Jay Newman, who made billions for Elliott Management pursuing Argentina's defaulted debt, wrote a 2022 thriller about corrupt spies and hedge funds. Now federal prosecutors are examining parallels between his novel "Undermoney" and real-world events.

The investigation centers on Amit Forlit, an Israeli private investigator facing U.S. extradition charges for alleged email theft from Argentine officials during Elliott's sovereign debt battle. Prosecutors are probing whether Forlit's alleged $20 million hacking operation aided Elliott's eventual $2.2 billion settlement with Argentina. "There's not that much fiction in 'Undermoney,'" Newman told interviewers while promoting the book, which features Israeli operatives and hedge fund intrigue. Newman and Elliott deny any wrongdoing, with Newman calling suggestions of illegal activity "categorically false."

The probe is examining $20 million paid to a Forlit-controlled company via a consulting firm that worked for Elliott, according to court statements and people familiar with the matter. Forlit denied involvement in hacking during a 2022 deposition. Prosecutors are also investigating Forlit's work for ExxonMobil regarding climate change critics. Neither Elliott nor ExxonMobil has been accused of wrongdoing. Newman, who left Elliott in 2016 with a $70 million bonus after the Argentina settlement, met regularly with Forlit to discuss the Argentine case, WSJ has reported. His novel follows dark money trails through Washington power corridors and Wall Street trading floors, featuring Israeli operatives described as "expensive, but consistent."

Waymo is advancing autonomous driving with a new training model for its robotaxis built on Google's multimodal large language model (MLLM) Gemini. The Verge reports: Waymo released a new research paper today that introduces an "End-to-End Multimodal Model for Autonomous Driving," also known as EMMA. This new end-to-end training model processes sensor data to generate "future trajectories for autonomous vehicles," helping Waymo's driverless vehicles make decisions about where to go and how to avoid obstacles. But more importantly, this is one of the first indications that the leader in autonomous driving has designs to use MLLMs in its operations. And it's a sign that these LLMs could break free of their current use as chatbots, email organizers, and image generators and find application in an entirely new environment on the road. In its research paper, Waymo is proposing "to develop an autonomous driving system in which the MLLM is a first class citizen."

The paper outlines how, historically, autonomous driving systems have developed specific "modules" for the various functions, including perception, mapping, prediction, and planning. This approach has proven useful for many years but has problems scaling "due to the accumulated errors among modules and limited inter-module communication." Moreover, these modules could struggle to respond to "novel environments" because, by nature, they are "pre-defined," which can make it hard to adapt. Waymo says that MLLMs like Gemini present an interesting solution to some of these challenges for two reasons: the chat is a "generalist" trained on vast sets of scraped data from the internet "that provide rich 'world knowledge' beyond what is contained in common driving logs"; and they demonstrate "superior" reasoning capabilities through techniques like "chain-of-thought reasoning," which mimics human reasoning by breaking down complex tasks into a series of logical steps.

Waymo developed EMMA as a tool to help its robotaxis navigate complex environments. The company identified several situations in which the model helped its driverless cars find the right route, including encountering various animals or construction in the road. [...] But EMMA also has its limitations, and Waymo acknowledges that there will need to be future research before the model is put into practice. For example, EMMA couldn't incorporate 3D sensor inputs from lidar or radar, which Waymo said was "computationally expensive." And it could only process a small amount of image frames at a time. There are also risks to using MLLMs to train robotaxis that go unmentioned in the research paper. Chatbots like Gemini often hallucinate or fail at simple tasks like reading clocks or counting objects.

Disney's recently formed Office of Technology Enablement will coordinate the company's exploration, adoption and use of artificial intelligence, AR and VR tech. Engadget reports: It has tapped Jamie Voris, previously the CTO of its Studios Technology division, to oversee the effort. Before joining Disney in 2010, Voris was the chief technology officer at the National Football League. More recently, he led the development of the company's Apple Vision Pro app. Voris will report to Alan Bergman, the co-chairman of Disney Entertainment. Reuters reports the company eventually plans to grow the group to about 100 employees.

"The pace and scope of advances in AI and XR are profound and will continue to impact consumer experiences, creative endeavors, and our business for years to come -- making it critical that Disney explore the exciting opportunities and navigate the potential risks," Bergman wrote in an email Disney shared with Engadget. "The creation of this new group underscores our dedication to doing that and to being a positive force in shaping responsible use and best practices."

