The Courts

News Orgs Say AI Firm Stole Articles, Spit Out 'Hallucinations' (arstechnica.com) 20

An anonymous reader quotes a report from Ars Technica: Conde Nast and several other media companies sued the AI startup Cohere today, alleging that it engaged in "systematic copyright and trademark infringement" by using news articles to train its large language model. "Without permission or compensation, Cohere uses scraped copies of our articles, through training, real-time use, and in outputs, to power its artificial intelligence ('AI') service, which in turn competes with Publisher offerings and the emerging market for AI licensing," said the lawsuit (PDF) filed in US District Court for the Southern District of New York. "Not content with just stealing our works, Cohere also blatantly manufactures fake pieces and attributes them to us, misleading the public and tarnishing our brands."

Conde Nast, which owns Ars Technica and other publications such as Wired and The New Yorker, was joined in the lawsuit by The Atlantic, Forbes, The Guardian, Insider, the Los Angeles Times, McClatchy, Newsday, The Plain Dealer, Politico, The Republican, the Toronto Star, and Vox Media. The complaint seeks statutory damages of up to $150,000 under the Copyright Act for each infringed work, or an amount based on actual damages and Cohere's profits. It also seeks "actual damages, Cohere's profits, and statutory damages up to the maximum provided by law" for infringement of trademarks and "false designations of origin."

In Exhibit A (PDF), the plaintiffs identified over 4,000 articles in what they called an "illustrative and non-exhaustive list of works that Cohere has infringed." Additional exhibits provide responses to queries (PDF) and "hallucinations" (PDF) that the publishers say infringe upon their copyrights and trademarks. The lawsuit said Cohere "passes off its own hallucinated articles as articles from Publishers."
Cohere said in a statement to Ars: "Cohere strongly stands by its practices for responsibly training its enterprise AI. We have long prioritized controls that mitigate the risk of IP infringement and respect the rights of holders. We would have welcomed a conversation about their specific concerns -- and the opportunity to explain our enterprise-focused approach -- rather than learning about them in a filing. We believe this lawsuit is misguided and frivolous, and expect this matter to be resolved in our favor."

Further reading: Thomson Reuters Wins First Major AI Copyright Case In the US
Crime

US Releases Russian Cybercriminal As Part of Prisoner Swap (theguardian.com) 55

The U.S. released Russian cybercriminal Alexander Vinnik, who pleaded guilty to conspiracy to commit money laundering through his cryptocurrency exchange BTC-e, as part of a prisoner swap that freed American schoolteacher Marc Fogel from Russian custody. The Guardian reports: Vinnik, who arrived in Moscow on a flight from Turkey on Tuesday after having been released from custody in California, is accused of owning and operating one of the largest cryptocurrency exchanges in the world, BTC-e, which prosecutors allege facilitated the transfer of billions of dollars in transactions for criminals worldwide. In May 2024, Vinnik pleaded guilty to conspiracy to launder billions of dollars through BTC-e. He was first arrested in Greece in 2017 at the request of the United States after he was charged by a US jury in a 21-count indictment.

The charges against him included money laundering, conspiracy to commit money laundering, operating an unlicensed money service business and engaging in unlawful monetary transactions, among others. Vinnik was first extradited to France from Greece, where he received a five-year prison sentence for money laundering. He was then sent back to Greece and extradited to the United States in 2022 to face US charges. The justice department described BTC-e, which was active from around 2011 to 2017, as a "significant cybercrime and online money laundering entity that allowed its users to trade in bitcoin with high levels of anonymity and developed a customer base heavily reliant on criminal activity." Prosecutors say that BTC-e processed over $9 bn worth of transactions and served over 1 million users globally, including numerous customers in the US.

US prosecutors said that the exchange was one of the "primary ways by which cyber criminals around the world transferred, laundered, and stored the criminal proceeds of their illegal activities" and accused Vinnik of operating the company with the intent to "promote" unlawful activities. Prosecutors said that he was responsible for more than $120m in losses. Vinnik, who is a nonviolent offender, is forfeiting tens of millions of dollars in assets in the exchange, according to the New York Times.

