United Kingdom

Can the UK Increase Green Energy with 'Zonal Energy Pricing'? (theguardian.com) 63

To avoid overloading local electric grids, Britain's most productive windfarm "is paid to turn off," reports the Guardian — and across the industry these so-called "constraint payments" amount to billions every year.

"Government officials are hoping to correct the clear inefficiencies in the market by overhauling the market itself." Greg Jackson, the founder of Octopus Energy, told the Guardian: "It's grotesque that energy costs are rising again this winter, whilst we literally pay windfarms these extortionate prices not to generate. Locational pricing would instead mean that local people got cheap power when it's windy. Scotland would have the cheapest power in Europe, instead of among the most expensive, and every region would be cheaper than today. Companies would invest in infrastructure where we need it — not where they get the highest subsidies."

The changes could catalyse an economic osmosis of high energy users — such as datacentres and factories — into areas of the country with low energy prices, creating new job opportunities beyond the south-east. It could also spur the development of new energy projects — particularly rooftop solar — across buildings in urban areas where energy demand is high. This rebalancing of the energy market could save the UK nearly £49bn in accumulated network costs by 2040, according to a study commissioned by the energy regulator from FTI Consulting.

But others fear the changes could come at a deeper cost to Britain's climate goals — and bill payers too. The clean energy companies preparing to spend billions on building new wind and solar farms are concerned that a redrawing of the market boundaries could radically change the economics of new renewable energy projects — which would ultimately raise the costs, which would be passed on to consumers, or see the projects scrapped altogether... With stiff competition in the international markets for investment in clean energy, Renewable UK [the industry's trade group] fears that companies and their investors will simply choose to build new clean energy projects elsewhere.

"The debate has driven deep rifts across the industry," the article concludes, "between modernisers who believe the new price signals would give rise to a new, rational market and those who fear the changes risk unravelling Britain's low-carbon agenda...

"The government is expected to make a decision on how to proceed in the coming months, but the fierce debate between warring factions of the energy industry is likely to continue for far longer."

Thanks to long-time Slashdot reader AmiMoJo for sharing the news.
Crime

WSJ Profiles The 'Dangerous' Autistic Teen Cybercriminal Who Leaked GTA VI Clips (msn.com) 78

The Wall Street Journal delves into the origin story of that teenaged Grand Theft Auto VI leaker. Arion Kurtaj, now 19 years old, is the most notorious name that has emerged from a sprawling set of online communities called the Com... Their youthful inventiveness and tenacity, as well as their status as minors that make prosecution more complicated, have made the Com especially dangerous, according to law-enforcement officials and cybersecurity investigators. Some kids, they say, are recruited from popular online spaces like Minecraft or Roblox.... [William McKeen, a supervisory special agent with the FBI's Cyber Division] said the average age of anyone arrested for a crime in the U.S. is 37, while the average age of someone arrested for cybercrime is 19. Cybersecurity investigators have found posts they say suggest Kurtaj has been involved in online attacks since he was 11.
"He had limited social skills and trouble developing relationships, records say — and ultimately looked for approval in the booming world of cybercrime..." [When Kurtaj was 14] he landed in a residential school serving children with severe emotional and behavioral needs. Kurtaj was physically assaulted by a staff member at his school who was later convicted as a result, according to a person familiar with the case. In early 2021, his mother brought him home and removed him from government care, court records say. He never returned to school. He was 16.

A month after his mother pulled him out of school, investigators say that Kurtaj was part of a hacking group called Recursion Team that broke into the videogame firm Electronic Arts and stole 780 gigabytes of data. When Electronic Arts refused to engage, they dumped the stolen data online. Within a week of that hack, investigators had identified Kurtaj and provided his name to the FBI. Later in that summer of 2021, according to court records, Kurtaj partnered with another teenager, known as ASyntax, and several Brazilian hackers, and started calling themselves Lapsus$. The group hacked into the British telecommunications giant BT in an effort to steal money using a technique called SIM swapping... The hacks weren't always for money. In late 2021, Lapsus$ hacked into a website operated by Brazil's Ministry of Health and deleted the country's database of Covid vaccinations, according to law enforcement...

