Twitter will let its users access stocks, cryptocurrencies and other financial assets through a partnership with eToro, a social trading company. From a report: Starting Thursday, a new feature will be rolled out on the Twitter app. It will allow users to view market charts on an expanded range of financial instruments and buy and sell stocks and other assets from eToro, the company told CNBC exclusively. Currently, it's already possible to view real-time trading data from TradingView on index funds like the S&P 500 and shares of some companies such as Tesla. That can be done using Twitter's "cashtags" feature -- you search for a ticker symbol and insert dollar sign in front of it, after which the app will show you price information from TradingView using an API (application programming interface).

With the eToro partnership, Twitter cashtags will be expanded to cover far more instruments and asset classes, an eToro spokesperson told CNBC. You'll also be able to click a button that says "view on eToro," which takes you through to eToro's site, and then buy and sell assets on its platform. EToro uses TradingView as its market data partner. "As we've grown over the past three years immensely, we've seen more and more of our users interact on Twitter [and] educate themselves about the markets," Yoni Assia, eToro's CEO, told CNBC in an interview.

An anonymous reader quotes a report from PC Gamer: Back in 2017, we learned about the biggest heist in EVE Online history: A year-long inside job that ultimately made off with an estimated 1.5 triillion ISK, worth around $10,000 in real money. But now another EVE player claims to have pulled off a heist worth significantly more than that -- and with significantly less work involved. The 2017 heist, like so many of EVE's most interesting stories, relied primarily on social engineering: Investing months or years of time into grooming a target before pulling the rug out from beneath them. But redditor Flam_Hill said this job was less bloody: Instead of betrayal, this theft was dependent upon learning and exploiting the "shares mechanic" in EVE Online in order to leverage a takeover of Event Horizon Expeditionaries, a 299-member corporation that was part of the Pandemic Horde alliance.

Using a "clean account with a character with a little history," Flan_Hill and an unnamed partner applied for membership in the EHEXP corporation. After the account was accepted, Flan_Hill transferred enough of his shares in the corporation to the infiltrator to enable a call for a vote for a new CEO. The conspirators both voted yes, while nobody else in the corporation voted at all. This was vital, because after 72 hours the two "yes" votes carried the day. The infiltrating agent was very suddenly made CEO, which was in turn used to make Flan_Hill an Event Horizon Expeditionaries director, at which point they removed all the other corporate directors and set to emptying the coffers. They stripped 130 billion ISK from the corporate wallet, but that was only a small part of the haul: Counting all stolen assets, including multiple large ships, Flam_Hill estimated the total value of the heist at 2.23 trillion ISK, which works out to more than $22,300 in real money. ISK can't be legally cashed out of EVE Online, but it can be used to buy Plex, an in-game currency used to upgrade accounts, purchase virtual goods, and activate other services.

In the never-ending battle against online impersonation scams, the professional social media platform LinkedIn announced today a set of new verification features that enable users to authenticate aspects of their identities and job histories. From a report: Crucially, users will now have a few different options to verify their identity and current jobs on LinkedIn. That way, if someone tries to make a copycat LinkedIn account, there can be clear differences between the imposter account and the verified profile. LinkedIn facilitates verification in three ways that are all free to individual users. The most low-key option launching today is to verify your current employer by receiving a security code on your work email and entering it into LinkedIn. The social media platform has recently been piloting this work email verification feature with a small group of companies.

The second option is to verify your identity on LinkedIn through the airport security service Clear. The authentication company will take your United States phone number and government-issued ID and use the information to verify your name. You have to weigh whether you want to trust a third party like Clear with your personal data, but the option might be particularly appealing if you already use the company for travel verification and they have your data on file anyway. The third verification feature allows users to confirm their name and current employer through the Microsoft Entra Verified ID credential, a workplace identification platform Microsoft launched last year. This option will have a slower rollout, and it will be available at the end of the month to employees at a few dozen pilot companies that are already enrolled in Entra.

