An anonymous reader quotes a report from MIT Technology Review: There's a new text-to-image AI in town. With ERNIE-ViLG, a new AI developed by the Chinese tech company Baidu, you can generate images that capture the cultural specificity of China. It also makes better anime art than DALL-E 2 or other Western image-making AIs. But there are many things -- like Tiananmen Square, the country's second-largest city square and a symbolic political center -- that the AI refuses to show you. When a demo of the software was released in late August, users quickly found that certain words -- both explicit mentions of political leaders' names and words that are potentially controversial only in political contexts -- were labeled as "sensitive" and blocked from generating any result. China's sophisticated system of online censorship, it seems, has extended to the latest trend in AI. It's not rare for similar AIs to limit users from generating certain types of content. DALL-E 2 prohibits sexual content, faces of public figures, or medical treatment images. But the case of ERNIE-ViLG underlines the question of where exactly the line between moderation and political censorship lies.

The ERNIE-ViLG model is part of Wenxin, a large-scale project in natural-language processing from China's leading AI company, Baidu. It was trained on a data set of 145 million image-text pairs and contains 10 billion parameters -- the values that a neural network adjusts as it learns, which the AI uses to discern the subtle differences between concepts and art styles. That means ERNIE-ViLG has a smaller training data set than DALL-E 2 (650 million pairs) and Stable Diffusion (2.3 billion pairs) but more parameters than either one (DALL-E 2 has 3.5 billion parameters and Stable Diffusion has 890 million). Baidu released a demo version on its own platform in late August and then later on Hugging Face, the popular international AI community. The main difference between ERNIE-ViLG and Western models is that the Baidu-developed one understands prompts written in Chinese and is less likely to make mistakes when it comes to culturally specific words.

But ERNIE-ViLG will be defined, as the other models are, by what it allows. Unlike DALL-E 2 or Stable Diffusion, ERNIE-ViLG does not have a published explanation of its content moderation policy, and Baidu declined to comment for this story. When the ERNIE-ViLG demo was first released on Hugging Face, users inputting certain words would receive the message "Sensitive words found. Please enter again (...)," which was a surprisingly honest admission about the filtering mechanism. However, since at least September 12, the message has read "The content entered doesn't meet relevant rules. Please try again after adjusting it. (...)" In a test of the demo by MIT Technology Review, a number of Chinese words were blocked: names of high-profile Chinese political leaders like Xi Jinping and Mao Zedong; terms that can be considered politically sensitive, like "revolution" and "climb walls" (a metaphor for using a VPN service in China); and the name of Baidu's founder and CEO, Yanhong (Robin) Li. While words like "democracy" and "government" themselves are allowed, prompts that combine them with other words, like "democracy Middle East" or "British government," are blocked. Tiananmen Square in Beijing also can't be found in ERNIE-ViLG, likely because of its association with the Tiananmen Massacre, references to which are heavily censored in China. Giada Pistilli, a principal ethicist at Hugging Face, says it could be helpful for the developer of ERNIE-ViLG to release a document explaining the moderation decisions. "Is it censored because it's the law that's telling them to do so? Are they doing that because they believe it's wrong? It always helps to explain our arguments, our choices," says Pistilli.

"Despite the built-in censorship, ERNIE-ViLG will still be an important player in the development of large-scale text-to-image AIs," concludes the report. "The emergence of AI models trained on specific language data sets makes up for some of the limitations of English-based mainstream models. It will particularly help users who need an AI that understands the Chinese language and can generate accurate images accordingly."

"Just as Chinese social media platforms have thrived in spite of rigorous censorship, ERNIE-ViLG and other Chinese AI models may eventually experience the same: they're too useful to give up."

An anonymous reader quotes a report from Ars Technica: FishPig, a UK-based maker of e-commerce software used by as many as 200,000 websites, is urging customers to reinstall or update all existing program extensions after discovering a security breach of its distribution server that allowed criminals to surreptitiously backdoor customer systems. The unknown threat actors used their control of FishPig's systems to carry out a supply chain attack that infected customer systems using FishPig's fee-based Magento 2 modules with Rekoobe, a sophisticated backdoor discovered in June. Rekoobe masquerades as a benign SMTP server and can be activated by covert commands related to handling the startTLS command from an attacker over the Internet. Once activated, Rekoobe provides a reverse shell that allows the threat actor to remotely issue commands to the infected server.

