"Graduate students at Northeastern University were able to organize and beat back an attempt at introducing invasive surveillance devices that were quietly placed under desks at their school," reports Motherboard: Early in October, Senior Vice Provost David Luzzi installed motion sensors under all the desks at the school's Interdisciplinary Science & Engineering Complex (ISEC), a facility used by graduate students and home to the "Cybersecurity and Privacy Institute" which studies surveillance. These sensors were installed at night — without student knowledge or consent — and when pressed for an explanation, students were told this was part of a study on "desk usage," according to a blog post by Max von Hippel, a Privacy Institute PhD candidate who wrote about the situation for the Tech Workers Coalition's newsletter....

Students began to raise concerns about the sensors, and an email was sent out by Luzzi attempting to address issues raised by students.... Luzzi wrote, the university had deployed "a Spaceti occupancy monitoring system" that would use heat sensors at groin level to "aggregate data by subzones to generate when a desk is occupied or not." Luzzi added that the data would be anonymized, aggregated to look at "themes" and not individual time at assigned desks, not be used in evaluations, and not shared with any supervisors of the students. Following that email, an impromptu listening session was held in the ISEC. At this first listening session, Luzzi asked that grad student attendees "trust the university since you trust them to give you a degree...."

After that, the students at the Privacy Institute, which specialize in studying surveillance and reversing its harm, started removing the sensors, hacking into them, and working on an open source guide so other students could do the same. Luzzi had claimed the devices were secure and the data encrypted, but Privacy Institute students learned they were relatively insecure and unencrypted.... After hacking the devices, students wrote an open letter to Luzzi and university president Joseph E. Aoun asking for the sensors to be removed because they were intimidating, part of a poorly conceived study, and deployed without IRB approval even though human subjects were at the center of the so-called study.
von Hippel notes that many members of the computer science department were also in a union, and thus networked together for a quick mass response. Motherboard writes that the controversy ultimately culminated with another listening session in which Luzzi "struggles to quell concerns that the study is invasive, poorly planned, costly, and likely unethical."

"Afterwards, von Hippel took to Twitter and shares what becomes a semi-viral thread documenting the entire timeline of events from the secret installation of the sensors to the listening session occurring that day. Hours later, the sensors are removed..."

A reader submits a report:
Artificial Intelligence (AI) research company OpenAI on Wednesday announced ChatGPT, a prototype dialogue-based AI chatbot capable of understanding natural language and responding in natural language. It has since taken the internet by storm, with people marvelling at how intelligent the AI-powered bot sounds. Some even called it a replacement for Google, since it's capable of giving solutions to complex problems directly," almost like a personal know-all teacher.

"We've trained a model called ChatGPT which interacts in a conversational way. The dialogue format makes it possible for ChatGPT to answer follow-up questions, admit its mistakes, challenge incorrect premises, and reject inappropriate requests," OpenAI wrote on its announcement page for ChatGPT.

ChatGPT is based on GPT-3.5, a language model that uses deep learning to produce human-like text. However, while the older GPT-3 model only took text prompts and tried to continue on that with its own generated text, ChatGPT is more engaging. It's much better at generating detailed text and can even come up with poems. Another unique characteristic is memory. The bot can remember earlier comments in a conversation and recount them to the user. ChatGPT wrote a poem about Slashdot. And another one about Dogecoin.

Try ChatGPT for yourself here.

"Twitter CEO Elon Musk turned to journalist Matt Taibbi on Friday to reveal the decision-making behind the platform's suppression of a 2020 article from the New York Post regarding Hunter Biden's laptop," reports Newsweek.

"Taibbi later deleted a tweet showing [former Twitter CEO] Jack Dorsey's email address," adds the Verge, covering reactions to Taibbi's thread — and the controversial events that the tweets described: At the time, it was not clear if the materials were genuine, and Twitter decided to ban links to or images of the Post's story, citing its policy on the distribution of hacked materials. The move was controversial even then, primarily among Republicans but also with speech advocates worried about Twitter's decision to block a news outlet. While Musk might be hoping we see documents showing Twitter's (largely former) staffers nefariously deciding to act in a way that helped now-President Joe Biden, the communications mostly show a team debating how to finalize and communicate a difficult moderation decision.
Taibbi himself tweeted that "Although several sources recalled hearing about a 'general' warning from federal law enforcement that summer about possible foreign hacks, there's no evidence - that I've seen - of any government involvement in the laptop story."

