Former Uber Employees Cleared of Illegal Spying

Slashdot - Your Rights Online - 12 godzin 47 min ago
The New York Times tells the remarkable story of Uber's need for more intelligence gathering back in 2016: Uber was expanding aggressively into foreign markets. The pushback was swift and sometimes violent. Taxi drivers staged widespread protests, and in Nairobi, Kenya, several Uber cars were lit on fire and drivers were beaten. Competitors in China and India used sophisticated methods to collect Uber's data and undercut its prices. To fight back, Uber began to recruit a team of former C.I.A. officers like [Nick] Gicinto, law enforcement officials and cybersecurity experts. The team would gather intelligence about threats against Uber drivers and executives, and investigate competing companies and potential acquisitions. "They didn't know what was going on, on the ground," Mr. Gicinto said. "They recognized that they needed somebody who understood the human aspect of these things and understood foreign environments...." In addition to Uber's recruitment from the C.I.A., Google, Facebook and Amazon poached hackers from the National Security Agency to fend off cyberattacks, former Federal Bureau of Investigation agents to staff teams responsible for fielding law enforcement requests and former Pentagon officials to advise on defense contracts. A history professor at the University of Washington in Seattle tells the Times it's not at all unusual for tech companies to hire from the intelligence community, a long-standing practice to protect intellectual secrets. So for example, Uber's team "outsourced some of the projects to intelligence firms, which sent contractors to infiltrate driver protests... the team filmed Waymo's vehicles and scraped competitors' apps to collect pricing information." The men who gathered intelligence for Uber were supposed to be ghosts. For years, they were un-Googleable sentries, quietly informing executives about the actions of competitors, opponents and disgruntled employees. But the secrecy of the tightknit team ended abruptly in 2017 when one of its members turned on the others, accusing them of stealing trade secrets, wiretapping and destroying evidence. They flouted the law while carrying out Uber's dirtiest missions, their former co-worker, Richard Jacobs, claimed in an April 2017 email sent to top Uber executives. His lawyer followed up with a letter that said the team went so far as to hack foreign governments and wiretap Uber's own employees. But Mr. Jacobs's most damning allegations of illegal activity were not true. In June, nearly four years after his claims drew wide attention, he retracted them. In a letter to his former co-workers that he wrote as part of a legal settlement, Mr. Jacobs explained that he had never intended to suggest that they broke the law. "I am sorry," he wrote. "I regret not having clarified the statements at an earlier time and regret any distress or injury my statements may have caused." Gary Bostwick, a lawyer for Mr. Jacobs, declined to comment.... Testifying in court, Mr. Jacobs seemed to distance himself from some of the claims in the letter. He hadn't had much time to review it before his lawyer sent it, he said, and he wasn't sure if Mr. Gicinto and his other former co-workers had broken the law. "I did not believe it was patently illegal. I had questions about the ethics of it," Mr. Jacobs testified. "It felt overly aggressive and invasive and inappropriate." The Times reports that Uber had paid $7.5 million to cooperate with an investigation into Jacobs' allegations (according to legal filings), and while the findings were never made public, the co-workers accused in the letter "said they had been told that they were cleared of any wrongdoing... "In 2021, Mr. Jacobs settled the libel lawsuit by his former co-workers. The terms of the settlement are not public."pdiv class="share_submission" style="position:relative;" a class="slashpop" href=""img src=""/a a class="slashpop" href=""img src=""/a /div/ppa href=";utm_medium=feed"Read more of this story/a at Slashdot./p

EU Complaint Accuses Microsoft of Anticompetitive Bundling of OneDrive, Teams in Windows

Slashdot - Your Rights Online - 16 godzin 30 min ago
"Remember how Microsoft spent years in hot water in the late '90s and early '00s by forcing Internet Explorer on its customers?" asks ZDNet. "European open-source cloud company Nextcloud does." Now, with a coalition of other European Union (EU) software and cloud organizations and companies called the "Coalition for a Level Playing Field," Nextcloud has formally complained to the European Commission about Microsoft's anti-competitive behavior by aggressively bundling its OneDrive cloud, Teams, and other services with Windows 10 and 11. Nextcloud claims that by pushing consumers to sign up and hand over their data to Microsoft, the Windows giant is limiting consumer choice and creating an unfair barrier for other companies offering competing services. Specifically, Microsoft has grown its EU market share to 66%, while local providers' market share declined from 26% to 16%. Microsoft has done this not by any technical advantage or sales benefits, but by heavily favoring its own products and services, self-preferencing over other services. While self-preferencing is not illegal per se under EU competition laws, if a company abuses its dominant market position, it can break the law. Nextcloud states that Microsoft has outright blocked other cloud service vendors by leveraging its position as gatekeeper to extend its reach in neighboring markets, pushing users deeper into its ecosystems. Thus, more specialized EU companies can't compete on merit, as the key to success is not a good product but the ability to distort competition and block market access.... So, Nextcloud is asking the European Commission's Directorate-General for Competition to prevent this kind of abusive behavior and keep the market competitive and fair for all players. Nextcloud is doing this by filing an official complaint with this body. In addition, Nextcloud has also filed a request with the German antitrust authorities, the Bundeskartellamt, for an investigation against Microsoft. With its partners, it's also discussing filing a similar complaint in France. Nextcloud is being joined in its complaint by several open-source, non-profit organizations. These include the European DIGITAL SME Alliance; the Document Foundation, LibreOffice's backing organization; and the Free Software Foundation Europe (FSFE)... Numerous businesses are also supporting Nextcloud's legal action. This includes Abilian, an open-source software publisher; DAASI, an open-source identity management company; and Mailfence.pdiv class="share_submission" style="position:relative;" a class="slashpop" href=""img src=""/a a class="slashpop" href=""img src=""/a /div/ppa href=";utm_medium=feed"Read more of this story/a at Slashdot./p