If the Com has a social center, it's a website called Doxbin, where users publish personal details, such as home addresses and phone numbers, of their online rivals in an attempt to intimidate each other. Kurtaj bought Doxbin in November 2021 for $75,000, according to Chainalysis. But after a few months, the previous owners accused Kurtaj of mismanaging the site and pressured him to sell it back. He relented. Then in January 2022, cybersecurity investigators say, he doxxed the entire site, publishing a database that included usernames, passwords and email addresses that he'd downloaded when he was the owner. For cybersecurity experts, it was a gold mine. "It helped investigators piece together which crimes were done by who," said Allison Nixon, chief research officer at Unit 221B, an online investigations firm.

Doxbin's owners responded with a dox of Kurtaj and his family, including his home address and photos of him, investigators say — setting up the chain of events that would put Kurtaj in the Travelodge.

After two weeks of "protective custody" there — during which time he was supposed to be computer-free — Kurtaj "was arrested a third time and charged with hacking, fraud and blackmail. Authorities said that while at the Travelodge, he broke into Uber and taunted the company by posting a link to a photo of an erect penis on the company's internal Slack messaging system, then stole software and videos from Rockstar Games. Stolen clips had popped up in a Grand Theft Auto discussion forum from a user named teapotuberhacker and stirred a frenzy.

"As officers collected evidence, the teen stood by, emotionless, police say...."

"Kurtaj's lawyers and some experts on autism have said a potential lifetime of incarceration isn't appropriate for a teenager like Kurtaj..."

Thanks to long-time Slashdot reader SpzToid for sharing the article.
United States

North Carolina Maker of High-Purity Quartz Back Operating After Hurricane (apnews.com) 25

Thursday the Associated Press reported: One of the two companies that manufacture high-purity quartz used for making semiconductors and other high-tech products from mines in a western North Carolina community severely damaged by Hurricane Helene is operating again. Sibelco announced on Thursday that production has restarted at its mining and processing operations in Spruce Pine, located 50 miles (80 kilometers) northeast of Asheville. [Per Wikipedia, its pre-hurricane population was 2,175.] Production and shipments are progressively ramping up to full capacity, the company said in a news release.

"While the road to full recovery for our communities will be long, restarting our operations and resuming shipments to customers are important contributors to rebuilding the local economy," Sibelco CEO Hilmar Rode said... A Spruce Pine council member said recently that an estimated three-quarters of the town has a direct connection to the mines, whether through a job, a job that relies on the mines or a family member who works at the facilities.

An announcement last week from Sibelco attributed its resilience to their long-standing commitment to sustainability, "which includes measures to mitigate the impact of extreme weather events such as Hurricane Helene." Initial assessments indicated their operating facilities sustained only minor damage.

And "the company previously announced that all its employees are safe," Sibelco reaffirmed in its announcement Thursday: Sibelco, with support from its contractors, has been contributing to the local recovery efforts by clearing debris, repairing roads, providing road building materials to the North Carolina Department of Transportation, installing temporary power generators for emergency shelters and local businesses, and working with the town of Spruce Pine to restart water supply to residents.

Additionally, Sibelco has incorporated the Sibelco Spruce Pine Foundation to further support the community's recovery. The company previously announced that it is making an immediate $1 million donation as seed money for the foundation. Anyone interested in learning more or contributing to this initiative should contact the foundation by email or by visiting our website for additional information and donation opportunities.

Businesses

Boeing Plans to Cut 17,000 Jobs - 10% of Its Workforce (msn.com) 89

"Boeing said Friday it will cull 10 percent of its workforce — roughly 17,000 jobs," reports the Washington Post, "as the aviation giant grapples with mounting losses and manufacturing disruptions amid a machinists strike that has dragged into a fifth week." Executives, managers and production employees will be affected by the cuts, chief executive Kelly Ortberg informed employees Friday in a memo. Boeing will also delay the launch of its 777X plane until 2026 due to ongoing challenges, Ortberg wrote... The layoffs add to the pain at Boeing, where a stalemate between the company's largest employee union dovetails with ongoing legal troubles and safety woes. The strike has halted production of some of the company's best-selling jets, further adding to its financial troubles. In the past five years, Boeing has lost more than $25 billion...

