Slashdot reader storagedude shares a provocative post from the cybersecurity news blog of Cyble Inc. (a Ycombinator-backed company promising "AI-powered actionable threat intelligence").

The post delves into concerns that the new "Recall" feature planned for Windows (on upcoming Copilot+ PCs) is "a security and privacy nightmare." Copilot Recall will be enabled by default and will capture frequent screenshots, or "snapshots," of a user's activity and store them in a local database tied to the user account. The potential for exposure of personal and sensitive data through the new feature has alarmed security and privacy advocates and even sparked a UK inquiry into the issue. In a long Mastodon thread on the new feature, Windows security researcher Kevin Beaumont wrote, "I'm not being hyperbolic when I say this is the dumbest cybersecurity move in a decade. Good luck to my parents safely using their PC."

In a blog post on Recall security and privacy, Microsoft said that processing and storage are done only on the local device and encrypted, but even Microsoft's own explanations raise concerns: "Note that Recall does not perform content moderation. It will not hide information such as passwords or financial account numbers. That data may be in snapshots that are stored on your device, especially when sites do not follow standard internet protocols like cloaking password entry." Security and privacy advocates take issue with assertions that the data is stored securely on the local device. If someone has a user's password or if a court orders that data be turned over for legal or law enforcement purposes, the amount of data exposed could be much greater with Recall than would otherwise be exposed... And hackers, malware and infostealers will have access to vastly more data than they would without Recall.

Beaumont said the screenshots are stored in a SQLite database, "and you can access it as the user including programmatically. It 100% does not need physical access and can be stolen.... Recall enables threat actors to automate scraping everything you've ever looked at within seconds."
Beaumont's LinkedIn profile and blog say that starting in 2020 he worked at Microsoft for nearly a year as a senior threat intelligence analyst. And now Beaumont's Mastodon post is also raising other concerns (according to Cyble's blog post):

• "Sensitive data deleted by users will still be saved in Recall screenshots... 'If you or a friend use disappearing messages in WhatsApp, Signal etc, it is recorded regardless.'"

• "Beaumont also questioned Microsoft's assertion that all this is done locally."

The blog post also notes that Leslie Carhart, Director of Incident Response at Dragos, had this reaction to Beaumont's post. "The outrage and disbelief are warranted."

'"As AI programs shake up the office, potentially making millions of jobs obsolete, one group of perpetually stressed workers seems especially vulnerable..." writes the New York Times.

"The chief executive is increasingly imperiled by A.I." These employees analyze new markets and discern trends, both tasks a computer could do more efficiently. They spend much of their time communicating with colleagues, a laborious activity that is being automated with voice and image generators. Sometimes they must make difficult decisions — and who is better at being dispassionate than a machine?

Finally, these jobs are very well paid, which means the cost savings of eliminating them is considerable...

This is not just a prediction. A few successful companies have begun to publicly experiment with the notion of an A.I. leader, even if at the moment it might largely be a branding exercise... [The article gives the example of the Chinese online game company NetDragon Websoft, which has 5,000 employees, and the upscale Polish rum company Dictador.]

Chief executives themselves seem enthusiastic about the prospect — or maybe just fatalistic. EdX, the online learning platform created by administrators at Harvard and M.I.T. that is now a part of publicly traded 2U Inc., surveyed hundreds of chief executives and other executives last summer about the issue. Respondents were invited to take part and given what edX called "a small monetary incentive" to do so. The response was striking. Nearly half — 47 percent — of the executives surveyed said they believed "most" or "all" of the chief executive role should be completely automated or replaced by A.I. Even executives believe executives are superfluous in the late digital age...

The pandemic prepared people for this. Many office workers worked from home in 2020, and quite a few still do, at least several days a week. Communication with colleagues and executives is done through machines. It's just a small step to communicating with a machine that doesn't have a person at the other end of it. "Some people like the social aspects of having a human boss," said Phoebe V. Moore, professor of management and the futures of work at the University of Essex Business School. "But after Covid, many are also fine with not having one."
The article also notes that a 2017 survey of 1,000 British workers found 42% saying they'd be "comfortable" taking orders from a computer.

"Within less than a minute, I'm approached by a store worker who comes up to me and says, 'You're a thief, you need to leave the store'."

That's a quote from the BBC by a wrongly accused customer who was flagged by a facial-recognition system called Facewatch. "She says after her bag was searched she was led out of the shop, and told she was banned from all stores using the technology."