Google Makes Pledges on Browser Cookies To Appease UK Regulator

Slashdot - Your Rights Online - Pt, 2021-11-26 22:05
Google has pledged more restrictions on its use of data from its Chrome browser to address concerns raised by Britain's competition regulator about its plan to ban third-party cookies that advertisers use to track consumers. From a report: The Competition and Markets Authority (CMA) has been investigating Google's plan to cut support for some cookies in Chrome - an initiative called the "Privacy Sandbox" -- because it is worried it will impede competition in digital advertising. Alphabet's Google has said its users want more privacy when they are browsing the web, including not being tracked across sites. Other players in the $250 billion global digital ad sector, however, have said the loss of cookies in the world's most popular browser will limit their ability to collect information for personalising ads and make them more reliant on Google's user databases. Google agreed earlier this year to not implement the plan without the CMA's sign-off, and said the changes agreed with the British regulator will apply globally.pdiv class="share_submission" style="position:relative;" a class="slashpop" href=""img src=""/a a class="slashpop" href=""img src=""/a /div/ppa href=";utm_medium=feed"Read more of this story/a at Slashdot./p

Australia Defamation Case Signals a Crackdown on Ordinary Citizens, Critics Say

Slashdot - Your Rights Online - Cz, 2021-11-25 23:09
Australia's defense minister on Wednesday won a defamation case over a six-word tweet that called him a "rape apologist." From a report: Critics and experts said the court case exemplified the conservative government's heavy-handed approach toward regulating damaging commentary on social media -- what Prime Minister Scott Morrison called "a coward's palace." The case also represented a troubling shift as politicians bring more lawsuits against ordinary citizens, they said. The dispute began when Shane Bazzi, an advocate for refugees who has 13,000 Twitter followers, wrote a Twitter post in February about Peter Dutton, then the country's home affairs minister and now the defense minister. "Peter Dutton is a rape apologist," the tweet said, and linked to an article about comments Mr. Dutton had made that women seeking asylum in Australia used rape claims as an excuse to enter the country. The post was published on the same day that Mr. Dutton also used the phrase "she said, he said" in reference to explosive accusations by Brittany Higgins, a former government staff member, who said she had been sexually assaulted in Australia's Parliament House. Mr. Dutton began defamation proceedings soon after, saying that the post had "deeply offended" him and had wrongly suggested he condoned and excused rape. Mr Bazzi's blue Twitter check mark, Mr. Dutton also argued, implied recognition by the social media giant and had led the minister to believe that the post was not just the "rant of somebody randomly on Twitter."pdiv class="share_submission" style="position:relative;" a class="slashpop" href=""img src=""/a a class="slashpop" href=""img src=""/a /div/ppa href=";utm_medium=feed"Read more of this story/a at Slashdot./p

UK Privacy Watchdog Warns Adtech the End of Tracking is Nigh

Slashdot - Your Rights Online - Cz, 2021-11-25 21:30
It's been well over two years since the UK's data protection watchdog warned the behavioural advertising industry it's wildly out of control. From a report: The ICO hasn't done anything to stop the systematic unlawfulness of the tracking and targeting industry abusing Internet users' personal data to try to manipulate their attention -- not in terms of actually enforcing the law against offenders and stopping what digital rights campaigners have described as the biggest data breach in history. Indeed, it's being sued over inaction against real-time-bidding's misuse of personal data by complainants who filed a petition on the issue all the way back in September 2018. But today the UK's (outgoing) information commissioner, Elizabeth Denham, published an opinion -- in which she warns the industry that its old unlawful tricks simply won't do in the future. New methods of advertising must be compliant with a set of what she describes as "clear data protection standards" in order to safeguard people's privacy online, she writes.pdiv class="share_submission" style="position:relative;" a class="slashpop" href=""img src=""/a a class="slashpop" href=""img src=""/a /div/ppa href=";utm_medium=feed"Read more of this story/a at Slashdot./p

