Newsweek points out that a Chinese government post arguing the bill is "on the wrong side of fair competition" was flagged by users on X. "TikTok is banned in the People's Republic of China," the X community note read. (The BBC reports that "Instead, Chinese users use a similar app, Douyin, which is only available in China and subject to monitoring and censorship by the government.")

Newsweek adds that China "has also blocked access to YouTube, Facebook, Instagram, and Google services. X itself is also banned — though Chinese diplomats use the microblogging app to deliver Beijing's messaging to the wider world."

From the Wall Street Journal: Among the top concerns for [U.S.] intelligence leaders is that they wouldn't even necessarily be able to detect a Chinese influence operation if one were taking place [on TikTok] due to the opacity of the platform and how its algorithm surfaces content to users. Such operations, FBI director Christopher Wray said this week in congressional testimony, "are extraordinarily difficult to detect, which is part of what makes the national-security concerns represented by TikTok so significant...."

Critics of the bill include libertarian-leaning lawmakers, such as Sen. Rand Paul (R., Ky.), who have decried it as a form of government censorship. "The Constitution says that you have a First Amendment right to express yourself," Paul told reporters Thursday. TikTok's users "express themselves through dancing or whatever else they do on TikTok. You can't just tell them they can't do that." In the House, a bloc of 50 Democrats voted against the bill, citing concerns about curtailing free speech and the impact on people who earn income on the app. Some Senate Democrats have raised similar worries, as well as an interest in looking at a range of social-media issues at rival companies such as Meta Platforms.

"The basic idea should be to put curbs on all social media, not just one," Sen. Elizabeth Warren (D., Mass.) said Thursday. "If there's a problem with privacy, with how our children are treated, then we need to curb that behavior wherever it occurs."
Some context from the Columbia Journalism Review: Roughly one-third of Americans aged 18-29 regularly get their news from TikTok, the Pew Research Center found in a late 2023 survey. Nearly half of all TikTok users say they regularly get news from the app, a higher percentage than for any other social media platform aside from Twitter.

Almost 40 percent of young adults were using TikTok and Instagram for their primary Web search instead of the traditional search engines, a Google senior vice president said in mid-2022 — a number that's almost certainly grown since then. Overall, TikTok claims 150 million American users, almost half the US population; two-thirds of Americans aged 18-29 use the app.
Some U.S. politicians believe TikTok "radicalized" some of their supporters "with disinformation or biased reporting," according to the article.

Meanwhile in the Guardian, a Duke University law professor argues "this saga demands a broader conversation about safeguarding democracy in the digital age." The European Union's newly enacted AI act provides a blueprint for a more holistic approach, using an evidence- and risk-based system that could be used to classify platforms like TikTok as high-risk AI systems subject to more stringent regulatory oversight, with measures that demand transparency, accountability and defensive measures against misuse.
Open source advocate Evan Prodromou argues that the TikTok controversy raises a larger issue: If algorithmic curation is so powerful, "who's making the decisions on how they're used?" And he also proposes a solution.

"If there is concern about algorithms being manipulated by foreign governments, using Fediverse-enabled domestic software prevents the problem."

The Supreme Court clarified when public officials can block critical constituents from their personal profiles without violating their constitutional protections in a unanimous decision Friday. From a report: After hearing appeals of two conflicting rulings -- one filed against school board members in Southern California and another filed against the city manager of Port Huron, Mich. -- the justices provided no definitive resolution to the disputes and instead sent both cases back to lower courts to apply the new legal test. In a unanimous decision authored by Justice Amy Coney Barrett, the court said state officials cannot block constituents on their personal pages when they have "actual authority to speak on behalf of the State on a particular matter" and "purported to exercise that authority in the relevant posts."

