Ford's fuel-economy figures for the 2013-2014 C-Max hybrids "were not based in reality" says Iowa's attorney general.

And now the Ford Motor Company "will pay $19.2 million to a consortium of 40 states and Washington,D.C.," writes Consumer Reports (which also covers additional false advertising about the payload capacity of its Super Duty pickup trucks). In these two cases, Ford exaggerated numbers for an advantage in competitive segments. And it was caught....

Ford ran a series of ads that claimed the C-Max provided better fuel economy than the Toyota Prius. The 2013 C-Max was originally rated at 47 mpg in city and highway driving, and 47 mpg overall. The claim was that it delivered 47 mpg in every situation. Back on Dec. 6, 2012, Consumer Reports wrote... "After running both vehicles through our real-world tests, we have gotten very good results. But they are far below Ford's ambitious triple-47 figures." We got 37 mpg overall in our tests. That's close to what owners reported on the Environmental Protection Agency's fueleconomy.gov, at 39 mpg.... In our tests, the Toyota Prius at the time got 44 mpg overall, far more than the C-Max.
Iowa's attorney general notes that "In 2013, Ford admitted that its initial fuel economy rating for the C-Max hybrid was likely overstated. The carmaker announced at the time that it would make a 'goodwill payment' of $550 to consumers who purchased a 2013 C-Max hybrid and $325 to those who leased the vehicle, according to Edmunds."

Consumer Reports adds: It then made hardware updates for new models, including a higher final gear ratio, lower-viscosity motor oil, and aerodynamic improvements, including a rear spoiler, new hood seals, and air deflectors in front of the tires, and a higher speed threshold for the electric drive. The new mpg figures were 39 mpg combined for 2014 through 2016 (41 city, 36 highway)...

This case underscores why Consumer Reports goes to great lengths to test the fuel economy of every nonelectric car we purchase. It provides realistic, objective, independent information for car shoppers and helps keep the auto industry honest.
Consumer Reports also quotes Ford's statement on their false advertising. "We are pleased that the matter is closed without any judicial finding of improper conduct."

"We worked with the states to resolve their concerns."

"Researchers at Trend Micro have discovered some new Linux-based ransomware that's being used to attack VMware ESXi servers," reports CSO Online. (They describe the ESXi servers as "a bare-metal hypervisor for creating and running several virtual machines that share the same hard drive storage.") Called Cheerscrypt, the bad app is following in the footsteps of other ransomware programs — such as LockBit, Hive and RansomEXX — that have found ESXi an efficient way to infect many computers at once with malicious payloads.

Roger Grimes, a defense evangelist with security awareness training provider KnowBe4, explains that most of the world's organizations operate using VMware virtual machines. "It makes the job of ransomware attackers far easier because they can encrypt one server — the VMware server — and then encrypt every guest VM it contains. One compromise and encryption command can easily encrypt dozens to hundreds of other virtually run computers all at once."

"Most VM shops use some sort of VM backup product to back up all guest servers, so finding and deleting or corrupting one backup repository kills the backup image for all the hosted guest servers all at once," Grimes adds....

The gang behind Cheerscrypt uses a "double extortion" technique to extract money from its targets, the researchers explain. "Security Alert!!!" the attackers' ransom message declares. "We hacked your company successfully. All files have been stolen and encrypted by us. If you want to restore your files or avoid file leaks, please contact us."

"Russia is advancing a new law allowing it to take control of the local businesses of western companies that decide to leave in the wake of Moscow's invasion of Ukraine," reports Reuters, "raising the stakes for multinationals trying to exit." The law, which could be in place within weeks, will give Russia sweeping powers to intervene where there is a threat to local jobs or industry, making it more difficult for western companies to disentangle themselves quickly unless they are prepared to take a big financial hit. The law to seize the property of foreign investors follows an exodus of western companies, such as Starbucks, McDonald's and brewer AB InBev, and increases pressure on those still there.

It comes as the Russian economy, increasingly cut-off due to western sanctions, plunges into recession amid double-digit inflation.... The bill paves the way for Russia to appoint administrators over companies owned by foreigners in "unfriendly" countries, who want to quit Russia as the conflict with Ukraine drags down its economy. Moscow typically refers to countries as "unfriendly" if they have imposed economic sanctions on Russia, meaning any firms in the European Union or United States are at risk.