Roblox Sues YouTuber For $1.6 Million Over Terrorizing Kids Platform

Slashdot - Your Rights Online - Cz, 2021-11-25 19:42
Roblox is taking notorious YouTuber Benjamin "Ruben Sim" Simon to court over his alleged attacks on the gaming social media platform and its young fans. A lawsuit filed in California court on Tuesday wants the longtime banned player to pay $1.6 million in damages and stop harassing Roblox employees and players. From a report: First reported by Polygon, the lawsuit contains a number of allegations against Simon, who has been making and profiting from Roblox videos since 2010. Those videos run the gamut, featuring him doing everything from sexually harassing players he encounters in the game to making public "terrorist threats" against the company during its annual convention. According to Roblox, this led the company to have to temporarily shut down its Roblox Developers Conference in San Francisco last month after Simon reportedly posted about police searching for "Islamic Extremists" at the event. The company claims this cost it $50,000 to investigate the false reports.pdiv class="share_submission" style="position:relative;" a class="slashpop" href=""img src=""/a a class="slashpop" href=""img src=""/a /div/ppa href=";utm_medium=feed"Read more of this story/a at Slashdot./p

A Third of All Dark Web Domains Are Now V3 Onion Sites

Slashdot - Your Rights Online - Śr, 2021-11-24 15:00
An anonymous reader quotes a report from The Record: Throughout 2020 and 2021, the Tor anonymity network has gone through a major change as the Tor software team has released a new version of its software that updated how .onion domains look and work. More specifically, the Tor Project has done away with 16-character-long .onion domains, also known as v2 addresses, and replaced them with 56-character-long domains, known as v3. The move, driven by a need to improve the Tor network's privacy, security, and resilience to deanonymization attacks, was announced years in advance, and the entire process took more than a year to complete. But despite the Tor team's best efforts to announce the move in advance, new numbers compiled and released by dark web monitoring company DarkOwl show that the Tor network is still made up in large part of servers running older v2 domains. "In the last six weeks, DarkOwl's Vision platform has observed an average of 104,095 active .onion services across both address schemes of which: 62% are v2 addresses and 38% are v3 addresses," the company said last week. DarkOwl says it detected a spike in new v3 domains in July 2021, which coincided with the Tor team adding a fullscreen warning before accessing v2 domains in preparation for the browser's v11 release this fall. This resulted in more than 2,900 v3 domains being registered in the last two weeks of July alone. However, as the Tor team noted in its own v2-to-v3 analysis in September, the number of v3 domains is trending up. The report adds that v2 sites are expected to go extinct in the coming year. "The reason is that as most Tor node operators will update their servers to versions that will not support v2 domains, there will be no Tor relays capable of routing the traffic to these old-gen domains," report The Record.pdiv class="share_submission" style="position:relative;" a class="slashpop" href=""img src=""/a a class="slashpop" href=""img src=""/a /div/ppa href=";utm_medium=feed"Read more of this story/a at Slashdot./p

US To Require Vaccines For All Border Crossers In January

Slashdot - Your Rights Online - Śr, 2021-11-24 12:00
President Joe Biden will require essential, nonresident travelers crossing U.S. land borders, such as truck drivers, government and emergency response officials, to be fully vaccinated beginning on Jan. 22, the administration planned to announce Tuesday. The Associated Press reports: A senior administration official said the requirement, which the White House previewed in October, brings the rules for essential travelers in line with those that took effect earlier this month for leisure travelers, when the U.S. reopened its borders to fully vaccinated individuals. Essential travelers entering by ferry will also be required to be fully vaccinated by the same date, the official said. The rules pertain to non-U.S. nationals. American citizens and permanent residents may still enter the U.S. regardless of their vaccination status, but face additional testing hurdles because officials believe they more easily contract and spread COVID-19 and in order to encourage them to get a shot. [...] About 47 million adults in the U.S. remain unvaccinated, according to figures from the Centers for Disease Control and Prevention.pdiv class="share_submission" style="position:relative;" a class="slashpop" href=""img src=""/a a class="slashpop" href=""img src=""/a /div/ppa href=";utm_medium=feed"Read more of this story/a at Slashdot./p