A Disney spokesperson told Engadget the Office of Technology Enablement won't take over any existing AI and XR projects at the company. Instead, it will support Disney's other teams, many of which are already working on products that involve those technologies, to ensure their work fits into the company's broader strategic goals. "It is about bringing added focus, alignment, and velocity to those efforts, and about reinforcing our commitment being a positive force in shaping responsible use and best practices," the spokesperson said.

With Windows 10 support set to expire on October 14, 2025, Microsoft is offering a one-time, one-year Extended Security Updates plan for consumers. "For $30, you'll receive 'critical' and 'important' security updates -- basically security patches that will continue to protect your Windows 10 PC from any vulnerabilities," reports PCWorld. "That $30 is for one year's worth of updates, and that's the only option at this time." From the report: Microsoft has been warning users for years that Windows 10 support will expire in 2025, specifically October 14, 2025. At that point, Windows 10 will officially fall out of support: there will be no more feature updates or security patches. On paper, that would mean that any Windows 10 PC will be at risk of any new vulnerabilities that researchers uncover.

Previously, Microsoft had quietly hinted that consumers would be offered the same ESU protections offered to businesses and enterprises, as it did in December 2023 and again in an "editor's note" shared in an April 2024 support post, in which the company said that "details will be shared at a later date for consumers." That time is now, apparently.

Back in December 2023, Microsoft offered the ESU on an annual basis to businesses for three years, one year at a time. The fees would double each year, charging businesses hundreds of dollars for the privilege. Consumers won't be offered the same deal, as a Microsoft representative said via email that it'll be a "one-time, one-year option for $30."

Canada's Communications Security Establishment (CSE) revealed a sustained cyber campaign by the People's Republic of China, targeting Canadian government and private sector networks over the past five years. The report also flagged India, alongside Russia and Iran, as emerging cyber threats. The Register reports: The biennial National Cyber Threat Assessment described the People's Republic of China's (PRC) cyber operations against Canada as "second to none." Their purpose is to "serve high-level political and commercial objectives, including espionage, intellectual property (IP) theft, malign influence, and transnational repression." Over the past four years, at least 20 networks within Canadian government agencies and departments were compromised by PRC cyber threat actors. The CSE assured citizens that all known federal government compromises have been resolved, but warned that "the actors responsible for these intrusions dedicated significant time and resources to learn about the target networks."

The report also alleges that government officials -- particularly those perceived as being critical of the Chinese Communist Party (CCP) -- were attacked. One of those attacks includes an email operation against members of Interparliamentary Alliance on China. The purpose of the cyber attacks is mainly to gain information that would lead to strategic, economic, and diplomatic advantages. The activity appears to have intensified following incidents of bilateral tension between Canada and the PRC, after which Beijing apparently wanted to gather timely intelligence on official reactions and unfolding developments, according to the report. Canada's private sector is also in the firing line, with the CSE suggesting "PRC cyber threat actors have very likely stolen commercially sensitive data from Canadian firms and institutions." Operations that collect information that could support the PRC's economic and military interests are priority targets.

For months, the Colorado Department of State inadvertently exposed partial passwords for voting machines in a public spreadsheet. "While the incident is embarrassing and already fueling accusations from the state's Republican party, the department said in a statement that it 'does not pose an immediate security threat to Colorado's elections, nor will it impact how ballots are counted,'" reports Gizmodo. From the report: Colorado NBC affiliate station 9NEWS reported that Hope Scheppelman, vice chair of the state's Republican party, revealed the error in a mass email sent Tuesday morning, which included an affidavit from a person who claimed to have downloaded the spreadsheet and discovered the passwords by clicking a button to reveal hidden tabs.

In its statement, the Department of State said that there are two unique passwords for each of its voting machines, which are stored in separate places. Additionally, the passwords can only be used by a person who is physically operating the system and voting machines are stored in secure areas that require ID badges to access and are under 24/7 video surveillance.

"The Department took immediate action as soon as it was aware of this, and informed the Cybersecurity and Infrastructure Security Agency, which closely monitors and protects the [country's] essential security infrastructure," The department said, adding that it is "working to remedy this situation where necessary." Colorado voters use paper ballots, ensuring that a physical paper trail that can be used to verify results tabulated electronically.

