Last weekend a developer intentionally corrupted two of his libraries which collectively had more than 20 million weekly downloads and thousands of dependent projects.

Eight days later, one of those libraries has become a community controlled project.

Some highlights from the announcement at fakerjs.dev: We're a group of engineers who were using Faker in prod when the main package was deleted. We have eight maintainers currently....

What has the team done so far?

1. Created a GitHub org [repository] for the new Faker package under @faker-js/faker.
2. Put together a team of eight maintainers.
3. Released all previous versions of Faker at @faker-js/faker on npm.
4. Released the Version 6 Alpha
5. Almost completed migrating to TypeScript so that DefinitelyTyped no longer needs to maintain its external @types/faker package.
6. Created a public Twitter account for communicating with the community.
7. Released the first official Faker documentation website....

Faker has never had an official docs website and the awesome Jeff Beltran has been maintaining a project called "Un-Official faker.js Documentation" for the last 3 years.

He gave us permission to re-use his work to create fakerjs.dev

8. Cleaned up tooling like Prettier, CI, Netlify Deploy Previews, and GitHub Actions.
9. Done a TON of issue triage and many, many PR reviews.
10. We've gotten in contact with the Open Collective and discussed a transition plan for the project.

We fully intend to extend Faker, continuously develop it, and make it even better.

As such, we will work on a roadmap after we release 6.x and merge all of the TypeScript Pull Requests in the next week....

We're now turning Faker into a community-controlled project currently maintained by eight engineers from various backgrounds and companies....

We're excited to give new life to this idea and project.

This project can have a fresh start and it will become even cooler.

We felt we needed to do a public announcement because of all of the attention the project received in the media and from the community.

We believe that we have acted in the way that is best for the community.
According to the announcement, they've now also forked the funding so the project's original sponsors can continue to support the community-driven development in the future, while the original developers Marak and Brian "were able to retain the $11,652.69 USD previously donated to the project."

Friday the official Twitter account for the new community project announced "It's been a week. We've merged all of the active forks. Currently at 1532 stars. Looks like everything is settling." [It's now up to over 1,800 stars.]

One of the new maintainers has posted on Twitter, "I'm just grateful to the faker community that willed itself into existence and stepped up."

What happened after a developer intentionally corrupted two of their libraries which collectively had more than 20 million weekly downloads and thousands of dependent projects?

Mike Melanson's "This Week in Programming" column reports: In response to the corrupted libraries, Microsoft quickly suspended his GitHub access and reverted the projects on npm.... While this might seem like an open and shut case to some — the developer committed malicious code and GitHub and npm did what it had to do to protect its users — a debate broke out around a developer's rights to do what they wish with their code, no matter how many projects and dependencies it may have.

"GitHub suspending someone's account for modifying their own code in a project they own however they want spooks me a lot more than NPM reverting a package," [tweeted one company's Director of Engineering & Technology]. "I kind of love what Marak did to make a point and protest to be honest."

An article on iProgrammer further outlines the dilemma present in what might otherwise seem like a clear-cut case.... "Yes, it is open source in that you can fork it and can contribute to it but does this mean that GitHub is justified in denying you the right to change or even destroy your own code?"

As of last night, however, it would appear that the entire affair is merely one for intellectual debate, as GitHub has indeed lived up to what some might view as its end of the bargain: the developer's account is active, he has been allowed to remove his faker.js library on GitHub (depended upon as it might be), and has since offered an update that he does "not have Donkey Brains".

CityDAO -- the group that bought 40 acres of Wyoming in hopes of "building a city on the Ethereum blockchain" -- announced this week that its Discord server was hacked and members' funds were successfully stolen as a result. From a report: "EMERGENCY NOTICE. A CityDAO Discord admin account has been hacked. THERE IS NO LAND DROP. DO NOT CONNECT YOUR WALLET," the project's Twitter account declared. CityDAO is a "decentralized autonomous organization" that hopes to collectively govern a blockchain city, offering citizenship and governance tokens in exchange for the purchase of a "land NFT" bestowing ownership rights to a plot of land. Like many other cryptocurrency, NFT, and DAO projects, CityDAO's community lives on Discord, a popular service chiefly designed for gamers but which has become an indispensable part of the crypto ecosystem. On Discord, CityDAO issues announcements, updates, answers questions, hosts a community, and issues alerts for "land drops," or opportunities to buy NFTs that represent parcels of land.