Elizabeth Holmes Admits Doctoring Lab Reports With Pharma Company Logos

Slashdot - Your Rights Online - Śr, 2021-11-24 05:30
An anonymous reader quotes a report from NBC News: Theranos founder and former CEO Elizabeth Holmes returned to the witness stand Tuesday, confirming key aspects of the prosecutor's allegations behind the 11 counts of fraud she faces, but asserting that there was nothing wrong in what she did. The prosecution has repeatedly shown jurors lab reports emblazoned with logos of the pharmaceutical companies Pfizer and Schering-Plough. Witnesses from those companies who worked with Theranos testified that the use of the logos was unauthorized and they were unaware of it at the time. Holmes admitted that she was the one who had added the logos to Theranos lab reports and sent them to Walgreens as she pursued a deal to put her blood-testing startup's diagnostic machines in the pharmacy's retail stores. "This work was done in partnership with those companies and I was trying to convey that," she said by way of explanation. "I wish I had done it differently," she added. Addressing another key point made by the prosecution, Holmes said that when Theranos switched from using on-site analyzers to process samples to a centralized lab approach, it used third-party devices rather than its own equipment as an "invention" because there were too many samples to handle. Witnesses have testified that Theranos' signature blood-testing machine repeatedly failed quality assurance tests and delivered erroneous results. Holmes said the company didn't tell its business partners about this arrangement because it was a trade secret. She rebutted the prosecution's arguments about some of the alleged misrepresentations she made to investors, the media and business partners, affirming that she had received specific positive reports from employees and outside experts and believed their statements to be true. When presented with company emails and PowerPoint presentations, defense attorney Kevin Downey asked Holmes about specific instances brought up by the prosecution. Jurors saw an email sent to Holmes by then-chief company scientist, biochemist Ian Gibbons, about the development of Theranos' fourth-generation device. "Our immunoassays match the best that can be done in clinical labs and work with small blood samples. Generally our assays are faster by a factor of three to 10 than kits," Gibbons wrote. Downey asked Holmes what she took that email to mean. "I understood that the 4 series could do any blood test," she replied. If Holmes is convicted, she could face up to 20 years in prison. She may also face "a $250,000 fine and full or partial restitution to investors, totaling nearly $155 million," adds NBC News.pdiv class="share_submission" style="position:relative;" a class="slashpop" href=""img src=""/a a class="slashpop" href=""img src=""/a /div/ppa href=";utm_medium=feed"Read more of this story/a at Slashdot./p

Mozilla Is Ending Support For Its Firefox Password Manager Sync App

Slashdot - Your Rights Online - Śr, 2021-11-24 03:25
Mozilla announced last week via a support article that its Firefox Lockwise password manager app will reach end-of-life on December 13th. The final release versions are 1.8.1 (iOS) and 4.0.3 (Android) and will no longer be available to download or reinstall after that date. The Verge reports: What started in 2018 as a small experimental mobile app called Lockbox ended up bringing a way to access saved passwords and perform autofills on iOS, Android, and desktop devices to a small but enthusiastic following of Firefox fans. The app was also later adapted as a Firefox extension. It seemed like it was apt to stick around for the long run. The support article recommends that users continue accessing passwords using the native Firefox browsers on desktop and mobile. In an added note on the support site, Mozilla suggests that later in December, the Firefox iOS app will gain the ability to manage Firefox passwords systemwide. The note alludes to Mozilla adopting the features of Lockwise and eventually integrating them into the Firefox browser apps natively on all platforms.pdiv class="share_submission" style="position:relative;" a class="slashpop" href=""img src=""/a a class="slashpop" href=""img src=""/a /div/ppa href=";utm_medium=feed"Read more of this story/a at Slashdot./p

New Windows Zero-Day With Public Exploit Lets You Become An Admin

Slashdot - Your Rights Online - Śr, 2021-11-24 02:45
A security researcher has publicly disclosed an exploit for a new Windows zero-day local privilege elevation vulnerability that gives admin privileges in Windows 10, Windows 11, and Windows Server. BleepingComputer reports: As part of the November 2021 Patch Tuesday, Microsoft fixed a 'Windows Installer Elevation of Privilege Vulnerability' vulnerability tracked as CVE-2021-41379. This vulnerability was discovered by security researcher Abdelhamid Naceri, who found a bypass to the patch and a more powerful new zero-day privilege elevation vulnerability after examining Microsoft's fix. Yesterday, Naceri published a working proof-of-concept exploit for the new zero-day on GitHub, explaining that it works on all supported versions of Windows. "This variant was discovered during the analysis of CVE-2021-41379 patch. the bug was not fixed correctly, however, instead of dropping the bypass," explains Naceri in his writeup. "I have chosen to actually drop this variant as it is more powerful than the original one." Furthermore, Naceri explained that while it is possible to configure group policies to prevent 'Standard' users from performing MSI installer operations, his zero-day bypasses this policy and will work anyway. BleepingComputer tested Naceri's 'InstallerFileTakeOver' exploit, and it only took a few seconds to gain SYSTEM privileges from a test account with 'Standard' privileges, as demonstrated in [this video]. When BleepingComputer asked Naceri why he publicly disclosed the zero-day vulnerability, we were told he did it out of frustration over Microsoft's decreasing payouts in their bug bounty program. A Microsoft spokesperson said in a statement: "We are aware of the disclosure and will do what is necessary to keep our customers safe and protected. An attacker using the methods described must already have access and the ability to run code on a target victim's machine." Naceri recommends users wait for Microsoft to release a security patch, as attempting to patch the binary will likely break the installer.pdiv class="share_submission" style="position:relative;" a class="slashpop" href=""img src=""/a a class="slashpop" href=""img src=""/a /div/ppa href=";utm_medium=feed"Read more of this story/a at Slashdot./p