The European Commission proposed toughening its own stance on Wednesday to make breaking EU sanctions against Russia a crime, allowing EU governments to confiscate assets of companies and individuals that evade restrictions against Moscow.
Thanks to long-time Slashdot reader schwit1 for submitting the story.

An international investigation uncovered some disturbing results, reports the Washington Post. "Millions of children had their online behaviors and personal information tracked by the apps and websites they used for school during the pandemic..." The educational tools were recommended by school districts and offered interactive math and reading lessons to children as young as prekindergarten. But many of them also collected students' information and shared it with marketers and data brokers, who could then build data profiles used to target the children with ads that follow them around the Web.

Those findings come from the most comprehensive study to date on the technology that children and parents relied on for nearly two years as basic education shifted from schools to homes. Researchers with the advocacy group Human Rights Watch analyzed 164 educational apps and websites used in 49 countries, and they shared their findings with The Washington Post and 12 other news organizations around the world.... What the researchers found was alarming: nearly 90 percent of the educational tools were designed to send the information they collected to ad-technology companies, which could use it to estimate students' interests and predict what they might want to buy.

Researchers found that the tools sent information to nearly 200 ad-tech companies, but that few of the programs disclosed to parents how the companies would use it. Some apps hinted at the monitoring in technical terms in their privacy policies, the researchers said, while many others made no mention at all. The websites, the researchers said, shared users' data with online ad giants including Facebook and Google. They also requested access to students' cameras, contacts or locations, even when it seemed unnecessary to their schoolwork. Some recorded students' keystrokes, even before they hit "submit."

The "dizzying scale" of the tracking, the researchers said, showed how the financial incentives of the data economy had exposed even the youngest Internet users to "inescapable" privacy risks — even as the companies benefited from a major revenue stream.

In 2018, Engadget described Cydia as the maker of an app store for jailbroken iPhones that shut down claiming it just wasn't profitable (after operating for nearly a decade).

But now Cydia has filed an antitrust case against Apple, Engadget reports: On Thursday, Judge Yvonne Gonzalez Rogers, the same judge that oversaw the case between Apple and Epic Games, ruled Cydia's creator, Jay "Saurik" Freeman, could present his claim against the company after rejecting a bid by Apple to dismiss the complaint. [According to a paywalled article from Reuters.]

Freeman first sued Apple at the end of 2020, alleging the company had an "illegal monopoly over iOS app distribution." Judge Gonzalez Rogers dismissed Cydia's initial complaint against Apple, ruling the suit fell outside the statute of limitations. But she also granted Freeman leave to amend his case, which is what he did. In its latest complaint, Cydia argues that iOS updates Apple released between 2018 and 2021 constituted "overt" acts that harmed distributors like itself. That's a claim Judge Gonzalez Rogers found credible enough to explore.

RED filed a lawsuit yesterday suing (PDF) Nikon for infringing on its video compression patents. PetaPixel reports: The lawsuit was filed in a southern California federal court today and asserts that the Japanese camera manufacturer and its United States subsidiaries have illegally infringed on seven patents that deal specifically with "a video camera that can be configured to highly compress video data in a visually lossless manner."

In the filing, RED notes a type of compression that it says it has patented and is in use by Nikon in the Z9: "The camera can be configured to transform blue and red image data in a manner that enhances the compressibility of the data. The data can then be compressed and stored in this form. This allows a user to reconstruct the red and blue data to obtain the original raw data for a modified version of the original raw data that is visually lossless when demosaiced. Additionally, the data can be processed so the green image elements are demosaiced first, and then the red and blue elements are reconstructed based on values of the demosaiced green image elements."

This compression comes thanks to a partnership with intoPIX's TicoRAW which was announced last December. [...] The TicoRAW feature has been in the news for months, but RED was likely waiting for it to be implemented into a competitor's camera before filing a lawsuit. RED's lawsuit says Nikon's infringement on its patent was "willful" and claims Nikon would have known about RED's patents. [...] RED then cites multiple lawsuits it has filed against Kinefinity, Sony, and Nokia over the years. RED is seeking damages or royalties for the infringement as well as an injunction to ban Nikon from further infringing.

