Uber discovered its computer network had been breached on Thursday, leading the company to take several of its internal communications and engineering systems offline as it investigated the extent of the hack. From a report: The breach appeared to have compromised many of Uber's internal systems, and a person claiming responsibility for the hack sent images of email, cloud storage and code repositories to cybersecurity researchers and The New York Times. "They pretty much have full access to Uber," said Sam Curry, a security engineer at Yuga Labs who corresponded with the person who claimed to be responsible for the breach. "This is a total compromise, from what it looks like."

An Uber spokesman said the company was investigating the breach and contacting law enforcement officials. Uber employees were instructed not to use the company's internal messaging service, Slack, and found that other internal systems were inaccessible, said two employees, who were not authorized to speak publicly. Shortly before the Slack system was taken offline on Thursday afternoon, Uber employees received a message that read, "I announce I am a hacker and Uber has suffered a data breach." The message went on to list several internal databases that the hacker claimed had been compromised. BleepingComputers adds: According Curry, the hacker also had access to the company's HackerOne bug bounty program, where they commented on all of the company's bug bounty tickets. Curry told BleepingComputer that he first learned of the breach after the attacker left the above comment on a vulnerability report he submitted to Uber two years ago. Uber runs a HackerOne bug bounty program that allows security researchers to privately disclose vulnerabilities in their systems and apps in exchange for a monetary bug bounty reward. These vulnerability reports are meant to be kept confidential until a fix can be released to prevent attackers from exploiting them in attacks.

Curry further shared that an Uber employee said the threat actor had access to all of the company's private vulnerability submissions on HackerOne. BleepingComputer was also told by a source that the attacker downloaded all vulnerability reports before they lost access to Uber's bug bounty program. This likely includes vulnerability reports that have not been fixed, presenting a severe security risk to Uber. HackerOne has since disabled the Uber bug bounty program, cutting off access to the disclosed vulnerabilities.

Craig Wright told a Norwegian court on Wednesday that he "stomped on the hard drive" that contained the "key slices" required to grant him access to Satoshi Nakamoto's private keys, making it "incredibly difficult" to cryptographically prove he is the creator of Bitcoin -- a title he has claimed but failed to prove since 2016. From a report: Wright's inability to back up his claims with acceptable evidence is the issue at the center of his trial in Norway, one of two simultaneous legal battles between Wright and crypto Twitter personality Hodlonaut (real name Magnus Granath) over a series of tweets Hodlonaut -- then, a public school teacher with roughly 8,000 Twitter followers -- wrote in March 2019, deeming Wright a pretender and calling him a "scammer" and a "fraud."

Wright previously attempted to prove he was Satoshi in 2016 by demonstrating "proof" that he controlled Satoshi's private keys -- first, in private "signing sessions" with Bitcoin developer Gavin Andresen and former Bitcoin Foundation Director Jon Matonis (Andresen later said he'd been "bamboozled" by Wright and Matonis went on to work for a company owned by Wright), and later, in a public blog post offering "proof" that was thoroughly debunked by several well-known cryptography experts. In Norway, however, Wright is no longer attempting to convince the court he is Satoshi with cryptographic evidence -- partly because he claims to have intentionally destroyed his only proof shortly after attempting suicide in May 2016, following his signing session with Andresen, and partly because he now claims cryptographic proof is inconclusive and that "identity is not related to keys."

Bruce66423 shares a report from the Associated Press: A rape victim whose DNA from her sexual assault case was used by San Francisco police to arrest her in an unrelated property crime on Monday filed a lawsuit against the city. During a search of a San Francisco Police Department crime lab database, the woman's DNA was tied to a burglary in late 2021. Her DNA had been collected and stored in the system as part of a 2016 domestic violence and sexual assault case, then-District Attorney Chesa Boudin said in February in a shocking revelation that raised privacy concerns. "This is government overreach of the highest order, using the most unique and personal thing we have -- our genetic code -- without our knowledge to try and connect us to crime," the woman's attorney, Adante Pointer, said in a statement.

