Timothy Geigner writes via Techdirt: Paramount has gone after fan-made works playing off of the franchise for years and years. Even Paramount's release of guidelines by which fans could create fan films served mostly as a giant middle finger to the fandom, so stringent were the rules. This apparently represents the owners of Star Trek's IP being completely deaf to the history of Star Trek and the internet and what the fans have meant to the franchise. And this all continued into the present day.

Recently, a fan-made project called Wolf 359 Project suffered a DMCA takedown from Paramount. If you're a Next Generation fan, that name will likely sound familiar: "The Battle of Wolf 359 hearkens to a classic The Next Generation two-episode event called 'The Best of Both Worlds.' Captain Picard is assimilated by the Borg, and before the Enterprise crew rescues him, the relentless Borg forces fight a battle that kills 11,000 people. Star Trek: Picard Season 3 dealt with this, specifically through the character of Captain Liam Shaw. It was the first time someone described the Starfleet experience during one of the costliest battles in Star Trek history. Star Trek fans are never one to let a good idea go to waste, and The Wolf 359 Project is a fan-written oral history of the battle. The 'book' ran over 500 pages long, and its authors were giving it away for free. However, Paramount issued a Digital Millennium Copyright Act strike against it."

So here's what this essentially is: fans who love TNG filling in the gaps of the original story they love with the unexplored rest of the universe of people who would have been impacted by that storyline. That's important for two reasons. First and foremost, this doesn't take anything away from Paramount's Star Trek production, and in fact does the opposite. The project doesn't replace the original episodes, but rather builds upon them. In other words, this project could only possibly serve to draw more interest to Paramount's product, since the book isn't going to make much sense to anyone who hasn't seen the original episodes. Second, this is a work being done for free, given away for free, all by fans that are doing what Star Trek fans have always done: create. [...] ]

An anonymous reader quotes a report from the Associated Press: A Saudi court has sentenced a man to death over his posts on X, formerly known as Twitter, and his activity on YouTube, the latest in a widening crackdown on dissent in the kingdom that has drawn international criticism. The judgement against Mohammed bin Nasser al-Ghamdi, seen Wednesday by The Associated Press, comes against the backdrop of doctoral student Salma al-Shehab and others facing decades-long prison sentences over their comments online. The sentences appear part of Crown Prince Mohammed bin Salman's wider effort to stamp out any defiance in the kingdom as he pursues massive building projects and other diplomatic deals to raise his profile globally.

According to court documents, the charges levied against al-Ghamdi include "betraying his religion," "disturbing the security of society," "conspiring against the government" and "impugning the kingdom and the crown prince" -- all for his activity online that involved re-sharing critics' posts. Saudi officials offered no reason for why they specifically targeted al-Ghamdi, a retired school teacher living in the city of Mecca. However, his brother, Saeed bin Nasser al-Ghamdi, is a well-known critic of the Saudi government living in the United Kingdom. "This false ruling aims to spite me personally after failed attempts by the investigators to have me return to the country," the brother tweeted last Thursday. Saudi Arabia has used arrests of family members in the past as a means to pressure those abroad into returning home, activists and those targeted in the past say. [...]

Saudi Arabia is one of the world's top executioners, behind only China and Iran in 2022, according to Amnesty International. The number of people Saudi Arabia executed last year -- 196 inmates -- was the highest recorded by Amnesty in 30 years. In one day alone last March, the kingdom executed 81 people, the largest known mass execution carried out in the kingdom in its modern history. However, al-Ghamdi's case appears to be the first in the current crackdown to level the death penalty against someone for their online behavior.

Slash_Account_Dot shares a report from 404 Media, written by cybersecurity journalist Joseph Cox: In the mid-afternoon one Saturday earlier this month, the target got on the New York subway. I knew what station they entered the subway at and at what specific time. They then entered another station a few hours later. If I had kept monitoring this person, I would have figured out the subway station they often start a journey at, which is near where they live. I would also know what specific time this person may go to the subway each day. During all this monitoring, I wasn't anywhere near the rider. I didn't even need to see them with my own eyes. Instead, I was sitting inside an apartment, following their movements through a feature on a Metropolitan Transportation Authority (MTA) website, which runs the New York City subway system. With their consent, I had entered the rider's credit card information -- data that is often easy to buy from criminal marketplaces, or which might be trivial for an abusive partner to obtain -- and punched that into the MTA site for OMNY, the subway's contactless payments system. After a few seconds, the site churned out the rider's travel history for the past 7 days, no other verification required.

