The U.S. yet yet to pass even a basic internet-era privacy law — or regulate data brokers. And while there’s a lot of misdirection and pretense to the contrary, the primary reason is (1) because the U.S. government is too corrupt; and (2) because the U.S. government really enjoys being able to purchase massive amounts of sensitive citizen data from data brokers without having to get a pesky warrant.

Colorado’s bill is one of the most expansive passed in the US.

Networks in China and Iran also used AI models to create and post disinformation but campaigns did not reach large audiences

The deal has parallels to Apple's infamous search deal with Google.

Amazon has received approval from the U.S. Federal Aviation Administration (FAA) to fly its delivery drones longer distances.

At least seven journalists and activists who have been vocal critics of the Kremlin and its allies have been targeted inside the EU by a state using Pegasus, the hacking spyware made by Israel’s NSO Group, according to a new report by security researchers.

The targets of the hacking attempts – who were first alerted to the attempted cyber-intrusions after receiving threat notifications from Apple on their iPhones – include Russian, Belarusian, Latvian and Israeli journalists and activists inside the EU.

Pegasus is considered one of the most sophisticated cyberweapons in the world, and is operated by countries who acquire the technology from NSO. The company says it is meant to be used for legitimate reasons, such as fighting crime. But researchers have documented hundreds of cases in which operators of the spyware, including states inside the EU, have allegedly used it for other purposes, including spying on political opponents and journalists.

Researchers said they could not definitively identify the state or state agency behind the latest hacking attempts, but they said technical indicators suggested the attempts may have been made by the same NSO client. The developments follow a similar report last year that found Pegasus spyware had been used by an operator inside the EU to target Galina Timchenko, the award-winning Russian journalist and co-founder of the news website Meduza.

The investigation into the latest attempted cyber-attacks was conducted by the digital civil rights campaigners Access Now, the Citizen Lab at the University of Toronto’s Munk School, and Nikolai Kvantaliani, an independent security analyst.

When it is successfully deployed, Pegasus can hack into any phone, access photos and mobile phone calls, detect a person’s location, and activate a user’s recorder, turning the phone into a listening device.

The company was placed on a blacklist by the Biden administration in 2021. It is also being sued by WhatsApp and Apple, in cases that it has disputed and that are being litigated in US courts.

While Russia might seem to be the most logical possible state behind the latest series of attacks, researchers have focused their attention within the EU and say they do not believe that Russia or Belarus are NSO customers. While Latvia appears to have access to Pegasus, it is not known for targeting individuals outside its borders. Estonia is also a known user of Pegasus and, researchers said, appears to use the spyware “extensively” outside its borders, including in Europe.

One Russian target, a journalist who lives in exile in Vilnius and has decided to remain anonymous due to personal safety concerns, received two Apple threat notifications, with the latest on 10 April 2024, according to the researchers. An analysis of the journalist’s mobile phone confirmed an attempted infection on 15 June 2023. The journalist attended a conference for Russian journalists in exile in Riga, Latvia the next day, focusing on the vulnerabilities facing journalists in the region.

Two Belarusian members of civil society living in Warsaw also received Apple notifications on 31 October 2023. Opposition politician and activist Andrei Sannikov, who ran for the presidency of Belarus in 2010 and was arrested and held by the Belarusian KGB after the poll, had his phone infected on or about 7 September 2021. It was not discovered for two years, he said.

"Even if it is Estonia or Lithuania, or Latvia or Poland, it does not exclude that it is the FSB or KGB [behind it],” Sannikov said. Asked whether the spate of attacks indicated that an intelligence or law enforcement agency within the EU had been infiltrated by Russia or its allies, he added: “Yes of course. It is I think common knowledge that the western institutions are heavily infiltrated and so [are] opposition circles, as well.”

Natalia Radzina, editor-in-chief of the independent Belarusian media website Charter97.org, and winner of the international press freedom award from the Committee to Protect Journalists, was infected with Pegasus twice in late 2022 and in early 2023.

Radzina called the infections a violation of privacy that was reminiscent of previous intrusions in Belarus, where she was politically persecuted and imprisoned by the KGB.

“I know that for many years my absolutely legal journalistic activity can only be of interest to the Belarusian and Russian special services, and I am only afraid of possible cooperation in this matter between the current operators, whoever they are, with the KGB or the FSB,” she said.

Three other journalists living in Riga also received Apple threat notifications: Evgeny Erlikh, an Israeli-Russian journalist; Evgeny Pavlov, a Latvian journalist, and Maria Epifanova, general director of Novaya Gazeta Europe.

NSO, which is regulated by the Israel’s ministry of defence, says it sells its spyware to vetted law enforcement agencies strictly for the purposes of preventing crime and terror attacks. It said it could not confirm or deny the identities of any alleged specific customers, but that it wanted to emphasise that NSO only sells its products to “allies of Israel and the US”.

The company also provided the Guardian with a copy of a letter it had sent to Ivan Kolpakov, the editor-in-chief of Meduza, in response to his letter to the company. NSO’s deputy general counsel Chaim Gelfand said the company was “deeply troubled by any allegation of potential misuse of our system” and said he would immediately review information Kolpakov had provided to him and initiate an investigation “if warranted”. The company could not, he said, substantiate or refute any allegations without additional information.

