aggregator

New emails from before the launch of the Epic Games Store in 2018 show just how angry Epic CEO Tim Sweeney was with the "assholes" at companies like Valve and Apple for squeezing "the little guy" with what he saw as inflated fees. "The emails, which came out this week as part of Wolfire's price-fixing case against Valve (as noticed by the GameDiscoverCo newsletter), confront Valve managers directly for platform fees Sweeney says are 'no longer justifiable,'" writes Ars Technica's Kyle Orland. "They also offer a behind-the-scenes look at the fury Sweeney and Epic would unleash against Apple in court proceedings starting years later. From the report: The first mostly unredacted email chain from the court documents, from August 2017 (PDF), starts with Valve co-founder Gabe Newell asking Sweeney if there is "anything we [are] doing to annoy you?" That query was likely prompted by Sweeney's public tweets at the time questioning "why Steam is still taking 30% of gross [when] MasterCard and Visa charge 2-5% per transaction, and CDN bandwidth is around $0.002/GB." Later in the same thread, he laments that "the internet was supposed to obsolete the rent-seeking software distribution middlemen, but here's Facebook, Google, Apple, Valve, etc." Expanding on these public thoughts in a private response to Newell, Sweeney allows that there was "a good case" for Steam's 30 percent platform fee "in the early days." But he also argues that the fee is too high now that Steam's sheer scale has driven down operating costs and made it harder for individual games to get as much marketing or user acquisition value from simply being available on the storefront. Sweeney goes on to spitball some numbers showing how Valve's fees are contributing to the squeeze all but the biggest PC game developers were feeling on their revenues: "If you subtract out the top 25 games on Steam, I bet Valve made more profit from most of the next 1,000 than the developer themselves made. These guys are our engine customers and we talk to them all the time. Valve takes 30% for distribution; they have to spend 30% on Facebook/Google/Twitter [user acquisition] or traditional marketing, 10% on server, 5% on engine. So, the system takes 75% and that leaves 25% for actually creating the game, worse than the retail distribution economics of the 1990's." Based on experience with Fortnite and Paragon, Sweeney estimates that the true cost of distribution for PC games that sell for $25 or more in Western markets "is under 7% of gross." That's only slightly lower than the 12 percent take Epic would establish for its own Epic Games Store the next year. The second email chain (PDF) revealed in the lawsuit started in November 2018, with Sweeney offering Valve a heads-up on the impending launch of the Epic Games Store that would come just weeks later. While that move was focused on PC and Mac games, Sweeney quickly pivots to a discussion of Apple's total control over iOS, the subject at the time of a lawsuit whose technicalities were being considered by the Supreme Court. Years before Epic would bring its own case against Apple, Sweeney was somewhat prescient, noting that "Apple also has the resources to litigate and delay any change [to its total App Store control] for years... What we need right now is enough developer, press, and platform momentum to steer Apple towards fully opening up iOS sooner rather than later." To that end, Sweeney attempted to convince Valve that lowering its own platform fees would hurt Apple's position and thereby contribute to the greater good: "A timely move by Valve to improve Steam economics for all developers would make a great difference in all of this, clearly demonstrating that store competition leads to better rates for all developers. Epic would gladly speak in support of such a move anytime!" In a follow-up email on December 3, just days before the Epic Games Store launch, Sweeney took Valve to task more directly for its policy of offering lower platform fees for the largest developers on Steam. He offered some harsh words for Valve while once again begging the company to serve as a positive example in the developing case against Apple: "Right now, you assholes are telling the world that the strong and powerful get special terms, while 30% is for the little people. We're all in for a prolonged battle if Apple tries to keep their monopoly and 30% by cutting backroom deals with big publishers to keep them quiet. Why not give ALL developers a better deal? What better way is there to convince Apple quickly that their model is now totally untenable?" After being forwarded the message by Valve's Erik Johnson, Valve COO Scott Lynch simply offered up a sardonic "You mad bro?"pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=Court+Docs+Reveal+Epic+CEO's+Anger+At+Steam's+30%25+Fees%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F14%2F2041238%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F14%2F2041238%2Fcourt-docs-reveal-epic-ceos-anger-at-steams-30-fees%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/24/03/14/2041238/court-docs-reveal-epic-ceos-anger-at-steams-30-fees?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./p

France Travail, the government agency responsible for assisting the unemployed, has fallen victim to a massive data breach exposing the personal information of up to 43 million French citizens dating back two decades, the department announced on Wednesday. The incident, which has been reported to the country's data protection watchdog (CNIL), is the latest in a series of high-profile cyber attacks targeting French government institutions and underscores the growing threat to citizens' private data. From a report: The department's statement reveals that names, dates of birth, social security numbers, France Travail identifiers, email addresses, postal addresses, and phone numbers were exposed. Passwords and banking details aren't affected, at least. That said, CNIL warned that the data stolen during this incident could be linked to stolen data in other breaches and used to build larger banks of information on any given individual. It's not clear whether the database's entire contents were stolen by attackers, but the announcement suggests that at least some of the data was extracted.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=Record+Breach+of+French+Government+Exposes+Up+To+43+Million+People's+Data%3A+https%3A%2F%2Fit.slashdot.org%2Fstory%2F24%2F03%2F14%2F187223%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fit.slashdot.org%2Fstory%2F24%2F03%2F14%2F187223%2Frecord-breach-of-french-government-exposes-up-to-43-million-peoples-data%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://it.slashdot.org/story/24/03/14/187223/record-breach-of-french-government-exposes-up-to-43-million-peoples-data?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./p