On the OMNY website, the MTA offers the ability for riders to "Check trip history." This feature works for people who use contactless bank cards when entering the subway, or other solutions like Apple Pay and Google Pay. The issue is that the feature requires no other authentication -- no account linked to an email, for example -- meaning that anyone with a target's details can enter it and snoop on their movements. The MTA does offer the option of an OMNY account, which requires a password. The website says having an account lets riders "Securely access your trip history." But the first option that appears on the trip history website is the unauthenticated version. After 404 Media raised the concerns to the MTA, a spokesperson said the agency will look into improving the system. "But at the moment, the tracking feature is still accessible without any authentication," notes Cox.

UPDATE 8/31/23: The MTA says it will disable the feature that leaked trip history.

An anonymous reader quotes a report from NPR: The Environmental Protection Agency removed federal protections for a majority of the country's wetlands on Tuesday to comply with a recent U.S. Supreme Court ruling. The EPA and Department of the Army announced a final rule amending the definition of protected "waters of the United States" in light of the decision in Sackett v. EPA in May, which narrowed the scope of the Clean Water Act and the agency's power to regulate waterways and wetlands. A 2006 Supreme Court decision determined that wetlands would be protected if they had a "significant nexus" to major waterways. This year's court decision undid that standard. The EPA's new rule "removes the significant nexus test from consideration when identifying tributaries and other waters as federally protected," the agency said.

In May, Justice Samuel Alito said the navigable U.S. waters regulated by the EPA under the Clean Water Act do not include many previously regulated wetlands. Writing the court's decision, he said the law includes only streams, oceans, rivers and lakes, and wetlands with a "continuous surface connection to those bodies." The EPA said the rule will take effect immediately. "The agencies are issuing this amendment to the 2023 rule expeditiously -- three months after the Supreme Court decision -- to provide clarity and a path forward consistent with the ruling," the agency said. As a result of the rule change, protections for many waterways and wetlands will now fall to states.

Hundreds of thousands of people are being forcibly engaged by organised criminal gangs into online criminality in Southeast Asia - from romance-investment scams and crypto fraud to illegal gambling - a report issued today by the UN Human Rights Office shows. From a report: Victims face a range of serious violations and abuses, including threats to their safety and security; and many have been subjected to torture and cruel, inhuman and degrading treatment or punishment, arbitrary detention, sexual violence, forced labour, and other human rights abuses, the report says. "People who are coerced into working in these scamming operations endure inhumane treatment while being forced to carry out crimes. They are victims. They are not criminals," said UN High Commissioner for Human Rights Volker Turk.

"In continuing to call for justice for those who have been defrauded through online criminality, we must not forget that this complex phenomenon has two sets of victims." The enormity of online scam trafficking in Southeast Asia is difficult to estimate, the reports says, because of the clandestine nature and gaps in the official response. Credible sources indicate that at least 120,000 people across Myanmar may be held in situations where they are forced to carry out online scams, with estimates in Cambodia similarly at around 100,000. Other States in the region, including Lao PDR, the Philippines and Thailand, have also been identified as main countries of destination or transit where at least tens of thousands of people have been involved. The scam centres generate revenue amounting to billions of US dollars each year.

OpenAI has responded to a pair of nearly identical class-action lawsuits from book authors -- including Sarah Silverman, Paul Tremblay, Mona Awad, Chris Golden, and Richard Kadrey -- who earlier this summer alleged that ChatGPT was illegally trained on pirated copies of their books. From a report: In OpenAI's motion to dismiss (filed in both lawsuits), the company asked a US district court in California to toss all but one claim alleging direct copyright infringement, which OpenAI hopes to defeat at "a later stage of the case." The authors' other claims -- alleging vicarious copyright infringement, violation of the Digital Millennium Copyright Act (DMCA), unfair competition, negligence, and unjust enrichment -- need to be "trimmed" from the lawsuits "so that these cases do not proceed to discovery and beyond with legally infirm theories of liability," OpenAI argued.