More from the Verge: Meanwhile, Taibbi's handling of the emails — which seem to have been handed to him at Musk's direction, though he only refers to "sources at Twitter" — appears to have exposed personal email addresses for two high-profile leaders: Dorsey and Representative Ro Khanna. An email address that belongs to someone Taibbi identifies as Dorsey is included in one message, in which Dorsey forwards an article Taibbi wrote criticizing Twitter's handling of the Post story. Meanwhile, Khanna confirmed to The Verge that his personal Gmail address is included in another email, in which Khanna reaches out to criticize Twitter's decision to restrict the Post's story as well.

"As the congressman who represents Silicon Valley, I felt Twitter's actions were a violation of First Amendment principles so I raised those concerns," Khanna said in a statement to The Verge. "Our democracy can only thrive if we are open to a marketplace of ideas and engaging with people with whom we disagree."

The story also revealed the names of multiple Twitter employees who were in communications about the moderation decision. While it's not out of line for journalists to report on the involvement of public-facing individuals or major decision makers, that doesn't describe all of the people named in the leaked communications.... "I don't get why naming names is necessary. Seems dangerous," Twitter co-founder Biz Stone wrote Friday in apparent reference to the leaks.... The Verge reached out to Taibbi for comment but didn't immediately hear back.

Twitter, which had its communications team dismantled during layoffs last month, also did not respond to a request for comment.
Wired adds: What did the world learn about Twitter's handling of the incident from the so-called Twitter Files? Not much. After all, Twitter reversed its decision two days later, and then-CEO Jack Dorsey said the moderation decision was "wrong."
In other news, "Twitter will start showing view count for all tweets," Elon Musk announced Friday, "just as view count is shown for all videos." And he shared other insights into his plans for Twitter's future.

"Freedom of speech doesn't mean freedom of reach. Negativity should & will get less reach than positivity."

CNN reports on the aftermath of last weekend's protests against the Chinese government: A protester told CNN they received a phone call Wednesday from a police officer, who revealed they were tracked because their cellphone signal was recorded in the vicinity of the protest site.... When they denied being there, the caller asked: "Then why did your cellphone number show up there?"

In China, all mobile phone users are required by law to register their real name and national identification number with telecom providers. The protester was also told to report to a police station for questioning and to sign a written record....

In Shanghai, where some of the boldest protests took place with crowds calling for Xi's removal on two consecutive nights, police searched residents' cellphones in the streets and in the subway for VPNs that can be used to circumvent China's internet firewall, or apps such as Twitter and Telegram, which though banned in the country have been used by protesters. Police also confiscated the cellphones of protesters under arrest, according to two protesters who spoke to CNN.

A protester who was arrested over the weekend said they were told to hand over their phone and password to the police as "evidence." They said they feared police would export the data on their phone after it was confiscated by officers, who told them they could pick it up a week later. Another protester said police returned their phone upon their release, but officers had deleted the photo album and removed the WeChat social media app.
One protester told CNN they successfully avoided being contacted by the police as of Thursady afternoon.

During the demonstration, they'd kept their phone in airplane mode.

Electrek recaps yesterday's Tesla's Semi Delivery Event in Nevada: As expected, Tesla delivered the first electric trucks to PepsiCo, a long-time reservation holder, and held a presentation to reveal more details about the production version of the Tesla Semi. There wasn't any big surprise during the presentation. Tesla basically delivered on its original promises made in 2017 when it first unveiled the prototypes of the Tesla Semi. Despite the lack of major changes, it's still a big moment since the electric truck has the potential to change the trucking industry for good by eliminating emissions and significantly reducing costs.

