Slashdot

An anonymous reader quotes a report from UPI: According to a new study, published Friday in the journal Patterns, information and communications technology, or ICT for short, is responsible for a greater share of greenhouse gas emissions than previously estimated. When researchers at Lancaster University analyzed earlier attempts to calculate ICT's carbon footprint, they determined scientists had failed to account for the entire life-cycle and supply chain of ICT products and infrastructure. This would include, for example, the emissions produced by makers of ICT components, or the emissions linked with the disposal of ICT products. Scientists have previously pegged ICT's share of greenhouse gas emissions at between 1.8% and 2.8%. But the latest findings suggest global computing is more likely responsible for between 2.1% and 3.9% of greenhouse gas emissions. If the latest estimates are accurate, ICT would have a larger carbon footprint than the aviation industry, which is responsible for 2 percent of greenhouse gas emissions.

Read more of this story at Slashdot.

destinyland writes: A newly-released video at GNU.org shows an hour-long talk given by free software advocate Richard Stallman for the BigBlueBotton open source conference (which was held online last July). After a 14-minute clip from an earlier speech, Stallman answers questions from the audience — and the first question asked Stallman for his opinion about the AI Copilot [automated pair programming tool] developed for Microsoft's GitHub in collaboration with AI research and deployment company OpenAI. Stallman's response? There are many legal questions about Copilot whose answers I don't know, and maybe nobody knows. And it's likely some of theo depend on the country you're in [because of the copyright laws in those countries.] In the U.S. we won't be able to have reliable answers until there are court cases about it, and who knows how many years it'll take for those court cases to arise and be finally decided. So basically what we have is a gigantic amount of uncertainty. Now the next thing is, what about morally? What can I say morally about Copilot? Well the basic idea seems okay. Why shouldn't a program be able to give you hints like that? But there is one pitfall, which is that if you follow those hints, you might end up putting a substantial block of code copied from a GPL-covered program, written by someone else, or one hint after another after another after another — it adds up to a substantial amount of code, perhaps, with very little change, perhaps. And then you've infringed the GPL by releasing that code, unless your program is covered by the same versions — plural — of the GPL, in which case it would be permitted. But you might not even know that. Copilot might not tell you — it doesn't endeavor to inform you. So you're likely not to know. Which means Copilot is leading users — some of its users — into a pitfall. Well, they should fix it so it doesn't do that. But basically, what can you expect from GitHub? GitHub gives people inadequate advice about what it means to choose a license. They tell you you can choose GPL version 2 or GPL version 3. I think they don't tell you that really you could choose GPL version 2 only, or GPL version 2 or later, or GPL version 3 only, or GPL version 3 or later — and those are four different choices. They give users different permissions over the future. So it's important to make each program say clearly which choice covers it. And GitHub doesn't tell you how to do that. It doesn't tell you that you need to do that. Because the way you do that is with a licensed notice that is supposed to be in every source file. It's unreliable to put just one statement in a free program and say "This program is covered by such-and-such license." What happens if somebody copies one of the files into some other program which says it's covered by a different license? Now that program has been inaccurately mis-licensed, which is illegal and is going to mislead users. So any self-respecting — any repository that wants to be honest has to explain these things, not just tell people to make the licensing of each piece of code clear, but help users do so — make it easy. So GitHub has had this enormous problem for all of its existence, and Copilot has the similar — a basically, vaguely similar sort of problem, in the same area. It's not exactly the same problem. I don't think that copying a snippet of a few lines of code infringes any license. I think it's de minimus. But I'm not a lawyer.

Read more of this story at Slashdot.

