Government

Substack Says It'll Legally Defend Writers 'Targeted By the Government' (theverge.com) 17

Substack has announced it will legally support foreign writers lawfully residing in the U.S. who face government targeting over their published work, partnering with the nonprofit FIRE to expand its existing Defender program. The Verge reports: In their announcement, Substack and FIRE mention the international Tufts University student who was arrested by federal agents last week. Her legal team links her arrest to an opinion piece she co-wrote for the school's newspaper last year, which criticized Tufts for failing to comply with requests to divest from companies with connections to Israel. "If true, this represents a chilling escalation in the government's effort to target critics of American foreign policy," Substack and FIRE write.

The initiative builds on Substack's Defender program, which already offers legal assistance for independent journalists and creators on the platform. The company says it has supported "dozens" of Substack writers facing claims of defamation and trademark infringement since it launched the program in the US in 2020. It has since brought Substack Defender to writers in Canada and the UK.

The Courts

Donkey Kong Champion Wins Defamation Case Against Australian YouTuber Karl Jobst (theguardian.com) 46

An anonymous reader quotes a report from The Guardian: A professional YouTuber in Queensland has been ordered to pay $350,000 plus interest and costs to the former world record score holder for Donkey Kong, after the Brisbane district court found the YouTuber had defamed him "recklessly" with false claims of a link between a lawsuit and another YouTuber's suicide. William "Billy" Mitchell, an American gamer who had held world records in Donkey Kong and Pac-Man going back to 1982, as recognized by the Guinness World Records and the video game database Twin Galaxies, brought the case against Karl Jobst, seeking $400,000 in general damages and $50,000 in aggravated damages.

Jobst, who makes videos about "speed running" (finishing games as fast as possible), as well as gaming records and cheating in games, made a number of allegations against Mitchell in a 2021 YouTube video. He accused Mitchell of cheating, and "pursuing unmeritorious litigation" against others who had also accused him of cheating, the court judgment stated. The court heard Mitchell was accused in 2017 of cheating in his Donkey Kong world records by using emulation software instead of original arcade hardware. Twin Galaxies investigated the allegation, and subsequently removed Mitchell's scores and banned him from participating in its competitions. The Guinness World Records disqualified Mitchell as a holder of all his records -- in both Donkey Kong and Pac-Man -- after the Twin Galaxies decision. The judgment stated that Jobst's 2021 video also linked the December 2020 suicide of another YouTuber, Apollo Legend, to "stress arising from [his] settlement" with Mitchell, and wrongly asserted that Apollo Legend had to pay Mitchell "a large sum of money."

Privacy

FTC Says 23andMe Purchaser Must Uphold Existing Privacy Policy For Data Handling (therecord.media) 21

The FTC has warned that any buyer of 23andMe must honor the company's current privacy policy, which ensures consumers retain control over their genetic data and can delete it at will. FTC Chair Andrew Ferguson emphasized that such promises must be upheld, given the uniquely sensitive and immutable nature of genetic information. The Record reports: The letter, sent to the DOJ's United States Trustee Program, highlights several assurances 23andMe makes in its privacy policy, including that users are in control of their data and can determine how and for what purposes it is used. The company also gives users the ability to delete their data at will, the letter says, arguing that 23andMe has made "direct representations" to consumers about how it uses, shares and safeguards their personal information, including in the case of bankruptcy.

Pointing to statements that the company's leadership has made asserting that user data should be considered an asset, Ferguson highlighted that 23andMe's privacy statement tells users it does not share their data with insurers, employers, public databases or law enforcement without a court order, search warrant or subpoena. It also promises consumers that it only shares their personal data in cases where it is needed to provide services, Ferguson added. The genetic testing and ancestry company is explicit that its data protection guidelines apply to new entities it may be sold or transferred to, Ferguson said.