The BBC interviewed scientists Charley Kline and Bill Duvall 55 years after the first communications were made over a system called Arpanet, short for the Advanced Research Projects Agency Network. "Kline and Duvall were early inventors of networking, networks that would ultimately lead to what is today the Internet," writes longtime Slashdot reader dbialac. "Duvall had basic ideas what might come of the networks, but they had no idea of how much of a phenomenon it would turn into." Here's an excerpt from the interview: BBC: What did you expect Arpanet to become?
Duvall: "I saw the work we were doing at SRI as a critical part of a larger vision, that of information workers connected to each other and sharing problems, observations, documents and solutions. What we did not see was the commercial adoption nor did we anticipate the phenomenon of social media and the associated disinformation plague. Although, it should be noted, that in [SRI computer scientist] Douglas Engelbart's 1962 treatise describing the overall vision, he notes that the capabilities we were creating would trigger profound change in our society, and it would be necessary to simultaneously use and adapt the tools we were creating to address the problems which would arise from their use in society."

What aspects of the internet today remind you of Arpanet?
Duvall: Referring to the larger vision which was being created in Engelbart's group (the mouse, full screen editing, links, etc.), the internet today is a logical evolution of those ideas enhanced, of course, by the contributions of many bright and innovative people and organisations.

Kline: The ability to use resources from others. That's what we do when we use a website. We are using the facilities of the website and its programs, features, etc. And, of course, email. The Arpanet pretty much created the concept of routing and multiple paths from one site to another. That got reliability in case a communication line failed. It also allowed increases in communication speeds by using multiple paths simultaneously. Those concepts have carried over to the internet. Today, the site of the first internet transmission at UCLA's Boetler Hally Room 3420 functions as a monument to technology history (Credit: Courtesy of UCLA) As we developed the communications protocols for the Arpanet, we discovered problems, redesigned and improved the protocols and learned many lessons that carried over to the Internet. TCP/IP [the basic standard for internet connection] was developed both to interconnect networks, in particular the Arpanet with other networks, and also to improve performance, reliability and more.

How do you feel about this anniversary?
Kline: That's a mix. Personally, I feel it is important, but a little overblown. The Arpanet and what sprang from it are very important. This particular anniversary to me is just one of many events. I find somewhat more important than this particular anniversary were the decisions by Arpa to build the Network and continue to support its development.

Duvall: It's nice to remember the origin of something like the internet, but the most important thing is the enormous amount of work that has been done since that time to turn it into what is a major part of societies worldwide.

Banks and regulators are warning that QR code phishing scams -- also known as "quishing" -- are slipping through corporate cyber defences and increasingly tricking customers into giving up their financial details. From a report: Lenders including Santander, HSBC, and TSB have joined the UK National Cyber Security Centre and US Federal Trade Commission among others to raise concerns about a rise in fraudulent QR codes being deployed for sophisticated fraud campaigns.

The new type of email scam often involves criminals sending QR codes in attached PDFs. Experts said the strategy is effective because the messages frequently get through corporate cyber security filters -- software that typically flags malicious website links, but often does not scan images within attachments. "The appeal for criminals is that it's bypassing all of the [cyber security] training and it's also bypassing our products," said Chester Wisniewski, a senior adviser at security software company Sophos.

Boeing received an email from the chief pilot at Ethiopian Airlines on December 1, 2018 with several questions, reports the New York Times (alternate URL here). "in essence the pilot was asking for direction. If we see a series of warnings on the new 737 Max, he posed, what do we do?" What ensued was an email conversation among a number of Boeing senior officials about whether they could answer the pilot's questions without violating international restrictions on disseminating information about a crash while it was still under investigation. That restriction was in play because a 737 Max flown by Lion Air had crashed a few weeks earlier leaving Indonesia. The inquiry from Ethiopian Airlines would prove chillingly prescient because just months later one of its 737s would go down because of a flight control malfunction similar to the one that led to the Lion Air crash. The Ethiopian Airlines crash would kill everyone on board and leave questions about whether Boeing had done everything it could to inform pilots of what it had learned about the malfunction and how to handle it.

