The United States has extradited a man it accuses of working for Anom, a company that sold encrypted phones to criminals but which was secretly backdoored by the FBI to spy on the communications of organized crime around the globe. Aurangzeb Ayub quietly arrived in the U.S. last month, according to court records reviewed by Motherboard. From the report: Ayub is the first of 17 alleged Anom workers to be extradited since Motherboard reported on the operation, known as Trojan Shield, and the FBI and its law enforcement partners held press conferences on its success in June. While authorities have arrested and prosecuted users of the Anom devices, Ayub's extradition is some judicial movement regarding those who allegedly sold phones for Anom, some of whom the U.S. Department of Justice has also charged. "Ayub is charged with 16 other co-defendants; he is the first defendant to appear on the Indictment and was extradited from the Netherlands to the United States," a court document filed on Tuesday reads. He first appeared in the Southern District of California on March 21, the document adds.

The Department of Justice and Ayub's defense team have already discussed the production of discovery, which includes all of Ayub's communications on the Anom platform, according to court records. That material contains around 3,500 communications and about 14GB of data, the court records add. By last Friday, the government was expected to turn over these messages to Ayub's defense team, the document reads. The court record adds that the Department of Justice anticipates that it will turn over more material in May, which will contain recorded conversations between an FBI confidential human source (CHS) and Ayub, a technical report about the Anom platform, and other reports. [...] Ayub is charged under RICO, a law traditionally used to prosecute mob bosses. Since 2018 when the FBI started shutting down encrypted phone companies initially with Phantom Secure, the Department of Justice has leveled similar charges against the administrators and sellers for such companies.

Chainalysis is a software for tracing cryptocurrency, "to turn the digital underworld's preferred means of exchange into its Achilles' heel," writes Wired.

This week they describe what happened when that company's co-founder discovered that for two yeras, hundreds of users of a child pornography-trading site — and its administrators — "had done almost nothing to obscure their cryptocurrency trails..." and "seemed to be wholly unprepared for the modern state of financial forensics on the blockchain." Over the previous few years, [Internal Revenue Service criminal investigator Chris] Janczewski, his partner Tigran Gambaryan, and a small group of investigators at a growing roster of three-letter American agencies had used this newfound technique, tracing a cryptocurrency that once seemed untraceable, to crack one criminal case after another on an unprecedented, epic scale. But those methods had never led them to a case quite like this one, in which the fate of so many people, victims and perpetrators alike, seemed to hang on the findings of this novel form of forensics.... Janczewski thought again of the investigative method that had brought them there like a digital divining rod, revealing a hidden layer of illicit connections underlying the visible world....

When Bitcoin first appeared in 2008, one fundamental promise of the cryptocurrency was that it revealed only which coins reside at which Bitcoin addresses — long, unique strings of letters and numbers — without any identifying information about those coins' owners. This layer of obfuscation created the impression among many early adherents that Bitcoin might be the fully anonymous internet cash long awaited by libertarian cypherpunks and crypto-anarchists: a new financial netherworld where digital briefcases full of unmarked bills could change hands across the globe in an instant. Satoshi Nakamoto, the mysterious inventor of Bitcoin, had gone so far as to write that "participants can be anonymous" in an early email describing the cryptocurrency. And thousands of users of dark-web black markets like Silk Road had embraced Bitcoin as their central payment mechanism.

But the counterintuitive truth about Bitcoin, the one upon which Chainalysis had built its business, was this: Every Bitcoin payment is captured in its blockchain, a permanent, unchangeable, and entirely public record of every transaction in the Bitcoin network. The blockchain ensures that coins can't be forged or spent more than once. But it does so by making everyone in the Bitcoin economy a witness to every transaction. Every criminal payment is, in some sense, a smoking gun in broad daylight. Within a few years of Bitcoin's arrival, academic security researchers — and then companies like Chainalysis — began to tear gaping holes in the masks separating Bitcoin users' addresses and their real-world identities.
The article describes some investigative techniques — like pressuring exchanges for identities, tying a transaction to a known identity, or even performing an undercover transaction themselves. "Thanks to tricks like these, Bitcoin had turned out to be practically the opposite of untraceable: a kind of honeypot for crypto criminals that had, for years, dutifully and unerasably recorded evidence of their dirty deals.