Social Networks

Arkansas Social Media Age Verification Law Blocked By Federal Judge (engadget.com) 11

A federal judge struck down Arkansas' Social Media Safety Act, ruling it unconstitutional for broadly restricting both adult and minor speech and imposing vague requirements on platforms. Engadget reports: In a ruling (PDF), Judge Timothy Brooks said that the law, known as Act 689 (PDF), was overly broad. "Act 689 is a content-based restriction on speech, and it is not targeted to address the harms the State has identified," Brooks wrote in his decision. "Arkansas takes a hatchet to adults' and minors' protected speech alike though the Constitution demands it use a scalpel." Brooks also highlighted the "unconstitutionally vague" applicability of the law, which seemingly created obligations for some online services, but may have exempted services which had the "predominant or exclusive function [of]... direct messaging" like Snapchat.

"The court confirms what we have been arguing from the start: laws restricting access to protected speech violate the First Amendment," NetChoice's Chris Marchese said in a statement. "This ruling protects Americans from having to hand over their IDs or biometric data just to access constitutionally protected speech online." It's not clear if state officials in Arkansas will appeal the ruling. "I respect the court's decision, and we are evaluating our options," Arkansas Attorney general Tim Griffin said in a statement.

Privacy

UK's GCHQ Intern Transferred Top Secret Files To His Phone (bbc.co.uk) 48

Bruce66423 shares a report from the BBC: A former GCHQ intern has admitted risking national security by taking top secret data home with him on his mobile phone. Hasaan Arshad, 25, pleaded guilty to an offence under the Computer Misuse Act on what would have been the first day of his trial at the Old Bailey in London. The charge related to committing an unauthorised act which risked damaging national security.

Arshad, from Rochdale in Greater Manchester, is said to have transferred sensitive data from a secure computer to his phone, which he had taken into a top secret area of GCHQ on 24 August 2022. [...] The court heard that Arshad took his work mobile into a top secret GCHQ area and connected it to work station. He then transferred sensitive data from a secure, top secret computer to the phone before taking it home, it was claimed. Arshad then transferred the data from the phone to a hard drive connected to his personal home computer.
"Seriously? What on earth was the UK's equivalent of the NSA doing allowing its hardware to carry out such a transfer?" questions Bruce66423.
The Courts

Google To Pay $100 Million To Settle 14-Year-Old Advertising Lawsuit (msn.com) 6

An anonymous reader quotes a report from Reuters: Google has agreed to pay $100 million in cash to settle a long-running lawsuit claiming it overcharged advertisers by failing to provide promised discounts and charged for clicks on ads outside the geographic areas the advertisers targeted. A preliminary settlement of the 14-year-old class action, which began in March 2011, was filed late Thursday in the San Jose, California, federal court, and requires a judge's approval.

Advertisers who participated in Google's AdWords program, now known as Google Ads, accused the search engine operator of breaching its contract by manipulating its Smart Pricing formula to artificially reduce discounts. The advertisers also said Google, a unit of Mountain View, California-based Alphabet, misled them by failing to limit ad distribution to locations they designated, violating California's unfair competition law. Thursday's settlement covers advertisers who used AdWords between January 1, 2004, and December 13, 2012.

Google denied wrongdoing in agreeing to settle. "This case was about ad product features we changed over a decade ago and we're pleased it's resolved," spokesman Jose Castaneda said in an emailed statement. Lawyers for the plaintiffs may seek fees of up to 33% of the settlement fund, plus $4.2 million for expenses. According to court papers, the case took a long time as the parties produced extensive evidence, including more than 910,000 pages of documents and multiple terabytes of click data from Google, and participated in six mediation sessions before four different mediators.

Biotech

Open Source Genetic Database Shuts Down To Protect Users From 'Authoritarian Governments' (404media.co) 28

An anonymous reader quotes a report from 404 Media: The creator of an open source genetic database is shutting it down and deleting all of its data because he has come to believe that its existence is dangerous with "a rise in far-right and other authoritarian governments" in the United States and elsewhere. "The largest use case for DTC genetic data was not biomedical research or research in big pharma," Bastian Greshake Tzovaras, the founder of OpenSNP, wrote in a blog post. "Instead, the transformative impact of the data came to fruition among law enforcement agencies, who have put the genealogical properties of genetic data to use."