Meta Platforms built its industry-leading virtual reality headset by infringing Immersion's patents, the smaller company alleged in a lawsuit. From a report: The Meta Quest 2, which dominates the market, infringes six patents covering haptic technology, Immersion said in a complaint filed Thursday in federal court in Waco, Texas. In video game systems and controllers, haptics allow users to experience vibrations that mimic real-life forces -- such as blocking a punch in a virtual boxing game. Meta Chief Executive Officer Mark Zuckerberg has committed to spending $10 billion a year to bring to life his vision of a virtual reality-enabled metaverse. Sales of Meta Quest 2 hit 8.7 million units in 2021, twice as much as in the prior year, and the company owns 80% of the market.

In a new court filing, Epic Games challenges Apple's position that third-party app stores would compromise the iPhone's security. And it points to Apple's macOS as an example of how the process of "sideloading" apps -- installing apps outside of Apple's own App Store, that is -- doesn't have to be the threat Apple describes it to be. From a report: Apple's Mac, explains Epic, doesn't have the same constraints as found in the iPhone operating system, iOS, and yet Apple touts the operating system used in Mac computers, macOS, as secure. The Cary, N.C.-based Fortnite maker made these points in its latest brief, among several others, related to its ongoing legal battle with Apple over its control of the App Store. Epic Games wants to earn the right to deliver Fortnite to iPhone users outside the App Store, or at the very least, be able to use its own payment processing system so it can stop paying Apple commissions for the ability to deliver its software to iPhone users.

Twitter has agreed to pay a $150 million fine after federal law enforcement officials accused the social media company of illegally selling advertisements based on an improper use of personal data over six years. NPR reports: In court documents made public on Wednesday, the Federal Trade Commission and the Department of Justice say Twitter violated a 2011 agreement with regulators in which the company vowed to not use information gathered for security purposes, like users' phone numbers and email addresses, to help advertisers target people with ads. Federal investigators say Twitter broke that promise.

"As the complaint notes, Twitter obtained data from users on the pretext of harnessing it for security purposes but then ended up also using the data to target users with ads," said FTC Chair Lina Khan. Twitter requires users to provide a telephone number and email address to authenticate accounts. That information also helps people reset their passwords and unlock their accounts when the company blocks logging in due to suspicious activity. But until at least September 2019, Twitter was also using that information to boost its advertising business by allowing advertisers access to users' phone numbers and email addresses. That ran afoul of the agreement the company had with regulators. More than 140 million Twitter users provided this kind of personal information based on "Twitter's deceptive statements," according to federal prosecutors.

California could soon hold social media companies responsible for harming children who have become addicted to their products, permitting parents to sue platforms like Instagram and TikTok for up to $25,000 per violation under a bill that passed the state Assembly on Monday. The Associated Press reports: The bill defines "addiction" as kids under 18 who are both harmed -- either physically, mentally, emotionally, developmentally or materially -- and who want to stop or reduce how much time they spend on social media but they can't because they are preoccupied or obsessed with it. Business groups have warned that if the bill passes, social media companies would most likely cease operations for children in California rather than face the legal risk.

The proposal would only apply to social media companies that had at least $100 million in gross revenue in the past year, appearing to take aim at social media giants like Facebook and others that dominate the marketplace. It would not apply to streaming services like Netflix and Hulu or to companies that only offer email and text messaging services. [...] The bill gives social media companies two paths to escape liability in the courts. If the bill becomes law, it would take effect on Jan. 1. Companies that remove features deemed addictive to children by April 1 would not be responsible for damages. Also, companies that conduct regular audits of their practices to identify and remove features that could be addictive to children would be immune from lawsuits. "Monday's vote is a key -- but not final -- step for the legislation," adds the report. "The bill now heads to the state Senate, where it will undergo weeks of hearings and negotiations among lawmakers and advocates. But Monday's vote keeps the bill alive this year."

An anonymous reader quotes a report from Reuters: Clearview AI is expanding sales of its facial recognition software to companies from mainly serving the police, it told Reuters, inviting scrutiny on how the startup capitalizes on billions of photos it scrapes from social media profiles. [...] Clearview primarily helps police identify people through social media images, but that business is under threat due to regulatory investigations. The settlement with the American Civil Liberties Union bans Clearview from providing the social-media capability to corporate clients.