The attack worked by compromising the Discord account of a moderator, a core-team member and early investor who goes by Lyons800. They detailed the angle of attack in a Twitter thread the following day. First, the attacker posted a doctored screenshot showing a conversation with Lyons800 in another Discord server, claiming that he was scamming people there. Lyons800 offered to prove it wasn't him and got on a voice call with the scammer, who convinced the moderator to let them inspect their console. From there, the scammer obtained Lyons800's Discord authentication token that let them hijack the account. In a tweet, Lyons800 described this as "a ridiculous security breach from Discord." From here, the scammer launched a webhook attack to exploit CityDAO and BaconDAO -- a group that describes itself as an "investors guild" that educates its members -- where Lyons800 is a co-founder. Webhooks are best thought of as tools that connect Discord servers to other websites, and are often used to send automated messages and updates.

Last year saw the hottest ocean temperatures in recorded history, the sixth consecutive year that this record has been broken, according to new research. The Guardian reports: The heating up of our oceans is being primarily driven by the human-caused climate crisis, scientists say, and represents a starkly simple indicator of global heating. While the atmosphere's temperature is also trending sharply upwards, individual years are less likely to be record-breakers compared with the warming of the oceans. Last year saw a heat record for the top 2,000 meters of all oceans around the world, despite an ongoing La Nina event, a periodic climatic feature that cools waters in the Pacific. The 2021 record tops a stretch of modern record-keeping that goes back to 1955. The second hottest year for oceans was 2020, while the third hottest was 2019.

Warmer ocean waters are helping supercharge storms, hurricanes and extreme rainfall, the paper states, which is escalating the risks of severe flooding. Heated ocean water expands and eats away at the vast Greenland and Antarctic ice sheets, which are collectively shedding around 1tn tons of ice a year, with both of these processes fueling sea level rise. Oceans take up about a third of the carbon dioxide emitted by human activity, causing them to acidify. This degrades coral reefs, home to a quarter of the world's marine life and the provider of food for more than 500m people, and can prove harmful to individual species of fish. As the world warms from the burning of fossil fuels, deforestation and other activities, the oceans have taken the brunt of the extra heat. More than 90% of the heat generated over the past 50 years has been absorbed by the oceans, temporarily helping spare humanity, and other land-based species, from temperatures that would already be catastrophic.

The amount of heat soaked up by the oceans is enormous. Last year, the upper 2,000 meters of the ocean, where most of the warming occurs, absorbed 14 more zettajoules (a unit of electrical energy equal to one sextillion joules) than it did in 2020. This amount of extra energy is 145 times greater than the world's entire electricity generation which, by comparison, is about half of a zettajoule. Long-term ocean warming is strongest in the Atlantic and Southern oceans, the new research states, although the north Pacific has had a "dramatic" increase in heat since 1990 and the Mediterranean Sea posted a clear high temperature record last year. The research has been published in the journal Advances in Atmospheric Sciences.

For a sector historically known for its fast-forward pace of innovation, consumer technology sure did a lot of backpedaling this year. From a report: The Nasdaq CTA Internet Index is in the red this year compared with a return of more than 27% for the S&P 500. Cathie Wood's famed ARK Innovation ETF, more than 30% of which was invested in information technology as of Sept. 30, has seen its net asset value decline 21% this year, underperforming the S&P by nearly 49 percentage points. She isn't alone. If you invested in enough tech stocks this year, you probably got burned by a few of them.

Select lowlights include fitness-equipment company Peloton Interactive, down nearly 75% this year; social-commerce company Poshmark, down almost 82%; and education-tech company Chegg, down 66%. At certain points, the number of names blowing up simultaneously was dizzying: Chegg, Peloton, Zillow Group and Vimeo all took nosedives around their most-recent earnings reports, collectively erasing some $26.3 billion in market value in a single week last month. A big part of the problem was the huge run logged in stay-at-home stocks in the latter half of last year. Many of tech's 2020 darlings became duds simply by virtue of the fact that they appreciated too much too quickly. In the end, the numbers couldn't keep pace.

Ms. Wood, at least, is sticking with the strategy that failed her this year. She said in a Bloomberg interview earlier this month that she expects it to yield "a compound annual rate of return of roughly 40% over the next five years," emphasizing, "That's a quadrupling." But investors shouldn't expect all of this year's dips to lead to easy dunks next year. Zillow, for example, is down over 50% in the year to date, and while its future without iBuying looks to be a much more steadily profitable business, the online real-estate company is still worth more than twice as much today as it was in early 2019, when it went big into the automated home-flipping business. If the tech sector has to earn its gains next year, many of its stocks still face an uphill battle.

It's not your everyday fake news, explains the New York Times. (Alternate URLs here.) In Pittsburgh; Memphis, Tennessee; and Los Angeles, massive billboards recently popped up declaring, "Birds Aren't Real." On Instagram and TikTok, Birds Aren't Real accounts have racked up hundreds of thousands of followers, and YouTube videos about it have gone viral. Last month, Birds Aren't Real adherents even protested outside Twitter's headquarters in San Francisco to demand that the company change its bird logo.

