New submitter AsylumWraith shares a report: The US government aims to restore sweeping regulations for high-speed internet providers, such as AT&T, Comcast and Verizon, reviving "net neutrality" rules for the broadband industry -- and an ongoing debate about the internet's future. The proposed rules from the Federal Communications Commission will designate internet service -- both the wired kind found in homes and businesses as well as mobile data on cellphones -- as "essential telecommunications" akin to traditional telephone services, according to multiple people familiar with the plan. The rules would ban internet service providers (ISPs) from blocking or slowing down access to websites and online content, the people told CNN.

Agency chairwoman Jessica Rosenworcel plans to unveil the proposal in a speech at the National Press Club on Tuesday, the people added, saying the FCC plans to vote Oct. 19 on whether to advance the draft rules by soliciting public feedback on them -- a step that would precede the creation of any final rules. In addition to the prohibitions on blocking and throttling internet traffic, the draft rules also seek to prevent ISPs from selectively speeding up service to favored websites or to those that agree to pay extra fees, the people added, a move designed to prevent the emergence of "fast lanes" on the web that could give some websites a paid advantage over others.

Slash_Account_Dot writes: A federal counterintelligence agency tracking hackers has bought data harvested from the backbone of the internet by a private company because it was easier and took less time than getting similar data from the NSA, according to internal U.S. government documents. According to the documents, going through an agency like the NSA could take "days," whereas a private contractor could provide the same data instantly. The news is yet another example of a government agency turning to the private sector for novel datasets that the public is likely unaware are being collected and then sold.

An anonymous reader quotes a report from Wired: The U.S. Federal Bureau of Investigation (FBI) has done tens of thousands of face recognition searches using software from outside providers in recent years. Yet only 5 percent of the 200 agents with access to the technology have taken the bureau's three-day training course on how to use it, a report from the Government Accountability Office (GAO) this month reveals. The bureau has no policy for face recognition use in place to protect privacy, civil rights, or civil liberties. Lawmakers and others concerned about face recognition have said that adequate training on the technology and how to interpret its output is needed to reduce improper use or errors, although some experts say training can lull law enforcement and the public into thinking face recognition is low risk.

Since the false arrest of Robert Williams near Detroit in 2020, multiple instances have surfaced in the US of arrests after a face recognition model wrongly identified a person. Alonzo Sawyer, whose ordeal became known this spring, spent nine days in prison for a crime he didn't commit. The lack of face recognition training at the FBI came to light in a GAO report examining the protections in place when federal law enforcement uses the technology. The report was compiled at the request of seven Democratic members of Congress. Report author and GAO Homeland Security and Justice director Gretta Goodwin says, via email, that she found no evidence of false arrests due to use of face recognition by a federal law enforcement agency.

The GAO report focuses on face recognition tools made by commercial and nonprofit entities. That means it does not cover the FBI's in-house face recognition platform, which the GAO previously criticized for poor privacy protections. The US Department of Justice was ordered by the White House last year to develop best practices for using face recognition and report any policy changes that result. The outside face recognition tools used by the FBI and other federal law enforcement covered by the report comes from companies including Clearview AI, which scraped billions of photos of faces from the internet to train its face recognition system, andThorn, a nonprofit that combats sex trafficking by applying face recognition to identify victims and sex traffickers from online commercial sex market imagery.The FBI ranks first among federal law enforcement agencies examined by the GAO for the scale of its use of face recognition. More than 60,000 searches were carried out by seven agencies between October 2019 and March 2022. Over half were made by FBI agents, about 15,000 using Clearview AI and 20,000 using Thorn. "No existing law requires federal law enforcement personnel to take training before using face recognition or to follow particular standards when using face recognition in a criminal investigation," notes Wired.

"The DOJ plans to issue a department-wide civil rights and civil liberties policy for face recognition but has yet to set a date for planned implementation, according to the report. It says that DOJ officials, at one point in 2022, considered updating its policy to allow a face recognition match alone to justify applying for a search warrant."