This week the Wall Street Journal reported that a 2018 algorithm change at Facebook "rewarded outrage," according to Facebook's own internal memos. But the Journal says the memos showed "that CEO Mark Zuckerberg resisted proposed fixes," and that the memos "offer an unparalleled look at how much Facebook knows about the flaws in its platform and how it often lacks the will or the ability to address them." In the fall of 2018, Jonah Peretti, chief executive of online publisher BuzzFeed, emailed a top official at Facebook Inc. The most divisive content that publishers produced was going viral on the platform, he said, creating an incentive to produce more of it... Mr. Peretti blamed a major overhaul Facebook had given to its News Feed algorithm earlier that year to boost "meaningful social interactions," or MSI, between friends and family, according to internal Facebook documents reviewed by The Wall Street Journal that quote the email... Facebook's chief executive, Mark Zuckerberg, said the aim of the algorithm change was to strengthen bonds between users and to improve their well-being. Facebook would encourage people to interact more with friends and family and spend less time passively consuming professionally produced content, which research suggested was harmful to their mental health. Within the company, though, staffers warned the change was having the opposite effect, the documents show. It was making Facebook's platform an angrier place. Company researchers discovered that publishers and political parties were reorienting their posts toward outrage and sensationalism. That tactic produced high levels of comments and reactions that translated into success on Facebook. "Our approach has had unhealthy side effects on important slices of public content, such as politics and news," wrote a team of data scientists, flagging Mr. Peretti's complaints, in a memo reviewed by the Journal... They concluded that the new algorithm's heavy weighting of reshared material in its News Feed made the angry voices louder. "Misinformation, toxicity, and violent content are inordinately prevalent among reshares," researchers noted in internal memos. Some political parties in Europe told Facebook the algorithm had made them shift their policy positions so they resonated more on the platform, according to the documents. "Many parties, including those that have shifted to the negative, worry about the long term effects on democracy," read one internal Facebook report, which didn't name specific parties... Mr. Zuckerberg resisted some of the proposed fixes, the documents show, because he was worried they might hurt the company's other objective — making users engage more with Facebook.

Read more of this story at Slashdot.

Slashdot reader oumuamua writes that two U.S. nuclear plants owned by Exelon "were almost shutdown prematurely...but were saved at the last minute by the Illinois Senate." The Illinois Senate has approved a clean energy deal which includes a subsidy for Exelon to keep the Byron nuclear plant in operation, after the House passed it last week. The plan gives Exelon $694 million to keep the Byron and Dresden plants operational. Exelon had previously begun drawing down the Byron plant with an anticipated retirement date of Monday, September 13th, and had warned that once the nuclear fuel had been depleted, it could not be refueled after that date. Exelon said Monday that with the passage of the bill, it was preparing to refuel both plants. The company had actually intended to close the Byron plant for some time, according to an earlier article: In February of 2019, a filing with the U.S. Securities and Exchange Commission, Exelon said the plant is "showing increased signs of economic distress, which could lead to an early retirement, in a market that does not currently compensate them for their unique contribution to grid resiliency and their ability to produce large amounts of energy without carbon and air pollution." Exelon cited revenue shortfalls in the hundreds of millions of dollars because of declining energy prices and energy rules that allow fossil fuel plants to make cheaper bids at energy auction. Or, as another article puts it, "Exelon says its Byron and Dresden stations are losing money." oumuamua adds that "With the urgency of the climate crisis more clear than ever, no nuclear plant should be closed prematurely while coal plants continue operation in the same state. Many celebrated the Senate move, however, others have criticized Exelon's actions. "Exelon first started what we've dubbed the nuclear hostage crisis. It's a pattern where a utility will for whatever reasons threaten closure, which gets the workers very upset, then the local community whose tax base depends on it gets upset, they pressure their legislators, and then the legislators grant bailouts," said Dave Kraft, head of the Nuclear Energy Information Service. Kraft said rather than continuing to support nuclear energy, Illinois needs to redouble its commitment to wind and solar.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Fast Company: [R]esearchers in Finland are experimenting with growing coffee from plant cells in bioreactors. There are several reasons why it might make sense to have such an alternative, says Heiko Rischer, a research team leader at VTT Technical Research Centre of Finland, the state-owned organization developing the coffee. "Conventional coffee production is notoriously associated with several problematic issues, such as unsustainable farming methods, exploitation, and land rights," he says. "Growing demand and climate change add to the problems." In Vietnam, for example, coffee production is driving deforestation. The researchers are using the same techniques to make coffee that others are using to make "lab-grown," or cultivated, meat. Coffee plant cells were cultured in the lab, and then placed in bioreactors filled with nutrient medium to grow. It's a little easier to grow coffee than something like beef. "The nutrient media for plant-cell cultures are much less complex, i.e., cheaper, than those for animal cells," Rischer says. "Scaling up is also easier because plant cells grow freely, suspended in the medium, while animal cells grow attached to surfaces." The process results in an off-white biomass that's dried into a powder, then roasted to a dark brown color that looks like coffee grounds. The scientists recently brewed their first cups of the lab-grown coffee, which they say tastes and smells like ordinary coffee. It's also possible to make different varieties. "Cell cultures of different coffee cultivars can be established, and the roasting process can be modified, in order to produce coffee with very different character," says Rischer. "The cultivation process can be modified in order to generate more or less of certain compounds, such as caffeine or flavors." The lab plans to work with companies that can commercialize the new process.