"By 2017, agencies like the FBI, the Drug Enforcement Agency, and the IRS's Criminal Investigation division had traced Bitcoin transactions to carry out one investigative coup after another, very often with the help of Chainalysis.

"The cases had started small and then gained a furious momentum...."

Thanks to long-time Slashdot reader Z00L00K for sharing the article.

The U.S. government recently gave California approval to release millions of genetically engineered mosquitoes bred by British biotech company Oxitec, reports the Los Angeles Times: Oxitec, a private company, says its genetically modified bugs could help save half the world's population from the invasive Aedes aegypti mosquito, which can spread diseases such as yellow fever, chikungunya and dengue to humans. Female offspring produced by these modified insects will die, according to Oxitec's plan, causing the population to collapse. "Precise. Environmentally sustainable. Non-toxic," the company says on its website of its product trademarked as the "Friendly" mosquito.

Scientists independent from the company and critical of the proposal say not so fast. They say unleashing the experimental creatures into nature has risks that haven't yet been fully studied, including possible harm to other species or unexpectedly making the local mosquito population harder to control....

Nathan Rose, Oxitec's head of regulatory affairs, noted that the company found its mosquito reduced the population in a Brazilian neighborhood by 95% in just 13 weeks. So far, Oxitec has released little of its data from that experiment or from a more recent release in the Florida Keys. It hasn't yet published any of those results in a peer-reviewed scientific journal — publications that scientists expect when evaluating a new drug or technology....

Among scientists' concerns is that releasing the genetically modified mosquitoes into neighborhoods could create hybrids that are hardier and more dangerous to humans than the state's current population.... An EPA spokesperson said regulators expected that mosquitoes with the corporate genes "would disappear from the environment within 10 generations of mosquitoes because they are not able to reproduce as successfully as local populations." To prove this, the agency has required Oxitec to monitor neighborhoods for mosquitoes that have DNA from its engineered insects until none have been found for at least 10 consecutive weeks.
One bioethicist at Harvard Medical School told the Times that California has never had a case where this breed of mosquitos had actually transmitted disease, and argued that America's Environmental Protection Agency was "not a modern enough regulatory structure for a very modern and complicated technology."

After the U.S. government's approval, the genetically-engineered mosquitors still face several more months of scientific evaluation from California's Department of Pesticide Regulation.

Thanks to long-time Slashdot reader schwit1 for sharing the link

The International Monetary Fund "has indicated it will not give El Salvador a much-needed loan unless it drops bitcoin" as one of the country's legal tenders, reports the Los Angeles Times. And meanwhile the "bitcoin bond" proposed by El Salvador has been "delayed indefinitely."

But the government has taken other actions:
After a dramatic spike in killings here over a single weekend last month, Salvadoran President Nayib Bukele's reaction was swift — and extreme. He sent soldiers into poor neighborhoods to round up thousands of people who he claimed were gang members, then paraded them in front of news cameras in their underwear and handcuffs.

He tweeted pictures of detainees who had been bruised and bloodied by security forces, suggesting they "maybe fell" or "were eating fries with ketchup." And he started feeding the nation's prisoners two meals a day instead of three, warning that if violence continued, "I swear to God that they won't eat a single grain of rice."

It is a distinct look for Bukele, who has been focused in recent months on presenting himself to the world as a modern tech innovator on a quest to turn El Salvador into a cryptocurrency paradise. Not only is Bukele now embracing the mano duro techniques of past Latin American leaders, he is going much further, using the homicide spree — which left 87 people dead in three days — as a pretext for suspending civil liberties and attacking the press.

In recent days, Bukele and his loyalists in the Legislative Assembly ordered a state of emergency that restricts freedom of association, suspends the norm that detainees be informed of their rights at the moment of arrest and denies prisoners access to lawyers....

That Bukele would use the spate of homicides as a pretext to further consolidate power is no surprise to many of his critics, who believe he may be preparing to stay in office past 2024, when he is supposed to step down, even though El Salvador's constitution bans consecutive presidential terms.

But they also say that there may be another motive for his new tough-on-crime stance: diverting attention from the deepening failure of his cryptocurrency experiment.