Emma Roth reporting via The Verge: Facebook can be sued over allegations that its advertising algorithm is discriminatory, a California state court of appeals ruled last week. The decision stems from a class action lawsuit filed against Facebook in 2020, which accused the company of not showing insurance ads to women and older people in violation of civil rights laws. The case centers around Samantha Liapes, a 48-year-old woman who turned to Facebook to find an insurance provider. The lawsuit alleges that Facebook's ad delivery system didn't show Liapes ads for insurance due to her age and gender.

In a September 21st ruling, the appeals court reversed a previous decision that said Section 230 (which protects online platforms from legal liability if users post illegal content) shields Facebook from accountability. The appeals court concluded that the case "adequately" alleges that Facebook "knew insurance advertisers intentionally targeted its ads based on users' age and gender" in violation of the Unruh Civil Rights Act. It also found significant similarities between Facebook's ad platform and Roommates.com, a service that exceeded the protections of Section 230 by including dropdown menus with options that allowed for discrimination. "There is little difference with Facebook's ad tools" and their targeting capabilities, the court concluded. "Facebook does not merely proliferate and disseminate content as a publisher ... it creates, shapes, or develops content" with the tools.

Web3 is Going Great reports: After the Hong Kong-based JPEX exchange limited withdrawals amidst what appeared to be an impending collapse of the platform, things are now looking a lot more like fraud. Police have received more than 2,200 complaints pertaining to the exchange, involving $178 million in possible losses. Eleven people, including various crypto influencers who had promoted the exchange, were taken in for questioning. However, police have said those eleven people were not likely central to the fraud, and that the leaders of the JPEX project are on the run.

"New York City is now turning to robots to help patrol the Times Square subway station," quipped one local newscast.

The non-profit New York City blog Gothamist describes the robot as "almost as tall as the mayor — but at least three-times as wide around the waist," with a maximum speed of 3 miles per hour-- but a 360-degree field of vision, equipped with four cameras to send live video (without audio) to the police. A 420-pound, 5-foot-2-inch robocop with a giant camera for a face will begin patrolling the Times Square subway station overnight, the New York Police Department announced Friday morning. At a press conference held underground in the 42nd Street subway station, New York City Mayor Eric Adams said the city is launching a two-month pilot program to test the Knightscope K5 Autonomous Security Robot. During the press conference, the K5 robot — which is shaped like a small, white rocketship — stood silently along with uniformed officers and city officials in suits. Stripes of glowing blue lights indicated it was "on."

The K5 will act as a crime deterrent and provide real-time information on how to best deploy human officers to a safety incident, the mayor said. It features multiple cameras, a button that can connect the public with a real person, and a speaker for live audio communication... During the pilot program, the K5 will patrol the Times Squares subway station from midnight to 6 a.m. with a human NYPD handler that will help introduce it to the public. After two months, the mayor said the handler will no longer be necessary, and the robot will go on solo patrol...

Knightscope, which manufactures the robot, reports that it has been deployed to 30 clients in 10 states, including at malls and hospitals. The K5 has been in some sticky situations in other cities. One was toppled and slathered in barbecue sauce in San Francisco, while another was beaten by an intoxicated man in Mountain View, California, according to news reports. Another robot fell into a pool of water outside an office building in Washington, D.C.

When asked whether the robot was at risk of vandalism in New York City, the mayor strode over to it and gave it a few firm shoves. "Let's be clear, this is not a pushover. 420 pounds. This is New York tested," he said.
The city is leasing the robot for $9 an hour — And yes, local newscasts couldn't resist calling it a robocop. One shows the mayor announcing "We will continue to stay ahead of those who want to harm everyday New Yorkers."

Though the robot is equipped with facial recognition capability, it will not be activated.

Recent breaches of MGM's casino systems "were probably carried out by teens and young adults who have allied themselves with one of the world's most notorious ransomware gangs," writes the Washington Post's technology reporter.

Their alliance with the "Scattered Spider" group is described as "part of a trend that has alarmed security experts and defenders of corporate computer networks." The group is said to be "very active in the past two years, targeting large companies via stolen employee credentials and tricks such as convincing tech support employees that they have been accidentally locked out of their computers and need a new password." They moved from cryptocurrency thefts to targeting businesses that provide third-party business functions such as help desks and call center staffing, allowing them to infiltrate networks of many customers. And they extorted Western Digital and other technology firms after stealing internal data before heading for the jackpots in Las Vegas. But their willingness to deploy crippling ransomware while demanding money is a major escalation, as is their choice of a business partner: ALPHV, a hacking group whose affiliates include members of the former Russian powerhouses BlackMatter and DarkSide, the groups responsible for the Colonial Pipeline hack that awoke Washington to the national security risk of ransomware. ALPHV provided the BlackCat ransomware that the young hackers installed in the casinos' systems...

