×
The Almighty Buck

FCC Ends Affordable Internet Program Due To Lack of Funds (cnn.com) 68

The Affordable Connectivity Program (ACP), which provided monthly internet bill credits for low-income Americans, will officially end on June 1 due to a lack of additional funding from Congress. This termination threatens nearly 60 million Americans with increased financial hardship, as the program's lapse leaves them without the subsidies that made internet access affordable. CNN reports: The 2.5-year-old ACP provided eligible low-income Americans with a monthly credit off their internet bills, worth up to $30 per month and as much as $75 per month for households on tribal lands. The pandemic-era program was a hit with members of both political parties and served tens of millions of seniors, veterans and rural and urban Americans alike. Program participants received only partial benefits in May ahead of the ACP's expected collapse. [...]

On Friday, Biden reiterated his calls for Congress to pass legislation extending the ACP. He also announced a series of voluntary commitments by a handful of internet providers to offer -- or continue offering -- their own proprietary low-income internet plans. The list includes AT&T, Comcast, Cox, Charter's Spectrum and Verizon, among others. Those providers will continue to offer qualifying ACP households a broadband plan for $30 or less, the White House said, and together the companies are expected to cover roughly 10 million of the 23 million households relying on the ACP.
"The Affordable Connectivity Program filled an important gap that provider low-income programs, state and local affordability programs, and the Lifeline program cannot fully address," said FCC Chairwoman Jessica Rosenworcel in a statement, referring to the name of another, similar FCC program that subsidizes wireless and home internet service. "The Commission is available to provide any assistance Congress may need to support funding the ACP in the future and stands ready to resume the program if additional funding is provided."
Security

All Santander Staff and 30 Million Customers In Spain, Chile and Uruguay Hacked (bbc.com) 10

An anonymous reader quotes a report from the BBC: Hackers are attempting to sell what they say is confidential information belonging to millions of Santander staff and customers. They belong to the same gang which this week claimed to have hacked Ticketmaster. The bank -- which employs 200,000 people worldwide, including around 20,000 in the UK -- has confirmed data has been stolen. Santander has apologized for what it says is "the concern this will understandably cause" adding it is "proactively contacting affected customers and employees directly."

"Following an investigation, we have now confirmed that certain information relating to customers of Santander Chile, Spain and Uruguay, as well as all current and some former Santander employees of the group had been accessed," it said in a statement posted earlier this month. "No transactional data, nor any credentials that would allow transactions to take place on accounts are contained in the database, including online banking details and passwords." It said its banking systems were unaffected so customers could continue to "transact securely."

In a post on a hacking forum -- first spotted by researchers at Dark Web Informer- the group calling themselves ShinyHunters posted an advert saying they had data including: 30 million people's bank account details, 6 million account numbers and balances, 28 million credit card numbers, and HR information for staff. Santander has not commented on the accuracy of those claims.

Privacy

Cooler Master Hit By Data Breach Exposing Customer Information (bleepingcomputer.com) 15

Computer hardware manufacturer Cooler Master has confirmed that it suffered a data breach on May 19 after a threat actor breached the company's website, stealing the Fanzone member information of 500,000 customers. BleepingComputer reports: [A] threat actor known as 'Ghostr' told us they hacked the company's Fanzone website on May 18 and downloaded its linked databases. Cooler Master's Fanzone site is used to register a product's warranty, request an RMA, or open support tickets, requiring customers to fill in personal data, such as names, email addresses, addresses, phone numbers, birth dates, and physical addresses. Ghostr said they were able to download 103 GB of data during the Fanzone breach, including the customer information of over 500,000 customers.

The threat actor also shared data samples, allowing BleepingComputer to confirm with numerous customers listed in the breach that their data was accurate and that they recently requested support or an RMA from Cooler Master. Other data in the samples included product information, employee information, and information regarding emails with vendors. The threat actor claimed to have partial credit card information, but BleepingComputer could not find this data in the data samples. The threat actor now says they will sell the leaked data on hacking forums but has not disclosed the price.
Cooler Master said in a statement to BleepingComputer: "We can confirm on May 19, Cooler Master experienced a data breach involving unauthorized access to customer data. We immediately alerted the authorities, who are actively investigating the breach. Additionally, we have engaged top security experts to address the breach and implement new measures to prevent future incidents. These experts have successfully secured our systems and enhanced our overall security protocols. We are in the process of notifying affected customers directly and advising them on next steps. We are committed to providing timely updates and support to our customers throughout this process."
Apple