"According to a new International Money Fund (IMF) report, cryptocurrency is much more popular in countries with insecure currencies and corrupt governments..." reports The Street, adding that the report concludes "the best way forward is not fight, but to learn how to better regulate cryptocurrency." The IMF surveyed more than 110,000 respondents in over 55 countries, polling between 2,000 and 12,000 people in each country, about their cryptocurrency use.... "Crypto usage is empirically associated with higher perceived corruption and more intensive capital controls," the study's authors write. "[...] This evidence adds to the case for regulating crypto usage — for example, by requiring intermediaries to implement know-your-customer procedures."
Bloomberg adds: The report shows why countries might want to require intermediaries, such as digital currency exchanges, to implement know-your-customer procedures — ID verification standards that are designed to prevent fraud, money laundering and terrorism financing, the organization said. Some countries, like the U.S., have already instituted those kinds of controls.

Nations around the world are struggling over the best way to regulate the $2 trillion crypto market, with the level of oversight varying greatly from one country to another. The findings suggest that crypto assets "may be used to transfer corruption proceeds or circumvent capital controls," the organization said, without singling out individual countries.

A new article on the Verge argues that the era of fixing your own phone "has nearly arrived." When I called up iFixit CEO Kyle Wiens, I figured he'd be celebrating — after years of fighting for right-to-repair, big name companies like Google and Samsung have suddenly agreed to provide spare parts for their phones. Not only that, they signed deals with him to sell those parts through iFixit, alongside the company's repair guides and tools. So did Valve.

But Wiens says he's not done making deals yet. "There are more coming," he says, one as soon as a couple of months from now. (No, it's not Apple.) Motorola was actually the first to sign on nearly four years ago. And if Apple meaningfully joins them in offering spare parts to consumers — like it promised to do by early 2022 — the era of fixing your own phone may be underway. Last October, the United States effectively made it legal to open up many devices for the purpose of repair with an exemption to the Digital Millennium Copyright Act. Now, the necessary parts are arriving.

What changed? Weren't these companies fighting tooth and nail to keep right-for-repair off the table, sometimes sneakily stopping bills at the last minute? Sure. But some legislation is getting through anyhow... and one French law in particular might have been the tipping point.

"The thing that's changing the game more than anything else is the French repairability scorecard," says Wiens, referring to a 2021 law that requires tech companies to reveal how repairable their phones are — on a scale of 0.0 to 10.0 — right next to their pricetag. Even Apple was forced to add repairability scores — but Wiens points me to this press release by Samsung instead. When Samsung commissioned a study to check whether the French repairability scores were meaningful, it didn't just find the scorecards were handy — it found a staggering 80 percent of respondents would be willing to give up their favorite brand for a product that scored higher.

"There have been extensive studies done on the scorecard and it's working," says Wiens. "It's driving behavior, it's shifting consumer buying patterns." Stick, meet carrot. Seeing an opportunity, Wiens suggests, pushed these companies to take up iFixit on the deal.

Nathan Proctor, director of the Campaign for the Right to Repair at the US Public Interest Research Group (US PIRG), still thinks the stick is primarily to thank. "It feels cheeky to say 100 percent... but none of this happens unless there's a threat of legislation... These companies have known these were issues for a long time, and until we organized enough clout for it to start seeming inevitable, none of the big ones had particularly good repair programs and now they're all announcing them," Proctor notes.

Decentralized finance (DeFi) firm Truflation is building a new gauge to track inflation independent from the government and in real-time. CoinDesk reports: Think of it as a competitor to the Consumer Price Index (CPI), and one where officials can't move the goalposts. "The framework that [the government] is using is a hundred years old ... and they have continuously tried to evolve that versus taking a fresh approach in an age where we've got everything computerized," Truflation founder Stefan Rust told CoinDesk in an interview. The team started building Truflation after former Coinbase (COIN) Chief Technology Officer Balaji Srinivasan challenged Web 3 developers to build a censorship-resistant inflation feed, claiming that "the centralized state isn't going to provide reliable inflation stats," and promising an investment of $100,000. On Friday it was announced that Truflation won the challenge.