Roman Sterlingov, the founder of a $400 million crypto-mixing service called Bitcoin Fog, has been convicted of money laundering in a United State District Court on Tuesday. Other charges include money laundering conspiracy, operating an unlicensed money-transmitting business, and violations of the D.C. Money Transmitters Act. CoinTelegraph reports: Sterlingov, however, had argued throughout the trial that he was only a user of the service, and not its operator. His attorney, Tok Ekeland said in a March 12 X post that his team will appeal the verdict. According to evidence presented at the trial, Sterlingov operated Bitcoin Fog from October 2011 to April 2021, which acted as a money laundering service for "criminals seeking to hide their illicit proceeds from law enforcement." The service moved over 1.2 million Bitcoin over the decade-long operation -- worth $400 million at the time of the transactions -- with the bulk of cryptocurrency coming from darknet marketplaces tied to narcotics, computer fraud abuse and identity theft, the government said. Bitcoin Fog also served distributors of child sexual abuse material. Evidence used to convict Sterlingov found that the "vast majority" of crypto deposited to his crypto exchange accounts came from "Bitcoin clusters" associated with Bitcoin Fog. "Evidence presented at trial clearly showed that the defendant laundered hundreds of millions of illicit funds from the dark web through Bitcoin Fog in an attempt to conceal the origin of those funds," said Internal Revenue Service (IRS) Criminal Investigation Chief Jim Lee.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=Bitcoin+Fog+Crypto+Mixer+Found+Guilty+of+Money+Laundering%2C+Jury+Finds%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F13%2F2112246%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F13%2F2112246%2Fbitcoin-fog-crypto-mixer-found-guilty-of-money-laundering-jury-finds%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/24/03/13/2112246/bitcoin-fog-crypto-mixer-found-guilty-of-money-laundering-jury-finds?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./p

Connor Jones reports via The Register: Stanford University says the cybersecurity incident it dealt with last year was indeed ransomware, which it failed to spot for more than four months. Keen readers of El Reg may remember the story breaking toward the end of October 2023 after Akira posted Stanford to its shame site, with the university subsequently issuing a statement simply explaining that it was investigating an incident, avoiding the dreaded R word. Well, surprise, surprise, ransomware was involved, according to a data breach notice sent out to the 27,000 people affected by the attack. Akira targeted the university's Department of Public Safety (DPS) and this week's filing with the Office of the Maine Attorney General indicates that Stanford became aware of the incident on September 27, more than four months after the initial breach took place. According to Monday's filing, the data breach occurred on May 12 2023 but was only discovered on September 27 of last year, raising questions about whether the attacker(s) was inside the network the entire time and why it took so long to spot the intrusion. It's not fully clear what information was compromised, but the draft letters include placeholders for three different variables. However, the filing with Maine's AG suggests names and social security numbers are among the data types to have been stolen. All affected individuals have been offered 24 months of free credit monitoring, including access to a $1 million insurance reimbursement policy and ID theft recovery services. Akira's post dedicated to Stanford on its leak site claims it stole 430 GB worth of data, including personal information and confidential documents. It's all available to download via a torrent file and the fact it remains available for download suggests the research university didn't pay whatever ransom the attackers demanded.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=Stanford+University+Failed+To+Detect+Ransomware+Intruders+For+4+Months%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F13%2F2053224%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F13%2F2053224%2Fstanford-university-failed-to-detect-ransomware-intruders-for-4-months%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/24/03/13/2053224/stanford-university-failed-to-detect-ransomware-intruders-for-4-months?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./p

For decades, U.S. inventors sent in models with their patent applications -- gizmos that reveal a secret history of unmet needs and relentless innovation. The New Yorker: The ruins of American invention have been recently resurrected in a former textile mill in Wilmington, Delaware. The Henry Clay Mill, now better known as Hagley Museum and Library Visitor Center, is perched on the banks of Brandywine Creek, at the southern edge of a sprawling estate once owned by the du Pont family; just upstream lies the oldest of the dynasty's several stately homes in the region, as well as the remains of the gunpowder works upon which its fortune was built. One morning, Chris Cascio, a curator, welcomed me into the mill, where the space once occupied by cotton-picking and carding machines now houses a curious exhibit: the scavenged remainders of a much larger, long-lost museum. From 1790 to 1880, Cascio explained, the U.S. Patent Office first encouraged and then required an inventor to submit a model along with each application. These models -- thousands of miniature devices, often exquisitely detailed -- were then exhibited in Washington, D.C., in the office's model gallery. Sometimes called the "Temple of Invention," the gallery was a bustling landmark: it regularly attracted up to ten thousand visitors a month and was ranked as "the greatest permanent attraction in the city," according to one newspaper. But by the late nineteenth century it had effectively shut its doors. Hagley's latest exhibit, "Nation of Inventors," is the largest permanent public display of patent models since that time. [...] The U.S. system was also unique in that no other country required a model to accompany a patent application. The reasons why soon became clear. As early as the eighteen-thirties, the collection had outgrown the Patent Office's cramped headquarters at the former Blodgett's Hotel. In 1836, a fire destroyed at least seven thousand models, but, rather than abandon the requirement, the Patent Office doubled down, securing congressional funding to reconstruct the models and laying the foundations for a truly monumental building, with a facade modelled after the Parthenon. The structure, which now houses the Smithsonian's American Art Museum and the National Portrait Gallery, occupies an entire city block. In the engineer Pierre L'Enfant's master plan for the capital, it was intended to serve as a kind of nondenominational "church of the republic," between the White House on one side and the Capitol on the other.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=America's+Last+Top+Models%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F13%2F1959225%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F13%2F1959225%2Famericas-last-top-models%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/24/03/13/1959225/americas-last-top-models?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./p

