A California judge has shut down a decade-long surveillance program in which Sacramento's utility provider shared granular smart-meter data on 650,000 residents with police to hunt for cannabis grows. The EFF reports: The Sacramento County Superior Court ruled that the surveillance program run by the Sacramento Municipal Utility District (SMUD) and police violated a state privacy statute, which bars the disclosure of residents' electrical usage data with narrow exceptions. For more than a decade, SMUD coordinated with the Sacramento Police Department and other law enforcement agencies to sift through the granular smart meter data of residents without suspicion to find evidence of cannabis growing. EFF and its co-counsel represent three petitioners in the case: the Asian American Liberation Network, Khurshid Khoja, and Alfonso Nguyen. They argued that the program created a host of privacy harms -- including criminalizing innocent people, creating menacing encounters with law enforcement, and disproportionately harming the Asian community.

The court ruled that the challenged surveillance program was not part of any traditional law enforcement investigation. Investigations happen when police try to solve particular crimes and identify particular suspects. The dragnet that turned all 650,000 SMUD customers into suspects was not an investigation. "[T]he process of making regular requests for all customer information in numerous city zip codes, in the hopes of identifying evidence that could possibly be evidence of illegal activity, without any report or other evidence to suggest that such a crime may have occurred, is not an ongoing investigation," the court ruled, finding that SMUD violated its "obligations of confidentiality" under a data privacy statute. [...]

In creating and running the dragnet surveillance program, according to the court, SMUD and police "developed a relationship beyond that of utility provider and law enforcement." Multiple times a year, the police asked SMUD to search its entire database of 650,000 customers to identify people who used a large amount of monthly electricity and to analyze granular 1-hour electrical usage data to identify residents with certain electricity "consumption patterns." SMUD passed on more than 33,000 tips about supposedly "high" usage households to police. [...] Going forward, public utilities throughout California should understand that they cannot disclose customers' electricity data to law enforcement without any "evidence to support a suspicion" that a particular crime occurred.

Longtime Slashdot reader fahrbot-bot shares a report from 404 Media: The Ukrainian Army is knocking a once-hyped Russian superweapon out of the sky by jamming it with a song and tricking it into thinking it's in Lima, Peru. The Kremlin once called its Kh-47M2 Kinzhal ballistic missiles "invincible." Joe Biden said the missile was "almost impossible to stop." Now Ukrainian electronic warfare experts say they can counter the Kinzhal with some music and a re-direction order. [...] Kinzhals and other guided munitions navigate by communicating with Russian satellites that are part of the GLONASS system, a GPS-style navigation network. Night Watch uses a jamming system called Lima EW to generate a disruption field that prevents anything in the area from communicating with a satellite. Many traditional jamming systems work by blasting receivers on munitions and aircraft with radio noise. Lima does that, but also sends along a digital signal and spoofs navigation signals. It "hacks" the receiver it's communicating with to throw it off course.

Night Watch shared pictures of the downed Kinzhals with 404 Media that showed a missile with a controlled reception pattern antenna (CRPA), an active antenna that's meant to resist jamming and spoofing. "We discovered that this missile had pretty old type of technology," Night Watch said. "They had the same type of receivers as old Soviet missiles used to have. So there is nothing special, there is nothing new in those types of missiles." Night Watch told 404 Media that it used this Lima to take down 19 Kinzhals in the past two weeks. First, it replaces the missile's satellite navigation signals with the Ukrainian song "Our Father Is Bandera."

Any digital noise or random signal would work to jam the navigation system, but Night Watch wanted to use the song because they think it's funny. "We just send a song... we just make it into binary code, you know, like 010101, and just send it to the Russian navigation system," Night Watch said. "It's just kind of a joke. [Bandera] is a Ukrainian nationalist and Russia tries to use this person in their propaganda to say all Ukrainians are Nazis. They always try to scare the Russian people that Ukrainians are, culturally, all the same as Bandera." Once the song hits, Night Watch uses Lima to spoof a navigation signal to the missiles and make them think they're in Lima, Peru. Once the missile's confused about its location, it attempts to change direction. These missiles are fast -- launched from a MiG-31 they can hit speeds of up to Mach 5.7 or more than 4,000 miles per hour -- and an object moving that fast doesn't fare well with sudden changes of direction.