Facewatch later wrote to her and acknowledged it had made an error — but declined to comment on the incident in the BBC's report: [Facewatch] did say its technology helped to prevent crime and protect frontline workers. Home Bargains, too, declined to comment. It's not just retailers who are turning to the technology... [I]n east London, we joined the police as they positioned a modified white van on the high street. Cameras attached to its roof captured thousands of images of people's faces. If they matched people on a police watchlist, officers would speak to them and potentially arrest them...

On the day we were filming, the Metropolitan Police said they made six arrests with the assistance of the tech... The BBC spoke to several people approached by the police who confirmed that they had been correctly identified by the system — 192 arrests have been made so far this year as a result of it.
Lindsey Chiswick, director of intelligence for the Met, told the BBC that "It takes less than a second for the technology to create a biometric image of a person's face, assess it against the bespoke watchlist and automatically delete it when there is no match."

"That is the correct and acceptable way to do it," writes long-time Slashdot reader Baron_Yam, "without infringing unnecessarily on the freedoms of the average citizen. Just tell me they have appropriate rules, effective oversight, and a penalty system with teeth to catch and punish the inevitable violators."

But one critic of the tech complains to the BBC that everyone scanned automatically joins "a digital police line-up," while the article adds that others "liken the process to a supermarket checkout — where your face becomes a bar code." And "The error count is much higher once someone is actually flagged. One in 40 alerts so far this year has been a false positive..."

Thanks to Slashdot reader Bruce66423 for sharing the article.

London's famed Evening Standard newspaper has announced plans to end its daily outlet, "bringing an end to almost 200 years of publication in the capital," reports The Guardian. Going forward, the company plans to launch "a brand new weekly newspaper later this year and consider options for retaining ES Magazine with reduced frequency," while also working to increase traffic to its website. "In its 197-year history the Evening Standard has altered its format, price, content and distribution models," notes The Guardian. "But giving up on producing a daily print newspaper is the biggest change yet." From the report: The newspaper said it has been hit hard by the introduction of wifi on the London Underground, a shortage of commuters owing to the growth of working from home and changing consumer habits. The Standard lost 84.5 million pounds in the past six years, according to its accounts, and is reliant on funding from its part-owner Evgeny Lebedev. Its other shareholders include a bank with close links to the Saudi government. Industry sources suggested Lebedev had been willing to consider selling the outlet in recent years but no buyer was found.

Paul Kanareck, the newspaper's chair, told staff on Wednesday morning: "The substantial losses accruing from the current operations are not sustainable. Therefore, we plan to consult with our staff and external stakeholders to reshape the business, return to profitability and secure the long-term future of the number one news brand in London." Kanareck said there would be an "impact on staffing," with journalists bracing themselves for further job losses on top of years of redundancies, while design staff on the print edition are expected to be hit hard. Distributors who hand out the newspaper across London are also likely to be out of work, and billboards outside railway stations advertising the day's headline will stand empty on most days.

He suggested there would be a change in focus for the weekly outlet: "A proposed new weekly newspaper would replace the daily publication, allowing for more in-depth analysis of the issues that matter to Londoners, and serve them in a new and relevant way by celebrating the best London has to offer, from entertainment guides to lifestyle, sports, culture and news and the drumbeat of life in the world's greatest city." Closing the Evening Standard will mean that for the first time in centuries, Londoners will have no general-interest daily print newspaper. The finance-focused City AM, which was recently saved by the billionaire Matthew Moulding, will continue to publish four days a week and has recently increased its distribution. Further reading: So it's goodbye to London's Standard, my old paper -- and to the heart of democracy, local news (Opinion; The Guardian)

An anonymous reader quotes a report from the BBC: Hackers are attempting to sell what they say is confidential information belonging to millions of Santander staff and customers. They belong to the same gang which this week claimed to have hacked Ticketmaster. The bank -- which employs 200,000 people worldwide, including around 20,000 in the UK -- has confirmed data has been stolen. Santander has apologized for what it says is "the concern this will understandably cause" adding it is "proactively contacting affected customers and employees directly."

"Following an investigation, we have now confirmed that certain information relating to customers of Santander Chile, Spain and Uruguay, as well as all current and some former Santander employees of the group had been accessed," it said in a statement posted earlier this month. "No transactional data, nor any credentials that would allow transactions to take place on accounts are contained in the database, including online banking details and passwords." It said its banking systems were unaffected so customers could continue to "transact securely."