"For social-media activity to constitute state action, an official must not only have state authority -- he must also purport to use it," Barrett wrote. The case marked the latest battle over public officials' social media presence when they mesh their official and personal roles. The 6th U.S. Circuit Court of Appeals, which heard the Michigan case, sided with the city manager, James Freed, who deleted comments on his Facebook page left by a resident and blocked several of the resident's profiles. The resident, Kevin Lindke, had criticized Freed over his handling of the COVID-19 pandemic, court filings indicate.

New emails from before the launch of the Epic Games Store in 2018 show just how angry Epic CEO Tim Sweeney was with the "assholes" at companies like Valve and Apple for squeezing "the little guy" with what he saw as inflated fees. "The emails, which came out this week as part of Wolfire's price-fixing case against Valve (as noticed by the GameDiscoverCo newsletter), confront Valve managers directly for platform fees Sweeney says are 'no longer justifiable,'" writes Ars Technica's Kyle Orland. "They also offer a behind-the-scenes look at the fury Sweeney and Epic would unleash against Apple in court proceedings starting years later. From the report: The first mostly unredacted email chain from the court documents, from August 2017 (PDF), starts with Valve co-founder Gabe Newell asking Sweeney if there is "anything we [are] doing to annoy you?" That query was likely prompted by Sweeney's public tweets at the time questioning "why Steam is still taking 30% of gross [when] MasterCard and Visa charge 2-5% per transaction, and CDN bandwidth is around $0.002/GB." Later in the same thread, he laments that "the internet was supposed to obsolete the rent-seeking software distribution middlemen, but here's Facebook, Google, Apple, Valve, etc." Expanding on these public thoughts in a private response to Newell, Sweeney allows that there was "a good case" for Steam's 30 percent platform fee "in the early days." But he also argues that the fee is too high now that Steam's sheer scale has driven down operating costs and made it harder for individual games to get as much marketing or user acquisition value from simply being available on the storefront.

Sweeney goes on to spitball some numbers showing how Valve's fees are contributing to the squeeze all but the biggest PC game developers were feeling on their revenues: "If you subtract out the top 25 games on Steam, I bet Valve made more profit from most of the next 1,000 than the developer themselves made. These guys are our engine customers and we talk to them all the time. Valve takes 30% for distribution; they have to spend 30% on Facebook/Google/Twitter [user acquisition] or traditional marketing, 10% on server, 5% on engine. So, the system takes 75% and that leaves 25% for actually creating the game, worse than the retail distribution economics of the 1990's." Based on experience with Fortnite and Paragon, Sweeney estimates that the true cost of distribution for PC games that sell for $25 or more in Western markets "is under 7% of gross." That's only slightly lower than the 12 percent take Epic would establish for its own Epic Games Store the next year.

The second email chain (PDF) revealed in the lawsuit started in November 2018, with Sweeney offering Valve a heads-up on the impending launch of the Epic Games Store that would come just weeks later. While that move was focused on PC and Mac games, Sweeney quickly pivots to a discussion of Apple's total control over iOS, the subject at the time of a lawsuit whose technicalities were being considered by the Supreme Court. Years before Epic would bring its own case against Apple, Sweeney was somewhat prescient, noting that "Apple also has the resources to litigate and delay any change [to its total App Store control] for years... What we need right now is enough developer, press, and platform momentum to steer Apple towards fully opening up iOS sooner rather than later." To that end, Sweeney attempted to convince Valve that lowering its own platform fees would hurt Apple's position and thereby contribute to the greater good: "A timely move by Valve to improve Steam economics for all developers would make a great difference in all of this, clearly demonstrating that store competition leads to better rates for all developers. Epic would gladly speak in support of such a move anytime!"

