https://yro.slashdot.org/ News for nerds, stuff that matters en-us Copyright Slashdot Media. All Rights Reserved. 2026-04-20T20:16:32+00:00 Slashdot Media feedback@slashdot.org Technology 1970-01-01T00:00+00:00 1 hourly https://a.fsdn.com/sd/topics/topicslashdot.gif https://yro.slashdot.org/ https://news.slashdot.org/story/26/04/20/1711231/trump-administration-begins-refunding-166-billion-in-tariffs?utm_source=rss1.0mainlinkanon&utm_medium=feed "After a Supreme Court of the United States ruling in Feb. 2026, many tariffs imposed by the Trump administration were declared illegal because the president overstepped his authority," writes Slashdot reader hcs_$reboot. "As a result, the U.S. government now has to refund a massive amount of money, around $160-170+ billion, paid mainly by importers." According to the New York Times, the administration has now begun accepting refund requests, "surrendering its prized source of revenue -- plus interest." From the report: For some U.S. businesses, the highly anticipated refunds could be substantial, offering critical if belated financial relief. Tariffs are taxes on imports, so the president's trade policies have served as a great burden for companies that rely on foreign goods. Many have had to choose whether to absorb the duties, cut other costs or pass on the expenses to consumers. By Monday morning, those companies can begin to submit documentation to the government to recover what they paid in illegal tariffs. In a sign of the demand, more than 3,000 businesses, including FedEx and Costco, have already sued the Trump administration in a bid to secure their refunds, with some cases filed even before the Supreme Court's ruling. But only the entities that officially paid the tariffs are eligible to recover that money. That means that the fuller universe of people affected by Mr. Trump's policies -- including millions of Americans who paid higher prices for the products they bought -- are not able to apply for direct relief. The extent to which consumers realize any gain hinges on whether businesses share the proceeds, something that few have publicly committed to do. Some have started to band together in class-action lawsuits in the hopes of receiving a payout. Many business owners said they weren't sure how easy the tariff refund process would be, particularly given Mr. Trump's stated opposition to returning the money. The administration has suggested that it may be months before companies see any money. Adding to the uncertainty, the White House has declined to say if it might still try to return to court in a bid to halt some or all of the refunds. The money will mostly go to importers and companies, since they were the ones that directly paid the tariffs. While individual refunds with interest could take around 60 to 90 days to process, the overall effort will probably move much more slowly because of how large and complicated it will be. There are also legal questions around whether companies would have to pass any of that money on to consumers. Slashdot reader AmiMoJo commented: "This is perhaps the biggest transfer of wealth in American history. Most of those companies will just pocket the refund and not pass any of it on to the consumer. If prices go down at all, they won't be back to pre-tariff levels. You paid the tariffs, but you ain't getting the refund."<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=Trump+Administration+Begins+Refunding+%24166+Billion+In+Tariffs%3A+https%3A%2F%2Fnews.slashdot.org%2Fstory%2F26%2F04%2F20%2F1711231%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fnews.slashdot.org%2Fstory%2F26%2F04%2F20%2F1711231%2Ftrump-administration-begins-refunding-166-billion-in-tariffs%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://news.slashdot.org/story/26/04/20/1711231/trump-administration-begins-refunding-166-billion-in-tariffs?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> BeauHD 2026-04-20T19:00:00+00:00 money logistical-nightmare news 27 27,26,21,17,6,3,2 https://yro.slashdot.org/story/26/04/20/0353220/nsa-using-anthropics-mythos-despite-blacklist?utm_source=rss1.0mainlinkanon&utm_medium=feed Axios reports that the NSA is using Anthropic's restricted Mythos Preview model despite the Pentagon insisting the company poses a "supply chain risk." Axios reports: The government's cybersecurity needs appear to be outweighing the Pentagon's feud with Anthropic. The department moved in February to cut off Anthropic and force its vendors to follow suit. That case is ongoing. The military is now broadening its use of Anthropic's tools while simultaneously arguing in court that using those tools threatens U.S. national security. Two sources said the NSA was using Mythos, while one said the model was also being used more widely within the department. It's unclear how the NSA is currently using Mythos, but other organizations with access to the model are using it predominantly to scan their own environments for exploitable security vulnerabilities. Anthropic restricted access to Mythos to around 40 organizations, contending that its offensive cyber capabilities were too dangerous to allow for a wider release. Anthropic only announced 12 of those organizations. One source said the NSA was among the unnamed agencies with access. The NSA's counterparts in the U.K. have said they have access to the model through the country's AI Security Institute. Anthropic's CEO met with top U.S. officials on Friday to discuss "opportunities for collaboration," according to a White House spokesperson, "as well as shared approaches and protocols to address the challenges associated with scaling this technology."