In a post on a hacking forum -- first spotted by researchers at Dark Web Informer- the group calling themselves ShinyHunters posted an advert saying they had data including: 30 million people's bank account details, 6 million account numbers and balances, 28 million credit card numbers, and HR information for staff. Santander has not commented on the accuracy of those claims.

A survey of 12,000 people in six countries -- Argentina, Denmark, France, Japan, the UK, and the USA -- found that very few people are regularly using AI products like ChatGPT. Unsurprisingly, the group bucking the trend are young people ages 18 to 24. The BBC reports: Dr Richard Fletcher, the report's lead author, told the BBC there was a "mismatch" between the "hype" around AI and the "public interest" in it. The study examined views on generative AI tools -- the new generation of products that can respond to simple text prompts with human-sounding answers as well as images, audio and video. "Large parts of the public are not particularly interested in generative AI, and 30% of people in the UK say they have not heard of any of the most prominent products, including ChatGPT," Dr Fletcher said.

This research attempted to gauge what the public thinks, finding:
- The majority expect generative AI to have a large impact on society in the next five years, particularly for news, media and science
- Most said they think generative AI will make their own lives better
- When asked whether generative AI will make society as a whole better or worse, people were generally more pessimistic In more detail, the study found: - While there is widespread awareness of generative AI overall, a sizable minority of the public -- between 20% and 30% of the online population in the six countries surveyed -- have not heard of any of the most popular AI tools.
- In terms of use, ChatGPT is by far the most widely used generative AI tool in the six countries surveyed, two or three times more widespread than the next most widely used products, Google Gemini and Microsoft Copilot.
- Younger people are much more likely to use generative AI products on a regular basis. Averaging across all six countries, 56% of 18-24s say they have used ChatGPT at least once, compared to 16% of those aged 55 and over.
- Roughly equal proportions across six countries say that they have used generative AI for getting information (24%) as creating various kinds of media, including text but also audio, code, images, and video (28%).
- Just 5% across the six countries covered say that they have used generative AI to get the latest news.

Retailers are being urged to stop making everyday products such as drinks bottles, outdoor furniture and toys out of brightly coloured plastic after researchers found it degrades into microplastics faster than plainer colours. From a report: Red, blue and green plastic became "very brittle and fragmented," while black, white and silver samples were "largely unaffected" over a three-year period, according to the findings of the University of Leicester-led project. The scale of environmental pollution caused by plastic waste means that microplastics, or tiny plastic particles, are everywhere. Indeed, they were recently found in human testicles, with scientists suggesting a possible link to declining sperm counts in men.

In this case, scientists from the UK and the University of Cape Town in South Africa used complementary studies to show that plastics of the same composition degrade at different rates depending on the colour. The UK researchers put bottle lids of various colours on the roof of a university building to be exposed to the sun and the elements for three years. The South African study used plastic items found on a remote beach. "It's amazing that samples left to weather on a rooftop in Leicester and those collected on a windswept beach at the southern tip of the African continent show similar results," said Dr Sarah Key, who led the project. "What the experiments showed is that even in a relatively cool and cloudy environment for only three years, huge differences can be seen in the formation of microplastics." This field study, published in the journal Environmental Pollution, is the first such proof of this effect. It suggests that retailers and manufacturers should give more consideration to the colour of short-lived plastics.

Malaysia Airlines Flight 370 vanished in 2014 — and efforts continue to find it. In 2018 a UK-based video producer claimed to have discovered the crashed aircraft on Google Maps — but Newsweek pointed out the same wreckage "is visible in imagery dating back to January 1, 2004 — more than a decade before MH370 disappeared."

Marine robotics company Ocean Infinity also failed to find the aircraft after a five-month search in 2018 — but has returned to the headlines this March, writes the Independent, "claiming that they have scientific evidence" for the flight's final resting place. (The company's CEO says the last six years they've been "innovating with technology and robotics to further advance our ocean search capabilities.")

And this week Indian Express reported that researchers from the UK's Cardiff University investigating the mystery "have come up with a novel plan to unravel it — sea explosions."