[According to new research presented Friday at the LABScon security conference] they came together through crimes enabled by SIM-swapping, which usually involves convincing phone company employees to hand over control of someone else's phone number. Because of poor security controls around those numbers, such gambits have allowed criminals to amass millions of dollars by beating SMS text-based two-factor authentication on cryptocurrency accounts. The extra money has made alliances possible with criminals who have different skills to bring to the table, including some who had hacked police servers and could send emails from purported officers demanding emergency disclosures of information on phone and internet customers. Worse, the researchers said, they have now attracted recruiters for the Russian gangs who want to combine their business savvy with the techniques and local knowledge of the native English speakers.

In 2020 Serbian scientists were gifted China's "Fire-Eye" labs, remembers the Washington Post. The sophisticated portable labs "excelled not only at cracking the genetic code for viruses, but also for humans, with machines that can decipher genetic instructions contained within the cells of every person on Earth, according to its Chinese inventors."

Although some of them were temporary, "scores" of the portable labs "were donated or sold to foreign countries during the pandemic," reports the Washington Post. But it adds that now those same labs "are attracting the attention of Western intelligence agencies amid growing unease about China's intentions." Some analysts perceive China's largesse as part of a global attempt to tap into new sources of highly valuable human DNA data in countries around the world. That collection effort, underway for more than a decade, has included the acquisition of U.S. genetics companies as well as sophisticated hacking operations, U.S. and Western intelligence officials say. But more recently, it received an unexpected boost from the coronavirus pandemic, which created opportunities for Chinese companies and institutes to distribute gene-sequencing machines and build partnerships for genetic research in places where Beijing previously had little or no access, the officials said. Amid the pandemic, Fire-Eye labs would proliferate quickly, spreading to four continents and more than 20 countries, from Canada and Latvia to Saudi Arabia, and from Ethiopia and South Africa to Australia. Several, like the one in Belgrade, now function as permanent genetic-testing centers...

BGI Group, the Shenzhen-based company that makes Fire-Eye labs, said it has no access to genetic information collected by the lab it helped create in Serbia. But U.S. officials note that BGI was picked by Beijing to build and operate the China National GeneBank, a vast and growing government-owned repository that now includes genetic data drawn from millions of people around the world. The Pentagon last year officially listed BGI as one of several "Chinese military companies" operating in the United States, and a 2021 U.S. intelligence assessment linked the company to the Beijing-directed global effort to obtain even more human DNA, including from the United States. The U.S. government also has blacklisted Chinese subsidiaries of BGI for allegedly helping analyze genetic material gathered inside China to assist government crackdowns on the country's ethnic and religious minorities...

Beijing's drive to sweep up DNA from across the planet has occasionally stirred controversy, particularly after a 2021 Reuters series about aspects of the project. Chinese academics and military scientists have also attracted attention by debating the feasibility of creating biological weapons that might someday target populations based on their genes. Genetic-based weapons are regarded by experts as a distant prospect, at best, and some of the discussion appears to have been prompted by official paranoia about whether the United States and other countries are exploring such weapons.

U.S. intelligence officials believe China's global effort is mostly about beating the West economically, not militarily. There is no public evidence that Chinese companies have used foreign DNA for reasons other than scientific research. China has announced plans to become the world's leader in biotechnology by 2035, and it regards genetic information — sometimes called "the new gold" — as a crucial ingredient in a scientific revolution that could produce thousands of new drugs and cures...