"Our business is in a difficult position, and it is hard to overstate the challenges we face together," Ortberg said in the memo. "The state of our business and our future recovery require tough actions...." Now at risk of a downgrade to its credit rating as its circumstances worsen, Boeing has taken other steps to reduce expenses, including imposing a hiring freeze and eliminating unnecessary travel.

"The strike by Boeing machinists is costing the company roughly $1 billion a month, according to estimates from S&P Global..."
China

US Officials Race To Understand Severity of China's Salt Typhoon Hacks (msn.com) 20

U.S. officials are racing to understand the full scope of a China-linked hack of major U.S. broadband providers, as concerns mount from members of Congress that the breach could amount to a devastating counterintelligence failure. From a report: Federal authorities and cybersecurity investigators are probing the breaches of Verizon Communications, AT&T and Lumen Technologies. A stealthy hacking group known as Salt Typhoon tied to Chinese intelligence is believed to be responsible. The compromises may have allowed hackers to access information from systems the federal government uses for court-authorized network wiretapping requests, The Wall Street Journal reported last week.

Among the concerns are that the hackers may have essentially been able to spy on the U.S. government's efforts to surveil Chinese threats, including the FBI's investigations. The House Select Committee on China sent letters Thursday asking the three companies to describe when they became aware of the breaches and what measures they are taking to protect their wiretap systems from attack. Spokespeople for AT&T, Lumen and Verizon declined to comment on the attack. A spokesman at the Chinese Embassy in Washington has denied that Beijing is responsible for the alleged breaches.

Combined with other Chinese cyber threats, news of the Salt Typhoon assault makes clear that "we face a cyber-adversary the likes of which we have never confronted before," Rep. John Moolenaar, the Republican chairman of the House Select Committee Committee on China, and Raja Krishnamoorthi, the panel's top Democrat, said in the letters. "The implications of any breach of this nature would be difficult to overstate," they said. Hackers still had access to some parts of U.S. broadband networks within the last week, and more companies were being notified that their networks had been breached, people familiar with the matter said. Investigators remain in the dark about precisely what the hackers were seeking to do, according to people familiar with the response.

Businesses

Bankruptcy Took Down the Redbox Machine. If Only Someone Could Take Them Away. (msn.com) 141

Retailers across the U.S. are grappling with the aftermath of Redbox's bankruptcy, tasked with removing 24,000 abandoned DVD-dispensing machines. CVS, Walgreens, Walmart, and others are facing logistical challenges and potential safety hazards, according to WSJ. The 890-pound kiosks, often hardwired into stores' electrical systems, require specialized removal.

Further reading: Redbox App Axed, Dashing People's Hopes of Keeping Purchased Content.
United States

FEMA Adds Misinformation To Its List of Disasters To Clean Up (theverge.com) 188

The Federal Emergency Management Agency (FEMA) is fighting misinformation on top of a major storm cleanup in Florida as Hurricane Milton rapidly intensifies just after Hurricane Helene rocked the state. From a report: FEMA Administrator Deanne Criswell told reporters on a call Tuesday that misinformation around the storms is "absolutely the worst I have ever seen," according to Politico. FEMA posted a rumor response page about the hurricane, and though it's not the first time it's taken that kind of approach, Criswell said, "I anticipated some of this, but not to the extent that we're seeing."

FEMA's rumor response page includes fact-checks to claims made by former President Donald Trump, like that the agency will only provide $750 to disaster survivors. FEMA says that's just the amount provided quickly through "Serious Needs Assistance" for food and emergency supplies, but survivors could still be eligible for other types of funds, too. Other fact-checks include debunking the false claim that FEMA disaster response resources were diverted to border issues. FEMA says "Disaster Relief Fund money has not been diverted to other, non-disaster related efforts."