In terms of the technology powering the truck, things have changed since the original prototypes, but not in any major ways. Tesla is now using a tri-motor drivetrain that is basically the same as in the Model S and Model X Plaid. Dan Priestley, Tesla Semi Program manager, explained that Tesla is using one of the motors for cruising speed geared toward peak efficiency at highway speeds and the two other motors are used for torque when accelerating in order to create a smooth driving experience never seen in a class 8 truck before. To prove the capacity, Tesla shared a very impressive video of a Tesla Semi loaded at 82,000 lb. passing a diesel truck at 6% incline on the Donner Pass as if it's nothing:

Tesla promised a range of 500 miles with a full load five years ago, and it delivered on the promise. Tesla shared data on a 500-mile trip with a full load of just under 82,000 lb. total with the tractor. It started out in the Bay Area with a 97% state of charge and ended up in San Diego with still 4% charge. Tesla reiterated that it can achieve a less-than-2 kWh-per-mile efficiency, which means that trucking companies can achieve up to $70,000 in fuel savings per year depending on their cost of electricity. Once the battery pack is depleted after 500 miles or so, you can expect blazing-fast charging thanks to the new 1-megawatt charging technology developed by Tesla. The automaker also said it will make it to the Cybertruck. In an updated article, Electrek's Fred Lambert says Musk confirmed Tesla Semi's efficiency at 1.7 kWh per mile, "which means it has a roughly 900 kWh battery pack."

Tesla didn't reveal the weight of the actual truck or the price. "In 2017, Tesla said the trucks would be $150,000, $180,000, and $200,000, depending on the model, but those prices are expected to have changed over the last five years," reports Lambert.

Huawei has confirmed the existence of a smartwatch it's working on featuring a pair of built-in wireless earbuds. "Huawei's account on Chinese Twitter-like site Weibo announced the existence of the device on Wednesday and promised all would be revealed on December 2," reports The Register. "But Huawei has since postponed its Winter 2022 consumer kit launch for unexplained reasons." You can view a teaser video on YouTube. The Verge adds: As the name suggests, the Huawei Watch Buds are a pair of earbuds concealed within a smartwatch that looks similar to the Huawei Watch 3. Details are a little sparse so there's no word yet on what kind of performance or battery life you can expect from either of the products, but the watch itself does appear to be running HarmonyOS.

The earbuds don't seem to resemble any previous Huawei products, sporting a bare-bones black and silver design. While the concept feels more than a little gimmicky, it could be a neat solution for runners and other sporty folks who don't want to carry a separate earbud case during a workout. (If they don't mind the extra bulk on their wrists.) [...] Addressing the elephant in the room, it's unlikely that you'll be able to buy this wacky gadget in the US anyway, regardless of its legitimacy. Huawei products have been effectively banned in the country since the company was placed on the Commerce Department's Bureau of Industry and Security Entity list in 2019.

An anonymous reader quotes a report from Ars Technica: Hive Social, a social media platform that has seen meteoric growth since Elon Musk took over Twitter, abruptly shut down its service on Wednesday after a security advisory warned the site was riddled with vulnerabilities that exposed all data stored in user accounts. "The issues we reported allow any attacker to access all data, including private posts, private messages, shared media and even deleted direct messages," the advisory, published on Wednesday by Berlin-based security collective Zerforschung, claimed. "This also includes private email addresses and phone numbers entered during login." The post went on to say that after the researchers privately reported the vulnerabilities last Saturday, many of the flaws they reported remained unpatched. They headlined their post "Warning: do not use Hive Social." Hive Social responded by pulling down its entire service. "The Hive team has become aware of security issues that affect the stability of our application and the safety of our users," company officials wrote. "Fixing these issues will require temporarily turning off our servers for a couple of days while we fix this for a better and safer experience."

Technical details are being withheld to prevent the active exploitation of them by malicious hackers. According to Business Insider, Hive Social's user base has doubled in the last few weeks, going from about 1 million to 2 million as of last week. The site is only being staffed by two people, "neither of whom had much of a background in security," reports Ars.

OpenAI has released a prototype general purpose chatbot that demonstrates a fascinating array of new capabilities but also shows off weaknesses familiar to the fast-moving field of text-generation AI. And you can test out the model for yourself right here. The Verge reports: ChatGPT is adapted from OpenAI's GPT-3.5 model but trained to provide more conversational answers. While GPT-3 in its original form simply predicts what text follows any given string of words, ChatGPT tries to engage with users' queries in a more human-like fashion. As you can see in the examples below, the results are often strikingly fluid, and ChatGPT is capable of engaging with a huge range of topics, demonstrating big improvements to chatbots seen even a few years ago. But the software also fails in a manner similar to other AI chatbots, with the bot often confidently presenting false or invented information as fact. As some AI researchers explain it, this is because such chatbots are essentially "stochastic parrots" -- that is, their knowledge is derived only from statistical regularities in their training data, rather than any human-like understanding of the world as a complex and abstract system. [...]