Read more of this story at Slashdot.

General Motors urged some owners of Chevrolet Bolt electric cars to park and store the vehicles at least 50 feet away from other cars to reduce the risk that a spontaneous fire could spread. Bloomberg reports: The Detroit automaker has recalled all of the roughly 142,000 Bolts sold since 2016 because the battery can catch on fire. GM has taken a $1.8 billion charge so far for the cost of the recall and has been buying cars back from some disgruntled owners. The company expects to recoup much of the cost from battery supplier LG Corp. The new advice is likely to rankle owners who are already limiting their use of the Bolt to avoid overheating the battery and risking a fire. The parking guidance -- recommending a distance of 50 feet from other parked cars -- is especially difficult for owners in urban areas. GM has confirmed 10 fires. The National Highway Traffic Safety Administration said the agency has found 13 fires in Bolts, but the company hasn't confirmed the additional three are part of the current recall issue. The Bolt normally can go 259 miles on a charge, but that has been limited by GM's guidance to avoid a fire. The automaker told Bolt owners to limit the charge to 90%, plug in more frequently and avoid depleting the battery to below about 70 miles of remaining range. They're also advised to park their vehicles outside immediately after charging and not leave them charging indoors overnight. The company will be telling Bolt owners who are concerned about parking in public places that it recommends keeping 50 feet from other cars in garages and lots, spokesman Dan Flores said.

Read more of this story at Slashdot.

The International Thermonuclear Experimental Reactor (ITER) currently under construction in Cadarache, southern France, will see cost overruns and delays due to the disruption caused by the COVID-19 pandemic, its top official said on Friday. Euractiv reports: When the ITER project was launched in 2015, the schedule was to have the first plasma by the end of 2025 and full nuclear fusion by 2035, said Bernard Bigot, the director general of ITER. "We were on track until the end of 2019 but unfortunately, as you know, the world has been impacted by COVID-19," Bigot told journalists during an online press conference on Friday (17 September). As a result of the pandemic, factories were stopped and ships that took on average 45 days to deliver components from Korea took 90 days to arrive, he indicated. "While we were progressing on a monthly rate of nearly 0.7% on average during the last five years, last year in 2020 we were only able to achieve 0.35%," he explained. "So clearly, first plasma in 2025 is no longer technically achievable." The delay means the costs of ITER will also likely go over budget, because of "running costs that cannot be eliminated," Bigot explained, saying he was preparing a full review for the ITER Council in November 2022. That said, Bigot expressed confidence that with the COVID-19 crisis receding, "we will be able to keep to the real target," which is to attain full fusion power by 2035. [...] The goal of the experimental plant is to demonstrate that fusion power can be generated sustainably, and safely, on a commercial scale. "Fusion provides clean, reliable energy without carbon emissions," said a statement from the 35 ITER partners.

Read more of this story at Slashdot.

