Slashdot reader Bruce66423 shares a report from the Guardian: The UK's competition watchdog has imposed fines of more than £100m on the pharmaceutical company Advanz and its former private equity owners after it was found to have inflated the price of its thyroid tablets by up to 6,000%. An investigation by the Competition and Markets Authority (CMA) found that the private-equity backed pharmaceutical company charged "excessive and unfair prices" for liothyronine tablets, which are used to treat thyroid hormone deficiency.

Advanz took advantage of limited competition in the market from 2007 to bring in sustained price hikes for the drug, often used by patients with depression and fatigue, of more than 6,000% in the space of 10 years, according to the investigation. The CMA said that between 2007 and 2017, the price paid by the National Health Service for liothyronine tablets rose from £4.46 to £258.19, a rise of almost 6,000%, while production costs remained broadly stable... Dr Andrea Coscelli, the CMA's chief executive, said: "Advanz's decision to ratchet up the price of liothyronine tablets and impose excessive and unfair prices for over eight years came at a huge cost to the NHS, and ultimately to UK taxpayers.

"But that wasn't all. It also meant that people dealing with depression and extreme fatigue, as a result of their thyroid conditions, were told they could not continue to receive the most effective treatment for them due its increased price."

In January America's federal Justice Department said there was no evidence that Russian hackers behind the massive SolarWinds breach had accessed classified systems, remembers the Associated Press. But today? The department said 80% of Microsoft email accounts used by employees in the four U.S. attorney offices in New York were breached. All told, the Justice Department said 27 U.S. Attorney offices had at least one employee's email account compromised during the hacking campaign.

The Justice Department said in a statement that it believes the accounts were compromised from May 7 to Dec. 27, 2020. Such a timeframe is notable because the SolarWinds campaign, which infiltrated dozens of private-sector companies and think tanks as well as at least nine U.S. government agencies, was first discovered and publicized in mid-December... Jennifer Rodgers, a lecturer at Columbia Law School, said office emails frequently contained all sorts of sensitive information, including case strategy discussions and names of confidential informants, when she was a federal prosecutor in New York. "I don't remember ever having someone bring me a document instead of emailing it to me because of security concerns," she said, noting exceptions for classified materials...

The Associated Press previously reported that SolarWinds hackers had gained access to email accounts belonging to the then-acting Homeland Security Secretary Chad Wolf and members of the department's cybersecurity staff...

"GitHub has announced a partnership with the Stanford Law School to support developers facing takedown requests related to the Digital Millennium Copyright Act (DMCA)," reports VentureBeat: While the DMCA may be better known as a law for protecting copyrighted works such as movies and music, it also has provisions (17 U.S.C. 1201) that criminalize attempts to circumvent copyright-protection controls — this includes any software that might help anyone infringe DMCA regulations. However, as with the countless spurious takedown notices delivered to online content creators, open source coders too have often found themselves in the DMCA firing line with little option but to comply with the request even if they have done nothing wrong. The problem, ultimately, is that freelance coders or small developer teams often don't have the resources to fight DMCA requests, which puts the balance of power in the hands of deep-pocketed corporations that may wish to use DMCA to stifle innovation or competition. Thus, GitHub's new Developer Rights Fellowship — in conjunction with Stanford Law School's Juelsgaard Intellectual Property and Innovation Clinic — seeks to help developers put in such a position by offering them free legal support.

The initiative follows some eight months after GitHub announced it was overhauling its Section 1201 claim review process in the wake of a takedown request made by the Recording Industry Association of America (RIAA), which had been widely criticized as an abuse of DMCA... [M]oving forward, whenever GitHub notifies a developer of a "valid takedown claim," it will present them with an option to request free independent legal counsel.

The fellowship will also be charged with "researching, educating, and advocating on DMCA and other legal issues important for software innovation," GitHub's head of developer policy Mike Linksvayer said in a blog post, along with other related programs.
Explaining their rationale, GitHub's blog post argues that currently "When developers looking to learn, tinker, or make beneficial tools face a takedown claim under Section 1201, it is often simpler and safer to just fold, removing code from public view and out of the common good.

"At GitHub, we want to fix this."