China's New Privacy Law Leaves US Behind

Slashdot - Your Rights Online - Wt, 2021-11-23 21:22
While China's sweeping new data privacy laws have left tech companies confused about how to comply, they also put the U.S. even further behind in the global race to set digital standards. From a report: China enacted its Personal Information Privacy Law earlier this month, following Europe as the second major international player to have its own sweeping data privacy regulations. The law, regarded as China's version of Europe's General Data Protection Regulation, is a set of rules for how businesses can collect, use, process, share and transfer personal information. Another Chinese data regulation, the Data Security Law, went into effect Sept. 1. The laws aim to protect Chinese citizens from the private sector, while the Chinese government still has easy access to personal data. In May, influential U.S. business groups sent comments, viewed by Axios, to the National People's Congress protesting that the draft law's vague language, monetary penalties and criminal liabilities were harsh. They also said it would hurt innovation by being overly prescriptive and burdensome. The U.S. still does not have a federal data privacy law, and China's move could allow it to set future global norms on its terms. Meanwhile, tech companies doing business in China will have to navigate the vague new rules, and that could be expensive.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="'"img src=""/a a class="slashpop" href=""img src=""/a /div/ppa href=";utm_medium=feed"Read more of this story/a at Slashdot./p

Apple Sues Israeli Spyware Maker, Seeking To Block Its Access To iPhones

Slashdot - Your Rights Online - Wt, 2021-11-23 20:05
Apple sued the NSO Group, the Israeli surveillance company, in federal court on Tuesday, another setback for the beleaguered firm and the unregulated spyware industry. From a report: The lawsuit is the second of its kind -- Facebook sued the NSO Group in 2019 for targeting its WhatsApp users -- and represents another consequential move by a private company to curb invasive spyware by governments and the companies that provide their spy tools. Apple, for the first time, seeks to hold NSO accountable for what it says was the surveillance and targeting of Apple users. Apple also wants to permanently prevent NSO from using any Apple software, services or devices, a move that could render the company's Pegasus spyware product worthless, given that its core business is to give NSO's government clients full access to a target's iPhone or Android smartphone. Apple is also asking for unspecified damages for the time and cost to deal with what the company argues is NSO's abuse of its products. Apple said it would donate the proceeds from those damages to organizations that expose spyware. Since NSO's founding in 2010, its executives have said that they sell spyware to governments only for lawful interception, but a series of revelations by journalists and private researchers have shown the extent to which governments have deployed NSO's Pegasus spyware against journalists, activists and dissidents. Apple executives described the lawsuit as a warning shot to NSO and other spyware makers. "This is Apple saying: If you do this, if you weaponize our software against innocent users, researchers, dissidents, activists or journalists, Apple will give you no quarter," Ivan Krstic, head of Apple security engineering and architecture, said in an interview on Monday.pdiv class="share_submission" style="position:relative;" a class="slashpop" href=""img src=""/a a class="slashpop" href=""img src=""/a /div/ppa href=";utm_medium=feed"Read more of this story/a at Slashdot./p

India Police Charge Amazon Execs In Alleged Marijuana Smuggling Case

Slashdot - Your Rights Online - Wt, 2021-11-23 00:00
An anonymous reader quotes a report from Reuters: Indian police said on Saturday they had charged senior executives of's local unit under narcotics laws in a case of alleged marijuana smuggling via the online retailer. Police in the central Madhya Pradesh state arrested two men with 20 kg of marijuana on Nov. 14 and found they were using the Amazon India website to order and further smuggle the substance in the guise of stevia leaves, a natural sweetener, to other Indian states. State police said in a statement that executive directors of Amazon India were being named as accused under the Narcotic Drugs and Psychotropic Substances Act due to differences in answers in documents provided by the company in response to police questions and facts unearthed by discussion. Police did not disclose how many executives were charged. The police, who had previously summoned and spoken to Amazon executives in the case, estimate that about 1,000 kg of marijuana, worth roughly $148,000, was sold via Amazon.pdiv class="share_submission" style="position:relative;" a class="slashpop" href=""img src=""/a a class="slashpop" href=""img src=""/a /div/ppa href=";utm_medium=feed"Read more of this story/a at Slashdot./p