In a follow-up email on December 3, just days before the Epic Games Store launch, Sweeney took Valve to task more directly for its policy of offering lower platform fees for the largest developers on Steam. He offered some harsh words for Valve while once again begging the company to serve as a positive example in the developing case against Apple: "Right now, you assholes are telling the world that the strong and powerful get special terms, while 30% is for the little people. We're all in for a prolonged battle if Apple tries to keep their monopoly and 30% by cutting backroom deals with big publishers to keep them quiet. Why not give ALL developers a better deal? What better way is there to convince Apple quickly that their model is now totally untenable?" After being forwarded the message by Valve's Erik Johnson, Valve COO Scott Lynch simply offered up a sardonic "You mad bro?"

41 state attorneys general penned a letter to Meta's top attorney on Wednesday saying complaints are skyrocketing across the United States about Facebook and Instagram user accounts being stolen, and declaring "immediate action" necessary to mitigate the rolling threat. Wired: The coalition of top law enforcement officials, spearheaded by New York attorney general Letitia James, says the "dramatic and persistent spike" in complaints concerning account takeovers amounts to a "substantial drain" on governmental resources, as many stolen accounts are also tied to financial crimes -- some of which allegedly profits Meta directly.

"We have received a number of complaints of threat actors fraudulently charging thousands of dollars to stored credit cards," says the letter addressed to Meta's chief legal officer, Jennifer Newstead. "Furthermore, we have received reports of threat actors buying advertisements to run on Meta." "We refuse to operate as the customer service representatives of your company," the officials add. "Proper investment in response and mitigation is mandatory."

In a first-of-its-kind prosecution, a California man was arrested and charged Monday with allegedly smuggling potent, greenhouse gases from Mexico. From a report: Michael Hart, a 58-year-old man from San Diego, pleaded not guilty to smuggling hydrofluorocarbons, or HFCs -- commonly used in air conditioning and refrigeration -- and selling them for profit, in a federal court hearing Monday. According to the indictment, Hart allegedly purchased the HFCs in Mexico and smuggled them into the US in the back of his truck, concealed under a tarp and tools. He is then alleged to have sold them for a profit on sites including Facebook Marketplace and OfferUp. [...] Hart has pleaded not guilty to 13 charges including conspiracy, importation contrary to law and sale of merchandise imported contrary to law. The charges carry potential prison sentences ranging from five to 20 years.

HFCs, which are also used in building insulation, fire extinguishing systems and aerosols, are banned from import into the US without permission from the Environmental Protection Agency. These greenhouse gases are short-lived in the atmosphere," but powerful -- some are thousands of times more potent than carbon dioxide in the near-term. "The illegal smuggling of hydrofluorocarbons, a highly potent greenhouse gas, undermines international efforts to combat climate change," said David M. Uhlmann, the assistant administrator for the EPA's Office of Enforcement and Compliance Assurance. "Anyone who seeks to profit from illegal actions that worsen climate change must be held accountable," he added. "Today is a significant milestone for our country," said US Attorney Tara McGrath in a statement. "This is the first time the Department of Justice is prosecuting someone for illegally importing greenhouse gases, and it will not be the last."

Facebook, Instagram, and Threads are all experiencing issues. From a report: The three Meta-owned platforms aren't working for many users, with the widespread outage seeming to start around 10AM ET. Some users are experiencing issues logging in to their Meta Quest headsets, too. Facebook is logging users out of their accounts, leaving them unable to get back in. Meanwhile, over on Instagram, some users, including several of us at The Verge, can't refresh their feeds. YouTube is down, too.

Emma Roth reports via The Verge: If you still haven't migrated your Oculus account to a Meta one, you might want to do that soon. In an email sent to users, the company says it will delete Oculus accounts on March 29th, 2024, preventing you from reactivating or retrieving your apps, in-app purchases, store credits, and more. You'll lose your achievements, friends list, and any content created with your Oculus account if you don't migrate to a Meta account before then.

Oculus accounts have been on the way out since 2020, when the company then known as Facebook started requiring new users to sign up with Facebook accounts instead. However, it added the ability to create a Meta account in 2022, offering an alternative to users who didn't want to link their Facebook account to their Quest headset. Meta stopped letting users log in to their Oculus accounts in January 2023. If you've got a Quest gathering dust in a drawer somewhere, now's your last chance to migrate your Oculus account to a Meta one.

