×
AI

US Must Move 'Decisively' To Avert 'Extinction-Level' Threat From AI, Gov't-Commissioned Report Says (time.com) 139

The U.S. government must move "quickly and decisively" to avert substantial national security risks stemming from artificial intelligence (AI) which could, in the worst case, cause an "extinction-level threat to the human species," says a report commissioned by the U.S. government published on Monday. Time: "Current frontier AI development poses urgent and growing risks to national security," the report, which TIME obtained ahead of its publication, says. "The rise of advanced AI and AGI [artificial general intelligence] has the potential to destabilize global security in ways reminiscent of the introduction of nuclear weapons." AGI is a hypothetical technology that could perform most tasks at or above the level of a human. Such systems do not currently exist, but the leading AI labs are working toward them and many expect AGI to arrive within the next five years or less.

The three authors of the report worked on it for more than a year, speaking with more than 200 government employees, experts, and workers at frontier AI companies -- like OpenAI, Google DeepMind, Anthropic and Meta -- as part of their research. Accounts from some of those conversations paint a disturbing picture, suggesting that many AI safety workers inside cutting-edge labs are concerned about perverse incentives driving decisionmaking by the executives who control their companies. The finished document, titled "An Action Plan to Increase the Safety and Security of Advanced AI," recommends a set of sweeping and unprecedented policy actions that, if enacted, would radically disrupt the AI industry. Congress should make it illegal, the report recommends, to train AI models using more than a certain level of computing power.

The threshold, the report recommends, should be set by a new federal AI agency, although the report suggests, as an example, that the agency could set it just above the levels of computing power used to train current cutting-edge models like OpenAI's GPT-4 and Google's Gemini. The new AI agency should require AI companies on the "frontier" of the industry to obtain government permission to train and deploy new models above a certain lower threshold, the report adds. Authorities should also "urgently" consider outlawing the publication of the "weights," or inner workings, of powerful AI models, for example under open-source licenses, with violations possibly punishable by jail time, the report says. And the government should further tighten controls on the manufacture and export of AI chips, and channel federal funding toward "alignment" research that seeks to make advanced AI safer, it recommends.

Privacy

Airbnb is Banning Indoor Security Cameras (theverge.com) 103

Airbnb will no longer allow hosts to use indoor security cameras, regardless of where they're placed or what they're used for. In an update on Monday, Airbnb says the change to "prioritize the privacy" of renters goes into effect on April 30th. From a report: The vacation rental app previously let hosts install security cameras in "common areas" of listings, including hallways, living rooms, and front doors. Airbnb required hosts to disclose the presence of security cameras in their listings and make them clearly visible, and it prohibited hosts from using cameras in bedrooms and bathrooms.

But now, hosts can't use indoor security cameras at all. The change comes after numerous reports of guests finding hidden cameras within their rental, leading some vacation-goers to scan their rooms for cameras. Airbnb's new policy also introduces new rules for outdoor security cameras, and will now require hosts to disclose their use and locations before guests book a listing. Hosts can't use outdoor cams to keep tabs on indoor spaces, either, nor can they use them in "certain outdoor areas where there's a great expectation of privacy," such as an outdoor shower or sauna.

Space

US Intelligence Officer Explains Roswell, UFO Sightings (cnn.com) 43

CNN's national security analyst interviewed a U.S. intelligence officer who worked on the newly-released Defense report debunking UFO sightings — physicist Sean Kirkpatrick. He tells CNN "about two to five percent" of UFO reports are "truly anomalous."

But CNN adds that "he thinks explanations for that small percentage will most likely be found right here on Earth..." This is how Kirkpatrick and his team explain the Roswell incident, which plays a prominent role in UFO lore. That's because, in 1947, a U.S. military news release stated that a flying saucer had crashed near Roswell Army Air Field in New Mexico. A day later, the Army retracted the story and said the crashed object was a weather balloon. Newspapers ran the initial saucer headline, followed up with the official debunking, and interest in the case largely died down. Until 1980, that is, when a pair of UFO researchers published a book alleging that alien bodies had been recovered from the Roswell wreckage and that the U.S. government had covered up the evidence.

Kirkpatrick says his office dug deep into the Roswell incident and found that in the late 1940s and early 1950s, there were a lot of things happening near the Roswell Airfield. There was a spy program called Project Mogul, which launched long strings of oddly shaped metallic balloons. They were designed to monitor Soviet nuclear tests and were highly secret. At the same time, the U.S. military was conducting tests with other high-altitude balloons that carried human test dummies rigged with sensors and zipped into body-sized bags for protection against the elements. And there was at least one military plane crash nearby with 11 fatalities.

