An anonymous reader quotes a report from InfoWorld: C++ creator Bjarne Stroustrup has defended the widely used programming language in response to a Biden administration report that calls on developers to use memory-safe languages and avoid using vulnerable ones such as C++ and C. In a March 15 response to an inquiry from InfoWorld, Stroustrup pointed out strengths of C++, which was designed in 1979. "I find it surprising that the writers of those government documents seem oblivious of the strengths of contemporary C++ and the efforts to provide strong safety guarantees," Stroustrup said. "On the other hand, they seem to have realized that a programming language is just one part of a tool chain, so that improved tools and development processes are essential."

Safety improvement always has been a goal of C++ development efforts, Stroustrup stressed. "Improving safety has been an aim of C++ from day one and throughout its evolution. Just compare the K&R C language with the earliest C++, and the early C++ with contemporary C++. My CppCon 2023 keynote outlines that evolution," he said. "Much quality C++ is written using techniques based on RAII (Resource Acquisition Is Initialization), containers, and resource management pointers rather than conventional C-style pointer messes." Stroustrup cited a number of efforts to improve C++ safety. "There are two problems related to safety. Of the billions of lines of C++, few completely follow modern guidelines, and peoples' notions of which aspects of safety are important differ. I and the C++ standard committee are trying to deal with that," he said. "Profiles is a framework for specifying what guarantees a piece of code requires and enable implementations to verify them. There are documents describing that on the committee's website -- look for WG21 -- and more are coming. However, some of us are not in a mood to wait for the committee's necessarily slow progress."

Profiles, Stroustrup said, "is a framework that allows us to incrementally improve guarantees -- e.g., to eliminate most range errors relatively soon -- and to gradually introduce guarantees into large code bases through local static analysis and minimal run-time checks. My long-term aim for C++ is and has been for C++ to offer type and resource safety when and where needed. Maybe the current push for memory safety -- a subset of the guarantees I want -- will prove helpful to my efforts, which are shared by many in the C++ standards committee." Stroustrup previously defended the safety of C++ against the NSA, which recommended using memory-safe languages instead of C++ and C in a November 2022 bulletin.

An anonymous reader quotes a report from the Associated Press: The Environmental Protection Agency on Monday announced a comprehensive ban on asbestos, a carcinogen that kills tens of thousands of Americans every year but is still used in some chlorine bleach, brake pads and other products. The final rule marks a major expansion of EPA regulation under a landmark 2016 law that overhauled regulations governing tens of thousands of toxic chemicals in everyday products, from household cleaners to clothing and furniture. The new rule would ban chrysotile asbestos, the only ongoing use of asbestos in the United States. The substance is found in products such as brake linings and gaskets and is used to manufacture chlorine bleach and sodium hydroxide, also known as caustic soda, including some that is used for water purification. [...]

The 2016 law authorized new rules for tens of thousands of toxic chemicals found in everyday products, including substances such as asbestos and trichloroethylene that for decades have been known to cause cancer yet were largely unregulated under federal law. Known as the Frank Lautenberg Chemical Safety Act, the law was intended to clear up a hodgepodge of state rules governing chemicals and update the Toxic Substances Control Act, a 1976 law that had remained unchanged for 40 years. The EPA banned asbestos in 1989, but the rule was largely overturned by a 1991 Court of Appeals decision that weakened the EPA's authority under TSCA to address risks to human health from asbestos or other existing chemicals. The 2016 law required the EPA to evaluate chemicals and put in place protections against unreasonable risks. Asbestos, which was once common in home insulation and other products, is banned in more than 50 countries, and its use in the U.S. has been declining for decades. The only form of asbestos known to be currently imported, processed or distributed for use in the U.S. is chrysotile asbestos, which is imported primarily from Brazil and Russia. It is used by the chlor-alkali industry, which produces bleach, caustic soda and other products. Most consumer products that historically contained chrysotile asbestos have been discontinued. While chlorine is a commonly used disinfectant in water treatment, there are only eight chlor-alkali plants in the U.S. that still use asbestos diaphragms to produce chlorine and sodium hydroxide. The plants are mostly located in Louisiana and Texas.