Enough preamble, though: what can this thing actually do? Well, plenty of people have been testing it out with coding questions and claiming its answers are perfect. ChatGPT can also apparently write some pretty uneven TV scripts, even combining actors from different sitcoms. It can explain various scientific concepts. And it can write basic academic essays. And the bot can combine its fields of knowledge in all sorts of interesting ways. So, for example, you can ask it to debug a string of code ... like a pirate, for which its response starts: "Arr, ye scurvy landlubber! Ye be makin' a grave mistake with that loop condition ye be usin'!" Or get it to explain bubble sort algorithms like a wise guy gangster. ChatGPT also has a fantastic ability to answer basic trivia questions, though examples of this are so boring I won't paste any in here. And someone else saying the code ChatGPT provides in the very answer above is garbage.

I'm not a programmer myself, so I won't make a judgment on this specific case, but there are plenty of examples of ChatGPT confidently asserting obviously false information. Here's computational biology professor Carl Bergstrom asking the bot to write a Wikipedia entry about his life, for example, which ChatGPT does with aplomb -- while including several entirely false biographical details. Another interesting set of flaws comes when users try to get the bot to ignore its safety training. If you ask ChatGPT about certain dangerous subjects, like how to plan the perfect murder or make napalm at home, the system will explain why it can't tell you the answer. (For example, "I'm sorry, but it is not safe or appropriate to make napalm, which is a highly flammable and dangerous substance.") But, you can get the bot to produce this sort of dangerous information with certain tricks, like pretending it's a character in a film or that it's writing a script on how AI models shouldn't respond to these sorts of questions.

Vulnerabilities in mobile apps exposed Hyundai and Genesis car models after 2012 to remote attacks that allowed unlocking and even starting the vehicles. BleepingComputer reports: Security researchers at Yuga Labs found the issues and explored similar attack surfaces in the SiriusXM "smart vehicle" platform used in cars from other makers (Toyota, Honda, FCA, Nissan, Acura, and Infinity) that allowed them to "remotely unlock, start, locate, flash, and honk" them. At this time, the researchers have not published detailed technical write-ups for their findings but shared some information on Twitter, in two separate threads.

The mobile apps of Hyundai and Genesis, named MyHyundai and MyGenesis, allow authenticated users to start, stop, lock, and unlock their vehicles. After intercepting the traffic generated from the two apps, the researchers analyzed it and were able to extract API calls for further investigation. They found that validation of the owner is done based on the user's email address, which was included in the JSON body of POST requests. Next, the analysts discovered that MyHyundai did not require email confirmation upon registration. They created a new account using the target's email address with an additional control character at the end. Finally, they sent an HTTP request to Hyundai's endpoint containing the spoofed address in the JSON token and the victim's address in the JSON body, bypassing the validity check. To verify that they could use this access for an attack on the car, they tried to unlock a Hyundai car used for the research. A few seconds later, the car unlocked. The multi-step attack was eventually baked into a custom Python script, which only needed the target's email address for the attack.

Yuga Labs analysts found that the mobile apps for Acura, BMW, Honda, Hyundai, Infiniti, Jaguar, Land Rover, Lexus, Nissan, Subaru, and Toyota, use SiriusXM technology to implement remote vehicle management features. They inspected the network traffic from Nissan's app and found that it was possible to send forged HTTP requests to the endpoint only by knowing the target's vehicle identification number (VIN). The response to the unauthorized request contained the target's name, phone number, address, and vehicle details. Considering that VINs are easy to locate on parked cars, typically visible on a plate where the dashboard meets the windshield, an attacker could easily access it. These identification numbers are also available on specialized car selling websites, for potential buyers to check the vehicle's history. In addition to information disclosure, the requests can also carry commands to execute actions on the cars. [...] Before posting the details, Yuga Labs informed both Hyundai and SiriusXM of the flaws and associated risks. The two vendors have fixed the vulnerabilities.