Echoing earlier government investigations, Kirkpatrick and his team concluded that the crashed Mogul balloons, the recovery operations to retrieve downed test dummies and glimpses of the charred aftermath of that real plane crash likely combined into a single false narrative about a crashed alien spacecraft...

Since 2020, the Pentagon has standardized, de-stigmatized and increased the volume of reporting on UFOs by the U.S. military. Kirkpatrick says that's the reason the closely covered and widely-mocked Chinese spy balloon was spotted in the first place last year. The incident shows that the U.S. government's policy of taking UFOs seriously is actually working.

The pattern keeps repeating. "Kirkpatrick says, his investigation found that most UFO sightings are of advanced technology that the U.S. government needs to keep secret, of aircraft that rival nations are using to spy on the U.S. or of benign civilian drones and balloons." ("What's more likely?" asked Kirkpatrick. "The fact that there is a state-of-the-art technology that's being commercialized down in Florida that you didn't know about, or we have extraterrestrials?")

But the greatest irony may be that "stories about these secret programs spread inside the Pentagon, got embellished and received the occasional boost from service members who'd heard rumors about or caught glimpses of seemingly sci-fi technology or aircraft. And Kirkpatrick says his investigators ultimately traced this game of top-secret telephone back to fewer than a dozen people... [F]or decades, UFO true believers have been telling us there's a U.S. government conspiracy to hide evidence of aliens. But — if you believe Kirkpatrick — the more mundane truth is that these stories are being pumped up by a group of UFO true believers in and around government."
Canada

Canada's 'Online Harms' Bill Would Be an Assault On Free Speech, Civil Liberties Groups Say (torontosun.com) 200

A Toronto Sun columnist writes that two Canadian civil liberties groups are "sounding alarms" about the proposed new Online Harms Act (C-63): The Canadian Civil Liberties Association (CCLA) and the Canadian Constitution Foundation (CCF) say while the proposed legislation contains legitimate measures to protect children from online sexual abuse, cyber-bulling and self-harm, and to combat the spread of so-called "revenge porn," its provisions to prevent the expression of hate are draconian, vaguely worded and an attack on free speech... "[D]on't be fooled," said CCF executive director Joanna Baron. "Most of the bill is aimed at restricting freedom of expression. This heavy-handed bill needs to be severely pared down to comply with the constitution."

Both the CCLA and CCF warn the bill could lead to life imprisonment for someone convicted of "incitement to genocide" — a vague term only broadly defined in the bill — and up to five years in prison for other vaguely defined hate speech crimes. The legislation, for example, defines illegal hate speech as expressing "detestation or vilification of an individual or group of individuals," while legally protected speech, "expresses dislike or disdain, or ... discredits, humiliates, hurts or offends." The problem, critics warn, will be determining in advance which is which, with the inevitable result that people and organizations will self-censor themselves because of fear of being prosecuted criminally, or fined civilly, for what is actually legal speech.

"Both the CCLA and the CCF say the proposed legislation, known as Bill C-63, will require major amendments before becoming law to pass constitutional muster," according to the columnist.

Some specific complains:
  • The CCF argues that the Bill "would allow judges to put prior restraints on people who they believe on reasonable grounds may commit speech crimes in the future."
  • The CCLA adds that the proposed bill also grants authorities "sweeping new search powers of electronic data, with no warrant requirement," according to the Toronto Sun, and also warns about the creation of a government-appointed "digital safety commission" given "vast authority" and "sweeping powers" to "interpret the law, make up new rules, enforce them, and then serve as judge, jury, and executioner."

And in addition, the CCF points out under the proposed rules the Canadian Human Rights Commission "could order fines of up to $50,000, and awards of up to $20,000 paid to complainants, who in some cases would be anonymous."

"Findings would be based on a mere 'balance of probabilities' standard rather than the criminal standard of proof beyond a reasonable doubt... The mere threat of human rights complaints will chill large amounts of protected speech."

Thanks to long-time Slashdot reader sinij for sharing the article.


Government

California State Legislator Proposes Ending Daylight Saving Time (cbs8.com) 186

Legislation proposed in California "aims to repeal Daylight saving time and put California permanently on Standard time," reports a San Diego news station:

In November 2018, California voters passed Prop 7, a measure that would allow the state legislature to change Daylight saving time by either keeping it year-round or getting rid of it altogether. However, this measure also requires approval by the U.S. Congress if California were to opt for year-round Daylight Saving Time. So far, nothing has materialized.