The events were all connected by a Gen Z-fueled conspiracy theory, which posits that birds do not exist and are really drone replicas installed by the U.S. government to spy on Americans. Hundreds of thousands of young people have joined the movement, wearing Birds Aren't Real T-shirts, swarming rallies and spreading the slogan. It might smack of QAnon, the conspiracy theory that the world is controlled by an elite cabal of child-trafficking Democrats. Except that the creator of Birds Aren't Real and the movement's followers are in on a joke: They know that birds are, in fact, real and that their theory is made up.

What Birds Aren't Real truly is, they say, is a parody social movement with a purpose. In a post-truth world dominated by online conspiracy theories, young people have coalesced around the effort to thumb their nose at, fight and poke fun at misinformation. It is Gen Z's attempt to upend the rabbit hole with absurdism... Most Birds Aren't Real members, many of whom are part of an on-the-ground activism network called the Bird Brigade, grew up in a world overrun with misinformation. Some have relatives who have fallen victim to conspiracy theories. So for members of Gen Z, the movement has become a way to collectively grapple with those experiences. By cosplaying conspiracy theorists, they have found community and kinship [according to 23-year-old Peter McIndoe, who created Birds Aren't Real on a whim in 2017...]

Cameron Kasky, 21, an activist from Parkland, Florida, who helped organize the March for Our Lives student protest against gun violence in 2018 and is involved in Birds Aren't Real, said the parody "makes you stop for a second and laugh. In a uniquely bleak time to come of age, it doesn't hurt to have something to laugh about together."
McIndoe began selling Birds Aren't Real merchandise in 2018, according to the article, and now brings in "several thousand dollars a month" with some help from his friend Connor Gaydos.

"If anyone believes birds aren't real," Gaydos tells the Times, "we're the last of their concerns, because then there's probably no conspiracy they don't believe."

schwit1 writes: At least three U.S. federal agencies, including the military, have purchased China-made video surveillance equipment banned from use in the federal government. Purchasing records seen by TechCrunch and video surveillance news site IPVM show the agencies collectively spent thousands of dollars on purchasing video surveillance equipment manufactured by Lorex, a wholly owned subsidiary of Dahua Technology. Dahua is one of several China-based companies banned from selling to the federal government under a 2019 defense spending law over fears that the technology could help the Chinese government conduct espionage.

The Performance P650 won't beat a top-end Arm chip in a Samsung or Apple smartphone, but the startup believes its designs eventually could. From a report: It's really hard to get a new chip family to catch on when companies like Intel and Qualcomm ship their products by the millions, but SiFive has a faster new design it hopes will carve a niche. The startup on Thursday announced its Performance P650 design, which comes with a 50% speed boost over the P550 that arrived in June. SiFive is one of the most prominent members of RISC-V International, an alliance collectively developing a family of processors using the new RISC-V architecture. That competes against the x86 architecture from Intel and AMD that dominates in PCs and the Arm architecture used by Qualcomm, Samsung, Apple, MediaTek and others to power all smartphones. Unlike x86 and Arm, though, RISC-V is free to use. It's a fresh start its advocates believe will be more economical and efficient.

SiFive doesn't make chips. Instead, it licenses its designs to others that customize them for their own purposes, an approach that's served Arm well. With performance comparable to Arm's two-year-old midrange Cortex A77 design, the P650 won't be ejecting Qualcomm or other Arm designs out of smartphones any time soon. Customers can start evaluating the design in the first quarter of 2022, SiFive said. But if SiFive succeeds with its longer-term plans for better speed, battery life and cost, you could get a SiFive powered phone in a couple years. "By 2023, you're likely to see the first mobile phone with RISC-V," SiFive Chief Executive Patrick Little said in an October interview. "I think we have an excellent shot at the phone."

On Monday morning the moderation team for the Rust programming language "resigned effective immediately," reports The New Stack: The resignation was tendered via a pull request on GitHub, wherein team member Andrew Gallant wrote that the team resigned "in protest of the Core Team placing themselves unaccountable to anyone but themselves."

According to the page describing Rust governance, the moderation team's purpose is to do just that — to help "uphold the code of conduct and community standards" — and according to the resignation letter, they are unable to do so, with the Core Team seemingly being outside of those bounds. "As a result of such structural unaccountability, we have been unable to enforce the Rust Code of Conduct to the standards the community expects of us and to the standards we hold ourselves to," Gallant continues, before making four specific recommendations to the Rust community as to how to move forward.

