The Los Angeles Times reports that homemade (usually 3D-printed) "ghost guns" have contributed to more than 100 violent crimes this year, according to a report released Friday by the Los Angeles Police Department (LAPD)." Detectives have linked the untraceable weapons to 24 killings, eight attempted homicides and dozens of assaults and armed robberies since January, according to the report.

And police expect the problem to get worse, the report said. During the first half of this year, the department confiscated 863 ghost guns, a 400% increase over the 217 it seized during the same period last year, according to the report. That sharp jump suggests the number of ghost guns on the streets and such seizures "will continue to grow exponentially," the authors of the report wrote.

"Ghost guns are an epidemic not only in Los Angeles but nationwide," the department said...

Because they are not made by licensed manufacturers, they lack serial numbers, making them impossible to track. Felons who are banned from possessing firearms because of previous offenses increasingly are turning to ghost guns, LAPD officials have said. The LAPD's analysis was compiled in response to a City Council motion, introduced by Councilmen Paul Koretz and Paul Krekorian, that calls for a new city ordinance banning the possession, sale, purchase, receipt or transportation of such weapons or the "non-serialized, unfinished frames and unfinished receivers" that are used to make them.

The LAPD said it is "strongly in support" of the proposed ordinance. "Ghost guns are real, they work, and they kill," the agency said in the report.

Officials from 32 countries "recognize that ransomware is an escalating global security threat with serious economic and security consequences," according to a statement issued Thursday: From malign operations against local health providers that endanger patient care, to those directed at businesses that limit their ability to provide fuel, groceries, or other goods to the public, ransomware poses a significant risk to critical infrastructure, essential services, public safety, consumer protection and privacy, and economic prosperity.

As with other cyber threats, the threat of ransomware is complex and global in nature and requires a shared response.
But the Wall Street Journal also reports the officials (who met virtually this week) blame another factor in the boom of ransomware: "uneven cryptocurrency standards." The representatives pledged to share information about cyberattacks and investigations, push firms to shore up security, and disrupt the financial infrastructure of a criminal hacking economy that has flourished in recent years. Consistent international scrutiny of cryptocurrencies will be key, the officials said, as ransomware groups that extort victims for digital payments can quickly transfer the funds to countries with lax standards for monitoring illicit transactions.

"We are dedicated to enhancing our efforts to disrupt the ransomware business model and associated money-laundering activities," the representatives said in a joint statement Thursday...

Hacking groups have increasingly targeted U.S. critical infrastructure, disrupting the East Coast's largest gas pipeline in May and a major meat processor in June. Law-enforcement officials are sometimes able to track crypto payments made by such victims, which can reach into the millions, across a public ledger known as a blockchain. The Counter-Ransomware Initiative convened by the White House this week called on countries to use such techniques alongside more aggressive enforcement of anti-money-laundering and know-your-customer rules that prevent cryptocurrency companies from facilitating such transactions...

Cybersecurity experts say international collaboration will be key to slowing criminal groups that often operate across borders and with relative impunity in countries such as Russia.

An anonymous reader quotes a report from Gizmodo: A judge in the U.K. has ruled that a man infringed on his neighbor's privacy by using Amazon's Ring doorbell without prior consent. According to The Guardian, Jon Woodard had installed a Ring doorbell camera on the front of his home and another security camera facing the side yard to help deter burglars after a string of car break-ins. However, Woodard failed to disclose the cameras to his neighbor, Dr. Mary Fairhurst. Fairhurst reported being "alarmed and appalled" when she realized Woodard had recordings featuring her and her voice available on his smartphone. Fairhurst eventually moved out of her home after the two had altercations about the cameras.