An anonymous reader quotes a report from The New York Times: Firefighters are swaddling giant sequoias in a flame-retardant foil in an effort to protect the ancient trees from wildfires that are raging through national parks in California, officials said. Three wildfires, named Colony, Paradise and Windy, were ignited by lightning on Sept. 9. Since then, they have scorched thousands of acres of steep terrain, bringing them to the foot of some of the world's oldest and largest trees in the Giant Sequoia National Monument of the Sequoia National Forest, and in Kings Canyon National Park in Central California. Park officials have been working to contain the spread of the fires using water and aerial drops of fire retardant. This week they also started wrapping some of the most well-known of the giant sequoias along the walking trail, including one called the General Sherman, in case the fires surge uphill into groves of giant sequoias. "It is like a big spool," said Mark Garrett, a spokesman for the fire incident team that is monitoring a set of fires known as the KNP Complex in the Sequoia groves and in Kings Canyon National Park. "They just unwrapped the roll and went around the base of the tree," he said. "If fire got into the giant forest, I would be pretty confident that grove is going to be fine." Mr. Garrett said they had to tailor the wrap to fit the General Sherman's girth. (The tree is more than 36 feet across at its base.) The wrapping went as high as six feet high or more, he estimated. So far, he could confirm only that the General Sherman, which is 275 feet tall, had been blanketed. Other well-known giants along the popular trail are also going to be wrapped with the laminate of foil and fiber, which firefighters also use to make their shelters. The firefighters are also clearing the terrain of undergrowth, essentially starving the flames by leaving them little to consume. But heavy smoke was hampering firefighting efforts, Mr. Garrett said. Last month, the U.S. Forest Service closed all of California's national forests to help "better provide public and firefighter safety due to the ongoing California wildfire crises."

Read more of this story at Slashdot.

The US and the EU made a joint pledge on Friday to cut global methane emissions by almost a third in the next decade, in what climate experts hailed as one of the most significant steps yet towards fulfilling the Paris climate agreement. The Guardian reports: Methane is a potent greenhouse gas, about 80 times more effective at trapping heat in the atmosphere than carbon dioxide, and emissions have been rising in recent years. Natural gas production and fracking, meat production and other forms of agriculture are among the chief sources. The pact between the US and the EU sets a target of cutting at least 30% from global methane emissions, based on 2020 levels, by 2030. If adopted around the world, this would reduce global heating by 0.2C by the 2040s, compared with likely temperature rises by then. The world is now about 1.2C hotter now than in pre-industrial times. The UN published a report on Friday that found current pledges on emissions from national governments would result in an increase of 16% in emissions in 2030 compared with 2010 levels, whereas scientists warn that emissions must fall by 45% in that period to stay within 1.5C. The OECD also published a report on Friday showing that climate finance -- funding from private and public sources that flows from the rich world to developing countries, to help them cut emissions and cope with the impacts of extreme weather -- was falling about $20 billion short of a longstanding target of $100 billion a year.

Read more of this story at Slashdot.

New submitter Generic User Account writes: Under plans unveiled by ministers today, it will once again become legal for market stalls, shops, and supermarkets to sell their goods using only Britain's traditional weighing system. "A document titled 'Brexit opportunities: regulatory reforms' includes plans to permit the voluntary printing of the crown stamp on pint glasses and review the EU ban on markings and sales in pounds and ounces, with legislation set to come 'in due course,'" reports The Independent. Weights and measures inspector Pippa Musgrave tweeted: "The UK agreed, when it signed the OIML [International Organization of Legal Metrology] in 1856 to move to a single system of measurement. Metric measures have been lawful in the UK since 1875. Are you proposing the UK leaves the OIML treaty?"

Read more of this story at Slashdot.