The U.S. House of Representatives overwhelmingly passed a bill on Wednesday that would give TikTok's Chinese owner ByteDance about six months to divest the U.S. assets of the short-video app used by about 170 million Americans or face a ban. From a report: The bill passed 352-65, with bipartisan support, but it faces a more uncertain path in the Senate where some favor a different approach to regulating foreign-owned apps that could pose security concerns. Democratic Senate Majority Leader Chuck Schumer has not indicated how he plans to proceed. TikTok's fate has become a major issue in Washington. Democratic and Republican lawmakers said their offices had received large volumes of calls from teenaged TikTok users who oppose the legislation, with the volume of complaints at times exceeding the number of calls seeking a ceasefire between Israel and Hamas in Gaza. The measure is also the latest in a series of moves in Washington to respond to U.S. national security concerns about China, from connected vehicles to advanced artificial intelligence chips to cranes at U.S. ports. The vote comes just over a week since the bill was proposed following one public hearing with little debate, and after action in Congress had stalled for more than a year. Last month, President Joe Biden's re-election campaign joined TikTok, raising hopes among TikTok officials that legislation was unlikely this year.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=US+House+Passes+Bill+To+Force+ByteDance+To+Divest+TikTok+or+Face+Ban%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F13%2F1448216%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F13%2F1448216%2Fus-house-passes-bill-to-force-bytedance-to-divest-tiktok-or-face-ban%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/24/03/13/1448216/us-house-passes-bill-to-force-bytedance-to-divest-tiktok-or-face-ban?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./p

An anonymous reader quotes a report from Reuters: The New York Times has denied claims by OpenAI that it "hacked" the company's artificial intelligence systems to create misleading evidence of copyright infringement, calling the accusation as "irrelevant as it is false." The Times in a court filing on Monday said OpenAI was "grandstanding" in its request to dismiss parts of the newspaper's lawsuit alleging its articles were misused for artificial intelligence training. The Times sued OpenAI and its largest financial backer Microsoft in December, accusing them of using millions of its articles without permission to train chatbots to provide information to users. The newspaper is among several prominent copyright owners including authors, visual artists and music publishers that have sued tech companies over the alleged misuse of their work in AI training. The Times' complaint cited several instances in which programs like OpenAI's popular chatbot ChatGPT gave users near-verbatim excerpts of its articles when prompted. OpenAI responded last month that the Times had paid an unnamed "hired gun" to manipulate its products into reproducing the newspaper's content. It asked the court to dismiss parts of the case, including claims that its AI-generated content infringes the Times' copyrights. "In the ordinary course, one cannot use ChatGPT to serve up Times articles at will," OpenAI said. The company also said it would eventually prove that its AI training made fair use of copyrighted content. The Times replied on Monday that it had simply used the "first few words or sentences" of its articles to prompt ChatGPT to recreate them. "OpenAI's true grievance is not about how The Times conducted its investigation, but instead what that investigation exposed: that Defendants built their products by copying The Times's content on an unprecedented scale -- a fact that OpenAI does not, and cannot, dispute," the Times said.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=New+York+Times+Denies+OpenAI's+'Hacking'+Claim+In+Copyright+Fight%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F12%2F204222%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F12%2F204222%2Fnew-york-times-denies-openais-hacking-claim-in-copyright-fight%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/24/03/12/204222/new-york-times-denies-openais-hacking-claim-in-copyright-fight?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./p

Over 15,000 Roku customers were hacked and used to make fraudulent purchases of hardware and streaming subscriptions. According to BleepingComputer, the threat actors were "selling the stolen accounts for as little as $0.50 per account, allowing purchasers to use stored credit cards to make illegal purchases." From the report: On Friday, Roku first disclosed the data breach, warning that 15,363 customer accounts were hacked in a credential stuffing attack. A credential stuffing attack is when threat actors collect credentials exposed in data breaches and then attempt to use them to log in to other sites, in this case, Roku.com. The company says that once an account was breached, it allowed threat actors to change the information on the account, including passwords, email addresses, and shipping addresses. This effectively locked a user out of the account, allowing the threat actors to make purchases using stored credit card information without the legitimate account holder receiving order confirmation emails. "It appears likely that the same username/password combinations had been used as login information for such third-party services as well as certain individual Roku accounts," reads the data breach notice. "As a result, unauthorized actors were able to obtain login information from third-party sources and then use it to access certain individual Roku accounts. "After gaining access, they then changed the Roku login information for the affected individual Roku accounts, and, in a limited number of cases, attempted to purchase streaming subscriptions." Roku says that it secured the impacted accounts and forced a password reset upon detecting the incident. Additionally, the platform's security team investigated for any charges due to unauthorized purchases performed by the hackers and took steps to cancel the relevant subscriptions and refund the account holders. A researcher told BleepingComputer last week that the threat actors have been using a Roku config to perform credential stuffing attacks for months, bypassing brute force attack protections and captchas by using specific URLs and rotating through lists of proxy servers. Successfully hacked accounts are then sold on stolen account marketplaces for as little as 50 cents, as seen below where 439 accounts are being sold. The seller of these accounts provides information on how to change information on the account to make fraudulent purchases. Those who purchase the stolen accounts hijack them with their own information and use stored credit cards to purchase cameras, remotes, soundbars, light strips, and streaming boxes. After making their purchases, it is common for them to share screenshots of redacted order confirmation emails on Telegram channels associated with the stolen account marketplaces.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=Over+15%2C000+Roku+Accounts+Sold+To+Buy+Streaming+Subscriptions%2C+Devices%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F11%2F2319210%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F11%2F2319210%2Fover-15000-roku-accounts-sold-to-buy-streaming-subscriptions-devices%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/24/03/11/2319210/over-15000-roku-accounts-sold-to-buy-streaming-subscriptions-devices?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./p