First, Gallant writes that the Rust community should "come to a consensus on a process for oversight over the Core Team," which he says is currently "answerable only to themselves." Next, the outgoing team recommends that the "replacement for the Mod Team be made by Rust Team Members not on the Core Team," and that this future team "with advice from Rust Team Members, proactively decide how best to handle and discover unhealthy conflict among Rust Team Members," with "professional mediation" also suggested. The final point, which they say is unrelated, is that the next team should "take special care to keep the team of a healthy size and diversity, to the extent possible," something they failed to do themselves. To that point, the outgoing team is just three members, Andre Bogus, Andrew Gallant, and Matthieu M...

The former team concludes their resignation letter, writing that "we have avoided airing specific grievances beyond unaccountability" because they are choosing "to maintain discretion and confidentiality" and that the Rust community and their replacements "exercise extreme skepticism of any statements by the Core Team (or members thereof) claiming to illuminate the situation."
"Our relationship with Core has been deteriorating for months," they add in a thread on Reddit (where the subReddit's moderators have since locked out comments "in light of the volatile nature of this thread.")

There's just one more official update. Thursday former Rust moderation team member Andrew Gallant tweeted the URL to a new post which has now appeared on the "Inside Rust blog" — titled "In response to the moderation team resignation." The post reads: As top-level team leads, project directors to the Foundation, and core team members, we are actively collaborating to establish next steps after the statement from the Rust moderation team. While we are having ongoing conversations to share perspectives on the situation, we'd like to collectively state that we are all committed to the continuity and long term health of the project.

Updates on next steps will be shared with the project and wider community over the next few weeks. In the meantime, we are grateful to the interim moderators who have stepped up to provide moderation continuity to the project.

NFTs are unique blockchain entries through which people can prove that they own something. However, the underlying images can be copied with a single click. This point is illustrated by The NFT Bay which links to a 19.5 Terabyte collection of 'all NFTs' on the Ethereum and Solana blockchains. (UPDATE: One NFT startup is claiming that the collection is mostly just zeroes, and does not in fact contain all of the NFTs.)

But the archive also delivered an important warning message too. TorrentFreak reports: "The Billion Dollar Torrent," as it's called, reportedly includes all the NFTs on the Ethereum and Solana blockchains. These files are bundled in a massive torrent that points to roughly 15 terabytes of data. Unpacked, this adds up to almost 20 terabytes. Australian developer Geoff is the brains behind the platform, which he describes as an art project. Speaking with TorrentFreak, he says that The Pirate Bay was used as inspiration for nostalgic reasons, which needs further explanation.

The NFT Bay is not just any random art project. It does come with a message, perhaps a wake-up call, for people who jump on the NFT bandwagon without fully realizing what they're spending their crypto profits on. "Purchasing NFT art right now is nothing more than directions on how to access or download an image. The image is not stored on the blockchain and the majority of images I've seen are hosted on Web 2.0 storage which is likely to end up as 404 meaning the NFT has even less value." The same warning is more sharply articulated in the torrent's release notes which are styled in true pirate fashion. "[T]his handy torrent contains all of the NFT's so that future generations can study this generation's tulip mania and collectively go..." it reads.

new nukes "A sophisticated electronic sensor buried in hardened metal shells at the tip of a growing number of America's ballistic missiles reflects a significant achievement in weapons engineering that experts say could help pave the way for reductions in the size of the country's nuclear arsenal," reports the Washington Post, "but also might create new security perils." The wires, sensors, batteries and computing gear now being installed on hundreds of the most powerful U.S. warheads give them an enhanced ability to detonate with what the military considers exquisite timing over some of the world's most challenging targets, substantially increasing the probability that in the event of a major conflict, those targets would be destroyed in a radioactive rain of fire, heat and unearthly explosive pressures.

The new components — which determine and set the best height for a nuclear blast — are now being paired with other engineering enhancements that collectively increase what military planners refer to as the individual nuclear warheads' "hard-target kill capability." This gives them an improved ability to destroy Russian and Chinese nuclear-tipped missiles and command posts in hardened silos or mountain sanctuaries, or to obliterate military command and storage bunkers in North Korea, also considered a potential U.S. nuclear target.

The increased destructiveness of the warheads means that in some cases fewer weapons could be needed to ensure that all the objectives in the nation's nuclear targeting plans are fully met, opening a path to future shrinkage of the overall arsenal, current and former U.S. officials said in a number of interviews, in which some spoke on the condition of anonymity to discuss sensitive technology.