Tesla CEO Elon Musk said the company will use personal driving data to determine whether owners who have paid for its controversial "Full Self-Driving" software can access the latest beta version that promises more automated driving functions. TechCrunch reports: Musk tweeted late Thursday night that the FSD Beta v10.0.1 software update, which has already been pushed out to a group of select owners, will become more widely available starting September 24. Owners who have paid for FSD, which currently costs $10,000, will be offered access to the beta software through a "beta request button." Drivers who select the beta software will be asked for permission to access their driving behavior using Tesla's insurance calculator, Musk wrote in a tweet. "If driving behavior is good for seven days, beta access will be granted," Musk wrote. The latest FSD Beta is supposed to automate driving on highways and city streets. However, this is still a Level 2 driver assistance system that requires the driver to pay attention, have their hands on the wheel and take control at all times. Recent videos posted showing owners' experiences with this beta software provide a mixed picture of its capability. In some videos, the vehicles handle city driving; in many others, drivers are seen taking control due to missed turns, being too close to the curb, failure to creep forward and, in one case, veering off suddenly toward pedestrians.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Motherboard: Researchers have found a new and surprisingly simple method for bypassing facial recognition software using makeup patterns. A new study from Ben-Gurion University of the Negev found that software-generated makeup patterns can be used to consistently bypass state-of-the-art facial recognition software, with digitally and physically-applied makeup fooling some systems with a success rate as high as 98 percent. In their experiment, the researchers defined their 20 participants as blacklisted individuals so their identification would be flagged by the system. They then used a selfie app called YouCam Makeup to digitally apply makeup to the facial images according to the heatmap which targets the most identifiable regions of the face. A makeup artist then emulated the digital makeup onto the participants using natural-looking makeup in order to test the target model's ability to identify them in a realistic situation. The researchers tested the attack method in a simulated real-world scenario in which participants wearing the makeup walked through a hallway to see whether they would be detected by a facial recognition system. The hallway was equipped with two live cameras that streamed to the MTCNN face detector while evaluating the system's ability to identify the participant. The experiment saw 100 percent success in the digital experiments on both the FaceNet model and the LResNet model, according to the paper. In the physical experiments, the participants were detected in 47.6 percent of the frames if they weren't wearing any makeup and 33.7 percent of the frames if they wore randomly applied makeup. Using the researchers' method of applying makeup to the highly identifiable parts of the attacker's face, they were only recognized in 1.2 percent of the frames.

Read more of this story at Slashdot.

A man who the Department of Justice says unlocked AT&T customers' phones for a fee was sentenced to 12 years in prison, in what the judge called "a terrible cybercrime over an extended period," which allegedly continued even after authorities were on to the scheme. The Verge reports: According to a news release from the DOJ, in 2012, Muhammad Fahd, a citizen of Pakistan and Grenada, contacted an AT&T employee via Facebook and offered the employee "significant sums of money" to help him secretly unlock AT&T phones, freeing the customers from any installment agreement payments and from AT&T's service. Fahd used the alias Frank Zhang, according to the DOJ, and persuaded the AT&T employee to recruit other employees at its call center in Bothell, Washington, to help with the elaborate scheme. Fahd instructed the AT&T employees to set up fake businesses and phony bank accounts to receive payments, and to create fictitious invoices for deposits into the fake accounts to create the appearance that money exchanged as part of the scheme was payment for legitimate services. In 2013, however, AT&T put into place a new unlocking system which made it harder for Fahd's crew to unlock phones' unique IMEI numbers, so according to the DOJ he hired a developer to design malware that could be installed on AT&T's computer system. This allegedly allowed him to unlock more phones, and do so more efficiently. The AT&T employees working with Fahd helped him access information about its systems and other employees' credentials, allowing his developer to tailor the malware more precisely, the DOJ said. A forensic analysis by AT&T showed Fahd and his helpers fraudulently unlocked more than 1.9 million phones, costing the company more than $200 million. Fahd was arrested in Hong Kong in 2018 and extradited to the US in 2019. He pleaded guilty in September 2020 to conspiracy to commit wire fraud.

Read more of this story at Slashdot.

Rolls-Royce's "Spirit of Innovation" all-electric airplane completed a 15 minute flight, marking "the beginning of an intensive flight-testing phase in which we will be collecting valuable performance data on the aircraft's electrical power and propulsion system," the company announced. Engadget reports: Rolls Royce said the one-seat airplane has "the most power-dense battery pack every assembled for an aircraft." The aircraft uses (PDF) a 6,000 cell battery pack with a three-motor powertrain that currently delivers 400kW (500-plus horsepower), and Rolls-Royce said the aircraft will eventually achieve speeds of over 300 MPH. The flight comes about a year after the originally scheduled takeoff and about six months after taxi trials. Rolls-Royce is also developing an air taxi with manufacturer Tecnam, with the aim of delivering an "all-electric passenger aircraft for the commuter market," according to the companies. It has previously teamed with Siemens and Airbus on another e-plane concept. The project was half funded by the Aerospace Technology Institute and UK government, with the aim of eventually creating all-electric passenger planes. "This is not only about breaking a world record; the advanced battery and propulsion technology developed for this program has exciting applications for the Urban Air Mobility market and can help make 'jet zero' a reality," said Rolls-Royce CEO Warren East.

