Kentucky is requiring that electric vehicle charging companies include Tesla's plug if they want to be part of a state program to electrify highways using federal dollars, according to documents reviewed by Reuters. From the report: Kentucky's plan went into effect on Friday, making it the first state to mandate Tesla's charging technology, although Texas and Washington states previously shared such plans with Reuters. In addition to federal requirements for the rival Combined Charging System (CCS), Kentucky mandates Tesla's plug, called the North American Charging Standard (NACS), at charging stations, according to Kentucky's request for proposal (RFP) for the state's EV charging program on Friday.

"Each port must be equipped with an SAE CCS 1 connector. Each port shall also be capable of connecting to and charging vehicles equipped with charging ports compliant with the North American Charging Standard (NACS)," the documents say. The U.S. Department of Transportation earlier this year said that charging companies must provide CCS plugs to be eligible for federal funding to deploy 500,000 EV chargers by 2030. It added that the rule allows charging stations to have other connectors, as long as they support CCS, a national standard.

An anonymous reader writes: The Federal Aviation Administration has certified for testing a vehicle that a California startup describes as a flying car -- the first fully electric vehicle that can both fly and travel on roads to receive US government approval. Alef Automotive said that its vehicle/aircraft, dubbed the "Model A," is the first flying vehicle that is drivable on public roads and able to park like a normal car. It also has vertical takeoff and landing capabilities. It apparently will be able to carry one or two occupants and will have a road-range of 200 miles and a flying range of 110 miles.

The company expects to sell the vehicle for $300,000 each with the first delivery by projected for the end of 2025. The FAA confirmed that it has issued the company a special airworthiness certificate, allowing for limited purposes that include exhibition, research and development. Numerous companies are working on all-electric VTOLs, which stands for vehicle takeoff and landing aircraft. The FAA said that Alef is "not the first aircraft of its kind" to get a special airworthiness certificate. However, Alef noted that its vehicle is different because of its ability to function both on roads and in the air, to appear like a normal car and to park in a normal parking space.

Reactions continue to Red Hat's announcement that they'd start limiting access to Red Hat Enterprise Linux sources, reports Ars Technica: Rocky Linux, launched by CentOS co-founder Greg Kurtzer as a replacement RHEL-compatible distro, announced Thursday that it believes Red Hat's moves "violate the spirit and purpose of open source." Using a few different methods (Universal Base Image containers, pay-per-use public cloud instances), Rocky Linux intends to maintain what it considers legitimate access to RHEL code under the GNU General Public License (GPL) and make the code public as soon as it exists.
"These methods are possible because of the power of GPL," explains Rocky Linux's blog post. "No one can prevent redistribution of GPL software. To reiterate, both of these methods enable us to legitimately obtain RHEL binaries and SRPMs without compromising our commitment to open source software or agreeing to TOS or EULA limitations that impede our rights. Our legal advisors have reassured us that we have the right to obtain the source to any binaries we receive, ensuring that we can continue advancing Rocky Linux in line with our original intentions.... [O]ur unwavering dedication and commitment to open source and the Enterprise Linux community remain steadfast."

"In the unfortunate event that Red Hat decides to ramp up efforts to negatively impact the community, Rocky Linux will persist to continue serving the best interests of the entire open source community. As a reminder, we welcome everyone to contribute to our efforts. You can learn more about how you can join us and all of the various ways to contribute on our wiki."

Ars Technica notes that AlmaLinux is "also working to keep providing RHEL-compatible updates and downstream rebuilds." "The process is more labor intensive as we require gathering data and patches from several sources, comparing them, testing them, and then building them for release," wrote Jack Aboutboul, community manager for AlmaLinux, in a blog post. "But rest assured, updates will continue flowing just as they have been."

The Software Freedom Conservancy's Bradley M. Kuhn weighed in last week with a comprehensive overview of RHEL's business model and its tricky relationship with GPL compliance. Red Hat's business model "skirts" GPL violation but had only twice previously violated the GPL in newsworthy ways, Kuhn wrote. Withholding Complete Corresponding Source (CCS) from the open web doesn't violate the GPL itself, but by doing so, Red Hat makes it more difficult for anyone to verify the company's GPL compliance.