The key difference between the CPI and the Truflation index is that while the government uses survey data to measure inflation, Truflation looks at price data. The CPI is measured in the form of a survey that collects about 94,000 prices per month for commodities and services and 8,000 rental housing units for the housing component. While the Truflation index is based on the same calculation model as the widely used CPI, it is different because it measures and reports inflation changes daily by using current real-market price data from sources like Zillow, Penn State and Nielsen, among others. About 40% of the data that is being looked at is the same goods basket that the Bureau of Labor Statistics uses. The remaining 60% is being substituted with data from other sources. Truflation, which runs on Chainlink and is therefore accessible and visible for everyone, currently measures a 13.2% inflation rate, as opposed to 7.9% measured by the CPI in March.

A lawsuit charges that Rutgers Business School sought to improve its rankings by creating bogus temporary jobs for graduating MBA students. From a report: Rutgers Business School is always keeping score. On its website, it proclaims its No. 1 ranking this year by Bloomberg Businessweek as the top Public Business School in the Northeast. Fortune bestowed a similar honor in 2021. And U.S. News & World Report rated its MBA program among the top ten for Best Overall Employment Outcomes in the U.S., as well as No. 12 for its Supply Chain Management MBA program. But in a whistleblower lawsuit filed Friday, a Rutgers administrator charged that the university fraudulently burnished those national rankings by creating totally bogus jobs to show the success its business school graduates had in finding employment.

The lawsuit by Deidre White, the business school's human resources manager, alleged the program used a temp agency to hire unemployed MBA students, placing them into sham positions at the university itself -- for no other reason than to make it appear like a greater number of graduates were getting full-time jobs after getting their Rutgers diplomas. "The fraud worked," wrote White's attorney, Matthew A. Luber of McOmber McOmber & Luber in Marlton. In the very first year of the scheme, they said Rutgers was suddenly propelled to, among other things, the 'No. 1' business school in the Northeast.

An anonymous reader quotes a report from Motherboard: An object from another star system crashed into Earth in 2014, the United States Space Command (USSC) confirmed in a newly-released memo. The meteor ignited in a fireball in the skies near Papua New Guinea, the memo states, and scientists believe it possibly sprinkled interstellar debris into the South Pacific Ocean. The confirmation backs up the breakthrough discovery of the first interstellar meteor -- and, retroactively, the first known interstellar object of any kind to reach our solar system -- which was initially flagged by a pair of Harvard University researchers in a study posted on the preprint server arXiv in 2019.

Amir Siraj, a student pursuing astrophysics at Harvard who led the research, said the study has been awaiting peer review and publication for years, but has been hamstrung by the odd circumstances that arose from the sheer novelty of the find and roadblocks put up by the involvement of information classified by the U.S. government. The discovery of the meteor, which measured just a few feet wide, follows recent detections of two other interstellar objects in our solar system, known as 'Oumuamua and Comet Borisov, that were much larger and did not come into close contact with Earth.

"I get a kick out of just thinking about the fact that we have interstellar material that was delivered to Earth, and we know where it is," said Siraj, who is Director of Interstellar Object Studies at Harvard's Galileo Project, in a call. "One thing that I'm going to be checking -- and I'm already talking to people about -- is whether it is possible to search the ocean floor off the coast of Papua New Guinea and see if we can get any fragments." Siraj acknowledged that the odds of such a find are low, because any remnants of the exploded fireball probably landed in tiny amounts across a disparate region of the ocean, making it tricky to track them down. "It would be a big undertaking, but we're going to look at it in extreme depth because the possibility of getting the first piece of interstellar material is exciting enough to check this very thoroughly and talk to all the world experts on ocean expeditions to recover meteorites," he noted. "Siraj called the multi-year process a 'whole saga' as they navigated a bureaucratic labyrinth that wound its way though Los Alamos National Laboratory, NASA, and other governmental arms, before ultimately landing at the desk of Joel Mozer, Chief Scientist of Space Operations Command at the U.S. Space Force service component of USSC," adds Motherboard.

