Chinese social-networking site RedNote became the #1 most-downloaded app in America, reports the Associated Press, with some new users considering it a way to protest America's possible TikTok ban.

So what happened next? They were met with surprise, curiosity and in-jokes on Xiaohongshu — literally, "Little Red Book" — whose users saw English-language posts take over feeds almost overnight. Americans introduced themselves with hashtag TikTok refugees, ask me anything attitude and posting photos of their pets to pay their hosts' "cat tax." Parents swapped stories about raising kids and Swifties from both countries, of course, quickly found each other. It's a rare moment of direct contact between two online worlds that are usually kept apart by language, corporate boundaries, and China's strict system of online censorship that blocks access to nearly all international media and social media services... Xiaohongshu's 300 million monthly active users are overwhelmingly Chinese — so much so that parts of its interface have no English-language version... [Press reports suggest about a million of TikTok's 170 million users tried switching to RedNote this week...]

On the platform, two versions of the TikTok refugee hashtag have over 24 million posts, with related posts appearing at the top of many users' feeds. A large number of American users say they've received a warm welcome from the community, with #TikTokrefugee. "Welcome the global villagers" remains the top one trending topic on Xiaohongshu, with 8.9 million views on Thursday. Users from both countries are comparing notes on grocery prices, rent, health insurance, medical bills and the relationship between mother-in-law and daughter-in-law. Parents talk about what the kids learn in school in two countries. Some have already joined book clubs and are building up a community. American users asked how Chinese see the LGBTQ community and got warned that it was among sensitive topics, Chinese users taught Americans what are sensitive topics and key words to avoid censorship on the app. Chinese students pulled out their English homework, looking for help.

Chinese state media, which have long dismissed U.S. allegations against TikTok, have welcomed the protest against the ban. People's Daily [the official newspaper of the Central Committee of the Chinese Communist Party], said in an op-ed about TikTok refugees on Thursday that says the TikTok refugees found a "new home," and "openness, communication, and mutual learning are the unchanging themes of mankind and the heartfelt desires of people from all countries."
Making the most of the moment is Jianlu Bi, who is apparently a senior content producer for Beijing's state-run China Global Television Network, which Wikipedia describes as "under the control of the Central Propaganda Department of the Chinese Communist Party". Friday Jianlu Bi crafted an article claiming "surprising" and "stark contrasts" were revealed: While the United States is often portrayed as a land of limitless opportunity, many American netizens have shared their struggles with high living costs, particularly in urban areas. One common theme is the exorbitant cost of healthcare. "I just got a simple bill for a routine checkup and it was over $500," shared one American user. "I can't imagine what a serious illness would cost! I feel like I'm constantly on the brink of financial ruin due to medical expenses." In contrast, Chinese netizens often express surprise at the affordability of many goods and services in their home country. For instance, the cost of housing, particularly in smaller cities, is often significantly lower in China compared to the United States.... This disparity is often attributed to factors such as government policies, economic development, and cultural differences...

Traditional media narratives often present simplified and often biased portrayals of China and the United States. For example, the U.S. is often portrayed as a land of opportunity with limitless possibilities, while China is sometimes depicted as a country with limited freedoms. Xiaohongshu, on the other hand, provides a platform for ordinary people to share their authentic experiences and perspectives... A Chinese student studying in the U.S. shared, "I was surprised to learn that many of my classmates are working part-time jobs to cover their tuition and living expenses. This is very different from the image of affluent American students I had in my mind. It really opened my eyes to the realities of life for many young people in the U.S."
"As social media continues to evolve, these platforms will undoubtedly play an increasingly important role in shaping global perceptions..." the article concludes.

Article suggested by long-time Slashdot reader hackingbear.

The BBC brings news from the Baltic Sea. After critical undersea cables were damaged or severed last year, "NATO has launched a new mission to increase the surveillance of ships..." Undersea infrastructure is essential not only for electricity supply but also because more than 95% of internet traffic is secured via undersea cables, [said NATO head Mark Rutte], adding that "1.3 million kilometres (800,000 miles) of cables guarantee an estimated 10 trillion-dollar worth of financial transactions every day". In a post on X, he said Nato would do "what it takes to ensure the safety and security of our critical infrastructure and all that we hold dear".... Estonia's Foreign Minister Margus Tsahkna said in December that damage to submarine infrastructure had become "so frequent" that it cast doubt on the idea the damage could be considered "accidental" or "merely poor seamanship".
The article also has new details about a late-December cable-cutting by the Eagle S (which was then boarded by Finland's coast guard and steered into Finnish waters). "On Monday, Risto Lohi of Finland's National Bureau of Investigation told Reuters that the Eagle S was threatening to cut a second power cable and a gas pipe between Finland and Estonia at the time it was seized." And there's reports that the ship was loaded with spying equipment.