Kuhn expressed sadness that "this long road has led the FOSS community to such a disappointing place."
Red Hat argued that they "do not find value in a RHEL rebuild." Rocky Linux dismissed this view as "narrow-minded," and RHEL-derived AlmaLinux even responded with specific examples, also noting its contributions to the RHEL and CentOS communities. AlmaLinux's community manager wrote "When executed properly, downstream rebuilds provide tremendous value and are a tremendous asset to upstream projects."

And ITWire shares one more reaction: German open source vendor SUSE says it will not be making any changes to its policies on source code access, emphasising "that the freedom to access, modify, and distribute software should remain open to all".

A new article in the Washington Post reports that even internally, "Space Force officials are still debating its priorities, analysts say: Is it to support warfighters on the ground? Or should it focus primarily on protecting assets in space? Or both?"

In April, the Washington Post reported that space would likely be a key part of a Chinese invasion of Taiwan, and one possible Space Force counter-measure would "ensure that the United States avoids 'operational surprise,' by keeping track of other countries' satellites and movements in space while also being able to 'identify behaviors that become irresponsible or even hostile.'"

To address the possibility of enemies shooting down satellites, the Space Force is also "pivoting, relying on constellations of small satellites that can be easily replaced and, to an increasing degree, maneuver." That's just one example of how the Space Force intends to ensure the U.S. maintains "space superiority," as its leaders often say, to protect the satellites the Defense Department relies on for warnings of incoming missiles, steering precision-guided munitions and surveilling both friendly and hostile forces. It also could deter conflict in space — why strike a satellite if there are backups that would easily carry on the mission...?

[Maj. Gen. Stephen Purdy, the commander of the 45th Space Wing] gave a tour of some of the roles the Space Force could play, offering a glimpse into its future. Soldiers and Marines already pre-position supplies and equipment on the ground, he said. Could the Space Force start storing supplies in space and then fly them to hot spots on Earth as well? "In theory, we could have huge racks of stuff in orbit and then somebody can call those in, saying. 'I need X, Y, Z delivered to me now on this random island.' And then, boom, they shoot out and they parachute in and they land with GPS assistance," he said. "It's a fascinating thought exercise for emergency response — you know if a type of tidal wave or tsunami comes in and wipes out a whole area."

The military is also working to harness solar energy in space, and then beam it to ground stations. Could the Space Force use that technology to beam power to remote areas to support soldiers on the ground? Another idea: If the cadence of launches really does double or triple and the costs continue to come down, could the Space Force start using rockets to deliver cargo across the globe at a moment's notice? Soon there could be commercial space stations floating around in orbit. "Can we lease a room?" Purdy said. "Can we lease a module?"
A former vice chairman of the Joint Chiefs of Staff believes the U.S. Space Force is misunderstood — at least partly because much of what it does is classified. "We fundamentally need to normalize the classification," he tells the Washington Post, "so we can have a conversation with the public, with the American people."

Monday U.S. Senator Marco Rubio said government workers with high security clearances had made UFO-related claims, leading to a bill's provision to halt any reverse-engineering of alien crafts. News stories at the time noted "allegations of secret UFO retrieval and reverse-engineering programs" by former intelligence official turned whistleblower, David Grusch, a story which Vanity Fair traced to a "little-known" site called The Debrief.

But that article's authors have some serious journalistic experience. Ralph Blumenthal spent more than 45 years on staff at The New York Times. Leslie Kean is an investigative science journalist known for her writing on UFOs. In 2017 they teamed up with a New York Times Pentagon correspondent for an "explosive 2017 UFO report," writes the Atlantic, "in which the journalists revealed a defunct secret Pentagon program — initially funded at the request of former Senate majority leader Harry Reid — to investigate 'unidentified flying objects.'" I've learned that Kean and Blumenthal did, in fact, bring the story to the Times, but the paper of record turned it down... The pair also pitched their story to Politico and The Washington Post. The Post had been trying to further report the story that the reporters had brought to the paper, but didn't think it was ready for publication; among its reservations, according to a source familiar, was that it was unclear what members of Congress made of Grusch's testimony... Politico — which, a source familiar noted, had the story for mere days, while the Post had the story for weeks — also wasn't able to turn around the story at the speed that Kean and Blumenthal wanted, Blumenthal said...

The writers' apparent time constraints have only raised more questions. "To be clear — the Washington Post did not pass on our story," Kean wrote on Facebook Monday. "Ralph and I took it to the Debrief because we were under growing pressure to publish it very quickly." Blumenthal told me that circumstances — including that Grusch's identity as the whistleblower had leaked out on the internet — pushed them to "publish sooner than we'd hoped." "If there had been no leaks, it might've been different," Blumenthal said. But "people on the internet were spreading stories Dave was getting harassing phone calls and we felt the only way to protect him was to get the story out...."