Mozer confirmed that the object indicated "an interstellar trajectory," which was first brought to Siraj's attention last week via a tweet from a NASA scientist. He's now "renewing the effort to get the original discovery published so that the scientific community can follow-up with more targeted research into the implications of the find," the report says.

samleecole shares a report from Motherboard: Police records reviewed by Motherboard show that, as security experts immediately predicted when the product launched, this technology has been used as a tool to stalk and harass women. Motherboard requested records mentioning AirTags in a recent eight month period from dozens of the country's largest police departments. We obtained records from eight police departments. Of the 150 total police reports mentioning AirTags, in 50 cases women called the police because they started getting notifications that their whereabouts were being tracked by an AirTag they didn't own. Of those, 25 could identify a man in their lives -- ex-partners, husbands, bosses -- who they strongly suspected planted the AirTags on their cars in order to follow and harass them. Those women reported that current and former intimate partners -- the most likely people to harm women overall -- are using AirTags to stalk and harass them.

Multiple women who filed these reports said they feared physical violence. One woman called the police because a man she had a protective order against was harassing her with phone calls. She'd gotten notifications that an AirTag was tracking her, and could hear it chiming in her car, but couldn't find it. When the cops arrived, she answered one of his calls in front of the officer, and the man described how he would physically harm her. Another who found an AirTag in her car had been wondering how a man she had an order of protection against seemed to always know where she was. The report said she was afraid he would assault or kill her. [...] The overwhelming number of reports came from women. Only one case out of the 150 we reviewed involved a man who suspected an ex-girlfriend of tracking him with an AirTag.

The federal Liberal government introduced legislation Tuesday to force digital giants to compensate news publishers for the use of their content. CBC News reports: The new regulatory regime would require companies like Google and the Meta Platforms-owned Facebook -- and other major online platforms that reproduce or facilitate access to news content -- to either pay up or go through a binding arbitration process led by an arms-length regulator, the Canadian Radio-television and Telecommunications Commission (CRTC). The compensation extracted from these digital giants must be used, in large part, to fund the creation of news content to protect the "sustainability of the Canadian news ecosystem," according to a government backgrounder distributed to reporters. The government is pitching the arrangement as a way to prop up an industry that has seen a steady decline since the emergence of the internet.

To preserve access to Canadian news, the federal government has adopted much of the so-called "Australian model," named after the country that first forced digital companies to pay for the use of news content. According to the Australian Competition and Consumer Commission, more than $190 million has been paid already to Australian media companies since the model was enacted last year. The big winners have been legacy media and larger media outlets.

The new Canadian scheme would require that Facebook, Google and other digital platforms that have "a bargaining imbalance with news businesses" make "fair commercial deals" with newspapers, news magazines, online news businesses, private and public broadcasters and certain non-Canadian news media that meet specific criteria. The goal is to have these digital platforms negotiate deals with publishers without the need for government intervention. [T]he amount of money each news business gets from these digital giants will be decided by those negotiations -- there's no preset formula. In the absence of some sort of voluntary arrangement, news businesses can initiate a mandatory bargaining process and go to a CRTC arbitration panel for a binding decision.

An anonymous reader quotes a report from Motherboard: The NFT marketplace OpenSea is now facing at least three lawsuits over stolen cartoon apes after lawyers for a New York man filed a lawsuit in New York State Supreme Court claiming that his Bored Ape Yacht Club NFT was taken from him due to what he characterized as "security vulnerabilities" of the OpenSea platform. Lawyers unaffiliated with the cases told Motherboard that, whatever the merits of the individual suits, the situation has the potential to cause trouble for the $13 billion Web3 startup, often referred to as the "eBay of NFTs," as it could potentially reveal its inner workings and invite a torrent of other suits that the company will be forced to defend against. "I think they're sitting on a ticking bomb," said Max Dilendorf, a lawyer specializing in digital assets, cryptocurrency, and asset tokenization who is not involved in any of the Bored Ape lawsuits.

The newest $1 million lawsuit, filed on behalf of Michael Vasile, is similar to another lawsuit filed in February by the same lawyers on behalf of an aggrieved Texas man. In both cases, the men say they lost their apes because of alleged bugs in OpenSea's code that the company knew about but did not take appropriate steps to fix. A third ape-related lawsuit, filed in the U.S. District Court for the District of Nevada and also naming the NFT marketplace LooksRare and Yuga Labs, the company behind the Bored Ape Yacht Club, claimed OpenSea did not "implement common sense and reasonable security measures'' against fraud and instead put "all the onus" on users. Altogether, the cases against OpenSea and other platforms could prove to be an arena where the courts figure out if the platform or the individual should be to blame when people lose thousands of dollars in a matter of seconds to illicit and irreversible blockchain scams.