"I am really, really passionate about this bill," said State Assembly Member Tri Ta, who added it is finally time to listen to the will of the voters. He has drafted new legislation that to do away with twice-yearly time changes. However, his bill would put the Golden State onto year-round Standard time: a move that would not require federal action. Oregon and Washington state are also considering similar moves [though Oregon's bill appears stalled]. "If my bill is passed, we do not need congressional approval," Ta told CBS 8, "so that's a win-win for everyone...."

Ta said that his bill has the support of the California Medical Association, as well as sleep experts who say Standard time syncs better with our natural clocks. "So why don't we go along with science?" Ta added. "That's what I believe." One things most people seem to agree on: it's time to stop changing our clocks, which research has shown leads to higher rates of accidents as well as increased health risks.

"While this new bill continues to work its way through Sacramento, Daylight saving time is still a go here in California," the article points out, "starting 2 a.m. Sunday, when we set our clocks forward one hour."

But USA Today adds that across the rest of the country, "Most Americans — 62% — are in favor of ending the time change, according to an Economist/YouGov poll from last year."
Government

New US Defense Department Report Found 'No Evidence' of Alien Technology (theguardian.com) 66

An anonymous reader shared this report from the Guardian: The U.S. is not secretly hiding alien technology or extraterrestrial beings from the public, according to a defense department report.

On Friday, the Pentagon 'published the findings of an investigation conducted by the All-Domain Anomaly Resolution Office (AARO), a government office established in 2022 to detect and, as necessary, mitigate threats including "anomalous, unidentified space, airborne, submerged and transmedium objects"....

AARO investigators, which were "granted full access to all pertinent sensitive [U.S. government] programs", reviewed all official government investigatory efforts since 1945. Investigators also researched classified and unclassified archives, conducted approximately 30 interviews, and collaborated with intelligence community and defense department officials responsible for controlled and special access program oversight, the report revealed.

NPR writes that "Many of the sightings turned out to be drones, weather balloons, spy planes, satellites, rockets and planets, according to the report..." "AARO has found no evidence that any U.S. government investigation, academic-sponsored research, or official review panel has confirmed that any sighting of a UAP represented extraterrestrial technology," Pentagon Press Secretary Maj. Gen. Pat Ryder said in a statement Friday. All investigative efforts concluded that most sightings were ordinary objects and the result of misidentification, Ryder said... The office plans to publish a second volume of the report later this year that covers findings from interviews and research done between November 2023 and April 2024."
The report finds no evidence of any confirmed alien technology, the Guardian notes: It added that sensors and visual observations are imperfect, the vast majority of cases lack actionable data and such available data is limited or of poor quality. The report also said resources and staffing for such programs have largely been irregular and sporadic and that the vast majority of reports "almost certainly" are the result of misidentification. In addition, the report found "no empirical evidence for claims that the [U.S. government] and private companies have been reverse-engineering extraterrestrial technology"...

The report's public release comes as AARO's acting director, Timothy Phillips, told reporters on Wednesday that the US military is developing a UFO sensor and detection system called Gremlin. "If we have a national security site and there are objects being reported that [are] within restricted airspace or within a maritime range or within the proximity of one of our spaceships, we need to understand what that is ... and so that's why we're developing sensor capability that we can deploy in reaction to reports," Phillips said, CNN reports.

Government

PFAS 'Forever Chemicals' To Officially Be Removed from Food Packaging, FDA Says (livescience.com) 39

An anonymous Slashdot reader shared this article from Live Science: Manufacturers will no longer use harmful "forever chemicals" in food packaging products in the U.S., according to the U.S. Food and Drug Administration (FDA).

In a statement released February 28, the agency declared that grease-proofing materials that contain per- and polyfluoroalkyl substances (PFAS) will not be used in new food packaging sold in the U.S. These include PFAS used in fast-food wrappers, microwave popcorn bags, takeout boxes and pet food bags. The FDA's announcement marks the completion of a voluntary phase-out of the materials by U.S. food packaging manufacturers.

This action will eliminate the "major source of dietary exposure to PFAS," Jim Jones, deputy commissioner for human foods at the FDA, said in an associated statement. Companies told the FDA that it could take up to 18 months to completely exhaust the market supply of these products following their final date of sale. However, most of the affected manufacturers phased out the products faster than they initially predicted, the agency noted...