"We are still investigating how the attacker accessed our systems and are not currently sure whether it was via a server exploit or an application exploit," Ben Tideswell, the lead developer at FishPig, wrote in an email. "As for the attack itself, we are quite used to seeing automated exploits of applications and perhaps that is how the attackers initially gained access to our system. Once inside though, they must have taken a manual approach to select where and how to place their exploit."

FishPig is a seller of Magento-WordPress integrations. Magento is an open source e-commerce platform used for developing online marketplaces. The supply-chain attack only affects paid Magento 2 modules. Tideswell said the last software commit made to its servers that didn't include the malicious code was made on August 6, making that the earliest possible date the breach likely occurred. Sansec, the security firm that discovered the breach and first reported it, said the intrusion began on or before August 19. Tideswell said FishPig has already "sent emails to everyone who has downloaded anything from FishPig.co.uk in the last 12 weeks alerting them to what's happened." Tideswell declined to say how many active installations of its paid software there are. This post indicates that the software has received more than 200,000 downloads, but the number of paid customers is smaller. In a disclosure published after the Sansec advisory, FishPig describes how the intruders pulled off the intrusion and remained hidden for so long.

Security analysts have found a severe security vulnerability in the desktop app for Microsoft Teams that gives threat actors access to authentication tokens and accounts with multi-factor authentication (MFA) turned on. BleepingComputer reports: "This attack does not require special permissions or advanced malware to get away with major internal damage," Connor Peoples at cybersecurity company Vectra explains in a report this week. The researcher adds that by taking "control of critical seats -- like a company's Head of Engineering, CEO, or CFO -- attackers can convince users to perform tasks damaging to the organization." Vectra researchers discovered the problem in August 2022 and reported it to Microsoft. However, Microsoft did not agree on the severity of the issue and said that it doesn't meet the criteria for patching.

With a patch unlikely to be released, Vectra's recommendation is for users to switch to the browser version of the Microsoft Teams client. By using Microsoft Edge to load the app, users benefit from additional protections against token leaks. The researchers advise Linux users to move to a different collaboration suite, especially since Microsoft announced plans to stop supporting the app for the platform by December.

An anonymous reader quotes a report from The Verge: California Governor Gavin Newsom has signed a law aimed at making web platforms monitor hate speech, extremism, harassment, and other objectionable behaviors. Newsom signed AB 587 after it passed the state legislature last month, despite concerns that the bill might violate First Amendment speech protections. AB 587 requires social media companies to post their terms of service online, as well as submit a twice-yearly report to the state attorney general. The report must include details about whether the platform defines and moderates several categories of content, including "hate speech or racism," "extremism or radicalization," "disinformation or misinformation," harassment, and "foreign political interference." It must also offer details about automated content moderation, how many times people viewed content that was flagged for removal, and how the flagged content was handled. It's one of several recent California plans to regulate social media, also including AB 2273, which is intended to tighten regulations for children's social media use.

Newsom's office billed the law as a "first-of-its-kind social media transparency measure" aimed at fighting extremism. In a statement, he said that "California will not stand by as social media is weaponized to spread hate and disinformation that threaten our communities and foundational values as a country." But the transparency measures are similar to those of several other proposals, including parts of two currently blocked laws in Texas and Florida. (Ironically, the other parts of these bills are aimed at preventing companies from removing conservative content that frequently runs afoul of hate speech and disinformation rules.) Courts haven't necessarily concluded that the First Amendment blocks social media transparency rules. But the rules still raise red flags. Depending on how they're defined, they could require companies to disclose unpublished rules that help bad actors game the system. And the bill singles out specific categories of "awful but lawful" content -- like racism and misinformation -- that's harmful but often constitutionally protected, potentially putting a thumb on the speech scale.