Businesses

Bankrupt Fisker Unable To Port EV Data, Risking Multi-Million Dollar Fleet Deal (techcrunch.com) 59

An anonymous reader quotes a report from TechCrunch: Fisker's Chapter 11 bankruptcy has hit a major snag, as the company buying the startup's remaining fleet of electric SUVs says it might not complete the purchase because of a surprising technical issue. The buyer, a New York-area leasing company called American Lease, says in a new filing that Fisker now believes there is no way to transfer the information connected to each SUV to a new server not owned by the bankrupt EV startup. Since American Lease needs that information to operate the vehicles after Fisker is dissolved, the leasing company has filed an emergency objection to the startup's liquidation plan. Fisker was expected to have that plan confirmed in bankruptcy court as early as this Wednesday.

American Lease has already handed over "tens of millions of dollars" after the purchase agreement of the 3,000-plus Ocean SUVs was approved in July. These funds have been crucial because Fisker was using them to pay for the bankruptcy process. Fisker needed that money to keep itself alive long enough to settle its debts and also prepare to liquidate what it says is around $1 billion in assets that were, until recently, under control of an Austrian subsidiary that was going through its own insolvency process. [...] American Lease says in its filing that Fisker first brought up the possibility that it wouldn't be able to transfer the information to a new server on Friday, October 4, at 8 p.m. ET. And it says that this week, Fisker informed American Lease that it won't be possible at all.

"[American Lease] cannot overstate the significance of this unwelcome news, conveyed to it only after it has paid [Fisker] tens of millions of dollars under the Purchase Agreement," the leasing company's lawyers write in the filing. "It is unclear at the present time what, if anything, Debtor representatives have known about the impossibility or impracticability of implementing Porting of the Purchased Vehicles, and when they learned or otherwise knew of that critical information." American Lease is asking to delay Wednesday's hearing and be allowed to perform "expedited and targeted discovery" of Fisker and its representatives to find out more about when Fisker learned of this problem.

Bitcoin

Bitcoin Creator Suspect Says He is Not Bitcoin Creator Suspect (theregister.com) 36

The man identified as Bitcoin creator Satoshi Nakamoto in a new HBO documentary has something to say: Wrong again, world. From a report: In the just-released HBO film on the history of the world's biggest digital currency -- Money Electric: The Bitcoin Mystery -- documentary filmmaker Cullen Hoback comes to the conclusion that the anonymous creator of Bitcoin was none other than a long-time member of the community and early Bitcoin developer Peter Todd. Todd dismissed the claim in the documentary, released yesterday, and denied it again when asked by The Register.

"[Hoback's] evidence for me being Satoshi is the same kind of coincidence-based, circumstantial thinking that fuels conspiracies like QAnon," Todd told us in an email. "Which is ironic, given that [Hoback's] previous big project was a documentary on QAnon. He clearly didn't try to debunk his theories either." Hoback's previous project -- Q: Into the Storm -- aimed to unmask the person behind QAnon, perhaps giving him an interest in uncovering the identity of Satoshi Nakamoto. Todd, however, thinks Hoback was just trying to drum up interest in his new film.

"I think [Hoback] only included the Satoshi claim as a marketing ploy: he was really creating a documentary about Bitcoin, and needed a hook to get media attention," Todd said. "He picked me to accuse mainly because I was an unlikely candidate, which helped drum up even more attention. I don't think he had any interest in finding the real truth."

Bitcoin

Bitcoin Creator Is Peter Todd, HBO Film Says (politico.eu) 74

A new HBO documentary claims Canadian developer Peter Todd is Satoshi Nakamoto, the pseudonymous founder of bitcoin. The documentary's director, Emmy-nominated filmmaker Cullen Hoback, "comes to the conclusion by stitching together old clues and new ones," reports Politico. In the film's finale, Hoback confronted Todd and said: "It seems like you had these deep insights into bitcoin at the time?" Todd replies: "Well, yeah, I'm Satoshi Nakamoto." From the report: The admission, however, is not necessarily a smoking gun. Todd, who is a vocal backer of Ukraine and Israel on his X feed, is known to invoke the claim "I am Satoshi" as an expression of solidarity with the creator's bid for privacy. In an email to CoinDesk prior to the documentary's release, Todd reportedly denied he was the bitcoin creator: "Of course I'm not Satoshi," he said. If Todd is widely accepted as bitcoin's creator, the revelation would end more than a decade of speculation over the identity of a person whose work spawned a global, multibillion-dollar craze for digital currencies: a mania that has pushed back the frontiers of finance but also enabled widespread fraud and other illicit activities.