An anonymous reader quotes a report from TechCrunch: A lengthy investigation into the European Union's use of Microsoft 365 has found the Commission breached the bloc's data protection rules through its use of the cloud-based productivity software. Announcing its decision in a press release today, the European Data Protection Supervisor (EDPS) said the Commission infringed "several key data protection rules when using Microsoft 365." "The Commission did not sufficiently specify what types of personal data are to be collected and for which explicit and specified purposes when using Microsoft 365," the data supervisor, Wojciech Wiewiorowski, wrote, adding: "The Commission's infringements as data controller also relate to data processing, including transfers of personal data, carried out on its behalf." The EDPS has imposed corrective measures requiring the Commission to address the compliance problems it has identified by December 9 2024, assuming it continues to use Microsoft's cloud suite. The regulator, which oversees' EU institutions' compliance with data protection rules, opened a probe of the Commission's use of Microsoft 365 and other U.S. cloud services back in May 2021. [...] The Commission confirmed receipt of the EDPB's decision and said it will need to analyze the reasoning "in detail" before taking any decision on how to proceed. In a series of statements during a press briefing, it expressed confidence that it complies with "the applicable data protection rules, both in fact and in law." It also said "various improvements" have been made to contracts, with the EDPS, during its investigation. "We have been cooperating fully with the EDPS since the start of the investigation, by providing all relevant documents and information to the EDPS and by following up on the issues that have been raised in the course of the investigation," it said. "The Commission has always been ready to implement, and grateful for receiving, any substantiated recommendation from the EDPS. Data protection is a top priority for the Commission." "The Commission has always been fully committed to ensuring that its use of Microsoft M365 is compliant with the applicable data protection rules and will continue to do so. The same applies to all other software acquired by the Commission," it went on, further noting: "New data protection rules for the EU institutions and bodies came into force on 11 December 2018. The Commission is actively pursuing ambitious and safe adequacy frameworks with international partners. The Commission applies those rules in all its processes and contracts, including with individual companies such as Microsoft." While the Commission's public statements reiterated that it's committed to compliance with its legal obligations, it also claimed that "compliance with the EDPS decision unfortunately seems likely to undermine the current high level of mobile and integrated IT services." "This applies not only to Microsoft but potentially also to other commercial IT services. But we need to first analyze the decision's conclusions and the underlying reasons in detail. We cannot provide further comments until we have concluded the analysis," it added.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=EU's+Use+of+Microsoft+365+Found+To+Breach+Data+Protection+Rules%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F11%2F2026249%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F11%2F2026249%2Feus-use-of-microsoft-365-found-to-breach-data-protection-rules%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/24/03/11/2026249/eus-use-of-microsoft-365-found-to-breach-data-protection-rules?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./p

Controversial eyeball scanning startup Worldcoin has failed to get an injunction against a temporary suspension ordered Wednesday by Spain's data protection authority, the AEPD. TechCrunch: The authority used emergency powers contained in the European Union's General Data Protection Regulation (GDPR) to make the local order, which can apply for up to three months. It said it was taking the precautionary measure against Worldcoin's operator, Tools for Humanity, in light of the sensitive nature of the biometric data being collected, which could pose a high risk to the rights and freedoms of individuals. It also raised specific concerns about risks to minors, citing complaints received. Today a Madrid-based High Court declined to grant an injunction against the AEPD's order, saying that the "safeguarding of public interest" must be prioritized. As we reported Friday, the crypto blockchain biometrics digital identity firm shuttered scanning in the market shortly after the AEPD order -- which gave it 72 hours to comply. Today's court decision means Worldcoin's services remain suspended in Spain -- for up to three months.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=Worldcoin+Fails+To+Get+Injunction+Against+Spain's+Privacy+Suspension%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F11%2F1926208%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F11%2F1926208%2Fworldcoin-fails-to-get-injunction-against-spains-privacy-suspension%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/24/03/11/1926208/worldcoin-fails-to-get-injunction-against-spains-privacy-suspension?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./p