U.S. intelligence officials said in interviews that they have limited insight into how BGI handles DNA information acquired overseas, including whether genetic data from the Fire-Eye labs ultimately end up in the computers of China's military or intelligence services... Chinese law makes clear that any information collected using BGI's machines can be accessed by the Chinese government. A national intelligence law enacted in 2017 stipulates that Chinese firms and citizens are legally bound to share proprietary information acquired in foreign countries whenever requested.
Thanks to long-time Slashdot reader schwit1 for sharing the article

The White House is considering requiring cloud computing firms to report some information about their customers to the U.S. government, Semafor reported Friday, citing people familiar with an upcoming executive order on AI. From the report: The provision would direct the Commerce Department to write rules forcing cloud companies like Microsoft, Google, and Amazon to disclose when a customer purchases computing resources beyond a certain threshold. The order hasn't been finalized and specifics of it could still change. Similar "know-your-customer" policies already exist in the banking sector to prevent money laundering and other illegal activities, such as the law mandating firms to report cash transactions exceeding $10,000.

In this case, the rules are intended to create a system that would allow the U.S. government to identify potential AI threats ahead of time, particularly those coming from entities in foreign countries. If a company in the Middle East began building a powerful large language model using Amazon Web Services, for example, the reporting requirement would theoretically give American authorities an early warning about it. The policy proposal represents a potential step toward treating computing power -- or the technical capacity AI systems need to perform tasks -- like a national resource. Mining Bitcoin, developing video games, and running AI models like ChatGPT all require large amounts of compute.

FrankOVD writes: Google is being sued by a widow who says her husband drowned in September 2022 after Google Maps directed him over a collapsed bridge in Hickory, North Carolina. Google failed to correct its map service despite warnings about the broken bridge two years before the accident, according to the lawsuit filed Tuesday by Alicia Paxson in Wake County Superior Court. Philip Paxson "died tragically while driving home from his daughter's ninth birthday party, when he drove off of an unmarked, unbarricaded collapsed bridge in Hickory, North Carolina while following GPS directions," the complaint said.

The Snow Creek Bridge reportedly collapsed in 2013 and wasn't repaired. Barricades were typically in place but "were removed after being vandalized and were missing at the time of Paxson's wreck," according to The Charlotte Observer. The lawsuit has five defendants, including Google and its owner Alphabet. The other defendants are James Tarlton and two local business entities called Tarde, LLC and Hinckley Gauvain, LLC. Tarlton and the two businesses "owned, controlled, and/or were otherwise responsible for the land" containing the bridge, the lawsuit said.

An anonymous reader quotes a report from Computer Weekly: A doctoral thesis by American investigative journalist and post-doctoral researcher Jacob Appelbaum has now revealed unpublished information from the Snowden archive. These revelations go back a decade, but remain of indisputable public interest:

- The NSA listed Cavium, an American semiconductor company marketing Central Processing Units (CPUs) – the main processor in a computer which runs the operating system and applications -- as a successful example of a "SIGINT-enabled" CPU supplier. Cavium, now owned by Marvell, said it does not implement back doors for any government.
- The NSA compromised lawful Russian interception infrastructure, SORM. The NSA archive contains slides showing two Russian officers wearing jackets with a slogan written in Cyrillic: "You talk, we listen." The NSA and/or GCHQ has also compromised Key European LI [lawful interception] systems.
- Among example targets of its mass surveillance program, PRISM, the NSA listed the Tibetan government in exile.

These revelations have surfaced for the first time thanks to a doctoral thesis authored by Appelbaum towards earning a degree in applied cryptography from the Eindhoven University of Technology in the Netherlands. Communication in a world of pervasive surveillance is a public document and has been downloaded over 18,000 times since March 2022 when it was first published. [...] We asked Jacob Appelbaum, currently a post-doctoral researcher at the Eindhoven University of Technology, why he chose to publish those revelations in a technically written thesis rather than a mass-circulation newspaper. He replied: "As an academic, I see that the details included are in the public interest, and highly relevant for the topic covered in my thesis, as it covers the topic of large-scale adversaries engaging in targeted and mass surveillance." According to The Register, "Marvell (the owner of Cavium since 2018) denies the allegations that it or Cavium placed backdoors in products at the behest of the U.S. government.

Appelbaum's thesis wasn't given much attention until it was mentioned in Electrospaces.net's security blog last week.

An anonymous reader quotes a report from Ars Technica: A suspicious phone company is on the verge of having all its calls blocked by US-based telcos after being accused of ignoring orders to investigate and block robocalls. One Owl Telecom is a US-based gateway provider that routes phone calls from outside the U.S. to consumer phone companies such as Verizon. "Robocalls on One Owl's network apparently bombarded consumers without their consent with prerecorded messages about fictitious orders," the Federal Communications Commission said yesterday.

