Thursday the BBC reported: Plane bodies made by Boeing's largest supplier regularly left the factory with serious defects, according to a former quality inspector at the firm. Santiago Paredes who worked for Spirit AeroSystems in Kansas, told the BBC he often found up to 200 defects on parts being readied for shipping to Boeing. He was nicknamed "showstopper" for slowing down production when he tried to tackle his concerns, he claimed.

Spirit said it "strongly disagree[d]" with the allegations. "We are vigorously defending against his claims," said a spokesperson for Spirit, which remains Boeing's largest supplier.

Mr Paredes made the allegations against Spirit in an exclusive interview with the BBC and the American network CBS, in which he described what he said he experienced while working at the firm between 2010 and 2022... "I was finding a lot of missing fasteners, a lot of bent parts, sometimes even missing parts...." Mr Paredes told the BBC that some of the defects he identified while at Spirit were minor — but others were more serious. He also claimed he was put under pressure to be less rigorous...

He now maintains he would be reluctant to fly on a 737 Max, in case it still carried flaws that originated in the Wichita factory. "I'd never met a lot of people who were scared of flying until I worked at Spirit," he said. "And then, being at Spirit, I met a lot of people who were afraid of flying — because they saw how they were building the fuselages."
"If quality mattered, I would still be at Spirit," Paredes told CBS News, speaking publicly for the first time. CBS News spoke with several current and former Spirit AeroSystems employees and reviewed photos of dented fuselages, missing fasteners and even a wrench they say was left behind in a supposedly ready-to-deliver component. Paredes said Boeing knew for years Spirit was delivering defective fuselages.
It could be just a coincidence, but the same day, the Associated Press ran story with this headline.

"Boeing plane carrying 85 people catches fire and skids off the runway in Senegal, injuring 10." It was the third incident involving a Boeing airplane this week. Also on Thursday, 190 people were safely evacuated from a plane in Turkey after one of its tires burst during landing at a southern airport, Turkey's transportation ministry said.

An anonymous reader quotes a report from Ars Technica: There's a fundamental flaw in current car safety tech: It's limited to line of sight. Or, perhaps, line of "sensing" is more accurate, because the way cameras and lidar work is to inspect the perimeter of a vehicle and use predictive algorithms to understand the motion of an object in relation to the motion of the vehicle itself. Which is good, because as carmakers have added elements such as pedestrian and cyclist detection, they're trying to prevent drivers from hurting the most vulnerable road users. And unfortunately this is necessary, because even though 2023 saw a slight reduction in drivers striking cyclists and pedestrians, according to the most recent data from the Governor's Highway Safety Association, since 2019 pedestrian fatalities are still up 14 percent -- and cyclist deaths are up 50 percent since 2010. That doesn't mean lidar and cameras have "failed," but because they rely on what the sensors can pick up, they cannot necessarily ID hazards (and alert drivers) as quickly as we need them to, particularly if that's a cyclist in your lane 300 feet down the road, just over the next rise. Yes, current sensing works well now with figuring out the pace of a traffic jam, and automatic emergency braking can step in to stop your car if you fail to. But for non-automotive obstacles, they're still limited.

For that, we need better tech, which is emerging and is called Connected Vehicle to Everything (C-V2X). The idea isn't that complicated. Boiled down, it's a chipset that operates on a portion of the cellular bandwidth, and vehicles with this tech embedded (say in an e-bike or car) monitor anything with a C-V2X chip as well as broadcast their own location at a pulse of 10 times a second. This precision location system would then warn a driver of a cyclist on the road ahead, even beyond line of sight, and in an emergency -- possibly because a cyclist was right in a car's path -- could prevent a collision. [W]ith C-V2X, you don't need Verizon or ATT or anything like that," explains Audi's Kamal Kapadia. Because it isn't using the cellular network -- it's using a portion of cellular bandwidth to allow direct object, or vehicle-to-vehicle, communication. Audi has been working on C-V2X for nearly a decade, and it's part of a group in the US called the Coalition for Cyclist Safety, which also includes suppliers like Bosch, a tech startup in the space called Spoke Safety, and bike brands such as massive Trek, parts supplier Shimano, more niche bikemakers like Switzerland's Stromer, as well as mega telco suppliers and networks such as Qualcomm, Deutsche Telekom, and TELUS. [...]