Parler announced Thursday it reached a mutual agreement with Ye, formerly known as Kanye West, to terminate the sale of the social media app. Axios reports: The deal already was on life support, as Axios previously reported, and it's unclear if a formal merger agreement was ever signed. Parler originally said it had an agreement "in principle," and today referred to it as "intent of sale." A Parler spokesperson previously told Axios that the acquisition was set to close by year-end but declined to say if Ye ever had signed paperwork to that effect.

In a statement, Parler's parent company said: "This decision was made in the interest of both parties in mid-November. Parler will continue to pursue future opportunities for growth and the evolution of the platform for our vibrant community." A source familiar with the situation said that Ye's precarious financial situation -- including the loss of his Adidas deal -- played a role in the deal collapse.

Popular NFT and cryptocurrency app Coinbase Wallet today said that Apple required an NFT-sending feature to be removed from the app due to an in-app purchase dispute. MacRumors reports: Apple's App Store review team apparently told Coinbase that the "gas fees required to send NFTs need to be paid through in-app purchase." Apple wanted a cut of transactions, which Coinbase Wallet said is similar to Apple attempting to take a cut of fees for every email that's sent over the internet. Apple is asking for something that is not possible, because the in-app purchase system does not support cryptocurrency to begin with.

Coinbase Wallet says that Apple would not approve an app update until the NFT-sending feature was disabled, and the removal of the functionality will make it more difficult for iPhone users who have an NFT to transfer the NFT to other wallets or gift an NFT to friends or family. The developers behind the app say that Apple has introduced profit-protecting policies that come at the expense of "developer innovation across the crypto ecosystem." Coinbase Wallet is hoping that this is a mistake and has tweeted an invitation to Apple to discuss the matter.

An anonymous reader quotes a report from Slate, written by Lizzie O'Leary: When the New York Times announced, on November 7, that Wordle would have an editor, I didn't give it much thought. How much could the mere presence of a person really change it? Oh, how naive I was! Four days later, I got my answer. And that answer was MEDAL. MEDAL? On November 11th? Wait a minute -- was the Times punning with its Wordle on Veterans Day? Hmm. I was willing to chalk it up to a coincidence, until November 23rd, the day before Thanksgiving, one of the busiest travel days of the year when DRIVE appeared. I tapped angrily on my phone, muttering to myself. And then, on the day of the holiday itself? FEAST. This -- this was too much. My treasured mind awakener had gone soft. (Two days later came CLEAN. Harrumph.)

Folks (FOLKS), I do not want a punny Wordle. Wordle should not be cutesy, or themed, or even ironic. Wordle should stay hard and weird. No hints! Especially no thematic hints! People on Twitter should post their scores, and we should be able to scoff privately. Haha, what a loser; it took him four guesses! When the word is FEAST, you then must wonder: Did he intentionally take four guesses so as not to appear lame?? Wordle's very randomness is what makes it so great! It's why thousands of people play. And, I'd wager, why the Times eagerly shelled out in the "low seven figures" for it. The ability to guess the Wordle based on context clues that would appeal to Andy Borowitz is soul-crushing. Or, at the very least, quite annoying.

Andrew Tarantola writes via Engadget: It's been six years since Tesla, SpaceX (and now Twitter) CEO Elon Musk co-founded brain-control interfaces (BCI) startup, Neuralink. It's been three years since the company first demonstrated its "sewing machine-like" implantation robot, two years since the company stuck its technology into the heads of pigs -- and just over 19 months since they did the same to primates, an effort that allegedly killed 15 out of 23 test subjects. After a month-long delay in October, Neuralink held its third "show and tell" event on Wednesday where CEO Elon Musk announced, "we think probably in about six months, we should be able to have a Neuralink installed in a human."