Nintendo

Nintendo Patent Push Against Hit Game Palworld Hits Roadblock in US 15

Nintendo is facing an uphill battle in its U.S. patent fight against Palworld creator Pocketpair, with the United States Patent and Trademark Office rejecting 22 out of 23 patent claims, according to gaming news site GamesFray.

While Nintendo has successfully obtained one patent covering character capture mechanics, the company is seeking additional protections related to gameplay features like "smooth switching of riding objects." An attorney representing Nintendo has requested a meeting with patent examiners to discuss the rejected claims. The patent dispute, which began in Japan where Nintendo is seeking $66,000 in damages, could have broader implications for the gaming industry if successful
Crime

Elizabeth Holmes Breaks Her Silence In First Interview From Prison (people.com) 138

Convicted Theranos founder, Elizabeth Holmes, had her first interview since being reported to prison in 2023, telling People magazine that she is still working on "research and inventions" in the healthcare space. Here's an excerpt from the article: Scheduled for release on April 3, 2032, Holmes says she hopes to travel with her family and to fight for reform of criminal justice system. She recently drafted an American Freedom Act bill -- a seven-page handwritten document -- to bolster the presumption of innocence and change criminal procedure. "This will be my life's work," says Holmes, adding that she is speaking out now as part of her mission to advocate on behalf of incarcerated persons and those ripped away from their children.

And, despite her global reputation as a biotech con artist who put lives at risk, she says she's continuing to write patents for new inventions and plans to resume her career in healthcare technology after her release. "There is not a day I have not continued to work on my research and inventions," she says. "I remain completely committed to my dream of making affordable healthcare solutions available to everyone."

For now, however, she is sustained by weekend visits from her family, when she can cuddle Invicta, watch William gather acorns in the prison yard and hold Evans's hand and briefly hug and kiss. (Conjugal visits are not allowed.) "It kills me to put my family through pain the way I do," she says. "But when I look back on my life, and these angels that have come into it, I can get through anything. It makes me want to fight for all of it."

The Almighty Buck

Woeful Security On Financial Phone Apps Is Getting People Murdered 161

Longtime Slashdot reader theodp writes: Monday brought chilling news reports of the all-count trial convictions of three individuals for a conspiracy to rob and drug people outside of LGBTQ+ nightclubs in Manhattan's Hell's Kitchen neighborhood, which led to the deaths of two of their victims. The defendants were found guilty on all 24 counts, which included murder, robbery, burglary, and conspiracy. "As proven at trial," explained the Manhattan District Attorney's Office in a press release, "the defendants lurked outside of nightclubs to exploit intoxicated individuals. They would give them drugs, laced with fentanyl, to incapacitate their victims so they could take the victims' phones and drain their online financial accounts [including unauthorized charges and transfers using Cash App, Apple Cash, Apple Pay]." District Attorney Alvin L. Bragg, Jr. added, "My Office will continue to take every measure possible to protect New Yorkers from this type of criminal conduct. That includes ensuring accountability for those who commit this harm, while also working with financial companies to enhance security measures on their phone apps."

In 2024, D.A. Bragg called on financial companies to better protect consumers from fraud, including: adding a second and separate password for accessing the app on a smartphone as a default security option; imposing lower default limits on the monetary amount of total daily transfers; requiring wait times of up to a day and secondary verification for large monetary transactions; better monitoring of accounts for unusual transfer activities; and asking for confirmation when suspicious transactions occur. "No longer is the smartphone itself the most lucrative target for scammers and robbers -- it's the financial apps contained within," said Bragg as he released letters (PDF) sent to the companies that own Venmo, Zelle, and Cash App. "Thousands or even tens of thousands can be drained from financial accounts in a matter of seconds with just a few taps. Without additional protections, customers' financial and physical safety is being put at risk. I hope these companies accept our request to discuss commonsense solutions to deter scammers and protect New Yorkers' hard-earned money."

