy sovereignty and energy self-sufficiency," Suarez said. The United States is expected to issue a rebuttal to Mexico's response.

The European Union has confirmed it's looking into Apple's decision to close Epic Games' developer account -- citing three separate regulations that may apply. From a report: Yesterday the Fortnite maker revealed Apple had terminated the account, apparently reversing a decision to approve the developer account last month. Epic had planned to launch its own app store, the Epic Games Stores, on iOS in Europe, as well as Fortnight on Apple's platform. And it accused Apple of breaching the bloc's Digital Markets Act (DMA) by killing its developer account.

Responding to the development, a European Commission spokesperson told TechCrunch it has "requested further explanations on this from Apple under the DMA." The pan-EU regulation applies on Apple from midnight Brussels' time today. The spokesperson also said the EU is evaluating whether Apple's actions raise compliance "doubts" with regard to two other regulations -- the Digital Services Act (DSA) and the platform-to-business regulation (P2B) -- given what they described as "the links between the developer program membership and the App Store as designated VLOP" (very large online platform).

An anonymous reader quotes a report from TechCrunch: A technology company that routes millions of SMS text messages across the world has secured an exposed database that was spilling one-time security codes that may have granted users' access to their Facebook, Google and TikTok accounts. The Asian technology and internet company YX International manufactures cellular networking equipment and provides SMS text message routing services. SMS routing helps to get time-critical text messages to their proper destination across various regional cell networks and providers, such as a user receiving an SMS security code or link for logging in to online services. YX International claims to send 5 million SMS text messages daily. But the technology company left one of its internal databases exposed to the internet without a password, allowing anyone to access the sensitive data inside using only a web browser, just with knowledge of the database's public IP address.

Anurag Sen, a good-faith security researcher and expert in discovering sensitive but inadvertently exposed datasets leaking to the internet, found the database. Sen said it was not apparent who the database belonged to, nor who to report the leak to, so Sen shared details of the exposed database with TechCrunch to help identify its owner and report the security lapse. Sen told TechCrunch that the exposed database included the contents of text messages sent to users, including one-time passcodes and password reset links for some of the world's largest tech and online companies, including Facebook and WhatsApp, Google, TikTok, and others. The database had monthly logs dating back to July 2023 and was growing in size by the minute. In the exposed database, TechCrunch found sets of internal email addresses and corresponding passwords associated with YX International, and alerted the company to the spilling database. The database went offline a short time later.

Wikipedia has downgraded tech website CNET's reliability rating following extensive discussions among its editors regarding the impact of AI-generated content on the site's trustworthiness. "The decision reflects concerns over the reliability of articles found on the tech news outlet after it began publishing AI-generated stories in 2022," adds Ars Technica. Futurism first reported the news. From the report: Wikipedia maintains a page called "Reliable sources/Perennial sources" that includes a chart featuring news publications and their reliability ratings as viewed from Wikipedia's perspective. Shortly after the CNET news broke in January 2023, Wikipedia editors began a discussion thread on the Reliable Sources project page about the publication. "CNET, usually regarded as an ordinary tech RS [reliable source], has started experimentally running AI-generated articles, which are riddled with errors," wrote a Wikipedia editor named David Gerard. "So far the experiment is not going down well, as it shouldn't. I haven't found any yet, but any of these articles that make it into a Wikipedia article need to be removed." After other editors agreed in the discussion, they began the process of downgrading CNET's reliability rating.

As of this writing, Wikipedia's Perennial Sources list currently features three entries for CNET broken into three time periods: (1) before October 2020, when Wikipedia considered CNET a "generally reliable" source; (2) between October 2020 and present, when Wikipedia notes that the site was acquired by Red Ventures in October 2020, "leading to a deterioration in editorial standards" and saying there is no consensus about reliability; and (3) between November 2022 and January 2023, when Wikipedia considers CNET "generally unreliable" because the site began using an AI tool "to rapidly generate articles riddled with factual inaccuracies and affiliate links."

