An anonymous reader shares a report: For years, cops and other government authorities all over the world have been using phone hacking technology provided by Cellebrite to unlock phones and obtain the data within. And the company has been keen on keeping the use of its technology "hush hush." As part of the deal with government agencies, Cellebrite asks users to keep its tech -- and the fact that they used it -- secret, TechCrunch has learned. This request concerns legal experts who argue that powerful technology like the one Cellebrite builds and sells, and how it gets used by law enforcement agencies, ought to be public and scrutinized.

In a leaked training video for law enforcement customers that was obtained by TechCrunch, a senior Cellebrite employee tells customers that "ultimately, you've extracted the data, it's the data that solves the crime, how you got in, let's try to keep that as hush hush as possible." "We don't really want any techniques to leak in court through disclosure practices, or you know, ultimately in testimony, when you are sitting in the stand, producing all this evidence and discussing how you got into the phone," the employee, who we are not naming, says in the video.

A Bloomberg investigative reporter wrote a new book titled Number Go Up: Inside Crypto's Wild Rise and Staggering Fall. This week Bloomberg published an excerpt that begins when the reporter received a flirtatious text message from a woman named Vicky Ho for a scam that's called "pig butchering".

"Vicky's random text had found its way to pretty much exactly the wrong target. I'd been investigating the crypto bubble for more than a year..." After a day, Vicky revealed her true love language: Bitcoin price data. She started sending me charts. She told me she'd figured out how to predict market fluctuations and make quick gains of 20% or more. The screenshots she shared showed that during that week alone she'd made $18,600 on one trade, $4,320 on another and $3,600 on a third... For days, she went on chatting without asking for me to send any money. I was supposed to be the mark, but I had to work her to con me.... Vicky sent me a link to download an app called ZBXS. It looked pretty much like other crypto-exchange apps. "New safe and stable trading market," a banner read at the top. Then Vicky gave me some instructions. They involved buying one cryptocurrency using another crypto-exchange app, then transferring the crypto to ZBXS's deposit address on the blockchain, a 42-character string of letters and numbers...

People around the world really were losing huge sums of money to the con. A project finance lawyer in Boston with terminal cancer handed over $2.5 million. A divorced mother of three in St. Louis was defrauded of $5 million. And the victims I spoke to all told me they'd been told to use Tether, the same coin Vicky suggested to me. Rich Sanders, the lead investigator at CipherBlade, a crypto-tracing firm, said that at least $10 billion had been lost to crypto romance scams.

The huge sums involved weren't the most shocking part. I learned that whoever was posing as Vicky was likely a victim as well — of human trafficking. Most "pig-butchering" operations were orchestrated by Chinese gangsters based in Cambodia or Myanmar. They'd lure young people from across Southeast Asia to move abroad with the promise of well-paying jobs in customer service or online gambling. Then, when the workers arrived, they'd be held captive and forced into a criminal racket. Thousands have been tricked this way. Entire office towers are filled with floor after floor of people sending spam messages around the clock, under threat of torture or death.

With the assistance of translators, I started video chatting with people who'd escaped...

I'd heard that [southwestern Cambodia's giant building complex] Chinatown alone held as many as 6,000 captive workers like "Vicky Ho."
Two of the workers interviewed "said they'd seen workers murdered." And another worker said Tether was used specifically because "It's more safe. We are afraid people will track us... It's untraceable."

The reporter's conclusion? "It was hard to see how this slave complex could exist without cryptocurrency."

A U.S. federal judge "ruled Friday that U.S. copyright law does not cover creative works created by artificial intelligence," reports Billboard magazine: In a 15-page written opinion, Judge Beryl Howell upheld a decision by the U.S. Copyright Office to deny a copyright registration to computer scientist Stephen Thaler for an image created solely by an AI model. The judge cited decades of legal precedent that such protection is only afforded to works created by humans. "The act of human creation — and how to best encourage human individuals to engage in that creation, and thereby promote science and the useful arts — was ... central to American copyright from its very inception," the judge wrote. "Non-human actors need no incentivization with the promise of exclusive rights under United States law, and copyright was therefore not designed to reach them."