More from the Economic Times: Scientists have said that airplanes crashing over oceans create unique acoustic signatures that can travel more than 3,000km through water. These acoustic signatures can be recorded by a network of 11 hydroacoustic stations worldwide that are dotted along the seabed. Researchers at Cardiff University have said that a series of controlled underwater explosions or air gunfire along the 7th arc [where the plane last communicated] can be done to see whether they can isolate a more precise location for MH370.
More details from NDTV: "[W]ithin the time frame and location suggested by the official search, only a single, relatively weak signal was identified,'' Dr Kadri said... ''Similar exercises were performed in the search and rescue mission for the ARA San Juan, a submarine that vanished off the coast of Argentina in 2017. This shows us that it is relatively straightforward and feasible and could provide a means to determine the signal's relevance to MH370, prior to resuming with another extensive search. If found to be related, this would significantly narrow down, almost pinpoint, the aircraft's location,'' Dr Kadri added...

Despite the largest search in aviation history, the plane has never been found.
An announcement from Cardiff University adds that "The experiments would also help develop the use of hydroacoustic technology as a tool for authorities to draw upon when narrowing down potential crash locations for airplanes in the future."

"The fact it's possible at all is a credit to the ingenuity of the open-source community," writes the blog OMG Ubuntu: Switchroot is an open-source project that allows Android and Linux-based distros like Ubuntu to run on the Nintendo Switch — absolutely not something Nintendo approves of much less supports, endorses, or encourages, etc! I covered the loophole that made this possible back in 2018. Back then the NVIDIA Tegra X1-powered Nintendo Switch was still new and Linux support for much of the console's internal hardware in a formative state (a polite way to say 'not everything worked'). But as the popularity of Nintendo's handheld console ballooned (to understate it) so the 'alternative OS' Switch scene grew, and before long Linux support for Switch hardware was in full bloom...

A number of Linux for Switchroot (L4S) distributions have since been released, designated as Linux for Tegra (L4T) builds. As these can boot from a microSD card it's even possible to dualboot the Switch OS with Linux, which is neat! Recently, a fresh set of L4T Ubuntu images were released based on the newest Ubuntu 24.04 LTS release. These builds work on all Switch versions, from the OG (exploit-friendly) unit through to newer, patched models (where a modchip is required)...

I'm told all of the Nintendo Switch internal hardware now works under Linux, including Wi-Fi, Bluetooth, sleep mode, accelerated graphics, the official dock... Everything, basically. And despite being a 7 year old ARM device the performance is said to remain decent.
"Upstream snafus have delayed the release of builds with GNOME Shell..."

UPI reports that the British government covered up "a multi-decade tainted blood scandal, leading to thousands of related deaths, a report published Monday found." Britain's National Health Service allowed blood tainted with HIV and Hepatitis to be used on patients without their knowledge, leading to 3,000 deaths and more than 30,000 infections, according to the 2,527-page final report by Justice Brian Justice Langstaff, a former judge on the High Court of England and Wales. Langstaff oversaw a five-year investigation into the use of tainted blood and blood products in Britain's healthcare system between 1970 and 1991. The report blames multiple administrations over the time period for knowingly exposing victims to unacceptable risks...

In several cases, health officials lied about the risks to patients... The NHS also gave patients false reassurances, an attempt to "save face," failing victims "not once but repeatedly...." The situation could "largely, though not entirely, have been avoided," Langstaff found...

The British government on Monday began operating a support phone line for people and their families affected by the tainted blood scandal.
The article notes that Langstaff described the coverup as "subtle" but "pervasive" and "chilling in its implications...

"To save face and to save expense, there has been a hiding of much of the truth."

Thanks to long-time Slashdot reader schwit1 for sharing the article.

Emma Roth reports via The Verge: The UK could subject big tech companies to hefty fines if they don't comply with new rules meant to promote competition in digital markets. On Thursday, lawmakers passed the Digital Markets, Competition and Consumer Bill (DMCC) through Parliament, which will let regulators enforce rules without the help of the courts. The DMCC also addresses consumer protection issues by banning fake reviews, forcing companies to be more transparent about their subscription contracts, regulating secondary ticket sales, and getting rid of hidden fees. It will also force certain companies to report mergers to the UK's Competition and Markets Authority (CMA). The European Union enacted a similar law, called the Digital Markets Act (DMA).