<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=NSA+Using+Anthropic's+Mythos+Despite+Blacklist%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F20%2F0353220%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F20%2F0353220%2Fnsa-using-anthropics-mythos-despite-blacklist%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/26/04/20/0353220/nsa-using-anthropics-mythos-despite-blacklist?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> BeauHD 2026-04-20T16:00:00+00:00 government would-you-look-at-that yro 32 32,32,28,23,12,4,3 https://news.slashdot.org/story/26/04/18/1926216/nevada-police-can-now-track-cellphones-without-a-warrant?utm_source=rss1.0mainlinkanon&utm_medium=feed "Nevada quietly signed an agreement earlier this year with a company that collects location data from cellphones, allowing police to track a device virtually in real time," reports the Associated Press. "All without a warrant." The software from Fog Data Science, adopted this January in Nevada through a Department of Public Safety contract, pulls information from smartphone apps in order to let state investigators identify the location of mobile devices. The state is allowed more than 250 queries a month using the tool, which allows officers to track a device's location over long stretches of time and enables them to see what Fog calls "patterns of life," according to company documents from 2022. It can help them deduce where and when people work and live, with whom they associate and what places they visit, according to privacy experts... Traditionally, police must obtain a warrant from a judge to access cellphone location information &mdash; a process that can take days or weeks. And while cellphone users may be aware that they are sharing their location through apps such as Google Maps, critics say few are aware that such information can make its way to police... Other agencies in Nevada have been known to use technology similar to Fog. In 2013, Las Vegas Metropolitan Police Department acquired something known as a cell-site simulator that mimics cellphone towers and can sweep up signals from entire areas to track individuals, with some models capable of intercepting texts and calls. Police have not released detailed information about the technology since then. "Police in other states have said the technology (and its low price tag) has helped expand investigatory capacity," the article adds. But it also points out that Fog Data Science has a web page letting individuals opt out of all their data sets.<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=Nevada+Police+Can+Now+Track+Cellphones+Without+a+Warrant%3A+https%3A%2F%2Fnews.slashdot.org%2Fstory%2F26%2F04%2F18%2F1926216%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fnews.slashdot.org%2Fstory%2F26%2F04%2F18%2F1926216%2Fnevada-police-can-now-track-cellphones-without-a-warrant%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://news.slashdot.org/story/26/04/18/1926216/nevada-police-can-now-track-cellphones-without-a-warrant?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> EditorDavid 2026-04-19T16:34:00+00:00 usa what-happens-in-Vegas news 55 55,51,44,39,18,12,8 https://tech.slashdot.org/story/26/04/18/0621217/old-cars-tell-tales-by-storing-data-thats-never-wiped?utm_source=rss1.0mainlinkanon&utm_medium=feed Slashdot reader Bismillah shared this report from ITNews: Research and development engineer Romain Marchand of Paris headquartered Quarkslab obtained a telematic control unit (TCU) from a salvage yard in Poland... Marchand tore down the TCU, which is based on a Qualcomm system on a chip, and extracted the Linux-based file system from the Micron multi-chip package (MCP) which contained NAND-based non-volatile storage memory. The non-volatile storage contained sensitive information, including system configuration data and more importantly, logs that revealed the vehicle's GPS positions over time. None of that information was encrypted, Marchand told iTnews, which made it possible to collect and retrieve sensitive data of interest. What's more, the global navigation satellite system (GNSS) logs with GPS positions covered the BYD's full journey from the factory in China to its operational life in the United Kingdom, and to its final wrecking in Poland, Marchand explained in an analysis... The issue is not restricted to BYD, and Marchand added that the hardware architecture of the Chinese car maker's TCU is broadly similar to what can be found in other brands.<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=Old+Cars+'Tell+Tales'+by+Storing+Data+That's+Never+Wiped%3A+https%3A%2F%2Ftech.slashdot.org%2Fstory%2F26%2F04%2F18%2F0621217%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Ftech.slashdot.org%2Fstory%2F26%2F04%2F18%2F0621217%2Fold-cars-tell-tales-by-storing-data-thats-never-wiped%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://tech.slashdot.org/story/26/04/18/0621217/old-cars-tell-tales-by-storing-data-thats-never-wiped?