In a statement Friday, Thaler's attorney Ryan Abbot said he and his client "disagree with the district court's judgment" and vowed to appeal: "In our view, copyright law is clear that the public is the main beneficiary of the law and this is best achieved by promoting the generation and dissemination of new works, regardless of how they are created."

Though novel, the decision was not entirely surprising. Federal courts have long strictly limited to content created by humans, rejecting it for works created by animals, by forces of nature, and even those claimed to have been authored by divine spirits, like religious texts.
The Hollywood Reporter notes that "various courts have reached the same conclusion." In another case, a federal appeals court said that a photo captured by a monkey can't be granted a copyright since animals don't qualify for protection, though the suit was decided on other grounds. Howell cited the ruling in her decision. "Plaintiff can point to no case in which a court has recognized copyright in a work originating with a non-human," the order, which granted summary judgment in favor of the copyright office, stated.

Long-time Slashdot reader bshell shared this announcement from the Internet Archive: Some of the world's largest record labels, including Sony and Universal Music Group, filed a lawsuit against the Internet Archive and others for the Great 78 Project, a community effort for the preservation, research and discovery of 78 rpm records that are 70 to 120 years old.

The project has been in operation since 2006 to bring free public access to a largely forgotten but culturally important medium. Through the efforts of dedicated librarians, archivists and sound engineers, we have preserved hundreds of thousands of recordings that are stored on shellac resin, an obsolete and brittle medium. The resulting preserved recordings retain the scratch and pop sounds that are present in the analog artifacts; noise that modern remastering techniques remove.
"The labels' lawsuit said the project includes thousands of their copyright-protected recordings," reports Reuters, including Bing Crosby's "White Christmas" and Chuck Berry's "Roll Over Beethoven."

"The lawsuit said the recordings are all available on authorized streaming services and 'face no danger of being lost, forgotten, or destroyed.'" The labels' lawsuit filed in a federal court in Manhattan said the Archive's "Great 78 Project" functions as an "illegal record store" for songs by musicians including Frank Sinatra, Ella Fitzgerald, Miles Davis and Billie Holiday. They named 2,749 sound-recording copyrights that the Archive allegedly infringed. The labels said their damages in the case could be as high as $412 million.

An anonymous reader quotes a report from TorrentFreak: Founded in 2011, AnonFiles.com became known as a popular hosting service that allowed users to share files up to 20GB without download restrictions. As the name suggests, registering an account wasn't required either; both up and downloading files was totally anonymous. The same also applies to BayFiles.com, an affiliated file-hosting service that was launched by The Pirate Bay. Both sites launched around the same time and shared a similar design and identical features. Both sites had millions of visitors but AnonFiles stood out with over 18 million visitors a month. This popularity didn't go unnoticed by rightsholders, who repeatedly flagged AnonFiles as a "notorious" pirate site.

Rightsholders and law enforcement authorities were not the only ones unhappy with the illegal content posted to the site. For AnonFiles' operators, it caused major problems too. The current owners purchased the site two years ago but didn't expect the abuse to be so massive that the only option would be to shut it down. According to a goodbye message posted on the site, they simply can't continue. "After trying endlessly for two years to run a file sharing site with user anonymity, we have been tired of handling the extreme volumes of people abusing it and the headaches it has created for us."

The operators tried to contain the abuse by setting up all sorts of automated filters and filename restrictions, taking thousands of false positives for granted, but that didn't help much. With tens of millions of uploads and petabytes of data, no anti-abuse measure was sufficient. And when the site's proxy service pulled the plug a few days ago, AnonFiles decided to call it quits. "We have auto banned contents of hundreds of thousands files. Banned file names and also banned specific usage patterns connected to abusive material," the AnonFiles team writes. "Even after all this the high volume of abuse will not stop. This is not the kind of work we imagine when acquiring it and recently our proxy provider shut us down. This can not continue." The current owners have invited others to buy the domain name and give it a shot themselves.