You can migrate your account by heading to this page and signing up for a Meta account with the same email you've used for Oculus. From there, you'll be able to access all of the same games, data, and other purchases saved to your Oculus account.

An anonymous reader quotes a report from TechCrunch: A technology company that routes millions of SMS text messages across the world has secured an exposed database that was spilling one-time security codes that may have granted users' access to their Facebook, Google and TikTok accounts. The Asian technology and internet company YX International manufactures cellular networking equipment and provides SMS text message routing services. SMS routing helps to get time-critical text messages to their proper destination across various regional cell networks and providers, such as a user receiving an SMS security code or link for logging in to online services. YX International claims to send 5 million SMS text messages daily. But the technology company left one of its internal databases exposed to the internet without a password, allowing anyone to access the sensitive data inside using only a web browser, just with knowledge of the database's public IP address.

Anurag Sen, a good-faith security researcher and expert in discovering sensitive but inadvertently exposed datasets leaking to the internet, found the database. Sen said it was not apparent who the database belonged to, nor who to report the leak to, so Sen shared details of the exposed database with TechCrunch to help identify its owner and report the security lapse. Sen told TechCrunch that the exposed database included the contents of text messages sent to users, including one-time passcodes and password reset links for some of the world's largest tech and online companies, including Facebook and WhatsApp, Google, TikTok, and others. The database had monthly logs dating back to July 2023 and was growing in size by the minute. In the exposed database, TechCrunch found sets of internal email addresses and corresponding passwords associated with YX International, and alerted the company to the spilling database. The database went offline a short time later.

According to the Washington Post (paywalled), the FBI is using mobile push notification data to unmask people suspected of serious crimes, such as pedophilia, terrorism, and murder. Gizmodo reports: The Post did a little digging into court records and found evidence of at least 130 search warrants filed by the feds for push notification data in cases spanning 14 states. In those cases, FBI officials asked tech companies like Google, Apple, and Facebook to fork over data related to a suspect's mobile notifications, then used the data to implicate the suspect in criminal behavior linked to a particular app, even though many of those apps were supposedly anonymous communication platforms, like Wickr.

How exactly is this possible? Push notifications, which are provided by a mobile operating system provider, include embedded metadata that can be examined to understand the use of the mobile apps on a particular phone. Apps come laced with a quiet identifier, a "push token," which is stored on the corporate servers of a company like Apple or another phone manufacturer after a user signs up to use a particular app. Those tokens can later be used to identify the person using the app, based on the information associated with the device on which the app was downloaded. Even turning off push notifications on your device doesn't necessarily disable this feature, experts contend. [...]

If finding new ways to catch pedophiles and terrorists doesn't seem like the worst thing in the world, the Post article highlights the voices of critics who fear that this kind of mobile data could be used to track people who have not committed serious crimes -- like political activists or women seeking abortions in states where the procedure has been restricted.

An anonymous reader quotes a report from Ars Technica: Today is Leap Day, meaning that for the first time in four years, it's February 29. That's normally a quirky, astronomical factoid (or a very special birthday for some). But that unique calendar date broke gas station payment systems across New Zealand for much of the day. As reported by numerous international outlets, self-serve pumps in New Zealand were unable to accept card payments due to a problem with the gas pumps' payment processing software. The New Zealand Herald reported that the outage lasted "more than 10 hours." This effectively shuttered some gas stations, while others had to rely on in-store payments. The outage affected suppliers, including Allied Petroleum, BP, Gull, Waitomo, and Z Energy, and has reportedly been fixed. In-house payment solutions, such as BP fuel cards and the Waitomo app, reportedly still worked during the outage. A representative for Petroleum, when prompted via Facebook to "maybe remember Leap Day in four years' time," responded: "We'll add it to our Outlook reminders :("