OpenSNP has collected roughly 7,500 genomes over the last 14 years, primarily by allowing people to voluntarily submit their own genetic information they have downloaded from 23andMe. With the bankruptcy of 23andMe, increased interest in genetic data by law enforcement, and the return of Donald Trump and rise of authoritarian governments worldwide, Greshake Tzovaras told 404 Media he no longer believes it is ethical to run the database. "I've been thinking about it since 23andMe was on the verge of bankruptcy and been really considering it since the U.S. election. It definitely is really bad over there [in the United States]," Greshake Tzovaras told 404 Media. "I am quite relieved to have made the decision and come to a conclusion. It's been weighing on my mind for a long time."

Greshake Tzovaras said that he is proud of the OpenSNP project, but that, in a world where scientific data is being censored and deleted and where the Trump administration has focused on criminalizing immigrants and trans people, he now believes that the most responsible thing to do is to delete the data and shut down the project. "Most people in OpenSNP may not be at particular risk right now, but there are people from vulnerable populations in here as well," Greshake Tzovaras said. "Thinking about gender representation, minorities, sexual orientation -- 23andMe has been working on the whole 'gay gene' thing, it's conceivable that this would at some point in the future become an issue."
"Across the globe there is a rise in far-right and other authoritarian governments. While they are cracking down on free and open societies, they are also dedicated to replacing scientific thought and reasoning with pseudoscience across disciplines," Greshake Tzovaras wrote. "The risk/benefit calculus of providing free & open access to individual genetic data in 2025 is very different compared to 14 years ago. And so, sunsetting openSNP -- along with deleting the data stored within it -- feels like it is the most responsible act of stewardship for these data today."

"The interesting thing to me is there are data preservation efforts in the U.S. because the government is deleting scientific data that they don't like. This is approaching that same problem from a different direction," he added. "We need to protect the people in this database. I am supportive of preserving scientific data and knowledge, but the data comes second -- the people come first. We prefer deleting the data."
Privacy

FBI Raids Home of Prominent Computer Scientist Who Has Gone Incommunicado (arstechnica.com) 95

An anonymous reader shares a report: A prominent computer scientist who has spent 20 years publishing academic papers on cryptography, privacy, and cybersecurity has gone incommunicado, had his professor profile, email account, and phone number removed by his employer, Indiana University, and had his homes raided by the FBI. No one knows why.

Xiaofeng Wang has a long list of prestigious titles. He was the associate dean for research at Indiana University's Luddy School of Informatics, Computing and Engineering, a fellow at the Institute of Electrical and Electronics Engineers and the American Association for the Advancement of Science, and a tenured professor at Indiana University at Bloomington. According to his employer, he has served as principal investigator on research projects totaling nearly $23 million over his 21 years there.

He has also co-authored scores of academic papers on a diverse range of research fields, including cryptography, systems security, and data privacy, including the protection of human genomic data.

Privacy

Nearly 1.5 Million Private Photos from Five Dating Apps Were Exposed Online (bbc.com) 32

"Researchers have discovered nearly 1.5 million pictures from specialist dating apps — many of which are explicit — being stored online without password protection," reports the BBC, "leaving them vulnerable to hackers and extortionists."

And the images weren't limited to those from profiles, the BBC learned from the ethical hacker who discovered the issue. "They included pictures which had been sent privately in messages, and even some which had been removed by moderators..." Anyone with the link was able to view the private photos from five platforms developed by M.A.D Mobile [including two kink/BDSM sites and two LGBT apps]... These services are used by an estimated 800,000 to 900,000 people.

M.A.D Mobile was first warned about the security flaw on 20th January but didn't take action until the BBC emailed on Friday. They have since fixed it but not said how it happened or why they failed to protect the sensitive images. Ethical hacker Aras Nazarovas from Cybernews first alerted the firm about the security hole after finding the location of the online storage used by the apps by analysing the code that powers the services...