Mio Suzuki is Trek Bicycle's director of embedded systems, "and we are exploring all sorts of safety," she says. For instance, Trek recently introduced its own radar tail light, which warns riders of a car approaching rapidly -- Garmin has had similar systems for several years. But Suzuki is intrigued by C-V2X because it offers more advanced warning than rear-facing radar. "And unlike cars, we have a very vulnerable road user so we need to augment our senses and the rider's awareness of the riding environment, because we don't have a big metal shield around us." What Suzuki envisions this direct communication might enable is an e-bike where the rider has a display that would warn a rider "of an imminent danger that's approaching; a car might be coming from the side, but the view of the car is obstructed by a building, so the rider can't see." Franz Reindl is CTO of Stromer, a high-end Swiss brand that only makes e-bikes with very top tech, including ABS brakes. Reindl says they're also studying C-V2X. "Safety is one of our biggest promises, and we need to do everything we can with products and technologies to make it more safe for customers." Right now, only Audi and the VW Group have openly talked about using the tech. "Trek's Suzuki thinks that together, the Coalition and so many bike brands within it do have a strong voice," reports Ars. "She also envisions municipalities deploying the technology, especially around work crews and EMS, which should build broader momentum and pressure on automakers."

The Russia-linked ransomware group Black Basta is responsible for Wednesday's cyberattack on St. Louis-based Ascension health system, according to sources reported by CNN. The attack disrupted access to electronic health records, some phone systems and "various systems utilized to order certain tests, procedures and medications," the company said in a statement. From a report: On Friday, the nonprofit group Health-ISAC (Information Sharing and Analysis Center) issued an alert about the group, saying that Black Basta has "recently accelerated attacks against the healthcare sector." HHS said that Black Basta was initially spotted in early 2022, known for its double extortion attack. The group not only executes ransomware but also exfiltrates sensitive data, operating a cybercrime marketplace to publicly release it should a victim fail to pay a ransom.

"The level of sophistication by its proficient ransomware operators, and reluctance to recruit or advertise on Dark Web forums, supports why many suspect the nascent Black Basta may even be a rebrand of the Russian-speaking RaaS threat group Conti, or also linked to other Russian-speaking cyber threat groups," the alert from HHS said. According to one report from blockchain analytics firm Elliptic and cybersecurity risk-focused Corvus Insurance, Black Basta in less than two years has won itself more than $100 million via ransomware schemes from 329 organizations. Previous victims of its attacks include Dish Network, the American Dental Association, business process services firm Capita and tech firm ABB.

Full repairs to three submarine internet cables damaged in the Red Sea in February are being held up by disputes over who controls access to infrastructure in Yemeni waters. From a report: The Yemeni government has granted permits for the repair of two out of three cables, but refused the third because of a dispute with one of the cable's consortium members. Repairs to the Seacom and EIG cables have been approved, but the consortium that runs AAE-1, which includes telecommunications company TeleYemen, was not granted a permit by Yemen's internationally recognized government, according to documents seen by Bloomberg.

Three out of more than a dozen cables that run through the Red Sea, a critical route for connecting Europe's internet infrastructure to Asia's, were knocked offline by the Houthi-sunk Rubymar vessel in late February. Although the telecommunications data that passes along the damaged cables was re-routed, the incident highlighted the vulnerability of critical subsea infrastructure and the challenges of making repairs in a conflict zone. The dispute over the third cable derives from the split political control of TeleYemen, the country's sole telecommunications provider, a reflection of the country's broader geopolitical divisions.

An anonymous reader quotes a report from MSN: The US has revoked licenses allowing Huawei to buy semiconductors from Qualcomm and Intel, according to people familiar with the matter, further tightening export restrictions against the Chinese telecom equipment maker. Withdrawal of the licenses affects US sales of chips for use in Huawei phones and laptops, according to the people, who discussed the move on condition of anonymity. House Foreign Affairs Committee Chairman Michael McCaul confirmed the administration's decision in an interview Tuesday. He said the move is key to preventing China from developing advanced AI. "It's blocking any chips sold to Huawei," said McCaul, a Texas Republican who was briefed about the license decisions for Intel and Qualcomm. "Those are two companies we've always worried about being a little too close to China."

