Computers & Linux News

'Vulkan Files' Leak Reveals Putin's Global and Domestic Cyberwarfare Tactics

SlashDot - 43 min 58 sec ago
"The Gaurdian reports on a document leak from Russian cyber 'security' company Vulkan," writes Slashdot reader Falconhell. From the report: Inside the six-storey building, a new generation is helping Russian military operations. Its weapons are more advanced than those of Peter the Great's era: not pikes and halberds, but hacking and disinformation tools. The software engineers behind these systems are employees of NTC Vulkan. On the surface, it looks like a run-of-the-mill cybersecurity consultancy. However, a leak of secret files from the company has exposed its work bolstering Vladimir Putin's cyberwarfare capabilities. Thousands of pages of secret documents reveal how Vulkan's engineers have worked for Russian military and intelligence agencies to support hacking operations, train operatives before attacks on national infrastructure, spread disinformation and control sections of the internet. The company's work is linked to the federal security service or FSB, the domestic spy agency; the operational and intelligence divisions of the armed forces, known as the GOU and GRU; and the SVR, Russia's foreign intelligence organization. One document links a Vulkan cyber-attack tool with the notorious hacking group Sandworm, which the US government said twice caused blackouts in Ukraine, disrupted the Olympics in South Korea and launched NotPetya, the most economically destructive malware in history. Codenamed Scan-V, it scours the internet for vulnerabilities, which are then stored for use in future cyber-attacks. Another system, known as Amezit, amounts to a blueprint for surveilling and controlling the internet in regions under Russia's command, and also enables disinformation via fake social media profiles. A third Vulkan-built system -- Crystal-2V -- is a training program for cyber-operatives in the methods required to bring down rail, air and sea infrastructure. A file explaining the software states: "The level of secrecy of processed and stored information in the product is 'Top Secret'."

Read more of this story at Slashdot.

Meta Wants EU Users To Apply For Permission To Opt Out of Data Collection

SlashDot - 1 hour 20 min ago
Meta announced that starting next Wednesday, some Facebook and Instagram users in the European Union will for the first time be able to opt out of sharing first-party data used to serve highly personalized ads, The Wall Street Journal reported. The move marks a big change from Meta's current business model, where every video and piece of content clicked on its platforms provides a data point for its online advertisers. Ars Technica reports: People "familiar with the matter" told the Journal that Facebook and Instagram users will soon be able to access a form that can be submitted to Meta to object to sweeping data collection. If those requests are approved, those users will only allow Meta to target ads based on broader categories of data collection, like age range or general location. This is different from efforts by other major tech companies like Apple and Google, which prompt users to opt in or out of highly personalized ads with the click of a button. Instead, Meta will review objection forms to evaluate reasons provided by individual users to end such data collection before it will approve any opt-outs. It's unclear what cause Meta may have to deny requests. A Meta spokesperson told Ars that Meta is not sharing the objection form publicly at this time but that it will be available to EU users in its Help Center starting on April 5. That's the deadline Meta was given to comply with an Irish regulator's rulings that it was illegal in the EU for Meta to force Facebook and Instagram users to give consent to data collection when they signed contracts to use the platforms. Meta still plans to appeal those Irish Data Protection Commission (DPC) rulings, believing that its prior contract's legal basis complies with the EU's General Data Protection Regulation (GDPR). In the meantime, though, the company must change the legal basis for data collection. Meta announced in a blog post today that it will now argue that it does not need to directly obtain user consent because it has a "legitimate interest" to collect data to operate its social platforms. "We believe that our previous approach was compliant under GDPR, and our appeal on both the substance of the rulings and the fines continues," Meta's blog said. "However, this change ensures that we comply with the DPC's decision."

Read more of this story at Slashdot.