UPDATE (1/19/2024): The Washington Post reports that the undersea cable ruptures "were likely the result of maritime accidents rather than Russian sabotage, according to several U.S. and European intelligence officials."

But whatever they're watching for, NATO's new surveillance of the Baltic Sea will include "uncrewed surface vessels," according to defense-news web site TWZ.com: The uncrewed surface vessels [or USVs], also known as drone boats, will help establish an enhanced common operating picture to give participating nations a better sense of potential threats and speed up any response. It is the first time NATO will use USVs in this manner, said a top alliance commander... There will be at least 20 USVs assigned [a NATO spokesman told The War Zone Friday]... In the first phase of the experiment, the USVs will "have the capabilities under human control" while "later phases will include greater autonomy." The USVs will augment the dozen or so vessels as well as an unspecified number of crewed maritime patrol aircraft committed
One highly-placed NATO official tells the site that within weeks "we will begin to use these ships to give a persistent, 24-7 surveillance of critical areas."

Last week the U.K. government also announced "an advanced UK-led reaction system to track potential threats to undersea infrastructure and monitor the Russian shadow fleet."

The system "harnesses AI to assess data from a range of sources, including the Automatic Identification System (AIS) ships use to broadcast their position, to calculate the risk posed by each vessel entering areas of interest." Harnessing the power of AI, this UK-led system is a major innovation which allows us the unprecedented ability to monitor large areas of the sea with a comparatively small number of resources, helping us stay secure at home and strong abroad.

A new law is being considered by New York's state legislature, reports a local news outlet, which "if passed, will require anyone buying a 3D printer to pass a background check. If you can't legally own a firearm, you won't be able to buy one of these printers..." It is illegal to print most gun parts in New York. Attorney Greg Rinckey believes the proposal is an overreach. "I think this is also gonna face some constitutional problems. I mean, it really comes down to a legal parsing of what are you printing and at what point is it technically a firearm...?"

[Ascent Fabrication owner Joe] Fairley thinks lawmakers should shift their focus on those partial gun kits that produce the metal firing components. Another possibility is to require printer manufacturers to install software that prevents gun parts from being printed. "They would need to agree on some algorithm to look at the part and say nope, that is a gun component, you're not allowed to print that part somehow," said Fairley. "But I feel like it would be extremely difficult to get to that point."

A county transit police detective fed a poor-quality image to an AI-powered facial recognition program, remembers the Washington Post, leading to the arrest of "Christopher Gatlin, a 29-year-old father of four who had no apparent ties to the crime scene nor a history of violent offenses." He was unable to post the $75,000 cash bond required, and "jailed for a crime he says he didn't commit, it would take Gatlin more than two years to clear his name." A Washington Post investigation into police use of facial recognition software found that law enforcement agencies across the nation are using the artificial intelligence tools in a way they were never intended to be used: as a shortcut to finding and arresting suspects without other evidence... The Post reviewed documents from 23 police departments where detailed records about facial recognition use are available and found that 15 departments spanning 12 states arrested suspects identified through AI matches without any independent evidence connecting them to the crime — in most cases contradicting their own internal policies requiring officers to corroborate all leads found through AI. Some law enforcement officers using the technology appeared to abandon traditional policing standards and treat software suggestions as facts, The Post found. One police report referred to an uncorroborated AI result as a "100% match." Another said police used the software to "immediately and unquestionably" identify a suspected thief.

