German company Savedroid has pulled a classic exit scam after raising $50 million in ICO and direct funding. The site is currently displaying a South Park meme with the caption "Aannnd it's gone." The founder, Dr. Yassin Hankir, has posted a tweet thanking investors and saying "Over and out." TechCrunch reports: A reverse image search found Hankir's photo on this page for Founder Institute, and he has pitched his product at multiple events, including this one in German. Savedroid was originally supposed to use AI to manage user investments and promised a crypto-backed credit card, a claim that CCN notes is popular with scam ICOs. It ran for a number of months and was clearly well-managed as the group was able to open an office and appear at multiple events.

"The Google App Engine is discontinuing a practice called domain fronting, which lets services use Google's network to get around state-level internet blocks," reports The Verge. While the move makes sense from a cybersecurity perspective as domain fronting is widely used by malware to evade network-based detection, it will likely frustrate app developers who use it to get around internet censorship. From the report: First spotted by Tor developers on April 13th, the change has been rolling out across Google services and threatens to disrupt services for a number of anti-censorship tools, including Signal, GreatFire.org and Psiphon's VPN services. Reached by The Verge, Google said the changes were the result of a long-planned network update. "Domain fronting has never been a supported feature at Google," a company representative said, "but until recently it worked because of a quirk of our software stack. We're constantly evolving our network, and as part of a planned software update, domain fronting no longer works. We don't have any plans to offer it as a feature."

Domain-fronting allowed developers to use Google as a proxy, forwarding traffic to their own servers through a Google.com domain. That was particularly important for evading state-level censorship, which might try to block all the traffic sent to a given service. As long as the service was using domain-fronting, all the in-country data requests would appear as if they were headed for Google.com, with encryption preventing censors from digging any deeper. We do not yet know exactly why and when Google is shutting down the practice, but will update this post once we learn more.

An anonymous reader quotes a report from TechCrunch: Facebook confirms to TechCrunch that it's investigating a security research report that shows Facebook user data can be grabbed by third-party JavaScript trackers embedded on websites using Login With Facebook. The exploit lets these trackers gather a user's data including name, email address, age range, gender, locale, and profile photo depending on what users originally provided to the website. It's unclear what these trackers do with the data, but many of their parent companies including Tealium, AudienceStream, Lytics, and ProPS sell publisher monetization services based on collected user data. The abusive scripts were found on 434 of the top 1 million websites including freelancer site Fiverr.com, camera seller B&H Photo And Video, and cloud database provider MongoDB. That's according to Steven Englehardt and his colleagues at Freedom To Tinker, which is hosted by Princeton's Center For Information Technology Policy.

A Florida man accused of flooding consumers with 97 million phone calls touting fake travel deals appeared Wednesday before lawmakers to explain how robocalls work and to say, "I am not the kingpin of robocalling that is alleged." From a report: Adrian Abramovich, of Miami, who is fighting a proposed $120 million fine, told senators that open-source software lets operators make thousands of phone calls with the click of a button, in combination with cloud-based computing and "the right long distance company." "Clearly regulation needs to address the carriers and providers and require the major carriers to detect robocalls activity," Abramovich said in testimony submitted in advance to the Senate Commerce Committee. He has asked the Federal Communications Commission to reduce the fine proposed last year, calling it disproportionate, in part because most calls went unanswered or resulted in a quick hang-up by consumers. The panel's chairman, Senator John Thune, a South Dakota Republican, called Abamovich and officials from the FCC and other agencies to discuss ways to stop abusive calls.

From a wide-ranging interview of Richard Stallman by New York Magazine: New York Magazine: Why do you think these companies feel justified in collecting that data?

Richard Stallman: Oh, well, I think you can trace it to the general plutocratic neoliberal ideology that has controlled the U.S. for more than two decades. A study established that since 1998 or so, the public opinion in general has no influence on political decisions. They're controlled by the desires of the rich and of special interests connected with whatever issue it is. So the companies that wanted to collect data about people could take advantage of this general misguided ideology to get away with whatever they might have wanted to do. Which happened to be collecting data about people. But I think they shouldn't be allowed to collect data about people.

We need a law. Fuck them -- there's no reason we should let them exist if the price is knowing everything about us. Let them disappear. They're not important -- our human rights are important. No company is so important that its existence justifies setting up a police state. And a police state is what we're heading toward. Most non-free software has malicious functionalities. And they include spying on people, restricting people -- that's called digital restrictions management, back doors, censorship.

Empirically, basically, if a program is not free software, it probably has one of these malicious functionalities. So imagine a driverless car, controlled of course by software, and it will probably be proprietary software, meaning not-free software, not controlled by the users but rather by the company that makes the car, or some other company. Well imagine if that has a back door, which enables somebody to send a command saying, "Ignore what the passenger said, and go there." Imagine what that would do. You can be quite sure that China will use that functionality to drive people toward the places they're going to be disappeared or punished. But can you be sure that the U.S. won't?

Zack Whittaker, reporting for ZDNet: A little-known data firm was able to build 48 million personal profiles, combining data from sites and social networks like Facebook, LinkedIn, Twitter, and Zillow, among others -- without the users' knowledge or consent. Localblox, a Bellevue, Wash.-based firm, says it "automatically crawls, discovers, extracts, indexes, maps and augments data in a variety of formats from the web and from exchange networks." Since its founding in 2010, the company has focused its collection on publicly accessible data sources, like social networks Facebook, Twitter, and LinkedIn, and real estate site Zillow to name a few, to produce profiles.

But earlier this year, the company left a massive store of profile data on a public but unlisted Amazon S3 storage bucket without a password, allowing anyone to download its contents. The bucket, labeled "lbdumps," contained a file that unpacked to a single file over 1.2 terabytes in size. The file listed 48 million individual records, scraped from public profiles, consolidated, then stitched together.

Iran banned government bodies on Wednesday from using the popular Telegram instant messaging app as Supreme Leader Ayatollah Ali Khamenei's office said his account would shut down to protect national security, Iranian media reported. From a report: ISNA news agency did not give a reason for the government ban on the service which lets people send encrypted messages and has an estimated 40 million users in the Islamic Republic. The order came days after Russia -- Iran's ally in the Syrian war -- started blocking the app in its territory following the company's repeated refusal to give Russian state security services access to users' secret messages. Iran's government banned "all state bodies from using the foreign messaging app," according to ISNA.

Huawei is reportedly going to give up on selling its products and services in the United States (Warning: source may be paywalled; alternative source) due to Washington's accusations that the company has ties to the Chinese government. The change in tactics comes a week after the company laid off five American employees, including its biggest American lobbyist. The New York Times reports: Huawei's tactics are changing as its business prospects in the United States have darkened considerably. On Tuesday, the Federal Communications Commission voted to proceed with a new rule that could effectively kill off what little business the company has in the United States. Although the proposed rule does not mention Huawei by name, it would block federally subsidized telecommunications carriers from using suppliers deemed to pose a risk to American national security. Huawei's latest moves suggest that it has accepted that its political battles in the United States are not ones it is likely to win. "Some things cannot change their course according to our wishes," Eric Xu, Huawei's deputy chairman, said at the company's annual meeting with analysts on Tuesday. "With some things, when you let them go, you actually feel more at ease."