When Dr. Makenzie Lystrup was sworn in as the new director of NASA's Goddard Space Flight Center last week, she didn't take her oath of office on the Bible or the U.S. Constitution, but rather on a tome revered by space enthusiasts everywhere: Carl Sagan's Pale Blue Dot. From a report: The book, published in 1994, is named after an iconic image of Earth, snapped by the Voyager I probe, that depicts the planet as a small speck smothered by the emptiness of space. That photo inspired astronomer Carl Sagan to write: "Look again at that dot. That's here. That's home. That's us." For many, the book serves as a reminder of humanity's place in the universe and the need to preserve our home planet, which makes it similar to holy scripture for a newly appointed NASA director. On Thursday, when Lystrup chose to place her left hand on a copy of Sagan's book while being sworn in by NASA Administrator Bill Nelson, a photographer captured the moment, and NASA Goddard's social media shared the image. The constitution does not require that government officials be sworn in using a particular text, just that they "shall be bound by Oath or Affirmation, to support this Constitution." Most U.S. politicians and officials end up using the Bible.

San Francisco autonomous vehicle company Cruise recalled and updated the software of its fleet of 300 cars, reports the San Francisco Chronicle, " after a Cruise taxi rear-ended a local bus "when the car's software got confused by the articulated vehicle, according to a federal safety report and the company."

The voluntary report notes that Cruise updated its software on March 25th. Since last month's low-speed crash, which resulted in no injuries, Cruise CEO Kyle Vogt said the company chose to conduct a voluntary recall, and the software update assured such a rare incident "would not recur...." As for the March bus collision, Vogt said the software fix was uploaded to Cruise's entire fleet of 300 cars within two days. He said the company's probe found the crash scenario "exceptionally rare" with no other similar collisions.

"Although we determined that the issue was rare, we felt the performance of this version of software in this situation was not good enough," Vogt wrote in a blog post. "We took the proactive step of notifying NHTSA that we would be filing a voluntary recall of previous versions of our software that were impacted by the issue." The CEO said such voluntary recalls will probably become "commonplace."

"We believe this is one of the great benefits of autonomous vehicles compared to human drivers; our entire fleet of AVs is able to rapidly improve, and we are able to carefully monitor that progress over time," he said.
The Cruise car was traveling about 10 miles per hour, and the collision caused only minor damage to its front fender, Vogt's blog post explained. San Francisco's buses have front and back coaches connected by articulated rubber, and when the Cruise taxi lost sight of the front half, it made the assumption that it was still moving (rather than recognizing that the back coach had stopped). Or, as Cruise told the National Highway Traffic Safety Administration, their vehicle ""inaccurately predicted the movement" of the bus. It was not the first San Francisco incident involving Cruise since June, when it became the first company in a major city to win the right to taxi passengers in driverless vehicles — in this case Chevrolet Bolts. The city's Municipal Transportation Agency and County Transportation Authority recorded at least 92 incidents from May to December 2022 in which autonomous ride-hailing vehicles caused problems on city streets, disrupting traffic, Muni transit and emergency responders, according to letters sent to the California Public Utilities Commission....

Just two days before the Cruise crash in March, the company had more problems with Muni during one of San Francisco's intense spring storms. A falling tree brought down a Muni line near Clay and Jones streets on March 21, and a witness reported on social media that two Cruise cars drove through caution tape into the downed wire. A company representative said neither car had passengers and teams were immediately dispatched to remove the vehicles.

On Jan. 22, a driverless Cruise car entered an active firefighting scene and nearly ran over hoses. Fire crews broke a car window to try to stop it.

"Rust" and "Cargo" are registered trademarks held by the Rust Foundation — the independent non-profit supporting Rust's maintainers. In August 1,000 people responded to the foundation's Trademark Policy Review Survey, after which the foundation invited any interested individuals to join their Trademark Policy Working Group (which also included Rust Project leaders). They've now created a draft of an updated policy for feedback...

Crate, RS, "Rustacean," and the logo of Ferris the crab are all available for use by anyone consistent with their definition, with no special permission required. Here's how the document's quick reference describes other common use-cases:

• Selling Goods — Unless explicitly approved, use of the Rust name or Logo is not allowed for the purposes of selling products/promotional goods for gain/profit, or for registering domain names. For example, it is not permitted to sell stickers of the Rust logo in an online shop for your personal profit.

• Showing Support of Rust — When showing your support of the Rust Project on a personal site or blog, you may use the Rust name or Logo, as long as you abide by all the requirements listed in the Policy. You may use the Rust name or Logo in social media handles, avatars, and emojis to demonstrate Rust Project support in a manner that is decorative, so long as you don't suggest commercial Rust affiliation.

