Thursday Meta published a blog post by their "product management director of Messenger Trust," who emphasized that they've begun at least testing end-to-end encryption by default for Messenger chats. But Meta also announced plans "to test a new secure storage feature for backups of your end-to-end encrypted chats on Messenger...."

"As with end-to-end encrypted chats, secure storage means that we won't have access to your messages, unless you choose to report them to us."

CNBC provides some context: The announcement comes after Facebook turned over Messenger chat histories to Nebraska police as part of an investigation into an alleged illegal abortion. Meta spokesperson Andy Stone said the feature has been in the works for a while and is not related to the Nebraska case...

The feature is rolling out on Android and iOS devices this week, but it isn't yet available on the Messenger website. The company has been discussing full-scale deployment of end-to-end encryption since 2016, but critics have said the security measure would make it much more difficult for law enforcement to catch child predators....Meta said in the release that it is making progress toward the global rollout of default end-to-end encryption for personal messages and calls in 2023.
Other privacy enhancements announced Thursday by Meta:

• "We plan to bring end-to-end encrypted calls to the Calls Tab on Messenger."

• Meta announced that the deleting of messages will start syncing across your other devices "soon."

• Messenger will continue offering the option of "Disappearing" messages, in which viewed messages in an end-to-end encrypted chat automatically then disappear after a pre-specified period of time.

And there's more, according to Meta's announcement:.

"This week, we'll begin testing default end-to-end encrypted chats between some people. If you're in the test group, some of your most frequent chats may be automatically end-to-end encrypted, which means you won't have to opt in to the feature. You'll still have access to your message history, but any new messages or calls with that person will be end-to-end encrypted. You can still report messages to us if you think they violate our policies, and we'll review them and take action as necessary....

"Last year, we started a limited test of opt-in end-to-end encrypted messages and calls on Instagram, and in February we broadened the test to include adults in Ukraine and Russia. Soon, we'll expand the test even further to include people in more countries and add more features like group chats....

"We will continue to provide updates as we make progress toward the global rollout of default end-to-end encryption for personal messages and calls in 2023."

An anonymous reader quotes a report from Ars Technica: For some people, the term "Ring Nation" might evoke a warrantless surveillance dystopia overseen by an omnipotent megacorp. To Amazon-owned MGM, Ring Nation is a clip show hosted by comedian Wanda Sykes, featuring dancing delivery people and adorable pets. Deadline reports that the show, due to debut on September 26, is "the latest example of corporate synergy at Amazon." Amazon owns household video security brand Ring, Hollywood studio MGM, and Big Fish, the producer of Ring Nation. Viral videos captured by doorbell cameras have been hot for a while now. You can catch them on late-night talk shows, the r/CaughtOnRing subreddit, and on millions of TikTok users' For You page. Amazon's media properties, perhaps sensing an opportunity to capitalize and soften Ring's image, are sallying forth with an officially branded offering.

Ring Nation will feature "neighbors saving neighbors, marriage proposals, military reunions and silly animals," Deadline writes. But Ring Nation might be aiming even higher, according to Ring founder Jamie Siminoff -- to something approaching a salve for our deeply divided nation. "Bringing the new community together is core to our mission at Ring, and Ring Nation gives friends and family a fun new way to enjoy time with one another," Siminoff told Deadline. "We're so excited to have Wanda Sykes join Ring Nation to share people's memorable moments with viewers." "Ring sharing its owners' moments with other viewers has been a contentious issue," notes Ars. Amazon's Ring can share footage with police during emergencies without consent and without warrants. The service has also reportedly partnered with hundreds of law enforcement agencies across the country to increase Ring installations and ease police access to footage.

An anonymous reader quotes a report from TechCrunch: Lawsuits from disgruntled investors are beginning to stack up after crypto prices plummeted over the past few months, leaving them with steep losses. Billionaire Mark Cuban is the latest celebrity on the receiving end of investor ire. A group of Voyager Digital customers filed a class-action suit in Florida federal court against Cuban, as well as the basketball team he owns, the Dallas Mavericks, alleging their promotion of the crypto platform resulted in more than 3.5 million investors losing $5 billion collectively. Voyager Digital's CEO, Stephen Ehrlich, was also named as a defendant in the suit. Voyager, a New Jersey-based crypto firm, filed for Chapter 11 bankruptcy in July following a crash in crypto prices that instigated a liquidity crunch on the platform. The firm is one of many that got burned after loaning money, in Voyager's case worth ~$600 million, to hedge fund Three Arrows Capital (3AC). 3AC declared bankruptcy in the wake of the Terra collapse, triggering a domino effect throughout the crypto markets when the hedge fund defaulted on more than $3.5 billion worth of obligations to its lenders.