"Our cellphones aren't safe," warned the EFF's Cooper Quintin in a 2018 New York Times op-ed. "So why aren't we fixing them?" Any thoughts on what can and should be done with software, hardware, and procedures to stop "bank jackings"?
AI

Scarlett Johansson Calls For Deepfake Ban After AI Video Goes Viral (people.com) 75

An anonymous reader quotes a report from People: Scarlett Johansson is urging U.S. legislators to place limits on artificial intelligence as an unauthorized, A.I.-generated video of her and other Jewish celebrities opposing Kanye West goes viral. The video, which has been circulating on social media, opens with an A.I. version of Johansson, 40, wearing a white T-shirt featuring a hand and its middle finger extended. In the center of the hand is a Star of David. The name "Kanye" is written underneath the hand.

The video contains A.I.-generated versions of over a dozen other Jewish celebrities, including Drake, Jerry Seinfeld, Steven Spielberg, Mark Zuckerberg, Jack Black, Mila Kunis and Lenny Kravitz. It ends with an A.I. Adam Sandler flipping his finger at the camera as the Jewish folk song "Hava Nagila" plays. The video ends with "Enough is Enough" and "Join the Fight Against Antisemitism." In a statement to PEOPLE, Johansson denounced what she called "the misuse of A.I., no matter what its messaging."
Johansson continued: "It has been brought to my attention by family members and friends, that an A.I.-generated video featuring my likeness, in response to an antisemitic view, has been circulating online and gaining traction. I am a Jewish woman who has no tolerance for antisemitism or hate speech of any kind. But I also firmly believe that the potential for hate speech multiplied by A.I. is a far greater threat than any one person who takes accountability for it. We must call out the misuse of A.I., no matter its messaging, or we risk losing a hold on reality."

"I have unfortunately been a very public victim of A.I.," she added, "but the truth is that the threat of A.I. affects each and every one of us. There is a 1000-foot wave coming regarding A.I. that several progressive countries, not including the United States, have responded to in a responsible manner. It is terrifying that the U.S. government is paralyzed when it comes to passing legislation that protects all of its citizens against the imminent dangers of A.I."

The statement concluded, "I urge the U.S. government to make the passing of legislation limiting A.I. use a top priority; it is a bipartisan issue that enormously affects the immediate future of humanity at large."

Johansson has been outspoken about AI technology since its rise in popularity. Last year, she called out OpenAI for using an AI personal assistant voice that the actress claims sounds uncannily similar to her own.
Bitcoin

Man Who Hijacked SEC's X Account To Pump Bitcoin Faces Up To 5 Years In Prison (gizmodo.com) 49

Eric Council Jr. pleaded guilty to identity theft and access device fraud after hijacking the SEC's X account to falsely announce Bitcoin ETF approval. He was compensated in Bitcoin by co-conspirators, and while the Justice Department continues its investigation, Council faces up to five years in prison. Gizmodo reports: According to the Justice Department, Council accessed the SEC's account using an attack called SIM swapping, in which a perpetrator uses social engineering to trick a phone carrier's customer service representatives into transferring an individual's phone number to a new device. Basically, they call into a support line and use pieces of personal information about a victim they have gathered online to convince the representative they are the person they are targeting. Once perpetrators take the number and can begin receiving text messages, they are able to reset the passwords of accounts on services like X. It is not really a "hack" in the traditional sense that they are not finding flaws in software but rather exploiting human trust.

Unfortunately for individuals like Council, all Bitcoin transactions are logged on a blockchain for anyone to see, leaving a trail of breadcrumbs for investigators to find. If he did make out with a lot of crypto, it would be hard to keep it hidden forever. Council allegedly did not post the message himself to the SEC's X account, but conducted the SIM swap and left the rest of the work to his co-conspirators who compensated Council in the form of, of course, Bitcoin. The price of the cryptocurrency rose by $1,000 after the fake announcement, according to the Justice Department, and fell by $2,000 after the SEC issued a correction. That could have led to a big windfall depending on how much Bitcoin the perpetrators held at the time.