The U.S. government must move "quickly and decisively" to avert substantial national security risks stemming from artificial intelligence (AI) which could, in the worst case, cause an "extinction-level threat to the human species," says a report commissioned by the U.S. government published on Monday. Time: "Current frontier AI development poses urgent and growing risks to national security," the report, which TIME obtained ahead of its publication, says. "The rise of advanced AI and AGI [artificial general intelligence] has the potential to destabilize global security in ways reminiscent of the introduction of nuclear weapons." AGI is a hypothetical technology that could perform most tasks at or above the level of a human. Such systems do not currently exist, but the leading AI labs are working toward them and many expect AGI to arrive within the next five years or less. The three authors of the report worked on it for more than a year, speaking with more than 200 government employees, experts, and workers at frontier AI companies -- like OpenAI, Google DeepMind, Anthropic and Meta -- as part of their research. Accounts from some of those conversations paint a disturbing picture, suggesting that many AI safety workers inside cutting-edge labs are concerned about perverse incentives driving decisionmaking by the executives who control their companies. The finished document, titled "An Action Plan to Increase the Safety and Security of Advanced AI," recommends a set of sweeping and unprecedented policy actions that, if enacted, would radically disrupt the AI industry. Congress should make it illegal, the report recommends, to train AI models using more than a certain level of computing power. The threshold, the report recommends, should be set by a new federal AI agency, although the report suggests, as an example, that the agency could set it just above the levels of computing power used to train current cutting-edge models like OpenAI's GPT-4 and Google's Gemini. The new AI agency should require AI companies on the "frontier" of the industry to obtain government permission to train and deploy new models above a certain lower threshold, the report adds. Authorities should also "urgently" consider outlawing the publication of the "weights," or inner workings, of powerful AI models, for example under open-source licenses, with violations possibly punishable by jail time, the report says. And the government should further tighten controls on the manufacture and export of AI chips, and channel federal funding toward "alignment" research that seeks to make advanced AI safer, it recommends.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=US+Must+Move+'Decisively'+To+Avert+'Extinction-Level'+Threat+From+AI%2C+Gov't-Commissioned+Report+Says%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F11%2F185217%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F11%2F185217%2Fus-must-move-decisively-to-avert-extinction-level-threat-from-ai-govt-commissioned-report-says%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/24/03/11/185217/us-must-move-decisively-to-avert-extinction-level-threat-from-ai-govt-commissioned-report-says?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./p

Airbnb will no longer allow hosts to use indoor security cameras, regardless of where they're placed or what they're used for. In an update on Monday, Airbnb says the change to "prioritize the privacy" of renters goes into effect on April 30th. From a report: The vacation rental app previously let hosts install security cameras in "common areas" of listings, including hallways, living rooms, and front doors. Airbnb required hosts to disclose the presence of security cameras in their listings and make them clearly visible, and it prohibited hosts from using cameras in bedrooms and bathrooms. But now, hosts can't use indoor security cameras at all. The change comes after numerous reports of guests finding hidden cameras within their rental, leading some vacation-goers to scan their rooms for cameras. Airbnb's new policy also introduces new rules for outdoor security cameras, and will now require hosts to disclose their use and locations before guests book a listing. Hosts can't use outdoor cams to keep tabs on indoor spaces, either, nor can they use them in "certain outdoor areas where there's a great expectation of privacy," such as an outdoor shower or sauna.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=Airbnb+is+Banning+Indoor+Security+Cameras%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F11%2F1627246%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F11%2F1627246%2Fairbnb-is-banning-indoor-security-cameras%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/24/03/11/1627246/airbnb-is-banning-indoor-security-cameras?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./p

CNN's national security analyst interviewed a U.S. intelligence officer who worked on the newly-released Defense report debunking UFO sightings mdash; physicist Sean Kirkpatrick. He tells CNN "about two to five percent" of UFO reports are "truly anomalous." But CNN adds that "he thinks explanations for that small percentage will most likely be found right here on Earth..." This is how Kirkpatrick and his team explain the Roswell incident, which plays a prominent role in UFO lore. That's because, in 1947, a U.S. military news release stated that a flying saucer had crashed near Roswell Army Air Field in New Mexico. A day later, the Army retracted the story and said the crashed object was a weather balloon. Newspapers ran the initial saucer headline, followed up with the official debunking, and interest in the case largely died down. Until 1980, that is, when a pair of UFO researchers published a book alleging that alien bodies had been recovered from the Roswell wreckage and that the U.S. government had covered up the evidence. Kirkpatrick says his office dug deep into the Roswell incident and found that in the late 1940s and early 1950s, there were a lot of things happening near the Roswell Airfield. There was a spy program called Project Mogul, which launched long strings of oddly shaped metallic balloons. They were designed to monitor Soviet nuclear tests and were highly secret. At the same time, the U.S. military was conducting tests with other high-altitude balloons that carried human test dummies rigged with sensors and zipped into body-sized bags for protection against the elements. And there was at least one military plane crash nearby with 11 fatalities. Echoing earlier government investigations, Kirkpatrick and his team concluded that the crashed Mogul balloons, the recovery operations to retrieve downed test dummies and glimpses of the charred aftermath of that real plane crash likely combined into a single false narrative about a crashed alien spacecraft... Since 2020, the Pentagon has standardized, de-stigmatized and increased the volume of reporting on UFOs by the U.S. military. Kirkpatrick says that's the reason the closely covered and widely-mocked Chinese spy balloon was spotted in the first place last year. The incident shows that the U.S. government's policy of taking UFOs seriously is actually working. The pattern keeps repeating. "Kirkpatrick says, his investigation found that most UFO sightings are of advanced technology that the U.S. government needs to keep secret, of aircraft that rival nations are using to spy on the U.S. or of benign civilian drones and balloons." ("What's more likely?" asked Kirkpatrick. "The fact that there is a state-of-the-art technology that's being commercialized down in Florida that you didn't know about, or we have extraterrestrials?") But the greatest irony may be that "stories about these secret programs spread inside the Pentagon, got embellished and received the occasional boost from service members who'd heard rumors about or caught glimpses of seemingly sci-fi technology or aircraft. And Kirkpatrick says his investigators ultimately traced this game of top-secret telephone back to fewer than a dozen people... [F]or decades, UFO true believers have been telling us there's a U.S. government conspiracy to hide evidence of aliens. But mdash; if you believe Kirkpatrick mdash; the more mundane truth is that these stories are being pumped up by a group of UFO true believers in and around government."pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=US+Intelligence+Officer+Explains+Roswell%2C+UFO+Sightings%3A+https%3A%2F%2Fscience.slashdot.org%2Fstory%2F24%2F03%2F09%2F194239%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fscience.slashdot.org%2Fstory%2F24%2F03%2F09%2F194239%2Fus-intelligence-officer-explains-roswell-ufo-sightings%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://science.slashdot.org/story/24/03/09/194239/us-intelligence-officer-explains-roswell-ufo-sightings?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./p