Production of the first of many high-yield nuclear warheads containing the gear, developed over the past decade at a cost of billions of dollars, was completed in July for installation on missiles aboard Navy submarines, the National Nuclear Security Administration announced.
The Post notes that the U.S. has now installed the technology on hundreds of submarine-based warheads, doubling their destructive power (according to estimates by a Georgetown professor).

The acting administrator of America's National Nuclear Security Administration called it "the culmination of over a decade of work."

An anonymous reader quotes a report from IEEE Spectrum: In a new study, researchers temporarily made the blood-brain barrier more permeable, allowing a monoclonal antibody to target cancer that had spread to the brain. Scientists made it possible for the drug to cross the barrier -- a protective membrane which prevents most larger molecules from entering the brain -- using focused ultrasound beams guided by magnetic resonance imaging (MRI). Though there has been promising research on the technique, it had never been used to deliver a drug to the brain. Scientists also used a system of radioactive tagging to show that more of the drug had reached the tumors. No patient had notable side effects from the treatment. Though the study was preliminary, it could open the door to treating a whole range of diseases impacting the brain.

In the study, four patients with a type of metastatic breast cancer, Her2-positive, first received a treatment of trastuzumab, a common monoclonal antibody treatment also called Herceptin. Collectively, the patients received 20 treatments -- up to six each. The ultrasound therapy took place inside a high-resolution MRI scanner that the researchers used to target the treatment. The researchers used a hemispheric helmet with 1024 ultrasound transducers to deliver the ultrasound, targeting it by both moving the helmet and adjusting the voltage across individual transducers, causing a slight difference in the phase of the ultrasound that can correct for variations in the thickness of the skull. [...]

While the ultrasound was delivered, the patients were also receiving an infusion of lipid-based microbubbles. In combination with targeted ultrasound, the microbubbles produce the temporary permeability of the blood-brain barrier. Scientists still don't entirely know why this is. In the 1950s, researchers started to notice that ultrasound seemed to break down the blood-brain barrier. Hynynen came across these early studies while doing cancer research and started to try the technique to make the barrier more permeable. But in animal studies, using only ultrasound didn't consistently avoid injury. Only when the researchers tried using microbubbles did they avoid inflicting damage.

An anonymous reader quotes a report from The Wall Street Journal: Stripe is signing up to pay for carbon-removal technologies that haven't been invented yet. The payments company has formed a partnership with Deep Science Ventures, a London investment firm that specializes in building technology companies from the ground up. DSV will recruit scientists to develop ways to remove carbon dioxide from the atmosphere. If they come up with viable concepts, Stripe will be their first customer. It will pay DSV startups $500,000 each up front to capture and store carbon, then a further $1 million if they meet performance milestones.

The new partnership marks an expansion of Stripe's effort to provide a market for unproven technology that could potentially help limit the damage of global warming. The United Nations' scientific panel on climate change says the least-bad global-temperature scenarios depend on people removing billions of tons of planet-warming gases from the atmosphere. It also cautions that companies and governments may never be able to deploy the technology on the scale required to make that happen. Since August 2019, when it promised "to pay, at any available price, for the direct removal of carbon dioxide from the atmosphere and its sequestration in secure, long-term storage," Stripe has committed $9 million to 10 carbon-removal projects.

Stripe's carbon-removal procurement is led by Ryan Orbuch, who was a product manager before focusing on climate, and the team's projects are vetted by a panel of industry experts. Costs vary, with the most expensive service costing more than $2,000 per ton of carbon removed. Scalability is more important than current pricing. Stripe says technologies should have the potential to remove half a gigaton of carbon dioxide a year by 2050 at a cost of $100 per ton, and store it for at least 1,000 years. Stripe has tethered its core business of operating payment infrastructure to its side project. Stripe Climate, a tool introduced in October 2020, lets Stripe's customers divert a percentage of revenue to the carbon-removal pot. Roughly 9,000 of Stripe's millions of business users have enrolled contributing nearly $3 million a year collectively, and roughly 8% of new Stripe users sign up [...].

An anonymous reader quotes a report from The New York Times: As 20,000 government leaders, journalists, activists and celebrities from around the world prepare to descend on Glasgow for a crucial climate summit starting late this month, another high-level international environmental meeting got started this week. The problem it seeks to tackle: A rapid collapse of species and systems that collectively sustain life on earth. The stakes at the two meetings are equally high, many leading scientists say, but the biodiversity crisis has received far less attention. "If the global community continues to see it as a side event, and they continue thinking that climate change is now the thing to really listen to, by the time they wake up on biodiversity it might be too late," said Francis Ogwal, one of the leaders of the working group charged with shaping an agreement among nations. Because climate change and biodiversity loss are intertwined, with the potential for both win-win solutions and vicious cycles of destruction, they must be addressed together, scientists say. But their global summits are separate, and one overshadows the other.