An Ohio IT contractor pleaded guilty to breaking into his former employer's network after being fired, impersonating another worker and using a PowerShell script to reset 2,500 passwords -- an act that locked out thousands of employees and caused more than $862,000 in damage. He faces up to 10 years in prison. The Register reports: Maxwell Schultz, 35, impersonated another contractor to gain access to the company's network after his credentials were revoked. Announcing the news, US attorney Nicholas J. Ganjei did not specify the company in question, which is typical in these malicious insider cases, although local media reported it to be Houston-based Waste Management.

The attack took place on May 14, 2021, and saw Schultz use the credentials to reset approximately 2,500 passwords at the affected organization. This meant thousands of employees and contractors across the US were unable to access the company network. Schultz admitted to running a PowerShell script to reset the passwords, searching for ways to delete system logs to cover his tracks -- in some cases succeeding -- and clearing PowerShell window events, according to the Department of Justice.

Prosecutors said the attack caused more than $862,000 worth of damage related to employee downtime, a disrupted customer service function, and costs related to the remediation of the intrusion. Schultz is set to be sentenced on Jan 30, 2026, and faces up to ten years in prison and a potential maximum fine of $250,000.

IBM and Cisco plan to link quantum computers over long distances by the early 2030s, "with the goal of demonstrating the concept is workable by the end of 2030," reports Reuters. "The move could pave the way for a quantum internet, though executives at the two companies cautioned that the networks would require technologies that do not currently exist and will have to be developed with the help of universities and federal laboratories." From the report: The challenge begins with a problem: Quantum computers like IBM's sit in massive cryogenic tanks that get so cold that atoms barely move. To get information out of them, IBM has to figure out how to transform information in stationary "qubits" -- the fundamental unit of information in a quantum computer -- into what Jay Gambetta, director of IBM Research and an IBM fellow, told Reuters are "flying" qubits that travel as microwaves.

But those flying microwave qubits will have to be turned into optical signals that can travel between Cisco switches on fiber-optic cables. The technology for that transformation -- called a microwave-optical transducer -- will have to be developed with the help of groups like the Superconducting Quantum Materials and Systems Center, led by the Fermi National Accelerator Laboratory near Chicago, among others. Along the way, Cisco and IBM will also publish open-source software to weave all the parts together.

An anonymous reader shares a report: This summer, Oslo's public-transport authority drove a Chinese electric bus deep into a decommissioned mine inside a nearby mountain to answer a question: Could it be hacked? Isolated by rock from digital interference, cybersecurity experts came back with a qualified yes: The bus could in theory be remotely disabled using the control system for the battery.

The revelation, presented at a recent public-transport conference, has spurred officials in Denmark and the U.K. to start their own investigations into Chinese vehicles. It has also fed into broader security concerns across Europe about the growing prevalence of Chinese-made equipment in the region's energy and telecommunications infrastructure.

The worry is the same for autos, solar panels and other connected devices: that mechanisms used for wirelessly delivering system updates could also be exploited by a hostile government or third-party hacker to compromise critical networks. [...] The Oslo transport authority, Ruter, said the bus's mobile-network connection via a Romanian SIM card gave manufacturer Yutong access to the control system for battery and power supply. Ruter said it is addressing the vulnerability by developing firewalls and delaying the signals sent to the vehicles, among other solutions.

Cloudflare suffered its worst network outage in six years on Tuesday, beginning at 11:20 UTC. The disruption prevented the content delivery network from routing traffic for roughly three hours. The failure, writes Cloudflare in a blog post, originated from a database permissions change deployed at 11:05 UTC. The modification altered how a database query returned information about bot detection features. The query began returning duplicate entries. A configuration file used to identify automated traffic doubled in size and spread across the network's machines. Cloudflare's traffic routing software reads this file to distinguish bots from legitimate users. The software had a built-in limit of 200 bot detection features. The enlarged file contained more than 200 entries. The software crashed when it encountered the unexpected file size.