Regardless of the suits' merits, the unaffiliated lawyers said the OpenSea suits could place the popular NFT marketplace in a difficult position, as anything less than an all-out victory could invite a spate of similar lawsuits. Dilendorf added that OpenSea had reason to consider settling the case in order to avoid offering up the company's internal emails and documents during the discovery process. "I would not want to open up a Pandora's Box," Dilendorf said. "Because looking at how OpenSea operates the platform from a 10,000-foot view, it's very, very questionable."

Google has yanked dozens of apps from its Google Play store after determining that they include a software element that surreptitiously harvests data. From a report: The Panamanian company that wrote the code, Measurement Systems S. de R.L., is linked through corporate records and web registrations to a Virginia defense contractor that does cyberintelligence, network-defense and intelligence-intercept work for U.S. national-security agencies. The code ran on millions of Android devices and has been found inside several Muslim prayer apps that have been downloaded more than 10 million times, as well as a highway-speed-trap detection app, a QR-code reading app and a number of other popular consumer apps, according to two researchers who discovered the behavior of the code in the course of auditing work they do searching for vulnerabilities in Android apps. They shared their findings with Google, a unit of Alphabet, federal privacy regulators and The Wall Street Journal.

The startup promises a fairly-distributed, cryptocurrency-based universal basic income. So far all it's done is build a biometric database from the bodies of the poor. MIT Technology Review reports: On a sunny morning last December, Iyus Ruswandi, a 35-year-old furniture maker in the village of Gunungguruh, Indonesia, was woken up early by his mother. A technology company was holding some kind of "social assistance giveaway" at the local Islamic elementary school, she said, and she urged him to go. Ruswandi joined a long line of residents, mostly women, some of whom had been waiting since 6 a.m. In the pandemic-battered economy, any kind of assistance was welcome. At the front of the line, representatives of Worldcoin Indonesia were collecting emails and phone numbers, or aiming a futuristic metal orb at villagers' faces to scan their irises and other biometric data. Village officials were also on site, passing out numbered tickets to the waiting residents to help keep order. Ruswandi asked a Worldcoin representative what charity this was but learned nothing new: as his mother said, they were giving away money.

Gunungguruh was not alone in receiving a visit from Worldcoin. In villages across West Java, Indonesia -- as well as college campuses, metro stops, markets, and urban centers in two dozen countries, most of them in the developing world -- Worldcoin representatives were showing up for a day or two and collecting biometric data. In return they were known to offer everything from free cash (often local currency as well as Worldcoin tokens) to Airpods to promises of future wealth. In some cases they also made payments to local government officials. What they were not providing was much information on their real intentions. This left many, including Ruswandi, perplexed: What was Worldcoin doing with all these iris scans?

To answer that question, and better understand Worldcoin's registration and distribution process, MIT Technology Review interviewed over 35 individuals in six countries -- Indonesia, Kenya, Sudan, Ghana, Chile, and Norway -- who either worked for or on behalf of Worldcoin, had been scanned, or were unsuccessfully recruited to participate. We observed scans at a registration event in Indonesia, read conversations on social media and in mobile chat groups, and consulted reviews of Worldcoin's wallet in the Google Play and Apple stores. We interviewed Worldcoin CEO Alex Blania, and submitted to the company a detailed list of reporting findings and questions for comment. Our investigation revealed wide gaps between Worldcoin's public messaging, which focused on protecting privacy, and what users experienced. We found that the company's representatives used deceptive marketing practices, collected more personal data than it acknowledged, and failed to obtain meaningful informed consent. These practices may violate the European Union's General Data Protection Regulations (GDPR) -- a likelihood that the company's own data consent policy acknowledged and asked users to accept -- as well as local laws.