China Shuts Down Major Manga Piracy Site Following Complaint From Japan

SlashDot - 2 hours 58 sec ago
Anti-piracy group CODA is reporting the shutdown of B9Good, a pirate manga site that targeted Japan but was operated from China. In response to a criminal complaint filed by CODA on behalf of six Japanese companies, which were backed by 21 others during the investigation, Chinese authorities arrested four people and seized one house worth $580,000. TorrentFreak reports: Manga piracy site B9Good initially appeared in 2008 and established itself under B9DM branding. SimilarWeb stats show that the site was enjoying around 15 million visits each month, with CODA noting that in the two-year period leading to February 2023, the site was accessed more than 300 million times Around 95% of the site's visitors came from Japan. B9Good had been featured in an MPA submission to the USTR's notorious markets report in 2019. Traffic was reported as almost 16 million visits per month back then, meaning that site visitor numbers remained stable for the next three years. The MPA said the site was possibly hosted in Canada, but domain records since then show a wider spread, including Hong Kong, China, United States, Bulgaria, and Japan. Wherever the site ended up, the location of its operator was more important. In 2021, CODA launched its International Enforcement Project (CBEP), which aimed to personally identify the operators of pirate sites, including those behind B9Good who were eventually traced to China. Pursuing copyright cases from outside China is reportedly difficult, but CODA had a plan. In January 2022, CODA's Beijing office was recognized as an NGO with legitimate standing to protect the rights of its member companies. Working on behalf of Aniplex, TV Tokyo, Toei Animation, Toho, Japan Broadcasting Corporation (NHK), and Bandai Namco Film Works, CODA filed a criminal complaint in China, and starting February 14, 2023, local authorities began rounding up the B9Good team.

Read more of this story at Slashdot.

Google Assistant Division Is Reorganizing To Focus On Bard

SlashDot - 2 hours 43 min ago
An anonymous reader quotes a report from CNBC: Google is reshuffling the reporting structure of its virtual assistant unit -- called Assistant -- to focus more on Bard, the company's new artificial intelligence chat technology. In a memo to employees on Wednesday, titled "Changes to Assistant and Bard teams," Sissie Hsiao, vice president and lead of Google Assistant's business unit, announced changes to the organization that show the unit heavily prioritizing Bard. "As the Bard teams continue this work, we want to ensure we continue to support and execute on the opportunities ahead," Hsiao said in the email. "This year, more than ever, we have been focused on delivery with impact to our users." Jianchang "JC" Mao, who reported directly to Hsiao, will be leaving the company for personal reasons, according to the memo, which was viewed by CNBC. Mao held the position of vice president of engineering for Google Assistant and "helped shape the Assistant we have today," Hsiao wrote. Taking Mao's place will be 16-year Google veteran Peeyush Ranjan, who most recently held the title of vice president in Google's commerce organization, overseeing payments. The new leadership changes suggest that the Assistant organization may be planning on integrating Bard technology into similar products in the future. [...] As part of Wednesday's change, Google Assistant engineering vice president Amar Subramanya will now lead engineering for the Bard team, the email said. Trevor Strohman, who previously led engineering efforts for Bard, will continue as an "Area Tech Lead" for Bard, reporting to Hsiao. Ars Technica's Ron Amadeo ponders if the Google Assistant is facing a "looming Google shutdown." "If we assume the idea of the Google Assistant -- a voice assistant that helps you do things -- isn't completely dead at Google, you could imagine a future where Bard's language model helps it understand what you want to do and will do it, but it feels like the service is years away from something like that," writes Amadeo. "The Assistant today doesn't have language model problems, though, just voice recognition problems, and Bard won't help with that."

Read more of this story at Slashdot.