None of the text content of private messages was found to be stored in this way and the images are not labelled with user names or real names, which would make crafting targeted attacks at users more complex.

In an email M.A.D Mobile said it was grateful to the researcher for uncovering the vulnerability in the apps to prevent a data breach from occurring. But there's no guarantee that Mr Nazarovas was the only hacker to have found the image stash.

"Mr Nazarovas and his team decided to raise the alarm on Thursday while the issue was still live as they were concerned the company was not doing anything to fix it..."
Transportation

'Why Did the Government Declare War on My Adorable Tiny Truck?' (bloomberg.com) 168

Automotive historian Dan Albert loves the "adorable tiny truck" he's driving. It's one of the small Japan-made "kei" pickups and minivans that "make up about a third of car sales in Japan." Americans can legally import older models for less than $10,000, and getting 40 miles per gallon they're "Cheap to buy and run... rugged, practical, no-frills machines — exactly what the American-built pickup truck used to be."

But unfortunately, kei buyers face "bureaucratic roadblocks that states like Massachusetts have erected to keep kei cars and trucks out of the hands of U.S. drivers." Several state departments of motor vehicles (DMVs) have balked at registering the imported machines, saying that they're too unsafe for American streets. Owners have responded with a righteous mix of good humor, lobbying and lawsuits... Kei trucks do not meet the Federal Motor Vehicle Safety Standards, or FMVSS — the highly specific rules US-market new cars must meet. But since 1988, the Imported Vehicle Safety Compliance Act has exempted vehicles that are at least 25 years old from these crash safety standards, allowing drivers to bring over vintage European and Asian market models...

Getting insurance coverage was the next barrier, as the company that had long been underwriting the Albert family's fleet also rejected me, forcing me to seek out a specialty "collector car" insurer. (I did eventually get regular coverage....) Maine, Rhode Island, New York, Pennsylvania, Georgia, Virginia, and Michigan also tightened their rules on registering small Japanese imports in recent years. The culprit, according to the auto enthusiast press, was the American Association of Motor Vehicle Administrators, the trade organization that serves as the lobbying and policy arm of DMVs across North America. Much of AAMVA's work involves integrating the databases of the 69 US and Canadian motor vehicle jurisdictions who are its members, so that a car stolen in one state can't be titled in another... The kei truck's regulatory troubles can be traced to a 2011 AAMVA report, "Best Practices Regarding Registration and Titling of Mini-Trucks," which called for outright bans and encouraged DMVs to lobby state legislatures to outlaw keis entirely.

The Insurance Institute of Highway Safety concurred, telling AAMVA that its recommendation did not go far enough: The IIHS said that keis should join the class of conveyances that the U.S. government calls Low Speed Vehicles, which are mechanically limited to 25 miles per hour or less and should be used only for short local trips on low-speed-limit roads because they can't protect occupants in the event of a collision with a regular vehicle... [But] By 2008, Japan's kei trucks did feature crumple zones and driver airbags in compliance with that country's safety standards...

Despite its name, the Imported Vehicle Safety Compliance Act that lets older cars into the US from overseas isn't really about safety: Car industry lobbyists secured passage of the law to protect dealer profits. Newer keis — which are banned — are safer and cleaner than the 25-year-old ones that can be imported now. (Battery-powered keis debuted in 2009.) But even mine has an airbag, front crumple zone, seatbelt pretensioners, and anti-lock brakes.

The article notes that kie fans have "a distinctly libertarian streak... Some owners I've talked to report forging titles, setting up shell companies in Montana and finding other means of skirting DMV rules."

Thanks to long-time Slashdot reader schwit1 for sharing the article.
Privacy

Madison Square Garden Bans Fan After Surveillance System IDs Him as Critic of Its CEO (theverge.com) 96

An anonymous reader quotes a report from The Verge: A concert on Monday night at New York's Radio City Music Hall was a special occasion for Frank Miller: his parents' wedding anniversary. He didn't end up seeing the show -- and before he could even get past security, he was informed that he was in fact banned for life from the venue and all other properties owned by Madison Square Garden (MSG). After scanning his ticket and promptly being pulled aside by security, Miller was told by staff that he was barred from the MSG properties for an incident at the Garden in 2021. But Miller says he hasn't been to the venue in nearly two decades.