An anonymous reader quotes a report from Ars Technica: In iOS 14, Apple added a "privacy" section to the app store, requiring app developers to list the data they collect and how they use it. Google -- which was one of the biggest targets of Apple's privacy nutrition labels and delayed app updates for months to avoid complying with the policy -- is now aping the feature for Google Play. Google posted a demo of what the Google Play "Data privacy & security" section will look like, and it contains everything you'd expect if you've looked at the App Store lately. There's information on what data apps collect, whether or not the apps share the data with third parties, and how the data is stored. Developers can also explain what the data is used for and if data collection is required to use the app. The section also lists whether or not the collected data is encrypted, if the user can delete the data, and if the app follows Google's "Families" policy (meaning all the usual COPPA stuff).

Google Play's privacy section will be mandatory for all developers in April 2022, and starting in October, Google says developers can start populating information in the Google Play Console "for review." Google also says that in April, all apps will need to supply a privacy policy, even if they don't collect any data. Apps that don't have an "approved" privacy section by April may have their app updates rejected or their app removed. Google says, "Developers are responsible for providing accurate and complete information in their safety section." All of this information is basically just running on the honor system, and on iOS, developers have already been caught faking their privacy labels.

The U.S. Government Accountability Office on Friday denied protests from companies affiliated with Jeff Bezos that NASA wrongly awarded a lucrative astronaut lunar lander contract solely to Elon Musk's SpaceX. CNBC reports: "NASA did not violate procurement law or regulation when it decided to make only one award ... the evaluation of all three proposals was reasonable, and consistent with applicable procurement law, regulation, and the announcement's terms," GAO managing associate general counsel Kenneth Patton wrote in a statement. The GAO ruling backs the space agency's surprise announcement in April that NASA awarded SpaceX with a contract worth about $2.9 billion. SpaceX was competing with Blue Origin and Dynetics for what was expected to be two contracts, before NASA only awarded a single contract due to a lower-than-expected allocation for the program from Congress.

NASA, in a statement, said that the GAO decision will allow the agency "to establish a timeline for the first crewed landing on the Moon in more than 50 years." "As soon as possible, NASA will provide an update on the way ahead for Artemis, the human landing system, and humanity's return to the Moon. We will continue to work with the Biden Administration and Congress to ensure funding for a robust and sustainable approach for the nation's return to the Moon in a collaborative effort with U.S. commercial partners," the U.S. space agency said. A Blue Origin spokesperson told CNBC that the company still believes "there were fundamental issues with NASA's decision, but the GAO wasn't able to address them due to their limited jurisdiction."

"We'll continue to advocate for two immediate providers as we believe it is the right solution," Blue Origin said. "The Human Landing System program needs to have competition now instead of later -- that's the best solution for NASA and the best solution for our country."

A previously undocumented Android-based remote access trojan (RAT) has been found to use screen recording features to steal sensitive information on the device, including banking credentials, and open the door for on-device fraud. The Hacker News reports: Dubbed "Vultur" due to its use of Virtual Network Computing (VNC)'s remote screen-sharing technology to gain full visibility on targeted users, the mobile malware was distributed via the official Google Play Store and masqueraded as an app named "Protection Guard," attracting over 5,000 installations. Banking and crypto-wallet apps from entities located in Italy, Australia, and Spain were the primary targets. "For the first time we are seeing an Android banking trojan that has screen recording and keylogging as the main strategy to harvest login credentials in an automated and scalable way," researchers from ThreatFabric said in a write-up shared with The Hacker News. "The actors chose to steer away from the common HTML overlay development we usually see in other Android banking Trojans: this approach usually requires a larger time and effort investment from the actors to create multiple overlays capable of tricking the user. Instead, they chose to simply record what is shown on the screen, effectively obtaining the same end result."

Vultur [...] takes advantage of accessibility permissions to capture keystrokes and leverages VNC's screen recording feature to stealthily log all activities on the phone, thus obviating the need to register a new device and making it difficult for banks to detect fraud. What's more, the malware employs ngrok, a cross-platform utility used to expose local servers behind NATs and firewalls to the public internet over secure tunnels, to provide remote access to the VNC server running locally on the phone. Additionally, it also establishes connections with a command-and-control (C2) server to receive commands over Firebase Cloud Messaging (FCM), the results of which, including extracted data and screen captures, are then transmitted back to the server.