The Mozilla Foundation has started a petition to stop the French government from forcing browsers like Mozilla's Firefox to censor websites. "It would set a dangerous precedent, providing a playbook for other governments to also turn browsers like Firefox into censorship tools," says the organization. "The government introduced the bill to parliament shortly before the summer break and is hoping to pass this as quickly and smoothly as possible; the bill has even been put on an accelerated procedure, with a vote to take place this fall." You can add your name to their petition here.

The bill in question is France's SREN Bill, which sets a precarious standard for digital freedoms by empowering the government to compile a list of websites to be blocked at the browser level. The Mozilla Foundation warns that this approach "is uncharted territory" and could give oppressive regimes an operational model that could undermine the effectiveness of censorship circumvention tools.

"Rather than mandate browser based blocking, we think the legislation should focus on improving the existing mechanisms already utilized by browsers -- services such as Safe Browsing and Smart Screen," says Mozilla. "The law should instead focus on establishing clear yet reasonable timelines under which major phishing protection systems should handle legitimate website inclusion requests from authorized government agencies. All such requests for inclusion should be based on a robust set of public criteria limited to phishing/scam websites, subject to independent review from experts, and contain judicial appellate mechanisms in case an inclusion request is rejected by a provider."

Months before Kenya finally banned iris scans by Sam Altman's crypto startup Worldcoin, the Office of the Data Protection Commissioner (ODPC) had ordered its parent company, Tools for Humanity, to stop collecting personal data. From a report: The ODPC had in May this year instructed the crypto startup to stop iris scans and the collection of facial recognition and other personal data in Kenya, a letter sent to Worldcoin and seen by TechCrunch shows. Tools for Humanity, the company building Worldcoin, did not stop taking biometric data until early this month when Kenya's ministry of interior and administration, a more powerful entity, suspended it following its official launch. Worldcoin's official launch led to a spike in the number of people queuing up to have their eyeballs scanned in exchange for "free money," drawing the attention of authorities.

The letter shows that ODPC had instructed Worldcoin to cease collecting data for intruding on individuals' privacy by gathering biometric data without a well-established and compelling justification. Further, it said Worldcoin had failed to obtain valid consent from people before scanning their irises, saying its agents failed to inform its subjects about the data security and privacy measures it took, and how the data collected would be used or processed. "Your client is hereby instructed to cease the collection of all facial recognition data and iris scans, from your subscribers. This cessation should be implemented without delay and should include all ongoing and future data processing activities," said Rose Mosero, in a letter to Tools for Humanity that outlined the concerns.

An anonymous reader quotes a report from Ars Technica: The Sotheby's auction house has been named as a defendant in a lawsuit filed by investors who regret buying Bored Ape Yacht Club NFTs that sold for highly inflated prices during the NFT craze in 2021. A Sotheby's auction duped investors by giving the Bored Ape NFTs "an air of legitimacy... to generate investors' interest and hype around the Bored Ape brand," the class-action lawsuit claims. The boost to Bored Ape NFT prices provided by the auction "was rooted in deception," said the lawsuit filed in US District Court for the Central District of California. It wasn't revealed at the time of the auction that the buyer was the now-disgraced FTX, the lawsuit said.

"Sotheby's representations that the undisclosed buyer was a 'traditional' collector had misleadingly created the impression that the market for BAYC NFTs had crossed over to a mainstream audience," the lawsuit claimed. Lawsuit plaintiffs say that harmed investors bought the NFTs "with a reasonable expectation of profit from owning them." Sotheby's sold a lot of 101 Bored Ape NFTs for $24.4 million at its "Ape In!" auction in September 2021, well above the pre-auction estimates of $12 million to $18 million. That's an average price of over $241,000, but Bored Ape NFTs now sell for a floor price of about $50,000 worth of ether cryptocrurrency, according to CoinGecko data accessed today. [...]