Futurism reports that the issue with CNET's AI-generated content also sparked a broader debate within the Wikipedia community about the reliability of sources owned by Red Ventures, such as Bankrate and CreditCards.com. Those sites published AI-generated content around the same period of time as CNET. The editors also criticized Red Ventures for not being forthcoming about where and how AI was being implemented, further eroding trust in the company's publications. This lack of transparency was a key factor in the decision to downgrade CNET's reliability rating. A CNET spokesperson said in a statement: "CNET is the world's largest provider of unbiased tech-focused news and advice. We have been trusted for nearly 30 years because of our rigorous editorial and product review standards. It is important to clarify that CNET is not actively using AI to create new content. While we have no specific plans to restart, any future initiatives would follow our public AI policy."

Hackers targeting individuals in the cryptocurrency sector are using a sophisticated phishing scheme that begins with a malicious link on Calendly. "The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call," reports Krebs on Security. "But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems." From the report: A search in Google for a string of text from that script turns up a December 2023 blog post from cryptocurrency security firm SlowMist about phishing attacks on Telegram from North Korean state-sponsored hackers. "When the project team clicks the link, they encounter a region access restriction," SlowMist wrote. "At this point, the North Korean hackers coax the team into downloading and running a 'location-modifying' malicious script. Once the project team complies, their computer comes under the control of the hackers, leading to the theft of funds."

SlowMist says the North Korean phishing scams used the "Add Custom Link" feature of the Calendly meeting scheduling system on event pages to insert malicious links and initiate phishing attacks. "Since Calendly integrates well with the daily work routines of most project teams, these malicious links do not easily raise suspicion," the blog post explains. "Consequently, the project teams may inadvertently click on these malicious links, download, and execute malicious code."

SlowMist said the malware downloaded by the malicious link in their case comes from a North Korean hacking group dubbed BlueNoroff, which Kaspersky Labs says is a subgroup of the Lazarus hacking group. "A financially motivated threat actor closely connected with Lazarus that targets banks, casinos, fin-tech companies, POST software and cryptocurrency businesses, and ATMs," Kaspersky wrote of BlueNoroff in Dec. 2023.

Nintendo has filed a 41-page lawsuit against the makers of Yuzu, an open-source Nintendo Switch emulator, accusing them of "facilitating piracy at a colossal scale." Polygon reports: Yuzu is a free emulator that was released in 2018 months after the Nintendo Switch originally launched. The same folks who made Citra, a Nintendo 3DS emulator, made this one. Basically, it's a piece of software that lets people play Nintendo Switch games on Windows PC, Linux, and Android devices. (It also runs on Steam Deck, which Valve showed -- then wiped -- in a Steam Deck video clip.) Emulators aren't necessarily illegal, but pirating games to play on them is. But Nintendo said in its lawsuit that there's no way to legal way to use Yuzu.

Nintendo argued that Yuzu executes codes that "defeat" Nintendo's security measures, including decryption using "an illegally-obtained copy of prod.keys." "In other words, without Yuzu's decryption of Nintendo's encryption, unauthorized copies of games could not be played on PCs or Android devices," Nintendo wrote in the lawsuit. As to the alleged damages created by Yuzu, Nintendo pointed to the release of The Legend of Zelda: Tears of the Kingdom. Tears of the Kingdom leaked almost two weeks earlier than the game's May 12 release date. The pirated version of the game spread quickly; Nintendo said it was downloaded more than 1 million times before Tears of the Kingdom's release date. People used Yuzu to play the game; Nintendo said more than 20% of download links pointed people to Yuzu.

Though Yuzu doesn't give out pirated copies of games, Nintendo repeatedly said that most ROM sites point people toward Yuzu to play whatever games they've downloaded. Nintendo said its "expended significant resources to stop the illegal copying, marketing, sale, and distribution" of its Nintendo Switch games. It says that Yuzu earns the team $30,000 per month on its Patreon from more than 7,000 patrons. Nintendo said the company has earned at least $50,000 in paid Yuzu downloads. Nintendo said that Yuzu's Patreon doubled its paid members in the period between May 1 and May 12, when Tears of the Kingdom was released. Nintendo is asking the court to shut down the emulator, and for damages.

An anonymous reader shares a report: News publishers are worried -- with good reason -- about changes coming to Google Search. AI-generated content replacing links on some of the most valuable space on the internet, in particular, has left media types with a lot of questions, starting with "is this going to be a traffic-destroying nightmare?" The News filter disappearing from Google search results for some users this week won't help publishers sleep any easier. Google confirmed some users were not seeing the News filter as part of ongoing testing. "We're testing different ways to show filters on Search and as a result, a small subset of users were temporarily unable to access some of them," a Google spokesperson confirmed via email.