The plaintiffs in the suit against Cuban described Voyager as "an unregulated and unsustainable fraud, similar to other Ponzi schemes." They claim in the complaint that Cuban and Ehrlich personally reached out to investors both individually and through a partnership with the Dallas Mavericks, to encourage them to invest with the platform. The lawsuit also specifically calls out Voyager's Earn Program Accounts (EPAs), claiming they are unregistered securities. The Mavericks launched their exclusive, five-year partnership with Voyager in October 2021, giving fans cash rewards for making trades on the platform. The announcement said the cryptocurrencies were "an attractive investment for novice investors who might only have $100 to start." According to the lawsuit filed today, Cuban also promoted the company "as a Voyager customer himself, in a ploy to dupe investors into believing that Voyager was a safe platform." Although the partnership with the Mavericks was disclosed, the lawsuit alleges that Cuban did not disclose the compensation he personally received to promote Voyager. "During the runup in crypto prices, many web3 companies, apparently including Voyager, pretended that existing laws and regulations did not apply to crypto," said Shane Seppinni, founder of law firm Seppinni LLP, who was worked on various crypto and "meme stock" lawsuits. "Even smart people like Mark Cuban got caught up in the hype. But now that crypto prices have crashed it's plain to see that centuries-old legal theories like fraud, breach of fiduciary duty, and civil conspiracy are as applicable to crypto as they are elsewhere."

The Mount Sinai Health System began an effort this week to build a vast database of patient genetic information that can be studied by researchers -- and by a large pharmaceutical company. From a report: The goal is to search for treatments for illnesses ranging from schizophrenia to kidney disease, but the effort to gather genetic information for many patients, collected during routine blood draws, could also raise privacy concerns. The data will be rendered anonymous, and Mount Sinai said it had no intention of sharing it with anyone other than researchers. But consumer or genealogical databases full of genetic information, such as Ancestry.com and GEDmatch, have been used by detectives searching for genetic clues that might help them solve old crimes.

Vast sets of genetic sequences can unlock new insights into many diseases and also pave the way for new treatments, researchers at Mount Sinai say. But the only way to compile those research databases is to first convince huge numbers of people to agree to have their genomes sequenced. Beyond chasing the next breakthrough drug, researchers hope the database, when paired with patient medical records, will provide new insights into how the interplay between genetic and socio-economic factors -- such as poverty or exposure to air pollution -- can affect people's health. The health system hopes to eventually amass a database of genetic sequences for 1 million patients, which would mean the inclusion of roughly one out of every 10 New York City residents. The effort began this week, a hospital spokeswoman, Karin Eskenazi, said.

Software sold by market leaders tend to be primary purchases for regular consumers. Brand comfort is important but so too is affordability, especially when pirate copies are available for free. Some find a middle ground with purchases of discounted activation keys but, as a new Microsoft lawsuit shows, that can amount to copyright infringement for buyers and sellers alike. From a report: In a complaint filed at a Washington court this week, Microsoft targets Canadian company The Search People Enterprises Ltd (TSPE), assumed director Mehtabjit Singh, and 'John Doe' defendants 1-10. The defendants are described as prolific distributors of "black market access devices," aka activation keys and tokens for Microsoft software. Those who bought keys and tokens may have been under the impression that they were purchasing official software but as Microsoft explains, that is not only misleading but a mischaracterization of the things they were sold.

Products including Microsoft Office, Project, Visio, Windows 10, and Windows 11 are all subject to licensing terms that restrict how the products can be used. Microsoft can also provide a product activation key to be entered as part of the installation process, with data about the activation sent to the company's servers. Like software tokens, which enable downloads and automatic software activation, activation keys are anti-piracy tools, and exchanging money for them is not the same as buying a license. Indeed, Microsoft makes itself very clear -- the activation of a piece of software means nothing in the absence of a license. Microsoft's problem is that product activation keys can be 'decoupled' from the software they were meant to authorize and then reused to activate more copies of the software, in some cases more copies than the attached Microsoft license permits.