Crime

'Serial Swatter' Who Made Nearly 400 Threatening Calls Gets 4 Years In Prison (thehill.com) 98

Alan W. Filion, an 18-year-old from Lancaster, Calif., was sentenced to four years in prison for making nearly 400 false bomb threats and threats of violence (source may be paywalled; alternative source) to religious institutions, schools, universities and homes across the country. The New York Times reports: The threatening calls Mr. Filion made would often cause large deployments of police officers to a targeted location, the Justice Department said in a news release. In some cases, officers would enter people's homes with their weapons drawn and detain those inside. In January 2023, Mr. Filion wrote on social media that his swats had often led the police to "drag the victim and their families out of the house cuff them and search the house for dead bodies."

Investigators linked Mr. Filion to over 375 swatting calls made in several states, including one that he made to the police in Sanford, Fla., saying that he would commit a mass shooting at the Masjid Al Hayy Mosque. During the call, he played audio of gunfire in the background. Mr. Filion was arrested in California in January 2024, and was then extradited to Florida to face state charges for making that threat. Mr. Filion began swatting for recreation in August 2022 before making it into a business, the Justice Department said. The teenager became a "serial swatter" and would make social media posts about his "swatting-for-a-fee" services, according to prosecutors.

In addition to pleading guilty to the false threat against the mosque in Florida, Mr. Filion pleaded guilty in three other swatting cases: a mass shooting threat to a public school in Washington State in October 2022; a bomb threat call to a historically Black college or university in Florida in May 2023; and a July 2023 call in which he claimed to be a federal law enforcement officer in Texas and told dispatchers that he had killed his mother and would kill any responding officers.

AI

Thomson Reuters Wins First Major AI Copyright Case In the US 54

An anonymous reader quotes a report from Wired: Thomson Reuters has won the first major AI copyright case in the United States. In 2020, the media and technology conglomerate filed an unprecedentedAI copyright lawsuit against the legal AI startup Ross Intelligence. In the complaint, Thomson Reuters claimed the AI firm reproduced materials from its legal research firm Westlaw. Today, a judge ruled (PDF) in Thomson Reuters' favor, finding that the company's copyright was indeed infringed by Ross Intelligence's actions. "None of Ross's possible defenses holds water. I reject them all," wrote US District Court of Delaware judge Stephanos Bibas, in a summary judgement. [...] Notably, Judge Bibas ruled in Thomson Reuters' favor on the question of fair use.

The fair use doctrine is a key component of how AI companies are seeking to defend themselves against claims that they used copyrighted materials illegally. The idea underpinning fair use is that sometimes it's legally permissible to use copyrighted works without permission -- for example, to create parody works, or in noncommercial research or news production. When determining whether fair use applies, courts use a four-factor test, looking at the reason behind the work, the nature of the work (whether it's poetry, nonfiction, private letters, et cetera), the amount of copyrighted work used, and how the use impacts the market value of the original. Thomson Reuters prevailed on two of the four factors, but Bibas described the fourth as the most important, and ruled that Ross "meant to compete with Westlaw by developing a market substitute."
"If this decision is followed elsewhere, it's really bad for the generative AI companies," says James Grimmelmann, Cornell University professor of digital and internet law.

Chris Mammen, a partner at Womble Bond Dickinson who focuses on intellectual property law, adds: "It puts a finger on the scale towards holding that fair use doesn't apply."
Electronic Frontier Foundation

Aaron Swartz Sculpture's Unveiling at Internet Archive Attended by 300 (sfstandard.com) 56

"The Internet's Own Boy" was inscribed below the bust, according to the San Francisco Standard, adding that the 312-pound marble statue "was crafted using a mix of AI-driven robotic milling and traditional hand carving."

It was unveiled Friday at the Internet Archive auditorium for a crowd of around 300 people. "Aaron's legacy is bringing people together to make change, said Cindy Cohn, the executive director of the Electronic Frontier Foundation. "There's a renaissance happening now in Aaron Swartz-land," said Lisa Rein, the co-founder of Creative Commons, a nonprofit devoted to expanding public access to information. She founded Aaron Swartz Day in 2013, an annual hackathon and tribute held on his birthday. There's now an Aaron Swartz Institute in Brazil, a documentary, multiple books and podcasts — even an Aaron Swartz memecoin ("Do not buy," she warned).