Judge Melissa Clarke of Oxford county court ruled that Woodard had violated UK General Data Protection Regulation rules and the Data Protection Act of 2018, which states that "owners and residents of domestic premises must be consulted if domestic premises border the intended area to be viewed." Clarke also ruled that the video and audio captured by the Ring doorbell and cameras were Fairhurst's data and that the security devices contributed to harassment. On his part, Woodard maintained his only intention behind installing the cameras was to ward off would-be burglars. His overall fine could be up to [...] nearly $137,000. "Amazon told the Guardian that it strongly encourages its customers to respect their neighbor's privacy and 'comply with any applicable laws' when using a Ring product," adds Gizmodo. "As a general courtesy, if your cameras are pointed outwards toward someone else's property -- enough that your neighbor's faces and car license plates are occasionally in the frame -- you should let them know."

Mark Forkner, Boeing's 737 Max chief technical pilot during the aircraft's development, has been charged with misleading aviation regulators about safety issues blamed for two fatal crashes of the 737 Max. According to the U.S. Department of Justice, "he faces a maximum penalty of 20 years in prison on each count of wire fraud and 10 years in prison on each count of fraud involving aircraft parts in interstate commerce." Slashdot reader McGruber shares an excerpt from the press release: A federal grand jury in the Northern District of Texas returned an indictment charging Mark A. Forkner, former Chief Technical Pilot for The Boeing Company (Boeing), with deceiving the Federal Aviation Administration's Aircraft Evaluation Group (FAA AEG) in connection with the FAA AEG's evaluation of Boeing's 737 MAX airplane, and scheming to defraud Boeing's U.S.based airline customers to obtain tens of millions of dollars for Boeing.

As alleged in the indictment, Forkner provided the agency with materially false, inaccurate, and incomplete information about a new part of the flight controls for the Boeing 737 MAX called the Maneuvering Characteristics Augmentation System (MCAS). Because of his alleged deception, a key document published by the FAA AEG lacked any reference to MCAS. In turn, airplane manuals and pilot-training materials for U.S.-based airlines lacked any reference to MCAS -- and Boeing's U.S.-based airline customers were deprived of important information when making and finalizing their decisions to pay Boeing tens of millions of dollars for 737 MAX airplanes.

On or about Oct. 29, 2018, after the FAA AEG learned that Lion Air Flight 610 -- a 737 MAX -- had crashed near Jakarta, Indonesia, shortly after takeoff and that MCAS was operating in the moments before the crash, the FAA AEG discovered the information about the important change to MCAS that Forkner had withheld. Having discovered this information, the FAA AEG began reviewing and evaluating MCAS. On or about March 10, 2019, while the FAA AEG was still reviewing MCAS, the FAA AEG learned that Ethiopian Airlines Flight 302 -- a 737 MAX -- had crashed near Ejere, Ethiopia, shortly after takeoff and that MCAS was operating in the moments before the crash. Shortly after that crash, all 737 MAX airplanes were grounded in the United States.

An anonymous reader quotes a report from ZDNet: In Australia, the country's information commissioner has found that 7-Eleven breached customers' privacy by collecting their sensitive biometric information without adequate notice or consent. From June 2020 to August 2021, 7-Eleven conducted surveys that required customers to fill out information on tablets with built-in cameras. These tablets, which were installed in 700 stores, captured customers' facial images at two points during the survey-taking process -- when the individual first engaged with the tablet, and after they completed the survey. After becoming aware of this activity in July last year, the Office of the Australian Information Commissioner (OAIC) commended an investigation into 7-Eleven's survey.

During the investigation [PDF], the OAIC found 7-Eleven stored the facial images on tablets for around 20 seconds before uploading them to a secure server hosted in Australia within the Microsoft Azure infrastructure. The facial images were then retained on the server, as an algorithmic representation, for seven days to allow 7-Eleven to identify and correct any issues, and reprocess survey responses, the convenience store giant claimed. The facial images were uploaded to the server as algorithmic representations, or "faceprints," that were then compared with other faceprints to exclude responses that 7-Eleven believed may not be genuine. 7-Eleven also used the personal information to understand the demographic profile of customers who completed the survey, the OAIC said.