• Inclusion of the Marks in Educational Materials — You may use the Rust name in book and article titles and the Logo in graphic components, so long as you make it clear that the Rust Project or Foundation has not reviewed/approved/endorsed your content.

There's also a FAQ, answering questions like "Can I use the Rust logo as my Twitter Avatar?" The updated policy draft says "We consider social media avatars on personal accounts to be fair use. On the other hand, using Rust trademarks in corporate social media bios/profile pictures is prohibited.... In general, we prohibit the modification of the Rust logo for any purpose, except to scale it. This includes distortion, transparency, color-changes affiliated with for-profit brands or political ideologies. On the other hand, if you would like to change the colors of the Rust logo to communicate allegiance with a community movement, we simply ask that you run the proposed logo change by us..."

And for swag at events using the Rust logo, "Merch developed for freebies/giveaways is normally fine, however you need approval to use the Rust Word and/or Logo to run a for-profit event. You are free to use Ferris the crab without permission... If your event is for-profit, you will need approval to use the Rust name or Logo. If you are simply covering costs and the event is non-profit, you may use the Rust name or Logo as long as it is clear that the event is not endorsed by the Rust Foundation. You are free to use Ferris the crab without permission."

America's Department of Justice just launched an investigation into the leaking of classified documents from the U.S. Department of Defense, reports the Washington Post.

"On Wednesday, images showing some of the documents began circulating on the anonymous online message board 4chan and made their way to at least two mainstream social media platforms, Telegram and Twitter." Earlier Friday, The Washington Post obtained dozens of what appeared to be photographs showing classified documents, dating to late February and early March, that range from worldwide intelligence briefings to tactical-level battlefield updates and assessments of Ukraine's defense capabilities. They outline information about the Ukrainian and Russian militaries, and include highly sensitive U.S. analyses about China and other nations. The materials also reference highly classified sources and methods that the United States uses to collect such information, alarming U.S. national security officials who have seen them.... The material that appeared online includes photographs of documents labeled "Secret" or "Top Secret," and began appearing on Discord, a chat platform popular with gamers, according to a Post review.

In some cases, it appears that the slides were manipulated. For instance, one image features combat casualty data suggesting the number of Russian soldiers killed in the war is far below what the Pentagon publicly has assessed. Another version of the image showed higher Russian casualty figures. Besides the information on casualties that appeared to be manipulated to benefit the Russian government, U.S. officials who spoke to The Post said many of the leaked documents did not appear to be forged and looked consistent in format with CIA World Intelligence Review reports distributed at high levels within the White House, Pentagon and the State Department....

The documents appear to have been drawn from multiple reports and agencies, and concern matters other than Ukraine. Two pages, for example, are purportedly a "CIA Operations Center Intelligence Update," and includes information about events concerning Russia, Hungary and Iran.... Rachel E. VanLandingham, a former Air Force attorney and expert on military law, said that whoever is responsible for the leak "is in a world of hurt." Such breaches, she said, constitute "one of the most serious crimes that exist regarding U.S. national security...."

Skepticism abounded Friday among both Russian and Ukrainian officials aware of reports about the leaks, with each side accusing the other of being involved in a deliberate act of disinformation.
The Post notes one defense official told them "hundreds — if not thousands" of people had access to the documents, so their source "could be anyone."

But the photographs received by the Post were apparently taken from printed documents, and "classified documents may only be printed from computers in a secure facility, and each transaction is electronically logged, said Glenn Gerstell, a former general counsel with the National Security Agency who emphasized that he was speaking only about general procedures. "The fact that the documents were printed out should significantly narrow the universe of the initial inquiry."

With no discussion, the Arkansas House of Representatives overwhelmingly approved a bill that would require social media users in The Natural State to verify they're 18 years old or older to use the platforms. Arkansas Times reports: The proposal, backed by Gov. Sarah Sanders, is aimed at shielding minors from the harmful effects of social media. Young folks could use the platforms, but only if parents provide consent. Senate Bill 396, sponsored by Sen. Tyler Dees (R-Springdale) and Rep. Jon Eubanks (R-Paris), would require social media companies including Facebook, Instagram, Twitter and TikTok to contract with third-party companies to perform age verification. Users would have to provide the third-party company with a digital driver's license. Dees also sponsored a bill, now law, that requires anyone who wants to watch online pornography to verify they're an adult.