A Toronto Sun columnist writes that two Canadian civil liberties groups are "sounding alarms" about the proposed new Online Harms Act (C-63): The Canadian Civil Liberties Association (CCLA) and the Canadian Constitution Foundation (CCF) say while the proposed legislation contains legitimate measures to protect children from online sexual abuse, cyber-bulling and self-harm, and to combat the spread of so-called "revenge porn," its provisions to prevent the expression of hate are draconian, vaguely worded and an attack on free speech... "[D]on't be fooled," said CCF executive director Joanna Baron. "Most of the bill is aimed at restricting freedom of expression. This heavy-handed bill needs to be severely pared down to comply with the constitution." Both the CCLA and CCF warn the bill could lead to life imprisonment for someone convicted of "incitement to genocide" mdash; a vague term only broadly defined in the bill mdash; and up to five years in prison for other vaguely defined hate speech crimes. The legislation, for example, defines illegal hate speech as expressing "detestation or vilification of an individual or group of individuals," while legally protected speech, "expresses dislike or disdain, or ... discredits, humiliates, hurts or offends." The problem, critics warn, will be determining in advance which is which, with the inevitable result that people and organizations will self-censor themselves because of fear of being prosecuted criminally, or fined civilly, for what is actually legal speech. "Both the CCLA and the CCF say the proposed legislation, known as Bill C-63, will require major amendments before becoming law to pass constitutional muster," according to the columnist. Some specific complains: The CCF argues that the Bill "would allow judges to put prior restraints on people who they believe on reasonable grounds may commit speech crimes in the future." The CCLA adds that the proposed bill also grants authorities "sweeping new search powers of electronic data, with no warrant requirement," according to the Toronto Sun, and also warns about the creation of a government-appointed "digital safety commission" given "vast authority" and "sweeping powers" to "interpret the law, make up new rules, enforce them, and then serve as judge, jury, and executioner." And in addition, the CCF points out under the proposed rules the Canadian Human Rights Commission "could order fines of up to $50,000, and awards of up to $20,000 paid to complainants, who in some cases would be anonymous." "Findings would be based on a mere 'balance of probabilities' standard rather than the criminal standard of proof beyond a reasonable doubt... The mere threat of human rights complaints will chill large amounts of protected speech." Thanks to long-time Slashdot reader sinij for sharing the article.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=Canada's+'Online+Harms'+Bill+Would+Be+an+Assault+On+Free+Speech%2C+Civil+Liberties+Groups+Say%3A+https%3A%2F%2Fnews.slashdot.org%2Fstory%2F24%2F03%2F10%2F2352240%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fnews.slashdot.org%2Fstory%2F24%2F03%2F10%2F2352240%2Fcanadas-online-harms-bill-would-be-an-assault-on-free-speech-civil-liberties-groups-say%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://news.slashdot.org/story/24/03/10/2352240/canadas-online-harms-bill-would-be-an-assault-on-free-speech-civil-liberties-groups-say?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./p

Legislation proposed in California "aims to repeal Daylight saving time and put California permanently on Standard time," reports a San Diego news station: In November 2018, California voters passed Prop 7, a measure that would allow the state legislature to change Daylight saving time by either keeping it year-round or getting rid of it altogether. However, this measure also requires approval by the U.S. Congress if California were to opt for year-round Daylight Saving Time. So far, nothing has materialized. "I am really, really passionate about this bill," said State Assembly Member Tri Ta, who added it is finally time to listen to the will of the voters. He has drafted new legislation that to do away with twice-yearly time changes. However, his bill would put the Golden State onto year-round Standard time: a move that would not require federal action. Oregon and Washington state are also considering similar moves [though Oregon's bill appears stalled]. "If my bill is passed, we do not need congressional approval," Ta told CBS 8, "so that's a win-win for everyone...." Ta said that his bill has the support of the California Medical Association, as well as sleep experts who say Standard time syncs better with our natural clocks. "So why don't we go along with science?" Ta added. "That's what I believe." One things most people seem to agree on: it's time to stop changing our clocks, which research has shown leads to higher rates of accidents as well as increased health risks. "While this new bill continues to work its way through Sacramento, Daylight saving time is still a go here in California," the article points out, "starting 2 a.m. Sunday, when we set our clocks forward one hour." But USA Today adds that across the rest of the country, "Most Americans mdash; 62% mdash; are in favor of ending the time change, according to an Economist/YouGov poll from last year."pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=California+State+Legislator+Proposes+Ending+Daylight+Saving+Time%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F09%2F2311200%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F09%2F2311200%2Fcalifornia-state-legislator-proposes-ending-daylight-saving-time%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/24/03/09/2311200/california-state-legislator-proposes-ending-daylight-saving-time?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./p