7-Eleven claimed it received consent from customers who participated in the survey as it provided a notice on its website stating that 7-Eleven may collect photographic or biometric information from users. The survey resided on 7-Eleven's website. As at March 2021, approximately 1.6 million survey responses had been completed. In Australia, an organization is prohibited from collecting sensitive information about an individual unless consent is provided. [...] 7-Eleven [has been ordered] to cease collecting facial images and faceprints as part of the customer feedback mechanism. 7-Eleven has also been ordered to destroy all the faceprints it collected.

Moscow's sprawling metro network on Friday launched a fare payment system using facial recognition technology at its more than 240 stations, an initiative the authorities said was the first of its kind in the world. From a report: Moscow, a city of 12.7 million, has one of the world's largest video-surveillance systems. It has used facial recognition technology to enforce COVID-19 quarantines, and protesters attending political rallies have also said police have used it to make preventive arrests and detentions. The authorities are now giving commuters the option to use facial recognition to pay their fare with a system called "Face Pay" at turnstiles equipped with cameras. "Moscow is the first city in the world where this system is operating on such a scale," Maxim Liksutov, head of the Russian capital's transport department, said in a statement.

The Securities and Exchange Commission is poised to allow the first U.S. Bitcoin futures exchange-traded fund to begin trading in a watershed moment for the cryptocurrency industry, according to people familiar with the matter. Bloomberg reports: The regulator isn't likely to block the products from starting to trade next week, said the people, who asked not to be named while discussing the decision. Unlike Bitcoin ETF applications that the regulator has previously rejected, the proposals by ProShares and Invesco Ltd. are based on futures contracts and were filed under mutual fund rules that SEC Chairman Gary Gensler has said provide "significant investor protections." Barring a last-minute reversal, the fund launch will be the culmination of a nearly decade-long campaign by the $6.7 trillion ETF industry. Advocates have sought approval as a confirmation of mainstream acceptance of cryptocurrencies since Cameron and Tyler Winklevoss, the twins best known for their part in the history of Facebook Inc., filed the first application for a Bitcoin ETF in 2013.

Approval has for years been out of the grasp of issuers who, amid myriad false signs of progress and outright rejections, have tried to get a variety of different structures cleared for trading. Over the years, there have been plans for funds that proposed to hold Bitcoin via a digital vault or that could use leverage to juice returns. Others sought to mitigate Bitcoin's famous volatility, a key point of contention for the SEC. [...] Four futures-backed Bitcoin ETFs could begin trading on U.S. exchanges this month, with deadlines for applications from VanEck and Valkyrie also approaching. Meanwhile, dozens of cryptocurrency exchange-traded products have launched in Canada and across Europe.

New submitter apcyberax writes: A judge has ruled that security cameras and a Ring doorbell installed in a house in Oxfordshire "unjustifiably invaded" the privacy of a neighbour, in a case that could have implications for home surveillance devices. Dr Mary Fairhurst claimed that the devices installed on the house of neighbour Jon Woodard broke data laws and contributed to harassment. The judge upheld both these claims. Mr Woodard now faces a substantial fine. He claimed he installed the devices in good faith as a deterrent against burglars.

The origin of the row stems from an invitation from Mr Woodard to his neighbour Dr Fairhurst to have a tour of his home renovations, during which she claimed he showed off his new security system. The judgement reads that Dr Fairhurst was "alarmed and appalled" to notice that he had a camera mounted on his shed and that footage from it was sent to his smartphone. A series of disputes about the cameras followed, which resulted in Dr Fairhurst moving out of her home. In the judgement it was found that the Ring doorbell captured images of the claimant's house and garden, while the shed camera covered almost the whole of her garden and her parking space.

An anonymous reader quotes a report from CNN: The Biden administration is planning to aggressively expand offshore wind energy capacity in the United States, potentially holding as many as seven new offshore lease sales by 2025. The move was announced Wednesday by US Interior Secretary Deb Haaland and first reported by The New York Times. Haaland said the Bureau of Ocean Energy Management is exploring leasing sales along the Atlantic and Pacific coasts, in the Gulf of Maine, New York Bight, central Atlantic and Gulf of Mexico, as well as offshore the Carolinas, California and Oregon. As part of that initiative, which spans multiple government agencies, the Departments of the Interior, Energy and Commerce committed to a shared goal of generating 30 gigawatts of offshore wind in the US by 2030. The Interior Department estimates that reaching that goal would create nearly 80,000 jobs.