Now out in the world, the reporting process is raising even more eyebrows. During interviews on NewsNation with both Grusch and Kean, it became clear that neither had seen photos of the alleged craft. NewsNation's Brian Entin asked Kean about the lack of receipts: "He has the credentials, but there's no documents that he's handed over, there's no pictures, and as a journalist, you want to see documents; you want to see pictures." But Kean said the lack of documents or photographs did not raise red flags for her because "all of that information is classified." She believes it, she said, "because of all the sources I have who have told me the same thing... I don't think there's some conspiracy among all these people who don't know each other to make something like this up."

In response to the report, DoD spokesperson Sue Gough told NewsNation in a statement, "To date, AARO (All-domain Anomaly Resolution Office) has not discovered any verifiable information to substantiate claims that any programs regarding the possession or reverse-engineering of any extraterrestrial materials have existed in the past or exist currently.

Wikipedia defines the Yocto Project as "a Linux Foundation collaborative open source project whose goal is to produce tools and processes that enable the creation of Linux distributions for embedded and IoT software that are independent of the underlying architecture of the embedded hardware."

This week the Linux Foundation shared an update on the 12-year-old Yocto Project: In an effort to support the community, The Yocto Project announced the first Long Term Support (LTS) release in October 2020. Today, we are delighted to announce that we are expanding the LTS release and extending the lifecycle from 2 to 4 years as standard.

The continued growth of the Yocto Project coincides with the welcomed addition of Exein as a Platinum Member, joining AMD/Xilinx, Arm, AWS, BMW Group, Cisco, Comcast, Intel, Meta and WindRiver. As a Member, Exein brings its embedded security expertise across billions of devices to the core of the Yocto Project...

"The Yocto Project has been at the forefront of OS technologies for over a decade," said Andrew Wafaa, Yocto Project Chairperson. "The adaptability and variety of the tooling provided are clearly making a difference to the community. We are delighted to welcome Exein as a member as their knowledge and experience in providing secure Yocto Project based builds to customers will enable us to adapt to the modern landscape being set by the US Digital Strategy and the EU Cyber Resilience Act."

"We're extremely excited to become a Platinum Partner of the Yocto Project," said Gianni Cuozzo, founder and CEO of Exein. "The Yocto Project is the most important project in the embedded Linux space, powering billions of devices every year. We take great pride in contributing our extensive knowledge and expertise in embedded security to foster a future that is both enhanced and secure for Yocto-powered devices. We are dedicated to supporting the growth of the Yocto Project as a whole, aiming to improve its support for modern languages like Rust, and assist developers and OEMs in aligning with the goals outlined in the EU Cyber Resilience Act."

Futurism reports: G/O Media, a major online media company that runs publications including Gizmodo, Kotaku, Quartz, Jezebel, [the Onion], and Deadspin, has announced that it will begin a "modest test" of AI content on its sites... In an email to staff, G/O Media editorial director Merrill Brown argued that the news shouldn't come as a surprise since "everyone in the media business" has been considering AI.

The trial will include "producing just a handful of stories for most of our sites that are basically built around lists and data," Brown wrote. "These features aren't replacing work currently being done by writers and editors, and we hope that over time if we get these forms of content right and produced at scale, AI will, via search and promotion, help us grow our audience..."

Unions representing G/O Media and The Onion staff issued a statement, writing that "we are appalled by this news. The hard work of journalists cannot be replaced by unreliable AI programs notorious for creating falsehoods and plagiarizing the work of real writers." Gizmodo and Kotaku staff, in particular, were outraged at the news. "AI content will not replace my work — but it will devalue it, place undue burden on editors, destroy the credibility of my outlet, and further frustrate our audience," Gizmodo journalist Lin Codega tweeted in response to the news. "AI in any form, only undermines our mission, demoralizes our reporters, and degrades our audience's trust."

The New York Times tells the story of Simon Mackenzie, a security officer at a U.K. discount store uploading security camera footage of shoplifters into a facial recognition program called Facewatch. "The next time those people enter any shop within a few miles that uses Facewatch, store staff will receive an alert."