The revelation prompted a national outcry from advocates, law enforcement, legal experts and lawmakers. Advocates said the practice could affect victims' willingness to come forward to law enforcement authorities. Federal law already prohibits the inclusion of victims' DNA in the national Combined DNA Index System. There is no corresponding law in California to prohibit local law enforcement databases from retaining victims' profiles and searching them years later for entirely different purposes.

Boudin said the report was found among hundreds of pages of evidence against a woman who had been recently charged with a felony property crime. After learning the source of the DNA evidence, Boudin dropped the felony property crime charges against the woman. The police department's crime lab stopped the practice shortly after receiving a complaint from the district attorney's office and formally changed its operating procedure to prevent the misuse of DNA collected from sexual assault victims, Police Chief Bill Scott said. Scott said at a police commission meeting in March that he had discovered 17 crime victim profiles, 11 of them from rape kits, that were matched as potential suspects using a crime victims database during unrelated investigations. Scott said he believes the only person arrested was the woman who filed the lawsuit Monday.

A rocket crashed back to Earth shortly after liftoff Monday in the first launch accident for Jeff Bezos' space travel company, but the capsule carrying experiments managed to parachute to safety. From a report: No one was aboard the Blue Origin flight, which used the same kind of rocket as the one that sends paying customers to the edge of space. The rockets are now grounded pending the outcome of an investigation, the Federal Aviation Administration said.

The New Shepard rocket was barely a minute into its flight from West Texas when bright yellow flames shot out from around the single engine at the bottom. The capsule's emergency launch abort system immediately kicked in, lifting the craft off the top. Several minutes later, the capsule parachuted onto the remote desert floor. The rocket came crashing down, with no injuries or damage reported, said the FAA, which is in charge of public safety during commercial space launches and landings. Blue Origin's launch commentary went silent when the capsule catapulted off the rocket Monday morning, eventually announcing: "It appears we've experienced an anomaly with today's flight. This wasn't planned."

Here's a Linux distro scoop from IT World Canada. "Gregory Kurtzer, who founded and once led the former open-source project CentOS Linux as well as The cAos Foundation, the organization where early development of it took place, said today a governance structure has been put in place that will keep Rocky Linux in the public domain forever." Development of Rocky Linux began shortly after, in late 2020, Red Hat terminated development of CentOS, a community-based Linux distribution derived from Red Hat Enterprise Linux (RHEL) that had been in existence since 2004. It is named after Jason Dale "Rocky" McGaugh, a talented programmer involved in CentOS development, who passed away in December 2004 at the age of only 30. Asked what McGaugh might have thought of the OS being named after him, Kurtzer told IT World Canada, "to be honest, he was a shy guy. I don't know if he would have liked the attention, but at the same token, he was a huge advocate of open source and a big fan of open source.

"Personally, I don't think he would have liked what happened with CentOS."

Kurtzer added that "what we are doing with Rocky Linux is really where he would have liked to see the project and open source going. When we named it Rocky Linux, it was a hat tip to him for everything he has done, not only in open source and high-performance computing (HPC), but also with the CentOS project.

"One of the last e-mails that he wrote to the e-mail list was that he was 99 per cent done development of CentOS. It was pretty much ready to go when he passed, but he never saw it released."

The key for an open-source initiative to grow and flourish, said Kurtzer, lies with registering it as a non-profit organization, which was the case with The cAos Foundation. He has done the same with Rocky Linux.
It's official name is the Rocky Enterprise Software Foundation, "backed by an advisory board of trusted individuals and team leads from the Rocky Linux community."

"The very first results from the James Webb Space Telescope seem to indicate that massive, luminous galaxies had already formed within the first 250 million years after the Big Bang," reports Sky and Telescope.

"If confirmed, this would seriously challenge current cosmological thinking." Shortly after NASA published Webb's first batch of scientific data, the astronomical preprint server arXiv was flooded with papers claiming the detection of galaxies that are so remote that their light took some 13.5 billion years to reach us. Many of these appear to be more massive than the standard cosmological model that describes the universe's composition and evolution. "It worries me slightly that we find these monsters in the first few images," says cosmologist Richard Ellis (University College London)....