The FDA's new announcement marks a "huge win for the public," Graham Peaslee, a professor of physics at the University of Notre Dame who studies PFAS, told The Washington Post.

Security

US Cybersecurity Agency Forced to Take Two Systems Offline Last Month After Ivanti Compromise (therecord.media) 4

" A federal agency in charge of cybersecurity discovered it was hacked last month..." reports CNN.

Last month the U.S. Department of Homeland Security experienced a breach at its Cybersecurity and Infrastructure Security Agency, reports the Record, "through vulnerabilities in Ivanti products, officials said..."

"The impact was limited to two systems, which we immediately took offline," the spokesperson said. We continue to upgrade and modernize our systems, and there is no operational impact at this time."

"This is a reminder that any organization can be affected by a cyber vulnerability and having an incident response plan in place is a necessary component of resilience." CISA declined to answer a range of questions about who was behind the incident, whether data had been accessed or stolen and what systems were taken offline.

Ivanti makes software that organizations use to manage IT, including security and system access. A source with knowledge of the situation told Recorded Future News that the two systems compromised were the Infrastructure Protection (IP) Gateway, which houses critical information about the interdependency of U.S. infrastructure, and the Chemical Security Assessment Tool (CSAT), which houses private sector chemical security plans. CISA declined to confirm or deny whether these are the systems that were taken offline. CSAT houses some of the country's most sensitive industrial information, including the Top Screen tool for high-risk chemical facilities, Site Security Plans and the Security Vulnerability Assessments.

CISA said organizations should review an advisory the agency released on February 29 warning that threat actors are exploiting previously identified vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure gateways including CVE-2023-46805, CVE-2024-21887 and CVE-2024-21893.

"Last week, several of the world's leading cybersecurity agencies revealed that hackers had discovered a way around a tool Ivanti released to help organizations check if they had been compromised," the article points out.

The statement last week from CISA said the agency "has conducted independent research in a lab environment validating that the Ivanti Integrity Checker Tool is not sufficient to detect compromise and that a cyber threat actor may be able to gain root-level persistence despite issuing factory resets."

UPDATE: The two systems run on older technology that was already set to be replaced, sources told CNN..." While there is some irony in it, even cybersecurity agencies or officials can be victims of hacking. After all, they rely on the same technology that others do. The US' top cybersecurity diplomat Nate Fick said last year that his personal account on social media platform X was hacked, calling it part of the "perils of the job."
United States

How $138B in US Student Loans Were Cancelled - Roughly One-Third of Planned Amount (cnn.com) 162

Roughly $138 billion in U.S. student loan debt has now been cancelled, reports CNN. "That's about one-third of the $430 billion that would've been canceled under the president's one-time forgiveness plan, which was struck down by the Supreme Court last year."

It's 9% of all outstanding federal student loan debt, according to the article, "wiping out debts for about 3.9 million borrowers — by using a number of existing programs that aim to offer debt relief for certain groups of struggling borrowers..." What President Biden has been doing — before and after the Supreme Court ruling — is using existing student loan forgiveness programs to deliver relief to certain groups of borrowers, like public-sector workers (through the Public Service Loan Forgiveness program) and borrowers who were defrauded by their college (through the borrower defense to repayment program). His administration also made discharges for borrowers who are totally and permanently disabled. None of these programs expire, meaning they will help qualifying borrowers now and in the future. In some cases, Biden's administration has expanded the reach of these programs, making more borrowers eligible.

And in other cases, it has made an effort to correct past administrative errors made to borrowers' student loan accounts by conducting a one-time recount of borrowers' past payments. This effort helps make sure people receive the loan forgiveness they may already qualify for by having made at least 20 years of payments in an income-driven plan, which calculates monthly payment amounts based on a borrower's income and family size, rather than the amount owed. The recount is expected to be completed by July...

Last year, the administration created a new income-driven repayment plan. Known as SAVE, the new plan offers the most generous terms for low-income borrowers. Those who originally borrowed $12,000 or less will see their remaining debt canceled after making payments for at least 10 years... [The administration] is working on implementing another path toward a broad student loan forgiveness program, this time relying on a different legal authority in hopes that this attempt holds up in court. This proposal is currently making its way through a lengthy rulemaking process and has yet to be finalized.