Apple Puts iPhone Durability Ahead of Easy Repairs, Exec Says 73

Apple prioritizes device durability over easier repairs, according to John Ternus, the company's head of hardware engineering, in a recent interview with YouTuber MKBHD. "It's objectively better for the customer to have that reliability," Ternus stated, adding that it is "ultimately better for the planet" due to significantly lower failure rates. Apple tests over 10,000 units of each product before release and incorporates real-world concerns into its testing suite.
The Courts

Amazon Execs May Be Personally Liable For Tricking Users Into Prime Sign-Ups (arstechnica.com) 62

An anonymous reader quotes a report from Ars Technica: Yesterday, Amazon failed to convince a US district court to dismiss the Federal Trade Commission's lawsuit targeting the tech giant's alleged history of tricking people into signing up for Prime. The FTC has alleged that Amazon "tricked, coerced, and manipulated consumers into subscribing to Amazon Prime," a court order said, failing to get informed consent by designing a murky sign-up process. And to keep subscriptions high, Amazon also "did not provide simple mechanisms for these subscribers to cancel their Prime memberships," the FTC alleged. Instead, Amazon forced "consumers intending to cancel to navigate a four-page, six-click, fifteen-option cancellation process." In their motion to dismiss, Amazon outright disputed these characterizations of its business, insisting its enrollment process was clear, its cancellation process was simple, and none of its executives could be held responsible for failing to fix these processes when "accidental" sign-ups became widespread. Amazon defended its current practices, arguing that some of its Prime disclosures "align with practices that the FTC encourages in its guidance documents." But the judge apparently did not find Amazon's denials completely persuasive. Viewing the FTC's complaint "in the light most favorable to the FTC," Judge John Chun concluded that "the allegations sufficiently indicate that Amazon had actual or constructive knowledge that its Prime sign-up and cancellation flows were misleading consumers."

In his order (PDF), Chun also denied individual motions to dismiss from Amazon executives Russell Grandinetti, Neil Lindsay, and Jamil Ghani, who oversaw Prime operations. Executives had urged the court to dismiss the FTC's claims against them. They argued that the FTC "singled them out 'for an 'unprecedented sanction'" when the agency had "only recently started prosecuting companies for using 'dark patterns'" under Restore Online Shoppers' Confidence Act (ROSCA) and the FTC Act. They claimed that the FTC never alerted them to any wrongdoing before filing the lawsuit, so how could they have known they were violating the law? According to Chun, however, the FTC sufficiently alleged that each of these executives knew they were violating consumer protection laws when prioritizing profits over eliminating dark patterns triggering "accidental" or "nonconsensual" Prime sign-ups. Chun explained that executives may be "personally liable for corporate violations of the FTC Act if the individual 'participated directly in, or had the authority to control, the unlawful acts or practices at issue.'"

For example, when Lindsay -- who in 2016 had the "most responsibility for the Prime subscription program" -- was "asked about Amazon's use of dark patterns during the Prime enrollment process," Lindsay justified the dark patterns. "Lindsay explained that once consumers become Prime members -- even unknowingly -- they will see what a great program it is and remain members, so Amazon is 'okay' with the situation," Chun's order said. And when Grandinetti, who "oversaw the Prime subscription program" in 2018, was told that the sign-up process and auto-renew feature frustrated customers, he "vetoed any changes that would reduce enrollment." Because executives seemingly prioritized profits over reducing customer friction, the FTC alleged that reasonable customers got sucked into Prime without their consent. Sometimes customers understandably got confused by the "discrepancy in size, location, and color" of Amazon's disclosures, Chun suggested. Other times, confusion struck when Amazon tried to upsell customers on Prime at checkout -- pairing their enrollment with their other shopping experience.

Canada

'Ottawa Wants the Power To Create Secret Backdoors In Our Networks' (theglobeandmail.com) 39

An anonymous reader quotes an op-ed from The Globe and Mail, written by Kate Robertson and Ron Deibert. Robertson is a senior research associate and Deibert is director at the University of Toronto's Citizen Lab. From the piece: A federal cybersecurity bill, slated to advance through Parliament soon, contains secretive, encryption-breaking powers that the government has been loath to talk about. And they threaten the online security of everyone in Canada. Bill C-26 empowers government officials to secretly order telecommunications companies to install backdoors inside encrypted elements in Canada's networks. This could include requiring telcos to alter the 5G encryption standards that protect mobile communications to facilitate government surveillance. The government's decision to push the proposed law forward without amending it to remove this encryption-breaking capability has set off alarm bells that these new powers are a feature, not a bug.

There are already many insecurities in today's networks, reaching down to the infrastructure layers of communication technology. The Signalling System No. 7, developed in 1975 to route phone calls, has become a major source of insecurity for cellphones. In 2017, the CBC demonstrated how hackers only needed a Canadian MP's cell number to intercept his movements, text messages and phone calls. Little has changed since: A 2023 Citizen Lab report details pervasive vulnerabilities at the heart of the world's mobile networks. So it makes no sense that the Canadian government would itself seek the ability to create more holes, rather than patching them. Yet it is pushing for potential new powers that would infect next-generation cybersecurity tools with old diseases.