Gatlin is one of at least eight people wrongfully arrested in the United States after being identified through facial recognition... All of the cases were eventually dismissed. Police probably could have eliminated most of the people as suspects before their arrest through basic police work, such as checking alibis, comparing tattoos, or, in one case, following DNA and fingerprint evidence left at the scene.
Some statistics from the article about the eight wrongfully-arrested people:

• In six cases police failed to check alibis

• In two cases police ignored evidence that contradicted their theory

• In five cases police failed to collect key pieces of evidence

• In three cases police ignored suspects' physical characteristics

• In six cases police relied on problematic witness statements

The article provides two examples of police departments forced to pay $300,000 settlements after wrongful arrests caused by AI mismatches. But "In interviews with The Post, all eight people known to have been wrongly arrested said the experience had left permanent scars: lost jobs, damaged relationships, missed payments on car and home loans. Some said they had to send their children to counseling to work through the trauma of watching their mother or father get arrested on the front lawn.

"Most said they also developed a fear of police."

America's Federal Trade Commission has been "raising antitrust concerns" about them for years, reports NBC News.

The latest? America's three largest drug middlemen "inflated the costs of numerous life-saving medications by billions of dollars over the past few years, the FTC said in a report Tuesday." The top pharmacy benefit managers (PBMs) — CVS Health's Caremark Rx, Cigna's Express Scripts and UnitedHealth Group's OptumRx — generated roughly $7.3 billion through price hikes over about five years starting in 2017, the FTC said. The "excess" price hikes affected generic drugs used to treat heart disease, HIV and cancer, among other conditions, with some increases more than 1,000% of the national average costs of acquiring the medications, the commission said. The FTC also said these so-called Big Three health care companies — which it estimates administer 80% of all prescriptions in the U.S. — are inflating drug prices "at an alarming rate, which means there is an urgent need for policymakers to address it...."

Some of the steepest drug markups were "hundreds and thousands of percent," according to Tuesday's report, which highlights just how profitable specialty drugs have become for the three leading PBMs. Cancer drugs alone made up nearly half of the $7.3 billion, the commission wrote, with multiple sclerosis medications accounting for another 25%. Dispensing highly marked-up specialty drugs was a massive income stream for the companies in 2021, the FTC found. Out of tens of thousands of drugs dispensed, the top 10 specialty generics alone made up nearly 11% of the companies' pharmacy-related operating income that year, the agency estimated. Across the 51 drugs the agency analyzed, the Big Three's price-markup revenue surged from $522 million in 2017 to $2.1 billion in 2021, the report said.
"The FTC found that 22 percent of specialty drugs dispensed by PBM-affiliated pharmacies were marked up by more than 1,000 percent," reports The Hill, "while 41 percent were marked up between 100 and 1,000 percent. Among those drugs marked up by more than 1,000 percent, half of them were marked up by more than 2,000 percent."

And the nonprofit site progressive news site Common Dreams shares some examples from the FTC's 60-page report: "For the pulmonary hypertension drug tadalafil (generic Adcirca), for example, pharmacies purchased the drug at an average of $27 in 2022, yet the Big Three PBMs marked up the drug by $2,079 and paid their affiliated pharmacies $2,106, on average, for a 30-day supply of the medication on commercial claims," the publication notes. That's a staggering average markup of 7,736%... The new analysis follows a July 2024 report that revealed Big Three PBM-affiliated pharmacies received 68% of the dispensing revenue generated by specialty drugs in 2023, a 14% increase from 2016...

Responding to the FTC report, Emma Freer, senior policy analyst for healthcare at the American Economic Liberties Project — a corporate accountability and antitrust advocacy group — said in a statement Tuesday that "the FTC's second interim report lays bare the blatant profiteering by PBM giants, which are marking up lifesaving drugs like cancer, HIV, and multiple sclerosis treatments by thousands of percent and forcing patients to pay the price."

"The FDIC sued 17 former executives and directors of Silicon Valley Bank on Thursday, seeking to recover billions of dollars for alleged gross negligence and breaches of fiduciary duty," reports Reuters. The move comes almost two years after Silicon Valley Bank's March 2023 collapse, which shocked financial markets and ended up benefiting big players like JPMorgan Chase. From the report: In a complaint filed in San Francisco federal court, the FDIC, in its capacity the bank's receiver, said the defendants ignored fundamental standards of prudent banking and the bank's own risk policies in letting the bank take on excessive risks to boost short-term profit and its stock price. The FDIC faulted the bank's overreliance on unhedged, interest rate-sensitive long-term government bonds such as US Treasuries and mortgage-backed securities, as rates looked set to -- and eventually did -- rise. It also objected to the payment of a "grossly imprudent" $294 million dividend to its parent that drained needed capital "at a time of financial distress and management weakness" in December 2022, less than three months before its demise.