A group of privacy-focused organizations have signed a letter imploring US Congress leaders to schedule a vote on a bill that would hamper data collection by tech giants and promote user access to online privacy tools. From a report: In its letter to Congress, addressed to the likes of Mitch McConnell and Nancy Pelosi, the alliance argued that the continued suppression of the American Innovation and Choice Online Act (AICOA) allows "dominant firms" to "limit competition and restrict user choice" when accessing privacy-focused technologies and products. It also accused tech giants of forcing users into accepting their policies of "perpetual surveillance" because of their positions as "gatekeepers," and of using their "influence in society" to steer users away from rival services more committed to privacy. Signatories included the likes of DuckDuckGo, Proton, Brave and Mozilla, among others, representing sectors ranging from VPN and search to web browsers, office software, and more. The letter to Congress fighting for the revival of the AICOA hit back at the idea that the US technology industry is a free market. The 13 signatories, all of which are relatively small in stature, claim the tech giants deliberately wield the depth and breadth of their product portfolios to establish unassailable monopolies.

California's attorney general filed an antitrust lawsuit against Amazon on Wednesday, claiming the retailer stifles competition and increases the prices consumers pay across the internet. The New York Times: The suit is limited to California, where officials said Amazon had around 25 million customers, but if it succeeds it could have a broad impact across the country. The lawsuit largely focuses on the way Amazon penalizes sellers for listing products at lower prices on other websites. If Amazon spots a product listed for cheaper on a competitor's website, it often will remove important buttons like "Buy Now" and "Add to Cart" from a product listing page. Those buttons are a major driver of sales for companies selling though Amazon, and losing them can quickly hurt their businesses. That creates a dilemma for marketplace sellers. At times, they can offer products for lower prices on sites other than Amazon because the cost of using those sites can be lower. But because Amazon is by far the largest online retailer, the sellers would rather raise their prices on other sites than risk losing their sales on Amazon, the complaint said, citing interviews with sellers, competitors and industry consultants.

A court in South Korea has issued an arrest warrant for Do Kwon, the founder of Terraform Labs, escalating its probe into the crypto ecosystem whose two tokens lost $40 billion in value in a span of days earlier this year. From a report: LUNA, the new token of the revived ecosystem, dropped as high as 48.4% to $2.23 apiece on the news, which was earlier reported by local media Yonhap, before recovering slightly. The South Korean court has issued arrest warrants for six people, the news outlet reported, adding that the prosecutors believe the individuals have violated the nation's capital market rules.

Bruce66423 shares a report from the Associated Press: A rape victim whose DNA from her sexual assault case was used by San Francisco police to arrest her in an unrelated property crime on Monday filed a lawsuit against the city. During a search of a San Francisco Police Department crime lab database, the woman's DNA was tied to a burglary in late 2021. Her DNA had been collected and stored in the system as part of a 2016 domestic violence and sexual assault case, then-District Attorney Chesa Boudin said in February in a shocking revelation that raised privacy concerns. "This is government overreach of the highest order, using the most unique and personal thing we have -- our genetic code -- without our knowledge to try and connect us to crime," the woman's attorney, Adante Pointer, said in a statement.

The revelation prompted a national outcry from advocates, law enforcement, legal experts and lawmakers. Advocates said the practice could affect victims' willingness to come forward to law enforcement authorities. Federal law already prohibits the inclusion of victims' DNA in the national Combined DNA Index System. There is no corresponding law in California to prohibit local law enforcement databases from retaining victims' profiles and searching them years later for entirely different purposes.

Boudin said the report was found among hundreds of pages of evidence against a woman who had been recently charged with a felony property crime. After learning the source of the DNA evidence, Boudin dropped the felony property crime charges against the woman. The police department's crime lab stopped the practice shortly after receiving a complaint from the district attorney's office and formally changed its operating procedure to prevent the misuse of DNA collected from sexual assault victims, Police Chief Bill Scott said. Scott said at a police commission meeting in March that he had discovered 17 crime victim profiles, 11 of them from rape kits, that were matched as potential suspects using a crime victims database during unrelated investigations. Scott said he believes the only person arrested was the woman who filed the lawsuit Monday.