Thieves netting massive sums in cybercrime have limited options for laundering the funds. From a report: Many eyes in the crypto world are on a 42-character address on the Ethereum blockchain, which has unclear ownership and is currently home to the equivalent of about $600 million. Hackers stole the funds from players of online game "Axie Infinity" in a March 23 heist uncovered last week. The criminals have moved millions of dollars of assets in recent days, according to blockchain-monitoring tools, but the majority of funds remain in place, leaving victims and outside observers awaiting next moves. Crypto's transparency has turned money laundering into a perverse spectator sport. Transaction records on public blockchains give authorities a bird's-eye view of stolen funds equivalent to tens or hundreds of millions of dollars, often pilfered by targeting poorly secured software bridges that transfer assets between blockchains. The openness leaves successful cyber thieves facing a key question: How do you launder a nine-figure score?

"When there's a hack like that, everyone is watching the wallets," said Kimberly Grauer, director of research at Chainalysis, a blockchain-analytics firm. "So you better damn well know what you're going to do." The fate of the money stolen from "Axie Infinity" users, one of the largest such thefts, has become a topic of speculation. On Etherscan, a monitoring platform where users can see transactions to and from the address in question, commenters claiming to be victims, broke college students or Ukrainian refugees have posted messages asking the hackers to spread their newfound wealth. [...] Last week, blockchain analysts and amateur digital sleuths watched as ether worth about $20 million moved to crypto exchanges based in the Bahamas and Seychelles. On Monday, an additional $12 million of assets flowed into a mixer, which blends different cryptocurrencies to help obscure their sources. Mixers can have their own security compromises and are dependent on having enough crypto on hand to exchange illicit deposits for cleaner funds, said Mitchell Amador, chief executive of Immunefi, a bug-bounty platform focused on decentralized systems.

An anonymous reader quotes a report from Reuters: The European Union's top court ruled on Tuesday that national authorities cannot retain phone data in a "general and indiscriminate" manner, but could use specific information to tackle some very serious crime. The court ruled on a case brought by the Supreme Court in Ireland where a man sentenced in 2015 to life imprisonment for murder appealed, saying the court of first instance had wrongly admitted traffic and location data of telephone calls as evidence.

The Luxembourg-based Court of Justice of the EU (ECJ) on Tuesday said it was up to a national court there to decide whether the evidence was allowed. But it also said the bloc's members cannot have laws in place that would allow crime prevention through the "general and indiscriminate" retention of such data. Some circumstances, such as particularly serious crime regarded as a threat to national security, could justify data retention but only in a narrower scope or for a limited time.

German authorities shut down the server infrastructure for the Russian darknet marketplace Hydra, seizing ~$25.2 million worth of Bitcoin in the process, Germany's Federal Crime Police Office (BKA) announced on Tuesday. From a report: Hydra is a large marketplace on the dark web that serves as a hub for drugs, stolen credit card information, counterfeit bills, fake documents, and other illegal goods or services. The market primarily caters to criminals in Russia and surrounding nations. "Treasuremen," or dealers connected with the site, push drugs throughout the region by hiding them in geo-tagged pickup locations. With the shutdown of the German-based server, authorities are now launching an investigation into the "unknown operators and administrators" of Hydra, whom they suspect of selling narcotics and engaging in money laundering. German authorities say they have been investigating the marketplace with the help of the US since August 2021. The BKA told The Verge that no arrests have been made as of yet.

An anonymous reader quotes a report from NPR: Book banning is not new -- in the U.S. alone the practice goes back to Puritan times, when Thomas Morton's book New English Caanan and others opposing this way of life were tossed from Massachusetts. But the American Library Association said Monday that this year there have been more challenges to books than they have seen since they started tracking it in 2000.

The ALA's Office for Intellectual Freedom counted 729 challenges to library, school, and university materials in 2021. It's a significant jump: Last year the group noted 156 challenges -- and in 2019, there were 377. Although the 2020 number was impacted by the pandemic, which forced schools and libraries to shut down, the ALA said they don't usually get more than 500 book challenges in any given year. And sometimes, those challenges contain more than one book title. The number of individual books challenged in 2021 totaled 1,597. In a press release, ALA President Patricia Wong said: "We support individual parents' choices concerning their child's reading and believe that parents should not have those choices dictated by others. Young people need to have access to a variety of books from which they can learn about different perspectives."