Australia's consumer watchdog agency said Friday that Google has been ordered to pay AU$60 million, nearly $43 million, by the Federal Court over the collection of location data on Android phones. From a report: The fine stems from legal action the Australian Competition & Consumer Commission initiated back in 2019. The ACCC accused Google of "making misleading representations to consumers" about the collection and use of personal location data on Android devices between January 2017 and December 2018. The court previously found that Google misled consumers into thinking "Location History" was the only setting that impacted whether the tech giant collected, kept and used location data, when in fact, the "Web & App Activity" setting also allowed Google to collect some of this information, according to the ACCC. An estimated 1.3 million people with Google accounts in Australia may have "viewed a screen found by the Court to have breached the Australian Consumer Law," the ACCC said.

An ongoing dispute over privacy between Apple and Facebook is roiling the digital economy, leading companies to shift billions in ad spending as users continue to limit the data available to advertisers. The feud took off last year, when Apple rolled out iOS 14.5, a version of its mobile operating system that made it easier than ever for iPhone and iPad users to opt out of letting apps like Facebook track their activity on their devices. The two companies weren't always at odds. In fact, they were almost business partners. From a report: In the years before the change, Apple suggested a series of possible arrangements that would earn the iPhone maker a slice of Facebook's revenue, according to people who either participated in the meetings or were briefed about them. As one person recalled: Apple officials said they wanted to "build businesses together." One idea that was discussed: creating a subscription-based version of Facebook that would be free of ads, according to people familiar with the discussions. Because Apple collects a cut of subscription revenue for apps in its App Store, that product could have generated significant revenue for the Cupertino, Calif., giant.

The companies also haggled over whether Apple was entitled to a piece of Facebook's sales from so-called boosted posts, said people familiar with the matter. A boost allows a user to pay to increase the number of people that see a post on Facebook or Instagram. Facebook, which considers boosts ads, has always contended that boosts are a form of advertising, in part because they are often used by small businesses to reach a bigger audience, said one of the people. Apple, which doesn't take a cut of advertising from developers, argued that Facebook boosts should be considered in-app purchases, according to a person familiar with the matter. Apple's standard terms would entitle it to take a 30% share of those sales.

The Dutch government agency responsible for investigating financial crimes said it has arrested an individual suspected of being a developer of the U.S.-sanctioned crypto mixing service Tornado Cash in a move that has rattled some crypto and privacy advocates. From a report: The Fiscal Information and Investigation Service said Friday that the arrested 29-year-old man is suspected to be involved in "concealing criminal financial flows and facilitating money laundering" through the popular crypto mixing service. "Multiple arrests are not ruled out," it said. The agency added that it arrested the individual in Amsterdam. The move comes days after the U.S. government sanctioned Tornado Cash -- a service that allows users to mask their transactions by jumbling funds from different sources before sending them to the ultimate destination -- for its role in enabling billions of dollars' worth of cryptocurrency to be laundered through its platform.

Matt Edmondson, a hacker and digital forensics expert, built a Raspberry Pi-powered anti-tracking tool that "scans for nearby devices and alerts you if the same phone is detected multiple times within the past 20 minutes," reports Wired. The device, which can be carried around or placed in a car, consists of parts that cost around $200 in total. From the report: The homemade system works by scanning for wireless devices around it and then checking its logs to see whether they also were present within the past 20 minutes. It was designed to be used while people are on the move rather than sitting in, say, a coffee shop, where it would pick up too many false readings. The anti-tracking tool, which can sit inside a shoebox-sized case, is made up of a few components. A Raspberry Pi 3 runs its software, a Wi-Fi card looks for nearby devices, a small waterproof case protects it, and a portable charger powers the system. A touchscreen shows the alerts the device produces. Each alert may be a sign that you are being tailed. The device runs Kismet, which is a wireless network detector, and is able to detect smartphones and tablets around it that are looking for Wi-Fi or Bluetooth connections. The phones we use are constantly looking for wireless networks around them, including networks they've connected to before as well as new networks.