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> EditorDavid 2026-04-18T21:34:00+00:00 transportation I-know-what-you-did-last-summer technology 42 42,39,36,34,10,7,6 https://yro.slashdot.org/story/26/04/18/1834202/us-congress-fails-to-pass-long-term-fisa-extension-authorizes-it-through-april-30?utm_source=rss1.0mainlinkanon&utm_medium=feed Yesterday the U.S. Congress approved "a short-term extension" of a FISA law that allows wiretaps without a warrant for surveilling foreign targets, reports CNN &mdash; but only until April 30. Republican congressional leaders had sought an 18-month extension, but "failed to secure" the votes after "clamoring from some of their members for reforms to protect Americans' privacy." The warrantless surveillance law, known as Section 702 of the Foreign Intelligence Surveillance Act, was set to expire on Monday night. Members are hoping the additional time will allow them to come to agreement without ending authorization for the intelligence gathering program, which permits US officials to monitor phone calls and text messages from foreign targets... There was an hour of suspense in the Senate Friday morning when it appeared possible that Democratic Sen. Ron Wyden, a longtime critic of FISA 702, might block the House-passed extension. But ultimately, he said his House colleagues had assured him "this short-term extension makes reform more likely, and expiration makes reform less likely," and so he chose not to object.... House Republican leaders believed Thursday night they had struck a deal with conservative holdouts who harbor deep and longstanding concerns that a key piece of the law infringes on Americans' privacy rights. But in a pair of after-midnight votes, more than a dozen rank-and-file Republicans rejected the long-term reauthorization plan on the floor, which was the result of days of tense negotiations among leadership, lawmakers and the White House. The law allows authorized US officials to gather phone calls and text messages of foreign targets, but they can also incidentally collect the data of Americans in the process. Senior national security officials have for years said the law is critical for thwarting terror attacks, stemming the flow of fentanyl into the US and stopping ransomware attacks on critical infrastructure. Civil liberties groups on the left and the right, meanwhile, argue the surveillance authority risks infringing on Americans' privacy.<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=US+Congress+Fails+to+Pass+Long-Term+FISA+Extension%2C+Authorizes+It+Through+April+30%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F18%2F1834202%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F18%2F1834202%2Fus-congress-fails-to-pass-long-term-fisa-extension-authorizes-it-through-april-30%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/26/04/18/1834202/us-congress-fails-to-pass-long-term-fisa-extension-authorizes-it-through-april-30?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> EditorDavid 2026-04-18T19:34:00+00:00 privacy what's-on-tap yro 39 39,33,25,23,7,4,1 https://yro.slashdot.org/story/26/04/18/156236/20-year-old-enters-prison-for-historic-breach-ransoming-of-massive-student-database?utm_source=rss1.0mainlinkanon&utm_medium=feed 20-year-old Matthew Lane sent a text message to ABC News as his parents drove him to federal prison in Connecticut. "I'm just scared," he said, calling the whole situation "extremely sad." Barely a year earlier, while still a teenager, he helped launch what's been described as the biggest cyberattack in U.S. education history &mdash; a data breach that concerned authorities so much, it prompted briefings with senior government officials inside the White House Situation Room. The breach pierced the education technology company PowerSchool &mdash; used by 80% of school districts in North America... [and operating in about 90 countries around the world]. With threats to expose social security numbers, dates of birth, family information, grades, and even confidential medical information, the breach cornered PowerSchool into paying millions of dollars in ransom. "I think I need to go to prison for what I did," Lane told ABC News in an exclusive interview, speaking publicly for the first time about the headline-grabbing heist and his life as a cybercriminal. "It was disgusting, it was greedy, it was rooted in my own insecurities, it was wrong in every aspect," he said in the interview, two days before reporting to prison... At about 6:30 on a Tuesday morning last April, FBI agents started banging on the door of Lane's second-floor dorm room. "FBI! We have a search warrant," Lane recalled them shouting. They seized his devices and many of the luxury items he bought with "dirty" money, as he put it. He said he felt a "wave of relief.... I'm honestly thankful for the FBI," he said. "After they left, I was like, 'It's over ... I'm done with this'..." A federal judge in Massachusetts sentenced him to four years in federal prison and ordered him to pay more than $14 million in restitution. "In the wake of the breach, PowerSchool offered two years' worth of credit-monitoring and identity protection services to concerned customer," the article points out. But it also notes two other arrests in September of teenaged cybercriminals: - A 15-year-old boy in Illinois who allegedly attacked Las Vegas casinos, reportedly costing MGM Resorts alone more than $100 million - A British national who when he was 16 helped breach over 110 companies around the world and extort $115 million. But ironically, Lane tells ABC News it all started on Roblox, where he'd met cheaters, password-stealers, and cybercriminals sharing photos of their stacks of money, creating a "sense of camaraderie" Lane and others warn that online forums also attract criminal groups seeking to recruit potential hackers. "The bad guys