"It's great that people idolize him as long as they get the story right: He was not a martyr," Rein said, her eyes welling with tears. "He stood for freedom of access to information, especially for scientific research — things the public had already paid for."

The evening included a number of video tributes, which Rein played on a large screen behind the stage. They included commentary from science fiction author Cory Doctorow, members of the Aaron Swartz Institute in Brazil, and Cindy Cohn, the executive director of the Electronic Frontier Foundation... Emmett Shear, the former CEO of Twitch and a partner at Y Combinator, was one of the few people who knew Swartz personally. "I'm glad he's become a symbol, he would approve of that," he shared, his voice slightly breaking. "I really miss him."

Starting next week, the bust will be moved to the [Internet Archive] lobby, where it will remain until Peniche secures a permit to place it in a local park [said Evan Sirchuk, the Internet Archive's community and events coordinator]... "Aaron really means something to the San Francisco community," [Rein said]. "He can keep inspiring generations — even the ones who weren't alive when he was."

Tech blogger John Gruber thinks Swartz would appreciate that the bust came from people "aligned with Aaron's own righteous obsessions." But at the same time "I think he'd be a little weirded out. He wasn't a 'I hope they erect a larger-than-life statue of me' sort of guy.

"And if he had been, we wouldn't have loved him like we did. It's just a terrible thing that we lost him so young."
Crime

California Tech Founder Admits to Defrauding $4M For His Luxury Lifestyle (sfgate.com) 47

The tech startup "purported to make smart home and business products," writes America's Justice Department — products that were "meant to stop package theft, prevent weather damage to packages, and make it easier for emergency responders and delivery services to find homes and businesses." Royce Newcomb "developed prototypes of his products and received local and national media attention for them. For example, Time Magazine included his eLiT Address Box & Security System, which used mobile networks to pinpoint home and business locations, on its Best Inventions of 2021 list."

But then he told investors he'd also received a grant by the National Science Foundation — one of "several false representations to his investors to deceive and cheat them out of their money... Newcomb used the money to pay for gambling, a Mercedes and Jaguar, and a mansion." He also used the money to pay for refunds to other investors who wanted out, and to pay for new, unrelated projects without the investors' authorization. During this period, Newcomb also received a fraudulent COVID-19 loan for more than $70,000 from the Small Business Administration and fraudulent loans for more than $190,000 from private lenders. He lied about Strategic Innovations having hundreds of thousands and even millions in revenue to get these loans.

Newcomb was previously convicted federally in 2011 for running a real estate fraud scheme in Sacramento. He was sentenced to more than five years in prison for that offense, and he was on federal supervised release for that offense when he committed the offenses charged in this case... Newcomb faces maximum statutory penalties of 20 years in prison and a $250,000 fine for the wire fraud charge, and 10 years in prison and a $250,000 fine for the money laundering charge...

This effort is part of a California COVID-19 Fraud Enforcement Strike Force operation, one of five interagency COVID-19 fraud strike force teams established by the U.S. Department of Justice.

SFGate writes that "Despite receiving significant funding, his startup, Strategic Innovations, never made a dime or released any products to market, according to legal documents." The owner of a California tech startup has pleaded guilty to stealing over $4 million from investors, private lenders and the U.S. government in order to live a luxurious lifestyle, the United States Attorney's Office announced Monday... When investors asked about product delays and when they'd be paid back, Newcomb made excuses and provided conflicting info, telling them that there were supply chain issues or software problems, according to the indictment. In reality, federal prosecutors said, he was using the money to travel and continue to make these lavish personal expenses.
Bitcoin

El Salvador Congress Votes to Revoke Bitcoin's 'Legal Currency' Status (reason.com) 58

After finalizing loan terms with the IMF, El Salvador's Legislative Assembly approved changes to the country's Bitcoin Law last week by a 55-2 vote, "effectively removing bitcoin's status as legal currency," reports Reason. Under the new rules, bitcoin is no longer considered "currency," though it remains "legal tender." Another change makes using bitcoin entirely voluntary. (Previously, the law mandated that businesses accept bitcoin for any goods or services they provided.) Additionally, bitcoin can no longer be used to pay taxes or settle government debts. The government is also stepping back from its involvement in Chivo Wallet, the state-backed digital wallet...