An anonymous reader quotes a report from MIT Technology Review: Load up the website This Person Does Not Exist and it'll show you a human face, near-perfect in its realism yet totally fake. Refresh and the neural network behind the site will generate another, and another, and another. The endless sequence of AI-crafted faces is produced by a generative adversarial network (GAN) -- a type of AI that learns to produce realistic but fake examples of the data it is trained on. But such generated faces -- which are starting to be used in CGI movies and ads -- might not be as unique as they seem. In a paper titled This Person (Probably) Exists (PDF), researchers show that many faces produced by GANs bear a striking resemblance to actual people who appear in the training data. The fake faces can effectively unmask the real faces the GAN was trained on, making it possible to expose the identity of those individuals. The work is the latest in a string of studies that call into doubt the popular idea that neural networks are "black boxes" that reveal nothing about what goes on inside.

To expose the hidden training data, Ryan Webster and his colleagues at the University of Caen Normandy in France used a type of attack called a membership attack, which can be used to find out whether certain data was used to train a neural network model. These attacks typically take advantage of subtle differences between the way a model treats data it was trained on -- and has thus seen thousands of times before -- and unseen data. For example, a model might identify a previously unseen image accurately, but with slightly less confidence than one it was trained on. A second, attacking model can learn to spot such tells in the first model's behavior and use them to predict when certain data, such as a photo, is in the training set or not.

Such attacks can lead to serious security leaks. For example, finding out that someone's medical data was used to train a model associated with a disease might reveal that this person has that disease. Webster's team extended this idea so that instead of identifying the exact photos used to train a GAN, they identified photos in the GAN's training set that were not identical but appeared to portray the same individual -- in other words, faces with the same identity. To do this, the researchers first generated faces with the GAN and then used a separate facial-recognition AI to detect whether the identity of these generated faces matched the identity of any of the faces seen in the training data. The results are striking. In many cases, the team found multiple photos of real people in the training data that appeared to match the fake faces generated by the GAN, revealing the identity of individuals the AI had been trained on.

Epic Games keeps piling up lawsuits with app store owners. This time, Google is countersuing Epic for breach of contract. From a report: Epic signed contracts with both Google and Apple, pledging to use the default payment systems for in-app purchases. As part of its push for more open payment systems, though (and to dodge each platform's 30 percent fee), Epic boldly pushed out updates to the Android and iOS apps that switched the payment processing from the platforms' in-app purchases to Epic's in-house system. Google and Apple both allege this action was a breach of their app store contracts with Epic.

Apple sued and got its ruling last month. Epic was ordered to pay $3.65 million in damages, covering Apple's lost revenue from Epic's three months of self-powered payments. Following that ruling, Google wants its missing money, too, and now it's countersuing Epic, hoping for a similar ruling. Google's suit reads, "Epic willfully breached the DDA [Developer Distribution Agreement] by submitting a version of Fortnite for publication on Google Play with a payment method other than Google Play Billing for purchases of in-app content. By doing this, Epic denied Google its service fee under the DDA for any purchases made through the app outside of Google Play Billing." Google continues: "The users that downloaded the non-compliant version of Fortnite before its removal from Google Play are still able to use Epic's hotfixed external payment mechanism to make in-app purchases -- allowing Epic to evade its contractually agreed service fee to Google for those purchases." Google argues that "Epic has alternatively been unjustly enriched at Google's expense" and is seeking restitution of its missing earnings and damages.