Edmondson says Kismet makes a record of the first time it sees a device and then the most recent time it was detected. But to make the anti-tracking system work, he had to write code in Python to create lists of what Kismet detects over time. There are lists for devices spotted in the past five to 10 minutes, 10 to 15 minutes, and 15 to 20 minutes. If a device appears twice, an alert flashes up on the screen. The system can show a phone's MAC address, although this is not much use if it's been randomized. It can also record the names of Wi-Fi networks that devices around it are looking for -- a phone that's trying to connect to a Wi-Fi network called Langley may give some clues about its owner. "If you have a device on you, I should see it," he says. In an example, he showed WIRED that a device was looking for a network called SAMSUNGSMART.

To stop the system from detecting your own phone or those of other people traveling with you, it has an "ignore" list. By tapping one of the device's onscreen buttons, it's possible to "ignore everything that it has already seen." Edmondson says that in the future, the device could be modified to send a text alert instead of showing them on the screen. He is also interested in adding the capability to detect tire-pressure monitoring systems that could show recurring nearby vehicles. A GPS unit could also be added so you can see where you were when you were being tracked, he says. [...] Edmondson has no plans to make the device into a commercial product, but he says the design could easily be copied and reused by anyone with some technical knowledge. Many of the parts involved are easy to obtain or may be lying around the homes of people in tech communities. For those interested, Edmondson open-sourced its underlying code and plans to present the research project at the Black Hat security conference in Las Vegas this week.

Meta, the owner of Facebook and Instagram, has been rewriting websites its users visit, letting the company follow them across the web after they click links in its apps, according to new research from an ex-Google engineer. The Guardian reports: The two apps have been taking advantage of the fact that users who click on links are taken to webpages in an "in-app browser," controlled by Facebook or Instagram, rather than sent to the user's web browser of choice, such as Safari or Firefox. "The Instagram app injects their tracking code into every website shown, including when clicking on ads, enabling them [to] monitor all user interactions, like every button and link tapped, text selections, screenshots, as well as any form inputs, like passwords, addresses and credit card numbers," says Felix Krause, a privacy researcher who founded an app development tool acquired by Google in 2017.

Krause discovered the code injection by building a tool that could list all the extra commands added to a website by the browser. For normal browsers, and most apps, the tool detects no changes, but for Facebook and Instagram it finds up to 18 lines of code added by the app. Those lines of code appear to scan for a particular cross-platform tracking kit and, if not installed, instead call the Meta Pixel, a tracking tool that allows the company to follow a user around the web and build an accurate profile of their interests. The company does not disclose to the user that it is rewriting webpages in this way. No such code is added to the in-app browser of WhatsApp, according to Krause's research. [...] It is unclear when Facebook began injecting code to track users after clicking links. "We intentionally developed this code to honor people's [Ask to track] choices on our platforms," a Meta spokesperson told The Guardian in a statement. "The code allows us to aggregate user data before using it for targeted advertising or measurement purposes. We do not add any pixels. Code is injected so that we can aggregate conversion events from pixels."

They added: "For purchases made through the in-app browser, we seek user consent to save payment information for the purposes of autofill."

The Federal Trade Commission is seeking public feedback on a proposed rulemaking to limit what it's dubbed "commerical surveillance" by businesses that sell or share information collected about people. From a report: The advance notice, announced Thursday, would protect the personal data companies such as Alphabet Inc. and Meta Platforms Inc. collect about consumers.

The Internal Revenue Service is seeking to identify customers of cryptocurrency prime dealer SFOX as part of its efforts to force crypto investors to pay taxes on their holdings. Bloombeg reports: In court filings in New York and Los Angeles, the tax authority asked federal judges to let it serve summonses on SFOX and M.Y. Safra Bank, which partnered with SFOX in 2019 to offer its customers cash deposit accounts backed by the Federal Deposit Insurance Corporation. The IRS is seeking account and transaction records for users with cryptocurrency transactions over $20,000 in any year from 2016 to 2021. "Transactions in cryptocurrency have grown substantially in recent years, and the IRS is concerned that taxpayers are not properly reporting these transactions on their tax returns," a lawyer for the government said in court papers filed Monday in Los Angeles. Meanwhile, according to Bloomberg (paywalled), the FTC is "investigating the operators of the BitMart cryptocurrency exchange over a December 2021 hack that led to consumer losses between $150 million and $200 million -- marking the agency's first known probe into crypto markets."