The amended lawsuit alleges that "[Bored Ape creator Yuga Labs] colluded with fine arts broker, Defendant Sotheby's, to run a deceptive auction." After the sale, a Sotheby's representative described the winning bidder during a Twitter Spaces event as a "traditional" collector, the lawsuit said. The lawsuit said it turned out the auction buyer was now-bankrupt crypto exchange FTX, whose founder Sam Bankman-Fried is in jail awaiting trial on criminal charges. Ethereum blockchain transaction data shows that after the auction, "Sotheby's transferred the lot of BAYC NFTs to wallet address 0xf8e0C93Fd48B4C34A4194d3AF436b13032E641F3,77 which, upon information and belief, is owned/controlled by FTX," the complaint said. Speculation that FTX was the buyer had been percolating since at least January 2023. The lawsuit alleges that Yuga Labs and Sotheby's violated the California Unfair Competition Law, the California Corporate Securities Law, the US Securities Exchange Act, and the California Corporations Code. The plaintiffs also claim that Sotheby's Metaverse, an NFT trading platform opened after the auction, "operated (or attempted to operate) as an unregistered broker of securities."

An anonymous reader quotes a report from the New York Times: This year, BMO, a Canadian bank, was looking for Canadian adults to apply for a credit card. So the bank's advertising agency ran a YouTube campaign using an ad-targeting system from Google that employs artificial intelligence to pinpoint ideal customers. But Google, which owns YouTube, also showed the ad to a viewer in the United States on a Barbie-themed children's video on the "Kids Diana Show," a YouTube channel for preschoolers whose videos have been watched more than 94 billion times. When that viewer clicked on the ad, it led to BMO's website, which tagged the user's browser with tracking software from Google, Meta, Microsoft and other companies, according to new research from Adalytics, which analyzes ad campaigns for brands. As a result, leading tech companies could have tracked children across the internet, raising concerns about whether they were undercutting a federal privacy law, the report said. The Children's Online Privacy Protection Act, or COPPA, requires children's online services to obtain parental consent before collecting personal data from users under age 13 for purposes like ad targeting.

Adalytics identified more than 300 brands' ads for adult products, like cars, on nearly 100 YouTube videos designated as "made for kids" that were shown to a user who was not signed in, and that linked to advertisers' websites. It also found several YouTube ads with violent content, including explosions, sniper rifles and car accidents, on children's channels. An analysis by The Times this month found that when a viewer who was not signed into YouTube clicked the ads on some of the children's channels on the site, they were taken to brand websites that placed trackers -- bits of code used for purposes like security, ad tracking or user profiling -- from Amazon, Meta's Facebook, Google, Microsoft and others -- on users' browsers. As with children's television, it is legal, and commonplace, to run ads, including for adult consumer products like cars or credit cards, on children's videos. There is no evidence that Google and YouTube violated their 2019 agreement with the F.T.C.

The report's findings raise new concerns about YouTube's advertising on children's content. In 2019, YouTube and Google agreed topay a record $170 million fineto settle accusations from the Federal Trade Commission and the State of New York that the company had illegally collected personal information from children watching kids' channels. Regulators said the company had profited from using children's data to target them with ads. YouTube then said it would limit the collection of viewers' data and stop serving personalized ads on children's videos. On Thursday, two United States senators sent a letter to the F.T.C., urging it to investigate whether Google and YouTube had violated COPPA, citing Adalytics and reporting by The New York Times. Senator Edward J. Markey, Democrat of Massachusetts, and Senator Marsha Blackburn, Republican of Tennessee, said they were concerned that the company may have tracked children and served them targeted ads without parental consent, facilitating "the vast collection and distribution" of children's data. "This behavior by YouTube and Google is estimated to have impacted hundreds of thousands, to potentially millions, of children across the United States," the senators wrote. Google spokesman Michael Aciman called the report's findings "deeply flawed and misleading."

Google has stated that running ads for adults on children's videos is useful because parents watching could become customers. However, they acknowledge that violent ads on children's videos violate their policies and have taken steps to prevent such ads from running in the future. Google claims they do not use personalized ads on children's videos, ensuring compliance with COPPA.

Google notes that it does not inform advertisers if a viewer has watched a children's video, only that they clicked on the ad. Google also says it cannot control data collection on a brand's website after a YouTube viewer clicks an ad -- a process that could occur on any website.