WhatsApp Privacy Policy Tweaked in Europe After Record Fine

Slashdot - Your Rights Online - Pn, 2021-11-22 18:03
WhatsApp is rewriting its privacy policy as a result of a huge data protection fine earlier this year. From a report: Following an investigation, the Irish data protection watchdog issued a $253.29m fine -- the second-largest in history over GDPR -- and ordered WhatsApp to change its policies. WhatsApp is appealing against the fine, but is amending its policy documents in Europe and the UK to comply. However, it insists that nothing about its actual service is changing. Instead, the tweaks are designed to "add additional detail around our existing practices", and will only appear in the European version of the privacy policy, which is already different from the version that applies in the rest of the world. "There are no changes to our processes or contractual agreements with users, and users will not be required to agree to anything or to take any action in order to continue using WhatsApp," the company said, announcing the change. The new policy takes effect immediately. In January, WhatsApp users complained about an update to the company's terms that many believed would result in data being shared with parent company Facebook, which is now called Meta. Many thought refusing to agree to the new terms and conditions would result in their accounts being blocked. In reality, very little had changed. However, WhatsApp was forced to delay its changes and spend months fighting the public perception to the contrary. During the confusion, millions of users downloaded WhatsApp competitors such as Signal.pdiv class="share_submission" style="position:relative;" a class="slashpop" href=""img src=""/a a class="slashpop" href=""img src=""/a /div/ppa href=";utm_medium=feed"Read more of this story/a at Slashdot./p

El Salvador Plans 'Bitcoin City' Powered by a Volcano, Financed by Bitcoin Bonds

Slashdot - Your Rights Online - N, 2021-11-21 20:34
"In a rock concert-like atmosphere, El Salvador President Nayib Bukele announced that his government will build an oceanside 'Bitcoin City' at the base of a volcano..." reports the Associated Press. "A bond offering would happen in 2022 entirely in Bitcoin, Bukele said, wearing his signature backwards baseball cap. And 60 days after financing was ready, construction would begin." The city will be built near the Conchagua volcano to take advantage of geothermal energy to power both the city and Bitcoin mining mdash; the energy-intensive solving of complex mathematical calculations day and night to verify currency transactions. The government is already running a pilot Bitcoin mining venture at another geothermal power plant beside the Tecapa volcano... The government will provide land and infrastructure and work to attract investors. The only tax collected there will be the value-added tax, half of which will be used to pay the municipal bonds and the rest for municipal infrastructure and maintenance. Bukele said there would be no property, income or municipal taxes and the city would have zero carbon dioxide emissions. "Invest here and earn all the money you want," Bukele told the cheering crowd in English at the closing of the Latin American Bitcoin and Blockchain Conference being held in El Salvador. CNN adds some interesting details: Likening his plan to cities founded by Alexander the Great, Bukele said Bitcoin City would be circular, with an airport, residential and commercial areas, and feature a central plaza designed to look like a bitcoin symbol from the air. "If you want bitcoin to spread over the world, we should build some Alexandrias," said Bukele, a tech savvy 40-year-old who in September proclaimed himself "dictator" of El Salvador on Twitter in an apparent joke. El Salvador plans to issue the initial bonds in 2022, Bukele said, suggesting it would be in 60 days time. Samson Mow, chief strategy officer of blockchain technology provider Blockstream, told the gathering the first 10-year issue, known as the "volcano bond", would be worth $1 billion, backed by bitcoin and carrying a coupon of 6.5% [the annual interest paid on a bond]. Half of the sum would go to buying bitcoin on the market, he said. Other bonds would follow. After a five year lock-up, El Salvador would start selling some of the bitcoin used to fund the bond to give investors an "additional coupon", Mow said, positing that the value of the cryptocurrency would continue to rise robustly. "This is going to make El Salvador the financial center of the world," he said... Once 10 such bonds were issued, $5 billion in bitcoin would be taken off the market for several years, Mow said. "And if you get 10 more countries to do these bonds, that's half of bitcoin's market cap right there." The "game theory" on the bonds gave first issuer El Salvador an advantage, Mow argued, saying: "If bitcoin at the five-year mark reaches $1 million, which I think it will, they will sell bitcoin in two quarters and recoup that $500 million."pdiv class="share_submission" style="position:relative;" a class="slashpop" href="'Bitcoin+City'"img src=""/a a class="slashpop" href=""img src=""/a /div/ppa href=";utm_medium=feed"Read more of this story/a at Slashdot./p

Is 'The NFT Bay' Just a Giant Hoax?