On August 1, the FCC sent One Owl a Notification of Suspected Illegal Robocall Traffic (PDF) ordering it to investigate robocall traffic identified by USTelecom's Industry Traceback Group, block all of the identified traffic within 14 days, and "continue to block the identified gateway traffic as well as substantially similar traffic on an ongoing basis." One Owl apparently hasn't taken any of the required steps, the FCC said yesterday. "One Owl never responded, and the [FCC Enforcement] Bureau is not aware of any measures One Owl has taken to comply with the Notice," an FCC order said.

Blocking robocall traffic from companies like One Owl is a bit like playing whack-a-mole. The FCC said it previously took enforcement actions "against two other entities to whom One Owl is closely related: Illum Telecommunication Limited and One Eye LLC. While operating under different corporate names, these entities have shared personnel, IP addresses, customers, and a penchant for disregarding FCC rules." If One Owl doesn't provide an adequate response within 14 days, all phone companies receiving calls from it "will then be required to block and cease accepting all traffic received from One Owl beginning 30 days after release of the Final Determination Order," the FCC said. "One Owl faces a simple choice -- comply or lose access to U.S. communications networks," FCC Enforcement Bureau Chief Loyaan Egal said in a press release.

A sysadmin and his partner pleaded guilty this week to being part of a "massive" international ring that sold software licenses worth $88 million for "significantly below the wholesale price." From a report: Brad and Dusti Pearce admitted one count of conspiracy to commit wire fraud and each face a maximum penalty of 20 years in prison. After agreeing to a plea deal, the Pearces must also forfeit at least $4 million as well as gold, silver, collectible coins, cryptocurrency, and a vehicle, and "make full restitution to their victims," the US Department of Justice said. The pair from Tuttle, Oklahoma -- a city better known for its cattle ranchers and alfafa hay than pirated software -- were alleged to have sold pirated Avaya business telephone system software licenses.

The licenses were then used to unlock features of the popular telephone system, which is used by thousands of companies around the globe. Dusti Pearce was said by prosecutors to have looked after the accounting side of the business, although only the wire fraud charge remains under the plea deal. Brad Pearce had previously worked as a customer service employee at Avaya, and was said to have used his admin privileges to "generate tens of thousands of ADI software license keys" that he sold to his main customer, Jason Hines, as well as "other customers, who in turn sold them to resellers and end users around the globe," said the DoJ.

A trade group for U.S. authors has sued OpenAI in Manhattan federal court on behalf of prominent writers including John Grisham, Jonathan Franzen, George Saunders, Jodi Picault and "Game of Thrones" novelist George R.R. Martin, accusing the company of unlawfully training its popular artificial-intelligence based chatbot ChatGPT on their work. From a report: The proposed class-action lawsuit filed late on Tuesday by the Authors Guild joins several others from writers, source-code owners and visual artists against generative AI providers. In addition to Microsoft-backed OpenAI, similar lawsuits are pending against Meta Platforms and Stability AI over the data used to train their AI systems. Other authors involved in the latest lawsuit include "The Lincoln Lawyer" writer Michael Connelly and lawyer-novelists David Baldacci and Scott Turow.

An anonymous reader quotes a report from the Associated Press: The International Criminal Court said Tuesday that it detected "anomalous activity affecting its information systems" last week and took urgent measures to respond. It didn't elaborate on what it called a "cybersecurity incident." Court spokesman Fadi El Abdallah said in a written statement that extra "response and security measures are now ongoing" with the assistance of authorities in the Netherlands, where the court is based. "Looking forward, the Court will be building on existing work presently underway to strengthen its cyber security framework, including accelerating its use of cloud technology," his statement added. The court declined to go into any more detail about the incident, but said that as it "continues to analyze and mitigate the impact of this incident, priority is also being given to ensuring that the core work of the Court continues."