are on all the platforms watching the kids playing," Hay said. "And when they see an elite-level performer, they go approach that kid, masquerading as another kid, and they go, 'Hey, you want to earn some [money]? ... Here are the tools, here are the techniques'...." According to Lane, he spent his "ill-gotten gains" on designer clothes, diamond jewelry, DoorDash deliveries, Airbnb rentals for him and his friends, and drugs &mdash; "lots of drugs." He said he would numb ever-present feelings of guilt with drugs &mdash; from high-potency marijuana to acid. But it was hacking that gave him the strongest high. "It's indescribable the adrenaline you get when you do something like that," he said. "It's way more than driving 120 miles per hour. ... Incomparable to any drug at all, as well." "On Monday, Roblox announced that, starting in June, it will offer age-checked accounts for younger users that limit what games they can play, and add 'more closely align content access, communication settings, and parental controls with a user's age.'"<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=20-Year-Old+Enters+Prison+for+Historic+Breach%2C+Ransoming+of+Massive+Student+Database%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F18%2F156236%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F18%2F156236%2F20-year-old-enters-prison-for-historic-breach-ransoming-of-massive-student-database%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/26/04/18/156236/20-year-old-enters-prison-for-historic-breach-ransoming-of-massive-student-database?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> EditorDavid 2026-04-18T16:34:00+00:00 crime buy-and-cell yro 46 46,45,34,26,3,2,1 https://yro.slashdot.org/story/26/04/18/039221/us-government-now-wants-anthropics-mythos-preparing-for-ai-cybersecurity-threats?utm_source=rss1.0mainlinkanon&utm_medium=feed Friday Anthropic's CEO met with top U.S. officials and "discussed opportunities for collaboration," according to a White House spokesperson itedd by Politico, "as well as shared approaches and protocols to address the challenges associated with scaling this technology." CNN notes the meeting happens at the same time Anthropic "battles the Trump administration in court for blacklisting its Claude AI model..." The meeting took place as the US government is trying to balance its hardline approach to Anthropic with the national security implications of turning its back on the company's breakthrough technology &mdash; including its Mythos tool that can identify cybersecurity threats but also present a roadmap for hackers to attack companies or the government... The Office of Management and Budget has already told agencies it is preparing to give them access to Mythos to prepare, Bloomberg reported. Axios reported the White House is also in discussion to gain access to Mythos. The Trump administration "recognizes the power" of Mythos, reports Axios, "and its highly sophisticated &mdash; and potentially dangerous &mdash; ability to breach cybersecurity defenses." "It would be grossly irresponsible for the U.S. government to deprive itself of the technological leaps that the new model presents," a source close to negotiations told us. "It would be a gift to China"... Some parts of the U.S. intelligence community, plus the Cybersecurity and Infrastructure Security Agency (CISA, part of Homeland Security), are testing Mythos. Treasury and others want it. The White House added they plan to invite other AI companies for similar discussions, Politico reports. But Mythos "is also alarming regulators in Europe, who have told POLITICO they have not been able to gain access..." U.S. government agency tech leaders sought access to the model after Anthropic earlier this year began testing the model and granted limited access to a select group of companies, including JPMorgan, Amazon and Apple... after finding it had hacking capabilities far outstripping those of previous AI models. This includes the ability to autonomously identify and exploit complex software vulnerabilities, such as so-called zero-day flaws, which even some of the sharpest human minds are unable to patch. The AI startup also wrote that the model could carry out end-to-end cyberattacks autonomously, including by navigating enterprise IT systems and chaining together exploits. It could also act as a force-multiplier for research needed to build chemical and biological weapons, and in certain instances, made efforts to cover its tracks when attacking systems, according to Anthropic's report on the model's capabilities and its safety assessments. Those findings and others have inspired fears that the model could be co-opted to launch powerful cyberattacks with relative ease if it fell into the wrong hands. Logan Graham, a senior security researcher at Anthropic, previously told POLITICO that researchers and tech firms had been given early access to Mythos so they could find flaws in their critical code before state-backed hackers or cybercriminals could exploit them. "Within six, 12 or 24 months, these kinds of capabilities could be just broadly available to everybody in the world," Graham said.<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=US+Government+Now+Wants+Anthropic's+'Mythos'%2C+Preparing+for+AI+Cybersecurity+Threats%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F18%2F039221%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F18%2F039221%2Fus-government-now-wants-anthropics-mythos-preparing-for-ai-cybersecurity-threats%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/26/04/18/039221/us-government-now-wants-anthropics-mythos-preparing-for-ai-cybersecurity-threats?