"SVB represents a case of egregious mismanagement of interest-rate and liquidity risks by the bank's former officers and directors," the complaint said. The defendants include former Chief Executive Gregory Becker, former Chief Financial Officer Daniel Beck, four other former executives and 11 former directors.

The U.S. Department of the Treasury's OFAC has sanctioned Yin Kecheng and Sichuan Juxinhe Network Technology Co. for their roles in a recent Treasury breach and espionage operations targeting U.S. telecommunications. BleepingComputer reports: "Yin Kecheng has been a cyber actor for over a decade and is affiliated with the People's Republic of China Ministry of State Security (MSS)," reads the Treasury's announcement. "Yin Kecheng was associated with the recent compromise of the Department of the Treasury's Departmental Offices network," says the agency.

OFAC also announced sanctions against Sichuan Juxinhe Network Technology Co., a Chinese cybersecurity firm believed to be directly involved with the Salt Typhoon state hacker group. Salt Typhoon was recently linked to several breaches on major U.S. telecommunications and internet service providers to spy on confidential communications of high-profile targets. "Sichuan Juxinhe Network Technology Co., LTD. (Sichuan Juxinhe) had direct involvement in the exploitation of these U.S. telecommunication and internet service provider companies," the U.S. Treasury explains, adding that "the MSS has maintained strong ties with multiple computer network exploitation companies, including Sichuan Juxinhe." [...]

The sanctions imposed on Kecheng and the Chinese cybersecurity firm under Executive Order (E.O.) 13694 block all property and financial assets located in the United States or are in the possession of U.S. entities, including banks, businesses, and individuals. Additionally, U.S. entities are prohibited from conducting any transactions with the sanctioned entities without OFAC's explicit authorization. It's worth noting that these sanctions come after OFAC sanctioned Beijing-based cybersecurity company Integrity Tech for its involvement in cyberattacks attributed to the Chinese state-sponsored Flax Typhoon hacking group. U.S. Treasury's announcement reiterates that the U.S. Department of State offers, through its Rewards for Justice program, up to $10,000,000 for information leading to uncovering the identity of hackers who have targeted the U.S. government or critical infrastructure in the country.

The FTC announced Thursday that it's banned General Motors and its subsidiary OnStar from selling customer geolocation and driving behavior data for five years. The Verge reports: The settlement comes after a New York Times investigation found that GM had been collecting micro-details about its customers' driving habits, including acceleration, braking, and trip length -- and then selling it to insurance companies and third-party data brokers like LexisNexis and Verisk. Clueless vehicle owners were then left wondering why their insurance premiums were going up.

FTC accused GM of using a "misleading enrollment process" to get vehicle owners to sign up for its OnStar connected vehicle service and Smart Driver feature. The automaker failed to disclose to customers that it was collecting their data, nor did GM seek out their consent to sell it to third parties. After the Times exposed the practice, GM said it was discontinuing its OnStar Smart Driver program. The settlement also requires GM to obtain consent from customers before collecting their driving behavior data, and allow them to request and delete their data if they choose.

Ars Technica's Jon Brodkin reports: AT&T has stopped offering its 5G home Internet service in New York instead of complying with a new state law that requires ISPs to offer $15 or $20 plans to people with low incomes. New York started enforcing its Affordable Broadband Act yesterday after a legal battle of nearly four years. [...] The law requires ISPs with over 20,000 customers in New York to offer $15 broadband plans with download speeds of at least 25Mbps, or $20-per-month service with 200Mbps speeds. The plans only have to be offered to households that meet income eligibility requirements, such as qualifying for the National School Lunch Program, Supplemental Nutrition Assistance Program, or Medicaid. [...]

Ending home Internet service in New York is relatively simple for AT&T because it is outside the 21-state wireline territory in which the telco offers fiber and DSL home Internet service. "AT&T Internet Air is currently available only in select areas and where AT&T Fiber is not available. New York is outside of our wireline service footprint, so we do not have other home Internet options available in the state," the company said. AT&T will continue offering its 4G and 5G mobile service in New York, as the state law only affects home Internet service. People with smartphones or other mobile devices connected to the AT&T wireless network should thus see no change.