A new study (PDF) by a team of university researchers in the UK has unveiled a host of privacy issues that arise from using Android smartphones. BleepingComputer reports: The researchers have focused on Samsung, Xiaomi, Realme, and Huawei Android devices, and LineageOS and /e/OS, two forks of Android that aim to offer long-term support and a de-Googled experience. The conclusion of the study is worrying for the vast majority of Android users: "With the notable exception of /e/OS, even when minimally configured and the handset is idle these vendor-customized Android variants transmit substantial amounts of information to the OS developer and also to third parties (Google, Microsoft, LinkedIn, Facebook, etc.) that have pre-installed system apps." As the summary table indicates, sensitive user data like persistent identifiers, app usage details, and telemetry information are not only shared with the device vendors, but also go to various third parties, such as Microsoft, LinkedIn, and Facebook. And to make matters worse, Google appears at the receiving end of all collected data almost across the entire table.

It is important to note that this concerns the collection of data for which there's no option to opt-out, so Android users are powerless against this type of telemetry. This is particularly concerning when smartphone vendors include third-party apps that are silently collecting data even if they're not used by the device owner, and which cannot be uninstalled. For some of the built-in system apps like miui.analytics (Xiaomi), Heytap (Realme), and Hicloud (Huawei), the researchers found that the encrypted data can sometimes be decoded, putting the data at risk to man-in-the-middle (MitM) attacks. As the study points out, even if the user resets the advertising identifiers for their Google Account on Android, the data-collection system can trivially re-link the new ID back to the same device and append it to the original tracking history. The deanonymization of users takes place using various methods, such as looking at the SIM, IMEI, location data history, IP address, network SSID, or a combination of these. In response to the report, a Google spokesperson said: "While we appreciate the work of the researchers, we disagree that this behavior is unexpected -- this is how modern smartphones work. As explained in our Google Play Services Help Center article, this data is essential for core device services such as push notifications and software updates across a diverse ecosystem of devices and software builds. For example, Google Play services uses data on certified Android devices to support core device features. Collection of limited basic information, such as a device's IMEI, is necessary to deliver critical updates reliably across Android devices and apps."

An anonymous reader quotes a report from TorrentFreak: In January 2021, development and support for Adobe Flash was discontinued. That marked the end of an era but in reality, Flash wasn't quite dead. Flash Player is still available in China, something that was exploited by the Clean Flash project to continue making the software more widely and safely available. The Chinese version of Flash receives one security update per month and can be freely downloaded from Flash.cn but also has significant strings attached. It comes preinstalled with an adware program called Flash Helper which, according to security sources, exhibits malicious behavior. Developed by 'darktohka' and previously located on Github, Clean Flash Installer solves these problems and more. "Clean Flash Installer installs this up-to-date freely available version of Flash, but it comes WITHOUT the adware program," darktohka informs TorrentFreak. "As such Clean Flash Installer can be used by anyone to use a relatively secure version of Flash Player after the support for Flash ended."

The developer says that he was inspired to create his tool to keep Flash content alive, something which he says was a huge part of his childhood. Adobe appears to be less enthusiastic about his work and following a DMCA notice filed with Github, the developer platform has nuked the project. In a DMCA complaint filed with Github on October 4, 2021, a legal representative acting for Adobe explains that the Clean Flash Installer project breaches copyright law. "Adobe Inc. is the copyright owner and I am authorized to act on its behalf. Our Adobe Flash Player software has been infringed. The files in question contain our proprietary Adobe Inc. owned copyrighted materials (software code)," it reads, adding that the project must be removed. "As this is my passion project, I am deeply disappointed with Adobe's action. The repository in question only hosts the installer code for the project, which was written by myself and does not contain any infringing code," explains darktohka. "Adobe Flash was a huge part of our childhood, and it's gut-wrecking that Adobe would rather have everyone use super out-of-date versions of the software when versions with security updates are freely available. It makes no sense for them to DMCA an installer that was written independently and makes use of the freely available and downloadable version of the project."

The Pentagon wants defense contractors to cut the ultimate cost of hypersonic weapons, the head of research and development said on Tuesday, as the next generation of super-fast missiles being developed currently cost tens of millions per unit. From a report: "We need to figure out how to drive towards more affordable hypersonics," Under Secretary of Defense for Research and Engineering Heidi Shyu told reporters at the Association of United States Army conference in Washington. She said cost was something she "would like to help industry focus on." Currently, the U.S. uses cruise missiles which are mature technologies costing less than $5 million per unit to strike deep into enemy territory. But cruise missiles are inferior to hypersonic weapons because they have a shorter range, are far slower and more vulnerable to being detected and shot down. Both Lockheed Martin and Raytheon Technologies are working on hypersonic weapons for the Pentagon. The Pentagon's budget request in the 2022 fiscal year for hypersonic research was $3.8 billion which was up from $3.2 billion they year before.