It's not as if the government wasn't warned. Citizen Lab researchers presented the 2023 report's findings in parliamentary hearings on Bill C-26, and leaders and experts in civil society and in Canada's telecommunications industry warned that the bill must be narrowed to prevent its broad powers to compel technical changes from being used to compromise the "confidentiality, integrity, or availability" of telecommunication services. And yet, while government MPs maintained that their intent is not to expand surveillance capabilities, MPs pushed the bill out of committee without this critical amendment last month. In doing so, the government has set itself up to be the sole arbiter of when, and on what conditions, Canadians deserve security for their most confidential communications -- personal, business, religious, or otherwise. The new powers would only make people in Canada more vulnerable to malicious threats to the privacy and security of all network users, including Canada's most senior officials. [...]
"Now, more than ever, there is no such thing as a safe backdoor," the authors write in closing. "A shortcut that provides a narrow advantage for the few at the expense of us all is no way to secure our complex digital ecosystem."

"Against this threat landscape, a pivot is crucial. Canada needs cybersecurity laws that explicitly recognize that uncompromised encryption is the backbone of cybersecurity, and it must be mandated and protected by all means possible."
Privacy

Hackers Claim To Have Breached Ticketmaster, Stealing Personal Data of 560 Million Users (hackread.com) 34

The notorious hacker group ShinyHunters has claimed to have breached the security of Ticketmaster-Live Nation, compromising the personal data more than half a billion users. "This massive 1.3 terabytes of data, is now being offered for sale on Breach Forums for a one-time sale for $500,000," reports Hackread. From the report: ShinyHunters has allegedly accessed a treasure trove of sensitive user information, including full names, addresses, email addresses, phone numbers, ticket sales and event details, order information, and partial payment card data. Specifically, the compromised payment data includes customer names, the last four digits of card numbers, expiration dates, and even customer fraud details. The data breach, if confirmed, could have severe implications for the affected users, leading to potential identity theft, financial fraud, and further cyber attacks. The hacker group's bold move to put this data on sale goes on to show the growing menace of cybercrime and the increasing sophistication of these cyber adversaries.
Bitcoin

Former FTX Executive Ryan Salame Sentenced To 7.5 Years In Prison (apnews.com) 14

Former FTX executive Ryan Salame has been sentenced to more than seven years in prison, "the first of the lieutenants of failed cryptocurrency mogul Sam Bankman-Fried to receive jail time for their roles in the 2022 collapse of the cryptocurrency exchange," reports the Associated Press. From the report: Salame, 30, was a high-ranking executive at FTX for most of the exchange's existence and, up until its collapse, was the co-CEO of FTX Digital Markets. He pleaded guilty last year to illegally making unlawful U.S. campaign contributions and to operating an unlicensed money-transmitting business. The sentence of 7 1/2 years in prison, plus three years of supervised release, was more than the five to seven years prosecutors had asked Judge Lewis A. Kaplan to impose on Salame in their pre-sentencing memo.

While Salame was a high-level executive at FTX, he was not a major part of the government's case against Bankman-Fried at his trial earlier this year and did not testify against him. In a bid for leniency, Salame said during the sentencing hearing that he cooperated and even provided documents that aided prosecutors in their cross examination of Bankman-Fried, as well as in his own prosecution. Along with helping Bankman-Fried hide the holes in FTX's balance sheet that ultimately led to the exchange's failure, Salame was used as a conduit for Bankman-Fried to make illegal campaign contributions to help shape U.S. policy on cryptocurrencies. On the surface, Bankman-Fried mostly gave political contributions to Democrats and liberal-leaning causes, while Salame gave contributions to Republicans and right-leaning causes. But ultimately the funds that Salame used for those contributions came from Bankman-Fried.

The judge also chastised Salame for pulling $5 million in cryptocurrencies out of FTX as the exchange was failing. "You tried to withdraw tens of millions more," Kaplan said. "It was me first. I'm getting in the lifeboat first. To heck with all those customers."