OpenAI claimed that the authors "misconceive the scope of copyright, failing to take into account the limitations and exceptions (including fair use) that properly leave room for innovations like the large language models now at the forefront of artificial intelligence." According to OpenAI, even if the authors' books were a "tiny part" of ChatGPT's massive dataset, "the use of copyrighted materials by innovators in transformative ways does not violate copyright." Unlike plagiarists who seek to directly profit off distributing copyrighted materials, OpenAI argued that its goal was "to teach its models to derive the rules underlying human language" in order to do things like help people "save time at work," "make daily life easier," or simply entertain themselves by typing prompts into ChatGPT.

The purpose of copyright law, OpenAI argued is "to promote the Progress of Science and useful Arts" by protecting the way authors express ideas, but "not the underlying idea itself, facts embodied within the author's articulated message, or other building blocks of creative," which are arguably the elements of authors' works that would be useful to ChatGPT's training model. Citing a notable copyright case involving Google Books, OpenAI reminded the court that "while an author may register a copyright in her book, the 'statistical information' pertaining to 'word frequencies, syntactic patterns, and thematic markers' in that book are beyond the scope of copyright protection."

An anonymous reader quotes a report from Ars Technica: Sports leagues are urging the US to require "instantaneous" takedowns of pirated livestreams and new requirements for Internet service providers to block pirate websites. The Digital Millennium Copyright Act of 1998 requires websites to "expeditiously" remove infringing material upon being notified of its existence. But pirated livestreams of sports events often aren't taken down while the events are ongoing, said comments submitted last week by Ultimate Fighting Championship, the National Basketball Association, and National Football League.

The "DMCA does not define 'expeditiously,' and OSPs [online service providers] have exploited this ambiguity in the statutory language to delay removing content in response to takedown requests," the leagues told the US Patent and Trademark Office in response to a request for comments on addressing counterfeiting and piracy. The leagues urged the US "to establish that, in the case of live content, the requirement to 'expeditiously' remove infringing content means that content must be removed 'instantaneously or near-instantaneously' in response to a takedown request." The leagues claimed the change "would be a relatively modest and non-controversial update to the DMCA that could be included in the broader reforms being considered by Congress or could be addressed separately." They also want stricter "verification measures before a user is permitted to livestream."

The UFC separately submitted comments on its own, urging the US to require that ISPs block pirate sites. The UFC said that a "significant and growing" number of websites, typically operated from outside the US, don't respond to takedown requests and thus should be blocked by broadband network operators. The UFC wrote: "Unlike many other jurisdictions around the world, the US lacks a 'site-blocking' regime whereby copyright owners may obtain no-fault injunctions requiring domestic Internet service providers to block websites that are primarily geared at infringing activity. A 'site-blocking' regime, with appropriate safeguards to prevent abuse, would substantially facilitate all copyright owners' ability to address piracy, including UFC's." Website-blocking is bound to be a controversial topic, although the Federal Communications Commission's now-repeated net neutrality rules only prohibited blocking of "lawful Internet traffic." While the UFC said it just wants "websites that are primarily geared at infringing activity" to be blocked, a site-blocking regime could be used more expansively if there aren't strict limits.

samleecole writes: A group of right to repair activists and consumer rights advocates are petitioning the Librarian of Congress for the right to hack McDonald's notoriously unreliable McFlurry machines for the purposes of repair, according to a copy of the petition obtained by 404 Media.

"This is a request to expand the repair exemption for consumer electronic devices to include commercial industrial equipment such as automated building management systems and industrial equipment (i.e. soft serve ice cream machines and other industrial kitchen equipment)," the proposal, written by right to repair group iFixit and the nonprofit Public Knowledge, says. In addition, iFixit got its hands on a Taylor ice cream machine and tore it down in an effort to determine why they are broken so damn often and published a new video showing the process of taking the machine apart and explaining why they're always broken when you want fast food ice cream.