Only the companies the CMA designates as having Strategic Market Status (SMS) have to comply. These SMS companies are described as having "substantial and entrenched market power" and "a position of strategic significance" in the UK. They must have a global revenue of more than 25 billion euros or UK revenue of more than 1 billion euros. The law will also give the CMA the authority to determine whether a company has broken a law, require compliance, and issue a fine -- all without going through the court system. The CMA can fine companies up to 10 percent of the total value of a business's global revenue for violating the new rules.

The head of the UK Environment Agency has admitted that freedom of information requests have been buried by the regulator because the truth about the environment in England is "embarrassing." From a report: Philip Duffy, the body's chief executive, told an audience at the UK River Summit in Morden, south London, this week that his officials were "worried about revealing the true state of what is going on" with regards to the state of the environment. The regulator holds information including about pollution, the state of England's waterways, the meetings its bosses have with water company CEOs, and other data about the state of nature in the country.

The Information Commissioner's Office, which oversees the law on the Freedom of Information Act, has warned the regulator that the public have a right to have their requests answered and that transparency should be taken seriously. An ICO spokesperson said: "People have the legal right to promptly receive information they're entitled to and we take action when they don't. We've been clear that public sector leaders should take transparency seriously and see the benefits it brings, including scrutiny of processes and approaches that can then benefit from improvement."

An anonymous reader quotes a report from The Guardian: Hopes that replacement fuels for airplanes will slash carbon pollution are misguided and support for these alternatives could even worsen the climate crisis, a new report has warned. There is currently "no realistic or scalable alternative" to standard kerosene-based jet fuels, and touted "sustainable aviation fuels" are well off track to replace them in a timeframe needed to avert dangerous climate change, despite public subsidies, the report by the Institute for Policy Studies, a progressive thinktank, found. "While there are kernels of possibility, we should bring a high level of skepticism to the claims that alternative fuels will be a timely substitute for kerosene-based jet fuels," the report said. [...]

In the U.S., Joe Biden's administration has set a goal for 3 billion gallons of sustainable aviation fuel, which is made from non-petroleum sources such as food waste, woody biomass and other feedstocks, to be produced by 2030, which it said will cut aviation's planet-heating emissions by 20%. [...] Burning sustainable aviation fuels still emits some carbon dioxide, while the land use changes needed to produce the fuels can also lead to increased pollution. Ethanol biofuel, made from corn, is used in these fuels, and meeting the Biden administration's production goal, the report found, would require 114m acres of corn in the U.S., about a 20% increase in current land area given over to to the crop. In the UK, meanwhile, 50% of all agricultural land will have to be given up to sustain current flight passenger levels if jet fuel was entirely replaced. "Agricultural land use changes could threaten global food security as well as nature-based carbon sequestration solutions such as the preservation of forests and wetlands," the report states. "As such, SAF production may actively undermine the Paris agreement goal of achieving greatly reduced emissions by 2050." Chuck Collins, co-author of the report, said: "To bring these fuels to the scale needed would require massive subsidies, the trade-offs would be unacceptable and would take resources aware from more urgent decarbonization priorities."

"It's a huge greenwashing exercise by the aviation industry. It's magical thinking that they will be able to do this."

Phil Ansell, director of the Center for Sustainable Aviation at the University of Illinois, added: "There's an underappreciation of how big the energy problem is for aviation. We are still many years away from zero pollution flights. But it's true that the industry has been slow to pick things up. We are now trying to find solutions, but we are working at this problem and realizing it's a lot harder than we thought. We are late to the game. We are in the dark ages in terms of sustainability, compared to other sectors."

The seemingly "never-ending" rain last autumn and winter in the UK and Ireland was made 10 times more likely and 20% wetter by human-caused global heating, a study has found. From a report: More than a dozen storms battered the region in quick succession between October and March, which was the second-wettest such period in nearly two centuries of records. The downpour led to severe floods, at least 20 deaths, severe damage to homes and infrastructure, power blackouts, travel cancellations, and heavy losses of crops and livestock.

The level of rain caused by the storms would have occurred just once in 50 years without the climate crisis, but is now expected every five years owing to 1.2C of global heating reached in recent years. If fossil fuel burning is not rapidly cut and the global temperature reaches 2C in the next decade or two, such severe wet weather would occur every three years on average, the analysis showed. [...] The analysis, conducted by climate scientists working as part of the World Weather Attribution group, compared how likely and how intense the wet winter was in today's heated world with how likely it would have been in a world without high levels of carbon emissions. Warmer air can hold more water vapour and therefore produce more rain. Hundreds of "attribution studies" have shown how global heating is already supercharging extreme weather such as heatwaves, wildfires, droughts and storms across the world.