Facewatch — now in nearly 400 stores across Britain — licenses facial recognition software made by Real Networks and Amazon. Though it only sends alert about repeat offenders, "Once added, a person remains there for a year before being deleted." For as little as 250 pounds a month, or roughly $320, Facewatch offers access to a customized watchlist that stores near one another share. When Facewatch spots a flagged face, an alert is sent to a smartphone at the shop, where employees decide whether to keep a close eye on the person or ask the person to leave. Mr. Mackenzie adds one or two new faces every week, he said, mainly people who steal diapers, groceries, pet supplies and other low-cost goods. He said their economic hardship made him sympathetic, but that the number of thefts had gotten so out of hand that facial recognition was needed. Usually at least once a day, Facewatch alerts him that somebody on the watchlist has entered the store...

Among democratic nations, Britain is at the forefront of using live facial recognition, with courts and regulators signing off on its use. The police in London and Cardiff are experimenting with the technology to identify wanted criminals as they walk down the street. In May, it was used to scan the crowds at the coronation of King Charles III. But the use by retailers has drawn criticism as a disproportionate solution for minor crimes. Individuals have little way of knowing they are on the watchlist or how to appeal. In a legal complaint last year, Big Brother Watch, a civil society group, called it "Orwellian in the extreme...." Madeleine Stone, the legal and policy officer for Big Brother Watch, said Facewatch was "normalizing airport-style security checks for everyday activities like buying a pint of milk."
There is a human in the loop, the article points out. "Every time Facewatch's system identifies a shoplifter, a notification goes to a person who passed a test to be a 'super recognizer' — someone with a special talent for remembering faces. Within seconds, the super recognizer must confirm the match against the Facewatch database before an alert is sent."

The company's founder tells the Times that in general, "mistakes are rare but do happen... If this occurs, we acknowledge our mistake, apologize, delete any relevant data to prevent reoccurrence and offer proportionate compensation."

And the article adds this official response from the U.K. government: Fraser Sampson, Britain's biometrics and surveillance camera commissioner, who advises the government on policy, said there was "a nervousness and a hesitancy" around facial recognition technology because of privacy concerns and poorly performing algorithms in the past. "But I think in terms of speed, scale, accuracy and cost, facial recognition technology can in some areas, you know, literally be a game changer," he said. "That means its arrival and deployment is probably inevitable. It's just a case of when."

"People do not like eating insects. Livestock are less picky," writes the Economist. Of course, the insects need to eat, too. To date, they have mostly been reared on leftover chicken feed. But the supply of that is limited, and if insect-reared meat is to take off, new sources will be needed. In a paper in Applied Entomology, Niels Eriksen, a biochemist at Aalborg University, suggests feeding them on the waste products of the beer industry. The world knocks back around 185bn litres of beer every year. Each litre produces between three and ten litres of wastewater full of discarded barley and yeast . The mix is rich in protein but deficient in carbohydrates, especially compared with chicken feed.
The Economist reports that the researchers found brewery waste was "happily consumed" by insects they tested, which "grew equally well on either food source." This suggests the possibility that other plentiful and protein-rich food wastes could also become "reasonable targets for nutrient recycling by insects," including waste from other fermentation industries (like bioethanol), slaughterhouses, and sugar-beet waste.

Thanks to Slashdot reader echo123 for sharing the article.

An anonymous Slashdot reader writes: An article in Nature Sustainability suggests that models may have underestimated the impact of warming on ecosystems. Two main reasons for this are the difficulty in accounting for variability and combining climate change with other pressure factors: for instance, pollution, excessive exploitation of species, deforestation due to increased demographics growth and meat consumption, ecosystem fragmentation, also harm wildlife.
After using software to simulate over 70,000 ecosystem scenarios, the two professors and a postdoctoral researcher issued this warning in The Conversation: Around the world, rainforests are becoming savanna or farmland, savanna is drying out and turning into desert, and icy tundra is thawing. Indeed, scientific studies have now recorded "regime shifts" like these in more than 20 different types of ecosystem where tipping points have been passed. Around the world, more than 20% of ecosystems are in danger of shifting or collapsing into something different.

These collapses might happen sooner than you'd think. Humans are already putting ecosystems under pressure in many different ways — what we refer to as stresses. And when you combine these stresses with an increase in climate-driven extreme weather, the date these tipping points are crossed could be brought forward by as much as 80%. This means an ecosystem collapse that we might previously have expected to avoid until late this century could happen as soon as in the next few decades. That's the gloomy conclusion of our latest research, published in Nature Sustainability.