Adobe thinks it has the answer to Netflix's "password sharing" problem that involves up to 46 million people, according to a 2020 study. TorrentFreak reports: Adobe believes that since every user is different, any actions taken against an account should form part of a data-driven strategy designed to "measure, manage and monetize" password sharing. The company's vision is for platforms like Netflix to deploy machine learning models to extract behavioral patterns associated with an account, to determine how the account is being used. These insights can determine which measures should be taken against an account, and how success or otherwise can be determined by monitoring an account in the following weeks or months. Ignoring the obviously creepy factors for a moment, Adobe's approach does seem more sophisticated, even if the accompanying slide gives off a file-sharing-style "graduated response" vibe. That leads to the question of how much customer information Adobe would need to ensure that the right accounts are targeted, with the right actions, at the right time.

Adobe's Account IQ is powered by Adobe Sensei, which in turn acts as the intelligence layer for Adobe Experience Platform. In theory, Adobe will know more about a streaming account than those using it, so the company should be able to predict the most effective course of action to reduce password sharing and/or monetize it, without annoying the account holder. But of course, if you're monitoring customer accounts in such close detail, grabbing all available information is the obvious next step. Adobe envisions collecting data on how many devices are in use, how many individuals are active, and geographical locations -- including distinct locations and span. This will then lead to a "sharing probability" conclusion, along with a usage pattern classification that should identify travelers, commuters, close family and friends, even the existence of a second home.

Given that excessive sharing is likely to concern platforms like Netflix, Adobe's plan envisions a period of mass account monitoring followed by an on-screen "Excessive Sharing" warning in its dashboard. From there, legal streaming services can identify the accounts most responsible and begin preparing their "graduated response" towards changing behaviors. After monetizing those who can be monetized, those who refuse to pay can be identified and dumped. Or as Adobe puts it: "Return free-loaders to available market." Finally, Adobe also suggests that its system can be used to identify customers who display good behavior. These users can be rewarded by eliminating authentication requirements, concurrent stream limits, and device registrations.

Google is facing two legal cases which could result in the tech giant paying out damages of up to ~$25 billion (19.5 billion pounds) over its digital advertising practices. The BBC reports: The company is accused of anti-competitive conduct, and of abusing its dominant place in the ad tech market. Separate legal cases, in the UK and in the Netherlands, are being filed in the coming weeks on behalf of publishers seeking "compensation" from Google. [...] The European Commission and its UK equivalent are investigating whether Google's dominance in the ad tech business gives it an unfair advantage over rivals and advertisers. The French competition watchdog imposed a 220 million euro fine on the company last year. Johnny Ryan, from the Irish Council for Civil Liberties, told the BBC: "Google is under pressure on two big issues - one is anti-trust and the other is data protection." Mr Ryan said more cases were coming to light as competition enforcers around the world "increasingly put demands on Google." But he added "the fines we have seen so far from competition authorities have had absolutely no consequence whatsoever."

Damien Geradin, of the Belgian law firm Geradin Partners -- which is involved in the Dutch case -- said, "Publishers, including local and national news media, who play a vital role in our society, have long been harmed by Google's anti-competitive conduct. It is time that Google owns up to its responsibilities and pays back the damages it has caused to this important industry. That is why today we are announcing these actions across two jurisdictions to obtain compensation for EU and UK publishers."

The British claim, at the UK Competition Appeal Tribunal, will seek to recover compensation for all owners of websites carrying banner advertising. If successful, this would mean a wide and diverse group could get compensation - from major media sites down to small and medium-sized businesses who produce their own online content. Businesses which do not which to be included in the legal action can opt out. [...] The UK competition watchdog is also investigating Google's power in the digital advertising technology market. The Dutch case is open to European publishers affected by Google's actions. Geradin Partners has teamed up with Dutch law firm Stek to bring the collective claim.

An anonymous reader quotes a report from Motherboard: The McDonald's McFlurry is a delicious treat that people have a hard time finding because the machine breaks down all the time. Thanks to a third-party device made by an independent company called Kytch, the machines can be made to be easier to maintain and break down less. Taylor, the company that makes the McFlurry machine, has been engaged in a long-running legal dispute about whether Taylor could prevent Kytch devices from being used on the machines. Kytch just won an important victory in that long-running legal battle.