While the decision may not affect a significant volume of chips, it underscores the US government's determination to curtail China's access to a broad swathe of semiconductor technology. Officials are also considering sanctions against six Chinese firms that they suspect could supply chips to Huawei, which has been on a US trade restrictions list since 2019. [...] Qualcomm recently said that its business with Huawei is already limited and will soon shrink to nothing. It has been allowed to supply the Chinese company with chips that provide older 4G network connections. It's prohibited from selling ones that allow more advanced 5G access.

Motional, the autonomous vehicle startup borne out of a $4 billion joint venture between Hyundai and automotive supplier Aptiv, will pause its commercial operations and delay plans to launch a driverless taxi service as it undergoes a restructuring, TechCrunch reported Tuesday. From a report: The aim is make progress on the core technology and the business model, while preserving capital, according to sources familiar with the changes. Motional has pushed its plan to launch a commercial driverless robotaxi service with its second-generation AV -- the Hyundai Ioniq 5 -- to 2026, two years later than planned.

The company told employees Tuesday during an all-hands meeting that the changes will include layoffs, but did not provide a figure of how many people would be affected, according to sources who spoke to TechCrunch on condition of anonymity. Motional began notifying employees if they were laid off shortly after the meeting ended. The company employed more than 1,300 people prior to a 5% cut in workforce in March 2024. Motional will halt its commercial operations, which today includes taxi rides in autonomous Hyundai Ioniq 5 vehicles in Las Vegas via the Uber and Lyft network. The company will also end deliveries for Uber Eats customers in Santa Monica using its autonomous vehicles. A human safety operator is behind the wheel in all of its commercial operations.

Researchers have discovered a new attack that can force VPN applications to route traffic outside the encrypted tunnel, thereby exposing the user's traffic to potential snooping or manipulation. This vulnerability, named TunnelVision, is found in almost all VPNs on non-Linux and non-Android systems. It's believe that the vulnerability "may have been possible since 2002 and may already have been discovered and used in the wild since then," reports Ars Technica. From the report: The effect of TunnelVision is "the victim's traffic is now decloaked and being routed through the attacker directly," a video demonstration explained. "The attacker can read, drop or modify the leaked traffic and the victim maintains their connection to both the VPN and the Internet." The attack works by manipulating the DHCP server that allocates IP addresses to devices trying to connect to the local network. A setting known as option 121 allows the DHCP server to override default routing rules that send VPN traffic through a local IP address that initiates the encrypted tunnel. By using option 121 to route VPN traffic through the DHCP server, the attack diverts the data to the DHCP server itself. [...]

The attack can most effectively be carried out by a person who has administrative control over the network the target is connecting to. In that scenario, the attacker configures the DHCP server to use option 121. It's also possible for people who can connect to the network as an unprivileged user to perform the attack by setting up their own rogue DHCP server. The attack allows some or all traffic to be routed through the unencrypted tunnel. In either case, the VPN application will report that all data is being sent through the protected connection. Any traffic that's diverted away from this tunnel will not be encrypted by the VPN and the Internet IP address viewable by the remote user will belong to the network the VPN user is connected to, rather than one designated by the VPN app.

Interestingly, Android is the only operating system that fully immunizes VPN apps from the attack because it doesn't implement option 121. For all other OSes, there are no complete fixes. When apps run on Linux there's a setting that minimizes the effects, but even then TunnelVision can be used to exploit a side channel that can be used to de-anonymize destination traffic and perform targeted denial-of-service attacks. Network firewalls can also be configured to deny inbound and outbound traffic to and from the physical interface. This remedy is problematic for two reasons: (1) a VPN user connecting to an untrusted network has no ability to control the firewall and (2) it opens the same side channel present with the Linux mitigation. The most effective fixes are to run the VPN inside of a virtual machine whose network adapter isn't in bridged mode or to connect the VPN to the Internet through the Wi-Fi network of a cellular device. You can learn more about the research here.