This week, environment officials, diplomats and other observers from around the world gathered online, and a small group assembled in person in Kunming, China, for the meeting, the 15th United Nations biodiversity conference. The United States is the only country in the world besides the Vatican that is not a party to the underlying treaty, the Convention on Biological Diversity, a situation largely attributed to Republican opposition. American representatives participate on the sidelines of the talks, as do scientists and environmental advocates. Because of the pandemic, the conference has been broken into two parts. While this virtual portion was largely about drumming up political will, nations will meet again in China in the spring to ratify a series of targets aimed at tackling biodiversity loss. The aim will be to adopt a pact for nature akin to the Paris Agreement on climate change, said Elizabeth Maruma Mrema, the executive secretary of the convention.

Last year, officials reported that the world's nations largely failed to achieve the targets of the previous global agreement on biodiversity, made in 2010. If the new commitments are not translated into "effective policies and concrete actions," Ms. Mrema said this week at the meeting, "we risk repeating the failures of the last decade." The working draft includes 21 targets that act as a blueprint for reducing biodiversity loss. Many are concrete and measurable, others more abstract. None are easy. They include, in summary: Create a plan, across the entire land and waters of each country, to make the best decisions about where to conduct activities like farming and mining while also retaining intact areas; Ensure that wild species are hunted and fished sustainably and safely; Reduce agricultural runoff, pesticides and plastic pollution; Use ecosystems to limit climate change by storing planet-warming carbon in nature; Reduce subsidies and other financial programs that harm biodiversity by at least $500 billion per year, the estimated amount (PDF) that governments spend supporting fossil fuels and potentially damaging agricultural practices; and Safeguard at least 30 percent of the planet's land and oceans by 2030.

Eight days ago Ozy announced it was shutting down after reports that the news site bought traffic, overstated its cable deals, and at one point even had its Chief Operating Officer impersonate a YouTube executive during a phone call with investors.

Then four days ago, Ozy's CEO said he planned to relaunch the company's newsletters (while looking for new board members) to try to instead revive the company. "Ozy Media boasts that it has more than 26 million subscribers for its newsletters," reports Forbes...

"But former employees say this is another example of deceptive tactics at the embattled digital media company, with most of the email addresses on its newsletter lists either purchased, taken from other companies without their permission or added back to the lists after the recipients unsubscribed — a potentially illegal act." Three ex-employees with knowledge of Ozy's newsletter operations, who asked to remain anonymous because of non-disclosure agreements they signed, said the company on multiple occasions obtained large numbers of email addresses through marketing partnerships it formed with other companies and news outlets. Ozy would offer to send an email for the other company as part of the partnership, and some companies would then share a list of addresses for a supposed one-time message. Instead, the former employees allege, those email addresses would then be permanently added to Ozy's newsletter subscriber list. Among the companies they say Ozy collectively accumulated millions of email addresses from were the McClatchy newspaper chain and the technology magazine Wired, according to two of the former employees.

Ozy would also buy in bulk email addresses from third-party websites like U.S. Data Corporation and Exact Data, ramping up the size of its newsletter following in order to fulfill advertising deals with its clients. After Ozy added batches of new addresses to its mailing lists, many recipients would attempt to unsubscribe from the newsletters only to be kept on the distribution lists and even re-subscribed under the direction of Ozy management, a potential violation of commercial email laws...

Despite a "very small" organic audience and low engagement numbers, according to a source with knowledge of Ozy's newsletter audience, Ozy sent a pitch deck to investors over the summer for its Series D funding round that claimed it was achieving an email open rate of 25%, or (in Ozy's words): "2.5x the industry standard." Ozy founder and CEO Carlos Watson admitted that number was exaggerated during a Monday interview with CNBC, claiming it instead represents the engagement rate among Ozy's "best, most regular people." Watson still claimed this subset of Ozy's audience is between 10 and 12 million people.
Forbes adds that there was no response to their request for a comment from Ozy, McClatchy, and Wired's parent company Conde Nast.

"In 2017, as Julian Assange began his fifth year holed up in Ecuador's embassy in London, the CIA plotted to kidnap the WikiLeaks founder," reports Yahoo News, "spurring heated debate among Trump administration officials over the legality and practicality of such an operation."

The report is based on conversations with more than 30 former U.S. officials, "eight of whom described details of the CIA's proposals to abduct Assange." Some senior officials inside the CIA and the Trump administration even discussed killing Assange, going so far as to request "sketches" or "options" for how to assassinate him. Discussions over kidnapping or killing Assange occurred "at the highest levels" of the Trump administration, said a former senior counterintelligence official. "There seemed to be no boundaries...."