Neuralink has seen tumultuous times in the previous April 2021 status update: The company's co-founder, Max Hodak, quietly quit just after that event, though he said was still a "huge cheerleader" for Neuralink's success. That show of confidence was subsequently shattered this past August after Musk reportedly approached Neuralink's main rival, Synchron, as an investment opportunity. Earlier in February, Neuralink confirmed that monkeys had died during prototype testing of its BCI implants at the University of California, Davis Primate Center but rejected accusations by the Physicians Committee for Responsible Medicine of animal cruelty. Musk responded indirectly to those charges on Wednesday. "Before we would even think of putting a device in an animal, we do everything possible we with rigorous benchtop testing, We're not cavalier about putting these devices into animals," he said. "We're extremely careful and we always want the device, whenever we do the implant -- whether into a sheep, pig or monkey -- to be confirmatory, not exploratory."

Neuralink is still working towards gaining FDA approval for its implant, though the company was awarded the agency's Breakthrough Device Designation in July 2020. This program allows patients and caregivers more "timely access" to promising treatments and medical devices by fast tracking their development and regulatory testing. As of September, 2022 the FDA has granted that designation to 728 medical devices. The FDA has also updated its best practices guidance regarding clinical and nonclinical BCI testing in 2021. "The field of implanted BCI devices is progressing rapidly from fundamental neuroscience discoveries to translational applications and market access," the agency asserted in its May guidance. "Implanted BCI devices have the potential to bring benefit to people with severe disabilities by increasing their ability to interact with their environment, and consequently, providing new independence in daily life."

Spotify's CEO Daniel Ek renewed his attack on Apple on Wednesday in a series of tweets alleging the iPhone maker "gives itself every advantage while at the same time stifling innovation and hurting consumers." From a report: Ek tagged a number of sympathetic business leaders in his 21-tweet thread, including Musk, Microsoft president Brad Smith, and Proton founder Andy Yen. On Monday, the world's richest person Elon Musk criticized the fee Apple charges software developers - including his Twitter business - for in-app purchases, and posted a meme suggesting he was willing to "go to war" rather than pay it. Spotify has previously submitted antitrust complaints against Apple in various countries, alleging the 30% charge has forced Spotify to "artificially inflate" its own prices.

Serum, a decentralized crypto exchange backed by FTX, notified its 215,000 Twitter followers the project is "defunct" after the crypto exchange giant's sudden collapse -- while pointing users towards a community-led fork of the project. From a report: "The Serum program on mainnet became defunct" following FTX's implosion, Serum tweeted. "As upgrade authority is held by FTX, security is in jeopardy, leading to protocols like Jupiter and Radium moving away," it added, referring to two DeFi projects on the Solana blockchain. Earlier this month, the now-bankrupt FTX exchange was hacked for more than $400 million, which is said to have compromised the security of Serum's code. This is because the "update authority" for its code was held solely in the hands of insiders at the FTX exchange, Serum explained. The team also commented on its native Serum (SRM) token, stating its future was "uncertain" and that developers have proposed to scrap its use due to exposure to FTX and its sister trading firm Alameda Research.

The British government has abandoned a plan to force tech firms to remove internet content that is harmful but legal, after the proposal drew strong criticism from lawmakers and civil liberties groups. From a report: The U.K. on Tuesday defended its decision to water down the Online Safety Bill, an ambitious but controversial attempt to crack down on online racism, sexual abuse, bullying, fraud and other harmful material. Similar efforts are underway in the European Union and the United States, but the U.K.'s was one of the most sweeping. In its original form, the bill gave regulators wide-ranging powers to sanction digital and social media companies like Google, Facebook, Twitter and TikTok.

Critics had expressed concern that a requirement for the biggest platforms to remove "legal but harmful" content could lead to censorship and undermine free speech. The Conservative government of Prime Minister Rishi Sunak, who took office last month, has now dropped that part of the bill, saying it could "over-criminalize" online content. The government hopes the change will be enough to get the bill through Parliament, where it has languished for 18 months, by mid-2023. Digital Secretary Michelle Donelan said the change removed the risk that "tech firms or future governments could use the laws as a license to censor legitimate views."

Britain will not force tech giants to remove content that is "legal but harmful" from their platforms after campaigners and lawmakers raised concerns that the move could curtail free speech, the government said on Monday. Reuters reports: Online safety laws would instead focus on the protection of children and on ensuring companies removed content that was illegal or prohibited in their terms of service, it said, adding that it would not specify what legal content should be censored. Platform owners, such as Facebook-owner Meta and Twitter, would be banned from removing or restricting user-generated content, or suspending or banning users, where there is no breach of their terms of service or the law, it said.