The social media bill squeaked through the Senate with 18 yes votes, the bare minimum, but passed the House 82-10 with four voting present (same as no). No one asked any questions of Eubanks -- who assured his colleagues that Facebook had "the AI and algorithms" to keep track of what users had parental consent without holding on to sensitive data -- but because it was amended (to among other things exempt LinkedIn, the most boring social media platform), the bill has to go back to the Senate, where perhaps it will meet some resistance. Utah's governor signed two bills into law last month requiring companies like Meta, Snap and TikTok to get parents permission before teens could create accounts on their platforms. "The laws also require curfew, parental controls and age verification features," adds Engadget.

Academics in the US have developed an attack dubbed NUIT, for Near-Ultrasound Inaudible Trojan, that exploits vulnerabilities in smart device microphones and voice assistants to silently and remotely access smart phones and home devices. The Register reports: The research team -- Guenevere Chen, an associate professor at the University of Texas at San Antonio, her doctoral student Qi Xia, and Shouhuai Xu, a professor at the University of Colorado Colorado Springs -- found Apple's Siri, Google's Assistant, Microsoft's Cortana, and Amazon's Alexa are all vulnerable to NUIT attacks, albeit to different degrees. In an interview with The Register this month, Chen and Xia demonstrated two separate NUIT attacks: NUIT-1, which emits sounds to exploit a victim's smart speaker to attack the same victim's microphone and voice assistant on the same device, and NUIT-2, which exploits a victim's speaker to attack the same victim's microphone and voice assistant on a different device. Ideally, for the attacker, these sounds should be inaudible to humans.

The attacks work by modulating voice commands into near-ultrasound inaudible signals so that humans can't hear them but the voice assistant will still respond to them. These signals are then embedded into a carrier, such as an app or YouTube video. When a vulnerable device picks up the carrier, it ends up obeying the hidden embedded commands. Attackers can use social engineering to trick the victim into playing the sound clip, Xia explained. "And once the victim plays this clip, voluntarily or involuntarily, the attacker can manipulate your Siri to do something, for example, open your door."

For NUIT-1 attacks, using Siri, the answer is yes. The boffins found they could control an iPhone's volume so that a silent instruction to Siri generates an inaudible response. The other three voice assistants -- Google's, Cortana, and Alexa -- are still susceptible to the attacks, but for NUIT-1, the technique can't silence devices' response so the victim may notice shenanigans are afoot. It's also worth noting that the length of malicious commands must be below 77 milliseconds -- that's the average reaction time for the four voice assistants across multiple devices.

In a NUIT-2 attack, the attacker exploits the speaker on one device to attack the microphone and associated voice assistant of a second device. These attacks aren't limited by the 77-millisecond window and thus give the attacker a broader range of possible action commands. An attacker could use this scenario during Zooms meeting, for example: if an attendee unmutes themself, and their phone is placed next to their computer, an attacker could use an embedded attack signal to attack that attendees phone. The researchers will publish their research and demonstrate the NUIT attacks at the USENIX Security Symposium in August.

Microsoft is making its DALL-E-powered AI image generator "available on desktop for Edge users around the world." From a report: The company announced it'd be coming last month when it integrated the image generation tech into its Bing chatbot, but this move could make it available to a much wider audience. When it rolls out, the "Image Creator" will live in Edge's sidebar. Using it should be pretty simple; you type in what you want to see, and Bing will generate several images that match the prompt. Then, you can download the ones you like and use them however you need. In a Thursday blog post, Microsoft pitches the feature as a way to create "very specific" visuals when they're working on social media posts or slideshows and documents. While this has been possible in a variety of ways before -- you could use OpenAI's DALL-E, Microsoft's Bing image creator site, the built-in image generator in Bing Chat, or one of the many other image generators -- putting it right in Edge's sidebar makes it much easier to ask an AI to make you some pictures while you're doing something else on the web.

India amended its IT law on Thursday to prohibit Facebook, Twitter and other social media firms from publishing, hosting or sharing false or misleading information about "any business" of the government and said the firms will be required to rely on New Delhi's own fact-check unit to determine the authenticity of any claim in a blow to many American giants that identify the South Asian market as their largest by users. From a report: Failure to comply with the rule, which also impacts internet service providers such as Jio and Airtel, risks the firms losing their safe harbour protections. The rule, first proposed in January this year, gives a unit of the government arbitrary and overbroad powers to determine the authenticity of online content and bypasses the principles of natural justice, said New Delhi-headquartered digital rights group Internet Freedom Foundation.