Bankrupt crypto exchange FTX is looking to claw back luxury property and "millions of dollars in fraudulently transferred and misappropriated funds" from the parents of Sam Bankman-Fried, the exchange's disgraced ex-CEO and founder. CNBC reports: In a Monday court filing, lawyers representing the bankruptcy estate of the failed exchange alleged that Allan Joseph Bankman and his wife, Barbara Fried, "exploited their access and influence within the FTX enterprise to enrich themselves, directly and indirectly, by millions of dollars." The lawsuit, which was filed in the U.S. Bankruptcy Court for the District of Delaware, goes on to claim that "despite knowing or blatantly ignoring that the FTX Group was insolvent or on the brink of insolvency," Bankman and Fried discussed with their son the transfer of a $10 million cash gift and a $16.4 million luxury property in The Bahamas.

The suit alleges that as early as 2019, Sam's father also directly participated in efforts to cover up a whistleblower complaint which threatened to "expose the FTX Group as a house of cards." The filing also details emails written by Bankman in which he complained to the FTX US Head of Administration that his annual salary was $200,000, when he was "supposed to be getting $1M/yr." That grievance was ultimately elevated to his son in an email, according to the lawsuit: "Gee, Sam I don't know what to say here. This is the first [I] have heard of the 200K a year salary! Putting Barbara on this."

The filing characterizes the correspondence as Bankman lobbying his son to "massively increase his own salary." Within two weeks, the suit claims that Bankman-Fried had collectively gifted his parents $10 million in funds coming from Alameda, and within three months, the couple was deeded the $16.4 million property in The Bahamas. According to the partially-redacted filing, Bankman-Fried's parents also "pushed for tens of millions of dollars in political and charitable contributions, including to Stanford University, which were seemingly designed to boost Bankman's and Fried's professional and social status." Fried is also accused of encouraging her son and others within the company to avoid, if not violate, federal campaign finance disclosure rules by "engaging in straw donations or otherwise concealing the FTX Group as the source of the contributions."

An anonymous reader quotes a report from TechCrunch: Controversial UK legislation that brings in a new regime of content moderation rules for online platforms and services -- establishing the comms watchdog Ofcom as the main Internet regulator -- has been passed by parliament today, paving the way for Royal Assent and the Online Safety Bill becoming law in the coming days. Speaking during the bill's final stages in the House of Lords, Lord Parkinson of Whitley Bay reiterated that the government's intention for the legislation is "to make the UK the safest place in the world to be online, particularly for children." Following affirmative votes as peers considered some last stage amendments he added that attention now moves "very swiftly to Ofcom who stand ready to implement this -- and do so swiftly."

The legislation empowers Ofcom to levy fines of up to 10% (or up to 18 million pounds whichever is higher) of annual turnover for violations of the regime. The Online Safety (nee Harms) Bill has been years in the making as UK policymakers have grappled with how to response to a range of online safety concerns. In 2019 these efforts manifested as a white paper with a focus on rules for tackling illegal content (such as terrorism and CSAM) but also an ambition to address a broad sweep of online activity that might be considered harmful, such as violent content and the incitement of violence; encouraging suicide; disinformation; cyber bullying; and adult material being accessed by children. The effort then morphed into a bill that was finally published in May 2021. [...]

In a brief statement the UK's new web content sheriff gave no hint of the complex challenges that lie ahead -- merely welcoming the bill's passage through parliament and stating that it stands ready to implement the new rulebook. "Today is a major milestone in the mission to create a safer life online for children and adults in the UK. Everyone at Ofcom feels privileged to be entrusted with this important role, and we're ready to start implementing these new laws," said Dame Melanie Dawes, Ofcom's CEO. "Very soon after the Bill receives Royal Assent, we'll consult on the first set of standards that we'll expect tech firms to meet in tackling illegal online harms, including child sexual exploitation, fraud and terrorism." Beyond specific issues of concern, there is over-arching general worry over the scale of the regulatory burden the legislation will apply to the UK's digital economy -- since the rules apply not only to major social media platforms; scores of far smaller and less well resourced online services must also comply or risk big penalties.