An anonymous reader shares a report (paywalled): As Google grapples with the backlash over the historically inaccurate responses on its Gemini chatbot, Meta Platforms is dealing with a related issue. As part of its work on the forthcoming version of its large language model, Llama 3, Meta is trying to overcome a problem perceived in Llama 2: Its answers to anything at all contentious aren't helpful. Safeguards added to Llama 2, which Meta released last July and which powers the artificial intelligence assistant in its apps, prevent the LLM from answering a broad range of questions deemed controversial. These guardrails have made Llama 2 appear too "safe" in the eyes of Meta's senior leadership, as well as among some researchers who worked on the model itself, according to people who work at Meta.

[...] Meta's conservative approach with Llama 2 was designed to ward off any public relations disasters, said the people who work at Meta. But researchers are now trying to loosen up Llama 3 so it engages more with users when they ask about difficult topics, offering context rather than just shutting down tricky questions, said two of the people who work at Meta. The new version of the model will in theory be able to better distinguish when a word has multiple meanings. For example, Llama 3 might understand that a question about how to kill a vehicle's engine means asking how to shut it off rather than end its life. Meta also plans to appoint someone internally in the coming weeks to oversee tone and safety training as part of its efforts to make the model's responses more nuanced, said one of the people. The company plans to release Llama 3 in July, though the timeline could still change, they added.

An anonymous reader quotes a report from Ars Technica: Meta will soon begin "collecting anonymized data" from users of its Quest headsets, a move that could see the company aggregating information about hand, body, and eye tracking; camera information; "information about your physical environment"; and information about "the virtual reality events you attend." In an email sent to Quest users Monday, Meta notes that it currently collects "the data required for your Meta Quest to work properly." Starting with the next software update, though, the company will begin collecting and aggregating "anonymized data about... device usage" from Quest users. That anonymized data will be used "for things like building better experiences and improving Meta Quest products for everyone," the company writes.

A linked help page on data sharing clarifies that Meta can collect anonymized versions of any of the usage data included in the "Supplemental Meta Platforms Technologies Privacy Policy," which was last updated in October. That document lists a host of personal information that Meta can collect from your headset, including:

- "Your audio data, when your microphone preferences are enabled, to animate your avatar's lip and face movement"
- "Certain data" about hand, body, and eye tracking, "such as tracking quality and the amount of time it takes to detect your hands and body"
- Fitness-related information such as the "number of calories you burned, how long you've been physically active, [and] your fitness goals and achievements"
- "Information about your physical environment and its dimensions" such as "the size of walls, surfaces, and objects in your room and the distances between them and your headset"
- "Voice interactions" used when making audio commands or dictations, including audio recordings and transcripts that might include "any background sound that happens when you use those services" (these recordings and transcriptions are deleted "immediately" in most cases, Meta writes)
- Information about "your activity in virtual reality," including "the virtual reality events you attend"

The anonymized collection data is used in part to "analyz[e] device performance and reliability" to "improve the hardware and software that powers your experiences with Meta VR Products." Meta's help page also lists a small subset of "additional data" that headset users can opt out of sharing with Meta. But there's no indication that Quest users can opt out of the new anonymized data collection policies entirely. These policies only seem to apply to users who make use of a Meta account to access their Quest headsets, and those users are also subject to Meta's wider data-collection policies. Those who use a legacy Oculus account are subject to a separate privacy policy that describes a similar but more limited set of data-collection practices.

An anonymous reader quotes a report from The Register: A law firm acting on behalf of the Nevada Attorney General Aaron Ford has asked a state court to issue a temporary restraining order (TRO) denying minors access to encrypted communication in Meta's Messenger application. The motion for a TRO follows AG's Ford announcement of civil lawsuits on January 30, 2024 against five social media companies, including Meta [PDF], alleging the companies deceptively marketed their services to young people through algorithms that were designed to promote addiction. Nevada was not a party to the two multi-district lawsuits filed against Meta last October by 42 State Attorney General over claims that the social media company knowingly ignored evidence that its Facebook and Instagram services contribute to the mental harm of children and teens. Meta, which lately has been investing in virtual reality and large language models, is also being sued by hundreds of school districts around the US.