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> EditorDavid 2026-04-18T14:34:00+00:00 ai Claude-your-way-back yro 24 24,24,19,16,7,4,3 https://yro.slashdot.org/story/26/04/18/014244/shuttered-startups-are-selling-old-slack-chats-emails-to-ai-companies?utm_source=rss1.0mainlinkanon&utm_medium=feed Some failed startups are reportedly selling old Slack messages, emails, and other internal records to AI companies as training data, creating a new way to cash out after shutting down. Fast Company reports: Shanna Johnson, the CEO of now-defunct software company Cielo24, told the publication that she was able to sell every Slack message, internal email, and Jira ticket as training data for "hundreds of thousands of dollars." This isn't a one-off scenario. SimpleClosure, a startup that helps companies like Cielo24 shut down, told Forbes that there's been major interest from AI companies trying to get their hands on workplace data. Because of this, SimpleClosure launched a new tool that allows companies to sell their wealth of internal communications -- from Slack archives to email chains -- to AI labs. The company said it's processed 100 such deals in the past year. Payouts ranged from $10,000 to $100,000. "I think the privacy issues here are quite substantial," Marc Rotenberg, founder of the Center for AI and Digital Policy, told Forbes. "Employee privacy remains a key concern, particularly because people have become so dependent on these new internal messaging tools like Slack. ... It's not generic data. It's identifiable people."<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=Shuttered+Startups+Are+Selling+Old+Slack+Chats%2C+Emails+To+AI+Companies%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F18%2F014244%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F18%2F014244%2Fshuttered-startups-are-selling-old-slack-chats-emails-to-ai-companies%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/26/04/18/014244/shuttered-startups-are-selling-old-slack-chats-emails-to-ai-companies?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> BeauHD 2026-04-18T11:00:00+00:00 privacy would-you-look-at-that yro 40 40,40,33,31,8,5,2 https://yro.slashdot.org/story/26/04/17/2115258/gazing-into-sam-altmans-orb-could-solve-ticket-scalping?utm_source=rss1.0mainlinkanon&utm_medium=feed An anonymous reader quotes a report from Wired: Sam Altman's iris-scanning, humanity-verifying World project announced at an event in San Francisco on Friday that Tinder users around the globe can now put a digital badge on their profiles signaling to potential suitors that they're a real human, provided they've already stared into one of World's glossy white Orbs and allowed their eyes to be scanned. The announcement follows a pilot project for Tinder verification that World previously conducted in Japan. [...] In addition to the Tinder global expansion, Tools for Humanity, the company behind World, announced a number of other consumer and enterprise partnerships on Friday at its Lift Off event in San Francisco. The startup says Tinder users who verify with their World ID will receive five free "boosts," typically a paid feature that increases the number of users who see a profile by up to 10 times for 30 minutes. The videoconferencing platform Zoom also says that users can now require other participants to verify their identity with World before joining a call. Docusign, the contract signing software, will allow users to require World's identity verification technology. Tiago Sada, Tools for Humanity's chief product officer, tells WIRED the company sees major platform partnerships as key to helping World become a mainstream identity-verification technology. Sada said he's especially interested in working with social media companies in the future, and was encouraged to see that Reddit has started testing World as a solution to help users distinguish bots from real people. [...] World is also launching a tool called Concert Kit, which lets artists reserve concert tickets for verified humans, a pitch aimed squarely at the bot-driven scalping problem that critics say has plagued sites like TicketMaster. World will test the feature on the upcoming Bruno Mars World Tour featuring Anderson .Paak, who is scheduled to play a verified-humans-only show under his alias DJ Pee .Wee in San Francisco on Friday night. "The idea that World ID is not just private, but it's one of the most private things you've ever used, that's not obvious," says Sada. "We're just not used to this kind of technology. Many people used to tape their [iPhone's sensor used to enable] Face ID when it came out, then we got used to it."<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=Gazing+Into+Sam+Altman's+Orb+Could+Solve+Ticket+Scalping%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F17%2F2115258%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F17%2F2115258%2Fgazing-into-sam-altmans-orb-could-solve-ticket-scalping%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/26/04/17/2115258/gazing-into-sam-altmans-orb-could-solve-ticket-scalping?