While Assange had been on the radar of U.S. intelligence agencies for years, these plans for an all-out war against him were sparked by WikiLeaks' ongoing publication of extraordinarily sensitive CIA hacking tools, known collectively as "Vault 7," which the agency ultimately concluded represented "the largest data loss in CIA history." President Trump's newly installed CIA director, Mike Pompeo, was seeking revenge on WikiLeaks and Assange, who had sought refuge in the Ecuadorian Embassy since 2012 to avoid extradition to Sweden on rape allegations he denied... The CIA's fury at WikiLeaks led Pompeo to publicly describe the group in 2017 as a "non-state hostile intelligence service." More than just a provocative talking point, the designation opened the door for agency operatives to take far more aggressive actions, treating the organization as it does adversary spy services, former intelligence officials told Yahoo News. Within months, U.S. spies were monitoring the communications and movements of numerous WikiLeaks personnel, including audio and visual surveillance of Assange himself, according to former officials...

There is no indication that the most extreme measures targeting Assange were ever approved, in part because of objections from White House lawyers, but the agency's WikiLeaks proposals so worried some administration officials that they quietly reached out to staffers and members of Congress on the House and Senate intelligence committees to alert them to what Pompeo was suggesting... In late 2017, in the midst of the debate over kidnapping and other extreme measures, the agency's plans were upended when U.S. officials picked up what they viewed as alarming reports that Russian intelligence operatives were preparing to sneak Assange out of the United Kingdom and spirit him away to Moscow... In response, the CIA and the White House began preparing for a number of scenarios to foil Assange's Russian departure plans, according to three former officials. Those included potential gun battles with Kremlin operatives on the streets of London, crashing a car into a Russian diplomatic vehicle transporting Assange and then grabbing him, and shooting out the tires of a Russian plane carrying Assange before it could take off for Moscow. (U.S. officials asked their British counterparts to do the shooting if gunfire was required, and the British agreed, according to a former senior administration official.)
One former senior official told Yahoo News that "It got to the point where every human being in a three-block radius was working for one of the intelligence services — whether they were street sweepers or police officers or security guards."

America's federally-owned electric utility, the Tennessee Valley Authority, has spent billions of dollars with nothing to show for it, reports the Chattanooga Times Free Press.

"Nearly 47 years after construction began on the Bellefonte Nuclear Power Plant in Northeast Alabama, the Tennessee Valley Authority is giving up its construction permit for America's biggest unfinished nuclear plant and abandoning any plans to complete the twin-reactor facility..." Giving up the construction permit at Bellefonte signals the end of any new nuclear plant construction at TVA with only seven of the 17 nuclear reactors the utility once planned to build ever completed.... Since the 1970s, a total of 95 nuclear reactors proposed to be built by U.S. utilities have been canceled due to rising construction costs, slowing power demand and cheapening power alternatives.

The NRC now regulates 93 remaining commercial nuclear reactors at 56 nuclear power plants, including TVA's Sequoyah and Watts Bar nuclear plants in East Tennessee and the Browns Ferry nuclear plant in Athens, Alabama. Collectively, those nuclear plants provide more than 40% of TVA's power and over 20% of the nation's electricity supply... TVA spokesman Jim Hopson said in the past two decades, the growth in power demand in the Tennessee Valley has continued to slow as more energy efficiency measures have been adopted and the price of natural gas, solar power and additional hydroelectric generation has declined in competition with nuclear.
Thanks to long-time Slashdot reader The Real Dr John for sharing the story. And today the Chattanooga Times Free Press opinions editor offered this suggestion: TVA still owns the 1,600-acre site, as well as the plant that has never — and likely now will never — generate the first spark of nuclear-produced electricity. But that doesn't mean it can't make power some other way. A gas plant? Uggh. A wind field? Seems unlikely given the stillness of North Alabama. A solar plant? That could be more of a possibility. All of the transmission equipment and the electrical grid is at the ready...

By now — after siting, building, scrapping, building again, abandoning, putting up for sale, agreeing to sell for pennies on the dollar and finally going to court to defend not selling the Bellefonte Nuclear Plant — TVA ratepayers and taxpayers have lost somewhere between $6 billion (according to TVA) and $9 billion (according to a 2018 letter from five congressmen)... TVA spokesman Jim Hopson said Wednesday that TVA is making no decisions immediately. "But we're not taking anything off the table," he added...