Roku To Cut 200 Jobs, or 6% of Its Workforce, In Second Round of Layoffs

SlashDot - 3 hours 25 min ago
Roku will lay off 6% of its workforce, or 200 employees, in its second round of job cuts, the U.S. streaming device maker said. Reuters reports: In a bid to lower expenses, the company also decided to exit and sub-lease office facilities that it did not currently occupy. Roku had in November cut 200 jobs in the United States, where companies, led by technology giants such as Meta Platforms and Inc, are bracing for a potential economic downturn amid rising borrowing costs around the world. Roku, which had about 3,600 full-time employees as of Dec. 31, expects to incur charges of between $30 million and $35 million related to the restructuring. Majority of the restructuring charges will be incurred in the first quarter of fiscal 2023, while the job cuts will be completed by the end of the second quarter, the company said.

Read more of this story at Slashdot.

Missouri Reps Vote To Completely Defund State's Public Libraries

SlashDot - 4 hours 5 min ago
An anonymous reader quotes a report from Motherboard: Late Tuesday night, the Missouri House of Representatives voted for a state operating budget with a $0 line for public libraries. While the budget still needs to work its way through the Senate and the governor's office, state funding for public libraries is very much on the chopping block in Missouri. This comes after Republican House Budget Chairman Cody Smith proposed a $4.5 million cut to public libraries' state aid last week in the initial House Budget Committee hearing, where Smith cited a lawsuit filed against Missouri by the American Civil Liberties Union of Missouri (ACLU-MO) as the reason for the cut. ACLU-MO filed the suit on behalf of the Missouri Association of School Librarians and the Missouri Library Association (MLA) in an effort to overturn a state law passed in 2022 that bans sexually explicit material from schools. Since it was first enacted in August, librarians and other educators have faced misdemeanor charges punishable by up to a year in jail or a $2,000 fine for giving students access to books the state has deemed sexually explicit. The Missouri law defined (PDF) explicit sexual material as images "showing human masturbation, deviate sexual intercourse," "sexual intercourse, direct physical stimulation of genitals, sadomasochistic abuse," or showing human genitals. The lawsuit claims that school districts have been pulling books from their shelves. "The house budget committee's choice to retaliate against two private, volunteer-led organizations by punishing the patrons of Missouri's public libraries is abhorrent," Tom Bastian, deputy director for communications for ACLU-MO said in a statement to Motherboard. Like in all ACLU cases, the organization is not charging the two Missouri library groups for services. Both library organizations are also run by volunteers -- every state has an equivalent of these two organizations that serve public and school libraries. In other words, a politician either lied or didn't have his facts straight, and now 160 library districts risk losing state aid in June. "State Aid helps libraries provide relevant collections, literacy based programming, and technology resources to their communities," Otter Bowman, president of the MLA told Motherboard in a statement. "Our rural libraries rely the most heavily on this funding to serve their communities, and they will be crippled by this drastic budget cut."

Read more of this story at Slashdot.

Lenovo Gives Up on Its Dream of Android Gaming Phones

SlashDot - 4 hours 45 min ago
An anonymous reader writes: Android manufacturers occasionally try to push this idea of a "gaming smartphone" -- usually, these companies try to extend the "PC gamer" design motif to smartphones, with RGB LEDs and aggressive marketing. Since Android games are mostly casual pay-to-win tap fests, though, we often have to ask, does anyone want a gaming smartphone? If you're Lenovo, the answer is apparently "no," as Android Authority reports Lenovo is killing the "Legion" gaming phone business.

Read more of this story at Slashdot.

E3 2023 Is Canceled Again After Weeks of Speculation - CNET

CNET News - 4 hours 59 min ago
The video game trade show was expected to have poor attendance among major game publishers.