The use of asbestos diaphragms has been declining and now accounts for less than one-third of the chlor-alkali production in the U.S., the EPA said. The EPA rule will ban imports of asbestos for chlor-alkali as soon as the rule is published but will phase in prohibitions on chlor-alkali use over five or more years to provide what the agency called "a reasonable transition period." A ban on most other uses of asbestos will effect in two years. A ban on asbestos in oilfield brake blocks, aftermarket automotive brakes and linings and other gaskets will take effect in six months. The EPA rule allows asbestos-containing sheet gaskets to be used until 2037 at the U.S. Department of Energy's Savannah River Site in South Carolina to ensure that safe disposal of nuclear materials can continue on schedule. Separately, the EPA is also evaluating so-called legacy uses of asbestos in older buildings, including schools and industrial sites, to determine possible public health risks. A final risk evaluation is expected by the end of the year.

An anonymous reader quotes a report from TorrentFreak: Back in 2004, in the pre-Web 2.0 era, research indicated that BitTorrent was responsible for an impressive 35% of all Internet traffic. At the time, file-sharing via peer-to-peer networks was the main traffic driver as no other services consumed large amounts of bandwidth. Fast-forward two decades and these statistics are ancient history. With the growth of video streaming, including services such as YouTube, Netflix, and TikTok, file-sharing traffic is nothing more than a drop in today's data pool. [...]

This week, Canadian broadband management company Sandvine released its latest Global Internet Phenomena Report which makes it clear that BitTorrent no longer leads any charts. The latest data show that video and social media are the leading drivers of downstream traffic, accounting for more than half of all fixed access and mobile data worldwide. Needless to say, BitTorrent is nowhere to be found in the list of 'top apps'. Looking at upstream traffic, BitTorrent still has some relevance on fixed access networks where it accounts for 4% of the bandwidth. However, it's been surpassed by cloud storage apps, FaceTime, Google, and YouTube. On mobile connections, BitTorrent no longer makes it into the top ten. The average of 46 MB upstream traffic per subscriber shouldn't impress any file-sharer. However, since only a small percentage of all subscribers use BitTorrent, the upstream traffic per user is of course much higher.

The Guardian reports that this week "Bernie Sanders, the independent senator from Vermont who twice ran for the Democratic presidential nomination, introduced a bill to establish a four-day US working week." "Moving to a 32-hour workweek with no loss of pay is not a radical idea," Sanders said on Thursday. "Today, American workers are over 400% more productive than they were in the 1940s. And yet millions of Americans are working longer hours for lower wages than they were decades ago. "That has got to change. The financial gains from the major advancements in artificial intelligence, automation and new technology must benefit the working class, not just corporate chief executives and wealthy stockholders on Wall Street.

"It is time to reduce the stress level in our country and allow Americans to enjoy a better quality of life. It is time for a 32-hour workweek with no loss in pay."
The proposed bill "has received the endorsement of the American Federation of Labor and Congress of Industrial Organizations, United Auto Workers, the Service Employees International Union, the Association of Flight Attendants" — as well as several other labor unions, reports USA Today: More than half of adults employed full time reported working more than 40 hours per week, according to a 2019 Gallup poll... More than 70 British companies started to test a four-day workweek last year, and most respondents reported there has been no loss in productivity.
A statement from Senator Sanders: Bill Gates, the founder of Microsoft, and Jamie Dimon, the CEO of JP Morgan Chase, predicted last year that advancements in technology would lead to a three or three-and-a-half-day workweek in the coming years. Despite these predictions, Americans now work more hours than the people of most other wealthy nations, but are earning less per week than they did 50 years ago, after adjusting for inflation.
"Sanders also pointed to other countries that have reduced their workweeks, such as France, Norway and Denmark," adds NBC News.

USA Today notes that "While Sanders' role as chair of the Senate Health, Education, Labor, and Pensions Committee places a greater focus on shortening the workweek, it is unlikely the bill will garner enough support from Republicans to become federal law and pass in both chambers."

And political analysts who spoke to ABC News "cast doubt on the measure's chances of passage in a divided Congress where opposition from Republicans is all but certain," reports ABC News, "and even the extent of support among Democrats remains unclear."

In 2020 Oregon passed Measure 110, decriminalizing possession of small amounts of drugs.

But now "America's most radical experiment with drug decriminalization has ended," writes the Atlantic, "after more than three years of painful results." Oregon Governor Tina Kotek has pledged to sign legislation repealing the principal elements of the ballot initiative... Possessing hard drugs is again a crime in Oregon, and courts will return to mandating treatment for offenders. Oregonians had supported Measure 110 with 59 percent of the vote in 2020, but three years later, polling showed that 64 percent wanted some or all of it repealed...