The recently introduced RESTRICT Act, otherwise known as the "TikTok ban," is a dangerous substitute for comprehensive data privacy legislation, writes the Electronic Frontier Foundation in a blog post. From the post: As we wrote in our initial review of the bill, the RESTRICT Act would authorize the executive branch to block 'transactions' and 'holdings' of 'foreign adversaries' that involve 'information and communication technology' and create 'undue or unacceptable risk' to national security and more. We've explained our opposition to the RESTRICT Act and urged everyone who agrees to take action against it. But we've also been asked to address some of the concerns raised by others. We do that here in this post. At its core, RESTRICT would exempt certain information services from the federal statute, known as the Berman Amendments, which protects the free flow of information in and out of the United States and supports the fundamental freedom of expression and human rights concerns. RESTRICT would give more power to the executive branch and remove many of the commonsense restrictions that exist under the Foreign Intelligence Services Act (FISA) and the aforementioned Berman Amendments. But S. 686 also would do a lot more.

EFF opposes the bill, and encourages you to reach out to your representatives to ask them not to pass it. Our reasons for opposition are primarily that this bill is being used as a cudgel to protect data from foreign adversaries, but under our current data privacy laws, there are many domestic adversaries engaged in manipulative and invasive data collection as well. Separately, handing relatively unchecked power over to the executive branch to make determinations about what sort of information technologies and technology services are allowed to enter the U.S. is dangerous. If Congress is concerned about foreign powers collecting our data, it should focus on comprehensive consumer data privacy legislation that will have a real impact, and protect our data no matter what platform it's on -- TikTok, Facebook, Twitter, or anywhere else that profits from our private information. That's why EFF supports such consumer data privacy legislation. Foreign adversaries won't be able to get our data from social media companies if the social media companies aren't allowed to collect, retain, and sell it in the first place. EFF says it's not clear if the RESTRICT Act will even result in a "ban" on TikTok. It does, however, have potential to punish people for using a VPN to access TikTok if it is restricted. In conclusion, the group says the bill is similar to a surveillance bill and is "far too broad in the power it gives to investigate potential user data."

Klaus Teuber, who 28 years ago created The Settlers of Catan, an enduringly popular board game that has spawned college intramural teams and international tournaments, been name-checked on "South Park" and "Parks and Recreation," inspired a novel and sold some 40 million copies worldwide, died on Saturday. He was 70. From a report: Catan GmbH, which publishes and licenses the game, now known simply as Catan, posted news of his death on its website. It said only that he died after a short illness and did not say where. Mr. Teuber was managing a dental lab, a job he found stressful, when he began designing games as a way to unwind. "In the beginning, these games were just for me," he told Forbes in 2016. "I always have stories in my head -- I would read a book, and if I liked it, I wanted to experience it as a game."

That was the origin of his first big success, a game called Barbarossa, which grew out of his admiration for "The Riddle-Master" trilogy, fantasy books written in the 1970s by Patricia A. McKillip. "I was sorry to see it come to an end," he told The New Yorker in 2014, "so I tried to experience this novel in a game." In 1988 that game won the Spiel des Jahres (Game of the Year) award in Germany, considered the most prestigious award in the board game world, Germany being particularly enthusiastic about board games. He won that award twice more, in 1990 (for Hoity Toity) and in 1991 (for Wacky Wacky West), before scoring his biggest success with what was known in German as Die Siedler von Catan. In that game, players build settlements in a new land by collecting brick, lumber, wool, ore and grain. Trading with other players is part of the strategy, lending a social element to the game play. In 1995 the game won both the game of the year award and the Deutscher Spiele Preis, the German Games Award. It caught on, first in Germany and then, as editions in other languages became available, all over.

An anonymous reader quotes a report from MIT Technology Review: When computer science students and faculty at Carnegie Mellon University's Institute for Software Research returned to campus in the summer of 2020, there was a lot to adjust to. Beyond the inevitable strangeness of being around colleagues again after months of social distancing, the department was also moving into a brand-new building: the 90,000-square-foot, state-of-the-art TCS Hall. The hall's futuristic features included carbon dioxide sensors that automatically pipe in fresh air, a rain garden, a yard for robots and drones, and experimental super-sensing devices called Mites. Mounted in more than 300 locations throughout the building, these light-switch-size devices can measure 12 types of data -- including motion and sound. Mites were embedded on the walls and ceilings of hallways, in conference rooms, and in private offices, all as part of a research project on smart buildings led by CMU professor Yuvraj Agarwal and PhD student Sudershan Boovaraghavan and including another professor, Chris Harrison. "The overall goal of this project," Agarwal explained at an April 2021 town hall meeting for students and faculty, is to "build a safe, secure, and easy-to-use IoT [Internet of Things] infrastructure," referring to a network of sensor-equipped physical objects like smart light bulbs, thermostats, and TVs that can connect to the internet and share information wirelessly.