Users attempting to access websites behind Cloudflare's network received error messages. The outage affected multiple services. Turnstile security checks failed to load. The Workers KV storage service returned elevated error rates. Users could not log into Cloudflare's dashboard. Access authentication failed for most customers.

Engineers initially suspected a coordinated attack. The configuration file was automatically regenerated every five minutes. Database servers produced either correct or corrupted files during a gradual system update. Services repeatedly recovered and failed as different versions of the file circulated. Teams stopped generating new files at 14:24 UTC and manually restored a working version. Most traffic resumed by 14:30 UTC. All systems returned to normal at 17:06 UTC.

Mexico has finally lifted its long-running Tor ban for the main government portal, allowing privacy-focused users, journalists, and activists to access gob.mx again after more than a decade of blocking. That said, the open data portal and the former Tor-compatible whistleblower system remain inaccessible. CyberInsider reports: The development follows a long period of digital censorship that spanned two full six-year presidential terms, those of Enrique Pena Nieto and Andres Manuel Lopez Obrador, and continued into the early months of Claudia Sheinbaum Pardo's current administration. Research conducted by Jacobo Najera and Miguel Trujillo, published in October 2023, documented that 21 federal government agencies were blocking traffic from the Tor network, effectively excluding privacy-conscious users from vital public resources and services.

An anonymous reader shares a report: Lawyers from the American Civil Liberties Union (ACLU) and Electronic Frontier Foundation (EFF) sued the city of San Jose, California over its deployment of Flock's license plate-reading surveillance cameras, claiming that the city's nearly 500 cameras create a pervasive database of residents movements in a surveillance network that is essentially impossible to avoid.

The lawsuit was filed on behalf of the Services, Immigrant Rights & Education Network and Council on American-Islamic Relations, California, and claims that the surveillance is a violation of California's constitution and its privacy laws. The lawsuit seeks to require police to get a warrant in order to search Flock's license plate system. The lawsuit is one of the highest profile cases challenging Flock; a similar lawsuit in Norfolk, Virginia seeks to get Flock's network shut down in that city altogether.

"San Jose's ALPR [automatic license plate reader] program stands apart in its invasiveness," ACLU of Northern California and EFF lawyers wrote in the lawsuit. "While many California agencies run ALPR systems, few retain the locations of drivers for an entire year like San Jose. Further, it is difficult for most residents of San Jose to get to work, pick up their kids, or obtain medical care without driving, and the City has blanketed its roads with nearly 500 ALPRs."

An outage at Cloudflare that began moments ago has knocked many popular websites, including ChatGPT and X, according to user reports. Cloudflare says on its website: "Cloudflare is aware of, and investigating an issue which potentially impacts multiple customers. Further detail will be provided as more information becomes available."

Update: In a statement after the outage was resolved, Cloudflare CTO said: Earlier today we failed our customers and the broader Internet when a problem in Cloudflare network impacted large amounts of traffic that rely on us. The sites, businesses, and organizations that rely on Cloudflare depend on us being available and I apologize for the impact that we caused.

Transparency about what happened matters, and we plan to share a breakdown with more details in a few hours. In short, a latent bug in a service underpinning our bot mitigation capability started to crash after a routine configuration change we made. That cascaded into a broad degradation to our network and other services. This was not an attack.

That issue, impact it caused, and time to resolution is unacceptable. Work is already underway to make sure it does not happen again, but I know it caused real pain today. The trust our customers place in us is what we value the most and we are going to do what it takes to earn that back.

An anonymous reader quotes a report from Security Affairs: On October 24, 2025, Azure DDoS Protection detected and mitigated a massive multi-vector attack peaking at 15.72 Tbps and 3.64 billion pps, the largest cloud DDoS ever recorded, aimed at a single Australian endpoint. Azure's global protection network filtered the traffic, keeping services online. The attack came from the Aisuru botnet, a Turbo Mirai-class IoT botnet using compromised home routers and cameras.