More than $260 million were allocated to services such as naloxone distribution, employment and housing services, and voluntary treatment... Once drugs were decriminalized and destigmatized, the thinking went, those who wanted to continue using would be more willing to access harm-reduction services that helped them use in safer ways. Meanwhile, the many people who wanted to quit using drugs but had been too ashamed or fearful to seek treatment would do so. Advocates foresaw a surge of help-seeking, a reduction in drug-overdose deaths, fewer racial disparities in the health and criminal-justice systems, lower rates of incarceration, and safer neighborhoods for all...

Measure 110 did not reduce Oregon's drug problems. The drug-overdose-death rate increased by 43 percent in 2021, its first year of implementation — and then kept rising. The latest CDC data show that in the 12 months ending in September 2023, deaths by overdose grew by 41.6 percent, versus 2.1 percent nationwide. No other state saw a higher rise in deaths... Neither did decriminalization produce a flood of help-seeking. The replacement for criminal penalties, a $100 ticket for drug possession with the fine waived if the individual called a toll-free number for a health assessment, with the aim of encouraging treatment, failed completely. More than 95 percent of people ignored the ticket, for which — in keeping with the spirit of Measure 110 — there was no consequence. The cost of the hotline worked out to about $7,000 per completed phone call, according to The Economist. These realities, as well as associated disorder such as open-air drug markets and a sharp rise in violent crime — while such crime was falling nationally — led Oregonians to rethink their drug policy.
The article notes that Oregon was the first U.S. state to decriminalize marijuana back in 1973, and had long shown low rates of imprisonment for non-violent crimes (diverting offenders into so-called "drug courts" which could mandate treatment or order court-directed supervision). "However, after Measure 110 was passed and the threat of jail time eliminated, the flow of people into these programs slowed."

But "One thing Measure 110 got right, at least in principle, is that Oregon's addiction-treatment system was grossly underfunded," the article concludes. And it adds that the newly-passed law now "provides extensive new funding for immediate needs, including detox facilities, sobering centers, treatment facilities, and the staff to support those services."

They recommend other states adopt "adequately funded, evidence-based prevention and treatment" — and instead of punitive incarcerations, "use criminal justice productively to discourage drug use."

A new EFF web page is urging U.S. readers to "Tell Congress: Stop the TikTok Ban," arguing the bill will "do little for its alleged goal of protecting our private information and the collection of our data by foreign governments." Tell Congress: Instead of giving the President the power to ban entire social media platforms based on their country of origin, our representatives should focus on what matters — protecting our data no matter who is collecting it... It's a massive problem that current U.S. law allows for all the big social media platforms to harvest and monetize our personal data, including TikTok. Without comprehensive data privacy legislation, this will continue, and this ban won't solve any real or perceived problems. User data will still be collected by numerous platforms and sold to data brokers who sell it to the highest bidder — including governments of countries such as China — just as it is now.

TikTok raises special concerns, given the surveillance and censorship practices of the country that its parent company is based in, China. But it's also used by hundreds of millions of people to express themselves online, and is an instrumental tool for community building and holding those in power accountable. The U.S. government has not justified silencing the speech of Americans who use TikTok, nor has it justified the indirect speech punishment of a forced sale (which may prove difficult if not impossible to accomplish in the required timeframe). It can't meet the high constitutional bar for a restriction on the platform, which would undermine the free speech and association rights of millions of people. This bill must be stopped.

Newsweek points out that a Chinese government post arguing the bill is "on the wrong side of fair competition" was flagged by users on X. "TikTok is banned in the People's Republic of China," the X community note read. (The BBC reports that "Instead, Chinese users use a similar app, Douyin, which is only available in China and subject to monitoring and censorship by the government.")

Newsweek adds that China "has also blocked access to YouTube, Facebook, Instagram, and Google services. X itself is also banned — though Chinese diplomats use the microblogging app to deliver Beijing's messaging to the wider world."

From the Wall Street Journal: Among the top concerns for [U.S.] intelligence leaders is that they wouldn't even necessarily be able to detect a Chinese influence operation if one were taking place [on TikTok] due to the opacity of the platform and how its algorithm surfaces content to users. Such operations, FBI director Christopher Wray said this week in congressional testimony, "are extraordinarily difficult to detect, which is part of what makes the national-security concerns represented by TikTok so significant...."