Existing New York-based users of AT&T Internet Air can only keep it for 45 days and won't be charged during that time, AT&T said. "During this transition, customers will be able to keep their existing AT&T Internet Air service for up to 45 days, at no charge, as they find other options for broadband. We will work closely with our customers throughout this transition," AT&T said. Residential users will be sent "a recovery kit with instructions on how to return their AIA equipment, while business customers can keep any device they purchased at no charge," AT&T said.

An anonymous reader quotes a report from TechCrunch: On Tuesday, the United Nations Security Council held a meeting to discuss the dangers of commercial spyware, which marks the first time this type of software -- also known as government or mercenary spyware -- has been discussed at the Security Council. The goal of the meeting, according to the U.S. Mission to the UN, was to "address the implications of the proliferation and misuse of commercial spyware for the maintenance of international peace and security." The United States and 15 other countries called for the meeting. While the meeting was mostly informal and didn't end with any concrete proposals, most of the countries involved, including France, South Korea, and the United Kingdom, agreed that governments should take action to control the proliferation and abuse of commercial spyware. Russia and China, on the other hand, dismissed the concerns.

John Scott-Railton, a senior researcher at The Citizen Lab, a human rights organization that has investigated spyware abuses since 2012, gave testimony in which he sounded the alarm on the proliferation of spyware made by "a secretive global ecosystem of developers, brokers, middlemen, and boutique firms," which "is threatening international peace and security as well as human rights." Scott-Railton called Europe "an epicenter of spyware abuses" and a fertile ground for spyware companies, referencing a recent TechCrunch investigation that showed Barcelona has become a hub for spyware companies in the last few years.

Representatives of Poland and Greece, countries that had their own spyware scandals involving software made by NSO Group and Intellexa, respectively, also intervened. Poland's representative pointed at local legislative efforts to put "more control, including by the judiciary, on the relevant operational activities of the security and intelligence services," while also recognizing that spyware can be used in a legal way. "We are not saying that the use of spyware is never justified or even required," said Poland's representative. And the Greek representative pointed to the country's 2022 bill to ban the sale of spyware.

A pastor in Pasco, Washington, has been indicted on 26 counts of fraud for orchestrating a cryptocurrency scam that defrauded over 1,500 investors of nearly $5.9 million between 2021 and 2023. Many of the investors were members of his congregation. BleepingComputer reports: The US Department of Justice says the pastor, Francier Obando Pinillo, 51, used his position to recruit investors into a fraudulent cryptocurrency venture called "Solano Fi," which he told them "came to him in a dream" and was a guaranteed investment. "Pinillo used his position as pastor to induce members of his congregation and others to invest their money in a cryptocurrency investment business known as Solano Fi," reads the US Department of Justice announcement. "Pinillo claimed the idea for Solano Fi had come to him in a dream and that it was a safe and guaranteed investment."

The pastor also set up a Facebook page for Solano Fi to attract more investors outside his direct sphere of influence, as well as a Telegram group named 'Multimillionarios SolanoFi,' which had 1,500 members. The indictment alleged that Pinillo promised investors they would receive guaranteed monthly investment returns of 34.9% at no risk whatsoever. The indictment further claims he directed the victims to make cryptocurrency transfers to wallets under his control, and instead of investing the funds, he diverted them for personal use. Investors were provided access to a Solano Fi web app where they could manage their funds; however, the app showed fake balances and investment returns. Those convinced by the fraud were encouraged to recruit more investors for additional returns, expanding the victims' circle. As in similar scams, when the victims attempted to withdraw money from the Solano Fi app, the transaction failed.

An anonymous reader quotes a report from Ars Technica: Lots of startups use Google's productivity suite, known as Workspace, to handle email, documents, and other back-office matters. Relatedly, lots of business-minded webapps use Google's OAuth, i.e. "Sign in with Google." It's a low-friction feedback loop -- up until the startup fails, the domain goes up for sale, and somebody forgot to close down all the Google stuff. Dylan Ayrey, of Truffle Security Co., suggests in a report that this problem is more serious than anyone, especially Google, is acknowledging. Many startups make the critical mistake of not properly closing their accounts -- on both Google and other web-based apps -- before letting their domains expire.

Given the number of people working for tech startups (6 million), the failure rate of said startups (90 percent), their usage of Google Workspaces (50 percent, all by Ayrey's numbers), and the speed at which startups tend to fall apart, there are a lot of Google-auth-connected domains up for sale at any time. That would not be an inherent problem, except that, as Ayrey shows, buying a domain allows you to re-activate the Google accounts for former employees if the site's Google account still exists.