ThreatFabric's investigation also connected Vultur with another well-known piece of malicious software named Brunhilda, a dropper that utilizes the Play Store to distribute different kinds of malware in what's called a "dropper-as-a-service" (DaaS) operation, citing overlaps in the source code and C2 infrastructure used to facilitate attacks. These ties, the Amsterdam-based cybersecurity services company said, indicate Brunhilda to be a privately operating threat actor that has its own dropper and proprietary RAT Vultur.

Estonian officials said they arrested last week a local suspect who used a vulnerability to gain access to a government database and downloaded government ID photos for 286,438 Estonians. From a report: The attack took place earlier this month, and the suspect was arrested last week on July 23, Estonian police said in a press conference yesterday, July 28. The identity of the attacker was not disclosed, and he was only identified as a Tallinn-based male. Officials said the suspect discovered a vulnerability in a database managed by the Information System Authority (RIA), the Estonian government agency which manages the country's IT systems.

Mexico's top security official said Wednesday that two previous administrations spent $61 million to buy Pegasus spyware that has been implicated in government surveillance of opponents and journalists around the world. PBS reports: Public Safety Secretary Rosa Icela Rodriguez said records had been found of 31 contracts signed during the administrations of President Felipe Calderon in 2006-2012 and President Enrique Pena Nieto in 2012-18. Some contracts may have been disguised as purchases of other equipment. The government said many of the contracts with the Israeli spyware firm NSO Group were signed with front companies, which are often used in Mexico to facilitate kickbacks or avoid taxes.

Last week, the government's top anti-money laundering investigator said officials from the two previous administrations had spent about $300 million in government money to purchase spyware. But that figure may reflect all spyware and surveillance purchases, or may include yet-unidentified contracts. Santiago Nieto, the head of Mexico's Financial Intelligence Unit, said the bills for programs like the Pegasus spyware appear to have included excess payments that may have been channeled back to government officials as kickbacks. Nieto said the amounts paid, and the way they were paid, suggested government corruption in an already questionable telephone tapping program that targeted journalists, activists and opposition figures, who at the time included now President Andres Manuel Lopez Obrador and his inner circle. The report notes that Mexico "had the largest list -- about 700 phone numbers -- among the thousands reportedly selected by NSO clients for potential surveillance."

An anonymous reader quotes a report from Motherboard: On Thursday, a coalition of 48 civil rights and advocacy groups organized by Athena asked the Federal Trade Commission to exercise its rulemaking authority by banning corporate facial surveillance technology, banning continuous corporate surveillance of public spaces, and protecting the public from data abuse. "The harms caused by this widespread, unregulated corporate surveillance pose a direct threat to the public at large, especially for Black and brown people most often criminalized using surveillance," the coalition wrote in an open letter. "Given these dangers, we're calling on the Federal Trade Commission (FTC) to use its rulemaking authority to ban corporate use of facial surveillance technology, ban continuous surveillance in places of public accommodation, and stop industry-wide data abuse."

While a number of firms offer networked surveillance devices to try and make homes "smart," the coalition uses Amazon as a case study into how dangerous corporate surveillance can become (and the sorts of abuses that can emerge) when in the hands of a dominant and anti-competitive firm. From Amazon's Ring -- which has rolled out networked surveillance doorbells and car cameras that continuously surveil public and private spaces -- to Alexa, Echo, or Sidewalk, the company has launched numerous products and services to try and convince consumers to generate as much data as possible for the company to eventually capitalize on. "Pervasive surveillance entrenches Amazon's monopoly. The corporation's unprecedented data collection feeds development of new and existing artificial intelligence products, further entrenching and enhancing its monopoly power," the coalition letter argues.

From this nexus of monopolistic power and unchallenged power, the coalition draws a long list of abuses committed by Amazon that have harmed consumers, communities, and total bystanders. Ring's surveillance devices have been hacked multiple times, have leaked owners' Wi-Fi passwords, and shared locations over the Neighbors App. Vulnerabilities in Alexa risked revealing personally identifiable information, and all this takes place within the context of a lack of transparency around security protocols that force consumers to opt out of surveillance conducted without their consent. On Ring's Neighbors App, racial profiling has been gamified to encourage and escalate surveillance of "suspicious" people. The company collects personal information on children -- a potential violation of the Children's Online Privacy Protection Act -- but has also seen the adoption of its various surveillance devices increase in schools, libraries, and communities across the country. Paired with Amazon's development of deeply biased facial surveillance technology and its partnerships with the police and fire departments of over 2,000 cities, the group argues the potential for abuse outstrips a threshold anyone should be comfortable with. "This type of surveillance is illegal under the FTC Act in Section 5 and in particular the section that talks about unfair and deceptive practices," said Jane Chung, the Big Tech Accountability Advocate at Public CItizen, in an interview. "There's a list of three things that have to be true in order for a practice to be unfair and deceptive according to the FTC. Number 1: it has to cause substantial injury. Number 2: the injury can't be avoidable. And number 3: the injury isn't outweighed by benefits."