Jack Dorsey is no longer on the board of Bluesky, the Twitter alternative he helped start. The announcement comes shortly after Dorsey unfollowed all but three accounts on X and referred to Elon Musk's platform as "freedom technology." The Verge reports: In two posts today, Bluesky thanked Dorsey while confirming his departure and adding that it's searching for a new board member "who shares our commitment to building a social network that puts people in control of their experience." [...] Neither Bluesky nor Dorsey himself seem to have said how or why he left the board. For now, two board members remain: CEO, Jay Graeber, and Jabber / XMPP inventor Jeremie Miller. Dorsey originally backed Bluesky in 2019 as a project to develop an open-source social media standard that he wanted Twitter to move to. He later joined its board of directors when it split from Twitter in 2022.

The Rabbit R1 is one of the first standalone AI companion devices to hit the market, offering the ability to translate languages, identify objects in your environment, and order DoorDash, among other things. It's been in the news last week for its all around poor reviews that cite poor battery life, painfully slow responses, and missing features (sound familiar?). Now, it's been confirmed that the Rabbit R1 is powered by an Android app that can run on existing Android phones. Android Authority reports: What ended up souring a lot of people's opinions on the product was the revelation -- in an Android Authority original report -- that the R1 is basically an Android app in a box. Many consumers who believed that the product would be better suited as a mobile app felt validated after our report, but there was one stickler in it that we needed to address: how we got the R1 launcher up and running on an Android phone. See, in our preliminary report, we mentioned that the Rabbit R1's launcher app is intended to be preinstalled in the firmware and be granted several privileged, system-level permissions. While that statement is still true, we should've clarified that the R1 launcher doesn't actually need those permissions. In fact, none of the system-level permissions that the R1 launcher requests are at all necessary for the app to perform its core functionality.

To prove this, we got the Rabbit R1 launcher up and running again on a stock, unrooted Android device (a Xiaomi 13T Pro), thanks to help from a team of reverse engineers including ChromMob, EmilyLShepherd, marceld505, thel3l, and uwukko. We were able to go through the entire setup process as if our device was an actual Rabbit R1. Afterwards, we were able to talk to ChatGPT, use the Vision function to identify objects, play music from Spotify, and even record voice notes. As demonstrated in our hands-on video at the top of this article, all of the existing core functionality that the Rabbit R1 offers would work as an Android or even iOS app. The only functions that wouldn't work are unrelated to the product's core functionality and are things your phone can already do, such as powering off or rebooting the device, toggling Bluetooth, connecting to a cellular or Wi-Fi network, or setting a screen lock.

During our research, Android Authority was also able to obtain a copy of the Rabbit R1's firmware. Our analysis reveals that Rabbit did not make significant modifications to the BSP (Board Support Package) provided by MediaTek. The R1, in fact, still ships with all the standard apps included in AOSP, as well as the many apps provided by MediaTek. This is despite the fact that none of these apps are needed nor ever shown to the user, obviously. Rabbit only made a few changes to the AOSP build that MediaTek provided them, such as adding the aforementioned R1 launcher app, adding a fork of the open-source "AnySoftKeyboard" app with a custom theme, adding an OTA updater app, and adding a custom boot animation. [...] Yes, it's true that all the R1 launcher does is act as a local client to the cloud services offered by Rabbit, which is what truly handles the core functionality. It's also true that there's nothing wrong or unusual with companies using AOSP for their own hardware. But the fact of the matter is that Rabbit does little to justify its use of custom hardware except by making the R1 have an eye-catching design.

PlayStation has reversed course on the Helldivers 2 PSN account requirement, walking back the unpopular policy after a weekend long backlash that included tens of thousands of negative reviews, some of which spread to Sony's other Steam games. From a report: "Helldivers fans -- we've heard your feedback on the Helldivers 2 account linking update. The May 6 update, which would have required Steam and PlayStation Network account linking for new players and for current players beginning May 30, will not be moving forward," PlayStation wrote on its official account.