The Nevada court filing to obtain a TRO follows from AG Ford's initial complaint. The legal claim cites a statement from the National Center for Missing and Exploited Children that argues Meta's provision of end-to-end encryption in Messenger "without exceptions for child sexual abuse material placed millions of children in grave danger." The initial complaint's presumably supporting claims, however, have been redacted in the publicly viewable copy of the document. The motion for a TRO, which also contains redactions, contends that Meta -- by encrypting Messenger -- has thwarted state officials from enforcing the Nevada Unfair and Deceptive Trade Practices Act. "With this Motion, the State seeks to enjoin Meta from using end-to-end encryption (also called 'E2EE') on Young Users' Messenger communications within the State of Nevada," the court filing says. "This conduct -- which renders it impossible for anyone other than a private message's sender and recipient to know what information the message contains -- serves as an essential tool of child predators and drastically impedes law enforcement efforts to protect children from heinous online crimes, including human trafficking, predation, and other forms of dangerous exploitation."

Meta enabled E2EE by default for all users of Messenger in December 2023. But according to the motion for a TRO, "Meta's end-to-end-encryption stymies efforts by Nevada law enforcement, causing needless delay and even risking the spoliation of critical pieces of necessary evidence in criminal prosecutions." The injunction, if granted, would require Meta to disable E2EE for all Messenger users under 18 in Nevada. Presumably that would also affect minors using Messenger who are visiting the Silver State.

The US Supreme Court is hearing oral arguments Monday in two cases that could dramatically reshape social media, weighing whether states such as Texas and Florida should have the power to control what posts platforms can remove from their services. From a report: The high-stakes battle gives the nation's highest court an enormous say in how millions of Americans get their news and information, as well as whether sites such as Facebook, Instagram, YouTube and TikTok should be able to make their own decisions about how to moderate spam, hate speech and election misinformation. At issue are laws passed by the two states that prohibit online platforms from removing or demoting user content that expresses viewpoints -- legislation both states say is necessary to prevent censorship of conservative users.

More than a dozen Republican attorneys general have argued to the court that social media should be treated like traditional utilities such as the landline telephone network. The tech industry, meanwhile, argues that social media companies have First Amendment rights to make editorial decisions about what to show. That makes them more akin to newspapers or cable companies, opponents of the states say. The case could lead to a significant rethinking of First Amendment principles, according to legal experts. A ruling in favor of the states could weaken or reverse decades of precedent against "compelled speech," which protects private individuals from government speech mandates, and have far-reaching consequences beyond social media. A defeat for social media companies seems unlikely, but it would instantly transform their business models, according to Blair Levin, an industry analyst at the market research firm New Street Research.

An anonymous reader shares a report: British comedian Michael McIntyre has a standard bit in his standup routines concerning the many (many!) slang terms posh British people use to describe being drunk. These include "wellied," "trousered," and "ratarsed," to name a few. McIntyre's bit rests on his assertion that pretty much any English word can be modified into a so-called "drunkonym," bolstered by a few handy examples: "I was utterly gazeboed," or "I am going to get totally and utterly carparked."

It's a clever riff that sparked the interest of two German linguists. Christina Sanchez-Stockhammer of Chemnitz University of Technology and Peter Uhrig of FAU Erlangen-Nuremberg decided to draw on their expertise to test McIntyre's claim that any word in the English language could be modified to mean "being in a state of high inebriation." Given their prevalence, "It is highly surprising that drunkonyms are still under-researched from a linguistic perspective," the authors wrote in their new paper published in the Yearbook of the German Cognitive Linguistics Association. Bonus: the authors included an extensive appendix of 546 English synonyms for "drunk," drawn from various sources, which makes for entertaining reading.