In response to the inquiry from Ethiopian Airlines, Boeing's chief pilot, Jim Webb, proposed to his colleagues that he thank the airline for attending a previous briefing on the flight control system, called MCAS, but otherwise decline to answer the pilot's first two questions and just refer the airline to training materials and previously issued guidance. Most of those on the email agreed.
Boeing's eventual response? "I can only address the current system and the Operations Manual Bulletin. The first two questions directly relate to the accident scenario; therefore, I will be unable to address them here." The Times adds that Boeing's chief pilot Jim Webb then "ended the email by stating that if airline officials had any additional questions about the bulletin and system, they should feel free to reach out....

"It is impossible to know whether any pilots with Ethiopian Arlines would have acted differently if Webb's reply had been more forthcoming. But Boeing's limited response to an airline seeking help highlights a missed opportunity to collaborate on safety and to pass along lessons Boeing had collected following the Lion Air jet's crash into the Java Sea on Oct. 29, 2018."

An anonymous reader shares a report: OpenAI says that it doesn't intend to release an AI model code-named Orion this year, countering recent reporting on the company's product roadmap. "We don't have plans to release a model code-named Orion this year," a spokesperson told TechCrunch via email. "We do plan to release a lot of other great technology."

The Verge reported on Thursday that Orion, which is expected to be OpenAI's next frontier model, would launch by December, and that trusted partners would be the first to preview it ahead of a rollout through ChatGPT. According to The Verge, Microsoft, a close OpenAI collaborator and investor, expects to gain access to Orion as early as November.

UnitedHealth Group said a ransomware attack in February resulted in more than 100 million individuals having their private health information stolen. The U.S. Department of Health and Human Services first reported the figure on Thursday. TechCrunch reports: The ransomware attack and data breach at Change Healthcare stands as the largest known digital theft of U.S. medical records, and one of the biggest data breaches in living history. The ramifications for the millions of Americans whose private medical information was irretrievably stolen are likely to be life lasting. UHG began notifying affected individuals in late July, which continued through October. The stolen data varies by individual, but Change previously confirmed that it includes personal information, such as names and addresses, dates of birth, phone numbers and email addresses, and government identity documents, including Social Security numbers, driver's license numbers, and passport numbers. The stolen health data includes diagnoses, medications, test results, imaging and care and treatment plans, and health insurance information -- as well as financial and banking information found in claims and payment data taken by the criminals.

The cyberattack became public on February 21 when Change Healthcare pulled much of its network offline to contain the intruders, causing immediate outages across the U.S. healthcare sector that relied on Change for handling patient insurance and billing. UHG attributed the cyberattack to ALPHV/BlackCat, a Russian-speaking ransomware and extortion gang, which later took credit for the cyberattack. The ransomware gang's leaders later vanished after absconding with a $22 million ransom paid by the health insurance giant, stiffing the group's contractors who carried out the hacking of Change Healthcare out of their new financial windfall. The contractors took the data they stole from Change Healthcare and formed a new group, which extorted a second ransom from UHG, while publishing a portion of the stolen files online in the process to prove their threat.

There is no evidence that the cybercriminals subsequently deleted the data. Other extortion gangs, including LockBit, have been shown to hoard stolen data, even after the victim pays and the criminals claim to have deleted the data. In paying the ransom, Change obtained a copy of the stolen dataset, allowing the company to identify and notify the affected individuals whose information was found in the data. Efforts by the U.S. government to catch the hackers behind ALPHV/BlackCat, one of the most prolific ransomware gangs today, have so far failed. The gang bounced back following a takedown operation in 2023 to seize the gang's dark web leak site. Months after the Change Healthcare breach, the U.S. State Department upped its reward for information on the whereabouts of the ALPHV/BlackCat cybercriminals to $10 million.

Notion, the maker of a popular eponymous note-taking app, appears to be getting ready to launch its own email product, called Notion Mail, TechCrunch reported Thursday, citing sources. From the report: Earlier this year, Notion acquired Skiff, a privacy-focused email service and app. At the time, Skiff said that it would provide a 12-month sunset window to users so that they have enough time to migrate to a different email service. For months, users on Reddit have shared hints of Notion working on its email product.

Some folks found the development environment URL, others reportedly found the login page to the email product. At the time of writing, when TechCrunch entered mail.notion.so in a web browser, "Notion Mail" appeared briefly as the page title with a mail logo... But we were then redirected to Notion's main login page.