"We're still learning what is best for PC players and your feedback has been invaluable. Thanks again for your continued support of Helldivers 2 and we'll keep you updated on future plans." PlayStation's decision means that Helldivers 2 players on Steam won't have to link a PSN account in order to play. The unpopular policy, which would have seen new players confronted with a mandatory login beginning this week, resulted in Helldivers 2 being delisted in around 177 countries.

Wednesday Rest of World noticed an overlooked tech story in Argentina: Olga de León looked confused as she walked out of a nightclub on the edge of Buenos Aires on a recent Tuesday afternoon. She had just had her iris scanned. "No one told me what they'll do with my eye," de León, 57, told Rest of World. "But I did this out of need." De León, who lives off the $95 pension she receives from the state, had been desperate for money. Persuaded by her nephew, she agreed to have one of her irises scanned by Worldcoin, Sam Altman's blockchain project. In exchange, she received nearly $50 worth of WLD, the company's cryptocurrency.

De León is one of about half a million Argentines who have handed their biometric data over to Worldcoin. Beaten down by the country's 288% inflation rate and growing unemployment, they have flocked to Worldcoin Orb verification hubs, eager to get the sign-up crypto bonus offered by the company. A network of intermediaries — who earn a commission from every iris scan — has lured many into signing up for the practice in Argentina, where data privacy laws remain weak. But as the popularity of Worldcoin skyrockets in the country, experts have sounded the alarm about the dangers of giving away biometric data. Two provinces are now pushing for legal investigations. "Seeing that [iris scans have] been banned in European countries, shouldn't we be trying to stop it, too?" Javier Smaldone, a software consultant and digital security expert, told Rest of World.
Last month Worldcoin's web site announced that more than 10 million people in 160 countries had created a World ID and compatible wallet (performing 75 million transactions) — and that 5,195,475 people had also verified their World ID using Worldcoin's iris-scanning Orb.

But the article notes a big drop in the number of countries even allowing Worldcoin's iris-scanning — from 25 to just eight. While in less than a year Worldcoin opened nearly 60 centers across Argentina...

The blog Its FOSS has 15,000 followers for its Mastodon account — which they think is causing problems: When you share a link on Mastodon, a link preview is generated for it, right? With Mastodon being a federated platform (a part of the Fediverse), the request to generate a link preview is not generated by just one Mastodon instance. There are many instances connected to it who also initiate requests for the content almost immediately. And, this "fediverse effect" increases the load on the website's server in a big way.

Sure, some websites may not get overwhelmed with the requests, but Mastodon does generate numerous hits, increasing the load on the server. Especially, if the link reaches a profile with more followers (and a broader network of instances)... We tried it on our Mastodon profile, and every time we shared a link, we were able to successfully make our website unresponsive or slow to load.
Slashdot reader nunojsilva is skeptical that "blurbs with a thumbnail and description" could create the issue (rather than, say, poorly-optimized web content). But the It's Foss blog says they found three GitHub issues about the same problem — one from 2017, and two more from 2023. And other blogs also reported the same issue over a year ago — including software developer Michael Nordmeyer and legendary Netscape programmer Jamie Zawinski.

And back in 2022, security engineer Chris Partridge wrote: [A] single roughly ~3KB POST to Mastodon caused servers to pull a bit of HTML and... an image. In total, 114.7 MB of data was requested from my site in just under five minutes — making for a traffic amplification of 36704:1. [Not counting the image.]
Its Foss reports Mastodon's official position that the issue has been "moved as a milestone for a future 4.4.0 release. As things stand now, the 4.4.0 release could take a year or more (who knows?)."

They also state their opinion that the issue "should have been prioritized for a faster fix... Don't you think as a community-powered, open-source project, it should be possible to attend to a long-standing bug, as serious as this one?"

Markos Moulitsas is the poll-watching founder of the political blog Daily Kos. Thursday he wrote that in 2021, future third-party presidential candidate RFK Jr. had sued their web site.

"Things are not going well for him." Back in 2021, Robert F. Kennedy Jr. sued Daily Kos to unmask the identity of a community member who posted a critical story about his dalliance with neo-Nazis at a Berlin rally. I updated the story here, here, here, here, and here.