Hopson said TVA's May 2021 "strategic intent and guiding principles" notes the utility has solar commitments to date of more than 2,300 megawatts of solar capacity expected to come online by the end of 2023. Including those projects, TVA expects to add 10,000 megawatts of solar power by 2035 — a 24-fold increase from today.

That 10,000 megawatts of solar power would be equal to more than eight would-be Bellefonte reactors.

The Biden administration is preparing an array of actions, including sanctions [Editor's note: the link may be paywalled, alternative source], to make it harder for hackers to use digital currency to profit from ransomware attacks, WSJ reported Friday, citing people familiar with the matter. From the report: The government hopes to choke off access to a form of payment that has supported a booming criminal industry and a rising national security threat. The Treasury Department plans to impose the sanctions as soon as next week, the people said, and will issue fresh guidance to businesses on the risks associated with facilitating ransomware payments, including fines and other penalties. Later this year, expected new anti-money-laundering and terror-finance rules will seek to limit the use of cryptocurrency as a payment mechanism in ransomware attacks and other illicit activities.

The actions collectively would represent the most significant attempt yet by the Biden administration to undercut the digital finance ecosystem of traders, exchanges and other elements that cybersecurity experts say has allowed debilitating ransomware attacks to flourish in recent years. Senior officials have said ransomware attacks this year have grown more severe than ever and represent a serious threat to critical infrastructure, including power operators, hospitals and banks. The Treasury Department declined to comment and the people familiar with the matter declined to specify the targets of sanctions. But to effectively disrupt illicit crypto transactions, Treasury would need to target the digital wallets that receive ransom transactions, the crypto platforms that help exchange one set of blockchain coins for another to obscure the culprits and the people that own or manage those operations, according to analysts who specialize in such transactions.

An anonymous reader quotes a report from Motherboard: The FCC has announced (PDF) it's investigating deals the broadband industry strikes with landlords that block broadband competition in apartment complexes, condos, and developments. While the FCC passed rules in 2008 attempting to prevent such deals, Internet Service Providers (ISPs) have exploited massive loopholes in the restrictions for more than a decade. "With more than one-third of the U.S. population living in condos and apartment buildings, it's time to take a fresh look at how exclusive agreements between carriers and building owners could lock out broadband competition and consumer choice," interim FCC boss Jessica Rosenworcel said of the announcement. "I look forward to reviewing the record."

The inquiry comes after President Biden signed an executive order in July urging regulators to take a closer look at competition and monopoly issues in several sectors. The order also mandated the creation of a competition council, which urged the FCC to take a closer look at the anticompetitive nature of these arrangements. The FCC's existing rules technically bar landlords and ISPs from colluding to restrict broadband competition. But in a 2016 piece in Wired, Harvard Law Professor Susan Crawford outlined the various ways big telecom wiggles around the restrictions -- often by simply calling what they're doing -- something else. "Sure, a landlord can't enter into an exclusive agreement granting just one ISP the right to provide Internet access service...but a landlord can refuse to sign agreements with anyone other than Big Company X, in exchange for payments labeled in any one of a zillion ways," Crawford wrote. "Exclusivity by any other name still feels just as abusive."

For example, to get around FCC rules expanding access to an ISP's in-building wiring, companies like Comcast or Charter will often deed ownership of these wires to a landlord, then turn around and pay that landlord to ensure that nobody else can have access. Because the landlord now technically owns the wires, the FCC rules no longer apply. ISPs also pay landlords to sign agreements that ban any other competing ISPs from advertising in the building. If you're a landlord that violates such arrangements, you can then expect a nastygram from a company like Comcast for violating your deal. In addition, many landlords will charge "door fees" to any company that needs access to a building to install new wiring, creating an additional layer of difficulty and expense for smaller broadband competitors trying to compete with dominant ISPs. Collectively such restrictions serve the same function as blocking broadband competition outright. Much as it does on the national level, this lack of block by block competition directly contributes to higher prices, slower speeds, and comically-terrible customer service.

The global pipeline of new coal power plants has collapsed since the 2015 Paris climate agreement, according to research that suggests the end of the polluting energy source is in sight. From a report: The report found that more than three-quarters of the world's planned plants have been scrapped since the climate deal was signed, meaning 44 countries no longer have any future coal power plans. The climate groups behind the report -- E3G, Global Energy Monitor and Ember -- said those countries now have the opportunity to join the 40 countries that have already signed up to a "no new coal" commitment to help tackle global carbon emissions. "Only five years ago, there were so many new coal power plants planned to be built, but most of these have now been either officially halted, or are paused and unlikely to ever be built," said Dave Jones, from Ember. "Multiple countries can add their voices to a snowball of public commitments to 'no new coal,' collectively delivering a key milestone to sealing coal's fate."