Under an ambitious program, dubbed Replicator, the Pentagon aims to field thousands of autonomous systems within two years to counter China. The effort is being spearheaded by Deputy Defense Secretary Kathleen Hicks. Politico reports: Hicks said the time is right to push to rapidly scale up innovative technology. The move comes as the U.S. looks to get creative to deter China in the Indo-Pacific and Pentagon leadership has taken stock of how Ukraine has fended off Russia's invasion. "Industry is ready. The culture is ready to shift," Hicks said. "We have to drive that from the top, and we need to give it a hard target." "The great paradox of military innovation is you're going to have to make big bets and you've got to execute on those bets," she added.

With Replicator, the Pentagon aims to have thousands of autonomous systems across various domains produced and delivered in 18 to 24 months. Hicks declined to discuss what specific platforms might be produced under the program -- such as aerial drones or unmanned ships -- citing the "competition landscape" in the defense industry as well as concerns about tipping DOD's hand to China. The Pentagon will instead "say more as we get to production on capabilities."

Autonomous weapons are seen as a potential way to counter China's numerical advantages in ships, missiles and troops in a rapidly narrowing window. Fielding large numbers of cheap, expendable drones, proponents argue, is faster and lower-cost than exquisite weapons systems and puts fewer troops at risk. Another major aim of the Replicator initiative is to provide a template for future efforts to rapidly field military technology. She said lessons from the Replicator program could be applied throughout the Pentagon, military services and combatant commands.

An anonymous reader quotes a report from Motherboard: Cities across the country are suing Kia and Hyundai for failing to install basic anti-theft technology, with a subsequent massive surge of stolen cars burdening police departments, according to lawsuits filed in recent months. Since the beginning of the year, Seattle, Baltimore, Cleveland, New York, Chicago, St. Louis, and Columbus have all sued Kia and Hyundai, which are owned by the same parent company, for selling cars without engine immobilizers, a technology that has served as a major contributor to the plummeting rate of stolen vehicles in the U.S. As the rest of the industry adopted immobilizers, Kia and Hyundai didn't, with only 26 percent of their cars including them in 2015, compared to 96 percent for other manufacturers.

Without the immobilizers, the cars are trivially easy to steal, requiring just a USB cable. A viral Youtube and Tiktok trend instructed people how to steal the cars. Kia and Hyundai cars manufactured without the immobilizers between 2015 and 2020, especially lower-end models like the Accent, Rio, and Sportage, are especially vulnerable. A lawsuit filed by dozens of insurance companies against Kia and Hyundai allege the lack of immobilizers violated federal regulations. The surge in Kia and Hyundai thefts in cities around the country has been staggering and it shows no sign of abating. In a lawsuit filed last week, the City of Chicago said that in 2022, more than 8,800 Kia and Hyundai vehicles were stolen in the city, which accounts for 41 percent of all of Chicago's car thefts, despite Kia and Hyundai making up just seven percent of the city's vehicles. In a press release announcing the lawsuit, the city said it is getting even worse in 2023, with Kias and Hyundais making up more than half of all stolen cars in the city this year. Chicago is hardly alone. [...]

In statements to Motherboard, Kia spokesperson James Bell said the lawsuits filed by cities against the company are "without merit" and that the National Highway Traffic Safety Administration determined it did not violate any regulations or safety standards. In June, NHTSA's acting associate director of enforcement Cem Hatipoglu responded to 18 state attorneys general that asked for a recall of the cars by saying, "At this time, NHTSA has not determined that this issue constitutes either a safety defect or noncompliance requiring a recall." A NHTSA spokesperson told Motherboard the agency has been meeting with Kia and Hyundai about the issue but wouldn't say if it agreed with Kia's interpretation. Hyundai spokesperson Ira Gabriel similarly said that all its vehicles are "fully compliant with federal anti-theft requirements." Hyundai and Kia owners can get steering wheel locks from their local police departments or through dedicated websites. Both companies also offer a free software patch that they say removes the threat of theft, which requires visiting a dealer. Bell of Kia says the company has distributed more than 190,000 wheel locks and that 650,000 vehicles have gotten the software update, out of three million total. Both companies now include immobilizers on all their new cars.