The organization is launching a nationwide initiative meant to empower readers to fight censorship.

A letter from the National Archives and Records Administration hints at growing unease with government officials' use of some encrypted messaging apps. NBC News: In October, Laurence Brewer, the chief records officer of the National Archives and Records Administration, told officials at U.S. Customs and Border Protection he was worried about how the agency was using an app called Wickr. The Amazon-owned encrypted messaging platform is known for its ability to automatically delete messages. Brewer, who is responsible for ensuring that government officials handle records correctly, wrote in a letter that he was "concerned about agencywide deployment of a messaging application that has this functionality without appropriate policies and procedures governing its use." Brewer addressed his letter to Eric Hysen, the chief information officer of the Department of Homeland Security. It was uploaded to the National Archives website, and its concerns had not been previously reported. The document offers a rare insight into Customs and Border Protection's use of Wickr, and highlights the broader worries that some officials and watchdogs have about the growing use of messaging apps at all levels of the U.S. government.

Wickr was bought by Amazon's cloud-computing division last June and has contracts with a number of government agencies. Customs and Border Protection (CBP), which has been criticized by human rights activists and immigration lawyers over what they say are its secretive practices, has spent more than $1.6 million on Wickr since 2020, according to public procurement records. But little is known about how the agency has deployed the app, which is popular among security-minded people ranging from journalists to criminals. Its auto-deletion feature has made the platform a cause of concern among government record keepers, as well as external watchdogs, who worry that Wickr and other similar apps are creating ways for customs officials to sidestep government transparency requirements.

What happened after Russia blocked 80 million users of Instagram? Reuters reports: A black and white, melancholy alternative to Instagram that asks users to post sad pictures of themselves may launch in Russia this week, its creators said, to express sadness at the loss of popular services such as the U.S. photo sharing platform....

Although people can still sometimes access [Instagram] using a Virtual Private Network, domestic alternatives have started appearing, the latest being 'Grustnogram', or 'Sadgram' in English. "Post sad pictures of yourself, show this to your sad friends, be sad together," a message on the platform's website read.... "We are very sad that many high quality and popular services are stopping their work in Russia for various reasons," Afisha Daily quoted Alexander Tokarev, one of the service's founders as saying. "We created Grustnogram to grieve about this together and support each other."
Insider looks at the larger landscape now for Russia's social media apps: Rossgram joins a slate of Russian versions of major platforms that seek to mimic larger and more popular social media companies, resulting in a landscape of Russian knockoffs that often struggle to attract users while raising questions about how much access the Kremlin has to users' data.... Russia has been trying to coax internet users to turn to its own versions of popular sites, such as YouTube knockoff RuTube, for years. Authorities this year offered online creators the equivalent of $1,700 a month to move their content to RuTube, according to Coda Story, attempting to make up for its minuscule audience.

A 2021 report by the Levada Center, an independent polling organization, found that YouTube is used by 37% of Russians, Instagram by 34%, and TikTok by 16%. But some native platforms hold influence too. Out of Russia's 70 million active social media users, according to research by Linkfluence, a market research platform, 83% use a social media platform similar to Facebook called VKontakte, and 55% use another called OdnoKlassniki. According to Alyssa Demus, an associate international and defense researcher at Rand corporation, Russia has long been building up an ecosystem of alternative social media platforms. But people tend to be more skeptical and cautious when using them out of fear that the government is involved in their operations and users' information isn't secure.

"Either Russia has a hand in the building of the platform from this start, or they strong arm or co-opt whatever is popular later," Demus told Insider. "I know there's significant use of platforms like WhatsApp or others that are believed to be encrypted for that very reason — so that there can be open communication without the fear of reprisal." Russia has also enacted laws to exert influence on non-Russian social media platforms, including passing legislation stating companies need to place their servers for Russian accounts on Russian territory. "Presumably so they can then sort of meddle and do whatever kind of surveillance they need to," Demus said.
Demus adds at one point that "anything Russia touches has the potential to land you in jail."

But the article also notes that younger tech-savvy Russians are using VPNs to access sites blocked by the government — ultimately resulting in a kind of "generation gap" where they're less aligned with pro-government rhetoric from state-controlled media.