Todd is not unknown to enthusiasts of the stateless money system. As a longstanding bitcoin core developer known for communicating publicly with "Satoshi" before his disappearance from crypto forums in 2010, his name has always carried weight in the community. But he was rarely considered a prime suspect. A 39-year-old graduate of Ontario College of Art and Design in Toronto, Todd would have been 23 when the famous bitcoin white paper that first laid out the vision for the decentralized money system was being completed. Todd previously told a podcast he was about 15 years old when he first started communicating with key crypto influencers, known as the cypherpunks. "In investigations like these, digital forensics can only take you so far; they're like a compass," Hoback told POLITICO before the documentary aired. "Real answers can only be found offline."

Privacy

MoneyGram Says Hackers Stole Customers' Personal Information, Transaction Data (techcrunch.com) 6

An anonymous reader quotes a report from TechCrunch: U.S. money transfer giant MoneyGram has confirmed that hackers stole its customers' personal information and transaction data during a cyberattack last month. The company said in a statement Monday that an unauthorized third party "accessed and acquired" customer data during the cyberattack on September 20. The cyberattack -- the nature of which remains unknown -- sparked a week-long outage that resulted in the company's website and app falling offline. MoneyGram says it serves over 50 million people in more than 200 countries and territories each year.

The stolen customer data includes names, phone numbers, postal and email addresses, dates of birth, and national identification numbers. The data also includes a "limited number" of Social Security numbers and government identification documents, such as driver's licenses and other documents that contain personal information, like utility bills and bank account numbers. MoneyGram said the types of stolen data will vary by individual. MoneyGram said that the stolen data also included transaction information, such as dates and amounts of transactions, and, "for a limited number of consumers, criminal investigation information (such as fraud)."

Open Source

Fintech OpenBB Aims To Be More Than an 'Open Source Bloomberg Terminal' (techcrunch.com) 7

TechCrunch's Paul Sawers reports: Fledgling fintech startup OpenBB is revealing the next step in its plans to take on the heavyweights of the investment research world. The company is launching a new, free version of a product that will open its arsenal of data and financial tooling to more users. OpenBB is the handiwork of software engineer Didier Lopes, who launched the Python-based platform back in 2021 as a way for amateur investors and enthusiasts to do investment research using different datasets for free, via a command line interface (CLI). The company went on to raise $8.5 million in seed funding from OSS Capital and angel investors such as Ram Shriram, an early backer of Google. While the community-based, open source project has amassed some 50,000 users, OpenBB has also been building an enterprise incarnation called Terminal Pro. This paid version gives teams access to an interface, pre-built database integrations, an Excel add-in, and various security and support bolt-ons that would appeal to larger businesses. [...]

The all-new OpenBB Terminal -- not to be confused with the previous CLI-based OpenBB Terminal that the startup sunsetted in March -- is a full-fledged web app, though it strips out many of the premium features of Terminal Pro. It's fully customizable, can run on any operating system or platform, and provides access to an AI-enabled OpenBB copilot. Like the previous OpenBB Terminal, the all-new web app is also free to use. OpenBB Terminal is perhaps something of a middle ground between the CLI centricity of the open source project and the bells-and-whistles feature set of the enterprise product.