"Rulemaking is needed to stop widespread systematic surveillance, discrimination, lax security, tracking of individuals, and the sharing of data. While Amazon's smart home ecosystem, facial surveillance technology, and e-learning devices provide a good case study, these rules must extend beyond this one technology corporation to include any entity collecting, using, selling, and/or sharing personal data."

Black Widow has a new enemy: the Walt Disney. From a report: Scarlett Johansson, star of the latest Marvel movie "Black Widow," filed a lawsuit Thursday in Los Angeles Superior Court against Disney, alleging her contract was breached when the media giant released the film on its Disney+ streaming service at the same time as its theatrical debut. Ms. Johansson said in the suit that her agreement with Disney's Marvel Entertainment guaranteed an exclusive theatrical release, and her salary was based in large part on the box-office performance of the film.

"Disney intentionally induced Marvel's breach of the agreement, without justification, in order to prevent Ms. Johansson from realizing the full benefit of her bargain with Marvel," the suit said. The suit could be a bellwether for the entertainment industry. Major media companies are prioritizing their streaming services in pursuit of growth, and are increasingly putting their high-value content on those platforms. Those changes have significant financial implications for actors and producers, who want to ensure that growth in streaming doesn't come at their expense.

A federal grand jury on Thursday indicted Nikola's founder and former executive chairman, Trevor Milton, and charged the former executive three counts of fraud, the company confirmed. The grand jury charged Milton with two counts of securities fraud and wire fraud while allegedly lying about "nearly all aspects of the business." From a report: "Today's government actions are against Mr. Milton individually, and not against the company," a Nikola spokesperson said in a statement. "Nikola has cooperated with the government throughout the course of its inquiry. We remain committed to our previously announced milestones and timelines and are focused on delivering Nikola Tre battery-electric trucks later this year from the company's manufacturing facilities." The US Attorney's Office in Manhattan did not immediately return Roadshow's request for comment, but CNBC reports that Milton surrendered to authorities and will appear in court later today. Milton resigned as executive chairman of Nikola last September following an in-depth financial investigation report from Hindenburg Research. Hindenberg confirmed it took a short position on the company's stock when revealing numerous allegations against the company, including a number of falsehoods Milton presented.

An anonymous reader quotes a report from The Guardian: The government will fund the design of a scheme to install overhead electric cables to power electric lorries on a motorway near Scunthorpe, as part of a series of studies on how to decarbonize road freight. The electric road system -- or e-highway -- study, will draw up plans to install overhead cables on a 20km (12.4 miles) stretch of the M180 near Scunthorpe, in Lincolnshire. If the designs are accepted and building work is funded the trucks could be on the road by 2024.

The e-highway study is one of several options that will be funded, along with a study of hydrogen fuel cell trucks and battery electric lorries, the Department for Transport said on Tuesday. On the e-highway, lorries fitted with rigs called pantographs -- similar to those used by trains and trams -- would be able to tap into the electricity supply to power electric motors. Lorries would also have a smaller battery to power them over the first and last legs of the journey off the motorway. The project is led by Costain, an infrastructure construction company that also operates some UK motorways, using trucks built by Sweden's Scania and electric technology from Germany's Siemens that is already in use in smaller-scale trials there, Sweden and the US.

The Electronic Frontier Foundation (EFF) filed a Freedom of Information Act (FOIA) lawsuit against the U.S. Postal Service and its inspection agency seeking records about a covert program to secretly comb through online posts of social media users before street protests, raising concerns about chilling the privacy and expressive activity of internet users. From the press release: Under an initiative called Internet Covert Operations Program, analysts at the U.S. Postal Inspection Service (USPIS), the Postal Service's law enforcement arm, sorted through massive amounts of data created by social media users to surveil what they were saying and sharing, according to media reports. Internet users' posts on Facebook, Twitter, Parler, and Telegraph were likely swept up in the surveillance program. USPIS has not disclosed details about the program or any records responding to EFF's FOIA request asking for information about the creation and operation of the surveillance initiative. In addition to those records, EFF is also seeking records on the program's policies and analysis of the information collected, and communications with other federal agencies, including the Department of Homeland Security (DHS), about the use of social media content gathered under the program.