The reforms come as part of a broader financial agreement between Bukele and the International Monetary Fund (IMF). One of the conditions for a proposed $1.4 billion Extended Fund Facility loan was that El Salvador mitigate "potential risks of the Bitcoin project." The IMF has been critical of the country's crypto policies since Bukele made bitcoin legal tender in 2021. "There are large risks associated with using Bitcoin as legal tender, especially given the high volatility of its price. We don't recommend it," the organization said in 2022.

Despite these changes, the administration insists it remains committed to bitcoin. Milena Mayorga, El Salvador's ambassador to the United States, has said that El Salvador is still a "bitcoin country" and will maintain — and even expand — its bitcoin reserves. "You have to adapt to the current situation and this is the decision that was taken in the Assembly, but that does not mean that the country will stop having a bitcoin reserve," she explained.

Government data suggests El Salvador now holds 6,072 Bitcoin worth $586,888,000.
United States

White House Moves to Halt Federal Funds for EV Charging Stations (politico.com) 288

Thursday the White House "moved to halt a $5 billion initiative to build electric vehicle charging stations," reports Politico, "by instructing states not to spend federal funds previously allocated to them..." NPR described the move as "putting in limbo billions of dollars allocated to states with current and future projects..."

Politico notes the move "appears to upend years of precedent in which federal promises of funds for highway projects had given states an all-but-guaranteed assurance that they were free to spend them. It also raises legal questions... Funding experts had told POLITICO last year that decades of legal precedent would largely insulate the charging money... Andrew Rogers [deputy administrator of the Federal Highway Administration, or FHWA, in the Biden administration] said in a text message that the new letter "appears to ignore both the law and multiple restraining orders that have been issued by federal courts." Rogers, who is now a senior vice president at Boundary Stone Partners, said the move appears to be "in direct violation" of the Impoundment Control Act of 1974, a Watergate-era law that prohibits presidents from unilaterally canceling congressionally approved spending. Trump has contended that the law is unconstitutional.
Politico also got a quote from the chief analyst at analytics firm Paren, who predicts lawsuits from affected states and that the final impact of the move will be "just causing havoc and slowing things down for awhile." [A letter to state transportation directors from the Federal Highway Administration] clarifies that states will be able to receive reimbursements for "existing obligations" to design and build stations "in order to not disrupt current financial commitments." According to the letter, FHWA plans to publish new draft guidance on the NEVI program in the spring, followed by a comment period, before issuing new final guidance. Only then will states be able to resubmit their annual implementation plans for all fiscal years of the program.
"But that doesn't mean that the program is going to be sunset or the funds are not going to be made available again to the states," Nick Nigro, the founder of Atlas Public Policy consultancy told NPR: Several experts tell NPR that as a result of its overwhelming bipartisan support at the time, attempts to overturn it within the executive branch are likely to be challenged in court. Nigro believes the funding will resume eventually...

So far, 56 stations [with multiple chargers] are up and running as a result of the program, while more than 900 sites in total have been "awarded" to date, according to Loren McDonald, chief analyst at Paren, another research analytics firm. McDonald said several hundred of the awarded sites are currently under construction and expected to open this year. He does not believe the FHWA has the authority to pause or rescind any aspect of the NEVI program... "I assume lawsuits from states will start soon, and this will go to court and Congress," McDonald said in a statement.

The move has "confounded states, which had been allocated billions of dollars by Congress for the program," the New York Times reported Friday. "[S]ome state officials said that as a result of the memo from the Trump administration, they had stopped work on the charging stations. Others said they intended to keep going."