The OpenBB Terminal serves as a single end point for accessing financial information from some 100 data sources, spanning equity, options, forex, the macro economy, and more. Users can also throw all their new data into the mix -- the community has previously contributed financial datasets such as historical currency exchange rates and crypto pricing data. There are also a slew of extensions and toolkits to bring more functionality to OpenBB -- such as an AI stock analysis agent. Users are free to incorporate their own AI systems and large language models (LLMs), which might be particularly important for security and compliance use cases. But with the OpenBB Copilot, categorized as a "compound AI system," users can run natural-language queries about their data out of the box.
While OpenBB has been likened to an "open-source Bloomberg," TechCrunch notes that it's not a direct competitor due to Bloomberg's massive data resources and built-in chat functionality. OpenBB, however, offers flexibility with its open-source platform and customization options.

OpenBB filed for a trademark, but Bloomberg has requested an extension to potentially oppose it, despite the company asserting there's no link between OpenBB and Bloomberg's abbreviation "BBG". Lopes says the name originates from BlackBerry stock, where the founders had lost money during the meme stock craze.
The Almighty Buck

America Risks Running Out of Tickers for Single-Stock ETFs (yahoo.com) 40

U.S. exchanges' four-character limit for ETF tickers is creating fierce competition in the $10 trillion industry, particularly for single-stock funds. With 456,976 possible combinations, options narrow drastically when built around existing company tickers. MicroStrategy-inspired ETFs, for instance, leave issuers with just 52 choices using 'MST'. Memorable tickers are crucial for differentiation and can improve stock liquidity.
Python

The Treasurer of Python NZ Pleads Guilty To Stealing From the Society (interest.co.nz) 20

Long-time Slashdot reader Bismillah writes: Python New Zealand has gone through some rough times lately, with its then-treasurer stealing money from the society.. Things were looking really serious for a while, with Python NZ looking at being liquidated due to the theft of funds.

However, there is a silver lining to the story, as the free and open source movement rallied behind Python NZ and got them out of a serious pickle.

"Our friends at Linux Australia and at the Python Software Foundation went well above and beyond to support us, and save us," says Tom Eastman president of Python New Zealand, in an article from interest.co.nz.

He also says he hopes the treasure is ordered by the court to pay restitution. (In the article the treasurer confirms that he's pleaded guilty to the theft, which took place between February 2019 and October 2023 — leaving Python NZ owing conference supplies around $55,000.) "We had $26 in the bank accounts," Eastman tells the site.

The group now has new transparency and accountability measures...
IOS

iOS and Android Security Scare: Two Apps Found Supporting 'Pig Butchering' Scheme (forbes.com) 31

"Pig Butchering Alert: Fraudulent Trading App targeted iOS and Android users."

That's the title of a new report released this week by cybersecurity company Group-IB revealing the official Apple App Store and Google Play store offered apps that were actually one part of a larger fraud campaign. "To complete the scam, the victim is asked to fund their account... After a few seemingly successful trades, the victim is persuaded to invest more and more money. The account balance appears to grow rapidly. However, when the victim attempts to withdraw funds, they are unable to do so."

Forbes reports: Group-IB determined that the frauds would begin with a period of social engineering reconnaissance and entrapment, during which the trust of the potential victim was gained through either a dating app, social media app or even a cold call. The attackers spent weeks on each target. Only when this "fattening up" process had reached a certain point would the fraudsters make their next move: recommending they download the trading app from the official App Store concerned.

When it comes to the iOS app, which is the one that the report focussed on, Group-IB researchers said that the app remained on the App Store for several weeks before being removed, at which point the fraudsters switched to phishing websites to distribute both iOS and Android apps. The use of official app stores, albeit only fleetingly as Apple and Google removed the fake apps in due course, bestowed a sense of authenticity to the operation as people put trust in both the Apple and Google ecosystems to protect them from potentially dangerous apps.

"The use of web-based applications further conceals the malicious activity," according to the researchers, "and makes detection more difficult." [A]fter the download is complete, the application cannot be launched immediately. The victim is then instructed by the cybercriminals to manually trust the Enterprise developer profile. Once this step is completed, the fraudulent application becomes operational... Once a user registers with the fraudulent application, they are tricked into completing several steps. First, they are asked to upload identification documents, such as an ID card or passport. Next, the user is asked to provide personal information, followed by job-related details...