Not everyone was pleased to find the building full of Mites. Some in the department felt that the project violated their privacy rather than protected it. In particular, students and faculty whose research focused more on the social impacts of technology felt that the device's microphone, infrared sensor, thermometer, and six other sensors, which together could at least sense when a space was occupied, would subject them to experimental surveillance without their consent. "It's not okay to install these by default," says David Widder, a final-year PhD candidate in software engineering, who became one of the department's most vocal voices against Mites. "I don't want to live in a world where one's employer installing networked sensors in your office without asking you first is a model for other organizations to follow." All technology users face similar questions about how and where to draw a personal line when it comes to privacy. But outside of our own homes (and sometimes within them), we increasingly lack autonomy over these decisions. Instead, our privacy is determined by the choices of the people around us. Walking into a friend's house, a retail store, or just down a public street leaves us open to many different types of surveillance over which we have little control. Against a backdrop of skyrocketing workplace surveillance, prolific data collection, increasing cybersecurity risks, rising concerns about privacy and smart technologies, and fraught power dynamics around free speech in academic institutions, Mites became a lightning rod within the Institute for Software Research.

Voices on both sides of the issue were aware that the Mites project could have an impact far beyond TCS Hall. After all, Carnegie Mellon is a top-tier research university in science, technology, and engineering, and how it handles this research may influence how sensors will be deployed elsewhere. "When we do something, companies [and] other universities listen," says Widder. Indeed, the Mites researchers hoped that the process they'd gone through "could actually be a blueprint for smaller universities" looking to do similar research, says Agarwal, an associate professor in computer science who has been developing and testing machine learning for IoT devices for a decade. But the crucial question is what happens if -- or when -- the super-sensors graduate from Carnegie Mellon, are commercialized, and make their way into smart buildings the world over. The conflict is, in essence, an attempt by one of the world's top computer science departments to litigate thorny questions around privacy, anonymity, and consent. But it has deteriorated from an academic discussion into a bitter dispute, complete with accusations of bullying, vandalism, misinformation, and workplace retaliation. As in so many conversations about privacy, the two sides have been talking past each other, with seemingly incompatible conceptions of what privacy means and when consent should be required. Ultimately, if the people whose research sets the agenda for technology choices are unable to come to a consensus on privacy, where does that leave the rest of us?

Researchers from Darktrace have seen a 135% increase in novel social engineering attack emails in the first two months of 2023. IT Pro reports: The cyber security firm said the email attacks targeted thousands of its customers in January and February 2023, an increase which it said matches the adoption rate of ChatGPT. The novel social engineering attacks make use of "sophisticated linguistic techniques," which Darktrace said include increasing text volume, sentence length, and punctuation in emails. Darktrace also found there's been a decrease in the number of malicious emails that are sent with an attachment or link.

The firm said that this behavior could mean that generative AI, including ChatGPT, is being used by malicious actors to construct targeted attacks rapidly. Survey results indicated that 82% of employees are worried about hackers using generative AI to create scam emails which are indistinguishable from genuine communication. It also found that 30% of employees have fallen for a scam email or text in the past. Darktrace asked survey respondents what the top-three characteristics are that suggest an email is a phish and found:

- 68% said it was being invited to click a link or open an attachment
- 61% said it was due to an unknown sender or unexpected content
- Poor use of spelling and grammar was chosen by 61% too

In the last six months, 70% of employees reported an increase in the frequency of scam emails. Additionally, 79% said that their organization's spam filters prevent legitimate emails from entering their inbox. 87% of employees said they were worried about the amount of their personal information online which could be used in phishing or email scams.