Critics of the bill include libertarian-leaning lawmakers, such as Sen. Rand Paul (R., Ky.), who have decried it as a form of government censorship. "The Constitution says that you have a First Amendment right to express yourself," Paul told reporters Thursday. TikTok's users "express themselves through dancing or whatever else they do on TikTok. You can't just tell them they can't do that." In the House, a bloc of 50 Democrats voted against the bill, citing concerns about curtailing free speech and the impact on people who earn income on the app. Some Senate Democrats have raised similar worries, as well as an interest in looking at a range of social-media issues at rival companies such as Meta Platforms.

"The basic idea should be to put curbs on all social media, not just one," Sen. Elizabeth Warren (D., Mass.) said Thursday. "If there's a problem with privacy, with how our children are treated, then we need to curb that behavior wherever it occurs."
Some context from the Columbia Journalism Review: Roughly one-third of Americans aged 18-29 regularly get their news from TikTok, the Pew Research Center found in a late 2023 survey. Nearly half of all TikTok users say they regularly get news from the app, a higher percentage than for any other social media platform aside from Twitter.

Almost 40 percent of young adults were using TikTok and Instagram for their primary Web search instead of the traditional search engines, a Google senior vice president said in mid-2022 — a number that's almost certainly grown since then. Overall, TikTok claims 150 million American users, almost half the US population; two-thirds of Americans aged 18-29 use the app.
Some U.S. politicians believe TikTok "radicalized" some of their supporters "with disinformation or biased reporting," according to the article.

Meanwhile in the Guardian, a Duke University law professor argues "this saga demands a broader conversation about safeguarding democracy in the digital age." The European Union's newly enacted AI act provides a blueprint for a more holistic approach, using an evidence- and risk-based system that could be used to classify platforms like TikTok as high-risk AI systems subject to more stringent regulatory oversight, with measures that demand transparency, accountability and defensive measures against misuse.
Open source advocate Evan Prodromou argues that the TikTok controversy raises a larger issue: If algorithmic curation is so powerful, "who's making the decisions on how they're used?" And he also proposes a solution.

"If there is concern about algorithms being manipulated by foreign governments, using Fediverse-enabled domestic software prevents the problem."

"Workers at an Amazon air hub in Kentucky celebrated a victory Thursday," reports the Washington Post, "after federal labor regulators found that Amazon violated labor law by trying to prevent workers there from unionizing." The employees have been demanding higher pay, more flexible schedules and safer working conditions since 2022. After a months-long investigation, the National Labor Relations Board issued a complaint against Amazon last week, alleging the e-commerce behemoth illegally attempted to curtail those efforts by interrogating workers, threatening to call the police on them and demoting workers involved in union organizing.

The complaint is a victory for union organizers at a crucial air cargo hub in Kentucky who have been alleging that Amazon has been unfairly interfering with their unionization efforts there for months.... Amazon workers at various sites around the country have been trying to unionize for years, with little to show for it. Many have accused Amazon of using illegal tactics to discourage workers from supporting unions — more than 240 such charges have been filed with the labor board, workers said... Amazon employee Marcio Rodriguez said he was threatened with termination for his union-organizing activity along with 10 co-workers. For two weeks, Rodriguez said, Amazon management would "show up to where I was working out on the ramp in front of my co-workers in a truck and take me to the HR office," where they would interrogate him...

Amazon workers in Kentucky are seeking to form Amazon Labor Union, an independent but associated branch of the group that won a historic victory at an Amazon warehouse on Staten Island in 2021. Lawyers for the union there are still battling Amazon, which has yet to come to the bargaining table and continues to argue that the NLRB unfairly sided with workers during that election. More recently, the company has argued in another New York case that the National Labor Relations Board itself is structured unconstitutionally, following legal arguments set forth by lawyers for SpaceX and Trader Joe's...

Amazon is scheduled to appear at a hearing before labor regulators regarding its alleged anti-union activities in Kentucky on April 22.

When it comes to TikTok, "The Chinese government is signaling that it won't allow a forced sale..." reported the Wall Street Journal Friday, "limiting options for the app's owners as buyers begin lining up to bid for its U.S. operations..."

"They have also sent signals to TikTok's owner, Beijing-based ByteDance, that company executives have interpreted as meaning the government would rather the app be banned in the U.S. than be sold, according to people familiar with the matter."

But that's not always how it plays out. McClatchy notes that in 2019 the Committee on Foreign Investment in the U.S. ordered Grindr's Chinese owners to relinquish control of Grindr. "A year later, the Chinese owners voluntarily complied and sold the company to San Vicente Acquisition, incorporated in Delaware, for around $608 million, according to Forbes."