The United States Space Force has activated its first and only unit dedicated to targeting other nations' satellites and the ground stations that support them. Space.com reports: The 75th Intelligence, Surveillance and Reconnaissance Squadron (ISRS) was activated on Aug. 11 at Peterson Space Force Base in Colorado. This unit is part of Space Delta 7, an element of the U.S. Space Force tasked with providing intelligence on adversary space capabilities. It'll do things like analyze the capabilities of potential targets, locate and track these targets as well as participate in "target engagement," which presumably refers to destroying or disrupting adversary satellites, the ground stations that support them and transmissions sent between the two.

Master Sgt. Desiree Cabrera, 75th ISRS operations superintendent, said the new unit will revolutionize the targeting capabilities of not just the Space Force, but also the entire U.S. military: "Not only are we standing up the sole targeting squadron in the U.S. Space Force, we are changing the way targeting is done across the joint community when it comes to space and electromagnetic warfare." The 75th ISRS will also analyze adversary space capabilities including "counterspace force threats," according to the Space Force's statement. Counterspace forces refer to adversary systems aimed at preventing the U.S. from using its own satellites during a conflict.

An anonymous reader quotes a report from The Register: Microsoft prohibits users from reverse engineering or harvesting data from its AI software to train or improve other models, and will store inputs passed into its products as well as any output generated. The details emerged as companies face fresh challenges with the rise of generative AI. People want to know what corporations are doing with information provided by users. And users are likewise curious about what they can do with the content generated by AI. Microsoft addresses these issues in a new clause titled 'AI Services' in its terms of service.

The five new policies, which were introduced on 30 July and will come into effect on September 30, state that:

Reverse Engineering. You may not use the AI services to discover any underlying components of the models, algorithms, and systems. For example, you may not try to determine and remove the weights of models.
Extracting Data. Unless explicitly permitted, you may not use web scraping, web harvesting, or web data extraction methods to extract data from the AI services.
Limits on use of data from the AI Services. You may not use the AI services, or data from the AI services, to create, train, or improve (directly or indirectly) any other AI service.
Use of Your Content. As part of providing the AI services, Microsoft will process and store your inputs to the service as well as output from the service, for purposes of monitoring for and preventing abusive or harmful uses or outputs of the service.
Third party claims. You are solely responsible for responding to any third-party claims regarding Your use of the AI services in compliance with applicable laws (including, but not limited to, copyright infringement or other claims relating to content output during Your use of the AI services). A spokesperson from Microsoft declined to comment on how long the company plans to store user inputs into its software. "We regularly update our terms of service to better reflect our products and services. Our most recent update to the Microsoft Services Agreement includes the addition of language to reflect artificial intelligence in our services and its appropriate use by customers," the representative told us in a statement.

Microsoft has previously said, however, that it doesn't save conversations or use that data to train its AI models for its Bing Enterprise Chat mode. The policies are a little murkier for its Microsoft 365 Copilot, although it doesn't appear to use customer data or prompts for training, it does store information. "[Copilot] can generate responses anchored in the customer's business content, such as user documents, emails, calendar, chats, meetings, contacts, and other business data. Copilot combines this content with the user's working context, such as the meeting a user is in now, the email exchanges the user has had on a topic, or the chat conversations the user had last week. Copilot uses this combination of content and context to help deliver accurate, relevant, contextual responses," it said.

Loading screen maps and movement physics are just some of the elements from The Legend of Zelda: Tears of the Kingdom that Nintendo is trying to patent. Kotaku reports: Automaton, a gaming website that focuses on Japanese games like Zelda, has a roundup of the 32 patents Nintendo put forth. Some of them are specific to Link's latest adventure, including things like Riju's lightning ability, which lets the player target enemies with a bow and bring down a lighting strike wherever the arrow lands. The weirder ones are related to baseline game design and coding that applies to plenty of other video games on the market. One of the hopeful patents relates to the physics of a character riding on top of a moving vehicle and reacting dynamically to it in a realistic manner.