To briefly summarize, Kennedy wanted us to doxx our community member, and we stridently refused.
The site and the politician then continued fighting for more than three years. "Daily Kos lost the first legal round in court," Moulitsas posted in 2021, "thanks to a judge who is apparently unconcerned with First Amendment ramifications given the chilling effect of her ruling."

But even then, Moulitsas was clear on his rights: Because of Section 230 of the Communications Decency Act, [Kennedy] cannot sue Daily Kos — the site itself — for defamation. We are protected by the so-called safe harbor. That's why he's demanding we reveal what we know about "DowneastDem" so they can sue her or him directly.
Moulitsas also stressed that his own 2021 blog post was "reiterating everything that community member wrote, and expanding on it. And so instead of going after a pseudonymous community writer/diarist on this site, maybe Kennedy will drop that pointless lawsuit and go after me... consider this an escalation." (Among other things, the post cited a German-language news account saying Kennedy "sounded the alarm concerning the 5G mobile network and Microsoft founder Bill Gates..." Moulitsas also noted an Irish Times article which confirmed that at the rally Kennedy spoke at, "Noticeable numbers of neo-Nazis, kitted out with historic Reich flags and other extremist accessories, mixed in with the crowd.")

So what happened? Moulitsas posted an update Thursday: Shockingly, Kennedy got a trial court judge in New York to agree with him, and a subpoena was issued to Daily Kos to turn over any information we might have on the account. However, we are based in California, not New York, so once I received the subpoena at home, we had a California court not just quash the subpoena, but essentially signal that if New York didn't do the right thing on appeal, California could very well take care of it.

It's been a while since I updated, and given a favorable court ruling Thursday, it's way past time to catch everyone up.
New York is one of the U.S. states that doesn't have a strict "Dendrite standard" law protecting anonymous speech. But soon the blog founder discovered he had allies: The issues at hand are so important that The New York Times, the E.W.Scripps Company, the First Amendment Coalition, New York Public Radio, and seven other New York media companies joined the appeals effort with their own joint amicus brief. What started as a dispute over a Daily Kos diarist has become a meaningful First Amendment battle, with major repercussions given New York's role as a major news media and distribution center.

After reportedly spending over $1 million on legal fees, Kennedy somehow discovered the identity of our community member sometime last year and promptly filed a defamation suit in New Hampshire in what seemed a clumsy attempt at forum shopping, or the practice of choosing where to file suit based on the belief you'll be granted a favorable outcome. The community member lives in Maine, Kennedy lives in California, and Daily Kos doesn't publish specifically in New Hampshire. A perplexed court threw out the case this past February on those obvious jurisdictional grounds....

Then, last week, the judge threw out the appeal of that decision because Kennedy's lawyer didn't file in time — and blamed the delay on bad Wi-Fi...

Kennedy tried to dismiss the original case, the one awaiting an appellate decision in New York, claiming it was now moot. His legal team had sued to get the community member's identity, and now that they had it, they argued that there was no reason for the case to continue. We disagreed, arguing that there were important issues to resolve (i.e., Dendrite), and we also wanted lawyer fees for their unconstitutional assault on our First Amendment rights...

On Thursday, in a unanimous decision, a four-judge New York Supreme Court appellate panel ordered the case to continue, keeping the Dendrite issue alive and also allowing us to proceed in seeking damages based on New York's anti-SLAPP law, which prohibits "strategic lawsuits against public participation."
Thursday's blog post concludes with this summation. "Kennedy opened up a can of worms and has spent millions fighting this stupid battle. Despite his losses, we aren't letting him weasel out of this."

An anonymous reader quotes a report from Wired: Join your localMilitia or III% Patriot Group," a post urged the more than 650 members of a Facebook group called the Free American Army. Accompanied by the logo for the Three Percenters militia network and an image of a man in tactical gear holding a long rifle, the post continues: "Now more than ever. Support the American militia page." Other content and messaging in the group is similar. And despite the fact that Facebook bans paramilitary organizing and deemed the Three Percenters an "armed militia group" on its 2021 Dangerous Individuals and Organizations List, the post and group remained up until WIRED contacted Meta for comment about its existence.