"They hand me a piece of paper letting me know that I've been added to a ban list," Miller says. "There's a trespass notice if I ever show up on any MSG property ever again," which includes venues like Radio City, the Beacon Theatre, the Sphere, and the Chicago Theatre. He was baffled at first. Then it dawned on him: this was probably about a T-shirt he designed years ago. MSG Entertainment won't say what happened with Miller or how he was picked out of the crowd, but he suspects he was identified via controversial facial recognition systems that the company deploys at its venues.

In 2017, 1990s New York Knicks star Charles Oakley was forcibly removed from his seat near Knicks owner and Madison Square Garden CEO James Dolan. The high-profile incident later spiraled into an ongoing legal battle. For Miller, Oakley was an "integral" part of the '90s Knicks, he says. With his background in graphic design, he made a shirt in the style of the old team logo that read, "Ban Dolan" -- a reference to the infamous scuffle. A few years later, in 2021, a friend of Miller's wore a Ban Dolan shirt to a Knicks game and was kicked out and banned from future events. That incident spawned ESPN segments and news articles and validated what many fans saw as a pettiness on Dolan and MSG's part for going after individual fans who criticized team ownership.
"Frank Miller Jr. made threats against an MSG executive on social media and produced and sold merchandise that was offensive in nature," Mikyl Cordova, executive vice president of communications and marketing for the company, said in an emailed statement. "His behavior was disrespectful and disruptive and in violation of our code of conduct."

Miller responded to the ban, saying: "I just found it comical, until I was told that my mom was crying [in the lobby]. I was like, 'Oh man, I ruined their anniversary with my shit talk on the internet. Memes are powerful, and so is the surveillance state. It's something that we all have to be aware of -- the panopticon. We're [being] surveilled at all times, and it's always framed as a safety thing, when rarely is that the case. It's more of a deterrent and a fear tactic to try to keep people in line."
Programming

DOGE To Rewrite SSA Codebase In 'Months' (wired.com) 317

Longtime Slashdot reader frank_adrian314159 writes: According to an article in Wired, Elon Musk has appointed a team of technologists from DOGE to "rewrite the code that runs the SSA in months." This codebase has over 60 million lines of COBOL and handles record keeping for all American workers and payments for all Social Security recipients. Given that the code has to track the byzantine regulations dealing with Social Security, it's no wonder that the codebase is this large. What is in question though is whether a small team can rewrite this code "in months." After all, what could possibly go wrong? "The project is being organized by Elon Musk lieutenant Steve Davis ... and aims to migrate all SSA systems off COBOL ... and onto a more modern replacement like Java within a scheduled tight timeframe of a few months," notes Wired.

"Under any circumstances, a migration of this size and scale would be a massive undertaking, experts tell WIRED, but the expedited deadline runs the risk of obstructing payments to the more than 65 million people in the US currently receiving Social Security benefits."

In 2017, SSA announced a plan to modernize its core systems with a timeline of around five years. However, the work was "pivoted away" because of the pandemic.
Crime

Trump Pardons Founder of Electric Vehicle Start-Up Nikola, Trevor Milton (theguardian.com) 64

An anonymous reader quotes a report from The Guardian: Trevor Milton, the founder of electric vehicle start-up Nikola who was sentenced to prison last year, was pardoned by Donald Trump late on Thursday, the White House confirmed on Friday. The pardon of Milton, who was sentenced to four years in prison for exaggerating the potential of his technology, could wipe out hundreds of millions of dollars in restitution that prosecutors were seeking for defrauded investors. Milton and his wife donated more than $1.8 million to a Trump re-election campaign fund less than a month before the November election, according to the Federal Election Commission.