Before the community accepts these claims, the reported redshifts have to be confirmed spectroscopically. Mark McCaughrean, the senior science adviser of the European Space Agency (a major partner on Webb) commented on Twitter: "I'm sure some of them will be [confirmed], but I'm equally sure they won't all be. [...] It does all feel a little like a sugar rush at the moment."

Ellis agrees: "It's one thing to put a paper on arXiv," he says, "but it's quite something else to turn it into a lasting article in a peer-reviewed journal."
Since 1991, science writer Eric Lerner has been arguing that the Big Bang never happened. Now 75 years old, he writes: In the flood of technical astronomical papers published online since July 12, the authors report again and again that the images show surprisingly many galaxies, galaxies that are surprisingly smooth, surprisingly small and surprisingly old. Lots of surprises, and not necessarily pleasant ones. One paper's title begins with the candid exclamation: "Panic!"

Why do the JWST's images inspire panic among cosmologists? And what theory's predictions are they contradicting? The papers don't actually say. The truth that these papers don't report is that the hypothesis that the JWST's images are blatantly and repeatedly contradicting is the Big Bang Hypothesis that the universe began 14 billion years ago in an incredibly hot, dense state and has been expanding ever since. Since that hypothesis has been defended for decades as unquestionable truth by the vast majority of cosmological theorists, the new data is causing these theorists to panic. "Right now I find myself lying awake at three in the morning," says Alison Kirkpatrick, an astronomer at the University of Kansas in Lawrence, "and wondering if everything I've done is wrong...."

Even galaxies with greater luminosity and mass than our own Milky Way galaxy appear in these images to be two to three times smaller than in similar images observed with the Hubble Space Telescope (HST), and the new galaxies have redshifts which are also two to three times greater.This is not at all what is expected with an expanding universe, but it is just exactly what I and my colleague Riccardo Scarpa predicted based on a non-expanding universe, with redshift proportional to distance.... [T]he galaxies that the JWST shows are just the same size as the galaxies near to us, if it is assumed that the universe is not expanding and redshift is proportional to distance.....

Big Bang theorists did expect to see badly mangled galaxies scrambled by many collisions or mergers. What the JWST actually showed was overwhelmingly smooth disks and neat spiral forms, just as we see in today's galaxies. The data in the "Panic!" article showed that smooth spiral galaxies were about "10 times" as numerous as what theory had predicted and that this "would challenge our ideas about mergers being a very common process". In plain language, this data utterly destroys the merger theory....

According to Big Bang theory, the most distant galaxies in the JWST images are seen as they were only 400-500 million years after the origin of the universe. Yet already some of the galaxies have shown stellar populations that are over a billion years old. Since nothing could have originated before the Big Bang, the existence of these galaxies demonstrates that the Big Bang did not occur....

While Big Bang theorists were shocked and panicked by these new results, Riccardo and I (and a few others) were not. In fact, a week before the JWST images were released we published online a paper that detailed accurately what the images would show. We could do this with confidence because more and more data of all kinds has been contradicting the Big Bang hypothesis for years....

Based on the published literature, right now the Big Bang makes 16 wrong predictions and only one right one — the abundance of deuterium, an isotope of hydrogen.
UPDATE: Kirkpatrick says her quote was was taken out of context, in an article from Space.com that dismises Eric Lerner as "a serial denier of the Big Bang since the late 1980s, preferring his personal pseudoscientific alternative."

Microsoft confirmed this week that it will soon start blocking Visual Basic Applications (VBA) macros in Office apps by default after quietly rolling back the change earlier this month. From a report: In a new update, the technology giant said that it will start blocking Office macros by default starting from July 27. This comes shortly after Microsoft halted the rollout of the macros-blocking feature citing unspecified "user feedback." It's thought the initial rollout, which kicked off at the beginning of June, caused issues for organizations using macros to automate routine processes, such as data collection or running certain tasks. In a statement given to TechCrunch, Microsoft said it paused the rollout while it "makes some additional changes to enhance usability." The company has since updated its documentation with step-by-step instructions for end users and IT admins explaining how Office determines whether to block or run macros, which Office versions are affected by the new rules, how to allow VBA macros in trusted files and how to prepare for the change.