Gelfand added: “NSO Group is committed to upholding human rights and protecting vulnerable individuals and communities, including journalists who play a crucial role in promoting and protecting these rights.”

Latest generation of products not becoming part of people’s "routine internet use", researchers say.

Another body to add to the Google Graveyard™. Anyone ever actually use this feature?

The leak reportedly details what data Google collects for ranking.

You can grab the documents from: https://github.com/yoshi-code-bot/elixir-google-api/commit/d7a637f4391b2174a2cf43ee11e6577a204a161e

A flaw with the digital wallet and a bit of luck did the trick.

US officials say army of 19 million infected computers enabled fraud, identity theft and child exploitation.

Authorities in the United States have announced the dismantling of a global network of 19 million infected computers used to facilitate and cover up cybercrimes including fraud, identity theft and child exploitation.

Yunhe Wang, 35, was arrested on Friday for allegedly running the botnet known as “911 S5”, the US Department of Justice said on Wednesday.

Wang is alleged to have run the botnet comprising infected IP addresses in more than 190 countries over an eight-year period from 2014, generating millions of dollars offering cybercriminals access to the network for a fee.

Wang is alleged to have generated $99m through the scheme, using his illicit gains to buy luxury cars and real estate in the US, St Kitts and Nevis, China, Singapore, Thailand, and the United Arab Emirates.

Wang allegedly propagated his malware through Virtual Private Network (VPN) programs, such as MaskVPN and DewVPN, and pay-per-install services that bundled his malware with other program files, including pirated versions of licensed software, according to court documents.

OpenAI has formed a new safety committee. But the committee, which will be charged with overseeing the company's AI safety efforts, is made up of all insiders.

Yes, this article will be part of the sharing agreement.

China shows off mechanical canine with automatic rifle on its back at joint military drills with Cambodia

Over 90 malicious Android apps were found installed over 5.5 million times through Google Play to deliver malware and adware, with the Anatsa banking trojan seeing a recent surge in activity.

911 S5 residential proxy service was comprised of 19 million IP addresses.

Sorry to say, archive.org is under a ddos attack. The data is not affected, but most services are unavailable.

We are working on it & will post updates in comments.

Regulators will still need to approve the deal.

PayPal will collect customer data by default.

Archived link

A partial English translation of He Jiayan’s post (and a link to the archived Chinese version) is available at the bottom of the linked article.

"The Chinese internet is collapsing"

In a fitting illustration last week of the Chinese leadership’s unrelenting efforts to manipulate collective memory, an online essay with a shocking revelation about the wholesale disappearance of Chinese internet content spanning the 2000s was deleted by content monitors. But the post, quickly archived and shared, reverberated in platforms beyond PRC-managed cyberspace.

Written by He Jiayan (何加盐), an internet influencer active since 2018, the essay concluded, based on a wide range of searches of various entertainment and cultural figures from the late 1990s through the mid-2000s, that nearly 100 percent of content from major internet portals and private websites from the first decade of China’s internet has now been obliterated. “No one has recognized a serious problem,” wrote He. “The Chinese-language internet is rapidly collapsing, and Chinese-language internet content predating the emergence of the mobile internet has almost entirely disappeared.”

Simple searches through the Baidu search engine for public figures such as Alibaba founder Jack Ma and Xiaomi CEO Lei Jun (雷军), who would have yielded perhaps millions of unique posts during the period of the “traditional internet” from the late 1990s through the end of the 2000s, turned up few if any results, He Jiayan revealed. These wholesale absences in Chinese-language content from inside China were repeated when He used non-Chinese search engines, including Google and Bing.

The post cited several reasons for this mass vanishing, including the phasing out of private websites and blog platforms as technologies developed, the shuttering of old and unprofitable platforms by commercial providers who have no commercial incentive to maintain archives, and a lack of social resources in China that might handle archiving as a preservation initiative (like Internet Archive in the United States). But as others commented outside the Great Firewall, the most decisive factor in the loss of content and the failure to archive has been the Chinese Communist Party and its mandate for political and ideological control of history and public opinion.

Posted on Wednesday, May 22, He’s post had been removed from WeChat by the following day, yielding a 404 message that read: “This content violates regulations and cannot be viewed.”

Acknowledging the various reasons for the widespread outage of content from the period of China’s traditional internet, the fact of this mass vanishing raises huge questions about the role of the internet in the formation of collective identity — and what it will mean for entire landscapes of history to be simply gone. “In the internet era to come, as people look back on the first two decades of the 21st century, it will be a 20-year period absent from the historical record,” He wrote. “If you still glimpse old information right now on the Chinese internet, these are just the last rays of the setting sun.”

Spotify has hiked its premium subscription in France by an eye-watering €0.13, in response to a new music-streaming tax.

The spyware maker's founder, Bryan Fleming, said pcTattletale is "out of business and completely done," following a data breach.

Grace Wolstenholme tried to persuade Meta to take down the fraudulent page, which was trying to make money by copying her posts, for five months

OpenAI’s board found out about ChatGPT’s launch ‘on Twitter.’