It seems no industry is safe from consolidation, and the latest target is gaming media. From a report: IGN Entertainment has acquired the website portfolio of UK publisher Gamer Network, which operates a number of beloved games-focused publications. That list includes Gamesindustry.biz, Eurogamer, Rock Paper Shotgun, VG247, and the tabletop site Dicebreaker. The network also holds shares in sites like Nintendo Life and Digital Foundry.

Terms of the deal were not disclosed. Gamesindustry.biz reports that "some redundancies" have been made across the sites, though it's not clear how many workers have been impacted. According to several posts on X, editors at both Rock Paper Shotgun and Gamesindustry.biz have been laid off. IGN Entertainment is owned by Ziff Davis, which, in addition to IGN's site, also operates other subsidiaries like Humble Bundle.

An Australian computer scientist who claimed he invented bitcoin lied "extensively and repeatedly" and forged documents "on a grand scale" to support his false claim, a judge at London's High Court ruled on Monday. From a report: [...] Judge James Mellor ruled in March that the evidence Craig Wright was not Satoshi was "overwhelming", after a trial in a case brought by the Crypto Open Patent Alliance (COPA) to stop Wright suing bitcoin developers. Mellor gave reasons for his conclusions on Monday, stating in a written ruling: "Dr Wright presents himself as an extremely clever person. However, in my judgment, he is not nearly as clever as he thinks he is." The judge added: "All his lies and forged documents were in support of his biggest lie: his claim to be Satoshi Nakamoto."

Julian Assange has won a victory in his ongoing battle against extradition from the UK after judges at the high court in London granted him leave to appeal. From a report: Two judges deferred a decision in March on whether Assange, who is trying to avoid being prosecuted in the US on espionage charges relating to the publication of thousands of classified and diplomatic documents, could take his case to another appeal hearing. Assange had been granted permission to appeal only if the Biden administration was unable to provide the court with suitable assurances "that the applicant [Assange] is permitted to rely on the first amendment, that the applicant is not prejudiced at trial, including sentence, by reason of his nationality, that he is afforded the same first amendment [free speech] protections as a United States citizen, and that the death penalty is not imposed."

Legal argument on Monday focused on the issue of whether Assange would be allowed first amendment protections. Assange's team did not contest the assurance around the death penalty, accepting that it was an "unambiguous executive promise." Assange has been indicted on 17 espionage charges and one charge of computer misuse, exposing him to a maximum 175 years in prison, over his website's publication of a trove of classified US documents almost 15 years ago.

"$5,000 in cash had been withdrawn from my checking account — but not by me," writes journalist Linda Matchan in the Boston Globe. A police station manager reviewed footage from the bank — which was 200 miles away — and deduced that "someone had actually come into the bank and spoken to a teller, presented a driver's license, and then correctly answered some authentication questions to validate the account..." "You're pitting a teller against a national crime syndicate with massive resources behind them," says Paul Benda, executive vice president for risk, fraud, and cybersecurity at the American Bankers Association. "They're very well-funded, well-resourced criminal gangs doing this at an industrial scale."
The reporter writes that "For the past two years, I've worked to determine exactly who and what lay behind this crime..." [N]ow I had something new to worry about: Fraudsters apparently had a driver's license with my name on it... "Forget the fake IDs adolescents used to get into bars," says Georgia State's David Maimon, who is also head of fraud insights at SentiLink, a company that works with institutions across the United States to support and solve their fraud and risk issues. "Nowadays fraudsters are using sophisticated software and capable printers to create virtually impossible-to-detect fake IDs." They're able to create synthetic identities, combining legitimate personal information, such as a name and date of birth, with a nine-digit number that either looks like a Social Security number or is a real, stolen one. That ID can then be used to open financial accounts, apply for a bank or car loan, or for some other dodgy purpose that could devastate their victims' financial lives.