Human population growth, increased economic demands, and greenhouse gas concentrations put pressures on ecosystems and landscapes to supply food and maintain key services such as clean water. The number of extreme climate events is also increasing and will only get worse. What really worries us is that climate extremes could hit already stressed ecosystems, which in turn transfer new or heightened stresses to some other ecosystem, and so on. This means one collapsing ecosystem could have a knock-on effect on neighbouring ecosystems through successive feedback loops: an "ecological doom-loop" scenario, with catastrophic consequences...

There is no way to restore collapsed ecosystems within any reasonable timeframe. There are no ecological bailouts. In the financial vernacular, we will just have to take the hit.

Linux magazine reports that "Former Snap co-developer Alan Pope, who left Canonical in 2021 after 10 years with the company, has developed unsnap, a script that replaces snaps with Flatpaks where available. The script, hosted on GitHub, has been tested by the developers for use on Ubuntu and all derivatives that offer snapd and packages in the Snap format."

Pope clarifies its status on GitHub: Let's say it's "Pre-alpha", as in "It kinda works on my computer". Unless you plan on contributing (see below) it's probably not ready for you, yet.
And Pope notes the existence of "related projects" like the custom-desktop project by Natan Junges "which provides a set of packages to revert an existing Ubuntu install back to something many users may appreciate more." And "deb-get enables Ubuntu users to install and update deb-based packages of popular applications"

But Linux magazine tested out unsnap: The flatpak list command can be used to determine which snaps were converted to Flatpak format. For snaps with a Flatpak equivalent, unsnap converted these snaps cleanly, and all of the programs remained functional. The script left the remaining snaps and the infrastructure untouched...

An equivalent Flatpak must be available, which is very often the case with graphical applications. With a little manual work, the Snap infrastructure can also be removed.

After a three-year pause, U.S. student loan repayments are set to resume on October 1st — just three months from today. But CNN reports that yesterday America's Supreme Court "struck down President Joe Biden's student loan forgiveness program, blocking millions of borrowers from receiving up to $20,000 in federal student debt relief."

"The court's 6 to 3 conservative majority held that the secretary of education did not have that authority under existing law," writes the Washington Post. The Guardian quotes President Biden's response: "I think the court misinterpreted the constitution."

CNN reports: No debt had been canceled, even though the Biden administration had received about 26 million applications for relief last year and approved 16 million of them. The forgiveness program, estimated to cost $400 billion, would have fulfilled a campaign promise of Biden's to cancel some student loan debt. But a group of Republican-led states and other conservative groups took the administration to court over the program, claiming that the executive branch does not have the power to so broadly cancel student debt in the proposed manner.

Critics also point out that the one-time student loan forgiveness program does nothing to address the cost of college for future students and could even lead to an increase in tuition. Some Democrats joined Republicans in voting for a bill to block the program. Both the Senate and the House passed the measure, but Biden vetoed the bill in early June...

The administration estimated that roughly 20 million borrowers would have seen their entire federal student loan balance wiped away.
UPDATE: CNBC reports the administration hasn't given up: President Joe Biden suggested on Friday that he was looking for another avenue to deliver student debt relief after the Supreme Court rejected his forgiveness plan.

"Today's decision has closed one path," Biden said during a briefing Friday. "Now we're going to pursue another."
A statement from the White House also points to other relief policies for students, noting for example that now "no one with an undergraduate loan has to pay more than 5 percent of their discretionary income." CNN reports: New rules set to take effect in July could broaden eligibility for the Public Service Loan Forgiveness program, which is aimed at helping government and nonprofit workers. And a new income-driven repayment plan proposal is meant to lower eligible borrowers' monthly payments and reduce the amount they pay back over time. The administration said this plan was finalized Friday and borrowers will be able to take advantage of it this summer, before loan payments are due. The Department of Education has also made it easier for borrowers who were misled by their for-profit college to apply for student loan forgiveness under a program known as borrower defense to repayment, as well as for those who are permanently disabled. Altogether, the Biden administration has approved more than $66 billion in targeted loan relief to nearly 2.2 million borrowers....

[T]he Biden administration said Friday that it will provide a 12-month on-ramp period for borrowers reentering payment... Borrowers will not be reported to credit bureaus, be considered in default or referred to collection agencies for late, missed or partial payments during the on-ramp period, according to a fact sheet from the White House.