An anonymous reader quotes a report from Ars Technica: Amazon will expand its Amazon One palm print checkout system to dozens of Whole Foods locations, marking the most significant expansion of the technology that was introduced in 2020. Amazon One allows customers to speedily check out at retail locations using only their palm prints after storing a scan of their hand via an interface at Amazon's kiosks. The palm print data is encrypted and stored on Amazon's servers. And before you worry too much about COVID-19 transmission or future pandemics, Amazon One works when you hover your palm over the scanner -- unlike some handprint tech.

Amazon initially added the technology in its Amazon Go stores and the now-shuttered Amazon Books retail locations. It then made its way to several Whole Foods locations in the Seattle area. (Amazon has owned the Whole Foods grocery chain since 2017.) Now, Amazon Go will expand to 65 Whole Foods stores across California. The rollout starts in Malibu and Santa Monica, with more locations adopting it in Los Angeles, Santa Cruz, and the Bay Area over the next few weeks. Amazon previously rolled the tech out to a few select locations in California, but never at this scale.

According to Bloomberg, the Department of Justice is preparing to sue Google as soon as next month, "capping years of work to build a case that the Alphabet unit illegally dominates the digital advertising market." From the report: Lawyers with the DOJ's antitrust division are questioning publishers in another round of interviews to refresh facts and glean additional details for the complaint [...]. Some of the interviews have already taken place and others are scheduled in the coming weeks [...]. They build on previous interrogations conducted during an earlier stage of the long-running investigation [...].

An ad tech complaint, which Bloomberg had reported was in the works last year, would mark the DOJ's second case against Google following the government's 2020 lawsuit alleging the tech titan dominates the online search market in violation of antitrust laws. Still undecided is whether prosecutors will file the case in federal court in Washington, where the search case is pending, or in New York, where state attorneys general have their own antitrust case related to Google's ad tech business [...].

In two lawsuits (PDF) filed today in California, Google alleges that Sonos' latest voice-assistant technology violates seven patents related to Google Assistant. CNET reports: Google spokesperson Jose Castaneda said Sonos has "started an aggressive and misleading campaign against our products, at the expense of our shared customers." As a result, he said, the lawsuits have been filed to "defend our technology and challenge Sonos' clear, continued infringement of our patents." Sonos launched its own voice assistant in June, allowing customers to control their speakers using voice commands starting with the phrase "Hey Sonos."

Google said in the lawsuits that it has made its technologies available to users across the globe, "even providing its Google Assistant software to Sonos for many years." The suits also said Google has for years worked with Sonos engineers on the "implementation of voice recognition and voice-activated device controls in Sonos' products." Google requests an unspecified amount of monetary damages and an injunction blocking Sonos' alleged infringement. Last year, the International Trade Commission ruled that Google infringed on five patents owned by Sonos, forcing Google to change the way its smart speakers are set up and controlled.

"Google previously sued us all over the world and Sonos has prevailed in every decided case," Eddie Lazarus, Sonos' chief legal officer, told CNET, adding that the new lawsuits "are an intimidation tactic designed to retaliate against Sonos for speaking out against Google's monopolistic practices," which "will not succeed."

An anonymous reader quotes a report from Wired: As marketers, data brokers, and tech giants endlessly expand their access to individuals' data and movements across the web, tools like VPNs or cookie blockers can feel increasingly feeble and futile. Short of going totally off the grid forever, there are few options for the average person to meaningfully resist tracking online. Even after coming up with a technical solution last year for how phone carriers could stop automatically collecting users' locations, researchers Barath Raghavan and Paul Schmitt knew it would be challenging to convince telecoms to implement the change. So they decided to be the carrier they wanted to see in the world. The result is a new company, dubbed Invisv, that offers mobile data designed to separate users from specific identifiers so the company can't access or track customers' metadata, location information, or mobile browsing. Launching in beta today for Android, the company's Pretty Good Phone Privacy or PGPP service will replace the mechanism carriers normally use to turn cell phone tower connection data into a trove of information about users' movements. And it will also offer a Relay service that disassociates a user's IP address from their web browsing.