Before Kytch came along, Taylor had a repair monopoly on the McFlurry machine. When the thing broke down or hadn't been cleaned, the machine would shut down, and only a certified Taylor technician could get it going again. That's why it can be so hard to find McFlurries: the machines often break down and a tech has to be dispatched to get them running again. Kytch invented a device that allows McDonald's franchise owners to do basic repairs on the machines and get them running again. Taylor didn't like that and, according to a lawsuit filed by Kytch, started telling its franchise partners that Kytch devices could cause "serious human injury."

In July 2021, Kytch filed a restraining order against Taylor claiming that the company had stolen Kytch's trade secrets. Taylor had begun selling a device similar to Kytch's and Kytch has alleged that Taylor stole one of their devices and reverse-engineered it. Taylor pushed back on these allegations and the lawsuit, filing what's called a demurrer, a formalized objection to Kytch's request for a restraining order. In a court document filed on August 26, 2022, a judge allowed Kytch's restraining order to proceed. In its original filing, Kytch alleged 10 different claims against Taylor, including that it had falsely advertised its product and engaged in unfair competition. The judge agreed with Kytch on seven of these points. "The court will sustain Taylor's demurrer as to the second (tortious interference), sixth (intentional interference with business expectancy), and seventh (negligent interference with business expectancy) causes of action," the filing said. "The court rejects Taylor's other arguments and will overrule its demurrer on those grounds."

Nikhil Wahi, brother of former Coinbase product manager Ishan Wahi, pleaded guilty in a Monday hearing to one count of conspiracy to commit wire fraud in connection with an alleged insider trading scheme. Decrypt reports: "Less than two months after he was charged, Nikhil Wahi admitted in court today that he traded in crypto assets based on Coinbase's confidential business information to which he was not entitled," said Damien Williams of the U.S. Attorney's Office in New York in a statement. "For the first time ever, a defendant has admitted his guilt in an insider trading case involving the cryptocurrency markets," Williams continued. "Today's guilty plea should serve as a reminder to those who participate in the cryptocurrency markets that the Southern District of New York will continue to steadfastly police frauds of all stripes and will adapt as technology evolves."

Nikhil now awaits sentencing in December, which could mean up to 20 years in prison. He has also been ordered to give back the money earned as a result of the illicit Coinbase trading, Williams said. Back in July, the Justice Department charged Ishan, Nikhil, and their friend Sameer Ramani with wire fraud conspiracy and wire fraud as it relates to cryptocurrency insider trading. The Securities and Exchange Commission also filed charges against the trio. While he was working at Coinbase, Ishan allegedly shared his insider knowledge of upcoming Coinbase listing announcements with Nikhil and Sameer to then profit from the listings by purchasing the tokens before they went live on Coinbase. In August, Ishan pled not guilty to the DOJ's charges. Now that his brother has pleaded guilty, it's unclear how Ishan's case will proceed and whether he will continue to fight the insider trading case.

According to the DOJ's statement released Monday, Nikhil implicated his brother Ishan and admitted to receiving tips from him. Nikhil then reportedly used numerous different crypto wallets in others' names to anonymize his insider trading. Concerns of insider trading at cryptocurrency exchanges extend beyond just this case, which is considered the first of its kind and is likely to set a precedent. Three Australian finance academics have posited that up to 25% of Coinbase listings in the past four years may have involved some insider trading.

There's a tiny, black-freckled toad that likes the water in hot springs.

Unfortunately, the only place in the world where the species is found is on 760 acres of wetlands about 100 miles east of Reno, Nevada, according to the New York Times. And that's near the site for two renewable-energy geothermal plants which poses "significant risk to the well-being of the species," according to America's Fish and Wildlife Service — which just announced an emergency measure declaring it an endangered species. The temporary protection, which went into effect immediately and lasts for 240 days, was imposed to ward off the toad's potential extinction, the U.S. Fish and Wildlife Service said in a statement, adding that it would consider public comments about whether to extend the toad's emergency listing.