The Courts

Lawyers To Plastic Makers: Prepare For 'Astronomical' PFAS Lawsuits (nytimes.com) 110

An anonymous reader quotes a report from the New York Times: The defense lawyer minced no words as he addressed a room full of plastic-industry executives. Prepare for a wave of lawsuits with potentially "astronomical" costs. Speaking at a conference earlier this year, the lawyer, Brian Gross, said the coming litigation could "dwarf anything related to asbestos," one of the most sprawling corporate-liability battles in United States history. Mr. Gross was referring to PFAS, the "forever chemicals" that have emerged as one of the major pollution issues of our time. Used for decades in countless everyday objects -- cosmetics, takeout containers, frying pans -- PFAS have been linked to serious health risks including cancer. Last month the federal government said several types of PFAS must be removed from the drinking water of hundreds of millions of Americans. "Do what you can, while you can, before you get sued," Mr. Gross said at the February session, according to a recording of the event made by a participant and examined by The New York Times. "Review any marketing materials or other communications that you've had with your customers, with your suppliers, see whether there's anything in those documents that's problematic to your defense," he said. "Weed out people and find the right witness to represent your company."

A wide swath of the chemicals, plastics and related industries are gearing up to fight a surge in litigation related to PFAS, or per- and polyfluoroalkyl substances, a class of nearly 15,000 versatile synthetic chemicals linked to serious health problems. [...] PFAS-related lawsuits have already targeted manufacturers in the United States, including DuPont, its spinoff Chemours, and 3M. Last year, 3M agreed to pay at least $10 billion to water utilities across the United States that had sought compensation for cleanup costs. Thirty state attorneys general have also sued PFAS manufacturers, accusing the manufacturers of widespread contamination. But experts say the legal battle is just beginning. Under increasing scrutiny are a wider universe of companies that use PFAS in their products. This month, plaintiffs filed a class-action lawsuit against Bic, accusing the razor company for failing to disclose that some of its razors contained PFAS. Bic said it doesn't comment on pending litigation, and said it had a longstanding commitment to safety.

The Biden administration has moved to regulate the chemicals, for the first time requiring municipal water systems to remove six types of PFAS. Last month, the Environmental Protection Agency also designated two of those PFAS chemicals as hazardous substances under the Superfund law, shifting responsibility for their cleanup at contaminated sites from taxpayers to polluters. Both rules are expected to prompt a new round of litigation from water utilities, local communities and others suing for cleanup costs. "To say that the floodgates are opening is an understatement," said Emily M. Lamond, an attorney who focuses on environmental litigation at the law firm Cole Schotz. "Take tobacco, asbestos, MTBE, combine them, and I think we're still going to see more PFAS-related litigation," she said, referring to methyl tert-butyl ether, a former harmful gasoline additive that contaminated drinking water. Together, the trio led to claims totaling hundreds of billions of dollars.
Unlike tobacco, used by only a subset of the public, "pretty much every one of us in the United States is walking around with PFAS in our bodies," said Erik Olson, senior strategic director for environmental health at the Natural Resources Defense Council. "And we're being exposed without our knowledge or consent, often by industries that knew how dangerous the chemicals were, and failed to disclose that," he said. "That's a formula for really significant liability."
Piracy

Nvidia Denies Pirate e-Book Sites Are 'Shadow Libraries' To Shut Down Lawsuit (arstechnica.com) 105

An anonymous reader quotes a report from Ars Technica: Some of the most infamous so-called shadow libraries have increasingly faced legal pressure to either stop pirating books or risk being shut down or driven to the dark web. Among the biggest targets are Z-Library, which the US Department of Justice has charged with criminal copyright infringement, and Library Genesis (Libgen), which was sued by textbook publishers last fall for allegedly distributing digital copies of copyrighted works "on a massive scale in willful violation" of copyright laws. But now these shadow libraries and others accused of spurning copyrights have seemingly found an unlikely defender in Nvidia, the AI chipmaker among those profiting most from the recent AI boom.

Nvidia seemed to defend the shadow libraries as a valid source of information online when responding to a lawsuit from book authors over the list of data repositories that were scraped to create the Books3 dataset used to train Nvidia's AI platform NeMo. That list includes some of the most "notorious" shadow libraries -- Bibliotik, Z-Library (Z-Lib), Libgen, Sci-Hub, and Anna's Archive, authors argued. However, Nvidia hopes to invalidate authors' copyright claims partly by denying that any of these controversial websites should even be considered shadow libraries.

"Nvidia denies the characterization of the listed data repositories as 'shadow libraries' and denies that hosting data in or distributing data from the data repositories necessarily violates the US Copyright Act," Nvidia's court filing said. The chipmaker did not go into further detail to define what counts as a shadow library or what potentially absolves these controversial sites from key copyright concerns raised by various ongoing lawsuits. Instead, Nvidia kept its response brief while also curtly disputing authors' petition for class-action status and defending its AI training methods as fair use. "Nvidia denies that it has improperly used or copied the alleged works," the court filing said, arguing that "training is a highly transformative process that may include adjusting numerical parameters including 'weights,' and that outputs of an LLM may be based, at least in part, on such 'weights.'"
"Nvidia's argument likely depends on the court agreeing that AI models ingesting published works in order to transform those works into weights governing AI outputs is fair use," notes Ars. "However, authors have argued that 'these weights are entirely and uniquely derived from the protected expression in the training dataset' that has been copied without getting authors' consent or providing authors with compensation."