The attack used massive UDP floods from more than 500,000 IPs hitting a single public address, with little spoofing and random source ports that made traceback easier. It highlights how attackers are scaling with the internet: faster home fiber and increasingly powerful IoT devices keep pushing DDoS attack sizes higher. "On October 24, 2025, Azure DDOS Protection automatically detected and mitigated a multi-vector DDoS attack measuring 15.72 Tbps and nearly 3.64 billion packets per second (pps). This was the largest DDoS attack ever observed in the cloud and it targeted a single endpoint in Australia," reads a report published by Microsoft. "The attack originated from Aisuru botnet."

"Attackers are scaling with the internet itself. As fiber-to-the-home speeds rise and IoT devices get more powerful, the baseline for attack size keeps climbing," concludes the post. "As we approach the upcoming holiday season, it is essential to confirm that all internet-facing applications and workloads are adequately protected against DDOS attacks."

fjo3 shares a report from TheWrap: There are already at least 175,000 AI-generated podcast episodes on platforms like Spotify and Apple. That's thanks to Inception Point AI, a startup with just eight employees cranking out 3,000 episodes a week covering everything from localized weather reports and pollen trackers to a detailed account of Charlie Kirk's assassination and its cultural impact, to a biography series on Anna Wintour. Its podcasting network Quiet Please has generated 12 million lifetime episode downloads and amassed 400,000 subscribers -- so, yes, people are really listening to AI podcasts.

Inception Point CEO Jeanine Wright believes the tool is proof that automation can make podcasting scalable, profitable and accessible without human writers, editors or hosts. "The price is now so inexpensive that you can take a lot of risks,â Wright told TheWrap. "You can make a lot of content and a lot of different genres that were never commercially viable before and serve huge audiences that have really never had content made for them." At a cost of $1 an episode, Wright takes a quantity-over-quality approach. "I think very quickly we get to a place where AI is a default way that content is made, not just across audio, but across television and film and commercials and imagery, and everything. And then we will disclose when things are not made with AI instead of that they were made with AI," Wright said. "But for now, we are perfectly happy leading the way."

An anonymous reader shared this report from CNBC: [T]he computing power of crypto mining generates a lot of heat, most which just ends up vented into the air. According to digital assets brokerage, K33, the bitcoin mining industry generates about 100 TWh of heat annually — enough to heat all of Finland.This energy waste within a very energy-intense industry is leading entrepreneurs to look for ways to repurpose the heat for homes, offices, or other locations, especially in colder weather months.

During a frigid snap earlier this year, The New York Times reviewed HeatTrio, a $900 space heater that also doubles as a bitcoin mining rig. Others use the heat from their own in-home cryptocurrency mining to spread warmth throughout their house. "I've seen bitcoin rigs running quietly in attics, with the heat they generate rerouted through the home's ventilation system to offset heating costs. It's a clever use of what would otherwise be wasted energy," said Jill Ford, CEO of Bitford Digital, a sustainable bitcoin mining company based in Dallas... "Same price as heating the house, but the perk is that you are mining bitcoin," Ford said...

The crypto-heated future may be unfolding in the town of Challis, Idaho, where Cade Peterson's company, Softwarm, is repurposing bitcoin heat to ward off the winter. Several shops and businesses in town are experimenting with Softwarm's rigs to mine and heat. At TC Car, Truck and RV Wash, Peterson says, the owner was spending $25 a day to heat his wash bays to melt snow and warm up the water. "Traditional heaters would consume energy with no returns. They installed bitcoin miners and it produces more money in bitcoin than it costs to run," Peterson said. Meanwhile, an industrial concrete company is offsetting its $1,000 a month bill to heat its 2,500-gallon water tank by heating it with bitcoin. Peterson has heated his own home for two-and-a-half years using bitcoin mining equipment and believes that heat will power almost everything in the future. "You will go to Home Depot in a few years and buy a water heater with a data port on it and your water will be heated with bitcoin," Peterson said.
Derek Mohr, clinical associate professor at the University of Rochester Simon School of Business, remains skeptical. Bitcoin mining is so specialized now that a home computer, or even network of home computers, would have almost zero chance of being helpful in mining a block of bitcoin, according to Mohr, with mining farms use of specialized chips that are created to mine bitcoin much faster than a home computer... "The bitcoin heat devices I have seen appear to be simple space heaters that use your own electricity to heat the room..."
CNBC also spoke to Andrew Sobko, founder of Argentum AI (which is building a marketplace for sharing computing power), who says the idea makes the most sense in larger settings. "We're working with partners who are already redirecting compute heat into building heating systems and even agricultural greenhouse warming. That's where the economics and environmental benefits make real sense. Instead of trying to move the heat physically, you move the compute closer to where that heat provides value."