The distinction, according to Automaton's translation of Japanese site Hatena Blog user nayoa2k's post on the matter, is down to how Tears of the Kingdom codes these interactions. Link and the objects he rides on move together at the same speed, rather than Link being technically stationary on top of a moving object as is common in the physics of other games. The two are functionally the same, but given that plenty of video games displayed characters who can walk around on top of moving vehicles, it's highly unlikely this kind of approach hasn't been utilized before.

On top of trying to patent the tech, Nintendo seeks to patent the loading screen that shows up when the player is fast-traveling across Hyrule. This specifically refers to the screen that shows the map transition from the player's starting point to their destination. Sure, that's pretty specific and not something every game utilizes, but it's still such a general concept that it feels almost petty to patent it when it's hardly an iconic draw of Tears of the Kingdom.

An anonymous reader quotes a report from Ars Technica: Home buyers, sellers, real estate agents, and listing websites throughout the US have been stymied for five days by a cyberattack on a California company that provides a crucial online service used to track home listings. The attack, which commenced last Wednesday, hit Rapottoni, a software and services provider that supplies Multiple Listing Services to regional real estate groups nationwide. Better known as MLS, it provides instant access to data on which homes are coming to the market, purchase offers, and sales of listed homes. MLS has become essential for connecting buyers to sellers and to the agents and listing websites serving them.

"If you're an avid online refresher on any real estate website, you may have noticed a real nosedive in activity the last couple of days," Peg King, a realty agent in California's Sonoma County, wrote in an email newsletter she sent clients on Friday. "Real estate MLS systems across the country have been unusable since Wednesday after a massive cyberattack against major MLS provider, Rapattoni Corporation. This means that real estate markets (like ours!) can't list new homes, change prices, mark homes as pending/contingent/sold, or list open houses."

While Rapattoni has referred to the incident as a cyberattack, it has been widely reported that the event is a ransomware attack, in which criminals gain unauthorized access to a victim's network, encrypt or download crucial data and demand payment in exchange for decrypting the data or promising not to publish it. Rapattoni has so far not said publicly what sort of attack shut it down or other details. Rapattoni has yet to say whether personal information has been compromised. [...] Not all regional listing services are affected because some use data vendors other than Rapattoni. The damage the outage is causing to agents, buyers, renters, and sellers could get worse unless services are restored in the next few days. On Sunday, Rapattoni wrote: "We are continuing to investigate the nature and scope of the cyberattack that has caused a system outage and we are working diligently to get systems restored as soon as possible. All technical resources at our disposal are continuing to work around the clock through the weekend until this matter is resolved. We still do not have an ETA at this time, but we will continue to update you and keep you informed of our efforts."

An anonymous reader quotes a report from TorrentFreak: In the summer of 2021, DISH Network and Sling filed a copyright lawsuit against four unlicensed sports streaming sites, among them the popular SportsBay.org. After the plaintiffs named two alleged operators of the sites, this week a court in Texas held the pair liable for almost 2.5 million violations of the DMCA's anti-circumvention provisions and almost half a billion dollars in damages. [...] The complaint alleged that the unknown defendants circumvented (and provided technologies and services that circumvented) security measures employed by Sling and thereby provided "DISH's television programming" to users of their websites. The plaintiffs requested a permanent injunction, control of the defendants' domains, and damages of up to $2,500 for each violation of the DMCA's anti-circumvention provisions.

According to DISH's first amended complaint filed in January 2022, information obtained from the third-party service providers enabled the company to identify two men responsible for operating the SportsBay sites. Juan Barcan, an individual residing in Buenos Aires, Argentina, used his PayPal account to make payments to Namecheap and GitHub. Juan Nahuel Pereyra, also of Buenos Aires, used his PayPal account to make payments to Namecheap. On January 20, 2022, DISH sent a request to the Argentine Central Authority to serve Barcan and Pereyra under the Hague Convention. On October 31, 2022, the Central Authority informed DISH that Pereyra was served in Buenos Aires on September 14, 2022. Barcan was not served so after obtaining permission from the court, DISH served Barcan via a Gmail address used to make payments to Namecheap for the Sportsbay.org, Live-nba.stream, and Freefeds.com domain names. When the defendants failed to appear, DISH sought default judgment. [...]