Free American Army is just one of around 200 similar Facebook groups and profiles, most of which are still live, that anti-government and far-right extremists are using to coordinate local militia activity around the country. After lying low for several years in the aftermath of the US Capitol riot on January 6, militia extremists have been quietly reorganizing, ramping up recruitment and rhetoric on Facebook -- with apparently little concern that Meta will enforce its ban against them, according to new research by the Tech Transparency Project, shared exclusively with WIRED.

Individuals across the US with long-standing ties to militia groups are creating networks of Facebook pages, urging others to recruit "active patriots" and attend meetups, and openly associating themselves with known militia-related sub-ideologies like that of the anti-government Three Percenter movement. They're also advertising combat training and telling their followers to be "prepared" for whatever lies ahead. These groups are trying to facilitate local organizing, state by state and county by county. Their goals are vague, but many of their posts convey a general sense of urgency about the need to prepare for "war" or to "stand up" against many supposed enemies, including drag queens, immigrants, pro-Palestine college students, communists -- and the US government. These groups are also rebuilding at a moment when anti-government rhetoric has continued to surge in mainstream political discourse ahead of a contentious, high-stakes presidential election. And by doing all of this on Facebook, they're hoping to reach a broader pool of prospective recruits than they would on a comparatively fringe platform like Telegram. "Many of these groups are no longer fractured sets of localized militia but coalitions formed between multiple militia groups, many with Three Percenters at the helm," said Katie Paul, director of the Tech Transparency Project. "Facebook remains the largest gathering place for extremists and militia movements to cast a wide net and funnel users to more private chats, including on the platform, where they can plan and coordinate with impunity."

Paul has been monitoring "hundreds" of these groups and profiles since 2021 and found that they have been growing "increasingly emboldened with more serious and coordinated organizing" in the past year.

"Players who made Steam purchases of Helldivers 2 are now, months after the fact, being told by Sony that their games will be useless unless linked to a PSN account," writes longtime Slashdot reader Baron_Yam. From a report: Publisher Sony Interactive Entertainment announced today that Helldivers 2 players on Steam will soon be required to link their in-game profiles to a PlayStation Network account -- a feature that was optional at launch due to "technical issues" -- or risk losing access to the game. SIE explained that account linking allows players to take advantage of "safety and security" provided by PlayStation, as it can more easily protect folks from "griefing and abuse by enabling the banning of players that engage in that type of behavior."

Many Steam players haven't responded well to the news. As of the time of writing, over 2,500 negative user reviews have been submitted to the game's storefront page today, blemishing an otherwise spotless "Very Positive" rating. Some reviews cite data harvesting and security concerns as potential worries. Others point to the fact that Sony waited months after launch to make account linking mandatory. How this affects players in regions that don't have access to the PlayStation Network is a bigger concern, though. In the Helldivers 2 Discord, community manager Thomas 'Twinbeard' Petersson said they aren't yet sure what these rule changes meant for players in areas without PSN access, which could be another factor contributing to the negative downturn.

Plumpaquatsch writes: Investigators teamed up with colleagues from the Balkans and Lebanon in raids set up by months of intense surveillance. Authorities say the operation thwarted over 10 million euro in damages and led to 21 arrests.

Dubbed 'Operation Pandora,' the sting began in Germany in December 2023, after a suspicious bank teller contacted police when a 76-year-old customer from Freiburg sought to hurriedly withdraw 120,000 euro ($128,232) from her savings account to hand over to a fake police officer. When real police investigators tracked the internet-based telephone number that had been used to lure the woman, they discovered a veritable goldmine.

Rather than shutting down the number, authorities instead went on the offensive, setting up their own call center in which hundreds of officers from Baden-Wurttemberg, Bavaria, Berlin and Saxony worked around the clock monitoring some 1.3 million calls in real time, as the number from the initial scam was tied to an entire network of fraud call centers. Police were able to trace and record data from the calls, as well as warn potential victims of what was in fact happening, in turn winning valuable time to put together the April 18 sting.

Police say their efforts allowed them to thwart some 10 million euro in damages in roughly 6,000 cases of attempted fraud.