And there's a complex supply chain underpinning it all — "a whole industry on the dark web," says Eva Velasquez, president and CEO of the Identity Theft Resource Center, a nonprofit that helps victims undo the damage wrought by identity crime. It starts with the suppliers, Maimon told me — "the people who steal IDs, bring them into the market, and manufacture them. There's the producers who take the ID and fake driver's licenses and build the facade to make it look like they own the identity — trying to create credit reports for the synthetic identities, for example, or printing fake utility bills." Then there are the distributors who sell them in the dark corners of the web or the street or through text messaging apps, and finally the customers who use them and come from all walks of life. "We're seeing females and males and people with families and a lot of adolescents, because social media plays a very important role in introducing them to this world," says Maimon, whose team does surveillance of criminals' activities and interactions on the dark web. "In this ecosystem, folks disclose everything they do."
The reporter writes that "It's horrifying to discover, as I have recently, that someone has set up a tech company that might not even be real, listing my home as its principal address."

Two and a half months after the theft the stolen $5,000 was back in their bank account — but it wasn't until a year later that the thief was identified. "The security video had been shared with New York's Capital Region Crime Analysis Center, where analysts have access to facial recognition technology, and was run through a database of booking photos. A possible match resulted.... She was already in custody elsewhere in New York... Evidently, Deborah was being sought by law enforcement in at least three New York counties. [All three cases involved bank-related identity fraud.]"

Deborah was finally charged with two separate felonies: grand larceny in the third degree for stealing property over $3,000, and identity theft. But Deborah missed her next two court dates, and disappeared. "She never came back to court, and now there were warrants for her arrest out of two separate courts."

After speaking to police officials the reporter concludes "There was a good chance she was only doing the grunt work for someone else, maybe even a domestic or foreign-organized crime syndicate, and then suffering all the consequences."

The UK minister of state for security even says that "in some places people are literally captured and used as unwilling operators for fraudsters."

An anonymous reader shared this report from the blog OMG Ubuntu: Ubuntu first switched to using Wayland as its default display server in 2017 before reverting the following year. It tried again in 2021 and has stuck with it since. But while Wayland is what most of us now log into after installing Ubuntu, anyone doing so on a PC or laptop with an NVIDIA graphics card present instead logs into an Xorg/X11 session.

This is because NVIDIA's proprietary graphics drivers (which many, especially gamers, opt for to get the best performance, access to full hardware capabilities, etc) have not supported Wayland as well as as they could've. Past tense as, thankfully, things have changed in the past few years. NVIDIA's warmed up to Wayland (partly as it has no choice given that Wayland is now standard and a 'maybe one day' solution, and partly because it wants to: opportunities/benefits/security).

With the NVIDIA + Wayland sitch' now in a better state than before — but not perfect — Canonical's engineers say they feel confident enough in the experience to make the Ubuntu Wayland session default for NVIDIA graphics card users in Ubuntu 24.10.

In an elaborate scam in January, "a finance worker, was duped into attending a video call with people he believed were the chief financial officer and other members of staff," remembers CNN. But Hong Kong police later said that all of them turned out to be deepfake re-creations which duped the employee into transferring $25 million. According to police, the worker had initially suspected he had received a phishing email from the company's UK office, as it specified the need for a secret transaction to be carried out. However, the worker put aside his doubts after the video call because other people in attendance had looked and sounded just like colleagues he recognized.
Now the targeted company has been revealed: a major engineering consulting firm, with 18,500 employees across 34 offices: A spokesperson for London-based Arup told CNN on Friday that it notified Hong Kong police in January about the fraud incident, and confirmed that fake voices and images were used. "Unfortunately, we can't go into details at this stage as the incident is still the subject of an ongoing investigation. However, we can confirm that fake voices and images were used," the spokesperson said in an emailed statement. "Our financial stability and business operations were not affected and none of our internal systems were compromised," the person added...

Authorities around the world are growing increasingly concerned about the sophistication of deepfake technology and the nefarious uses it can be put to. In an internal memo seen by CNN, Arup's East Asia regional chairman, Michael Kwok, said the "frequency and sophistication of these attacks are rapidly increasing globally, and we all have a duty to stay informed and alert about how to spot different techniques used by scammers."
The company's global CIO emailed CNN this statement. "Like many other businesses around the globe, our operations are subject to regular attacks, including invoice fraud, phishing scams, WhatsApp voice spoofing, and deepfakes.

"What we have seen is that the number and sophistication of these attacks has been rising sharply in recent months."

Slashdot reader st33ld13hl adds that in a world of Deep Fakes, insurance company USAA is now asking its customers to authenticate with voice. (More information here.)

Thanks to Slashdot reader quonset for sharing the news.