Instead of online photo comparisons, the new private-sector offering [called "Clearview Consent"] matches people to ID photos and other data that clients collect with subjects' permission. It is meant to verify identities for access to physical or digital spaces. Vaale, a Colombian app-based lending startup, said it was adopting Clearview to match selfies to user-uploaded ID photos. [...] Clearview AI CEO Hoan Ton-That said a U.S. company selling visitor management systems to schools had signed up as well. He said a customer's photo database is stored as long as they wish and not shared with others, nor used to train Clearview's AI. But the face-matching that Clearview is selling to companies was trained on social media photos. It said the diverse collection of public images reduces racial bias and other weaknesses that affect rival systems constrained by smaller datasets. The company outlined their path forward in a press release Wednesday.

"Today, FRT is used to unlock your phone, verify your identity, board an airplane, access a building, and even for payment," Clearview AI CEO Hoan Ton-That said in a statement. "Now, we are offering companies who use facial recognition as part of a consent-based workflow access to Clearview AI's superior, industry-leading FRT algorithm, bringing an increased level of security and protection to the marketplace."

He added: "Using facial recognition as a preventative measure means fewer crimes and fewer victims. Ultimately, Clearview Consent is all about making everyday consumers feel more secure in a world that is rife with crime and fraud."

An anonymous reader quotes a report from TorrentFreak: The ordeal of three people, who edited major movies down to 10 minutes and then uploaded those summaries to YouTube, is not over yet. After being arrested and found guilty in a criminal court last year, they now face action in the civil courts. A total of 13 companies including Toei, Kadokawa, Nikkatsu, and Fuji, say they are entitled to at least $3.9 million in copyright damages. [...] Clear indications of how seriously the anti-piracy groups and media companies are taking this action were on display after the lawsuit was filed last week. A press conference was held in Tokyo with a representative of CODA and three attorneys present to answer questions on the case.

Those present, including CODA director Takero Goto, highlighted that the three defendants committed criminal acts when they uploaded the movie edits and then profited from advertising revenue. The civil action aims to underline those convictions with a strong message that rightsholders will not allow people to free-ride on creators' content without facing significant financial consequences. The overall message is one of deterrence coupled with the reaffirmation of copyright law, Goto said.

An anonymous reader quotes a report from The Guardian: Dutch police have received dozens of leads after using deepfake technology to virtually bring to life a teenager almost two decades after his murder. Sedar Soares was shot dead in 2003 while throwing snowballs with friends in the parking lot of a Rotterdam metro station. The 13-year-old's murder baffled police for years. Now, with the permission of Sedar's family, they have made a video in which the teen asks the public to help solve the cold-case crime.

In what Dutch police believe could be a world first, an eerily lifelike image of Sedar appears in the video as he greets the camera and picks up a football. Accompanied by stirring music, he walks through a guard of honor on the field, comprising his relatives, former teachers and friends. "Somebody must know who murdered my darling brother. That's why he has been brought back to life for this film," a voice says, before Sedar stops and drops his ball. "Do you know more? Then speak," Sedar and his relatives and friends say, before his image disappears from the field and the video gives the police contact details. Dutch police have posted the deepfake video on YouTube. You can also watch the making of the video in the documentary "Speak! Now!"

DuckDuckGo isn't as private as you thought. "Due to a confidential search agreement, the DuckDuckGo browser does not block all Microsoft trackers," reports Review Geek. "What's worse, DuckDuckGo only acknowledged this 'privacy hole' after it was discovered by a security researcher." From the report: Security researcher @thezedwards found that the mobile DuckDuckGo browser does not block Microsoft trackers on third-party websites, such as the Facebook-owned Workplace.com. Gabriel Weinberg, the CEO of DuckDuckGo, is now running damage control on Twitter. He explains that Microsoft cannot see what you search in DuckDuckGo, and the DuckDuckGo browser blocks all Microsoft cookies. But if you visit a website that contains Microsoft's trackers, then your data is exposed to services like Bing and LinkedIn. This is the result of DuckDuckGo's "search syndication agreement" with Microsoft. In order to pull search information from Bing, the privacy experts at DuckDuckGo have to poke holes in their browser's security system.