Puzzle Games (Games)

NYTimes Files Copyright Takedown Against Hundreds of Wordle Clones (404media.co) 39

As reported by 404 Media, the New York Times has issued hundreds of copyright takedown requests against Wordle clones "in which it asserts not just ownership over the Wordle name but over the broad concepts and mechanics of the word game, which includes its '5x6 grid' and 'green tiles to indicate correct guesses.'" From the report: The Times filed at least three DMCA takedown requests with coders who have made clones of Wordle on GitHub. These include two in January and, crucially, a new DMCA filed this week against Chase Wackerfuss, the coder of a repository called âoeReactle,â which cloned Wordle in React JS (JavaScript). The most recent takedown request is critical because it not only goes after Reactle but anyone who has forked Reactle to create a different spinoff game; an archive of the Reactle code repository shows that it was forked 1,900 times to create a diverse set of games and spinoffs. These include Wordle clones in dozens of languages, crossword versions of Wordle, emoji and bird versions of world, poker and AI spinoffs, etc.

"I write to submit a revised DMCA Notice regarding an infringing repository (and hundreds of forked repositories) hosted by Github that instruct users how to infringe The New York Times Co.'s ('The Times') copyright in its immensely popular Wordle game and create knock-off copies of the same. Unfortunately, hundreds of individuals have followed these instructions and published infringing Wordle knock-off games that The Times has spent the past month removing, including off of Github's websites," the DMCA takedown request against Reactle reads. "The Times's Wordle copyright includes the unique elements of its immensely popular game, such as the 5x6 grid, green tiles to indicate correct guesses, yellow tiles to indicate the correct letter but the wrong place within the word, and the keyboard directly beneath the grid. This gameplay is copied exactly in the repository, and the owner instructs others how to knock off the game and create an identical word game," it adds.

The DMCA request then says that GitHub must delete forks of the repository, which it writes were "infringing to the same extent as the parent repository" and which it says were made in what was "clearly bad faith." [...] The DMCA takedown requests are particularly notable because they come at a time when the New York Times is financially thriving, while many of its competitors are losing money, laying people off, and shutting down. The Times is thriving in part because Wordle, the crossword puzzle, and its recipe apps are juggernauts. The company has been aggressively expanding its "Games" business with Wordle, Connections, and a brand new word search game called Strands.
The New York Times issued a statement in response: "The Times has no issue with individuals creating similar word games that do not infringe The Times's 'Wordle' trademarks or copyrighted gameplay. The Times took action against a GitHub user and others who shared his code to defend its intellectual property rights in Wordle. The user created a 'Wordle clone' project that instructed others how to create a knock-off version of The Times's Wordle game featuring many of the same copyrighted elements. As a result, hundreds of websites began popping up with knock-off 'Wordle' games that used The Times's 'Wordle' trademark and copyrighted gameplay without authorization or permission."
The Courts

Should an Emoji Count As Confirmation of a Contract? (www.cbc.ca) 89

innocent_white_lamb shares a report from CBC News: In June, a Court of King's Bench judge ordered Swift Current farmer Chris Achter to pay more than $82,000 to a grain buyer with South West Terminal (SWT). The ruling stems from a text message when the buyer, Kent Mickleborough, asked Achter to confirm a flax contract that requested more than 85 tons of flax to be delivered in the fall at about $670 per ton. Achter responded with a thumbs-up emoji. The case hinges on whether the emoji confirmed the contract, or only confirmed receipt of it -- and whether an emoji can ever be used as a signature.

In his June decision ruling in SWT's favor, Justice Timothy Keene wrote, "This court readily acknowledges that a [thumbs-up] emoji is a non-traditional means to 'sign' a document but nevertheless under these circumstances this was a valid way to convey the two purposes of a 'signature.'" Achter is now appealing that ruling.

"Our position is that the emoji cannot be a signature, basically because it does not convey the intention to be bound by an agreement the same as a normal signature would," said Jean-Pierre Jordaan, counsel for the defendant, in court on Tuesday. The counsel for SWT disputed that. "Can a text message chain, with a clear offer and -- in our submissions -- a clear acceptance by thumbs up emoji, constitute a note or memorandum signed by the party to be charged, pursuant to section six of the Sale of Goods Act?" counsel posed. "Our answer to that question is yes; there is no magic in a signature." The three appeal judges reserved their decision for an undetermined date.