An anonymous reader quotes a report from 9to5Google: With the addition of the developer-generated Data safety section this year, Google Play removed the old list of app permissions. The Play Store is now reversing this decision in response to user feedback and will have both coexist. In a short thread this morning, Android Developers (@AndroidDev) on Twitter said it "heard your feedback that you find the app permissions section in Google Play useful, and we've decided to reinstate it." It will be "back shortly," but the company did not specify if this will be done through a server-side change or whether a new version of the Play Store app is required: "The Data safety section provides users with a simplified view of how an app collects, shares, & secures user data, but we also want to make app permissions information easily viewable for users to understand an app's ability to access specific restricted data & actions too."

As Google summarizes, the Play permissions list is "based on the install-time permissions that an app declares in its manifest," and "represents an app's ability to access specific data." Data safety is focused on what an app collects and shares with third parties, similar to Apple's App Store. As of July 20, Google is directly warning "non-compliant new app submissions and app updates" that don't completely fill out the Data safety form. Developers have until August 22 to comply or they won't be able to publish new apps or updates. After that, applications might be removed from the Play Store.

The Biden administration is investigating Chinese telecoms equipment maker Huawei over concerns that U.S. cell towers fitted with its gear could capture sensitive information from military bases and missile silos that the company could then transmit to China, Reuters reported Thursday, citing people familiar with the matter. From the report: Authorities are concerned Huawei could obtain sensitive data on military drills and the readiness status of bases and personnel via the equipment, one of the people said, requesting anonymity because the investigation is confidential and involves national security. The previously unreported probe was opened by the Commerce Department shortly after Joe Biden took office early last year, the sources said, following the implementation of rules to flesh out a May 2019 executive order that gave the agency the investigative authority.

NSO Group's Pegasus spyware was used to target Thai pro-democracy protesters and leaders calling for reforms to the monarchy. "We forensically confirmed that at least 30 individuals were infected with NSO Group's Pegasus spyware," reports Citizen Lab. "The observed infections took place between October 2020 and November 2021." Here's an excerpt from the report: Introduction: Surveillance & Repression in Thailand: The Kingdom of Thailand is a constitutional monarchy with a parliamentary-style government divided into executive, legislative, and judiciary branches. The country has been beset by intense political conflict since 2005, during the government of former Prime Minister Thaksin Shinawatra. Corruption allegations against the regime culminated in a military coup on September 19, 2006 that ousted Thaksin. The military launched another coup on May 22, 2014 and seized power following mass protests against the civilian government led by Thaksin's sister, Yingluck Shinawatra. The junta claimed that the 2014 coup was needed to restore order and called itself the National Council for Peace and Order (NCPO).

Findings: Pegasus Infections in Thailand: On November 23, 2021, Apple began sending notifications to iPhone users targeted by state-backed attacks with mercenary spyware. The recipients included individuals that Apple believes were targeted with NSO Group's FORCEDENTRY exploit. Many Thai civil society members received this warning. Shortly thereafter, multiple recipients of the notification made contact with the Citizen Lab and regional groups. In collaboration with Thai organizations iLaw and DigitalReach, forensic evidence was obtained from notification recipients, and other suspected victims, who consented to participate in a research study with the Citizen Lab. We then performed a technical analysis of forensic artifacts to determine whether these individuals were infected with Pegasus or other spyware. Victims publicly named in this report consented to be identified as such, while others chose to remain anonymous, or have their cases described with limited detail.

Civil Society Pegasus Infections: We have identified at least 30 Pegasus victims among key civil society groups in Thailand, including activists, academics, lawyers, and NGO workers. The infections occurred from October 2020 to November 2021, coinciding with a period of widespread pro-democracy protests, and predominantly targeted key figures in the pro-democracy movement. In numerous cases, multiple members of movements or organizations were infected. Many of the victims included in this report have been repeatedly detained, arrested, and imprisoned for their political activities or criticism of the government. Many of the victims have also been the subject of lese-majeste prosecutions by the Thai government. While many of the infections were detected on the devices of prominent figures, hacking was also observed against individuals who are not publicly involved in the protests. Speculatively, this may reflect the attackers' intent to uncover details about how opposition movements were organized, and may have been prompted by specific financial transactions that would have been known to Thai financial institutions and the government, but not the public.