Ancient Slashdot reader szo shares a report from Phoronix: Quietly merged into this week's Linux 6.12-rc4 kernel was a patch that removes a number of kernel maintainers from being noted in the official MAINTAINERS file that recognizes all of the driver and subsystem maintainers. [...] [Greg Kroah-Hartman who authored the patch] simply commented in there: "Remove some entries due to various compliance requirements. They can come back in the future if sufficient documentation is provided." [...] The commonality of all these maintainers being dropped? They appear to all be Russian or associated with Russia. Most of them with .ru email addresses. Linux creator Linus Torvalds has since commented on the situation: Ok, lots of Russian trolls out and about. It's entirely clear why the change was done, it's not getting reverted, and using multiple random anonymous accounts to try to "grass root" it by Russian troll factories isn't going to change anything. And FYI for the actual innocent bystanders who aren't troll farm accounts - the "various compliance requirements" are not just a US thing.

If you haven't heard of Russian sanctions yet, you should try to read the news some day. And by "news," I don't mean Russian state-sponsored spam. As to sending me a revert patch - please use whatever mush you call brains. I'm Finnish. Did you think I'd be *supporting* Russian aggression? Apparently it's not just lack of real news, it's lack of history knowledge too.

An anonymous reader quotes a report from Wired: When Canadian developer Peter Todd found out that a new HBO documentary, Money Electric: The Bitcoin Mystery, was set to identify him as Satoshi Nakamoto, the creator of Bitcoin, he was mostly just pissed. "This was clearly going to be a circus," Todd told WIRED in an email. The identity of the person -- or people -- who created Bitcoin has been the subject of speculation since December 2010, when they disappeared from public view. The mystery has proved all the more irresistible for the trove of bitcoin Satoshi is widely believed to have controlled, suspected to be worth many billions of dollars today. When the documentary was released on October 8, Todd joined a long line of alleged Satoshis.

Documentary maker Cullen Hoback, who in a previous film claimed to have identified the individual behind QAnon, laid out his theory to Todd on camera. The confrontation would become the climactic scene of the documentary. But Todd nonetheless claims he didn't see it coming; he alleges he was left with the impression the film was about the history of Bitcoin, not the identity of its creator. Since the documentary aired, Todd has repeatedly and categorically denied that he created Bitcoin: "For the record, I am not Satoshi," he alleges. "I think Cullen made the Satoshi accusation for marketing. He needed a way to get attention for his film."

For his part, Hoback remains confident in his conclusions. The various denials and deflections from Todd, he claims, are part of a grand and layered misdirection. "While of course we can't outright say he is Satoshi, I think that we make a very strong case," says Hoback. Whatever the truth, Todd will now bear the burden of having been unmasked as Satoshi. He has gone into hiding. [...] Todd expects that "continued harassment by crazy people" will become the indefinite status quo. But he says the potential personal safety implications are his chief concern -- and the reason he has gone into hiding. "Obviously, falsely claiming that ordinary people of ordinary wealth are extraordinarily rich exposes them to threats like robbery and kidnapping," says Todd. "Not only is the question dumb, it's dangerous. Satoshi obviously didn't want to be found, for good reasons, and no one should help people trying to find Satoshi." "I think the idea that it puts their life [at risk] is a little overblown," says Hoback. "This person is potentially on track to become the wealthiest on Earth."

"If countries are considering adopting this in their treasuries or making it legal tender, the idea that there's potentially this anonymous figure out there who controls one twentieth of the total supply of digital gold is pretty important."

The Financial Times: In the paediatric centre at one of London's largest hospitals, doctors are confounded each day by a ward computer that is not connected to a printer. The computer is used for managing the daily list of patients. Doctors can only access and update the list, using one shared account. So twice a day, two doctors on the ward said one of them had to log in to this computer, update the patient list, send the list to themselves via NHS email, and then log in to another nearby computer to print it off for the team. "I am at a top London hospital and yet at times I feel as though we are operating in the Stone Age," said one paediatrician on the ward.

Tackling the frustrating delays caused by outdated technology [Editor's note: non-paywalled link] is one of health secretary Wes Streeting and Prime Minister Sir Keir Starmer's core missions, having vowed to shift the service "from an analogue to a digital NHS." The monumental task of moving the world's largest publicly funded health service into the digital age is not lost on doctors working on the frontline of the NHS. While many sectors of the economy have been "radically reshaped" by technology in recent years, a landmark report into the state of the health service in England last month concluded that the NHS stood "in the foothills of digital transformation."