Crime

US Lost Record $12.5 Billion To Online Crime In 2023, Says FBI (bleepingcomputer.com) 33

An anonymous reader quotes a report from BleepingComputer: FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report (PDF), which recorded a 22% increase in reported losses compared to 2022, amounting to a record of $12.5 billion. The number of relevant complaints submitted to the FBI in 2023 reached 880,000, 10% higher than the previous year, with the age group topping the report being people over 60, which shows how vulnerable older adults are to cybercrime. Both figures continue a worrying trend seen by the agency since 2019, where complaints and losses rise yearly. For 2023, the types of crimes that increased were tech support scams and extortion, whereas phishing, personal data breach, and non-payment/non-delivery scams slightly waned.
Government

Bipartisan Bill Could Force ByteDance To Divest TikTok (bbc.com) 49

An anonymous reader quotes a report from the BBC: A group of US lawmakers has introduced a bill that would require Chinese tech giant ByteDance to sell off the popular video-sharing TikTok app within six months or face a ban. For years American officials have raised concerns that data from the app could fall into the hands of the Chinese government. A bipartisan set of 19 lawmakers introduced the legislation on Tuesday. TikTok called the bill a disguised "outright ban."

In a statement announcing the bill, the lawmakers said "applications like TikTok that are controlled by foreign adversaries pose an unacceptable risk to US national security." The bill would give ByteDance 165 days to divest, or it would be blocked from the app store and web hosting platforms in the US. TikTok has previously argued against divestment, saying a change in ownership would not impose new restrictions on data use. [...] The House Energy and Commerce Committee said it would consider the latest bill on Thursday.
"This legislation will trample the First Amendment rights of 170 million Americans and deprive 5 million small businesses of a platform they rely on to grow and create jobs," TikTok said in a statement to the BBC.

Former President Donald Trump attempted to completely ban TikTok in 2020, but that was unsuccessful. More recently, a group of senators introduced legislation to block TikTok last year, but it was stalled due to lobbying from the company.
Crime

Former Google Engineer Indicted For Stealing AI Secrets To Aid Chinese Companies 28

Linwei Ding, a former Google software engineer, has been indicted for stealing trade secrets related to AI to benefit two Chinese companies. He faces up to 10 years in prison and a $250,000 fine on each criminal count. Reuters reports: Ding's indictment was unveiled a little over a year after the Biden administration created an interagency Disruptive Technology Strike Force to help stop advanced technology being acquired by countries such as China and Russia, or potentially threaten national security. "The Justice Department just will not tolerate the theft of our trade secrets and intelligence," U.S. Attorney General Merrick Garland said at a conference in San Francisco.

According to the indictment, Ding stole detailed information about the hardware infrastructure and software platform that lets Google's supercomputing data centers train large AI models through machine learning. The stolen information included details about chips and systems, and software that helps power a supercomputer "capable of executing at the cutting edge of machine learning and AI technology," the indictment said. Google designed some of the allegedly stolen chip blueprints to gain an edge over cloud computing rivals Amazon.com and Microsoft, which design their own, and reduce its reliance on chips from Nvidia.

Hired by Google in 2019, Ding allegedly began his thefts three years later, while he was being courted to become chief technology officer for an early-stage Chinese tech company, and by May 2023 had uploaded more than 500 confidential files. The indictment said Ding founded his own technology company that month, and circulated a document to a chat group that said "We have experience with Google's ten-thousand-card computational power platform; we just need to replicate and upgrade it." Google became suspicious of Ding in December 2023 and took away his laptop on Jan. 4, 2024, the day before Ding planned to resign.
A Google spokesperson said: "We have strict safeguards to prevent the theft of our confidential commercial information and trade secrets. After an investigation, we found that this employee stole numerous documents, and we quickly referred the case to law enforcement."
Crime

Man Charged With Smuggling Greenhouse Gases Into US (cnn.com) 94

In a first-of-its-kind prosecution, a California man was arrested and charged Monday with allegedly smuggling potent, greenhouse gases from Mexico. From a report: Michael Hart, a 58-year-old man from San Diego, pleaded not guilty to smuggling hydrofluorocarbons, or HFCs -- commonly used in air conditioning and refrigeration -- and selling them for profit, in a federal court hearing Monday. According to the indictment, Hart allegedly purchased the HFCs in Mexico and smuggled them into the US in the back of his truck, concealed under a tarp and tools. He is then alleged to have sold them for a profit on sites including Facebook Marketplace and OfferUp. [...] Hart has pleaded not guilty to 13 charges including conspiracy, importation contrary to law and sale of merchandise imported contrary to law. The charges carry potential prison sentences ranging from five to 20 years.