"A group of ten EU countries, led by France, have asked the European Commission to recognize nuclear power as a low-carbon energy source that should be part of the bloc's decades-long transition towards climate neutrality," reports EuroNews. While greenhouse gas emissions from nuclear plants are "comparable" to those released by hydropower and wind, critics argue that the resulting radioactive waste is harmful to human health and the environment. "Despite the urgency to combat climate change, member states are still unable to reach a consensus on whether nuclear constitutes a green or dirty energy source," adds EuroNews. From the report: Tapping into Europe's ongoing energy crunch, the countries make the case for nuclear energy as a "key affordable, stable and independent energy source" that could protect EU consumers from being "exposed to the volatility of prices." The letter, which was initiated by France, has been sent to the Commission with the signature of nine other EU countries, most of which already count nuclear as part of their national energy mix: Bulgaria, Croatia, Czech Republic, Finland, Hungary, Poland, Slovakia, Slovenia and Romania. Nuclear plants generate over 26% of the electricity produced in the European Union.
[...]
Despite the urgency to combat climate change, member states are still unable to reach a consensus on whether nuclear constitutes a green or dirty energy source. The Commission has postponed the crucial decision to let countries conclude the debate. On the one side, Germany, which plans to shut down all its reactors by 2022, is leading the anti-nuclear cause, together with Austria, Denmark, Luxembourg and Spain. "We are concerned that including nuclear power in the taxonomy would permanently damage its integrity, credibility and therefore its usefulness," they wrote in July.

On the other side, France, which obtains over 70% of its electricity from nuclear stations, is fighting to label nuclear as sustainable under the taxonomy. As shown by the new letter, Paris has the backing of several Eastern states, which have already earmarked millions for nuclear projects. "While renewable energy sources play a key role for our energy transition, they cannot produce enough low-carbon electricity to meet our needs, at a sufficient and a constant level," the letter says, describing nuclear power as a "safe and innovative" sector with the potential of sustaining one million high-qualified jobs "in the near future".

A report (PDF) from the Commission's research unit released earlier this year indicates Brussels could eventually side with the pro-nuclear team. The paper says greenhouse gas emissions from nuclear plants are "comparable" to those released by hydropower and wind, an assessment shared by the International Energy Agency (IEA) and the United States Department of Energy. Critics, however, argue the resulting radioactive waste is harmful to human health and the environment. "Nuclear power is incredibly expensive, hazardous and slow to build," says Greenpeace. Detractors are concerned about potentially disastrous nuclear accidents, similar to those of Chernobyl in 1986 or Fukushima in 2011, which are still deeply rooted in the collective imagination.

The Wikimedia Foundation wins Florida defamation case; intermediary protections effectively protect Wikipedia article. From a story: On September 15th, in a victory for the Wikimedia movement and for all user-driven projects online, a Florida judge dismissed claims of defamation, invasion of privacy, and infliction of emotional distress against the Wikimedia Foundation. The judge found that Section 230 of the Communications Decency Act immunizes the Wikimedia Foundation from liability for third-party content republished on Wikipedia. In other words, Section 230 helps Wikimedia safely host the work of Wikipedia's contributors and enables the effective volunteer-led moderation of content on the projects.

The case began when plaintiff Nathaniel White sued [PDF] the Wikimedia Foundation in January 2021, claiming that the Foundation was liable for the publication of photos that incorrectly identified him as a New York serial killer of the same name. Because of its open nature, sometimes inaccurate information is uploaded to Wikipedia and its companion projects, but the many members of our volunteer community are very effective at identifying and removing these inaccuracies when they do occur. Notably, this lawsuit was filed months after Wikipedia editors proactively corrected the error at issue in September 2020. Wikimedia moved to dismiss the amended complaint in June, arguing that plaintiff's claims were barred by Section 230.