And CNN reminds us that the world's most-populous country already banned TikTok more than three years ago: In June 2020, after a violent clash on the India-China border that left at least 20 Indian soldiers dead, the government in New Delhi suddenly banned TikTok and several other well-known Chinese apps. "It's important to remember that when India banned TikTok and multiple Chinese apps, the US was the first to praise the decision," said Nikhil Pahwa, the Delhi-based founder of tech website MediaNama. "[Former] US Secretary of State Mike Pompeo had welcomed the ban, saying it 'will boost India's sovereignty.'"

While India's abrupt decision shocked the country's 200 million TikTok users, in the four years since, many have found other suitable alternatives. "The ban on Tiktok led to the creation of a multibillion dollar opportunity ... A 200 million user base needed somewhere to go," said Pahwa, adding that it was ultimately American tech companies that seized the moment with their new offerings... Within a week of the ban, Meta-owned Instagram cashed in by launching its TikTok copycat, Instagram Reels, in India. Google introduced its own short video offering, YouTube Shorts. Homegrown alternatives such as MX Taka Tak and Moj also began seeing a rise in popularity and an infux in funding. Those local startups soon fizzled out, however, unable to match the reach and financial firepower of the American firms, which are flourishing.
In fact, at the time India "announced a ban on more than 50 Chinese apps," remembers the Washington Post, adding that Nepal also announced a ban on TikTok late last year.

Their article points out that TikTok has also been banned by top EU policymaking bodies, while "Government staff in some of the bloc's 27 member states, including Belgium, Denmark and the Netherlands, have also been told not to use TikTok on their work phones." Canada banned TikTok from all government-issued phones in February 2023, after similar steps in the United States and the European Union.... Britain announced a TikTok ban on government ministers' and civil servants' devices last year, with officials citing the security of state information. Australia banned TikTok from all federal government-owned devices last year after seeking advice from intelligence and security agencies.
A new EFF web page warns that America's new proposed ban on TikTok could also apply to apps like WeChat...

An anonymous reader quotes a report from the New York Times: When Romeo Chicco tried to get auto insurance in December, seven different companies rejected him. When he eventually obtained insurance, it was nearly double the rate he was previously paying. According to a federal complaint filed this week seeking class-action status, it was because his 2021 Cadillac XT6 had been spying on him. Modern cars have been called "smartphones with wheels," because they are connected to the internet and packed with sensors and cameras. According to the complaint, an agent at Liberty Mutual told Mr. Chicco that he had been rejected because of information in his "LexisNexis report." LexisNexis Risk Solutions, a data broker, has traditionally kept tabs for insurers on drivers' moving violations, prior insurance coverage and accidents.

When Mr. Chicco requested his LexisNexis file, it contained details about 258 trips he had taken in his Cadillac over the past six months. His file included the distance he had driven, when the trips started and ended, and an accounting of any speeding and hard braking or accelerating. The data had been provided by General Motors -- the manufacturer of his Cadillac. In a complaint against General Motors and LexisNexis Risk Solutions filed in the U.S. District Court for the Southern District of Florida, Mr. Chicco accused the companies of violation of privacy and consumer protection laws. The lawsuit follows a report by The New York Times that, unknown to consumers, automakers have been sharing information on their driving behavior with the insurance industry, resulting in increased insurance rates for some drivers.

An anonymous reader quotes a report from TechCrunch: India is walking back on a recent AI advisory after receiving criticism from many local and global entrepreneurs and investors. The Ministry of Electronics and IT shared an updated AI advisory with industry stakeholders on Friday that no longer asked them to take the government approval before launching or deploying an AI model to users in the South Asian market. Under the revised guidelines, firms are instead advised to label under-tested and unreliable AI models to inform users of their potential fallibility or unreliability.

The March 1 advisory also marked a reversal from India's previous hands-off approach to AI regulation. Less than a year ago, the ministry had declined to regulate AI growth, identifying the sector as vital to India's strategic interests. The new advisory, like the original earlier this month, hasn't been published online, but TechCrunch has reviewed a copy of it. The ministry said earlier this month that though the advisory wasn't legally binding, it signals that it's the "future of regulation" and that the government required compliance.

The advisory emphasizes that AI models should not be used to share unlawful content under Indian law and should not permit bias, discrimination, or threats to the integrity of the electoral process. Intermediaries are also advised to use "consent popups" or similar mechanisms to explicitly inform users about the unreliability of AI-generated output. The ministry has retained its emphasis on ensuring that deepfakes and misinformation are easily identifiable, advising intermediaries to label or embed content with unique metadata or identifiers. It no longer requires firms to devise a technique to identify the "originator" of any particular message.