HFCs, which are also used in building insulation, fire extinguishing systems and aerosols, are banned from import into the US without permission from the Environmental Protection Agency. These greenhouse gases are short-lived in the atmosphere," but powerful -- some are thousands of times more potent than carbon dioxide in the near-term. "The illegal smuggling of hydrofluorocarbons, a highly potent greenhouse gas, undermines international efforts to combat climate change," said David M. Uhlmann, the assistant administrator for the EPA's Office of Enforcement and Compliance Assurance. "Anyone who seeks to profit from illegal actions that worsen climate change must be held accountable," he added.
"Today is a significant milestone for our country," said US Attorney Tara McGrath in a statement. "This is the first time the Department of Justice is prosecuting someone for illegally importing greenhouse gases, and it will not be the last."
Encryption

Signal's New Usernames Help Keep Cops Out of Your Data (theintercept.com) 39

Longtime Slashdot reader SonicSpike shares a report from The Intercept: With the new version of Signal, you will no longer broadcast your phone number to everyone you send messages to by default, though you can choose to if you want. Your phone number will still be displayed to contacts who already have it stored in their phones. Going forward, however, when you start a new conversation on Signal, your number won't be shared at all: Contacts will just see the name you use when you set up your Signal profile. So even if your contact is using a custom Signal client, for example, they still won't be able to discover your phone number since the service will never tell it to them.

You also now have the option to set a username, which Signal lets you change whenever you want and delete when you don't want it anymore. Rather than directly storing your username as part of your account details, Signal stores a cryptographic hash of your username instead; Signal uses the Ristretto 25519 hashing algorithm, essentially storing a random block of data instead of usernames themselves. This is like how online services can confirm a user's password is valid without storing a copy of the actual password itself. "As far as we're aware, we're the only messaging platform that now has support for usernames that doesn't know everyone's usernames by default," said Josh Lund, a senior technologist at Signal. The move is yet another piece of the Signal ethos to keep as little data on hand as it can, lest the authorities try to intrude on the company. Whittaker explained, "We don't want to be forced to enumerate a directory of usernames." [...]

If Signal receives a subpoena demanding that they hand over all account data related to a user with a specific username that is currently active at the time that Signal looks it up, they would be able to link it to an account. That means Signal would turn over that user's phone number, along with the account creation date and the last connection date. Whittaker stressed that this is "a pretty narrow pipeline that is guarded viciously by ACLU lawyers," just to obtain a phone number based on a username. Signal, though, can't confirm how long a given username has been in use, how many other accounts have used it in the past, or anything else about it. If the Signal user briefly used a username and then deleted it, Signal wouldn't even be able to confirm that it was ever in use to begin with, much less which accounts had used it before.

In short, if you're worried about Signal handing over your phone number to law enforcement based on your username, you should only set a username when you want someone to contact you, and then delete it afterward. And each time, always set a different username. Likewise, if you want someone to contact you securely, you can send them your Signal link, and, as soon as they make contact, you can reset the link. If Signal receives a subpoena based on a link that was already reset, it will be impossible for them to look up which account it was associated with. If the subpoena demands that Signal turn over account information based on a phone number, rather than a username, Signal could be forced to hand over the cryptographic hash of the account's username, if a username is set. It would be difficult, however, for law enforcement to learn the actual username itself based on its hash. If they already suspect a username, they could use the hash to confirm that it's real. Otherwise, they would have to guess the username using password cracking techniques like dictionary attacks or rainbow tables.

Government

Oregon OKs Right-To-Repair Bill That Bans the Blocking of Aftermarket Parts (arstechnica.com) 75

An anonymous reader quotes a report from Ars Technica: Oregon has joined the small but growing list of states that have passed right-to-repair legislation. Oregon's bill stands out for a provision that would prevent companies from requiring that official parts be unlocked with encrypted software checks before they will fully function. Bill SB 1596 passed Oregon's House by a 42 to 13 margin. Gov. Tina Kotek has five days to sign the bill into law. Consumer groups and right-to-repair advocates praised the bill as "the best bill yet," while the bill's chief sponsor, state Sen. Janeen Sollman (D), pointed to potential waste reductions and an improved second-hand market for closing a digital divide.

"Oregon improves on Right to Repair laws in California, Minnesota and New York by making sure that consumers have the choice of buying new parts, used parts, or third-party parts for the gadgets and gizmos," said Gay Gordon-Byrne, executive director of Repair.org, in a statement. Like bills passed in New York, California, and Minnesota, Oregon's bill requires companies to offer the same parts, tools, and documentation to individual and independent repair shops that are already offered to authorized repair technicians. Unlike other states' bills, however, Oregon's bill doesn't demand a set number of years after device manufacture for such repair implements to be produced. That suggests companies could effectively close their repair channels entirely rather than comply with the new requirements. California's bill mandated seven years of availability.