While DuckDuckGo has a solid privacy policy when it comes to Microsoft's ads, it hasn't explained how Microsoft uses data from third-party trackers. And that's quite alarming. Maybe this situation is overblown, or maybe Microsoft can build targeted ad profiles based on your web activity in DuckDuckGo -- we don't know because DuckDuckGo signed a confidentiality agreement. Gabriel Weinberg says that DuckDuckGo is "working tirelessly behind the scenes" to improve its deal with Microsoft. Additionally, he expects DuckDuckGo to "include more third-party Microsoft protection" in a future update.

An anonymous reader shares a report: Last month, Apple launched its Self-Service Repair program, letting US customers fix broken screens, batteries, and cameras on the latest iPhones using Apple's own parts and tools for the first time ever. I couldn't wait. I'd never successfully repaired a phone. This time, armed with an official repair manual and genuine parts, I'd make it right. That Apple would even let me buy those parts, much less read its manuals and rent its tools, is a major change of pace for the company. For years, Apple has been lobbying to suppress right-to-repair policies around the country, with the company accused of doing everything it can to keep customers from repairing their own phones. It's easy to see this as a huge moment for DIY advocates. But having tried the repair process, I actually can't recommend it at all -- and I have a sneaking suspicion that Apple likes it that way.

The thing you should understand about Apple's home repair process is that it's a far cry from traditional DIY if you opt for the kit -- which I did, once I saw the repair manual only contains instructions for Apple's own tools. (You can just buy a battery if you want.) I expected Apple would send me a small box of screwdrivers, spudgers, and pliers; I own a mini iPhone, after all. Instead, I found two giant Pelican cases -- 79 pounds of tools -- on my front porch. I couldn't believe just how big and heavy they were considering Apple's paying to ship them both ways. I lugged those cases onto a BART train to San Francisco and dragged them down the streets to our office. Then, I set everything out on a table and got started.

An anonymous reader quotes a report from ABC News: Washington, D.C., Attorney General Karl Racine has sued Meta CEO Mark Zuckerberg for allegedly failing to protect consumer data following the Cambridge Analytica data leak. "The evidence shows Mr. Zuckerberg was personally involved in Facebook's failure to protect the privacy and data of its users leading directly to the Cambridge Analytica incident," Racine said in a statement about the lawsuit released Monday. "This unprecedented security breach exposed tens of millions of Americans' personal information, and Mr. Zuckerberg's policies enabled a multi-year effort to mislead users about the extent of Facebook's wrongful conduct." He added, "This lawsuit is not only warranted, but necessary, and sends a message that corporate leaders, including CEOs, will be held accountable for their actions."

The lawsuit alleges that Zuckerberg was "responsible for" and "had the clear ability" to control Facebook operations and enabled Cambridge Analytica to use consumer data. The lawsuit alleges that third-party firms like Cambridge Analytica got data from 87 million Americans and half of District of Columbia residents. Racine filed a lawsuit against Facebook in December 2018 for the data leak and is bringing this suit following evidence found during that litigation, according to the attorney general. In March, a judge ruled against an effort by Racine to add Zuckerberg as a defendant in the ongoing 2018 case. [...] The lawsuit filed by Racine takes issue with what it appears to consider a central business objective of Facebook. The suit accuses the company of aiming "to convince people to reveal the most granular details of who they are to Facebook -- their religions, their work histories, their likes -- so that it can be monetized, and Zuckerberg and his company can continue to grow even wealthier." On multiple occasions, the lawsuit notes that the company pursued its policies "at Zuckerberg's direction."

A Florida law intended to punish social media platforms like Facebook and Twitter is an unconstitutional violation of the First Amendment, a federal appeals court ruled Monday, dealing a major victory to companies who had been accused by GOP Gov. Ron DeSantis of discriminating against conservative thought. Associated Press: A three-judge panel of the Atlanta-based 11th U.S. Circuit Court of Appeals unanimously concluded that it was overreach for DeSantis and the Republican-led Florida Legislature to tell the social media companies how to conduct their work under the Constitution's free speech guarantee.