Slash_Account_Dot writes: Hackers are able to grab a target's IP address, potentially revealing their general physical location, by simply sending a link over the Skype mobile app. The target does not need to click the link or otherwise interact with the hacker beyond opening the message, according to a security researcher who demonstrated the issue and successfully discovered my IP address by using it. Yossi, the independent security researcher who uncovered the vulnerability, reported the issue to Microsoft earlier this month, according to Yossi and a cache of emails and bug reports he shared with 404 Media. In those emails Microsoft said the issue does not require immediate servicing, and gave no indication that it plans to fix the security hole. Only after 404 Media contacted Microsoft for comment did the company say it would patch the issue in an upcoming update.

Slashdot reader Bruce66423 shared this report from the Independent: South Yorkshire Police (SYP) has apologised after revealing more than three years' worth of officer body cam footage has been deleted from its computer systems. SYP said it had referred itself to the Information Commissioner's Office (ICO) after the footage, recorded between July 2020 and May 2023, was found to be missing. The force initially said the incident had been caused by a "significant and unexplained reduction" in stored data on its computer systems and later clarified that the data had been "deleted" and not hacked.

Around 69 cases have been identified as potentially affected by the loss of data and the force said it was working closely with the victims and Crown Prosecution Service. The cases range from cannabis possession through to domestic abuse and sexual offences, SYP told The Independent... Urgent work, led by digital forensic experts, is underway to recover the footage, it added...

It comes just weeks after a major data beach in Northern Ireland, where the force mistakenly published the personal details of officers in response to a freedom of information request. Norfolk and Suffolk police forces, in another freedom of information request incident, released the personal details of more than 1,000 people, including crime victims.

An anonymous reader quotes a report from Ars Technica: A federal judge yesterday granted Google's motion to dismiss a lawsuit filed by the Republican National Committee (RNC), which claims that Google intentionally used Gmail's spam filter to suppress Republicans' fundraising emails. An order (PDF) dismissing the lawsuit was issued yesterday by US District Judge Daniel Calabretta. The RNC is seeking "recovery for donations it allegedly lost as a result of its emails not being delivered to its supporters' inboxes," Calabretta noted. But Google correctly argued that the lawsuit claims are barred by Section 230 of the Communications Decency Act, the judge wrote. The RNC lawsuit was filed in October 2022 in US District Court for the Eastern District of California.

"While it is a close case, the Court concludes that... the RNC has not sufficiently pled that Google acted in bad faith in filtering the RNC's messages into Gmail users' spam folders, and that doing so was protected by Section 230. On the merits, the Court concludes that each of the RNC's claims fail as a matter of law for the reasons described below," he wrote. Calabretta, a Biden appointee, called it "concerning that Gmail's spam filter has a disparate impact on the emails of one political party, and that Google is aware of and has not yet been able to correct this bias." But he noted that "other large email providers have exhibited some sort of political bias" and that if Google did not filter spam, it would harm its users by subjecting them "to harmful malware or harassing messages. On the whole, Google's spam filter, though in this instance imperfect, is not morally blameworthy."

The RNC was given leave to amend another claim that alleged intentional interference with prospective economic relations under California law. The judge dismissed the claim as follows: "The RNC argues that Google's conduct was independently wrongful because '(1) it is political discrimination against the RNC, (2) it is dishonest to Google's users and the public, and (3) Google repeatedly lied about it.' As established above, political discrimination is not prohibited by California anti-discrimination laws and so Google's alleged discrimination would not be unlawful. The latter two reasons do not provide a 'determinable legal standard' under which the Court could find the conduct wrongful; they rest on a 'nebulous' theory of wrongfulness which other courts have rejected." The RNC "has failed to establish that Defendant's alleged interference constituted a separate, independently 'wrongful act' that would be an appropriate predicate offense" but "will be granted leave to amend this claim to establish that Defendant's conduct was unlawful by some legal measure," Calabretta wrote. Google said in a statement: "We welcome the Court's finding that there are no plausible allegations that Gmail's spam filters discriminate for political purposes. We will continue investing in spam-filtering technologies that protect people from unwanted emails while still allowing senders to reach the inboxes of users who want their messages."