An anonymous reader shared this report from the Guardian: The U.S. is not secretly hiding alien technology or extraterrestrial beings from the public, according to a defense department report. On Friday, the Pentagon 'published the findings of an investigation conducted by the All-Domain Anomaly Resolution Office (AARO), a government office established in 2022 to detect and, as necessary, mitigate threats including "anomalous, unidentified space, airborne, submerged and transmedium objects".... AARO investigators, which were "granted full access to all pertinent sensitive [U.S. government] programs", reviewed all official government investigatory efforts since 1945. Investigators also researched classified and unclassified archives, conducted approximately 30 interviews, and collaborated with intelligence community and defense department officials responsible for controlled and special access program oversight, the report revealed. NPR writes that "Many of the sightings turned out to be drones, weather balloons, spy planes, satellites, rockets and planets, according to the report..." "AARO has found no evidence that any U.S. government investigation, academic-sponsored research, or official review panel has confirmed that any sighting of a UAP represented extraterrestrial technology," Pentagon Press Secretary Maj. Gen. Pat Ryder said in a statement Friday. All investigative efforts concluded that most sightings were ordinary objects and the result of misidentification, Ryder said... The office plans to publish a second volume of the report later this year that covers findings from interviews and research done between November 2023 and April 2024." The report finds no evidence of any confirmed alien technology, the Guardian notes: It added that sensors and visual observations are imperfect, the vast majority of cases lack actionable data and such available data is limited or of poor quality. The report also said resources and staffing for such programs have largely been irregular and sporadic and that the vast majority of reports "almost certainly" are the result of misidentification. In addition, the report found "no empirical evidence for claims that the [U.S. government] and private companies have been reverse-engineering extraterrestrial technology"... The report's public release comes as AARO's acting director, Timothy Phillips, told reporters on Wednesday that the US military is developing a UFO sensor and detection system called Gremlin. "If we have a national security site and there are objects being reported that [are] within restricted airspace or within a maritime range or within the proximity of one of our spaceships, we need to understand what that is ... and so that's why we're developing sensor capability that we can deploy in reaction to reports," Phillips said, CNN reports.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=New+US+Defense+Department+Report+Found+'No+Evidence'+of+Alien+Technology%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F09%2F0637244%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F09%2F0637244%2Fnew-us-defense-department-report-found-no-evidence-of-alien-technology%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/24/03/09/0637244/new-us-defense-department-report-found-no-evidence-of-alien-technology?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./p

An anonymous reader shared this report from the Guardian: The U.S. is not secretly hiding alien technology or extraterrestrial beings from the public, according to a defense department report. On Friday, the Pentagon 'published the findings of an investigation conducted by the All-Domain Anomaly Resolution Office (AARO), a government office established in 2022 to detect and, as necessary, mitigate threats including "anomalous, unidentified space, airborne, submerged and transmedium objects".... AARO investigators, which were "granted full access to all pertinent sensitive [U.S. government] programs", reviewed all official government investigatory efforts since 1945. Investigators also researched classified and unclassified archives, conducted approximately 30 interviews, and collaborated with intelligence community and defense department officials responsible for controlled and special access program oversight, the report revealed. NPR writes that "Many of the sightings turned out to be drones, weather balloons, spy planes, satellites, rockets and planets, according to the report..." "AARO has found no evidence that any U.S. government investigation, academic-sponsored research, or official review panel has confirmed that any sighting of a UAP represented extraterrestrial technology," Pentagon Press Secretary Maj. Gen. Pat Ryder said in a statement Friday. All investigative efforts concluded that most sightings were ordinary objects and the result of misidentification, Ryder said... The office plans to publish a second volume of the report later this year that covers findings from interviews and research done between November 2023 and April 2024." The report finds no evidence of any confirmed alien technology, the Guardian notes: It added that sensors and visual observations are imperfect, the vast majority of cases lack actionable data and such available data is limited or of poor quality. The report also said resources and staffing for such programs have largely been irregular and sporadic and that the vast majority of reports "almost certainly" are the result of misidentification. In addition, the report found "no empirical evidence for claims that the [U.S. government] and private companies have been reverse-engineering extraterrestrial technology"... The report's public release comes as AARO's acting director, Timothy Phillips, told reporters on Wednesday that the US military is developing a UFO sensor and detection system called Gremlin. "If we have a national security site and there are objects being reported that [are] within restricted airspace or within a maritime range or within the proximity of one of our spaceships, we need to understand what that is ... and so that's why we're developing sensor capability that we can deploy in reaction to reports," Phillips said, CNN reports.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=New+US+Defense+Department+Report+Finds+'No+Evidence'+of+Alien+Technology%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F09%2F0637244%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F09%2F0637244%2Fnew-us-defense-department-report-finds-no-evidence-of-alien-technology%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/24/03/09/0637244/new-us-defense-department-report-finds-no-evidence-of-alien-technology?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./p

An anonymous Slashdot reader shared this article from Live Science: Manufacturers will no longer use harmful "forever chemicals" in food packaging products in the U.S., according to the U.S. Food and Drug Administration (FDA). In a statement released February 28, the agency declared that grease-proofing materials that contain per- and polyfluoroalkyl substances (PFAS) will not be used in new food packaging sold in the U.S. These include PFAS used in fast-food wrappers, microwave popcorn bags, takeout boxes and pet food bags. The FDA's announcement marks the completion of a voluntary phase-out of the materials by U.S. food packaging manufacturers. This action will eliminate the "major source of dietary exposure to PFAS," Jim Jones, deputy commissioner for human foods at the FDA, said in an associated statement. Companies told the FDA that it could take up to 18 months to completely exhaust the market supply of these products following their final date of sale. However, most of the affected manufacturers phased out the products faster than they initially predicted, the agency noted... The FDA's new announcement marks a "huge win for the public," Graham Peaslee, a professor of physics at the University of Notre Dame who studies PFAS, told The Washington Post. pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=PFAS+'Forever+Chemicals'+To+Officially+Be+Removed+from+Food+Packaging%2C+FDA+Says%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F09%2F2240238%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F03%2F09%2F2240238%2Fpfas-forever-chemicals-to-officially-be-removed-from-food-packaging-fda-says%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/24/03/09/2240238/pfas-forever-chemicals-to-officially-be-removed-from-food-packaging-fda-says?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./p