With admin access to those accounts, you can get into many of the services they used Google's OAuth to log into, like Slack, ChatGPT, Zoom, and HR systems. Ayrey writes that he bought a defunct startup domain and got access to each of those through Google account sign-ins. He ended up with tax documents, job interview details, and direct messages, among other sensitive materials. A Google spokesperson said in a statement: "We appreciate Dylan Ayrey's help identifying the risks stemming from customers forgetting to delete third-party SaaS services as part of turning down their operation. As a best practice, we recommend customers properly close out domains following these instructions to make this type of issue impossible. Additionally, we encourage third-party apps to follow best-practices by using the unique account identifiers (sub) to mitigate this risk."

An anonymous reader quotes a report from TorrentFreak: In 'piracy' associated circles, Z-Library has one of the most followed Telegram channels of all. The shadow library's official channel amassed over 630,000 subscribers over the years, who were among the first to read site announcements and other key updates. Z-Library previously had some of its messages removed due to copyright infringement. While it didn't upload or directly link to infringing material on Telegram, rightsholders allegedly complained about the links that were posted to the Z-Library website. In response, Z-Library chose to no longer include links to its own homepage on Telegram. Instead, it referred users to Wikipedia and Reddit, where the links were still available. The same copyright awareness was visible at Anna's Archive, a popular shadow library search engine. This channel was also careful not to post direct links to infringing material. After all, sharing or uploading copyrighted books would undoubtedly lead to trouble.

Despite the reported caution, the channels of both Z-Library and Anna's Archive are no longer accessible today. Messages posted by these accounts were purged "due to copyright infringement", as shown below. Telegram didn't limit its action to removing posts; the channels are now entirely inaccessible. Those trying to access the channels in the Telegram app receive a pop-up message stating they are "unavailable due to copyright infringement." The simultaneous removal of both channels suggests they are linked to the same complaint or decision. The specific complaint and alleged copyright infringements remain unclear.

Change Healthcare has hidden its data breach notification webpage from search engines using "noindex" code, TechCrunch found, making it difficult for affected individuals to find information about the massive healthcare data breach that compromised over 100 million people's medical records last year.

The UnitedHealth subsidiary said Tuesday it had "substantially" completed notifying victims of the February 2024 ransomware attack. The cyberattack caused months of healthcare disruptions and marked the largest known U.S. medical data theft.

The U.S. Federal Trade Commission sued Deere & Co on Wednesday for allegedly monopolizing the repair market for its farm equipment by forcing farmers to use authorized dealers, driving up costs and causing service delays.

The lawsuit, joined by Illinois and Minnesota, claims Deere maintains complete control over equipment repairs by restricting access to essential software to its dealer network. The action seeks to make repair tools available to equipment owners and independent mechanics. FTC Chair Lina Khan said repair restrictions can be "devastating for farmers" who depend on timely repairs during harvest.

An anonymous reader shares a report: U.S. school districts affected by the recent cyberattack on edtech giant PowerSchool have told TechCrunch that hackers accessed "all" of their historical student and teacher data stored in their student information systems. PowerSchool, whose school records software is used to support more than 50 million students across the United States, was hit by an intrusion in December that compromised the company's customer support portal with stolen credentials, allowing access to reams of personal data belonging to students and teachers in K-12 schools.

The attack has not yet been publicly attributed to a specific hacker or group. PowerSchool hasn't said how many of its school customers are affected. However, two sources at affected school districts -- who asked not to be named -- told TechCrunch that the hackers accessed troves of personal data belonging to both current and former students and teachers. Further reading: Lawsuit Accuses PowerSchool of Selling Student Data To 3rd Parties.

An anonymous reader quotes a report from Gizmodo: Texas has sued (PDF) one of the nation's largest car insurance providers alleging that it violated the state's privacy laws by surreptitiously collecting detailed location data on millions of drivers and using that information to justify raising insurance premiums. The state's attorney general, Ken Paxton, said the lawsuit against Allstate and its subsidiary Arity is the first enforcement action ever filed by a state attorney general to enforce a data privacy law. It also follows a deceptive business practice lawsuit he filed against General Motors accusing the car manufacturer of misleading customers by collecting and selling driver data.