In its order [PDF] granting the Wikimedia Foundation's motion to dismiss, the court affirmed that "interactive computer service providers" such as the Foundation generally cannot be held liable for third-party content like Wikipedia articles and photographs. The ruling also pointed out that the plaintiff's amended complaint attempted to "hold Wikimedia liable for its exercise of a publisher's traditional function." In other words, the plaintiff argued that the Foundation should be treated like a traditional offline publisher and held responsible as though it were vetting all posts made to the sites it hosts, despite the fact that it does not write or curate any of the content found on the projects. The court rejected this argument because it directly conflicts with Section 230, which clearly states that when third-party content is involved (as was the case here), the online host is not liable for it.

Google has pulled several "stalkerware" ads that violated its policies by promoting apps that encouraged prospective users to spy on their spouses' phone. From a report: These consumer-grade spyware apps are often marketed to parents wishing to monitor their child's calls, messages, apps, photos and location, often under the guise of protecting against predators. But these apps, which are often designed to be installed surreptitiously and without the device owner's consent, have been repurposed by abusers to spy on the phones of their spouses.

[...] Last August, Google banned ads in users' search results that promoted apps that are designed "with the express purpose of tracking or monitoring another person or their activities without their authorization." But TechCrunch found five app makers were still advertising their stalkerware apps as recently as last week. "We do not allow ads promoting spyware for partner surveillance. We immediately removed the ads that violated this policy and will continue to track emerging behaviors to prevent bad actors from trying to evade our detection systems," a Google spokesperson told TechCrunch.

Apple wants another go in its legal battle against Epic Games. From a report: On Friday night, Apple announced it would ask for a stay on a judge's September order saying Apple would have to allow apps to direct customers to external websites. That ruling would let app businesses circumvent Apple's requirement to facilitate payments only inside of apps, where Apple takes up to a 30% cut. Apple is also appealing the ruling. Because Epic Games is also appealing the nine counts it lost, it could take years before the case is resolved and Apple is forced to make any changes to iOS, the operating system for iPhones, as the two companies wrangle through the appeals process in court. The judge is expected to rule on Apple's request for a stay next month.

Apple's move is a surprising turnaround from its tone following the decision in September. While the company always left open the possibility of an appeal, it portrayed the judge's ruling as a resounding legal win for its App Store business model, which has come under fire from technology rivals, international regulators and members of the U.S. Congress. "We are very pleased with the Court's ruling and we consider this a huge win for Apple," Kate Adams, Apple's lawyer, said in September following the ruling. The Friday night announcement inspired a torrent of commentary from Apple critics. They pointed out the move would preserve Apple's App Store profits by preventing apps from using alternative payment systems. One company announced last week that it was already working on a cheaper, web-based alternative to Apple's app payments -- a move made possible only by the ruling that Apple is now appealing.

Facebook says it will begin clamping down on the illegal sale of protected areas of the Amazon rainforest on its site. From a report: The social media giant changed its policy following a BBC investigation into the practice. The new measures will apply only to conservation areas and not to publicly owned forest. And the move will be limited to the Amazon, not other rainforests and wildlife habitats across the world. According to a recent study from the think tank Ipam (Instituto de Pesquisa Ambental da Amazonia), a third of all deforestation happens in publicly-owned forests in the Amazon. Facebook said it would not reveal how it planned to find the illegal ads but said it would "seek to identify and block new listings" in protected areas of the Amazon rainforest. In February, the BBC Our World documentary Selling the Amazon revealed that plots of rainforest as large as 1,000 football pitches were being listed on Facebook's classified ads service.

RestOfWorld.org tells the story of a libertarian 'startup city' in Honduras that was "supposed to be a privatized, Silicon Valley-funded paradise."