" A federal agency in charge of cybersecurity discovered it was hacked last month..." reports CNN. Last month the U.S. Department of Homeland Security experienced a breach at its Cybersecurity and Infrastructure Security Agency, reports the Record, "through vulnerabilities in Ivanti products, officials said..." "The impact was limited to two systems, which we immediately took offline," the spokesperson said. We continue to upgrade and modernize our systems, and there is no operational impact at this time." "This is a reminder that any organization can be affected by a cyber vulnerability and having an incident response plan in place is a necessary component of resilience." CISA declined to answer a range of questions about who was behind the incident, whether data had been accessed or stolen and what systems were taken offline. Ivanti makes software that organizations use to manage IT, including security and system access. A source with knowledge of the situation told Recorded Future News that the two systems compromised were the Infrastructure Protection (IP) Gateway, which houses critical information about the interdependency of U.S. infrastructure, and the Chemical Security Assessment Tool (CSAT), which houses private sector chemical security plans. CISA declined to confirm or deny whether these are the systems that were taken offline. CSAT houses some of the country's most sensitive industrial information, including the Top Screen tool for high-risk chemical facilities, Site Security Plans and the Security Vulnerability Assessments. CISA said organizations should review an advisory the agency released on February 29 warning that threat actors are exploiting previously identified vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure gateways including CVE-2023-46805, CVE-2024-21887 and CVE-2024-21893. "Last week, several of the world's leading cybersecurity agencies revealed that hackers had discovered a way around a tool Ivanti released to help organizations check if they had been compromised," the article points out. The statement last week from CISA said the agency "has conducted independent research in a lab environment validating that the Ivanti Integrity Checker Tool is not sufficient to detect compromise and that a cyber threat actor may be able to gain root-level persistence despite issuing factory resets." UPDATE: The two systems run on older technology that was already set to be replaced, sources told CNN..." While there is some irony in it, even cybersecurity agencies or officials can be victims of hacking. After all, they rely on the same technology that others do. The US' top cybersecurity diplomat Nate Fick said last year that his personal account on social media platform X was hacked, calling it part of the "perils of the job." pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=US+Cybersecurity+Agency+Forced+to+Take+Two+Systems+Offline+Last+Month+After+Ivanti+Compromise%3A+https%3A%2F%2Fit.slashdot.org%2Fstory%2F24%2F03%2F09%2F1945235%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fit.slashdot.org%2Fstory%2F24%2F03%2F09%2F1945235%2Fus-cybersecurity-agency-forced-to-take-two-systems-offline-last-month-after-ivanti-compromise%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://it.slashdot.org/story/24/03/09/1945235/us-cybersecurity-agency-forced-to-take-two-systems-offline-last-month-after-ivanti-compromise?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./p

Roughly $138 billion in U.S. student loan debt has now been cancelled, reports CNN. "That's about one-third of the $430 billion that would've been canceled under the president's one-time forgiveness plan, which was struck down by the Supreme Court last year." It's 9% of all outstanding federal student loan debt, according to the article, "wiping out debts for about 3.9 million borrowers mdash; by using a number of existing programs that aim to offer debt relief for certain groups of struggling borrowers..." What President Biden has been doing mdash; before and after the Supreme Court ruling mdash; is using existing student loan forgiveness programs to deliver relief to certain groups of borrowers, like public-sector workers (through the Public Service Loan Forgiveness program) and borrowers who were defrauded by their college (through the borrower defense to repayment program). His administration also made discharges for borrowers who are totally and permanently disabled. None of these programs expire, meaning they will help qualifying borrowers now and in the future. In some cases, Biden's administration has expanded the reach of these programs, making more borrowers eligible. And in other cases, it has made an effort to correct past administrative errors made to borrowers' student loan accounts by conducting a one-time recount of borrowers' past payments. This effort helps make sure people receive the loan forgiveness they may already qualify for by having made at least 20 years of payments in an income-driven plan, which calculates monthly payment amounts based on a borrower's income and family size, rather than the amount owed. The recount is expected to be completed by July... Last year, the administration created a new income-driven repayment plan. Known as SAVE, the new plan offers the most generous terms for low-income borrowers. Those who originally borrowed $12,000 or less will see their remaining debt canceled after making payments for at least 10 years... [The administration] is working on implementing another path toward a broad student loan forgiveness program, this time relying on a different legal authority in hopes that this attempt holds up in court. This proposal is currently making its way through a lengthy rulemaking process and has yet to be finalized.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=How+%24138B+in+US+Student+Loans+Were+Cancelled+-+Roughly+One-Third+of+Planned+Amount%3A+https%3A%2F%2Fnews.slashdot.org%2Fstory%2F24%2F03%2F09%2F0440246%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fnews.slashdot.org%2Fstory%2F24%2F03%2F09%2F0440246%2Fhow-138b-in-us-student-loans-were-cancelled---roughly-one-third-of-planned-amount%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://news.slashdot.org/story/24/03/09/0440246/how-138b-in-us-student-loans-were-cancelled---roughly-one-third-of-planned-amount?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./p