E3 2023 Has Been Canceled

SlashDot - 5 hours 25 min ago
E3 2023 has been called off "after huge gaming companies like Nintendo, Microsoft, and Ubisoft all said they wouldn't be participating in the event," reports The Verge. From the report: E3 2023 was scheduled for June 13th through 16th with a mix of industry-focused days and days that would be open to the public. But in the lead-up to June, there had been some worrying signs that things might be rocky for E3's revival. According to an email sent to employees and verified by IGN, E3 2023 "simply did not garner the sustained interest necessary to execute it in a way that would showcase the size, strength, and impact of our industry." In an email to The Verge, Kyle Marsden-Kish, global VP of gaming at ReedPop, wrote: "This was a difficult decision because of all the effort we and our partners put toward making this event happen, but we had to do what's right for the industry and what's right for E3. We appreciate and understand that interested companies wouldn't have playable demos ready and that resourcing challenges made being at E3 this summer an obstacle they couldn't overcome. For those who did commit to E3 2023, we're sorry we can't put on the showcase you deserve and that you've come to expect from ReedPop's event experiences." Marsden-Kish suggested the convention could return in subsequent years.

Read more of this story at Slashdot.

Adobe Reveals New Firefly AI Tool to Help Illustrators Color Their Art - CNET

CNET News - 5 hours 54 min ago
Generative AI is completely changing the creative process.

South Korea Passes Tax Break-Driven 'Chips Act' as Protectionism Fears Mount

SlashDot - 6 hours 5 min ago
South Korea has passed legislation giving tax breaks to its semiconductor companies in a bill being labelled as the "Korean Chips Act." At the same time, the nation's trade minister repeated its complaints that the criteria for Korean companies to access US funding are unpalatable in a possible sign of growing protectionism in the worldwide chip market. From a report: To bump up the level of tax breaks, the Korean National Assembly passed a revision bill to the Restriction of Special Taxation Act. The reductions will be given to companies investing in semiconductor production and other strategic industries in the country. These tax breaks appear to be largely in line with earlier reports regarding the Korean government's plans, and will see large corporations such as Samsung Electronics and SK hynix offered tax credits of up to 15 percent on investments into strategic technologies such as semiconductor manufacturing, up from 8 percent previously. Raising the deduction rate from 8 percent to 15 percent would save some 2.5 trillion won ($1.9 billion) in taxes for the local chip industry, according to The Korea Herald. For small and medium-sized enterprises, the tax credit rate is set to be raised from 16 percent to 25 percent, in moves designed to bolster domestic investment in key technology sectors. The move follows the announcement of plans from the Korean government earlier this month to pour cash into several key industries including semiconductors and electric vehicles. As part of those plans, Samsung said it aimed to invest $230 billion over the next 20 years to build five new local semiconductor plants. South Korea is not the only nation offering such tax breaks. In January, Taiwan -- home to semiconductor giant TSMC -- passed similar legislation that will allow its domestic chipmakers to turn up to 25 percent of their annual research and development expenses into tax credits, in efforts to ensure the country's continued leadership in chip manufacturing.

Read more of this story at Slashdot.

Inside the Deepfake Porn Economy

SlashDot - 6 hours 45 min ago
The nonconsensual deepfake economy has remained largely out of sight, but it's easily accessible, and some creators can accept major credit cards. From a report: Digitally edited pornographic videos featuring the faces of hundreds of unconsenting women are attracting tens of millions of visitors on websites, one of which can be found at the top of Google search results. The people who create the videos charge as little as $5 to download thousands of clips featuring the faces of celebrities, and they accept payment via Visa, Mastercard and cryptocurrency. While such videos, often called deepfakes, have existed online for years, advances in artificial intelligence and the growing availability of the technology have made it easier -- and more lucrative -- to make nonconsensual sexually explicit material. An NBC News review of two of the largest websites that host sexually explicit deepfake videos found that they were easily accessible through Google and that creators on the websites also used the online chat platform Discord to advertise videos for sale and the creation of custom videos. The deepfakes are created using AI software that can take an existing video and seamlessly replace one person's face with another's, even mirroring facial expressions. Some lighthearted deepfake videos of celebrities have gone viral, but the most common use is for sexually explicit videos. According to Sensity, an Amsterdam-based company that detects and monitors AI-developed synthetic media for industries like banking and fintech, 96% of deepfakes are sexually explicit and feature women who didn't consent to the creation of the content. Most deepfake videos are of female celebrities, but creators now also offer to make videos of anyone. A creator offered on Discord to make a 5-minute deepfake of a "personal girl," meaning anyone with fewer than 2 million Instagram followers, for $65.