"Put simply, with minor exceptions, the government can't tell a private person or entity what to say or how to say it," said Circuit Judge Kevin Newsom, an appointee of former President Donald Trump, in the opinion. "We hold that it is substantially likely that social media companies -- even the biggest ones -- are private actors whose rights the First Amendment protects." The ruling upholds a similar decision by a Florida federal district judge on the law, which was signed by DeSantis in 2021. It was part of an overall conservative effort to portray social media companies as generally liberal in outlook and hostile to ideas outside of that viewpoint, especially from the political right.

If you'd like to deter "digital voyeurs," Popular Science points out that you can ask the map apps from Google, Apple, and Microsoft "to draw a veil of privacy across your property.

"You'd be in good company too: Apple CEO Tim Cook had his home blurred from mapping apps after issues with a stalker." There is something to bear in mind before you do this, though: you may not be able to reverse the process. The blur could be there for good. This is the case for Google Maps, and while Apple and Microsoft don't specify whether blurs on their services are permanent, they may follow the same protocol or decide to do so in the future.
The case for blurring? "Having strangers from all over the world stare at your home isn't necessarily something you want to happen — but it can be done in seconds on the mapping apps we all carry around on our phones." ("Stop people from peering at your place," suggests the article's subtitle.)

But is there also a case against demanding platforms blur what's essentially just the exterior of a building? Where's the boundary where we're honoring the wishes of the privacy-conscious — and does the public ever have a right to see? Share your own thoughts in the comments.

And would you blur your house on every map app?

(Thanks to long-time Slashdot reader schwit1 for sharing the article...)

This week New York's attorney general announced they're officially "launching investigations into the social media companies that the Buffalo shooter used to plan, promote, and stream his terror attack." Slashdot reader echo123 points out that Discord confirmed that roughly 30 minutes before the attack a "small group" was invited to join the shooter's server. "None of the people he invited to review his writings appeared to have alerted law enforcement," reports the New York Times., "and the massacre played out much as envisioned."

But meanwhile, another Times article tells a tangentially-related story from 2019 about what ultimately happened to "a partial recording of a livestream by a gunman while he murdered 51 people that day at two mosques in Christchurch, New Zealand." For more than three years, the video has remained undisturbed on Facebook, cropped to a square and slowed down in parts. About three-quarters of the way through the video, text pops up urging the audience to "Share THIS...." Online writings apparently connected to the 18-year-old man accused of killing 10 people at a Buffalo, New York, grocery store Saturday said that he drew inspiration for a livestreamed attack from the Christchurch shooting. The clip on Facebook — one of dozens that are online, even after years of work to remove them — may have been part of the reason that the Christchurch gunman's tactics were so easy to emulate.

In a search spanning 24 hours this week, The New York Times identified more than 50 clips and online links with the Christchurch gunman's 2019 footage. They were on at least nine platforms and websites, including Reddit, Twitter, Telegram, 4chan and the video site Rumble, according to the Times' review. Three of the videos had been uploaded to Facebook as far back as the day of the killings, according to the Tech Transparency Project, an industry watchdog group, while others were posted as recently as this week. The clips and links were not difficult to find, even though Facebook, Twitter and other platforms pledged in 2019 to eradicate the footage, pushed partly by public outrage over the incident and by world governments. In the aftermath, tech companies and governments banded together, forming coalitions to crack down on terrorist and violent extremist content online. Yet even as Facebook expunged 4.5 million pieces of content related to the Christchurch attack within six months of the killings, what the Times found this week shows that a mass killer's video has an enduring — and potentially everlasting — afterlife on the internet.

"It is clear some progress has been made since Christchurch, but we also live in a kind of world where these videos will never be scrubbed completely from the internet," said Brian Fishman, a former director of counterterrorism at Facebook who helped lead the effort to identify and remove the Christchurch videos from the site in 2019....

Facebook, which is owned by Meta, said that for every 10,000 views of content on the platform, only an estimated five were of terrorism-related material. Rumble and Reddit said the Christchurch videos violated their rules and they were continuing to remove them. Twitter, 4chan and Telegram did not respond to requests for comment
For what it's worth, this week CNN also republished an email they'd received in 2016 from 4chan's current owner, Hiroyuki Nishimura. The gist of the email? "If I liked censorship, I would have already done that."