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> BeauHD 2026-04-17T21:00:00+00:00 privacy proof-of-human yro 57 57,56,52,49,12,8,4 https://news.slashdot.org/story/26/04/17/0345239/newly-unsealed-records-reveal-amazons-price-fixing-tactics?utm_source=rss1.0mainlinkanon&utm_medium=feed Newly unsealed records in California's antitrust case against Amazon allegedly show the company pressured third-party sellers to raise prices on rival sites like Walmart, Target, and Wayfair so Amazon could maintain the appearance of offering the lowest price. California says Amazon used tools like Buy Box suppression to punish cheaper listings elsewhere. The Guardian reports: [...] In one previously redacted deposition, marked "highly confidential," Mayer Handler, owner of a clothing company called Leveret, testified that he received an email in October 2022 from Amazon notifying him that one of his products was "no longer eligible to be a featured offer" through Amazon's Buy Box. The tech giant, he testified, had suppressed the item, a tiger-themed, toddler's pajama set, because his company was selling it for $19.99 on Amazon, a single cent higher than what his company was offering it for on Walmart. Afterwards, Handler testified, his company "changed pricing on Walmart to match or exceed Amazon's price" or changed the item's product code to try to throw off Amazon's price tracking system. In response to a question from the Guardian, Handler criticized Amazon for tracking prices across the internet and "shadow" blocking his company's products -- tactics which he said were depriving consumers of "lower prices." "Maybe that's capitalism," he wrote. "Or that's a monopoly causing price hikes on the consumer." In another unsealed deposition, Terry Esbenshade, a Pennsylvania garden store supplier, testified in October 2024 that whenever his products lost Amazon's Buy Box because of lower prices elsewhere on the internet, his sales on Amazon would plummet by about 80%. This financial reality forced him to try to raise his products' prices with other retailers elsewhere, he said. In one instance, Esbenshade testified, he discovered that one of his company's better-selling patio tables had "become suppressed" on Amazon. Esbenshade wasn't sure why, he recalled, until someone at Amazon suggested he look at Wayfair, another online retailer that happened to be selling his patio table below Amazon's price. The businessman went online and set up a new minimum advertised price for the table on Wayfair to ensure it was higher than Amazon's. "So that raised the price up, and, voila, my product came back" on Amazon, he said, thanks to the reinstatement of the Buy Box.<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=Newly+Unsealed+Records+Reveal+Amazon's+Price-Fixing+Tactics%3A+https%3A%2F%2Fnews.slashdot.org%2Fstory%2F26%2F04%2F17%2F0345239%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fnews.slashdot.org%2Fstory%2F26%2F04%2F17%2F0345239%2Fnewly-unsealed-records-reveal-amazons-price-fixing-tactics%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://news.slashdot.org/story/26/04/17/0345239/newly-unsealed-records-reveal-amazons-price-fixing-tactics?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> BeauHD 2026-04-17T16:00:00+00:00 money maybe-that's-capitalism news 22 22,21,19,18,10,9,7 https://yro.slashdot.org/story/26/04/16/2052224/totalrecall-reloaded-tool-finds-a-side-entrance-to-windows-11-recall-database?utm_source=rss1.0mainlinkanon&utm_medium=feed An anonymous reader quotes a report from Ars Technica: Two years ago, Microsoft launched its first wave of "Copilot+" Windows PCs with a handful of exclusive features that could take advantage of the neural processing unit (NPU) hardware being built into newer laptop processors. These NPUs could enable AI and machine learning features that could run locally rather than in someone's cloud, theoretically enhancing security and privacy. One of the first Copilot+ features was Recall, a feature that promised to track all your PC usage via screenshot to help you remember your past activity. But as originally implemented, Recall was neither private nor secure; the feature stored its screenshots plus a giant database of all user activity in totally unencrypted files on the user's disk, making it trivial for anyone with remote or local access to grab days, weeks, or even months of sensitive data, depending on the age of the user's Recall database. After journalists and security researchers discovered and detailed these flaws, Microsoft delayed the Recall rollout by almost a year and substantially overhauled its security. All locally stored data would now be encrypted and viewable only with Windows Hello authentication; the feature now did a better job detecting and excluding sensitive information, including financial information, from its database; and Recall would be turned off by default, rather than enabled on every PC that supported it. The reconstituted Recall was a big improvement, but having a feature that records the vast majority of your PC usage is still a security and privacy risk. Security researcher Alexander Hagenah was the author of the original "TotalRecall" tool that made it trivially simple to grab the Recall information on any Windows PC, and an updated "TotalRecall Reloaded" version exposes what Hagenah believes are additional vulnerabilities. The problem, as detailed by Hagenah on the TotalRecall GitHub page, isn't with the security around the Recall database, which he calls "rock solid." The problem is that, once the user has authenticated, the system passes Recall data to another system process called AIXHost.exe, and that process doesn't benefit from the same security protections as the rest of Recall. "The vault is solid," Hagenah