"Authors suing Nvidia have taken the next step, linking the chipmaker to shadow libraries by arguing that 'these shadow libraries have long been of interest to the AI-training community because they host and distribute vast quantities of unlicensed copyrighted material. For that reason, these shadow libraries also violate the US Copyright Act.'"
Bitcoin

Researchers Cracked an 11-Year-Old Password To a $3 Million Software-Based Crypto Wallet (wired.com) 74

An anonymous reader quotes a report from Wired: Two years ago when "Michael," an owner of cryptocurrency, contacted Joe Grand to help recover access to about $2 million worth of bitcoin he stored in encrypted format on his computer, Grand turned him down. Michael, who is based in Europe and asked to remain anonymous, stored the cryptocurrency in a password-protected digital wallet. He generated a password using the RoboForm password manager and stored that password in a file encrypted with a tool called TrueCrypt. At some point, that file got corrupted and Michael lost access to the 20-character password he had generated to secure his 43.6 BTC (worth a total of about [...] $5,300, in 2013). Michael used the RoboForm password manager to generate the password but did not store it in his manager. He worried that someone would hack his computer and obtain the password. "At [that] time, I was really paranoid with my security," he laughs.

Grand is a famed hardware hacker who in 2022 helped another crypto wallet owner recover access to $2 million in cryptocurrencyhe thought he'd lost forever after forgetting the PIN to his Trezor wallet. Since then, dozens of people have contacted Grand to help them recover their treasure. But Grand, known by the hacker handle "Kingpin," turns down most of them, for various reasons. Grand is an electrical engineer who began hacking computing hardware at age 10 and in 2008 cohosted the Discovery Channel's Prototype This show. He now consults with companies that build complex digital systems to help them understand how hardware hackers like him might subvert their systems. He cracked the Trezor wallet in 2022 using complex hardware techniques that forced the USB-style wallet to reveal its password. But Michael stored his cryptocurrency in a software-based wallet, which meant none of Grand's hardware skills were relevant this time. [...] Michael contacted multiple people who specialize in cracking cryptography; they all told him "there's no chance" of retrieving his money. But last June he approached Grand again, hoping to convince him to help, and this time Grand agreed to give it a try, working with a friend named Bruno in Germany who also hacks digital wallets.

Grand and Bruno spent months reverse engineering the version of the RoboForm program that they thought Michael had used in 2013 and found that the pseudo-random number generator used to generate passwords in that version -- and subsequent versions until 2015 -- did indeed have a significant flaw that made the random number generator not so random. The RoboForm program unwisely tied the random passwords it generated to the date and time on the user's computer -- it determined the computer's date and time, and then generated passwords that were predictable. If you knew the date and time and other parameters, you could compute any password that would have been generated on a certain date and time in the past. [...] There was one problem: Michael couldn't remember when he created the password. According to the log on his software wallet, Michael moved bitcoin into his wallet for the first time on April 14, 2013. But he couldn't remember if he generated the password the same day or some time before or after this. So, looking at the parameters of other passwords he generated using RoboForm, Grand and Bruno configured RoboForm to generate 20-character passwords with upper- and lower-case letters, numbers, and eight special characters from March 1 to April 20, 2013. It failed to generate the right password. [...] Instead, they revealed that they had finally found the correct password -- no special characters. It was generated on May 15, 2013, at 4:10:40 pm GMT.

Republicans

Trump Promises He'd Commute the Life Sentence of 'Silk Road' Founder Ross Ulbricht (semafor.com) 283

In 2011 Ross Ulbricht launched an anonymous, Tor-hidden "darknet" marketplace (with transactions conducted in bitcoin). By 2015 he'd been sentenced to life in prison for crimes including money laundering, distributing narcotics, and trafficking in fraudulent identity documents — without the possibility of parole.

Today a U.S. presidential candidate promised to commute that life sentence — Donald Trump, speaking at the national convention of the Libertarian Party as it prepares to nominate its own candidate for president.

Commuting Ulbricht's life sentence is "a top demand" of a political movement that intends to run its own candidate against Trump, reports Semafor: "On day one, we will commute the sentence," Trump said, offering to free the creator of what was once the internet's most infamous drug clearinghouse. "We will bring him home." His speeches more typically include a pledge to execute drug dealers, citing China as a model.