Media reports revealed that a government bulletin dated March 16 was distributed across DHS's state-run security threat centers, alerting law enforcement agencies that USPIS analysts monitored "significant activity regarding planned protests occurring internationally and domestically on March 20, 2021." Protests around the country were planned for that day, and locations and times were being shared on Parler, Telegram, Twitter, and Facebook, the bulletin said. "We're filing this FOIA lawsuit to shine a light on why and how the Postal Service is monitoring online speech. This lawsuit aims to protect the right to protest," said Houston Davidson, EFF public interest legal fellow. "The government has never explained the legal justifications for this surveillance. We're asking a court to order the USPIS to disclose details about this speech-monitoring program, which threatens constitutional guarantees of free expression and privacy."

An anonymous reader quotes a report from The Verge: Activison Blizzard employees are staging a walkout on Wednesday, July 28th in response to the company's handling of sexual harassment allegations brought by the state of California. Employees will meet outside Blizzard's main campus in Irvine at 10AM PST. "We believe that our values as employees are not being accurately reflected in the words and actions of our leadership," the organizers said in a statement.

The news comes after California sued the renowned gaming studio and its publisher, saying women were subjected to constant sexual harassment and discrimination at work. One female employee allegedly died by suicide after having nude photos of her passed around the office. Following the suit, numerous employees took to Twitter to detail additional examples of harassment and discrimination. Former Blizzard president Mike Morhaime also issued a statement saying "I am extremely sorry that I failed you." The company denied the allegations, saying the lawsuit was merely "irresponsible behavior from unaccountable State bureaucrats that are driving many of the State's best businesses out of California." Employees are putting forward four demands as part of the walkout: end forced arbitration clauses in all employee contracts; implement new hiring and promotion processes to increase representation across the company; publish salary and promotion data "for all employees of all genders and ethnicities at the company"; and allow a diversity, equity, and inclusion task force to hire a third-party organization to audit the executive staff.

H_Fisher writes: Only one copy exists of the Wu-Tang Clan album Once Upon a Time in Shaolin, and it was owned by "Pharma Bro" Martin Shkreli. Now, NPR reports that this album has been sold by the U.S. government to an unnamed buyer in order to pay Shkreli's civil forfeiture judgment following his conviction for securities fraud. The album, which was originally sold for $2 million, exists only as one physical CD copy. It was seized along with other assets in 2018, and while the sale price and buyer weren't identified, Shkreli's attorney says that his client has now repaid the $7.4 million forfeiture judgement.

A former security supervisor at eBay received an 18-month federal prison sentence Tuesday for his role in a bizarre campaign of cyberstalking aimed at a Natick couple that ran an online newsletter often critical of the e-commerce giant, authorities said. The Boston Globe: The ex-supervisor, Philip Cooke, 56, of San Jose, Cali., had pleaded guilty in US District Court in Boston in October 2020 to conspiracy to commit cyberstalking and conspiracy to tamper with a witness, legal filings show. On Tuesday, prosecutors said, he was sentenced to 18 months in prison, as well as three years of supervised release including a 12-month period of home detention. He was also ordered to pay a $15,000 fine and perform 100 hours of community service, according to the US attorney's office.

Cooke was one of seven former eBay employees charged in connection with the stalking, which authorities said targeted Ina and David Steiner, a Natick couple who recently filed a federal lawsuit against the company and other parties linked to the harrassment. Rosemary Scapicchio, a prominent Boston attorney representing the couple in their civil suit, said via phone after Monday's hearing that her clients "were relieved" that Cooke received time behind bars, calling it "the first step in their pursuit of accountability" for all those involved. "There needs to be corporate accountability" as well, Scapicchio said.