The Washington Post reports that a Texas Department of Transportation official "said it would continue to deploy federal funds for EV chargers until it receives further guidance," and that Ryan Gallentine, managing director at the national business association Advanced Energy United, said that states "are under no obligation to stop these projects based solely on this announcement." Politico adds: Also on Thursday, FHWA took down several internet pages providing information on NEVI and its sister program, the $2.5 billion Charging and Fueling Infrastructure grant program... Amid the confusion, at least six states — Alabama, Oklahoma, Missouri, Rhode Island, Ohio and Nebraska — have put their NEVI programs on hold, according to McDonald. Rhode Island and Ohio had been considered leading states in implementing the program.
The Courts

Automakers Sue To Kill Maine's Hugely Popular 'Right To Repair' Law (techdirt.com) 41

Maine's overwhelmingly popular right-to-repair law is under attack by automakers through lawsuits and lobbying efforts aimed at weakening or delaying enforcement. While the law remains in limbo due to industry influence and legal challenges, broader enforcement issues persist across multiple states, with corporations often ignoring right-to-repair laws despite their legal passage. Techdirt reports: A little over a year ago, Maine residents voted overwhelmingly (83 percent) to pass a new state right to repair law designed to make auto repairs easier and more affordable. More specifically, the law requires that automakers standardize on-board diagnostic systems and provide remote access to those systems and mechanical data to consumers and third-party independent repair shops. But as we've seen with other states that have passed right to reform laws (most notably New York), passing the law isn't the end of the story. Corporate lobbyists have had great success not just watering these laws down before passage, but after voters approve them. They've also been swarmed by coordinated industry lawsuits and falsehood-spewing attacks.

Maine's popular right to repair law just took effect after a year of hashing out the fine details, but the bill's still being changed as the state tries to sort out enforcement. Large automakers have been looming over that process to try and weaken the law. But the Alliance For Automotive Innovation also just filed a new lawsuit saying the law isn't fully cooked and therefore violates the law: "This is an example of putting the cart before the horse. Before automakers can comply, the law requires the attorney general to first establish an 'independent entity' to securely administer access to vehicle data. The independent entity hasn't been established. That's not in dispute. Compliance with the law right now is not possible."

Privacy

OpenAI Investigating Claim of 20 Million Stolen User Credentials 15

OpenAI says it's investigating after a hacker claimed to have stolen login credentials for 20 million OpenAI accounts and advertised the data for sale on a dark web forum. Though security researchers doubt on the legitimacy of the breach, the AI company stated that it takes the claims seriously, advising users to enable two-factor authentication and stay vigilant against phishing attempts. Decrypt reports: Daily Dot reporter Mikael Thalan wrote on X that he found invalid email addresses in the supposed sample data: "No evidence (suggests) this alleged OpenAI breach is legitimate. At least two addresses were invalid. The user's only other post on the forum is for a stealer log. Thread has since been deleted as well."

"We take these claims seriously," the spokesperson said, adding: "We have not seen any evidence that this is connected to a compromise of OpenAI systems to date."
Patents

Amazon Says Germany Customers Won't Lose Amazon Prime As a Result of Nokia Patent Win 12

A German court has ruled that Amazon's Prime Video service violates a Nokia-owned patent, ordering Amazon to stop streaming in its current form or face fines of 250,000 euros per violation. However, Amazon assured customers in a statement on Friday that there is no risk of losing access to Prime Video because the decision affects only a limited functionality related to casting videos between devices.

"Prime Video will comply with this local judgement and is currently considering next steps. However, there is absolutely no risk at all for customers losing access to Prime Video," Amazon's Prime Video spokesperson told Reuters. Meanwhile, Nokia's chief licensing officer, Arvin Patel, said: "...the innovation ecosystem breaks down if patent holders are not fairly compensated for the use of their technologies, as it becomes much harder for innovators to fund the development of next generation technologies."
Security

Phishing Tests, the Bane of Work Life, Are Getting Meaner (msn.com) 99

U.S. employers are deploying increasingly aggressive phishing tests to combat cyber threats, sparking backlash from workers who say the simulated scams create unnecessary panic and distrust in the workplace. At the University of California, Santa Cruz, a test email about a fake Ebola outbreak sent staff scrambling before learning it was a security drill. At Lehigh Valley Health Network, employees who fall for phishing tests lose external email access, with termination possible after three failures.