"It's time to be winners," said Trump, asking rhetorically if third party delegates wanted to go on getting single-digit protest votes. "I'm asking for the Libertarian Party's endorsement, or at least lots of your votes...."

"I've been indicted by the government on 91 different things," Trump said. "So if I wasn't a libertarian before, I sure as hell am a libertarian now."

More coverage from NBC News: At times, Trump turned on the crowd, criticizing libertarians' turnout at previous elections. "You can keep going the way you have for the last long decades and get your 3% and meet again, get another 3%," Trump said following jeers from the crowd.
Another high-profile supporter for commuting Ulbricht's sentence is actor-turned documentary maker Alex Winter. Best known for playing slacker Bill S. Preston Esq in Bill & Ted's Excellent Adventure and its sequels, Winter also directed, wrote, and co-produced the 2015 documentary Deep Web: The Untold Story of Bitcoin and the Silk Road (narrated by Keanu Reeves).

Writing earlier this month in Rolling Stone, Winter called Silk Road "inarguably a criminal operation" but also "a vibrant and diverse community of people from around the world. They were not only there for drugs but for the freedom of an encrypted and anonymous space, to convene and discuss everything from politics to literature and art, philosophy and drugs, drug recovery, and the onerous War on Drugs..." It's my firm opinion, and the opinion of many prison-system and criminal-law experts, that [Ulbricht's] sentence is disproportionate to his charges and that he deserves clemency. This case indeed reflects just one of the millions of unjust sentences in the long and failed War on Drugs... No matter what one thinks of Ulbricht, Silk Road, or the crimes that may have been committed, 10 years in prison is more than sufficient and customary punishment for those offenses or sins. Ross Ulbricht should be free.
United Kingdom

Britain Covered Up Tainted Blood Scandal That Killed Thousands, Report Finds (upi.com) 78

UPI reports that the British government covered up "a multi-decade tainted blood scandal, leading to thousands of related deaths, a report published Monday found." Britain's National Health Service allowed blood tainted with HIV and Hepatitis to be used on patients without their knowledge, leading to 3,000 deaths and more than 30,000 infections, according to the 2,527-page final report by Justice Brian Justice Langstaff, a former judge on the High Court of England and Wales. Langstaff oversaw a five-year investigation into the use of tainted blood and blood products in Britain's healthcare system between 1970 and 1991. The report blames multiple administrations over the time period for knowingly exposing victims to unacceptable risks...

In several cases, health officials lied about the risks to patients... The NHS also gave patients false reassurances, an attempt to "save face," failing victims "not once but repeatedly...." The situation could "largely, though not entirely, have been avoided," Langstaff found...

The British government on Monday began operating a support phone line for people and their families affected by the tainted blood scandal.

The article notes that Langstaff described the coverup as "subtle" but "pervasive" and "chilling in its implications...

"To save face and to save expense, there has been a hiding of much of the truth."

Thanks to long-time Slashdot reader schwit1 for sharing the article.
Facebook

Meta, Activision Sued By Parents of Children Killed in Last Year's School Shooting (msn.com) 153

Exactly one year after the fatal shooting of 19 elementary school students in Texas, their parents filed a lawsuit against the publisher of the videogame Call of Duty, against Meta, and against the manufacturer of the AR-15-style weapon used in the attack, Daniel Defense.

The Washington Post says the lawsuits "may be the first of their kind to connect aggressive firearms marketing tactics on social media and gaming platforms to the actions of a mass shooter." The complaints contend the three companies are responsible for "grooming" a generation of "socially vulnerable" young men radicalized to live out violent video game fantasies in the real world with easily accessible weapons of war...

Several state legislatures, including California and Hawaii, passed consumer safety laws specific to the sale and marketing of firearms that would open the industry to more civil liability. Texas is not one of them. But it's just one vein in the three-pronged legal push by Uvalde families. The lawsuit against Activision and Meta, which is being filed in California, accuses the tech companies of knowingly promoting dangerous weapons to millions of vulnerable young people, particularly young men who are "insecure about their masculinity, often bullied, eager to show strength and assert dominance."

"To put a finer point on it: Defendants are chewing up alienated teenage boys and spitting out mass shooters," the lawsuit states...

The lawsuit alleges that Meta, which owns Instagram, easily allows gun manufacturers like Daniel Defense to circumvent its ban on paid firearm advertisements to reach scores of young people. Under Meta's rules, gunmakers are not allowed to buy advertisements promoting the sale of or use of weapons, ammunition or explosives. But gunmakers are free to post promotional material about weapons from their own account pages on Facebook and Instagram — a freedom the lawsuit alleges Daniel Defense often exploited.