Read more of this story at Slashdot.

Google announced plans today to port its Permission Auto-Reset feature from Android 11 to older versions of its mobile operating system, as far back as Android 6. From a report: Launched last fall, the Permission Auto-Reset feature works by automatically withdrawing user permissions from an app that hasn't been opened and used for a few months. "Starting in December 2021, we are expanding this [feature] to billions more devices," Google said today. "This feature will automatically be enabled on devices with Google Play services that are running Android 6.0 (API level 23) or higher." Exempt from this new feature will be device admin apps and enterprise apps where the permissions have been fixed through a general enterprise policy.

Read more of this story at Slashdot.

Apple and Google removed an app meant to coordinate protest voting in this weekend's Russian elections from the country on Friday, a blow to the opponents of President Vladimir V. Putin and a display of Silicon Valley's limits when it comes to resisting crackdowns on dissent around the world. From a report: The decisions came after Russian authorities, which claim the app is illegal, threatened to prosecute local employees of Apple and Google -- a sharp escalation in the Kremlin's campaign to rein in the country's largely uncensored internet. A person familiar with Google's decision said the authorities had named specific individuals who would face prosecution, prompting it to remove the app. The person declined to be identified for fear of angering the Russian government. Google has more than 100 employees in the country. Apple did not respond to phone calls, emails or text messages seeking comment. The app was created and promoted by allies of the opposition leader Aleksei A. Navalny, who were hoping to use it to consolidate the opposition vote in each of Russia's 225 electoral districts. It disappeared from the two technology platforms just as voting got underway in the three-day parliamentary election, in which Mr. Putin's United Russia party -- in a carefully stage-managed system -- holds a commanding advantage. Mr. Navalny's team reacted with outrage to the decision, suggesting the companies had made a damaging concession to the Russians. "Removing the Navalny app from stores is a shameful act of political censorship," an aide to Mr. Navalny, Ivan Zhdanov, said on Twitter. "Russia's authoritarian government and propaganda will be thrilled." The decisions also drew harsh condemnation from free-speech activists in the West. "The companies are in a really difficult position but they have put themselves there," David Kaye, a former United Nations official responsible for investigating freedom of expression issues, said in an interview. "They are de facto carrying out an element of Russian repression. Whether it's justifiable or not, it's complicity and the companies need to explain it."

Read more of this story at Slashdot.

An anonymous reader quotes a report from CNBC: An influential Food and Drug Administration advisory committee on Friday resoundingly rejected a plan to administer booster shots of Pfizer and BioNTech's Covid-19 vaccine to the general public, saying they needed more data. The panel, however, could still recommend the shots for other populations. Scientists continued debating the need for a third dose of the vaccines for people 65 and older and other vulnerable populations after their initial vote. "It's likely beneficial, in my opinion, for the elderly, and may eventually be indicated for the general population. I just don't think we're there yet in terms of the data," Dr. Ofer Levy, a vaccine and infectious disease specialist at Boston Children's Hospital, said after voting against the original proposal. The final tally failed 16-2. In a paper published days before the advisory committee meeting, a leading group of scientists said available data showed vaccine protection against severe disease persists, even as the effectiveness against mild disease wanes over time. The authors, including two high-ranking FDA officials and multiple scientists from the World Health Organization, argued Monday in the medical journal The Lancet that widely distributing booster shots to the general public is not appropriate at this time. In outlining plans last month to start distributing boosters as early as next week, administration officials cited three CDC studies that showed the vaccines' protection against Covid diminished over several months. Senior health officials said at the time they worried protection against severe disease, hospitalization and death "could" diminish in the months ahead, especially among those who are at higher risk or were vaccinated during the earlier phases of the vaccination rollout. Before the vote, some committee members said they were concerned that there wasn't enough data to make a recommendation, while others argued third shots should be limited to certain groups, such as people over age 60 who are known to be at higher risk of severe disease. Some members raised concerns about the risk of myocarditis in younger people, saying more research is needed.