In 2015, Allstate developed the Arity Driving Engine software development kit (SDK), a package of code that the company allegedly paid mobile app developers to install in their products in order to collect a variety of sensitive data from consumers' phones. The SDK gathered phone geolocation data, accelerometer, and gyroscopic data, details about where phone owners started and ended their trips, and information about "driving behavior," such as whether phone owners appeared to be speeding or driving while distracted, according to the lawsuit. The apps that installed the SDK included GasBuddy, Fuel Rewards, and Life360, a popular family monitoring app, according to the lawsuit.

Paxton's complaint said that Allstate and Arity used the data collected by its SDK to develop and sell products to other insurers like Drivesight, an algorithmic model that assigned a driving risk score to individuals, and ArityIQ, which allowed other insurers to "[a]ccess actual driving behavior collected from mobile phones and connected vehicles to use at time of quote to more precisely price nearly any driver." Allstate and Arity marketed the products as providing "driver behavior" data but because the information was collected via mobile phones the companies had no way of determining whether the owner was actually driving, according to the lawsuit. "For example, if a person was a passenger in a bus, a taxi, or in a friend's car, and that vehicle's driver sped, hard braked, or made a sharp turn, Defendants would conclude that the passenger, not the actual driver, engaged in 'bad' driving behavior," the suit states. Neither Allstate and Arity nor the app developers properly informed customers in their privacy policies about what data the SDK was collecting or how it would be used, according to the lawsuit. The lawsuit violates Texas' Data Privacy and Security Act (DPSA) and insurance code by failing to address violations within the required 30-day cure period. "In its complaint, filed in federal court, Texas requested that Allstate be ordered to pay a penalty of $7,500 per violation of the state's data privacy law and $10,000 per violation of the state's insurance code, which would likely amount to millions of dollars given the number of consumers allegedly affected," adds the report.

"The lawsuit also asks the court to make Allstate delete all the data it obtained through actions that allegedly violated the privacy law and to make full restitution to customers harmed by the companies' actions."

A new ransomware group called Codefinger targets AWS S3 buckets by exploiting compromised or publicly exposed AWS keys to encrypt victims' data using AWS's own SSE-C encryption, rendering it inaccessible without the attacker-generated AES-256 keys. While other security researchers have documented techniques for encrypting S3 buckets, "this is the first instance we know of leveraging AWS's native secure encryption infrastructure via SSE-C in the wild," Tim West, VP of services with the Halcyon RISE Team, told The Register. "Historically AWS Identity IAM keys are leaked and used for data theft but if this approach gains widespread adoption, it could represent a significant systemic risk to organizations relying on AWS S3 for the storage of critical data," he warned. From the report: ... in addition to encrypting the data, Codefinder marks the compromised files for deletion within seven days using the S3 Object Lifecycle Management API â" the criminals themselves do not threaten to leak or sell the data, we're told. "This is unique in that most ransomware operators and affiliate attackers do not engage in straight up data destruction as part of a double extortion scheme or to otherwise put pressure on the victim to pay the ransom demand," West said. "Data destruction represents an additional risk to targeted organizations."

Codefinger also leaves a ransom note in each affected directory that includes the attacker's Bitcoin address and a client ID associated with the encrypted data. "The note warns that changes to account permissions or files will end negotiations," the Halcyon researchers said in a report about S3 bucket attacks shared with The Register. While West declined to name or provide any additional details about the two Codefinger victims -- including if they paid the ransom demands -- he suggests that AWS customers restrict the use of SSE-C.

"This can be achieved by leveraging the Condition element in IAM policies to prevent unauthorized applications of SSE-C on S3 buckets, ensuring that only approved data and users can utilize this feature," he explained. Plus, it's important to monitor and regularly audit AWS keys, as these make very attractive targets for all types of criminals looking to break into companies' cloud environments and steal data. "Permissions should be reviewed frequently to confirm they align with the principle of least privilege, while unused keys should be disabled, and active ones rotated regularly to minimize exposure," West said. An AWS spokesperson said it notifies affected customers of exposed keys and "quickly takes any necessary actions, such as applying quarantine policies to minimize risks for customers without disrupting their IT environment."

They also directed users to this post about what to do upon noticing unauthorized activity.