According to NBC News, the FBI created a national online database in May to facilitate information sharing between hundreds of police departments and law enforcement agencies across the country pertaining to swatting incidents. From the report: No central agency has tracked swatting incidents or suspects in the U.S., so official statistics are not available. By 2019, there were an estimated 1,000 swatting incidents domestically each year, according to a report from the Anti-Defamation League, and each incident is estimated to cost at least $10,000 to affected communities, even before expenditures on follow-up work like investigations, property repairs and counseling. Swatting is increasingly enabled by technology that can be used to mask a caller's real voice, their phone number or IP address (also called "spoofing") or to make their false report sound more credible.

[Chief Scott Schubert with the bureau's Criminal Justice Information Services headquarters in Clarksburg, West Virginia] told NBC News that the FBI's new centralized database should help the agency "get that common picture of what's going on across our nation so we can learn from that." [...] While the earliest recorded case of swatting occurred in 2002, to this day, there is no specific law criminalizing swatting in the U.S., says John Jay's Shapiro. "Without a statute in place, there's no designated resources or training for investigating swatting incidents," she said. "And the 911 dispatchers do not have the resources and training they need to differentiate between actual emergencies and false reports."

Legally, the False Information and Hoaxes statute, also known as section 1038, is most frequently used to prosecute swatting. Other statutes can sometimes apply -- one pertaining to interstate threats involving explosives and another pertaining to interstate communications, which refers to extortion or threats to injure or kidnap somebody. "Too often, perpetrators are getting a slap on the wrist compared to the consequences suffered by their victims," Shapiro said.

New data (PDF) from the Bureau of Labor Statistics found that one-third of Americans worked from home in 2022, up from a quarter, or 25%, in 2019. The survey also found that Americans working full time from home worked 2.5 hours less a day than Americans at the office. Barron's reports: Overall, the total civilian population worked for an average of 3.23 hours a day in 2022 down from 3.26 hours a day in 2019. The U.S. is 1% lazier. That number, given by the BLS, is the total population. Don't forget, babies don't work. [...] As far as what Americans were doing with the time not spent working, TV watching stayed flat, socializing dropped, and gaming increased. "Economics is complicated, but labor productivity is essentially the basis for economic gains," writes Barron's Al Root. "The economy is measured in dollars, but the dollar is just a unit of account. More output per worker is how living standards improve."

"In a strange way, coming back to work is like an economic stimulus package. If people go back to the office, at a 2019 rate, and work 8.2 hours a day instead of the at-home 5.7 hours a day, the economy has just added roughly 800 million weeks of work, an 8% bump."

"The findings will give management teams some momentum to bring workers back to the office," adds Root.

Two U.S. authors have filed a proposed class action lawsuit against OpenAI, claiming that the company infringed their copyrights by using their works without permission to train its generative AI system, ChatGPT. The plaintiffs, Massachusetts-based writers Paul Tremblay and Mona Awad, claim the data used to train ChatGPT included thousands of books, including those from illegal "shadow libraries." Reuters reports: The complaint estimated that OpenAI's training data incorporated over 300,000 books, including from illegal "shadow libraries" that offer copyrighted books without permission. Awad is known for novels including "13 Ways of Looking at a Fat Girl" and "Bunny." Tremblay's novels include "The Cabin at the End of the World," which was adapted in the M. Night Shyamalan film "Knock at the Cabin" released in February.

Tremblay and Awad said ChatGPT could generate "very accurate" summaries of their books, indicating that they appeared in its database. The lawsuit seeks an unspecified amount of money damages on behalf of a nationwide class of copyright owners whose works OpenAI allegedly misused.

An anonymous reader quotes a report from TechCrunch: Two U.S. schools have confirmed that TIAA, a nonprofit organization that provides financial services for individuals in academic fields, has been caught up in the mass-hacks targeting MOVEit file transfer tools. Middlebury College in Vermont and Trinity College in Connecticut both released security notices confirming they experienced data breaches as a result of a security incident at the Teachers Insurance and Annuity Association of America, or TIAA. According to its website, TIAA serves mire than five million active and retired employees participating at more than 15,000 institutions and manages $1.3 trillion in assets in more than 50 countries.