Read more of this story at Slashdot.

US, Partner Countries Call For Controls To Counter Misuse of Spyware

SlashDot - 7 hours 25 min ago
The United States and some of its partner countries on Thursday called for strict domestic and international controls to counter the proliferation and misuse of commercial spyware. From a report: The joint statement was issued by the governments of Australia, Canada, Costa Rica, Denmark, France, New Zealand, Norway, Sweden, Switzerland, the United Kingdom, and the United States. The countries said they were committed to preventing the export of technology and equipment to end-users who are likely to use them for "malicious cyber activity." The joint statement also said the countries would share information with each other on spyware proliferation and misuse, including to better identify these tools. On Monday, U.S. President Joseph Biden signed an executive order intended to curb the malicious use of digital spy tools around the globe targeting U.S. personnel and civil society. The new executive order was designed to apply pressure on the secretive industry by placing new restrictions on U.S. government defense, law enforcement and intelligence agencies' purchasing decisions.

Read more of this story at Slashdot.

Amazon Seller Consultant Admits To Bribing Employees To Help Clients

SlashDot - 8 hours 5 min ago
An influential consultant for Amazon sellers has admitted to bribing employees of the e-commerce giant for information to help his clients boost sales and to get their suspended accounts reinstated. From a report: Ephraim "Ed" Rosenberg wrote in a LinkedIn post that he will plead guilty in federal court to a criminal charge, stemming from a 2020 indictment that charged six people with conspiring to give sellers an unfair competitive advantage on Amazon's third-party marketplace. Four of the defendants have already pleaded guilty, including one former Amazon employee who was sentenced last year to 10 months in prison. Rosenberg, who's based in Brooklyn, is a well-known figure in the world of Amazon third-party sellers. He runs a consultancy business that advises entrepreneurs on how to sell products on the online marketplace, and navigate unforeseen issues with their Amazon account. Rosenberg's Facebook group for sellers, ASGTG, has over 68,000 members, and he hosts a popular conference for sellers each year. "For a time, some years ago, I began to obtain and use Amazon's internal annotations -- Amazon's private property -- to learn the reasons for sellers' suspensions, in order to assist them in getting reinstated, if possible," wrote Rosenberg, who is due to appear in U.S. District Court in Seattle on March 30, for a change of plea hearing, according to court records. "On some occasions, I paid bribes, directly and indirectly, to Amazon employees to obtain annotations and reinstate suspended accounts. These actions were against the law."

Read more of this story at Slashdot.

What to Know About Getting COVID Again (and Again) in 2023 - CNET

CNET News - 8 hours 18 min ago
When it comes to reinfection, a lot has changed since the pandemic started. Here's what the experts know about how long immunity lasts and more.

'One In Two New Npm Packages Is SEO Spam Right Now'

SlashDot - 8 hours 43 min ago
Gabi Dobocan, writing at auditing firm Sandworm: More than half of all new packages that are currently (29 Mar 2023) being submitted to npm are SEO spam. That is - empty packages, with just a single README file that contains links to various malicious websites. Out of the ~320k new npm packages or versions that Sandworm has scanned over the past week, at least ~185k were labeled as SEO spam. Just in the last hour as of writing this article, 1583 new e-book spam packages have been published. All the identified spam packages are currently live on

Read more of this story at Slashdot.

Google Fi on iPhones Now Works With 5G Thanks to iOS 16.4 - CNET

CNET News - 8 hours 59 min ago
It took a while, but 5G for Google Fi iPhones has finally arrived.

Will Apple Show AR/VR Headset at WWDC? Delays Add 'Uncertainty,' Analyst Says - CNET

CNET News - 9 hours 3 min ago
Apple's rumored mixed-reality headset is apparently facing more delays.