Apple and Jony Ive are breaking up -- and this time, according to The New York Times, it's for real. Engadget reports: Ive left the tech giant in 2019 after over two decades and formed his own company called LoveFrom, which counted Apple as its first and primary client. The publication said that both parties agreed not to extend their contract in the weeks leading up to its renewal and to stop working together for the first time since the 90's.

The Times said LoveFrom's multi-year contract with Apple was worth $100 million and prohibited the firm from taking on any project that the tech giant considered to be in competition with its products. Ive reportedly wanted the freedom to take on new clients without needing to ask permission from Apple. Meanwhile, the company's executives had apparently been questioning the amount Apple was paying him and had grown frustrated over employees quitting to join his design firm instead. Shortly after Jony Ive left Apple in 2019, the Wall Street Journal reported that Ive was slowly drifting apart from the company for several years as the iPhone maker's priorities shifted from product design to operations.

Further reading: 'Apple is Not in Trouble Because Jony Ive is Leaving, It Is in Trouble Because He's Not Being Replaced'.

Reddit said Thursday it is launching blockchain-powered "collectible avatars." From a blog post: About two years ago, we launched a new and improved Avatar Builder, allowing anyone to generate and customize their own personal avatar -- a unique way to display identity on Reddit. Shortly thereafter, we made countless accessories, outfits, and hairstyles available to allow for even more expression. We also brought redditors custom avatars in collaboration with partners like Netflix, Riot Games, and the Australian Football League (AFL). Seeing avatars take off got us thinking - what would happen if we gave artists on Reddit license to make any style of avatar they wanted? And what if we could help these artists showcase their art to the entire Reddit community and make it easy for them to earn money for their work? Our new Collectible Avatars storefront does just that.

In this series, Collectible Avatars are limited-edition avatars made by independent artists, in partnership with Reddit, and provide owners with unique benefits on the Reddit platform. If someone sets their Collectible Avatar as their avatar on Reddit, they can mix-and-match the avatar gear with other Reddit avatar gear and accessories, and their profile image in comments sections will have a glow-like effect. Collectible Avatars differ from other avatars on Reddit in a few ways: They are available for purchase (vs. being free or available via Reddit Premium), and artists will be paid for each Collectible Avatar sold. Collectible Avatars are backed by blockchain technology, giving purchasers rights (a license) to use the art -- on and off Reddit. You do not need cryptocurrency to purchase these avatars, nor are they being put up for auction. Each avatar has been priced at a fixed amount and is purchasable with fiat (government-issued) currencies.

One of the GNOME developers has suggested that the next major release of Gtk could drop support for the X window system. The Register reports: Emmanuele Bassi opened a discussion last week on the GNOME project's Gitlab instance that asked whether the developers could drop X.11 support in the next release of Gtk. At this point, it is only a suggestion, but if it gets traction, this could significantly accelerate the move to the Wayland display server and the end of X.11.

Don't panic: Gtk 5 is not imminent. Gtk is a well-established toolkit, originally designed for the GIMP bitmap editing program back in 1998. Gtk 4 arrived relatively recently, shortly before the release of GNOME 40 in 2021. GNOME 40 has new user-interface guidelines, and as a part of this, Gtk 4 builds GNOME's Adwaita theme into the toolkit by means of the new libadwaita library, which is breaking the appearance of some existing apps.

Also, to be fair, as we recently covered, the X window system is very old now and isn't seeing major changes, although new releases of parts of it do still happen. This discussion is almost certain to get wildly contentious, and the thread on Gitlab has been closed to further comments for now. If this idea gains traction, one likely outcome might well be a fork of Gtk, just as happened when GNOME 3 came out. [...] A lot of the features of the current version, X.11, are no longer used or relevant to most users. Even so, X.12 is barely even in the planning stages yet.