Read more of this story at Slashdot.

An anonymous reader shares a report: Hackers associated with the hacktivist collective Anonymous say they have leaked gigabytes of data from Epik, a web host and domain registrar that provides services to far-right sites like Gab, Parler and 8chan, which found refuge in Epik after they were booted from mainstream platforms. In a statement attached to a torrent file of the dumped data this week, the group said the 180 gigabytes amounts to a "decade's worth" of company data, including "all that's needed to trace actual ownership and management" of the company. The group claimed to have customer payment histories, domain purchases and transfers, and passwords, credentials and employee mailboxes. The cache of stolen data also contains files from the company's internal web servers, and databases that contain customer records for domains that are registered with Epik. The hackers did not say how they obtained the breached data or when the hack took place, but timestamps on the most recent files suggest the hack likely happened in late February. Epik initially told reporters it was unaware of a breach, but an email sent out by founder and chief executive Robert Monster on Wednesday alerted users to an "alleged security incident." TechCrunch has since learned that Epik was warned of a critical security flaw weeks before its breach. Security researcher Corben Leo contacted Epik's chief executive Monster over LinkedIn in January about a security vulnerability on the web host's website. Leo asked if the company had a bug bounty or a way to report the vulnerability. LinkedIn showed Monster had read the message but did not respond.

Read more of this story at Slashdot.

An American cybersecurity company was behind a 2016 iPhone hack sold to a group of mercenaries and used by the United Arab Emirates. From a report: When the United Arab Emirates paid over $1.3 million for a powerful and stealthy iPhone hacking tool in 2016, the monarchy's spies -- and the American mercenary hackers they hired -- put it to immediate use. The tool exploited a flaw in Apple's iMessage app to enable hackers to completely take over a victim's iPhone. It was used against hundreds of targets in a vast campaign of surveillance and espionage whose victims included geopolitical rivals, dissidents, and human rights activists. Documents filed by the US Justice Department on Tuesday detail how the sale was facilitated by a group of American mercenaries working for Abu Dhabi, without legal permission from Washington to do so. But the case documents do not reveal who sold the powerful iPhone exploit to the Emiratis. Two sources with knowledge of the matter have confirmed to MIT Technology Review that the exploit was developed and sold by an American firm named Accuvant. It merged several years ago with another security firm, and what remains is now part of a larger company called Optiv. News of the sale sheds new light on the exploit industry as well as the role played by American companies and mercenaries in the proliferation of powerful hacking capabilities around the world.

Read more of this story at Slashdot.

States on Friday took action against Celsius Network, accusing the company, which purports to be one of the world's largest cryptocurrency lenders, of offering residents unregistered securities. From a report: Texas filed a notice seeking a hearing to determine whether to issue a cease and desist order against the company. The action means Celsius will have to show why it shouldn't be ordered to stop offering its products to state residents. The hearing is scheduled for February 14. Separately, New Jersey ordered Celsius to stop offering some of its products, which it also described as unregistered securities, effective November 1. The moves against Celsius come on the heels of similar actions against New Jersey-based competitor BlockFi taken by states including New Jersey, Texas and others in July, and in the week after Coinbase Global Inc. disclosed that the Securities and Exchange Commission had threatened to sue it if it offered its own yield product to depositors. Celsius had more than $24 billion in "community assets" at the beginning of September, the company said, which would make it one of the world's largest crypto lenders and interest-account providers, if not the largest. The company offers customers a yield of nearly 9% for deposits of U.S.-dollar stablecoins, such as Tether and USD Coin, as much as 6.2% for Bitcoin, and varying rates of interest on other cryptocurrencies.

Read more of this story at Slashdot.