Slashdot - Your Rights Online - N, 2021-11-21 01:25
Recently Australian developer Geoffrey Huntley announced they'd created a 20-terabyte archive of all NFTs on the Ethereum and Solana blockchains. But one NFT startup company now says they tried downloading the archive mdash; and discovered most of it was zeroes. Many of the articles are careful to point out "we have not verified the contents of the torrent," because of course they couldn't. A 20TB torrent would take several days to download, necessitating a pretty beefy internet connection and more disk space to store than most people have at their disposal. We at ClubNFT fired up a massive AWS instance with 40TB of EBS disk space to attempt to download this, with a cost estimate of $10k-20k over the next month, as we saw this torrent as potentially an easy way to pre-seed our NFT storage efforts mdash; not many people have these resources to devote to a single news story. Fortunately, we can save you the trouble of downloading the entire torrent mdash; all you need is about 10GB. Download the first 10GB of the torrent, plus the last block, and you can fill in all the rest with zeroes. In other words, it's empty; and no, Geoff did not actually download all the NFTs. Ironically, Geoff has archived all of the media articles about this and linked them on TheNFTBay's site, presumably to preserve an immutable record of the spread and success of his campaign mdash; kinda like an NFT... We were hoping this was real... [I]t is actually rather complicated to correctly download and secure the media for even a single NFT, nevermind trying to do it for every NFT ever made. This is why we were initially skeptical of Geoff's statements. But even if he had actually downloaded all the NFT media and made it available as a torrent, this would not have solved the problem... a torrent containing all the NFTs does nothing to actually make those NFTs available via IPFS, which is the network they must be present on in order for the NFTs to be visible on marketplaces and galleries.... [A]nd this is a bit in the weeds: in order to reupload an NFT's media to IPFS, you need more than just the media itself. In order to restore a file to IPFS so it can continue to be located by the original link embedded in the NFT, you must know exactly the settings used when that file was originally uploaded, and potentially even the exact version of the IPFS software used for the upload. For these reasons and more, ClubNFT is working hard on an actual solution to ensure that everybody's NFTs can be safely secured by the collectors themselves. We look forward to providing more educational resources on these and other topics, and welcome the attention that others, like Geoff, bring to these important issues. Their article was shared by Slashdot reader long-time Slashdot reader GradiusCVK (who is one of ClubNFT's three founders). I'd wondered suspiciously if ClubNFT was a hoax, but if this PR Newswire press release is legit, they've raised $3 million in seed funding. (And that does include an investment from Drapen Dragon, co-founded by Tim Draper which shows up on CrunchBase). The International Business Times has also covered ClubNFT, identifying it as a startup whose mission statement is "to build the next generation of NFT solutions to help collectors discover, protect, and share digital assets." Co-founder and CEO Jason Bailey said these next-generation tools are in their "discovery" phase, and one of the first set of tools that is designed to provide a backup solution for NFTs will roll out early next year. Speaking to International Business Times, Bailey said, "We are looking at early 2022 to roll out the backup solution. But between now and then we should be feeding (1,500 beta testers) valuable information about their wallets." Bailey says while doing the beta testing, he realized that there are loopholes in the NFT storage systems and only 40% of the NFTs were actually pointing to the IPFS, while 40% of them were at risk mdash; pointing to private servers. Here is the problem explained: NFTs are basically a collection of metadata, that define the underlying property that is owned. Just like in the world of internet documents, links point to the art and any details about it that are being stored. But links can break, or die. Many NFTs use a system called InterPlanetary File System, or IPFS, which let you find a piece of content as long as it is hosted somewhere on the IPFS network. Unlike in the world of internet domains, you don't need to own the domain to really make sure the data is safe. Explaining the problem which the backup tool will address, Bailey said, "When you upload an image to IPFS, it creates a cryptographic hash. And if someone ever stops paying to store that image on IPFS, as long as you have the original image, you can always restore it. That's why we're giving people the right to download the image.... [W]e're going to start with this protection tool solution that will allow people to click a button and download all the assets associated with their NFT collection and their wallet in the exact format that they would need it in to restore it back up to IPFS, should it ever disappear. And we're not going to charge any money for that." The idea, he said, is that collectors should not have to trust any company; rather they can use ClubNFT's tool, whenever it becomes available, to download the files locally... "One of the things that we're doing early around that discovery process, we're building out a tool that looks in your wallet and can see who you collect, and then go a level deeper and see who they collect," Bailey said. Bailey said that the rest of the tools will process after gathering lessons based on user feedback on the first set of solutions. He, however, seemed positive that the talks of the next set of tools will begin in the Spring of next year as the company has laid a "general roadmap."pdiv class="share_submission" style="position:relative;" a class="slashpop" href="'The+NFT+Bay'"img src=""/a a class="slashpop" href=""img src=""/a /div/ppa href=";utm_medium=feed"Read more of this story/a at Slashdot./p