PGPP's ability to mask your phone's identity from cell towers comes from a revelation about why cell towers collect the unique identifiers known as IMSI numbers, which can be tracked by both telecoms and other entities that deploy devices known as IMSI catchers, often called stringrays, which mimic a cell tower for surveillance purposes. Raghavan and Schmitt realized that at its core, the only reason carriers need to track IMSI numbers before allowing devices to connect to cell towers for service is so they can run billing checks and confirm that a given SIM card and device are paid up with their carrier. By acting as a carrier themselves, Invisv can implement their PGPP technology that simply generates a "yes" or "no" about whether a device should get service. On the PGPP "Mobile Pro" plan, which costs $90 per month, users get unlimited mobile data in the US and, at launch, unlimited international data in most European Union countries. Users also get 30 random IMSI number changes per month, and the changes can happen automatically (essentially one per day) or on demand whenever the customer wants them. The system is designed to be blinded so neither INVISV nor the cell towers you connect to know which IMSI is yours at any given time. There's also a "Mobile Core" plan for $40 per month that offers eight IMSI number changes per month and 9 GB of high-speed data per month.

Both of these plans also include PGPP's Relay service. Similar to Apple's iCloud Private Relay, PGPP's Relay is a method for blocking everyone, from your internet provider or carrier to the websites you visit, from knowing both who you are and what you're looking at online at the same time. Such relays send your browsing data through two way stations that allow you to browse the web like normal while shielding your information from the world. When you navigate to a website, your IP address is visible to the first relay -- in this case, Invisv -- but the information about the page you're trying to load is encrypted. Then the second relay generates and connects an alternate IP address to your request, at which point it is able to decrypt and view the website you're trying to load. The content delivery network Fastly is working with Invisv to provide this second relay. Fastly is also one of the third-party providers for iCloud Private Relay. In this way, each relay knows some of the information about your browsing; the first simply knows that you are using the web, and the second sees the sites you connect to, but not who specifically is browsing there. In addition to being included in the two PGPP data plans, customers can also purchase the Relay service on its own for $5 per month and turn it on while connected to mobile data or Wi-Fi. The carrier is still working to bring its services to Apple's iOS. It's also worth noting that Invisv only offers mobile data; there are no voice calling services.

Computer scientist Stephen Thaler was dealt another blow in his battle for artificial intelligence machines to be recognized as inventors on patents, after the nation's top patent court found that inventors must be humans. The term "individual" in the Patent Act refers only to humans, meaning an AI doesn't count as an inventor on a patentable invention, the US Court of Appeals for the Federal Circuit ruled Friday. From a report: The decision lines up with courts in the European Union, the United Kingdom, and Australia that have refused to accept Thaler's argument. His only currently existing win is from a South African court that said an AI can be a patent inventor. Unless the US Supreme Court steps in, the Federal Circuit is typically the final authority on US patent matters -- hearing all such appeals from federal district courts and the US Patent and Trademark Office. Thaler already plans to appeal to the high court, his attorney, Ryan Abbott of Brown, Neri, Smith & Khan LLP, said. The Federal Circuit adopted a "narrow and textualist approach" to the Patent Act, Abbott said. "It ignores the purpose of the Patent Act and the outcome that AI-generated inventions are now unpatentable in the United States," he said. "That is an outcome with real negative social consequences."

"No one imagined commercial space tourism taking hold, no one believed crowd-funded satellites and mega constellations at low earth orbit were possible, and no one could have conceived of the sheer popularity of space entrepreneurship," reads a statement Friday from the chair of America's Federal Communications Commission. "But it's all happening...."

And Reuters reports on what happens next: With Earth's orbit growing more crowded with satellites, a U.S. government agency on Friday said it would begin revising decades-old rules on getting rid of space junk and on other issues such as satellite refueling and inspecting and repairing in-orbit spacecraft. "We believe the new space age needs new rules," Federal Communications Commission (FCC) Chairwoman Jessica Rosenworcel said after the 4-0 FCC vote, adding that current rules "were largely built for another era."

Rosenworcel said the FCC needs "to make sure our rules are prepared for the proliferation of satellites in orbit and new activities in our higher altitudes."