If signed, the law's requirements for parts, tools, and documentation would apply to devices sold after 2015, except for phones, which are covered after July 2021. The prohibition against parts pairing only covers devices sold in 2025 and later. Like other repair bills, a number of device categories are exempted, including video game consoles, HVAC and medical gear, solar systems, vehicles, and, very specifically, "Electric toothbrushes."

Microsoft

Microsoft Accuses the New York Times of Doom-Mongering in OpenAI Lawsuit (engadget.com) 55

Microsoft has filed a motion seeking to dismiss key parts of a lawsuit The New York Times filed against the company and Open AI, accusing them of copyright infringement. From a report: If you'll recall, The Times sued both companies for using its published articles to train their GPT large language models (LLMs) without permission and compensation. In its filing, the company has accused The Times of pushing "doomsday futurology" by claiming that AI technologies pose a threat to independent journalism. It follows OpenAI's court filing from late February that's also seeking to dismiss some important elements on the case.

Like OpenAI before it, Microsoft accused The Times of crafting "unrealistic prompts" in an effort to "coax the GPT-based tools" to spit out responses matching its content. It also compared the media organization's lawsuit to Hollywood studios' efforts to " stop a groundbreaking new technology:" The VCR. Instead of destroying Hollywood, Microsoft explained, the VCR helped the entertainment industry flourish by opening up revenue streams. LLMs are a breakthrough in artificial intelligence, it continued, and Microsoft collaborated with OpenAI to "help bring their extraordinary power to the public" because it "firmly believes in LLMs' capacity to improve the way people live and work."

Piracy

In Indonesia, Women Pirate More Music and Movies Than Men (torrentfreak.com) 36

Piracy was traditionally seen as something that predominantly young males were interested in. This is a largely outdated representation of reality, as girls and women began to catch up a long time ago. In some countries, including Indonesia, more women pirate music, movies, and TV-shows than their male counterparts. TorrentFreak reports: [N]ew findings published by researchers from Northumbria University Newcastle, which include gender, are worth highlighting. The survey data, looking at piracy trends in Thailand and Indonesia, was released by Marketing professor Dr. Xuemei Bian and Ms. Humaira Farid. The results were presented to WIPO's Advisory Committee on Enforcement recently and the associated presentation (PDF) was published online. Through an online survey and in-person interviews, the research aims to map consumer attitudes and behaviors in Indonesia and Thailand, particularly in connection with online copyright infringement.

One of the overall conclusions is that piracy remains a common activity in both Asian countries. Pirates are present in all age groups but and music, movies en TV-shows tend to be in highest demand and younger people. Those under 40, are more likely to pirate than their older counterparts. These findings are not out of the ordinary and the same trends are visible in other countries too. Interestingly, however, some notable differences between the two countries appear when gender is added to the mix. The tables below show that women are more likely to pirate than men in Indonesia. This is true for all content categories, except for software, where men are slightly in the lead. In Thailand, however, men are more likely to pirate across all categories. The researchers do not attempt to explain these differences. However, they show once again that 'dated' gender stereotypes don't always match with reality. And when they have little explanatory value, one can question whether gender is even relevant in a piracy context.

Looking at other differences between Thai and Indonesian consumers there are some other notable findings. For example, in Indonesia, 64% of the respondents say they're aware of the availability of pirated movies and TV-shows on YouTube, compared to 'just' 32% in Thailand. Indonesian consumers are also more familiar with music piracy sites and pirate much more frequently than Thai consumers, as the table below shows. Finally, the researchers also looked at various attitudes toward piracy. This shows that Thai pirates would be most likely to stop if legal services were more convenient, while Indonesian pirates see cheaper legal services as the largest discouraging factor.

Crime

San Francisco Police Make Arrest In Waymo Chinatown Arson Case (sfstandard.com) 8

According to the San Francisco police department, police have made the first arrest in relation to several recent vehicle arsons, including the crowd attack of a Waymo robotaxi last month in Chinatown. The San Francisco Standard reports: Police say officers arrested a man meeting the description of a person suspected of lighting several vehicles on fire. That man was arrested on Feb. 27 near Union Square. The department did not share the suspect's name because it said the case is open and remains under investigation. Nor did the department comment on which other vehicle fires the suspect may have been suspected of starting. Several Teslas were set alight in the weeks after the Waymo arson. The suspect was also found to have had methamphetamine on them.

Slashdot Top Deals