Despite widespread use, recent studies question these tests' effectiveness. Research from ETH Zurich found that phishing tests combined with voluntary training actually made employees more vulnerable, while a University of California, San Diego study showed only a 2% reduction [PDF] in phishing success rates. "These are just an ineffective and inefficient way to educate users," said Grant Ho, who co-authored the UCSD study.
Security

Ransomware Payments Dropped 35% In 2024 (therecord.media) 44

An anonymous reader quotes a report from CyberScoop: Ransomware payments saw a dramatic 35% drop last year compared to 2023, even as the overall frequency of ransomware attacks increased, according to a new report released by blockchain analysis firm Chainalysis. The considerable decline in extortion payments is somewhat surprising, given that other cybersecurity firms have claimed that 2024 saw the most ransomware activity to date. Chainalysis itself warned in its mid-year report that 2024's activity was on pace to reach new heights, but attacks in the second half of the year tailed off. The total amount in payments that Chainalysis tracked in 2024 was $812.55 million, down from 2023's mark of $1.25 billion.

The disruption of major ransomware groups, such as LockBit and ALPHV/BlackCat, were key to the reduction in ransomware payments. Operations spearheaded by agencies like the United Kingdom's National Crime Agency (NCA) and the Federal Bureau of Investigation (FBI) caused significant declines in LockBit activity, while ALPHV/BlackCat essentially rug-pulled its affiliates and disappeared after its attack on Change Healthcare. [...] Additionally, [Chainalysis] says more organizations have become stronger against attacks, with many choosing not to pay a ransom and instead using better cybersecurity practices and backups to recover from these incidents. [...]
Chainalysis also says ransomware operators are letting funds sit in wallets, refraining from moving any money out of fear they are being watched by law enforcement.

You can read the full report here.
Government

Bill Banning Social Media For Youngsters Advances (politico.com) 86

The Senate Commerce Committee approved the Kids Off Social Media Act, banning children under 13 from social media and requiring federally funded schools to restrict access on networks and devices. Politico reports: The panel approved the Kids Off Social Media Act -- sponsored by the panel's chair, Texas Republican Ted Cruz, and a senior Democrat on the panel, Hawaii's Brian Schatz -- by voice vote, clearing the way for consideration by the full Senate. Only Ed Markey (D-Mass.) asked to be recorded as a no on the bill. "When you've got Ted Cruz and myself in agreement on something, you've pretty much captured the ideological spectrum of the whole Congress," Sen. Schatz told POLITICO's Gabby Miller.

[...] "KOSMA comes from very good intentions of lawmakers, and establishing national screen time standards for schools is sensible. However, the bill's in-effect requirements on access to protected information jeopardize all Americans' digital privacy and endanger free speech online," said Amy Bos, NetChoice director of state and federal affairs. The trade association represents big tech firms including Meta and Google. Netchoice has been aggressive in combating social media legislation by arguing that these laws illegally restrict -- and in some cases compel -- speech. [...] A Commerce Committee aide told POLITICO that because social media platforms already voluntarily require users to be at least 13 years old, the bill does not restrict speech currently available to kids.

The Internet

Believing in Aliens Derailed This Internet Pioneer's Career. Now He's Facing Prison (bloomberg.com) 44

Joseph Firmage, a former Silicon Valley prodigy who built a $2.5 billion web services company in the 1990s, is now being sued by investors who claim he defrauded them through an alleged antigravity machine scheme. In 1998, at the height of his success as CEO of USWeb, Firmage claimed an alien appeared in his bedroom, derailing his corporate career. He then spent decades pursuing UFO research and attempting to develop antigravity propulsion technology, raising millions from investors.

Court documents allege Firmage and associates are responsible for roughly $25 million in losses through various companies and schemes. Some investors say he used elaborate ruses, including people impersonating government officials, to solicit funds. Firmage, currently in jail on elder abuse charges, maintains he was actually the victim of international scammers who exploited his access to investors.

Slashdot Top Deals