There is a long tradition of coming up with colorful expressions for drunkenness in the English language, with the Oxford English Dictionary listing a usage as early as 1382: "merry," meaning "boisterous or cheerful due to alcohol; slight drunk, tipsy." Another OED entry from 1630 lists "blinde" (as in blind drunk) as a drunkonym. Even Benjamin Franklin got into the act with his 1737 Drinker's Dictionary, listing 288 words and phrases for denoting drunkenness. By 1975, there were more than 353 synonyms for "drunk" listed in that year's edition of the Dictionary of American Slang. By 1981, linguist Harry Levine noted 900 terms used as drunkonyms.

Social media platform Reddit has struck a deal with Google to make its content available for training the search engine giant's AI models. Reuters: The contract with Alphabet-owned Google is worth about $60 million per year, according to one of the sources. The deal underscores how Reddit, which is preparing for a high-profile stock market launch, is seeking to generate new revenue amid fierce competition for advertising dollars from the likes of TikTok and Meta Platform's Facebook.

In the high-stakes world of AI, "The fundamental agreement behind robots.txt [files], and the web as a whole — which for so long amounted to 'everybody just be cool' — may not be able to keep up..." argues the Verge: For many publishers and platforms, having their data crawled for training data felt less like trading and more like stealing. "What we found pretty quickly with the AI companies," says Medium CEO Tony Stubblebin, "is not only was it not an exchange of value, we're getting nothing in return. Literally zero." When Stubblebine announced last fall that Medium would be blocking AI crawlers, he wrote that "AI companies have leached value from writers in order to spam Internet readers."

Over the last year, a large chunk of the media industry has echoed Stubblebine's sentiment. "We do not believe the current 'scraping' of BBC data without our permission in order to train Gen AI models is in the public interest," BBC director of nations Rhodri Talfan Davies wrote last fall, announcing that the BBC would also be blocking OpenAI's crawler. The New York Times blocked GPTBot as well, months before launching a suit against OpenAI alleging that OpenAI's models "were built by copying and using millions of The Times's copyrighted news articles, in-depth investigations, opinion pieces, reviews, how-to guides, and more." A study by Ben Welsh, the news applications editor at Reuters, found that 606 of 1,156 surveyed publishers had blocked GPTBot in their robots.txt file.

It's not just publishers, either. Amazon, Facebook, Pinterest, WikiHow, WebMD, and many other platforms explicitly block GPTBot from accessing some or all of their websites.

On most of these robots.txt pages, OpenAI's GPTBot is the only crawler explicitly and completely disallowed. But there are plenty of other AI-specific bots beginning to crawl the web, like Anthropic's anthropic-ai and Google's new Google-Extended. According to a study from last fall by Originality.AI, 306 of the top 1,000 sites on the web blocked GPTBot, but only 85 blocked Google-Extended and 28 blocked anthropic-ai. There are also crawlers used for both web search and AI. CCBot, which is run by the organization Common Crawl, scours the web for search engine purposes, but its data is also used by OpenAI, Google, and others to train their models. Microsoft's Bingbot is both a search crawler and an AI crawler. And those are just the crawlers that identify themselves — many others attempt to operate in relative secrecy, making it hard to stop or even find them in a sea of other web traffic.

For any sufficiently popular website, finding a sneaky crawler is needle-in-haystack stuff.
In addition, the article points out, a robots.txt file "is not a legal document — and 30 years after its creation, it still relies on the good will of all parties involved.

"Disallowing a bot on your robots.txt page is like putting up a 'No Girls Allowed' sign on your treehouse — it sends a message, but it's not going to stand up in court."