The government had previously said social media companies could be fined up to 10% of turnover or 18 million pounds ($22 million) if they failed to stamp out harmful content such as abuse even if it fell below the criminal threshold, while senior managers could also face criminal action. The proposed legislation, which had already been beset by delays and rows before the latest version, would remove state influence on how private companies managed legal speech, the government said. It would also avoid the risk of platforms taking down legitimate posts to avoid sanctions. [...]

The revised Online Safety Bill, which returns to parliament next month, puts the onus on tech companies to take down material in breach of their own terms of service and to enforce their user age limits to stop children circumventing authentication methods, the government said. If users were likely to encounter controversial content such as the glorification of eating disorders, racism, anti-Semitism or misogyny not meeting the criminal threshold, the platform would have to offer tools to help adult users avoid it, it said. Only if platforms failed to uphold their own rules or remove criminal content could a fine of up to 10% of annual turnover apply. Britain said late on Saturday that a new criminal offense of assisting or encouraging self-harm online would be included in the bill.

Coinsquare, one of Canada's largest cryptocurrency exchanges, may have been breached, but the company claims customer assets are "secure in cold storage and are not at risk." CoinDesk reports: The exchange, which touts itself as "Canada's trusted platform to securely buy, sell and trade Bitcoin, Ethereum, and more," emailed customers Friday to report a "data incident" in which an unauthorized third party accessed a customer database containing personal information. According to the email, the breach exposed "customer names, email addresses, residential addresses, phone numbers, dates of birth, device IDs, public wallet addresses, transaction history, and account balances." Although the email was sent Friday, Coinsquare discovered the breach last week and notified customers via Twitter. "No passwords were exposed. We have no evidence any of this information was viewed by the bad actor," the email stated.

Coinsquare suspended activities on its platform after detecting the vulnerability last week, triggering speculation of possible liquidity issues, given the momentous implosion of multi-billion-dollar crypto exchange, FTX, earlier this month. Full service was restored on Friday, according to a tweet. "We want to reiterate that 100% of client funds are safely held in cold storage and are not used for business activities," the company tweeted.

In a series of tweets Monday, Elon Musk said Apple had mostly stopped advertising on Twitter and had threatened to withhold the Twitter app from the App Store. Musk said the iPhone-maker won't disclose why it is making the threat.

"Amazon workers at the air hub outside the Cincinnati Northern Kentucky international airport, Amazon's largest air hub in the world, are pushing to organize a union," reports the Guardian, "in the latest effort to mobilize workers at the tech company." Workers say they are dissatisfied with annual wage increases this year. About 400 of them have signed a petition to reinstate a premium hourly pay for Amazon's peak season that hasn't been enacted at the site yet. Their main demands also include a $30 an hour starting wage, 180 hours of paid time off and union representation at disciplinary hearings....

About 4,500 workers are employed at the expanding air hub in Kentucky. Those organizing have already filed two unfair labor practice charges over Amazon's response to the unionization effort, which has included anti-union talking points on televisions and its communications system for employees that characterize the effort as a third-party scheme....

Organizing efforts at Amazon have spread beyond the JFK8 Staten Island, New York, warehouse, where workers won the first union election at an Amazon site in the US in April 2022. But they have yet to repeat the success.... Employees at an Amazon warehouse outside Raleigh, North Carolina, are now collecting union authorization signatures in hopes of filing for an election by this summer.... At other Amazon warehouses in Georgia, Minnesota, Illinois and California, workers have organized strikes and petitions to push the company to increase wages and improve working conditions.

Steven Kelley, a learning ambassador at the Kentucky air hub, explained that most workers were paid less than $20 an hour. He said the pay wasn't commensurate with the dangerous work the workers perform, in a location where employee turnover was about 150%, with a constant training of workers who wind up quitting. He also said the disciplinary procedures at Amazon weren't transparent or communicated well enough.... He explained that workers weren't paid enough to live without roommates and made less than other workers in transportation and logistics because they were classified as retail employees.
One worker at the Kentucy air hub complained to the Guardian, "We're the lifeblood of the company, not corporate, not upper management. We're actually the ones who are sorting the freight, and loading the freight."