writes. "The delivery truck is not." The TotalRecall Reloaded tool uses an executable file to inject a DLL file into AIXHost.exe, something that can be done without administrator privileges. It then waits in the background for the user to open Recall and authenticate using Windows Hello. Once this is done, the tool can intercept screenshots, OCR'd text, and other metadata that Recall sends to the AIXHost.exe process, which can continue even after the user closes their Recall session. "The VBS enclave won't decrypt anything without Windows Hello," Hagenah writes. "The tool doesn't bypass that. It makes the user do it, silently rides along when the user does it, or waits for the user to do it." A handful of tasks, including grabbing the most recent Recall screenshot, capturing select metadata about the Recall database, and deleting the user's entire Recall database, can be done with no Windows Hello authentication. Once authenticated, Hagenah says the TotalRecall Reloaded tool can access both new information recorded to the Recall database as well as data Recall has previously recorded. "We appreciate Alexander Hagenah for identifying and responsibly reporting this issue. After careful investigation, we determined that the access patterns demonstrated are consistent with intended protections and existing controls, and do not represent a bypass of a security boundary or unauthorized access to data," a Microsoft spokesperson told Ars. "The authorization period has a timeout and anti-hammering protection that limit the impact of malicious queries."<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status='TotalRecall+Reloaded'+Tool+Finds+a+Side+Entrance+To+Windows+11+Recall+Database%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F16%2F2052224%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F16%2F2052224%2Ftotalrecall-reloaded-tool-finds-a-side-entrance-to-windows-11-recall-database%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/26/04/16/2052224/totalrecall-reloaded-tool-finds-a-side-entrance-to-windows-11-recall-database?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> BeauHD 2026-04-16T23:00:00+00:00 privacy recalled-again yro 29 29,29,26,24,9,6,4 https://yro.slashdot.org/story/26/04/16/184240/google-pentagon-discuss-classified-ai-deal?utm_source=rss1.0mainlinkanon&utm_medium=feed An anonymous reader quotes a report from Reuters: Alphabet's Google is negotiating an agreement with the Department of Defense that would allow the Pentagon to deploy its Gemini AI models in classified settings, the Information reported on Thursday, citing two people with direct knowledge of the discussions. The two parties are discussing an agreement that would allow the Pentagon to use Google's AI for all lawful uses, according to the report. During the negotiations, Google has proposed additional language in its contract with the department to prevent its AI from being used for domestic mass surveillance or autonomous weapons without appropriate human control, the Information reported. The Pentagon will continue to deploy frontier AI capabilities through strong industry partnerships across all classification levels, a Pentagon official said, without confirming any talks with Google.<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=Google%2C+Pentagon+Discuss+Classified+AI+Deal%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F16%2F184240%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F16%2F184240%2Fgoogle-pentagon-discuss-classified-ai-deal%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/26/04/16/184240/google-pentagon-discuss-classified-ai-deal?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> BeauHD 2026-04-16T19:00:00+00:00 government behind-the-scenes yro 19 19,19,14,13,4,4,1 https://yro.slashdot.org/story/26/04/16/0717208/eu-age-verification-app-announced-to-protect-children-online?utm_source=rss1.0mainlinkanon&utm_medium=feed The EU says a new age-verification app is technically ready and could let users prove they are old enough to access restricted online content without revealing their identity or personal data. Deutsche Welle reports: Once released, users will be able to download the app from an app store and set it up using proof of identity, such as a passport or national ID card. They can then use it to confirm they are above a certain age when accessing restricted content, without revealing their identity. According to the Commission, the system is similar to the digital certificates used during the COVID-19 pandemic, which allowed people to prove their vaccination status. The app is expected to support enforcement of the bloc's Digital Services Act, which aims to better regulate online platforms. This includes restricting access to content such as pornography, gambling and alcohol-related services. Officials say the app will be "completely anonymous" and built on open-source technology, meaning it could also be adopted outside the EU. [...] While there is no binding EU-wide law yet, the European Parliament has called for a minimum age of 16 for social media access. For now, enforcement would largely fall to individual member states, but the new app is intended to help platforms comply with future national and EU rules.<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=EU+Age+Verification+App+Announced+To+Protect+Children+Online%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F16%2F0717208%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F16%2F0717208%2Feu-age-verification-app-announced-to-protect-children-online%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/26/04/16/0717208/eu-age-verification-app-announced-to-protect-children-online?