The designation would add another hurdle for a plan to build two power plants with the encouragement of the U.S. Bureau of Land Management. The project is already the subject of a lawsuit filed by conservationists and a nearby Native American tribe. They hope the emergency listing can be used to block construction, which recently resumed.... The suit contended that the geothermal plants would dry up nearby hot springs sacred to the tribe and wipe out the Dixie Valley toad species.
The U.S. Fish and Wildlife Service argues that "protecting small population species like this ensures the continued biodiversity necessary to maintain climate-resilient landscapes in one of the driest states in the country."

They were only recently scientifically described — or declared a unique species — in 2017, making the Dixie Valley toad ">the first new toad species to be described in the U.S. in nearly 50 years. And they are truly unique. When they were described, scientists analyzed 14 different morphological characteristics like size, shape, and markings. Dixie Valley toads scored "significantly different" from other western toad species in all categories.

Thanks to long-time Slashdot reader walterbyrd for sharing the link!

Did we pass a privacy milestone without realizing it? Computer science professor Ken Perlin writes on his blog: Recently I was traveling internationally. I have the Global Traveller option, so I could just to a machine, put in my passport, put my face in front of a camera, and get a piece of paper to hand to the immigration officer. But I was really tired from the flight. So I forgot to put my passport into the slot — I just posed for the camera.

And it worked anyway. The paper came out saying that I was me, I handed it to the immigration officer, and I was done. It seems that just my photo was enough to identify me.

Apparently sticking your passport into the slot is essentially theater. Your government can already tell who you are just from analyzing a photo of you, and they will let you into the country on that basis.
Where does this lead? In a follow-up blog post, Perlin offers one example, imagining a professor looking at a new class and already knowing "everyone's name, what their interests were, the date of their birth, and whether they played a musical instrument.

"In other words, I would be able to know far too much about them." This is, in my opinion, not a good thing. And yet it might be the future we are about to go into headlong.

I think we should be giving this a lot of thought. We take for granted now that when people look at us, they don't immediately know everything about us.

I'm not sure that particular right to privacy is something we should be willing to give up.

Thanks to Slashdot reader saccade.com for sharing the story

Slashdot reader storagedude writes: Nearly a quarter of healthcare organizations hit by ransomware attacks experienced an increase in patient mortality, according to a new study from Ponemon Institute and Proofpoint.

The report, "Cyber Insecurity in Healthcare: The Cost and Impact on Patient Safety and Care," surveyed 641 healthcare IT and security practitioners and found that the most common consequences of cyberattacks are delayed procedures and tests, resulting in poor patient outcomes for 57% of the healthcare providers, followed by increased complications from medical procedures. The type of attack most likely to have a negative impact on patient care is ransomware, leading to procedure or test delays in 64% of the organizations and longer patient stays for 59% of them.

The Ponemon report depends on the accuracy of self-reporting and thus doesn't have the weight of, say, an epidemiological study that looks at hospital mortality baseline data before and after an attack, but the data is similar to what Ponemon has found in the past and there have been a number of reports of patient deaths and other complications from ransomware attacks.

The new report found that 89% of the surveyed organizations have experienced an average of 43 attacks in the past year. The most common types of attacks were cloud compromise, ransomware, supply chain, and business email compromise (BEC)/spoofing/phishing.

The Internet of Medical Things (IoMT) is a top concern for survey participants. Healthcare organizations have an average of more than 26,000 network-connected devices, yet only 51% of the surveyed organizations include them in their cybersecurity strategy.

Healthcare organizations are better at cloud security, with 63% taking steps to prepare for and respond to cloud compromise attacks, and 62% have taken steps to prevent and respond to ransomware — but that still leaves nearly 40% of healthcare organizations more vulnerable than they should be.

Preparedness is even worse for supply chain attacks and BEC, with only 44% and 48% having a documented response to those attacks, respectively.

The high costs of healthcare cyberattacks — an average of $4.4 million — mean that healthcare cybersecurity tools likely have a high ROI, even though roughly half of the survey respondents say they lack sufficient staffing and in-house expertise.

America's Department of Agriculture and NASA recently announced the Artemis Moon Trees Program. After the first launch of its SLS super-heavy-lift launch vehicle, "the seeds carried on Artemis I will be grown into seedlings by the Forest Service and distributed to locations across the U.S."