Co-founded by 37-year-old Venezuelan Erick Brimen, "Próspera's founders promised to enrich the local community, even supplying water to a nearby village. But relations with neighboring communities deteriorated. Then, Próspera turned off the taps..."

Próspera's founders believe the future of government lies with privatized startup cities. They belong to a movement with deep roots in U.S. libertarian circles: one that wants to redefine citizenship and governance in tech-consumerist terms. It has gained momentum in recent years, as high-profile Silicon Valley figures, like PayPal co-founder Peter Thiel and venture capitalist Marc Andreessen, put their money behind startup city initiatives.

Some governments have been drawn to the idea, too, hoping it will attract foreign investment and spur economic growth. In 2013, Honduras passed a law allowing people like Brimen to set up semi-autonomous, privately run cities, "zonas de empleo y desarrollo económico" (zones for employment and economic development), or "ZEDEs" — pronounced "zeh-dehs." These cities are to be governed by private investors, who can write their own laws and regulations, design their own court systems, and operate their own police forces. The Honduran government granted Próspera ZEDE status in late 2017. Subject to limited government oversight and few legal restrictions, a set of for-profit firms incorporated abroad by Brimen and his business partners will govern the city — with ambitions to expand across [its Honduran island] Roatán and onto the Honduran mainland.... This year, skeptical Hondurans organized weeks of anti-ZEDE protests across the country. They fear cities like Próspera will leave ordinary people no better off than they were before, while ceding to profit-driven investors the power to decide what's in the public interest...

Applications for [Próspera] residency require a background check, a Honduran residency permit, and an annual fee — $260 per year for Hondurans and $1,300 for foreigners. Prospective residents will also have to sign something called an "agreement of coexistence," which lays out all the rights and responsibilities of Próspera residents and Próspera's obligations to them. Brimen characterized it as, "if you could make the social contract a real contract." The agreement incorporates Próspera's resident bill of rights, which is modeled on the U.S. Bill of Rights but with some decidedly libertarian twists. Government services will be centralized and automated through ePróspera, an online portal modeled on the much-praised e-Estonia system developed by the Baltic nation. From the comfort of their homes, Prósperans will be able to pay taxes, incorporate a company, transact business, and even buy real estate. They'll be able to vote, too, but their franchise is limited. Residents elect only five of the council's nine members. Landowners vote for two of the five, with voting power pegged to acreage. Buy more land, buy more votes. Próspera's founders choose the four remaining council members, and a six-member supermajority is needed to alter policy.... Government services will be provided entirely by a contractor...

Effective tax rates will sit in the low single digits, and, in place of Honduran courts, there's a private arbitration center. But where the business inducements enter unprecedented terrain is health and safety regulation. Próspera won't impose rules so much as curate prix fixe and à la carte menus of rules. Companies will be able to opt into an existing regulatory regime — choosing from dozens of countries and U.S. states — or they can Frankenstein together an entirely novel code, mixing and matching rules from different jurisdictions and even inventing new ones. [The building code for one new construction site is a pastiche of Honduran and U.S. law.] The lone requirements: sign-off by Próspera's governing council and a liability insurance policy, most likely underwritten, [Próspera co-founder] Delgado says, by offshore insurers.
RestOfWorld carefully chronicles how Próspera became unpopular with locals. In the summer of 2019, Próspera connected a nearby village to its own water supply. Then started billing them. (Though the water bills eventually stopped.) After protests over the fact that few construction jobs went to villagers — and how Próspera's armed security guards began asking pedestrians for identification — several local groups issued a critical statement while villagers elected a new council empowered to speak for them.

It all came to a head when the council asked Brimen to cancel a public meeting (due to surging Covid cases), which Brimen insisted was a violation of his free speech. He held the meeting anyways, local police were sent to break it up, and one of Brimen's bodyguards "scuffled" with one of the officers as his other bodyguards whisked him to safety. The incident made the local news and social media. Then the next month "Próspera Foundation" threatened to cut off the village's water within 30 days if they didn't formally request the foundation's intervention in writing.

The village instead appealed to a local congressman/mayoral candidate, who by mid-January had fully restored the village's water supply.