An anonymous reader quotes a report from CBS News: The Supreme Court on Monday said it will not consider whether to quash lawsuits brought by Honolulu seeking billions of dollars from oil and gas companies for the damage caused by the effects of climate change, clearing the way for the cases to move forward. The legal battle pursued in Hawaii state court is similar to others filed against the nation's largest energy companies by state and local governments in their courts. The suits claim that the oil and gas industry engaged in a deceptive campaign and misled the public about the dangers of their fossil fuel products and the environmental impacts.

A group of 15 energy companies asked the Supreme Court to review a decision from the Hawaii Supreme Court that allowed a lawsuit brought by the city and county of Honolulu, as well as its Board of Water Supply, to proceed. The suit was brought in Hawaii state court in March 2020, and Honolulu raised (PDF) several claims under state law, including creating a public nuisance and failure to warn the public of the risks posed by their fossil fuel products. The city accused the oil and gas industry of contributing to global climate change, leading to flooding, erosion and more frequent and intense extreme weather events. These changes, they said, have led to property damage and a drop in tax revenue as a result of less tourism.

The energy companies unsuccessfully sought to have the case moved to federal court, arguing that the claims raised by Honolulu under state law were overridden by federal law and the Clean Air Act. A state trial court denied their efforts to dismiss the case. The oil and gas industry has argued that greenhouse-gas emissions "flow from billions of daily choices, over more than a century, by governments, companies and individuals about what types of fuels to use, and how to use them." Honolulu, the companies said, was seeking damages for the "cumulative effect of worldwide emissions leading to global climate change." The Hawaii Supreme Court ultimately allowed (PDF) the lawsuit to proceed. The state's highest court determined that the Clean Air Act displaced federal common law governing suits seeking damages for interstate pollution. It also rejected the oil companies' argument that Honolulu was seeking to regulate emissions through its lawsuit, finding that the city instead wanted to challenge the promotion and sale of fossil fuel products "without warning and abetted by a sophisticated disinformation campaign."

"Plaintiffs' state tort law claims do not seek to regulate emissions, and there is thus no 'actual conflict' between Hawaii tort law and the [Clean Air Act]," the Hawaii Supreme Court ruled. "These claims potentially regulate marketing conduct while the CAA regulates pollution." The oil companies asked the U.S. Supreme Court to review the ruling from the Hawaii high court and urged it to stop Honolulu's lawsuit from going forward. Regulation of interstate pollution is a federal area governed by federal law, lawyers for the energy industry argued. [...] The Supreme Court in June asked the Biden administration to weigh in on the cases and whether it should step into the dispute. In a filing submitted to the Supreme Court before the transfer of presidential power, the Biden administration urged the justices to turn away the appeals, in part because it said it is too soon for them to intervene.

UK ministers are considering allowing private companies to profit from anonymized NHS data as part of a push to leverage AI for medical advancements, despite concerns over privacy and ethical risks. The Guardian reports: Keir Starmer on Monday announced a push to open up the government to AI innovation, including allowing companies to use anonymized patient data to develop new treatments, drugs and diagnostic tools. With the prime minister and the chancellor, Rachel Reeves, under pressure over Britain's economic outlook, Starmer said AI could bolster the country's anaemic growth, as he put concerns over privacy, disinformation and discrimination to one side.

"We are in a unique position in this country, because we've got the National Health Service, and the use of that data has already driven forward advances in medicine, and will continue to do so," he told an audience in east London. "We have to see this as a huge opportunity that will impact on the lives of millions of people really profoundly." Starmer added: "It is important that we keep control of that data. I completely accept that challenge, and we will also do so, but I don't think that we should have a defensive stance here that will inhibit the sort of breakthroughs that we need."

The move to embrace the potential of AI rather than its risks comes at a difficult moment for the prime minister, with financial markets having driven UK borrowing costs to a 30-year high and the pound hitting new lows against the dollar. Starmer said on Monday that AI could help give the UK the economic boost it needed, adding that the technology had the potential "to increase productivity hugely, to do things differently, to provide a better economy that works in a different way in the future." Part of that, as detailed in a report by the technology investor Matt Clifford, will be to create new datasets for startups and researchers to train their AI models.

Data from various sources will be included, such as content from the National Archives and the BBC, as well as anonymized NHS records. Officials are working out the details on how those records will be shared, but said on Monday that they would take into account national security and ethical concerns. Starmer's aides say the public sector will keep "control" of the data, but added that could still allow it to be used for commercial purposes.