Both of the security notices confirm that TIAA was affected by hackers' widespread exploitation of a flaw in MOVEit Transfer, an enterprise file transfer tool developed by Progress Software. The mass-hack has so far claimed more than 160 victims, according to Emsisoft threat analyst Brett Callow, including the U.S. Department of Health and Human Services (HHS) and Siemens Energy. Only 12 of these victims have confirmed the number of people affected, which already adds up to more than 16 million individuals.

While TIAA notified affected schools of its security incident, the organization has yet to publicly acknowledge the incident. In response to a Twitter user questioning the organization's silence, TIAA responded saying that its offices were closed. It's not yet known how many organizations have been impacted as a result of the cyberattack on TIAA. TIAA has not yet been listed on the dark web leak site of the Russia-linked Clop ransomware gang, which has claimed responsibility for the ongoing MOVEit cyberattacks.

Data privacy laws in Colorado and Connecticut will go into effect Saturday. From a report: If companies haven't finished their compliance work to abide by the rules, they could face civil penalties of up to $20,000 per violation in some states. Colorado and Connecticut add to an increasingly complex patchwork of state data privacy laws. California paved the way in 2018 after passing the country's first state-level privacy bill, while Virginia followed this year.

The Colorado and Connecticut laws apply to entities that do business in those states, as well as businesses that process a certain amount of data about in-state customers. Under the new laws, residents of each state will have the right to request businesses delete their personal information, ask for a copy of the information businesses have collected about them, opt out of the sale of their personal data, and more. Both laws also require businesses to request opt-in permission from consumers before letting businesses process their sensitive information -- differing from the opt-out mechanism consumers have in California

The FTC has proposed a new rule banning numerous forms of fake reviews online, from outright fabricated ones to those that are sketchily repurposed or secretly manipulated. It may not totally rehabilitate the notoriously unreliable online review ecosystem, but it could help make things a bit more bearable. From a report: This rule has been a long time in the making, which is par for the course at any federal regulator. The FTC's first case of this type was in 2019, against a merchant that was making misleading claims and paying for fake reviews. Before that, it had taken on "influencer marketing" where a person didn't disclose that they were being paid to promote a product. Now the agency is ready to take comprehensive action with rules they first previewed last October and have now put in near-final form. The proposed rule is the result of much research and of consultation with businesses, consumers, and even advertising trade organizations that predictably advised the FTC not to bother cracking down on this lucrative business.

A top adviser to Anthony Fauci at the National Institutes of Health admitted that he used a personal email account in an apparent effort to evade the strictures of the Freedom of Information Act, according to records obtained by congressional investigators probing the origin of Covid-19. The official also expressed his intention to delete emails in order to avoid media scrutiny. The Intercept: "As you know, I try to always communicate on gmail because my NIH email is FOIA'd constantly," wrote David M. Morens, a high-ranking NIH official, in a September 2021 email, one of a series of email exchanges that included many leading scientists involved in the bitter Covid origins debate. "Stuff sent to my gmail gets to my phone," he added, "but not my NIH computer." After noting that his Gmail account had been hacked, however, he wrote to the group to say that he might have to use his NIH email account to communicate with them instead. "Don't worry," he wrote, "just send to any of my addresses, and I will delete anything I don't want to see in the New York Times."

RSS Advisory Board: This month marks the 20th anniversary of the effort that became the Atom feed format. It all began on June 16, 2003, with a blog post from Apache Software Foundation contributor Sam Ruby asking for feedback about what constitutes a well-formed blog entry. The development of RSS 2.0 had been an unplanned hopscotch from a small group at Netscape to a smaller one at UserLand Software, but Atom was a barn raising. Hundreds of software developers, web publishers and technologists gathered for a discussion in the abstract that led to a concrete effort to build a well-specified syndication format and associated publishing API that could become Internet standards. Work was done on a project wiki that grew to over 1,500 pages. Everything was up for a vote, including a plebiscite on choosing a name that ballooned into a four-month-long bikeshed discussion in which Pie, Echo, Wingnut, Feedcast, Phaistos and several dozen alternatives finally, mercifully, miraculously lost out to Atom.

The road map of the Atom wiki lists the people, companies and projects that jumped at the chance to create a new format for feeds. XML specification co-author Tim Bray wrote: "The time to write it all down and standardize it is not when you're first struggling to invent the technology. We now have aggregators and publishing systems and search engines and you-name-it, and I think the community collectively understands pretty well what you need, what you don't need, and what a good syntax looks like. So, now's the time."