Sam Bankman-Fried should spend between 40 and 50 years in prison after being convicted for stealing $8 billion from customers of his now-bankrupt FTX cryptocurrency exchange, prosecutors said on Friday. From a report: "His life in recent years has been one of unmatched greed and hubris; of ambition and rationalization; and courting risk and gambling repeatedly with other people's money," federal prosecutors in Manhattan wrote. "And even now Bankman-Fried refuses to admit what he did was wrong." A jury found Bankman-Fried, 32, guilty in November on seven counts of fraud and conspiracy.

Lawyers for the former billionaire told U.S. District Judge Lewis Kaplan that a 5-1/4 to 6-1/2 year prison term would be appropriate. They said FTX clients would get most of their money back, and that Bankman-Fried did not set out to steal. Kaplan is scheduled to sentence Bankman-Fried on March 28 in Manhattan federal court. Bankman-Fried plans to appeal his conviction and sentence.

Apple reached a $490 million settlement of a class-action lawsuit brought by a group of investors who accused Chief Executive Officer Tim Cook of misleading them in 2018 about the company's sales prospects. From a report: Cook made false statements about the company's business in China that caused Apple stock to trade at artificially inflated prices, the investors said in their complaint, which alleged violation of securities laws. Lawyers disclosed the proposed settlement in a request for judicial approval filed Friday in federal court in Oakland, California. The settlement comes as Apple continues to face headwinds in China, where iPhone sales fell by a surprising 24% over the first six weeks of this year, according to independent research released earlier this month. Attorneys for the investors described the settlement as the third-largest securities class-action recovery in the district's history.

The Supreme Court clarified when public officials can block critical constituents from their personal profiles without violating their constitutional protections in a unanimous decision Friday. From a report: After hearing appeals of two conflicting rulings -- one filed against school board members in Southern California and another filed against the city manager of Port Huron, Mich. -- the justices provided no definitive resolution to the disputes and instead sent both cases back to lower courts to apply the new legal test. In a unanimous decision authored by Justice Amy Coney Barrett, the court said state officials cannot block constituents on their personal pages when they have "actual authority to speak on behalf of the State on a particular matter" and "purported to exercise that authority in the relevant posts."

"For social-media activity to constitute state action, an official must not only have state authority -- he must also purport to use it," Barrett wrote. The case marked the latest battle over public officials' social media presence when they mesh their official and personal roles. The 6th U.S. Circuit Court of Appeals, which heard the Michigan case, sided with the city manager, James Freed, who deleted comments on his Facebook page left by a resident and blocked several of the resident's profiles. The resident, Kevin Lindke, had criticized Freed over his handling of the COVID-19 pandemic, court filings indicate.

An anonymous reader quotes a report from Reuters: Two years into office, President Donald Trump authorized the Central Intelligence Agency to launch a clandestine campaign on Chinese social media aimed at turning public opinion in China against its government, according to former U.S. officials with direct knowledge of the highly classified operation. Three former officials told Reuters that the CIA created a small team of operatives who used bogus internet identities to spread negative narratives about Xi Jinping's government while leaking disparaging intelligence to overseas news outlets. The effort, which began in 2019, has not been previously reported.

The CIA team promoted allegations that members of the ruling Communist Party were hiding ill-gotten money overseas and slammed as corrupt and wasteful China's Belt and Road Initiative, which provides financing for infrastructure projects in the developing world, the sources told Reuters. Although the U.S. officials declined to provide specific details of these operations, they said the disparaging narratives were based in fact despite being secretly released by intelligence operatives under false cover. The efforts within China were intended to foment paranoia among top leaders there, forcing its government to expend resources chasing intrusions into Beijing's tightly controlled internet, two former officials said. "We wanted them chasing ghosts," one of these former officials said. [...]

The CIA operation came in response to years of aggressive covert efforts by China aimed at increasing its global influence, the sources said. During his presidency, Trump pushed a tougher response to China than had his predecessors. The CIA's campaign signaled a return to methods that marked Washington's struggle with the former Soviet Union. "The Cold War is back," said Tim Weiner, author of a book on the history of political warfare. Reuters was unable to determine the impact of the secret operations or whether the administration of President Joe Biden has maintained the CIA program.