According to the complaint, the Robb school shooter downloaded a version of "Call of Duty: Modern Warfare," in November 2021 that featured on the opening title page the DDM4V7 model rifle [shooter Salvador] Ramos would later purchase. Drawing from the shooter's social media accounts, Koskoff argued he was being bombarded with explicit marketing and combat imagery from the company on Instagram... The complaint cites Meta's practice, first reported by The Washington Post in 2022, of giving gun sellers wide latitude to knowingly break its rules against selling firearms on its websites. The company has allowed buyers and sellers to violate the rule 10 times before they are kicked off, The Post reported.

The article adds that the lawsuit against Meta "echoes some of the complaints by dozens of state attorneys general and school districts that have accused the tech giant of using manipulative practices to hook... while exposing them to harmful content." It also includes a few excerpts from the text of the lawsuit.
  • It argues that both Meta and Activision "knowingly exposed the Shooter to the weapon, conditioned him to see it as the solution to his problems, and trained him to use it."
  • The lawsuit also compares their practices to another ad campaign accused of marketing harmful products to children: cigarettes. "Over the last 15 years, two of America's largest technology companies — Defendants Activision and Meta — have partnered with the firearms industry in a scheme that makes the Joe Camel campaign look laughably harmless, even quaint."

Meta and Daniel Defense didn't respond to the reporters' requests for comment. But they did quote a statement from Activision expressing sympathy for the communities and families impacted by the "horrendous and heartbreaking" shooting.

Activision also added that "Millions of people around the world enjoy video games without turning to horrific acts."


AI

FTC Chair: AI Models Could Violate Antitrust Laws (thehill.com) 42

An anonymous reader quotes a report from The Hill: Federal Trade Commission (FTC) Chair Lina Khan said Wednesday that companies that train their artificial intelligence (A) models on data from news websites, artists' creations or people's personal information could be in violation of antitrust laws. At The Wall Street Journal's "Future of Everything Festival," Khan said the FTC is examining ways in which major companies' data scraping could hinder competition or potentially violate people's privacy rights. "The FTC Act prohibits unfair methods of competition and unfair or deceptive acts or practices," Khan said at the event. "So, you can imagine, if somebody's content or information is being scraped that they have produced, and then is being used in ways to compete with them and to dislodge them from the market and divert businesses, in some cases, that could be an unfair method of competition."

Khan said concern also lies in companies using people's data without their knowledge or consent, which can also raise legal concerns. "We've also seen a lot of concern about deception, about unfairness, if firms are making one set of representations when you're signing up to use them, but then are secretly or quietly using the data you're feeding them -- be it your personal data, be it, if you're a business, your proprietary data, your competitively significant data -- if they're then using that to feed their models, to compete with you, to abuse your privacy, that can also raise legal concerns," she said.

Khan also recognized people's concerns about companies retroactively changing their terms of service to let them use customers' content, including personal photos or family videos, to feed into their AI models. "I think that's where people feel a sense of violation, that that's not really what they signed up for and oftentimes, they feel that they don't have recourse," Khan said. "Some of these services are essential for navigating day to day life," she continued, "and so, if the choice -- 'choice' -- you're being presented with is: sign off on not just being endlessly surveilled, but all of that data being fed into these models, or forego using these services entirely, I think that's a really tough spot to put people in." Khan said she thinks many government agencies have an important role to play as AI continues to develop, saying, "I think in Washington, there's increasingly a recognition that we can't, as a government, just be totally hands off and stand out of the way."
You can watch the interview with Khan here.
EU

UK Law Will Let Regulators Fine Big Tech Without Court Approval (theverge.com) 34

Emma Roth reports via The Verge: The UK could subject big tech companies to hefty fines if they don't comply with new rules meant to promote competition in digital markets. On Thursday, lawmakers passed the Digital Markets, Competition and Consumer Bill (DMCC) through Parliament, which will let regulators enforce rules without the help of the courts. The DMCC also addresses consumer protection issues by banning fake reviews, forcing companies to be more transparent about their subscription contracts, regulating secondary ticket sales, and getting rid of hidden fees. It will also force certain companies to report mergers to the UK's Competition and Markets Authority (CMA). The European Union enacted a similar law, called the Digital Markets Act (DMA).

Only the companies the CMA designates as having Strategic Market Status (SMS) have to comply. These SMS companies are described as having "substantial and entrenched market power" and "a position of strategic significance" in the UK. They must have a global revenue of more than 25 billion euros or UK revenue of more than 1 billion euros. The law will also give the CMA the authority to determine whether a company has broken a law, require compliance, and issue a fine -- all without going through the court system. The CMA can fine companies up to 10 percent of the total value of a business's global revenue for violating the new rules.