Afghanistan's Taliban-led government is working with Huawei to install a wide-ranging surveillance system across the country in an effort to identify and target insurgents or terrorism activities, Bloomberg News reported Friday, citing a person familiar with the discussions. From the report: Representatives of the Shenzhen-headquartered tech company met with Interior Ministry officials on Aug. 14, the person said, and a verbal agreement was reached regarding the contract. The Interior Ministry initially posted images and details of the meeting on X, the social media platform formerly known as Twitter. In one post, spokesman Mufti Abdul Mateen Qani said the advanced camera system was being considered "in every province of Afghanistan."

The posts, which were later deleted, included comments from Abdullah Mukhtar, the deputy minister of the ministry. "We are willing to accept projects that are better in terms of quality and price," he said. "Reports on this meeting are factually incorrect. No plans or agreements were discussed," Huawei said in an emailed statement.

The National Security Agency, the shadowy hub for the United States' electronic and cyber spying, has instructed its employees that foreign targets of its intelligence gathering "should be treated with dignity and respect," according to a new policy directive. The Intercept: The directive, released this summer as internal guidance, is for the NSA's vaunted signals intelligence, or SIGINT, division, which is responsible for covert surveillance and data collection worldwide. "In recognition that SIGINT activities must take into account that all persons should be treated with dignity and respect, regardless of their nationality or wherever they might reside," says the previously unreported directive, which was issued by NSA Director Gen. Paul Nakasone.

Civil liberties experts say the PR-friendly directive is an attempt to mollify European partners and American critics amid a simmering congressional debate over whether to reauthorize the NSA's broad surveillance authorities. Experts also pointed to the absurdity that the NSA, an intelligence agency that specializes in electronic eavesdropping including the interception of text messages and emails, could do so respectfully. "This is like the CIA putting out a statement saying that going forward they'll only waterboard people with dignity and respect," Evan Greer, director of the digital rights advocacy group Fight for the Future, told The Intercept. "Mass surveillance is fundamentally incompatible with basic human rights and democracy."

College Board sends student SAT scores and GPA to Facebook and TikTok, according to tests by tech news outlet Gizmodo. Even when searching for colleges, personal academic details are shared with social media companies. From the report: Gizmodo observed the College Board's website sharing data with Facebook and TikTok when a user fills in information about their GPA and SAT scores. When this reporter used the College Board's search filtering tools to find colleges that might accept a student with a C+ grade-point average and a SAT score of 420 out of 1600, the site let the social media companies know. Whether a student is acing their tests or struggling, Facebook and TikTok get the details.

The College Board shares this data via "pixels," invisible tracking technology used to facilitate targeted advertising on platforms such as Facebook and TikTok. The data is shared along with unique user IDs to identify the students, along with other information about how you use the College Board's site. Organizations use pixels and other tools to share data so they can send targeted ads to people who use their apps and websites on other platforms, such as Google, Facebook, and TikTok.

New submitter Slash_Account_Dot shares a report from 404 Media, a new independent media company founded by technology journalists Jason Koebler, Emanuel Maiberg, Samantha Cole, and Joseph Cox: Customs and Border Protection (CBP), part of the Department of Homeland Security, has bought millions of dollars worth of software from a company that uses artificial intelligence to detect "sentiment and emotion" in online posts, according to a cache of documents obtained by 404 Media. CBP told 404 Media it is using technology to analyze open source information related to inbound and outbound travelers who the agency believes may threaten public safety, national security, or lawful trade and travel. In this case, the specific company called Fivecast also offers "AI-enabled" object recognition in images and video, and detection of "risk terms and phrases" across multiple languages, according to one of the documents.

Marketing materials promote the software's ability to provide targeted data collection from big social platforms like Facebook and Reddit, but also specifically names smaller communities like 4chan, 8kun, and Gab. To demonstrate its functionality, Fivecast promotional materials explain how the software was able to track social media posts and related Persons-of-Interest starting with just "basic bio details" from a New York Times Magazine article about members of the far-right paramilitary Boogaloo movement. 404 Media also obtained leaked audio of a Fivecast employee explaining how the tool could be used against trafficking networks or propaganda operations. The news signals CBP's continued use of artificial intelligence in its monitoring of travelers and targets, which can include U.S. citizens. This latest news shows that CBP has deployed multiple AI-powered systems, and provides insight into what exactly these tools claim to be capable of while raising questions about their accuracy and utility. "CBP should not be secretly buying and deploying tools that rely on junk science to scrutinize people's social media posts, claim to analyze their emotions, and identify purported 'risks,'" said Patrick Toomey, deputy director of the ACLU's National Security Project. "The public knows far too little about CBP's Counter Network Division, but what we do know paints a disturbing picture of an agency with few rules and access to an ocean of sensitive personal data about Americans. The potential for abuse is immense."