In his order (PDF) handed down yesterday, District Judge Charles Eskridge entered a default judgment against Juan Barcan and Juan Nahuel Pereyra for violations of the DMCA's anti-circumvention provisions. The defendants and anyone acting in concert with them are permanently enjoined from circumventing any technological protection measure that controls access to Sling or DISH programming, including through the use of websites or any similar internet streaming service. Then comes the award for damages. "Plaintiffs are awarded $493,850,000 in statutory damages against Defendants, jointly and severally, for Defendants' 2,469,250 violations of section 1201(a)(2) of the DMCA," the order reads.

Long-time Slashdot reader destinyland shares a report from BleepingComputer: The Discord.io custom invite service has temporarily shut down after suffering a data breach exposing the information of 760,000 members. Discord.io is not an official Discord site but a third-party service allowing server owners to create custom invites to their channels. Most of the community was built around the service's Discord server, with over 14,000 members.

Yesterday, a person known as 'Akhirah' began offering the Discord.io database for sale on the new Breached hacking forums. As proof of the theft, the threat actor shared four user records from the database. The most sensitive information in the breach is a member's username, email address, billing address (small number of people), salted and hashed password (small number of people), and Discord ID. "This information is not private and can be obtained by anyone sharing a server with you. Its inclusion in the breach does, however, mean that other people might be able to link your Discord account to a given email address," Discord.io explained about the leaking of Discord IDs.

The judge overseeing Apple's "batterygate" iPhone throttling lawsuit has cleared the way for payments to be sent out. MacRumors reports: Apple in 2020 agreed to pay $500 million to settle the "batterygate" lawsuit, which accused the company of secretly throttling older iPhone models. The class action lawsuit was open to U.S. customers who had an iPhone 6, 6 Plus, 6s, 6s Plus, 7, or 7 Plus running iOS 10.2.1 or iOS 11.2 prior to December 21, 2017. [...] Apple ultimately apologized for its lack of communication and dropped the price of battery replacements to $29 through the end of 2018. iPhone owners eligible for a payout would have needed to submit a claim back in 2020, and submissions were open through October 6, 2020. Those who submitted a claim back then will be eligible for a payment, which will be around $65 per claimant.

An anonymous reader quotes a report from TechCrunch: Iraq's telecom ministry lifted the ban on Telegram over the weekend, days after the agency blocked the chat app over security concerns. The ministry said it lifted the ban because of the "response of the company that owns the application to the requirements of the security authorities," which required Telegram to reveal sources leaking data of officials and citizens, according to a translated statement. Telegram has shown commitment to communicating with authorities about security concerns, the ministry said, insisting that it "doesn't stand against freedom of expression."

Telegram told Reuters that the company forbids users from posting private data on the platform without consent. Telegram didn't share any private user data with Iraqi authorities, the messaging app operator told the publication. "We can confirm that our moderators took down several channels sharing personal data. However, we can also confirm that no private user data was requested from Telegram and that none has been shared," the company told the publication in a statement. Context: "Last week, Iraq banned the chat app saying that many channels were publishing citizen's private data such as names, addresses, and family ties with other people," reports TechCrunch. "At that time, the ministry said that Telegram -- which has more than 800 million users globally -- didn't respond to its requests, and as a result, the country banned the app."

According to the Globe Gazette, the school board of Mason City, Iowa has begun leveraging AI technology to cultivate lists of potentially bannable books from the district's libraries ahead of the 2023/24 school year. Engadget reports: In May, the Republican-controlled state legislature passed, and Governor Kim Reynolds subsequently signed, Senate File 496 (SF 496), which enacted sweeping changes to the state's education curriculum. Specifically it limits what books can be made available in school libraries and classrooms, requiring titles to be "age appropriateâ and without "descriptions or visual depictions of a sex act," per Iowa Code 702.17. But ensuring that every book in the district's archives adhere to these new rules is quickly turning into a mammoth undertaking. "Our classroom and school libraries have vast collections, consisting of texts purchased, donated, and found," Bridgette Exman, assistant superintendent of curriculum and instruction at Mason City Community School District, said in a statement. "It is simply not feasible to read every book and filter for these new requirements."