The first discovered application, distributed through the Apple App Store, functions as a downloader, merely retrieving and displaying a web-app URL. In contrast, the second application, downloaded from phishing websites, already contains the web-app within its assets. We believe this approach was deliberate, since the first app was available in the official store, and the cybercriminals likely sought to minimise the risk of detection. As previously noted, the app posed as a tool for mathematical formulas, and including personal trading accounts within an iOS app would have raised immediate suspicion.

The app (which only runs on mobile phones) first launches a fake activity with formulas and graphics, according to the researchers. "We assume that this condition must bypass Apple's checks before being published to the store. As we can see, this simple trick allows cybercriminals to upload their fraudulent application to the Apple Store." They argue their research "reinforces the need for continued review of app store submissions to prevent such scams from reaching unsuspecting victims". But it also highlights "the importance of vigilance and end-user education, even when dealing with seemingly trustworthy apps..."

"Our investigation began with an analysis of Android applications at the request of our client. The client reported that a user had been tricked into installing the application as part of a stock investment scam. During our research, we uncovered a list of similar fraudulent applications, one of which was available on the Google Play Store. These apps were designed to display stock-related news and articles, giving them a false sense of legitimacy."
Privacy

License Plate Readers Are Creating a US-Wide Database of More Than Just Cars (wired.com) 109

Wired reports on "AI-powered cameras mounted on cars and trucks, initially designed to capture license plates, but which are now photographing political lawn signs outside private homes, individuals wearing T-shirts with text, and vehicles displaying pro-abortion bumper stickers — all while recordi00ng the precise locations of these observations..."

The detailed photographs all surfaced in search results produced by the systems of DRN Data, a license-plate-recognition (LPR) company owned by Motorola Solutions. The LPR system can be used by private investigators, repossession agents, and insurance companies; a related Motorola business, called Vigilant, gives cops access to the same LPR data. However, files shared with WIRED by artist Julia Weist, who is documenting restricted datasets as part of her work, show how those with access to the LPR system can search for common phrases or names, such as those of politicians, and be served with photographs where the search term is present, even if it is not displayed on license plates... Beyond highlighting the far-reaching nature of LPR technology, which has collected billions of images of license plates, the research also shows how people's personal political views and their homes can be recorded into vast databases that can be queried.

"It really reveals the extent to which surveillance is happening on a mass scale in the quiet streets of America," says Jay Stanley, a senior policy analyst at the American Civil Liberties Union. "That surveillance is not limited just to license plates, but also to a lot of other potentially very revealing information about people."

DRN, in a statement issued to WIRED, said it complies with "all applicable laws and regulations...." Over more than a decade, DRN has amassed more than 15 billion "vehicle sightings" across the United States, and it claims in its marketing materials that it amasses more than 250 million sightings per month. Images in DRN's commercial database are shared with police using its Vigilant system, but images captured by law enforcement are not shared back into the wider database. The system is partly fueled by DRN "affiliates" who install cameras in their vehicles, such as repossession trucks, and capture license plates as they drive around. Each vehicle can have up to four cameras attached to it, capturing images in all angles. These affiliates earn monthly bonuses and can also receive free cameras and search credits...

"License plate recognition (LPR) technology supports public safety and community services, from helping to find abducted children and stolen vehicles to automating toll collection and lowering insurance premiums by mitigating insurance fraud," Jeremiah Wheeler, the president of DRN, says in a statement... Wheeler did not respond to WIRED's questions about whether there are limits on what can be searched in license plate databases, why images of homes with lawn signs but no vehicles in sight appeared in search results, or if filters are used to reduce such images.

Privacy experts shared their reactions with Wired
  • "Perhaps [people] want to express themselves in their communities, to their neighbors, but they don't necessarily want to be logged into a nationwide database that's accessible to police authorities." — Jay Stanley, a senior policy analyst at the American Civil Liberties Union
  • "When government or private companies promote license plate readers, they make it sound like the technology is only looking for lawbreakers or people suspected of stealing a car or involved in an amber alert, but that's just not how the technology works. The technology collects everyone's data and stores that data often for immense periods of time." — Dave Maass, an EFF director of investigations
  • "The way that the country is set up was to protect citizens from government overreach, but there's not a lot put in place to protect us from private actors who are engaged in business meant to make money." — Nicole McConlogue, associate law professor at Mitchell Hamline School of Law (who has researched license-plate-surveillance systems)

Thanks to long-time Slashdot reader schwit1 for sharing the article.