Canadian Police Arrest Teen For Stealing $36.5 Million In Cryptocurrency

Slashdot - Your Rights Online - So, 2021-11-20 01:20
In what's being referred to as the largest-ever cryptocurrency theft involving one person, police in Canada say they recently arrested a teen who allegedly stole $36.5 million worth of cryptocurrency from a single individual in the U.S. Engadget reports: The owner of the currency was the victim of a SIM swap attack. Their cellphone number was hijacked and used to intercept two-factor authentication requests, thereby allowing access to their protected accounts. Some of the stolen money was used to purchase a "rare" online gaming username, which eventually allowed the Hamilton Police Service, as well as FBI and US Secret Service Electronic Crimes Task Force, to identify the account holder. Police seized approximately $7 million CAD ($5.5 million) in stolen cryptocurrency when they arrested the teen.pdiv class="share_submission" style="position:relative;" a class="slashpop" href=""img src=""/a a class="slashpop" href=""img src=""/a /div/ppa href=";utm_medium=feed"Read more of this story/a at Slashdot./p

Sci-Hub: Researchers File Intervention Application To Fight ISP Blocking

Slashdot - Your Rights Online - So, 2021-11-20 00:02
Last December, academic publishers Elsevier, Wiley, and American Chemical Society filed a lawsuit demanding that Indian ISPs block access to Sci-Hub and Libgen for copyright infringement. The ongoing case now includes an intervention application from a group of social science researchers who say that blocking the platforms would result in a great societal loss to the country. TorrentFreak reports: Assisted and represented by the Delhi-based Internet Freedom Foundation (IFF), a group of social science researchers affiliated with universities across Delhi has now filed an intervention application that aims to educate the High Court on the negative implications of ordering local ISPs to block the platforms. "In the application, they have demonstrated the importance of the LibGen and Sci-Hub in enabling them to continue with research and discharge professional obligations," IFF explains. "They have submitted that they cannot access countless essays/books/articles because of the exorbitant rates the publishers charge for them and that these publishers own more than 50% of the total output in social science research. The only way in which they can access these resources is by relying upon LibGen and Sci-Hub. Moreover, LibGen and Sci-Hub offer access to up-to-date research which is unavailable elsewhere." The social science researchers also draw attention to the publishers' "prohibitive pricing" models that place a serious burden on the publicly-funded academic institutions where they conduct their research. They further note that, to the best of their knowledge, individual users who rely on Sci-Hub and Libgen have not dented the profits of the publishers. "The profit margins of the [publishers] are much higher than those of enterprises in other industries such as oil, medicines and technology. Thus, the Plaintiffs' plea of blocking [Sci-Hub and Libgen] only serves their self-interest of increasing their coffers without benefitting society," their application reads. "In fact, granting the Plaintiffs' reliefs will have a detrimental impact on the social science research undertaken in India and the careers of the Applicants and those they represent before this Hon'ble Court. The unavailability of the Defendant Websites will also stunt the academic growth of the nation." After highlighting the risks to society should the Court authorize blocking, the researchers turn to the legality of doing so. They believe that while the publishers own the copyrights to the articles, the use of those articles is allowed under India's Copyright Act, at least under certain conditions. [...] Finally, the researchers say they are contesting any blocking injunction on the basis that it would be overbroad. They note that the publishers are not seeking the removal of specific infringing content but the blocking of entire websites in perpetuity. They argue that there are less restrictive measures available and these should have been sought first, rather than going directly for complete blocking of Sci-Hub and Libgen. Before issuing any blocking order, they also ask the court to consider Article 19(1) that recognizes the fundamental right to access information.pdiv class="share_submission" style="position:relative;" a class="slashpop" href=""img src=""/a a class="slashpop" href=""img src=""/a /div/ppa href=";utm_medium=feed"Read more of this story/a at Slashdot./p

Facebook Tells LA Police To Stop Spying on Users With Fake Accounts

Slashdot - Your Rights Online - Pt, 2021-11-19 21:30
Facebook has written to the Los Angeles Police Department (LAPD), demanding that it stop setting up fake profiles to conduct surveillance on users. From a report: This comes after the Guardian revealed that the US police department had been working with a tech firm, analysing user data to help solve crimes. Facebook expressly prohibits the creation and use of fake accounts. The intent, it said, was to "create a safe environment where people can trust and hold one another accountable". "Not only do LAPD instructional documents use Facebook as an explicit example in advising officers to set up fake social media accounts, but documents also indicate that LAPD policies simply allow officers to create fake accounts for 'online investigative activity'," wrote Facebook's vice president and deputy general counsel for civil rights Roy Austin in a letter outlining Facebook's policies. "While the legitimacy of such policies may be up to the LAPD, officers must abide by Facebook's policies when creating accounts on our services. The Police Department should cease all activities on Facebook that involve the use of fake accounts, impersonation of others, and collection of data for surveillance purposes."pdiv class="share_submission" style="position:relative;" a class="slashpop" href=""img src=""/a a class="slashpop" href=""img src=""/a /div/ppa href=";utm_medium=feed"Read more of this story/a at Slashdot./p