The FCC also plans to look at "new ways to clean up orbital debris. After all, there are thousands of metric tons of junk in space," Rosenworcel added. The FCC will look at "the potential for orbital debris remediation and removal functions that offer the prospect of improvement in the orbital debris environment....."

"The FCC remains the only agency to license virtually every commercial space mission that touches the United States," FCC Commissioner Geoffrey Starks said. "With that power comes the responsibility to understand the missions we authorize, and to create an enabling regulatory environment that opens new doors while still protecting against new risks."
A statement from the FCC describes their new policy review as a "modernization effort."

And it made a point of acknowledging that in-space servicing, assembly, and manufacturing has "the potential to build entire industries, create new jobs, mitigate climate change, and advance America's economic, scientific, technological, and national security interests."

"A class action lawsuit has been filed against big-three consumer credit bureau Experian," reports Krebs on Security, "over reports that the company did little to prevent identity thieves from hijacking consumer accounts.

The legal filing cites liberally from an investigation KrebsOnSecurity published in July, which found that identity thieves were able to assume control over existing Experian accounts simply by signing up for new accounts using the victim's personal information and a different email address. The lawsuit, filed July 28, 2022 in California Central District Court, argues that Experian's documented practice of allowing the re-registration of accounts without first verifying that the existing account authorized the changes is a violation of the Fair Credit Reporting Act.
The lawsuit even cites a July blog post from Krebs on Security. The blog post's title? "Experian, You Have Some Explaining to Do." After providing my Social Security Number (SSN), date of birth, and answering several multiple choice questions whose answers are derived almost entirely from public records, Experian promptly changed the email address associated with my credit file. It did so without first confirming that new email address could respond to messages, or that the previous email address approved the change... After that, Experian prompted me to select new secret questions and answers, as well as a new account PIN — effectively erasing the account's previously chosen PIN and recovery questions. Once I'd changed the PIN and security questions, Experian's site helpfully reminded me that I have a security freeze on file, and would I like to remove or temporarily lift the security freeze?
Experian did send an automated message to the account's original email address when a new one was added, Krebs wrote, but wondered what good that would actually do. "The only recourse Experian offered in the alert was to sign in, or send an email to an Experian inbox that replies with the message, 'this email address is no longer monitored'..."

"I could see no option in my account to enable multi-factor authentication for all logins..."

And Krebs added Friday that "Since that story ran I've heard from several more readers who were doing everything right and still had their Experian accounts hijacked, with little left to show for it except an email alert from Experian saying they had changed the address on file for the account."

Slashdot reader Charlotte Web writes: At 3:02 p.m. EST, vice president Kamala Harris began presiding over the U.S. Senate. After a vote on the very last proposed amendment, the Senate heard these final remarks from Democrat Senate Majority Leader, Chuck Schumer on what he called "the boldest climate package in US history."

"It's been a long, tough, and winding road. But at last — at last — we have arrived. I know it's been a long day and long night, but we've gotten it done...."

"It's a game changer. It's a turning point. And it's been a long time coming.

"To Americans who have lost faith that Congress can do big things, this bill is for you... And to the tens of millions of young Americans who spent years marching, rallying, demanding that Congress act on climate change, this bill is for you. The time has come to pass this historic bill."

One by one, Senators delivered their votes for the official tally, and at 3:18 PST Harris announced that "On this vote, the yeas are 50, the nays are 50." And with the vice president casting deciding votes in an equally-divided Senate, "the bill as amended is passed."

And the Senate broke into spontaneous applause.

The bill now goes to the U.S. House of Representatives, which is expected to vote on it Friday.
As Slashdot reported last week: The bill helps U.S consumers buy electric vehicle chargers, rooftop solar panels, and fuel-efficient heat pumps. It extends energy-industry tax credits for wind, solar and other renewable energy sources -- and for carbon capture technology. In fact, most of its impact is accomplished through tax credits, reports the New York Times, "viewed as one of the least expensive ways to reduce carbon emissions.

"The benefits are worth four times their cost, according to calculations by the Energy Policy Institute at the University of Chicago." One example is ending an eligibility cap on the $7,500 tax credit for consumers buying electric vehicles.