"A metallic NATO is starting to take shape," writes the senior metals columnist at Reuters, "though no-one is calling it that just yet." The Minerals Security Partnership is in theory open to all countries that are committed to "responsible critical mineral supply chains to support economic prosperity and climate objectives". But the coalition assembled by the United States is one of like-minded countries such as Australia, Canada, the United Kingdom, France and Germany with an Asian axis in the form of Japan and South Korea. [Also the European Commission, as well as Finland and Sweden.]

It is defined as much as anything by who is not on the invite list — China and Russia.

China's dominance of key enabling minerals such as lithium and rare earths is the single biggest reason why Western countries are looking to build their own supply chains. Russia, a major producer of nickel, aluminium and platinum group metals, is now also a highly problematic trading partner as its war in Ukraine that the Kremlin calls a "special military operation" grinds on. A previously highly globalised minerals supply network looks set to split into politically polarised spheres of influence, a tectonic realignment with far-reaching implications. The United States and Europe have realised that they can't build out purely domestic supply chains quickly enough to meet demand from the electric vehicle transition....

The process was already well underway before the U.S. State Department announced the formation of the Minerals Security Partnership on June 14. U.S. and Canadian officials have been working closely as Canada fleshes out a promised C$3.8 billion ($3.02 billion) package to boost production of lithium, copper and other strategic minerals. European Commission Vice-President Maros Sefcovic has just been in Norway to seal "a strategic partnership" on battery technologies and critical raw materials.
The article points out America's Department of Defense is already investing $120 million in a new plant for heavy rare earths separation — and has chosen an Australian company as its partner.

Shortly thereafter the Defense Department noted an online disinformation campaign against its new partner (according to U.S.-based cybersecurity firm Mandiant), disinformation which Reuters describes as "a pro-China propaganda campaign" using fake social media accounts to try to stir up opposition.

"Effortlessly funny. Endlessly talented. Gone too soon," tweeted fellow YouTuber Ted Nivison after hearing the news. "Technoblade, a popular Minecraft YouTuber, has died from cancer age 23," writes the Verge.

But before Technoblade left, he'd prepared a goodbye for his 11.9 million subscribers: In a video uploaded to his YouTube channel titled "so long nerds" and narrated by his father, Technoblade thanked his fans and fellow streamers for their support over the years... His father says Technoblade wrote the script for his final video from bed and died shortly afterwards. "I don't think he said everything he wanted to say, but I think he got the main points," says his father. "He finished that up and then he was done. He lived about another eight hours after that."
"Hello, everyone! Technoblade here," the final message begins. "If you're watching this, I am dead. So let's sit down and have one final chat." My real name is Alex. I had one of my siblings call me 'Dave' one time in a deleted video from 2016, and it was one of the most successful pranks we've ever done. Thousands of creepy online dudes trying to get overly personal going 'Oh hey, Dave. How's it going?'

Sorry for selling out so much in the past year. But thanks to everyone that bought hoodies, plushies, and channel memberships. My siblings are going to college! Well, if they want to. I don't want to put any dead-brother peer pressure on them.

But that's all from me. Thank you all for supporting my content over the years. If I had another hundred lives, I think I would choose to be Technoblade every single time, as those were the happiest years of my life. I hope you guys enjoyed my content, and that I made some of you laugh.

And I hope you all go on to live long, prosperous, and happy lives. Because I love you guys.

Technoblade out.
After reading the statement, the 23-year-old's father remembered that in those final hours, "We all said goodbye." Then he adds that "He was the most amazing — he was the most amazing kid anyone could ever ask for." He said he misses his son, and thanked his viewers "for everything. You meant a lot to him."

And at the end of the video a message from "Techno's mom" appears on the screen. "My son's bravery on this path was a shining lesson to all of us who were privileged to walk it with him."

The Department of Justice this afternoon announced criminal charges against the creator of the Baller Ape Club NFT collection for orchestrating a so-called "rug pull." From a report: The charges, announced alongside those in three other cryptocurrency fraud cases, mark the second time that federal prosecutors have gone after an NFT "rug-pull" scheme, in which an NFT project's creators sell NFTs on false promises of community benefits and utility, only to abandon the project and make away with investors' funds. Le Anh Traun, a Vietnamese national, is charged with one count of conspiracy to commit wire fraud and one count of conspiracy to commit international money laundering. Traun allegedly collected $2.6 million from Baller Ape NFT buyers, only to shortly thereafter delete the organization's website and launder the funds. According to the Justice Department, he converted the ill-gotten gains into different cryptocurrencies and moved them across multiple blockchains, in a practice known as "chain-hopping." If convicted, Traun could face up to 40 years in prison.