Security

Collapse of National Security Elites' Cyber Firm Leaves Bitter Wake (apnews.com) 15

Cybersecurity firm IronNet, founded by former NSA director Keith Alexander, has collapsed after failing to deliver on its promise to revolutionize cyber defense. The company, which went public in 2021 with a $3 billion valuation, shut down in September 2023 after running out of money.

IronNet's downfall has left investors and former employees bitter, with some accusing the company of misleading them about its financial health. "I'm honestly ashamed that I was ever an executive at that company," said Mark Berly, a former IronNet vice president. He said the company's top leaders cultivated a culture of deceit "just like Theranos." Critics point to questionable business practices, subpar products, and associations that potentially exposed the firm to Russian influence. The company's board included high-profile national security figures, which helped attract investments and contracts. However, IronNet struggled to secure major deals and meet revenue projections.
Microsoft

Rival Browsers Allege Microsoft's Practices on Edge Unfair (usnews.com) 56

Microsoft gives its Edge web browser an unfair advantage and EU antitrust regulators should subject it to tough EU tech rules, three rival browsers and a group of web developers said in a letter to the European Commission. From a report: The move by Vivaldi, Waterfox, Wavebox and the Open Web Advocacy could boost Norwegian browser company Opera which in July took the European Commission to court for exempting Edge from the Digital Markets Act (DMA). [...] "Unfair practices are currently allowed to persist on the Windows' ecosystem with respect to Edge, unmitigated by the choice screens that exist on mobile," they said, pointing to Edge set as the default browser on all Windows computers. "No platform independent browser can aspire to match Edge's unparalleled distribution advantage on Windows. Edge is, moreover, the most important gateway for consumers to download an independent browser on Windows PCs."
AI

OpenAI Gets $4 Billion Revolving Credit Line, Giving It More Than $10 Billion in Liquidity (cnbc.com) 23

OpenAI has a $4 billion revolving line of credit, bringing its total liquidity to more than $10 billion, CNBC reported Thursday. From the report: It follows news on Wednesday that OpenAI closed its recent funding round at a valuation of $157 billion, including the $6.6 billion the company raised from an extensive roster of investment firms and big tech companies. JPMorgan Chase, Citi, Goldman Sachs, Morgan Stanley, Santander, Wells Fargo, SMBC, UBS, and HSBC all participated. The base credit line is $4 billion, with an option to increase it by an additional $2 billion. The loan is unsecured and can be tapped over the course of three years. OpenAI's interest rate is equal to the Secured Overnight Financing Rate (SOFR) plus 100 basis points. SOFR, a measure of the cost of borrowing cash overnight, sat at just over 5% as of early this week, meaning OpenAI would be paying roughly 6% on money that it borrows right away.
The Almighty Buck

PayPal Completes Its First Business Transaction Using Stablecoin (bloomberg.com) 20

PayPal completed its first business payment using its proprietary stablecoin as a way to demonstrate how digital currencies can be used to improve often-clunky commercial transactions. From a report: PayPal paid an invoice to Ernst & Young LLP on Sept. 23 using PYUSD, the stablecoin the firm launched last year, relying on an SAP SE platform to complete the transaction. SAP's platform, known as the digital currency hub, allows enterprises to send and receive digital payments instantly, around the clock. The invoice amount wasn't disclosed.

Stablecoins are cryptocurrencies usually designed to track traditional currencies one-to-one. PYUSD, which has a current market capitalization of almost $700 million, tracks the US dollar. While the consumer-facing benefits of stablecoins often dominate conversations, this payment demonstrates other use cases for the digital currency, according to Jose Fernandez da Ponte, PayPal's senior vice president of its blockchain, cryptocurrency and digital currency group.

Slashdot Top Deals