An anonymous reader quotes a report from BleepingComputer: A new iOS and Android trojan named 'GoldPickaxe' employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access. The new malware, spotted by Group-IB, is part of a malware suite developed by the Chinese threat group known as 'GoldFactory,' which is responsible for other malware strains such as 'GoldDigger', 'GoldDiggerPlus,' and 'GoldKefu.' Group-IB says its analysts observed attacks primarily targeting the Asia-Pacific region, mainly Thailand and Vietnam. However, the techniques employed could be effective globally, and there's a danger of them getting adopted by other malware strains. [...]

For iOS (iPhone) users, the threat actors initially directed targets to a TestFlight URL to install the malicious app, allowing them to bypass the normal security review process. When Apple remove the TestFlight app, the attackers switched to luring targets into downloading a malicious Mobile Device Management (MDM) profile that allows the threat actors to take control over devices. Once the trojan has been installed onto a mobile device in the form of a fake government app, it operates semi-autonomously, manipulating functions in the background, capturing the victim's face, intercepting incoming SMS, requesting ID documents, and proxying network traffic through the infected device using 'MicroSocks.'

Group-IB says the Android version of the trojan performs more malicious activities than in iOS due to Apple's higher security restrictions. Also, on Android, the trojan uses over 20 different bogus apps as cover. For example, GoldPickaxe can also run commands on Android to access SMS, navigate the filesystem, perform clicks on the screen, upload the 100 most recent photos from the victim's album, download and install additional packages, and serve fake notifications. The use of the victims' faces for bank fraud is an assumption by Group-IB, also corroborated by the Thai police, based on the fact that many financial institutes added biometric checks last year for transactions above a certain amount.

schwit1 writes: Robert F. Kennedy Jr. won a preliminary injunction against the White House and other federal defendants in his suit alleging government censorship of his statements against vaccines on social media. The injunction, however, will be stayed until the US Supreme Court rules in a related case brought by Missouri and Louisiana. An injunction is warranted because Kennedy showed he is likely to succeed on the merits of his claims, Judge Terry A. Doughty of the US District Court for the Western District of Louisiana said Wednesday.

The White House defendants, the Surgeon General defendants, the Centers for Disease Control and Prevention defendants, the Federal Bureau of Investigation defendants, and the Cybersecurity & Infrastructure Security Agency defendants likely violated the Free Speech Clause of the First Amendment, Doughty said. Kennedy's class action complaint, brought with health care professional Connie Sampognaro and Kennedy's nonprofit, Children's Health Defense, alleges that the federal government, beginning in early 2020, began a campaign to induce Facebook, Google (YouTube), and X, formerly known as Twitter, to censor constitutionally protected speech.

Specifically, Kennedy said, the government suppressed "facts and opinions about the COVID vaccines that might lead people to become 'hesitant' about COVID vaccine mandates." Kennedy has sufficiently shown that these defendants "jointly participated in the actions of the social media" platforms by '"insinuating' themselves into the social-media companies' private affairs and blurring the line between public and private action," Doughty said.

The European Union is expanding its strict digital rulebook on Saturday to almost all online platforms in the bloc, in the next phase of its crackdown on toxic social media content and dodgy ecommerce products that began last year by targeting the most popular services. From a report: The EU's trailblazing Digital Services Act has already kicked in for nearly two dozen of the biggest online platforms, including Facebook, Instagram, YouTube, Amazon and Wikipedia. The DSA imposes a set of strict requirements designed to keep internet users safe online, including making it easier to report counterfeit or unsafe goods or flag harmful or illegal content like hate speech as well as a ban on ads targeted at children.

Now the rules will apply to nearly all online platforms, marketplaces and "intermediaries" with users in the 27-nation bloc. Only the smallest businesses, with fewer than 50 employees and annual revenue of less than 10 million euros ($11 million), are exempt. That means thousands more websites could potentially be covered by the regulations. It includes popular ones such as eBay and OnlyFans that escaped being classed as the biggest online platforms requiring extra scrutiny.