Mark Herring had a fatal heart attack after the police swarmed his house after a fake emergency call. A Tennessee man was sentenced to five years in prison in connection with the episode. From a report: Mark Herring was at home in Bethpage, Tenn., one night in April 2020 when the police swarmed his house. Someone with a British accent had called emergency services in Sumner County and reported having shot a woman in the back of the head at Mr. Herring's address. The caller had threatened to set off pipe bombs at the front and back doors if officers came, according to federal court records. When the police arrived, they drew their guns and told Mr. Herring, a 60-year-old computer programmer and grandfather of six, to come out and keep his hands visible. As he walked out, he lost his balance and fell. He was pronounced dead that same night at a nearby hospital. The cause of death was a heart attack, according to court records.

Mr. Herring had been a victim of "swatting," the act of reporting a fake crime in order to provoke a heavily armed response from the police. The caller was a minor living in the United Kingdom, according to federal prosecutors. But the caller knew Mr. Herring's address because Shane Sonderman, 20, of Lauderdale County, Tenn., had posted the information online, prosecutors said. On Wednesday, Mr. Sonderman was sentenced to five years in prison after he pleaded guilty to one count of conspiracy. "The defendant was part of a chain of events," federal prosecutors said in court documents. The police "arrived prepared to take on a life and death situation," prosecutors said. "Mr. Herring died of a heart attack at gunpoint." Mr. Sonderman's lawyer, Bryan R. Huffman, said he had argued for a lesser sentence but believed five years "was fair in light of Shane's culpability."

"Mr. Sonderman has expressed his remorse on multiple occasions. He has expressed his regret regarding Mr. Herring's death," Mr. Huffman said in an email on Saturday. "Mr. Sonderman's family had also expressed their remorse. There are many families affected by Shane's actions, including his own family." Mr. Herring was targeted because he refused to sell his Twitter handle, @Tennessee, according to his family and prosecutors. Smart, blunt and plain-spoken, Mr. Herring had loved computers since he was a teenager and joined Twitter in March 2007, less than a year after it started, his family said. He knew people wanted his handle, which he chose because of his love for the state, where he had been born and raised, and had rebuffed offers of $3,000 to $4,000 to sell it, his daughter Corinna Fitch, 37, said in an interview.

Fossbytes has an article detailing how you can check to see if your mobile device is infected with the "Pegasus" spyware. What's Pegasus you ask? It's phone-penetrating spy software developed by NSO Group and sold to governments to target journalists and activists around the world. The CEO of NSO Group says law-abiding citizens have "nothing to be afraid of," but that doesn't help us sleep any better. Here's how to check if your device has been compromised (heads up: it's a bit of a technical and lengthy process): First off, you'll need to create an encrypted backup and transfer it to either a Mac or PC. You can also do this on Linux instead, but you'll have to install libimobiledevice beforehand for that. Once the phone backup is transferred, you need to download Python 3.6 (or newer) on your system -- if you don't have it already. Here's how you can install the same for Windows, macOS, and Linux. After that, go through Amnesty's manual to install MVT correctly on your system. Installing MVT will give you new utilities (mvt-ios and mvt-android) that you can use in the Python command line. Now, let's go through the steps for detecting Pegasus on an iPhone backup using MVT.

First of all, you have to decrypt your data backup. To do that, you'll need to enter the following instruction format while replacing the placeholder text (marked with a forward slash) with your custom path: "mvt-ios decrypt-backup -p password -d /decrypted /backup". Note: Replace "/decrypted" with the directory where you want to store the decrypted backup and "/backup" with the directory where your encrypted backup is located.

Now, we will run a scan on the decrypted backup, referencing it with the latest IOCs (possible signs of Pegasus spyware), and store the result in an output folder. To do this, first, download the newest IOCs from here (use the folder with the latest timestamp). Then, enter the instruction format as given below with your custom directory path: "mvt-ios check-backup -o /output -i /pegasus.stix2 /backup". Note: Replace "/output" with the directory where you want to store the scan result, "/backup" with the path where your decrypted backup is stored, and "/pegasus.stix2" with the path where you downloaded the latest IOCs.

After the scan completion, MVT will generate JSON files in the specified output folder. If there is a JSON file with the suffix "_detected," then that means your iPhone data is most likely Pegasus-infected. However, the IOCs are regularly updated by Amnesty's team as they develop a better understanding of how Pegasus operates. So, you might want to keep running scans as the IOCs are updated to make sure there are no false positives.