"What would it look like if we called time on Big Tech's failed experiment?" asks the co-editor of the Oxford-based magazine New Internationalist: A better social media would need to be decentralized... As well as avoiding a single point of failure (or censorship), this would help with other goals: community ownership, and democratic control, would be facilitated by having many smaller, perhaps more local, sites. Existing social media giants must be brought into public (and transnational) ownership — in a way that hands power to citizens, not governments. But they should also be broken up, using existing anti-monopoly rules.

It is hard to know what sort of algorithms would best promote real community until we try... But the algorithms that determine what enters peoples' social feeds must be transparent: open source, open for scrutiny, and for change. We could also adapt from sites like Wikipedia (collectively edited) and Reddit (where posts and comments' visibility is determined by user votes). Moderation policies — what content is and isn't allowed — could be decided collectively, according to groups' needs....

An important step towards a decentralized social network would be interoperability, and data portability. Different sites need to be able to talk to each other (or 'federate'), just as email providers or mobile operators are required to. There's no point being on a site if your friends aren't, but if your server can relay messages to theirs there is less of a barrier. Meanwhile encryption will be vital for privacy.

One particularly intriguing idea is that of artist and software developer Darius Kazemi, who suggests every public library — there are 2.7 million worldwide — could host its own federated social media server. As well as providing local accountability and access, and boosting increasingly defunded neighbourhood assets, these servers would benefit from librarians' expertise in curating information.

Remember that entrepreneur planning an ostentatious NFT-based restaurant/members-only club in San Francisco? Seven months later it's still "an empty husk of a building, hindered by construction delays and unfulfilled crypto dreams," reports SFGate: Last August, Joshua Sigel held a "groundbreaking" event at what he said would be the future home of Sho Restaurant, located atop Salesforce Park in San Francisco. He told the gathered media that construction of the proposed Japanese fine dining restaurant would begin in less than two months, once some permitting issues were resolved, with a targeted opening date of September or October of 2023.

Sigel maintained that he'd soon be offering 3,275 Sho Club NFT (non-fungible token) memberships — first via a private sale, then a larger public sale in late September — which would serve as the backbone of Sho Restaurant's clientele. (Sigel is the CEO of Sho Group, which encapsulates Sho Restaurant and Sho Club.) There were to be 2,878 "Earth" NFT memberships, priced at $7,500 each; 377 "Water" NFT memberships, priced at $15,000 each; and 20 "Fire" NFT memberships; priced at $300,000 each. The NFTs are basically membership cards for the restaurant, spruced up with Web3 jargon.... Each membership tier comes with increasingly luxurious benefits, though restaurant reservations would also be available for nonmembers.

Seven months later, things don't seem to be going very well for Sho Club or for Sho Restaurant. I recently walked over to Salesforce Park and peered inside the shell of the building that's supposed to become a restaurant; I saw an empty space that looks almost exactly the same as it did in August. The mock-up design photos that journalists looked at during the "groundbreaking" in August remain strewn about on the floor. Permits for Sho Restaurant haven't been issued, the result of Sho Restaurant designers not yet responding to a number of San Francisco Department of Building Inspection notes, among a host of permitting steps that haven't been completed. Sho Club social media accounts have been radio silent since late September....

Sho Club appears to have sold around 100 NFT memberships, rather than 3,275, as Sigel originally projected. I repeatedly reached out to Sigel, to Sho Club, and its public relations representatives. No one replied to my questions.

ProPublica looks at "a booming underground community of Instagram scammers and hackers who shut down profiles on the social network and then demand payment to reactivate them." While they also target TikTok and other platforms, takedown-for-hire scammers like OBN are proliferating on Instagram, exploiting the app's slow and often ineffective customer support services and its easily manipulated account reporting systems. These Instascammers often target people whose accounts are vulnerable because their content verges on nudity and pornography, which Instagram and its parent company, Meta, prohibit.... In an article he wrote for factz.com last year, OBN dubbed himself the "log-out king" because "I have deleted multiple celebrities + influencers on Meta & Instagram... I made about $300k just off banning and unbanning pages," he wrote.

OBN exploits weaknesses in Meta's customer service. By allowing anyone to report an account for violating the company's standards, Meta gives enormous leverage to people who are able to trick it into banning someone who relies on Instagram for income. Meta uses a mix of automated systems and human review to evaluate reports. Banners like OBN test and trade tips on how to trigger the system to falsely suspend accounts. In some cases OBN hacks into accounts to post offensive content. In others, he creates duplicate accounts in his targets' names, then reports the original accounts as imposters so they'll be barred for violating Meta's ban on account impersonation. In addition, OBN has posed as a Meta employee to persuade at least one target to pay him to restore her account.