Aria Alamalhodaei reports via TechCrunch: Hubble Network has become the first company in history to establish a Bluetooth connection directly to a satellite -- a critical technology validation for the company, potentially opening the door to connecting millions more devices anywhere in the world. The Seattle-based startup launched its first two satellites to orbit on SpaceX's Transporter-10 ride-share mission in March; since that time, the company confirmed that it has received signals from the onboard 3.5mm Bluetooth chips from over 600 kilometers away.

The sky is truly the limit for space-enabled Bluetooth devices: the startup says its technology can be used in markets including logistics, cattle tracking, smart collars for pets, GPS watches for kids, car inventory, construction sites, and soil temperature monitoring. Haro said the low-hanging fruit is those industries that are desperate for network coverage even once per day, like remote asset monitoring for the oil and gas industry. As the constellation scales, Hubble will turn its attention to sectors that may need more frequent updates, like soil monitoring, to continuous coverage use cases like fall monitoring for the elderly. Once its up and running, a customer would simply need to integrate their devices' chipsets with a piece of firmware to enable connection to Hubble's network.

The National Archives and Records Administration (NARA) told employees Wednesday that it is blocking access to ChatGPT on agency-issued laptops to "protect our data from security threats associated with use of ChatGPT," 404 Media reported Wednesday. From the report: "NARA will block access to commercial ChatGPT on NARANet [an internal network] and on NARA issued laptops, tablets, desktop computers, and mobile phones beginning May 6, 2024," an email sent to all employees, and seen by 404 Media, reads. "NARA is taking this action to protect our data from security threats associated with use of ChatGPT."

The move is particularly notable considering that this directive is coming from, well, the National Archives, whose job is to keep an accurate historical record. The email explaining the ban says the agency is particularly concerned with internal government data being incorporated into ChatGPT and leaking through its services. "ChatGPT, in particular, actively incorporates information that is input by its users in other responses, with no limitations. Like other federal agencies, NARA has determined that ChatGPT's unrestricted approach to reusing input data poses an unacceptable risk to NARA data security," the email reads. The email goes on to explain that "If sensitive, non-public NARA data is entered into ChatGPT, our data will become part of the living data set without the ability to have it removed or purged."

LinkedIn, the professional network known for job listings and unsolicited career advice, is jumping into gaming. From a report: The platform is officially introducing a set of Wordle-style puzzle games, weeks after they were first spotted in the app. The company is starting with three games: Pinpoint, a word game where players must guess the theme that ties a series of words together; Queens, a puzzle game that's a bit like a cross between Sudoku and Minesweeper; and Crossclimb, a trivia game that involves guessing a series of four-letter words and placing them in the correct order.

LinkedIn describes them as "thinking-oriented games," though the format will likely look familiar to fans of The New York Times Games app. Each game can only be played once a day, and players can share their score with friends in cute emoji-filled messages reminiscent of the "Wordle grid." The service will also keep track of "streaks," to encourage players to come back every day. Given the similarities, it shouldn't be surprising that games were developed by LinkedIn's news team, which recently hired a dedicated games editor.

Satellite operator SES plans to buy fellow satellite operator Intelsat, in a $3.1 billion deal that's expected to close next year. According to Space Magazine, the combined company could help it "compete with SpaceX's huge Starlink broadband network." From the report: SES and Intelsat both operate communications satellites in geostationary orbit, which lies 22,236 miles (35,785 kilometers) above Earth. SES also runs a constellation called O3b in medium Earth orbit, at an altitude of about 5,000 miles (8,000 km). As [SES CEO Adel Al-Saleh] noted, there is increasingly fierce competition for the services provided by these satellites -- for example, from SpaceX's Starlink megaconstellation in low Earth orbit. And other LEO megaconstellations are in the works as well. For instance, Amazon launched the first two prototypes for its planned 3,200-satellite Project Kuiper network this past October.

"By combining our financial strength and world-class team with that of SES, we create a more competitive, growth-oriented solutions provider in an industry going through disruptive change," Intelsat CEO David Wajsgras said in the same statement. "The combined company will be positioned to meet customers' needs around the world and exceed their expectations," he added.