But it's just part of a larger initiative. The U.S. government announced Friday that it's working with "a new coalition of space companies that will focus on increasing the space industry's capacity to meet the rising demand for the skilled technical workforce" — partly by inspiring and educating the next generation. This coalition includes Lockheed Martin, Northrop Grumman, Boeing, Blue Origin, Jacobs, L3Harris, Planet Labs PBC, Rocket Lab, Sierra Space, Space X and Virgin Orbit.

Long-time Slashdot reader theodp writes: Yesterday at the second convening of America's National Space Council, Vice President Kamala Harris announced "new commitments from the U.S. government, private sector companies, education and training providers, and philanthropic organizations to support space-related STEM initiatives to inspire, prepare, and employ the next generation of the space workforce..." according to a statement from the White House, "to address the challenges of today and prepare for the discoveries of tomorrow...."

Among those anchoring the Administration's efforts to increase the space industry's capacity to meet the rising demand for the skilled technical workforce is Amazon founder Jeff Bezos' space tourism company Blue Origin, which will be joined by industry partner Amazon to inspire youth to pursue space STEM careers. "Blue Origin's Club for the Future," the White House explains, "is launching Space Days to engage millions of students, teachers and school administrators in the excitement of space and space careers." Club for the Future, as reported earlier on Slashdot, is the Blue Origin founded-and-funded tax-exempt foundation that received the $28 million proceeds of a single auctioned ticket to accompany Bezos on Blue Origin's maiden 11-minute space tourism flight in June 2021. The nonprofit's mission is "to inspire future generations to pursue careers in STEM and to help invent the future of life in space."

The White House also announced that Amazon and Bezos-funded nonprofit Code.org "will highlight connections between computer science and space exploration in the 2022 Hour of Code. Students will have the opportunity to explore and develop coding skills through engaging, space-themed tutorials and create shareable projects. Through a collaboration with NASA, the U.S. Space Force, America's Department of Energy, and the U.S. Geological Survey, students will also learn about different careers and pathways for space careers in these agencies. Code.org reaches approximately 15 million students annually." Amazon reported in 2018 on its efforts to accelerate K-12 CS education in the U.S. with Code.org to "support the much-needed pipeline for workers who are well versed in computer science."
The coalition's other efforts include three pilot programs collaborating with community colleges, unions and others "to demonstrate a replicable and scalable approach to attracting, training and creating employment opportunities." Federal agencies and the Smithsonian Institute also launched a new web site with free space-related resources for K-12 educators which also promotes career awareness.

And NASA also released an educator resources hub that includes a LEGO Build to Launch Series — plus $4 million in educational grants.

Attention, people giving money to strangers from the Internet. The Krebs on Security blog knows a way to make it safer.

"Nearly all U.S. states now have designated safe trading stations — mostly at local police departments — which ensure that all transactions are handled in plain view of both the authorities and security cameras." These safe trading places exist is because sometimes in-person transactions from the Internet don't end well for one or more parties involved. The website Craigslistkillers has catalogued news links for at least 132 murders linked to Craigslist transactions since 2015. Many of these killings involved high-priced items like automobiles and consumer electronics, where the prospective buyer apparently intended all along to kill the owner and steal the item offered for sale. Others were motivated simply by a desire to hurt people.

This is not to say that using Craigslist is uniquely risky or dangerous; I'm sure the vast majority of transactions generated by the site end amicably and without physical violence. And that probably holds true for all of Craigslist's competitors.

Still, the risk of a deal going badly when one meets total strangers from the Internet is not zero, and so it's only sensible to take a few simple precautions.

For example, choosing to transact at a designated safe place such as a police station dramatically reduces the likelihood that anyone wishing you harm would even show up.
Krebs points out there's a list maintained at SafeTradeStations.com, adding that "many police departments (but not all) are willing to check the serial number of an item for sale to make sure it's not known to be stolen property."

The site also advises meeting in well-lit and public places, during daylight hours — and bringing a friend.