An anonymous reader quotes a report from The Record: Russian telecom operators have begun cutting mobile internet access for 24 hours for citizens returning to the country from abroad, in what officials say is an effort to prevent Ukrainian drones from using domestic SIM cards for navigation. "When a SIM card enters Russia from abroad, the user has to confirm that it's being used by a person -- not installed in a drone," the Digital Development Ministry said in a statement earlier this week.

Users can restore access sooner by solving a captcha or calling their operator for identification. Authorities said the temporary blackout is meant to "ensure the safety of Russian citizens" and prevent SIM cards from being embedded in "enemy drones." The new rule has led to unexpected outages for residents in border regions, whose phones can automatically connect to foreign carriers. Officials advised users to switch to manual network selection to avoid being cut off.

Amazon announced that its satellite broadband project called Project Kuiper will now be known as Amazon Leo. GeekWire reports: Leo is a nod to "low Earth orbit," where Amazon has so far launched more than 150 satellites as part of a constellation that will eventually include more than 3,200. In a blog post, Amazon said the 7-year-old Project Kuiper began "with a handful of engineers and a few designs on paper" and like most early Amazon projects "the program needed a code name." The team was inspired by the Kuiper Belt, a ring of asteroids in the outer solar system.

A new website for Amazon Leo proclaims "a new era of internet is coming," as Amazon says its satellites can help serve "billions of people on the planet who lack high-speed internet access, and millions of businesses, governments, and other organizations operating in places without reliable connectivity." Amazon said it will begin rolling out service once it's added more coverage and capacity to the network. Details about pricing and availability haven't been announced.

An anonymous reader quotes a report from TechCrunch: As generative AI content starts to fill our social apps, a project to bring back Vine's six-second looping videos is launching with Twitter co-founder Jack Dorsey's backing. On Thursday, a new app called diVine will give access to more than 100,000 archived Vine videos, restored from an older backup that was created before Vine's shutdown. The app won't just exist as a walk down memory lane; it will also allow users to create profiles and upload their own new Vine videos. However, unlike on traditional social media, where AI content is often haphazardly labeled, diVine will flag suspected generative AI content and prevent it from being posted. According to TechCrunch, a volunteer preservation group called the Archive Team saved Vine's content when it shut down in 2016. The only problem was that everything was stored in massive 40-50 GB binary blob files that were basically unusable for casual viewing.

Evan Henshaw-Plath (who goes by the name Rabble), an early Twitter employee and member of Jack Dorsey's nonprofit "and Other Stuff," dug into those backup files to try and salvage as much as he could. He spent months writing big-data extraction scripts, reverse-engineering how the archived binaries were structured, and reconstructing the original video files, old user info, view counts, and more. "I wasn't able to get all of them out, but I was able to get a lot out and basically reconstruct these Vines and these Vine users, and give each person a new user [profile] on this open network," he said.

Rabble estimates that through this process he was able to successfully recover 150,000-200,000 Vine videos from around 60,000 creators. diVine then rebuilt user profiles on top of the decentralized Nostr protocol so creators can reclaim their accounts, request takedowns, or upload missing videos.

You can check out the app for yourself at diVine.video. It's available in beta form on both iOS and Android.

German Chancellor Friedrich Merz said Chinese suppliers such as Huawei will be excluded from the country's future telecommunication networks on security grounds as he pushes for more digital sovereignty. From a report: "We have decided within the government that everywhere it's possible we'll replace components, for example in the 5G network, with components we have produced ourselves," Merz told a business conference in Berlin on Thursday. "And we won't allow any components from China in the 6G network."