At Milton's trial, prosecutors say a company video of a prototype truck appearing to be driven down a desert highway was actually a video of a non-functioning Nikola that had been rolled down a hill. Milton had not been incarcerated pending an appeal. Milton said late on Thursday on social media and via a press release that he had been pardoned by Trump. "I am incredibly grateful to President Trump for his courage in standing up for what is right and for granting me this sacred pardon of innocence," Milton said.
Here's a timeline of notable events surrounding Nikola:

June, 2016: Nikola Motor Receives Over 7,000 Preorders Worth Over $2.3 Billion For Its Electric Truck
December, 2016: Nikola Motor Company Reveals Hydrogen Fuel Cell Truck With Range of 1,200 Miles
February, 2020: Nikola Motors Unveils Hybrid Fuel-Cell Concept Truck With 600-Mile Range
June, 2020: Nikola Founder Exaggerated the Capability of His Debut Truck
September, 2020: Nikola Motors Accused of Massive Fraud, Ocean of Lies
September, 2020: Nikola Admits Prototype Was Rolling Downhill In Promo Video
September, 2020: Nikola Founder Trevor Milton Steps Down as Chairman in Battle With Short Seller
October, 2020: Nikola Stock Falls 14 Percent After CEO Downplays Badger Truck Plans
November, 2020: Nikola Stock Plunges As Company Cancels Badger Pickup Truck
July, 2021: Nikola Founder Trevor Milton Indicted on Three Counts of Fraud
December, 2021: EV Startup Nikola Agrees To $125 Million Settlement
September, 2022: Nikola Founder Lied To Investors About Tech, Prosecutor Says in Fraud Trial
December, 2023: Nikola Founder Trevor Milton Sentenced To 4 Years For Securities Fraud
February 19, 2025: Nikola Files for Bankruptcy With Plans To Sell Assets, Wind Down
Television

Smart TVs Are Employing Screen Monitoring Tech To Harvest User Data (vox.com) 44

Smart TV platforms are increasingly monitoring what appears on users' screens through Automatic Content Recognition (ACR) technology, building detailed viewer profiles for targeted advertising.

Roku, which transitioned from a hardware company to an advertising powerhouse, reported $3.5 billion in annual ad revenue for 2024 -- representing 85% of its total income. The company has aggressively acquired ACR-related firms, with Roku-owned technology winning an Emmy in 2023 for advancements in the field.

According to market research firm Antenna, 43% of all streaming subscriptions in the United States were ad-supported by late 2024, showing the industry's shift toward advertising-based models. Most users unknowingly consent to this monitoring when setting up their devices. Though consumers can technically disable ACR in their TV settings, doing so often restricts functionality.
Privacy

Again and Again, NSO Group's Customers Keep Getting Their Spyware Operations Caught (techcrunch.com) 8

An anonymous reader shares a report: Amnesty International published a new report this week detailing attempted hacks against two Serbian journalists, allegedly carried out with NSO Group's spyware Pegasus. The two journalists, who work for the Serbia-based Balkan Investigative Reporting Network (BIRN), received suspicious text messages including a link -- basically a phishing attack, according to the nonprofit. In one case, Amnesty said its researchers were able to click on the link in a safe environment and see that it led to a domain that they had previously identified as belonging to NSO Group's infrastructure.

"Amnesty International has spent years tracking NSO Group Pegasus spyware and how it has been used to target activists and journalists," Donncha O Cearbhaill, the head of Amnesty's Security Lab, told TechCrunch. "This technical research has allowed Amnesty to identify malicious websites used to deliver the Pegasus spyware, including the specific Pegasus domain used in this campaign."

To his point, security researchers like O Cearbhaill who have been keeping tabs on NSO's activities for years are now so good at spotting signs of the company's spyware that sometimes all researchers have to do is quickly look at a domain involved in an attack. In other words, NSO Group and its customers are losing their battle to stay in the shadows. "NSO has a basic problem: They are not as good at hiding as their customers think," John Scott-Railton, a senior researcher at The Citizen Lab, a human rights organization that has investigated spyware abuses since 2012, told TechCrunch.

Slashdot Top Deals