An anonymous reader quotes a report from TorrentFreak: A group of independent movie companies has filed a copyright infringement lawsuit against AT&T. The Internet provider, which has over 80 million subscribers in the US, faces far-reaching demands. In addition to millions in damages, the filmmakers want the ISP to terminate the accounts of repeat infringers and block access to sites such as The Pirate Bay and YTS. [...] In a complaint (PDF) filed at a federal court in Texas, Voltage Pictures and its affiliates, known for films such as "After We Collided," "Dallas Buyers Club," "Room 203," and "The Bird Catcher", accuse the ISP of contributory and vicarious copyright infringement.

"For years, AT&T has knowingly allowed AT&T users to engage in online piracy, the illegal distribution and downloading of copyrighted materials, including films. AT&T provides the IP addresses used for piracy, makes the connections needed to share and download pirated films, and transmits the pirated films," they write. The ISP allegedly turned a blind eye to pirating subscribers, facilitating mass online piracy. The filmmakers say they sent tens of thousands of notices to the company, reporting alleged copyright infringements. In some cases, hundreds of notices were sent for a single IP address without any visible response from the Internet provider.

In the United States, the law requires Internet providers to adopt a policy that provides for the termination of accounts of repeat infringers, under appropriate circumstances. AT&T references this in its terms but according to the filmmakers' complaint, this policy is not sufficient. The lawsuit specifically claims that AT&T willingly keeps repeat infringers on board because that adds tens of millions of dollars to AT&T's bottom line. [...] To compensate for all piracy-related losses, the plaintiffs request actual or statutory damages, which can run into millions of dollars. In addition, they also want AT&T to terminate repeat infringers under appropriate circumstances. Finally, and of particular interest, the movie companies also want the Internet provider to block foreign pirate sites. They include YTS, The Pirate Bay, RARBG, 1337x, and others that have been called out in the US Trade Representative's annual overview of notorious markets.

An anonymous reader quotes a report from Motherboard: The U.S. Navy says that releasing any additional UFO videos would "harm national security" and told a government transparency website that all of the government's UFO videos are classified information. In a Freedom of Information Act request response, the Navy told government transparency site The Black Vault that any public dissemination of new UFO videos "will harm national security as it may provide adversaries valuable information regarding Department of Defense/Navy operations, vulnerabilities, and/or capabilities. No portions of the videos can be segregated for release."

The Black Vault was seeking all videos "with the designation of 'unidentified aerial phenomena.'" This is an interesting response from the Navy because, often, military agencies will issue a so-called GLOMAR response, where they neither confirm nor deny that the records (in this case videos) exist, and refuse to say anything more. In this response, the Navy is admitting that it has more videos, and also gives a rationale for releasing three previous UFO videos.

"While three UAP videos were released in the past, the facts specific to those three videos are unique in that those videos were initially released via unofficial channels before official release," it said. "Those events were discussed extensively in the public domain; in fact, major news outlets conducted specials on these events. Given the amount of information in the public domain regarding these encounters, it was possible to release the files without further damage to national security."

An anonymous reader quotes a report from TorrentFreak: Prosecutors in Taiwan have indicted five men for running an operation that uploaded movies to the internet and then extorted cash settlements from the BitTorrent users who downloaded them. One of the men is former ultramarathon runner Kevin Lin, who founded a copyright consultancy company after graduating from law school in 2020. According to reports, Lin's company enticed users to download the torrents, tracked their IP addresses, and then filed copyright lawsuits in an effort to profit from cash settlements. Lin said that due to his support for the opposition government and his criticism of its handling of the COVID-19 pandemic, the investigation against him is politically motivated.

In May 2021, licenses were obtained from Vie Vision Pictures Co. and Applause Entertainment Ltd, which led to 18 movies being uploaded to BitTorrent networks, to tempt users into downloading them. After capturing their IP addresses, Lin's company obtained their identities from ISPs and sued them. The goal was to obtain out-of-court settlements. Since August 2021, Lin's company filed 937 lawsuits for copyright infringement. In just 25 of those cases, the company managed to "extort" settlements of $29,207, FocusTaiwan reports. In addition to Lin, several other people have also been indicted for their part in the operation.