An anonymous reader quotes a report from TorrentFreak: Megaupload founder Kim Dotcom does not seem like a happy man right now. After accusing two of his former colleagues [Mathias Ortmann and Bram van der Kolk] of facilitating Chinese spying, Dotcom says that a report is being produced to show that mass infringement is taking place on Mega, a company he co-founded. Surprisingly, he says it will include live pirate links to content posted by Mega users. [...] Turning his attention to former colleagues Ortmann and van der Kolk, last week Dotcom publicly blamed them for his exit from Mega, claiming they had "stolen" the company from him. How this dovetails with previous allegations related to his major falling out with former Mega CEO Tony Lentino, who also founded domain name registrar Instra, is unknown.

Local media reports suggest that Dotcom hasn't spoken to former friends Ortmann and van der Kolk for years but their recent deal to avoid extradition in the Megaupload case by pleading guilty to organized crime charges puts Dotcom in a tough spot. "My co-defendants who claimed to be innocent for 10+ years were offered a sweet exit deal for a false confession," he said last week. And he wasn't finished there. After a research team found that Mega was vulnerable to attacks that allow for a "full compromise of the confidentiality of user files", Ortmann himself responded via a security notification stating that the issues had been fixed. In response, Dotcom accused Ortmann and van der Kolk of creating "backdoors" in Mega so that the Chinese government could decrypt users' files. "Same shady guys who just made a deal with the US and NZ Govt to get out of the US extradition case by falsely accusing me," he added.

Whether this reference to the no-extradition-deal betrayed what was really on Dotcom's mind is up for debate but whatever the motivation, he's not letting it go. In a tweet posted yesterday, he again informed his 850K+ followers that the company he founded "is not safe" and people who think that their files are unreadable by Mega are wrong. Shortly after, Dotcom delivered another message, one even darker in tone. It targeted Mega, the company he co-founded and where his colleagues still work. It's possible to interpret the tweet in several ways but none seem beneficial to his former colleagues, Mega, or its users. "In addition to security vulnerabilities a comprehensive report about mass copyright infringement on Mega with millions of active links and channels is in the works," he said. "[P]erhaps the most worrying thing about this new complication in an escalating dispute is its potential to affect the minority of users that actually store infringing files on Mega," adds TorrentFreak. "Any detailed report of 'mass copyright infringement' will draw negative attention directly to them, especially if the report includes active hyperlinks as Dotcom suggests."

"Couple that with Dotcom's allegations that the content of user files can be read, any conclusion that this upcoming infringement report hasn't been thought through from a user perspective can be easily forgiven..."

Chinese bank depositors planning a protest about their frozen funds saw their health code mysteriously turn red and were stopped from traveling to the site of a rally, confirming fears that China's vast COVID-tracking system could be weaponized as a powerful tool to stifle dissent. Motherboard reports: A red health code designated the would-be protesters as suspected or confirmed COVID-19 patients, limiting their movement and access to public transportation. Their rallies in the central Henan province this week were thwarted as some were forced into quarantine and others detained by police. A 38-year-old software engineer was among hundreds who could not access their savings at four rural banks since mid-April. She had planned to travel from her home in Jiangxi province to Zhengzhou, Henan's capital city, to join a group petition this week to demand her money back. But her health code turned from green to red shortly after she bought a train ticket on Sunday. She said a nucleic test for COVID she took the night before came back negative and her hometown has not reported any infection recently.

"Henan authorities targeted the health code of bank depositors in order to stop us from defending our rights," she told VICE World News, speaking on condition of anonymity to avoid government reprisal. She eventually managed to reach Zhengzhou using her green health code on a different app, but was daunted by the sight of police officers out in force. More than 200 bank depositors from all over the country saw their health codes turned red over the past week, which effectively foiled a planned protest outside the Henan branch of China's banking regulator. Chinese activists and dissidents have reported similar experiences in the past, but the latest crackdown appears to be the most brazen example of how the authorities could exploit the supposed COVID-19 measure for political purposes.