The Federal Trade Commission and the Department of Justice have urged the US Copyright Office to broaden exemptions to the Digital Millennium Copyright Act's Section 1201. Specifically, the two agencies are advocating for the extension of the right to repair to include "commercial and industrial equipment," which includes McDonald's ice cream machines that are notorious for breaking down. The Verge reports: Exemptions to DMCA Section 1201 are issued every three years, as per the Register of Copyrights' recommendation. Prior exemptions have been issued for jailbreaking cellphones and repairing certain parts of video game consoles. The FTC and DOJ are asking the Copyright Office to go a step further, extending the right to repair to "commercial and industrial equipment." The comment (PDF) singles out four distinct categories that would benefit from DMCA exemptions: commercial soft serve machines; proprietary diagnostic kits; programmable logic controllers; and enterprise IT. 'In the Agencies' view, renewing and expanding repair-related exemptions would promote competition in markets for replacement parts, repair, and maintenance services, as well as facilitate competition in markets for repairable products," the comment reads.

The inability to do third-party repairs on these products not only limits competition, the agencies say, but also makes repairs more costly and can lead to hundreds or thousands of dollars in lost sales. Certain logic controllers have to be discarded and replaced if they break or if the passwords for them get lost. The average estimated cost of "unplanned manufacturing downtime" was $260,000 per hour, the comment notes, citing research from Public Knowledge and iFixit. As for soft serve machines, breakdowns can lead to $625 in lost sales each day. Business owners can't legally fix them on their own or hire an independent technician to do so, meaning they have to wait around for an authorized technician -- which, the comment says, usually takes around 90 days.

New emails from before the launch of the Epic Games Store in 2018 show just how angry Epic CEO Tim Sweeney was with the "assholes" at companies like Valve and Apple for squeezing "the little guy" with what he saw as inflated fees. "The emails, which came out this week as part of Wolfire's price-fixing case against Valve (as noticed by the GameDiscoverCo newsletter), confront Valve managers directly for platform fees Sweeney says are 'no longer justifiable,'" writes Ars Technica's Kyle Orland. "They also offer a behind-the-scenes look at the fury Sweeney and Epic would unleash against Apple in court proceedings starting years later. From the report: The first mostly unredacted email chain from the court documents, from August 2017 (PDF), starts with Valve co-founder Gabe Newell asking Sweeney if there is "anything we [are] doing to annoy you?" That query was likely prompted by Sweeney's public tweets at the time questioning "why Steam is still taking 30% of gross [when] MasterCard and Visa charge 2-5% per transaction, and CDN bandwidth is around $0.002/GB." Later in the same thread, he laments that "the internet was supposed to obsolete the rent-seeking software distribution middlemen, but here's Facebook, Google, Apple, Valve, etc." Expanding on these public thoughts in a private response to Newell, Sweeney allows that there was "a good case" for Steam's 30 percent platform fee "in the early days." But he also argues that the fee is too high now that Steam's sheer scale has driven down operating costs and made it harder for individual games to get as much marketing or user acquisition value from simply being available on the storefront.

Sweeney goes on to spitball some numbers showing how Valve's fees are contributing to the squeeze all but the biggest PC game developers were feeling on their revenues: "If you subtract out the top 25 games on Steam, I bet Valve made more profit from most of the next 1,000 than the developer themselves made. These guys are our engine customers and we talk to them all the time. Valve takes 30% for distribution; they have to spend 30% on Facebook/Google/Twitter [user acquisition] or traditional marketing, 10% on server, 5% on engine. So, the system takes 75% and that leaves 25% for actually creating the game, worse than the retail distribution economics of the 1990's." Based on experience with Fortnite and Paragon, Sweeney estimates that the true cost of distribution for PC games that sell for $25 or more in Western markets "is under 7% of gross." That's only slightly lower than the 12 percent take Epic would establish for its own Epic Games Store the next year.

The second email chain (PDF) revealed in the lawsuit started in November 2018, with Sweeney offering Valve a heads-up on the impending launch of the Epic Games Store that would come just weeks later. While that move was focused on PC and Mac games, Sweeney quickly pivots to a discussion of Apple's total control over iOS, the subject at the time of a lawsuit whose technicalities were being considered by the Supreme Court. Years before Epic would bring its own case against Apple, Sweeney was somewhat prescient, noting that "Apple also has the resources to litigate and delay any change [to its total App Store control] for years... What we need right now is enough developer, press, and platform momentum to steer Apple towards fully opening up iOS sooner rather than later." To that end, Sweeney attempted to convince Valve that lowering its own platform fees would hurt Apple's position and thereby contribute to the greater good: "A timely move by Valve to improve Steam economics for all developers would make a great difference in all of this, clearly demonstrating that store competition leads to better rates for all developers. Epic would gladly speak in support of such a move anytime!"