Encryption

Signal Slams Telegram's Security (techcrunch.com) 33

Messaging app Signal's president Meredith Whittaker criticized rival Telegram's security on Friday, saying Telegram founder Pavel Durov is "full of s---" in his claims about Signal. "Telegram is a social media platform, it's not encrypted, it's the least secure of messaging and social media services out there," Whittaker told TechCrunch in an interview. The comments come amid a war of words between Whittaker, Durov and Twitter owner Elon Musk over the security of their respective platforms. Whittaker said Durov's amplification of claims questioning Signal's security was "incredibly reckless" and "actually harms real people."

"Play your games, but don't take them into my court," Whittaker said, accusing Durov of prioritizing being "followed by a professional photographer" over getting facts right about Signal's encryption. Signal uses end-to-end encryption by default, while Telegram only offers it for "secret chats." Whittaker said many in Ukraine and Russia use Signal for "actual serious communications" while relying on Telegram's less-secure social media features. She said the "jury is in" on the platforms' comparative security and that Signal's open source code allows experts to validate its privacy claims, which have the trust of the security community.
The Courts

Political Consultant Behind Fake Biden Robocalls Faces $6 Million Fine, Criminal Charges (apnews.com) 49

Political consultant Steven Kramer faces a $6 million fine and over two dozen criminal charges for using AI-generated robocalls mimicking President Joe Biden's voice to mislead New Hampshire voters ahead of the presidential primary. The Associated Press reports: The Federal Communications Commission said the fine it proposed Thursday for Steven Kramer is its first involving generative AI technology. The company accused of transmitting the calls, Lingo Telecom, faces a $2 million fine, though in both cases the parties could settle or further negotiate, the FCC said. Kramer has admitted orchestrating a message that was sent to thousands of voters two days before the first-in-the-nation primary on Jan. 23. The message played an AI-generated voice similar to the Democratic president's that used his phrase "What a bunch of malarkey" and falsely suggested that voting in the primary would preclude voters from casting ballots in November.

Kramer is facing 13 felony charges alleging he violated a New Hampshire law against attempting to deter someone from voting using misleading information. He also faces 13 misdemeanor charges accusing him of falsely representing himself as a candidate by his own conduct or that of another person. The charges were filed in four counties and will be prosecuted by the state attorney general's office. Attorney General John Formella said New Hampshire was committed to ensuring that its elections "remain free from unlawful interference."

Kramer, who owns a firm that specializes in get-out-the-vote projects, did not respond to an email seeking comment Thursday. He told The Associated Press in February that he wasn't trying to influence the outcome of the election but rather wanted to send a wake-up call about the potential dangers of artificial intelligence when he paid a New Orleans magician $150 to create the recording. "Maybe I'm a villain today, but I think in the end we get a better country and better democracy because of what I've done, deliberately," Kramer said in February.

The Almighty Buck

IRS Extends Free File Tax Program Through 2029 (cnbc.com) 21

The IRS has extended the Free File program through 2029, "continuing its partnership with a coalition of private tax software companies that allow most Americans to file federal taxes for free," reports CNBC. From the report: This season, Free File processed 2.9 million returns through May 11, a 7.3% increase compared to the same period last year, according to the IRS. "Free File has been an important partner with the IRS for more than two decades and helped tens of millions of taxpayers," Ken Corbin, chief of IRS taxpayer services, said in a statement Wednesday. "This extension will continue that relationship into the future."

"This multi-year agreement will also provide certainty for private-sector partners to help with their future Free File planning," Corbin added. IRS Free File remains open through the Oct. 15 federal tax extension deadline. You can use Free File for 2023 returns with an adjusted gross income of $79,000 or less, which is up from $73,000 in 2022. Fillable Forms are also still available for all income levels.

IT

Leaked Contract Shows Samsung Forces Repair Shop To Snitch On Customers (404media.co) 34

Speaking of Samsung, samleecole shares a report about the contract the South Korean firm requires repair shops to sign: In exchange for selling them repair parts, Samsung requires independent repair shops to give Samsung the name, contact information, phone identifier, and customer complaint details of everyone who gets their phone repaired at these shops, according to a contract obtained by 404 Media. Stunningly, it also requires these nominally independent shops to "immediately disassemble" any phones that customers have brought them that have been previously repaired with aftermarket or third-party parts and to "immediately notify" Samsung that the customer has used third-party parts.

"Company shall immediately disassemble all products that are created or assembled out of, comprised of, or that contain any Service Parts not purchased from Samsung," a section of the agreement reads. "And shall immediately notify Samsung in writing of the details and circumstances of any unauthorized use or misappropriation of any Service Part for any purpose other than pursuant to this Agreement. Samsung may terminate this Agreement if these terms are violated."

Slashdot Top Deals