Sarah Perez reports via TechCrunch: The CEO of meditation app Insight Timer, Christopher Plowman, is frustrated. He doesn't think the teachers who leverage his app's marketplace to reach their students should have to share 30% of their income with Apple -- its commission on in-app purchases -- and for the past 12 months, Apple had also agreed. After Apple loosened its rules around in-app donations in 2022, Insight Timer took advantage of the option to adjust a digital donations feature that allowed Insight Timers' teachers to collect "tips" from their user profiles and during live events. Apple reviewed the app and approved its release on the App Store. Now the tech giant has changed its mind -- it wants to collect a commission from this content, and Insight Timer had no choice but to comply or have its iOS business shut down, Plowman says. [...]

In section 3.2.1 of Apple's App Review guidelines, the company explains that apps can route around Apple's in-app purchase if the app enables individual users to "give a monetary gift to another individual" and "100% of the funds" go to the receiver of the gift. Insight Timer capitalized on this option to allow its users to tip meditation teachers, healers, musicians, and others who use its app to teach classes on meditation, managing stress, finding happiness or spiritual enlightenment, and more. Insight Timer implemented the feature using Stripe as the payment provider on the back end, as the rule permits. Users can opt to donate funds to the teacher, but they don't have to. Insight Timer's main business is selling premium subscriptions to its app, which offer additional features, like offline listening, journaling, and unlimited access to its courses. Fifty percent of this revenue is shared with the teachers, so they don't have to rely on donations to fund their work. During the time the commission-free donations feature was live, Insight Timer's users donated roughly $100,000 per month to the app's teachers, Plowman says.

Apple appeared to have blessed this use case, as the tech giant went on to approve 47 more updates to Insight Timer's app over the course of a 12-month period. When a question arose, Insight Timer explained that these were donations -- it doesn't take a cut of that revenue -- and Apple would approve the app. Late last year, those approvals stopped. An app reviewer told Insight Timer that these donations were no longer considered monetary gifts -- they were now "digital content." That meant they were also now subject to Apple's commissions. This decision doesn't hurt Insight Timer's bottom line, as the app's main business is subscriptions. Instead, it hurts the community of teachers who generate additional funds via users' donations. Now, with Apple demanding 30% of that revenue, the teachers are getting a 30% pay cut overnight, so to speak.

Plowman says he went back and forth with Apple over this feature, trying to understand why the donations option that Apple had previously allowed -- 47 times! -- was now subject to commission. Apple compromised and said it would allow the donations' link on teachers' profiles to be subject to its commission-free rules, but all other donations -- from live events, from meditations themselves -- had to be commissioned. It wouldn't allow those links to point to the donation link on the teachers' profiles, either. "And I was like, well, what's the point of building an ice cream stand across the road if you won't let the customers cross the road to buy the ice cream?" Plowman argued. In the end, the two parties didn't reach any sort of resolution. Plowman was given until February to comply with Apple's decision, or his business would be shut out of the App Store.

Jennifer Ouellette reports via Ars Technica: Famed naturalist Charles Darwin amassed an impressive personal library over the course of his life, much of which was preserved and cataloged upon his death in 1882. But many other items were lost, including more ephemeral items like unbound volumes, pamphlets, journals, clippings, and so forth, often only vaguely referenced in Darwin's own records. For the last 18 years, the Darwin Online project has painstakingly scoured all manner of archival records to reassemble a complete catalog of Darwin's personal library virtually. The project released its complete 300-page online catalog -- consisting of 7,400 titles across 13,000 volumes, with links to electronic copies of the works -- to mark Darwin's 215th birthday on February 12.

"This unprecedentedly detailed view of Darwin's complete library allows one to appreciate more than ever that he was not an isolated figure working alone but an expert of his time building on the sophisticated science and studies and other knowledge of thousands of people," project leader John van Wyhe of the National University of Singapore said. "Indeed, the size and range of works in the library makes manifest the extraordinary extent of Darwin's research into the work of others."