As such, the Mason City School District is bringing in AI to parse suspect texts for banned ideas and descriptions since there are simply too many titles for human reviewers to cover on their own. Per the district, a "master list" is first cobbled together from "several sources" based on whether there were previous complaints of sexual content. Books from that list are then scanned by "AI software" -- the district doesn't specify which systems will be employed -- which tells the state censors whether or not there actually is a depiction of sex in the book. So far, the AI has flagged 19 books for removal. [The full list is available here.]

An anonymous reader quotes a report from TechCrunch: Millions of Americans had their sensitive medical and health information stolen after hackers exploiting a zero-day vulnerability in the widely used MOVEit file transfer software raided systems operated by tech giant IBM. Colorado's Department of Health Care Policy and Financing (HCPF), which is responsible for administering Colorado's Medicaid program, confirmed on Friday that it had fallen victim to the MOVEit mass-hacks, exposing the data of more than four million patients.

In a data breach notification (PDF) to those affected, Colorado's HCPF said that the data was compromised because IBM, one of the state's vendors, "uses the MOVEit application to move HCPF data files in the normal course of business." The letter states that while no HCPF or Colorado state government systems were affected by this issue, "certain HCPF files on the MOVEit application used by IBM were accessed by the unauthorized actor." These files include patients' full names, dates of birth, home addresses, Social Security numbers, Medicaid and Medicare ID numbers, income information, clinical and medical data including lab results and medication, and health insurance information. HCPF says about 4.1 million individuals are affected.

IBM has yet to publicly confirm that it was affected by the MOVEit mass-hacks, and an IBM spokesperson did not respond to a request for comment by TechCrunch. The breach of IBM's MOVEit systems also impacted Missouri's Department of Social Services (DSS), though the number of affected individuals is not yet known. More than six million people live in Missouri state. In a data breach notification posted last week, Missouri's DSS said: "IBM is a vendor that provides services to DSS, the state agency that provides Medicaid services to eligible Missourians. The data vulnerability did not directly impact any DSS systems, but impacted data belonging to DSS." DSS says that the data accessed may include an individual's name, department client number, date of birth, possible benefit eligibility status or coverage, and medical claims information.

A bomb threat against Caesars Forum, the main venue for this week's DEF CON hacking convention, led to the halls being cleared on Saturday evening and the building searched by fire crews and police officers. The Register reports: The timing was very bad, coming in the evening of the main party night for the event. The conference Goons, the red-shirted volunteers who serve as guides and organizers, were praised by attendees for managing the evacuation with aplomb, but when it became clear that the search for the suspect device was going to be hard to find, the DEC CON team cancelled the evening's festivities at Caesars, to the disappointment of thousands.

"Last night we were asked to evacuate the building due to a report of a suspicious package. Local police and fire departments conducted a thorough investigation and ultimately determined that the package was safe," the organizers said. "They also conducted additional sweeps of the building as a precaution before allowing our team to return and prepare for today's con. We are working quickly to keep the original schedule on track, but please check here for additional updates before arriving at DEF CON." The event kicked off on August 10 and wrapped up by August 13.

Presumably the hoax caller thought of themselves as a merry prankster, rather than the selfish idiot who ruined everyone's night - particularly the timing for those in the Track Four hall who were enjoying 2001: A Space Odyssey and who were forced to miss the crucial last 10 minutes of the movie. While tricks and pranks are something of a tradition, they only get respect if they are clever and intricate, not some fool showing they could use a telephone. It's not like security at the show wasn't heavy enough. The event was patrolled regularly by security guards in body armor with handguns, tasers, the occasional police dog, and a host of other equipment that was a bit of an overkill for a bunch of peaceable hackers. Dubbed by some as "Gravy SEALs," by the end of the show they were visibly warming up, and this hack saw several of them accepting stickers from attendees.