But Slashdot reader Bruce66423 also shares an interesting observation from The Guardian's senior tech reporter about the major tech platforms. "According to Hany Farid, a professor of computer science at UC Berkeley, there is a tech solution to this uniquely tech problem. Tech companies just aren't financially motivated to invest resources into developing it." Farid's work includes research into robust hashing, a tool that creates a fingerprint for videos that allows platforms to find them and their copies as soon as they are uploaded...

Farid: It's not as hard a problem as the technology sector will have you believe... The core technology to stop redistribution is called "hashing" or "robust hashing" or "perceptual hashing". The basic idea is quite simple: you have a piece of content that is not allowed on your service either because it violated terms of service, it's illegal or for whatever reason, you reach into that content, and extract a digital signature, or a hash as it's called.... That's actually pretty easy to do. We've been able to do this for a long time. The second part is that the signature should be stable even if the content is being modified, when somebody changes say the size or the color or adds text. The last thing is you should be able to extract and compare signatures very quickly.

So if we had a technology that satisfied all of those criteria, Twitch would say, we've identified a terror attack that's being live-streamed. We're going to grab that video. We're going to extract the hash and we are going to share it with the industry. And then every time a video is uploaded with the hash, the signature is compared against this database, which is being updated almost instantaneously. And then you stop the redistribution.

It's a problem of collaboration across the industry and it's a problem of the underlying technology. And if this was the first time it happened, I'd understand. But this is not, this is not the 10th time. It's not the 20th time. I want to emphasize: no technology's going to be perfect. It's battling an inherently adversarial system. But this is not a few things slipping through the cracks.... This is a complete catastrophic failure to contain this material. And in my opinion, as it was with New Zealand and as it was the one before then, it is inexcusable from a technological standpoint.
"These are now trillion-dollar companies we are talking about collectively," Farid points out later. "How is it that their hashing technology is so bad?

Last week America's Justice Department "launched its first criminal prosecution involving the alleged use of cryptocurrency to evade U.S. economic sanctions," reports the Washington Post. They cite a nine-page opinion from a federal judge approving the government's criminal complaint against an American "accused of transmitting more than $10 million worth of bitcoin to a virtual currency exchange in one of a handful of countries comprehensively sanctioned by the U.S. government: Cuba, Iran, North Korea, Syria or Russia.

"In the ruling, the judge called cryptocurrency's reputation for providing anonymity to users a myth." He added that while some legal experts argue that virtual moneys such as bitcoin, ethereum or Tether are not subject to U.S. sanctions laws because they are created and move outside the traditional financial system, recent action taken by the Treasury Department's Office of Foreign Assets Control [OFAC] require federal courts to find otherwise.

"Issue One: virtual currency is untraceable? WRONG ... Issue Two: sanctions do not apply to virtual currency? WRONG," Faruqui wrote...

"The Department of Justice can and will criminally prosecute individuals and entities for failure to comply with OFAC's regulations, including as to virtual currency," Faruqui said. In the opinion, Faruqui wrote that he adopted guidance issued in October by OFAC, which stated that sanctions regulations apply equally to transactions involving virtual currencies as those involving the U.S. dollar or other traditional fiat currencies.

Ari Redbord, who served in 2019 and 2020 as a senior adviser to the Treasury Department's undersecretary for terrorism and financial intelligence, called the case the first U.S. criminal prosecution targeting solely the use of cryptocurrency in a sanctions case. He said the ruling made clear such conduct is traceable and "immutable — in other words, transactions using cryptocurrency are forever.... What we are seeing is that the Department of Justice is going to actively go after actors that attempt to use cryptocurrency, but also that it is hard to use cryptocurrency to evade sanctions," Redbord said. "It shows, in many respects, cryptocurrency is not a good tool for sanctions evasion or money laundering."
In this case, The Register reports, "An unnamed American citizen allegedly used a US-based IP address to run an online payments platform" in a sanctioned country. The service advertised itself as being "designed to evade US sanctions" and claimed its transactions were untraceable, it was alleged. We're told the defendant bought and sold Bitcoin using a US-based online currency exchange using fiat currency from a US bank account.
The Post argues that this prosecution represents "a new U.S. criminal sanctions enforcement push targeting cryptocurrency transactions at a time of rising concern over the extent to which illicit actors can use or are using such methods to launder money or do business with countries the United States has cut off from the dollar..."