Europe is increasingly concerned about its reliance on foreign technology, ranging from Asian semiconductors to US artificial intelligence and cloud infrastructure, as trade and geopolitical tensions threaten critical supply chains. Germany last year ordered telecom operators to remove Huawei equipment from their core networks, citing risks to national security. Berlin is now considering using public funds to pay Deutsche Telekom AG and others to strip out Chinese gear, Bloomberg News reported last month.

According to the Financial Times (paywalled), Meta's Chief AI Scientist Yann LeCun, a deep-learning pioneer and Turing Award winner, is reportedly leaving the company to launch his own startup. Reuters reports: The owner of Facebook and Instagram has significantly increased its investments in artificial intelligence, with CEO Mark Zuckerberg reorganizing the company's AI initiatives under Superintelligence Labs. Zuckerberg hired Alexandr Wang, former CEO of data-labeling startup Scale AI to lead the new AI effort. As a result, LeCun, who had reported to chief product officer Chris Cox, is now reporting to Wang, the report said.

The company began investing in AI in 2013 by launching Facebook Artificial Intelligence Research (FAIR) unit and recruiting LeCun, who is a known skeptic of the large language model path to superintelligence. LeCun is also a Silver Professor of data science, computer science, neural science and electrical and computer engineering at New York University, according to his LinkedIn page. He is known for his work in deep learning and the invention of the convolutional neural network, which is widely used for image, video and speech recognition.

The European Commission is considering turning its non-binding 2020 guidance on "high-risk vendors" into a legal requirement that would effectively force EU member states to phase out Huawei and ZTE from mobile and fixed-line networks. Bloomberg reports: Commission Vice President Henna Virkkunen wants to convert the European Commission's 2020 recommendation to stop using high-risk vendors in mobile networks into a legal requirement, according to the people, who asked not to be identified because the negotiations are private. While infrastructure decisions rest with national governments, Virkkunen's proposal would compel EU countries to align with the commission's security guidance.

The EU is increasingly focused on the risks posed by Chinese telecom equipment makers as trade and political ties with its second-largest trading partner fray. The concern is that handing over control of critical national infrastructure to companies with such close ties to Beijing could compromise national security interests.

Virkkunen is examining ways to limit the use of Chinese equipment suppliers in fixed-line networks, as countries push for the rapid deployment of state-of-the-art fiber cables to expand high-speed internet access. The commission is also considering measures to dissuade non-EU countries from relying on Chinese vendors, including by withholding Global Gateway funding from nations that use the grants for projects involving Huawei equipment, according to the people.

Investment in subsea cable projects is expected to reach around $13 billion between 2025 and 2027, almost twice the amount invested between 2022 and 2024, according to telecommunications data provider TeleGeography. Tech giants Meta, Google, Amazon and Microsoft now represent about 50% of the overall market, up from a negligible share a decade ago.

The companies are expanding their subsea infrastructure to connect growing networks of data centers needed for AI development. Meta announced Project Waterworth in February, a 50,000-kilometer cable connecting five continents that will be the world's longest subsea cable project. Amazon announced its first wholly-owned subsea cable called Fastnet, connecting Maryland to Ireland. Google has invested in over 30 subsea cables. Over 95% of international data and voice call traffic travels through nearly a million miles of underwater cables.

Visa and Mastercard are nearing a settlement with merchants that aims to end a 20-year-old legal dispute by lowering fees stores pay and giving them more power to reject certain credit cards, WSJ reports, citing people familiar with the matter. From the report: Under terms being discussed, Visa and Mastercard would lower credit-card interchange fees, which are often between 2% and 2.5%, by an average of around 0.1 percentage point over several years, the people said. They would also loosen rules that require merchants that accept one of a network's credit cards to accept all of them.

A deal could be announced soon, the people said, and would require court approval to take effect. If an agreement is finalized, consumers could see big changes at the register. Merchants that accept one kind of Visa credit card wouldn't have to accept all Visa credit cards, for example. Under the current talks, credit-card acceptance would be divided into several categories including rewards credit cards, credit cards with no rewards programs, and commercial cards, the people familiar with the matter said.

Some stores might turn away rewards cards, which charge them higher fees and in recent years have become very popular with consumers. But stores that reject those cards would face the risk of declining sales.