"Venus crossed the sun's face 10 years ago today," writes Space.com. "Most people alive will never see the sight again."

Long-time Slashdot reader davidwr is still thinking about it: Slashdot, what are your memories of the 2012 or 2004 transits? What about other celestial events that you probably won't live long enough to see again?
At Space.com, astronomer Tom Kress points out Mercury transits are more common, occurring about 13 times each century — and supplies some context (along with some cool photos): In 1639, English astronomer Jeremiah Horrocks had improved on Kepler's tables using his own observations and aptitude for mathematics. He predicted a transit of Venus in December of that year with just a few weeks' notice, and sure enough it occurred. Kepler had miscalculated, and Horrocks became one of the only people in the world to have seen a transit of Venus....

Only six Venus transits have occurred since: in 1761 (as predicted by Kepler), 1769, 1874, 1882, 2004 and 2012. They come in pairs separated by eight years, but with more than a century between each set. The next transit won't occur until 2117 and, with this in mind, I made every effort to witness the entirety of the last one 10 years ago....

Shortly after noon local time, the black edge of the silhouette of Venus emerged on the face of the sun... A chorus of vocal awe erupted across the crowd of skywatchers, culminating in cheers of excitement as Venus' night-side began its rapid ingress onto the disk of the sun — a process that took just over 15 minutes....

I couldn't help but feel closer to Venus than I really was, standing on a huge terrestrial volcano and looking out at the most volcanic planet in the solar system.

Last summer Chinese market analyst Ming-Chi Kuo reported the iPhone 13 would include satellite communication capability, remembers long-time tech pundit Robert Cringley, who adds that the prediction was denied by Apple. "This, in itself, was weird because Apple generally doesn't react to rumors. But beyond the mere reaction, the way Apple responded to Ming's prediction was especially odd." An unattributed leak from Cupertino said that the iPhone 13 definitely would not include satellite communication capability. And even if some iPhone could communicate with satellites, the leak continued, it wouldn't be offering satellite voice service (which Ming had mentioned), limiting iPhones to satellite text or iMessage.... This was making less and less sense, but it clearly meant there was something happening.

Then came the iPhone 13 launch and Ming was wrong for a change — no satellite communications. So the Cupertino rumor mill went about its business, Ming's satellite rumor apparently forgotten.

But not by me....
And this leads Cringley to another prediction of his own: I am convinced an announcement will be coming soon. Apple will shortly enter the satellite business by acquiring GlobalStar and its 24 satellites. They will use those 24, plus 24 more satellites that Apple has already commissioned, to offer satellite service for iMessage and Apple's Find My network just like they implied in their denial last year.

These apps are proxies for Apple entering — and then dominating — the Internet of Things (IoT) business. After all, iPhones will give them 1.6 billion points of presence for AirTag detection even on sailboats in the middle of the ocean — or on the South Pole.

IoT is already a big business that is going to get even bigger even faster because of Apple. Adding that satellite connection to iMessage and Find My offers the possibility of ubiquity for IoT, though only on Apple's network. Ubiquity (being able to track anything in near real time anywhere on the planet) signals the maturity of IoT, turning it quickly into a $1 TRILLION business — in this case Apple's $1 TRILLION business....

While Apple's stated goals will be only iMessage and Find My, followed by IoT, in the longer run Cupertino plans to dis-intermediate the mobile carriers — becoming themselves a satellite-based global phone and data company. That will require shifting over additional Globalstar bandwidth plus launching another 300-600 satellites, so it is several years away but IS coming. Apple will compete not just with every other mobile carrier including Cupertino's own customers, they will also compete with satellite Internet providers like Starlink, OneWeb, and Amazon's Kuiper. Apple can compete with Starlink with so many fewer satellites because GlobalStar has vastly more licensed spectrum than does SpaceX, which has to reuse the same spectrum over and over again with thousands of satellites.