An anonymous reader quotes a report from Bloomberg: A U.S. probe into Tether is homing in on whether executives behind the digital token committed bank fraud, a potential criminal case that would have broad implications for the cryptocurrency market. Tether's pivotal role in the crypto ecosystem is now well known because the token is widely used to trade Bitcoin. But the Justice Department investigation is focused on conduct that occurred years ago, when Tether was in its more nascent stages. Specifically, federal prosecutors are scrutinizing whether Tether concealed from banks that transactions were linked to crypto [...]. Criminal charges would mark one of the most significant developments in the U.S. government's crackdown on virtual currencies. That's because Tether is by far the most popular stablecoin -- tokens designed to be immune to wild price swings, making them ideal for buying and selling more volatile coins. The token's importance to the market is clear: Tethers in circulation are worth about $62 billion and they underpin more than half of all Bitcoin trades.

Federal prosecutors have been circling Tether since at least 2018. In recent months, they sent letters to individuals alerting them that they're targets of the investigation, one of the people said. The notices signal that a decision on whether to bring a case could be made soon, with senior Justice Department officials ultimately determining whether charges are warranted. A hallmark of Tether is that its creators have said each token is backed by one U.S. dollar, either through actual money or holdings that include commercial paper, corporate bonds and precious metals. That has triggered concerns that if lots of traders sold stable coins all at once, there could be a run on assets backstopping the tokens. Fitch Ratings has warned that such a scenario could destabilize short-term credit markets.

In the course of its years-long investigation, the Justice Department has examined whether traders used Tether tokens to illegally drive up Bitcoin during an epic rally for cryptocurrencies in 2017. While it's unclear whether Tether the company was a target of that earlier review, the current focus on bank fraud suggests prosecutors may have moved on from pursuing a case tied to market manipulation. [...] Tether has already drawn the ire of regulators. In February, Bitfinex and several Tether affiliates agreed to pay $18.5 million to settle claims from New York Attorney General Letitia James that the firms hid losses and lied that each token was supported by one U.S. dollar. The companies had no access to banking in 2017, making it impossible that they had reserves backing the tokens, James said. The firms settled without admitting or denying the allegations.

Google has updated the schedule for its introduction of "Privacy Sandbox" browser technology and the phasing out of third-party cookies. The Register reports: The new timeline has split the bundle of technologies in the Privacy Sandbox into five phases: discussion, testing, implementation in Chrome (called "Ready for adoption"), Transition State 1 during which Chrome will "monitor adoption and feedback" and then the next stage that involves winding down support for third-party cookies over a three-month period finishing "late 2023." Although "late 2023" might sound a long way off, the timeline has revealed that "discussion" of the contentious FLoC (Federated Learning of Cohorts) is planned to end in Q3 2021 -- just a couple of months away -- and that discussion for First Party Sets, rejected by the W3C Technical Architecture Group as "harmful to the web in its current form," is scheduled to end around mid-November.

Google said that "extended discussions and testing stages often produce better, more complete solutions, and the timeline for testing and ready for adoption of use cases might change accordingly," so the dates are not set in stone. There is no suggestion that any of the proposals will be withdrawn; the company appears to believe it can alleviate concerns by tweaking rather than abandoning its proposals. Discussion of the various pieces is set to take place in the W3C Web Incubator Community Group (WICG), though at a FLEDGE WICG Call last week, Google's Michael Kleber, tech lead for Privacy Sandbox, suggested that the W3C would not be deciding which technologies are implemented, at least in the context of FLEDGE (formerly TURTLEDOVE), which enables auctions for personalized ads in a more private manner than today.

FLEDGE is competing for attention with the Microsoft-devised PARAKEET and MaCAW. Asked by Julien Delhommeau, staff system architect at adtech company Xandr, if the WICG would get a say in whether FLEDGE or PARAKEET/MaCAW would be adopted, Kleber said: "The W3C doesn't get to be the boss of anyone, the decisions are going to be made at each of the browsers. The goal isn't to have one winner and everyone else losing -- the goal of W3C is to put out a bunch of ideas, understand the positives of each, and come to a chimera that has the most necessary features. Every browser seems to want convergence, long term, so figuring out how to make convergence happen is important." [...] According to Kleber, when asked if personalized advertising could be removed from the web, he said "while most of the sites in the world would lose 50-70 per cent of their revenue in the alternative you're advocating for, Google is not one of them." He made this claim on the basis that "Google makes most of its money from the ads that appear on Google Search," which do not require tracking technology.