An anonymous reader quotes a report from TechCrunch: Earlier this year, the U.S. government indicted Russian hacker Mikhail Matveev, also known by his online monikers "Wazawaka" and "Boriselcin," accusing him of being "a prolific ransomware affiliate" who carried out "significant attacks" against companies and critical infrastructure in the U.S. and elsewhere. The feds also accused him of being a "central figure" in the development and deployment of the notorious ransomware variants like Hive, LockBit, and Babuk. Matveev is such a prominent cybercriminal that the FBI designated him as one of its most wanted hackers. Matveev, who the FBI believes he remains in Russia, is unlikely to face extradition to the United States.

For Matveev, however, life seems to go on so well that he is now taunting the feds by making a T-shirt with his own most wanted poster, and asking his Twitter followers if they want merch. When reached by TechCrunch on X, formerly Twitter, Matveev verified it was really him by showing a picture of his left hand, which has only four fingers, per Matveev's FBI's most wanted page. Matveev also sent a selfie holding a piece of paper with this reporter's name on it.

After he agreed to do an interview, we asked Matveev a dozen questions about his life as a most wanted hacker, but he didn't answer any of them. Instead, he complained that we used the word "hacker." "I don't like this designation -- hacker, we are a separate type of specialist, practical and using our knowledge and resources without water and writing articles," he wrote in an X direct message. "I was interested only in terms of financial motivation, roughly speaking, I was thinking about what to do, sell people or become. it, [sic] let me tell you how I lost my finger?" At that point, Matveev stopped answering messages.

An anonymous reader quotes a report from Reuters: The U.S. Justice Department on Monday objected to removing the public from the court during some discussions of how Google prices online advertising, one of the issues at the heart of the antitrust trial under way in Washington. The government is seeking to show that Alphabet's Google broke antitrust law to maintain its dominance in online search. The search dominance led to fast-increasing advertising revenues that made Google a $1 trillion company. [Throughout the trial, Google's defense is that its high market share reflects the quality of its product rather than any illegal actions to build monopolies in some aspects of its business.]

David Dahlquist, speaking for the government, pointed to a document that was redacted that had a short back and forth about Google's pricing for search advertising. Dahlquist then argued to Judge Amit Mehta, who will decide the case, that information like the tidbit in the document should not be redacted. "This satisfies public interest because it's at the core of the DOJ case against Google," he said. Speaking for Google, John Schmidtlein urged that all discussions of pricing be in a closed session, which means the public and reporters must leave the courtroom. [...]

Case in point was testimony given early Monday by a Verizon executive, Brian Higgins, about the company's decision to always pre-install Google's Chrome browser with Google search on its mobile phones. After about 30 minutes of testimony, Higgins' testimony was closed for the next two hours. It's possible that he was asked about Google's payments to Verizon but the public will never know. Those payments -- which the government said are $10 billion annually to mobile carriers and others -- helped the California-based tech giant win powerful default positions on smartphones and elsewhere.

A federal judge has granted a request to block the California Age-Appropriate Design Code Act (CAADCA), a law that requires special data safeguards for underage users online. The Verge reports: In a ruling (PDF) issued today, Judge Beth Freeman granted a preliminary injunction for tech industry group NetChoice, saying the law likely violates the First Amendment. It's the latest of several state-level internet regulations to be blocked while a lawsuit against them proceeds, including some that are likely bound for the Supreme Court. The CAADCA is meant to expand on existing laws -- like the federal COPPA framework -- that govern how sites can collect data from children. But Judge Freeman objected to several of its provisions, saying they would unlawfully target legal speech. "Although the stated purpose of the Act -- protecting children when they are online -- clearly is important, NetChoice has shown that it is likely to succeed on the merits of its argument that the provisions of the CAADCA intended to achieve that purpose do not pass constitutional muster," wrote Freeman.

Freeman cites arguments made by legal writer Eric Goldman, who argued that the law would force sites to erect barriers for children and adults alike. Among other things, the ruling takes issue with the requirement that sites estimate visitors' ages to detect underage users. The provision is ostensibly meant to cut down on the amount of data collected about young users, but Freeman notes that it could involve invasive technology like face scans or analyzing biometric information -- ironically requiring users to provide more personal information.

The law offers sites an alternative of making data collection for all users follow the standards for minors, but Freeman found that this would also chill legal speech since part of the law's goal is to avoid targeted advertising that would show objectionable content to children. "Data and privacy protections intended to shield children from harmful content, if applied to adults, will also shield adults from that same content," Freeman concluded.