In a follow-up email on December 3, just days before the Epic Games Store launch, Sweeney took Valve to task more directly for its policy of offering lower platform fees for the largest developers on Steam. He offered some harsh words for Valve while once again begging the company to serve as a positive example in the developing case against Apple: "Right now, you assholes are telling the world that the strong and powerful get special terms, while 30% is for the little people. We're all in for a prolonged battle if Apple tries to keep their monopoly and 30% by cutting backroom deals with big publishers to keep them quiet. Why not give ALL developers a better deal? What better way is there to convince Apple quickly that their model is now totally untenable?" After being forwarded the message by Valve's Erik Johnson, Valve COO Scott Lynch simply offered up a sardonic "You mad bro?"

France Travail, the government agency responsible for assisting the unemployed, has fallen victim to a massive data breach exposing the personal information of up to 43 million French citizens dating back two decades, the department announced on Wednesday. The incident, which has been reported to the country's data protection watchdog (CNIL), is the latest in a series of high-profile cyber attacks targeting French government institutions and underscores the growing threat to citizens' private data. From a report: The department's statement reveals that names, dates of birth, social security numbers, France Travail identifiers, email addresses, postal addresses, and phone numbers were exposed. Passwords and banking details aren't affected, at least. That said, CNIL warned that the data stolen during this incident could be linked to stolen data in other breaches and used to build larger banks of information on any given individual. It's not clear whether the database's entire contents were stolen by attackers, but the announcement suggests that at least some of the data was extracted.

Roman Sterlingov, the founder of a $400 million crypto-mixing service called Bitcoin Fog, has been convicted of money laundering in a United State District Court on Tuesday. Other charges include money laundering conspiracy, operating an unlicensed money-transmitting business, and violations of the D.C. Money Transmitters Act. CoinTelegraph reports: Sterlingov, however, had argued throughout the trial that he was only a user of the service, and not its operator. His attorney, Tok Ekeland said in a March 12 X post that his team will appeal the verdict. According to evidence presented at the trial, Sterlingov operated Bitcoin Fog from October 2011 to April 2021, which acted as a money laundering service for "criminals seeking to hide their illicit proceeds from law enforcement."

The service moved over 1.2 million Bitcoin over the decade-long operation -- worth $400 million at the time of the transactions -- with the bulk of cryptocurrency coming from darknet marketplaces tied to narcotics, computer fraud abuse and identity theft, the government said. Bitcoin Fog also served distributors of child sexual abuse material. Evidence used to convict Sterlingov found that the "vast majority" of crypto deposited to his crypto exchange accounts came from "Bitcoin clusters" associated with Bitcoin Fog. "Evidence presented at trial clearly showed that the defendant laundered hundreds of millions of illicit funds from the dark web through Bitcoin Fog in an attempt to conceal the origin of those funds," said Internal Revenue Service (IRS) Criminal Investigation Chief Jim Lee.

Connor Jones reports via The Register: Stanford University says the cybersecurity incident it dealt with last year was indeed ransomware, which it failed to spot for more than four months. Keen readers of El Reg may remember the story breaking toward the end of October 2023 after Akira posted Stanford to its shame site, with the university subsequently issuing a statement simply explaining that it was investigating an incident, avoiding the dreaded R word. Well, surprise, surprise, ransomware was involved, according to a data breach notice sent out to the 27,000 people affected by the attack.

Akira targeted the university's Department of Public Safety (DPS) and this week's filing with the Office of the Maine Attorney General indicates that Stanford became aware of the incident on September 27, more than four months after the initial breach took place. According to Monday's filing, the data breach occurred on May 12 2023 but was only discovered on September 27 of last year, raising questions about whether the attacker(s) was inside the network the entire time and why it took so long to spot the intrusion.

It's not fully clear what information was compromised, but the draft letters include placeholders for three different variables. However, the filing with Maine's AG suggests names and social security numbers are among the data types to have been stolen. All affected individuals have been offered 24 months of free credit monitoring, including access to a $1 million insurance reimbursement policy and ID theft recovery services. Akira's post dedicated to Stanford on its leak site claims it stole 430 GB worth of data, including personal information and confidential documents. It's all available to download via a torrent file and the fact it remains available for download suggests the research university didn't pay whatever ransom the attackers demanded.