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> BeauHD 2026-04-16T16:00:00+00:00 eu ready-to-go yro 109 109,105,87,67,20,7,7 https://yro.slashdot.org/story/26/04/15/1913213/calcom-is-going-closed-source-because-of-ai?utm_source=rss1.0mainlinkanon&utm_medium=feed Cal is moving its flagship scheduling software from open source to a proprietary license, arguing that AI coding tools now make it much easier for attackers to scan public codebases for vulnerabilities. "Open source security always relied on people to find and fix any problems," said Peer Richelsen, co-founder of Cal. "Now AI attackers are flaunting that transparency." CEO Bailey Pumfleet added: "Open-source code is basically like handing out the blueprint to a bank vault. And now there are 100x more hackers studying the blueprint." The company says it still supports open source and is releasing a separate Cal.diy version for hobbyists, but doesn't want to risk customer booking data in its commercial product. ZDNet reports: When Cal was founded in 2022, Bailey Pumfleet, the CEO and co-founder, wrote, "Cal.com would be an open-source project [because] limitations of existing scheduling products could only be solved by open source." Since Cal was successful and now claims to be the largest Next.js project, he was on to something. Today, however, Pumfleet tells me that AI programs such as "Claude Opus can scour the code to find vulnerabilities," so the company is moving the project from the GNU Affero General Public License (AGPL) to a proprietary license to defend the program's security. [...] Cal also quoted Huzaifa Ahmad, CEO of Hex Security, "Open-source applications are 5-10x easier to exploit than closed-source ones. The result, where Cal sits, is a fundamental shift in the software economy. Companies with open code will be forced to risk customer data or close public access to their code." "We are committed to protecting sensitive data," Pumfleet said. "We want to be a scheduling company, not a cybersecurity company." He added, "Cal.com handles sensitive booking data for our users. We won't risk that for our love of open source." While its commercial program is no longer open source, Cal has released Cal.diy. This is a fully open-source version of its platform for hobbyists. The open project will enable experimentation outside the closed application that handles high-stakes data. Pumfleet concluded, "This decision is entirely around the vulnerability that open source introduces. We still firmly love open source, and if the situation were to change, we'd open source again. It's just that right now, we can't risk the customer data."<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=Cal.com+Is+Going+Closed+Source+Because+of+AI%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F15%2F1913213%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F15%2F1913213%2Fcalcom-is-going-closed-source-because-of-ai%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/26/04/15/1913213/calcom-is-going-closed-source-because-of-ai?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> BeauHD 2026-04-15T21:00:00+00:00 ai blueprint-to-the-bank-vault yro 92 92,92,84,81,20,12,5 https://yro.slashdot.org/story/26/04/15/1937205/live-nation-illegally-monopolized-ticketing-market-jury-finds?utm_source=rss1.0mainlinkanon&utm_medium=feed A Manhattan federal jury found that Live Nation and Ticketmaster illegally maintained monopoly power in the ticketing market. The findings follow an antitrust case brought by states after a separate DOJ settlement. CNN reports: The verdict was reached following a lengthy trial in New York federal court that included testimony from top executives in the music and entertainment industries. Jurors began deliberating on Friday. The Justice Department and 39 state attorneys general, including California and New York, and Washington, DC, sued Live Nation in 2024 alleging its combination with Ticketmaster and control of "virtually every aspect of the live music ecosystem" have harmed fans, artists, and venues. During the second week of trial, in a move that surprised even the judge, the Justice Department reached a secret settlement with Live Nation. A handful of states signed onto the deal, but more than two dozen proceeded to trial. Under the DOJ deal, Live Nation agreed to allow competitors, like SeatGeek or StubHub, to offer tickets to its events, cap ticketing service fees at 15%, and divest exclusive booking agreements with 13 amphitheaters. The deal includes a $280 million settlement fund for state damages claims for the handful of states that signed onto the deal. The DOJ settlement requires the judge's approval.<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=Live+Nation+Illegally+Monopolized+Ticketing+Market%2C+Jury+Finds%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F15%2F1937205%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F26%2F04%2F15%2F1937205%2Flive-nation-illegally-monopolized-ticketing-market-jury-finds%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/26/04/15/1937205/live-nation-illegally-monopolized-ticketing-market-jury-finds?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> BeauHD 2026-04-15T20:00:00+00:00 court would-you-look-at-that yro 40 40,39,36,33,11,7,5 Search Slashdot stories query https://yro.slashdot.org/search.pl