Amazon has filed a lawsuit against a group of online stores that sell pirated DVDs of key titles such as "The Lord of the Rings: The Rings of Power" and "The Peripheral." TorrentFreak reports: In a complaint filed at a California federal court, Amazon accuses seven websites of selling pirated discs. These sites, including dvdshelf.com.au, dvds.trade, and dvdwholesale.co.uk, are presumably operated by the same group, using a variety of companies. For the public at large, it may not be immediately obvious that these discs are pirated. However, since Amazon doesn't produce or sell DVDs for these Prime Video series, there is no doubt that they are created from illicit sources.

The piracy operation consists of at least seven websites and these all remain online today. According to Amazon, the sites ship to customers in the U.S. and abroad, twenty-four hours a day, seven days a week, resulting in mass copyright infringement. Before going to court, investigators conducted more than twenty test purchases of pirated DVDs. After these orders arrived, Amazon sent the discs to the Motion Picture Association which independently confirmed that they were all pirated.

The complaint lists Yangchun Zhang as a key suspect. This person presumably resides in China and obtained the 'DVD Shelf' trademark in Australia. In addition, Zhang is also listed as the registrant of several of the domain names involved. The complaint accuses Zhang and the others of both copyright and trademark infringement. Through the lawsuit (PDF), Amazon hopes to recoup damages, which can run in the millions of dollars. Another key priority is to shut the sites down and Amazon asks the court for an injunction to stop all infringing activity.

Two founders of Tornado Cash, the widely known Russian cryptocurrency mixer, have been charged with laundering more than $1 billion in criminal proceeds. From a report: In a newly unsealed indictment, Roman Storm and Roman Semenov have both been accused of sanctions violations and laundering money through Tornado Cash, including hundreds of millions of dollars for the Lazarus Group, a sanctioned North Korean state-backed hacking group. Charges in the indictment include conspiring to commit money laundering, conspiracy to commit sanctions violations and conspiracy to operate an unlicensed money transmitting business. Storm was arrested Wednesday in Washington state, according to a statement from the Justice Department, but Semenov, a Russian national, remains at large. The third co-founder, Alexey Pertsev, who is not mentioned in this action, faces trial in Amsterdam over his involvement with Tornado Cash. "Roman Storm and Roman Semenov allegedly operated Tornado Cash and knowingly facilitated this money laundering," said U.S. Attorney Damian Williams, adding, "While publicly claiming to offer a technically sophisticated privacy service, Storm and Semenov in fact knew that they were helping hackers and fraudsters conceal the fruits of their crimes." Further reading: Tornado Cash Co-founder Reports Being Kicked Off GitHub as Industry Reacts To Sanctions (2022);
Coinbase Employees and Ethereum Backers Sue US Treasury Over Tornado Cash Sanctions (2022).

Two UK teenagers accused of being key members of the notorious hacking group Lapsus$, behind attacks on companies including Nvidia, Rockstar Games, and Uber, were convicted of their crimes by a London jury Wednesday. From a report: Arion Kurtaj, 18, and a 17-year-old male, who can't be identified, were found to have carried out a number of offenses including serious computer misuse, blackmail and fraud against BT Group's EE network and Nvidia. Kurtaj was also separately accused of hacks into Uber, Rockstar's Grand Theft Auto game, and fintech firm Revolut. The Southwark Crown Court jury only needed to come to a decision on whether Kurtaj was liable for the crimes after he was found by the judge to be unfit to stand trial because of a complex medical condition. The jury found him liable for all 12 charges. The 17-year-old was found guilty of hacking, fraud and blackmail against Nvidia and cleared over two other counts against EE. He had previously plead guilty to two charges relating to the BT hacks. Lapsus$ are an international bunch of loosely connected online extortionists.