Models, businesspeople, marketers and adult performers across the United States told ProPublica that OBN had ruined their businesses and lives with spurious complaints, even causing one woman to consider suicide. More than half a dozen people with over 45 million total followers on Instagram told ProPublica they lost their accounts temporarily or permanently shortly after OBN threatened to report them. They say Meta failed to help them and to take OBN and other account manipulators seriously. One person who said she was victimized by OBN has an ongoing civil suit against Meta for lost income, while others sent the company legal letters demanding payment....

A Meta spokesperson acknowledged that OBN has had short-term success in getting accounts removed by abusing systems intended to help enforce community standards. But the company has addressed those situations and taken down dozens of accounts linked to OBN, the spokesperson said. Most often, the spokesperson said, OBN scammed people by falsely claiming to be able to ban and restore accounts.... After banning an account, OBN frequently offers to reactivate it for a fee as high as $5,000, kicking off a cycle of bans and reactivations that continues until the victim runs out of money or stops paying.
A Meta spokesperson told the site they're currently "updating our support systems," including a tool to help affected users and letting more speak to a live support agent rather than an automated one. But the Meta spokesperson added that "This remains a highly adversarial space, with scammers constantly trying to evade detection by social media platforms."

ProPublica ultimately traced the money to a 20-year-old who lives with his mother (who claimed he was only "funnelling" the money for someone else). After that conversation OBN "announced he would no longer offer account banning as a service" — but would still sell his services in getting your account verified.

The Fresno Bee newspaper reports that flooding in parts of California "have also ground work to a halt at several key construction sites for California's high-speed rail project." But while standing water at some locations has prevented work crews from reaching their job sites, the Central Valley director for the Cailfornia High-Speed Rail Authority said it's the prospects for a lengthy summer run of water in local irrigation canals that present a greater potential disruption to construction later this year....

At the Tule River viaduct near Highway 43 and Avenue 144 south of Corcoran, drone video posted to social media on March 22 by the Tulare County Sheriff's Office shows vehicles stranded in floodwaters and support columns for the structure sticking out of the water. "There's a lot of work we can't get to," Garth Fernandez, who heads up the rail agency's Central Valley region, told The Fresno Bee in a telephone interview this week. "So at Tule River and Deer Creek, right now we are not working. ... We don't even have access to that (Deer Creek) site right now because it's all under water." Fernandez added that in the meantime, the rail agency and its contractor have turned their attention to providing what help they can to nearby communities that are being affected by flooding....

While some construction locations are facing delays because of standing flood water, crews have been able to continue working at other sites in Madera, Fresno, Kings and Kern counties — a 119-mile stretch covered by three separate construction contracts.... So far, no significant damage has been reported on any of the high-speed rail structures that have been completed or are in various stages of construction. "From north to south, water is flowing underneath all of our completed structures," Fernandez said. "All of our structures are on piles and deep foundations, so I don't believe we'll have an issue with damage to our structures... We may have some areas of erosion, some embankments washed out in a couple of places, but that minor damage can be resolved rather easily," he added. "But for all of our major structures, the current reporting is that we are holding good."

The rail line has been designed to cope with major floods; viaducts and a railbed that will elevated above the level of the surrounding land are expected to minimize the risk of damage from future floods, Fernandez said. "Our facilities are designed for a 100-year flood, so (the current events are) showing that our design is actually working," he said. "It's designed in a way that even though it's a large system north to south, it's able to convey all the flood water past our embankments and our alignment."

An anonymous reader writes: Reddit's transparency reports go beyond what most social media companies offer, providing copious data on content moderation and global legal requests. Now, the company has introduced a transparency center serving as a hub for safety, security and policy information. It also announced plans to release transparency reports biannually rather than just once per year and said that in 2022, it removed significantly more offensive content, including child abuse and revenge porn, than in 2021. Last year, Reddit saw a big jump in moderation and legal requests, according to its 2022 transparency report. Government and law enforcement removal account information requests were up by 51 percent and 61 percent respectively, while copyright notices jumped 43 percent. The story was similar on the moderation front. Last summer, the BBC reported that Reddit was still leaving up "thousands" of non-consensual intimate (NCII) images (aka revenge porn), despite making changes to its policy earlier in this year.