But doctors and nurses point out that the basic infrastructure needs to be brought up to a minimum standard, given significant regional variations between hospitals, before politicians extol the virtues of cutting-edge tech. "Some of us just want the printers to work," noted one NHS hospital doctor. "The complete flip-a-coin nature of how equipped your hospital is is mind-boggling," they added. "I have worked in hospitals that are at least 12 years behind others." A report published in 2022 by the British Medical Association, the UK's main doctors' union, estimated that doctors in England lost 13.5mn working hours a year as a consequence of "inadequate IT systems and equipment." One reason for the outdated infrastructure is that the country has spent almost $48bn less than its peers -- such as Germany, France, Australia -- on health assets since the 2010s, according to a government-commissioned study by Lord Ara Darzi last month.

Session, a small but increasingly popular encrypted messaging app, is moving its operations outside of Australia after the country's federal law enforcement agency visited an employee's residence and asked them questions about the app and a particular user. 404 Media reports: Now Session will be maintained by an entity in Switzerland. The move signals the increasing pressure on maintainers of encrypted messaging apps, both when it comes to governments seeking more data on app users, as well as targeting messaging app companies themselves, like the arrest of Telegram's CEO in August. "Ultimately, we were given the choice between remaining in Australia or relocating to a more privacy-friendly jurisdiction, such as Switzerland. For the project to continue, it could not be centred in Australia," Alex Linton, president of the newly formed Session Technology Foundation (STF) which will publish the Session app, told 404 Media in a statement. The app will still function in Australia, Linton added. Linton said that last year the Australian Federal Police (AFP) visited a Session employee at their home in the country. "There was no warrant used or meeting organised, they just went into their apartment complex and knocked on their front door," Linton said.

The AFP asked about the Session app and company, and the employee's history on the project, Linton added. The officers also asked about an ongoing investigation related to a specific Session user, he added. Linton showed 404 Media an email sent by Session's legal representatives to the AFP which reflected that series of events. Part of Session's frustration around the incident came from the AFP deciding to "visit an employee at home rather than arranging a meeting through our proper (publicly available) channels," Linton said.

Intuit, the maker of TurboTax software, asked technology news outlet The Verge to delete part of a podcast interview with CEO Sasan Goodarzi, The Verge reported on Monday. The request came after Goodarzi was questioned about Intuit's lobbying efforts against free government tax filing options, a topic that has drawn scrutiny from regulators and lawmakers.

The Verge said it declined to remove the segment, instead choosing to highlight the exchange by playing it at the beginning of the episode. In the interview, Goodarzi disputed claims that Intuit lobbies against free tax filing, stating the company spends "a couple of million dollars fighting for simplified taxes." However, The Verge's editor Nilay Patel pressed Goodarzi on reports of Intuit's lobbying against government-provided tax returns. Patel adds: I got a note from Rick Heineman, the chief communications officer at Intuit, who called the line of questioning and my tone "inappropriate," "egregious," and "disappointing" and demanded that we delete that entire section of the recording. I mean, literally -- he wrote a long email that ended with "at the very least the end portion of your interview should be deleted."

A post shared Saturday on social media acknowledges those admins and developers at the Internet Archive working "literally round the clock... They have taken no days off this past week. They are taking none this weekend... they are working with all of their energy and considerable talent."

It describes people "working so incredibly hard... putting their all in," with a top priority of "getting the site back secure and safe".

But there's new and continuing problems, reports The Verge's weekend editor: Early this morning, I received an email from "The Internet Archive Team," replying to a message I'd sent on October 9th. Except its author doesn't seem to have been the digital archivists' support team — it was apparently written by the hackers who breached the site earlier this month and who evidently maintain some level of access to its systems.

I'm not alone. Users on the Internet Archive subreddit are reporting getting the replies, as well. Here is the message I received:

It's dispiriting to see that even after being made aware of the breach 2 weeks ago, IA has still not done the due diligence of rotating many of the API keys that were exposed in their gitlab secrets.

As demonstrated by this message, this includes a Zendesk token with perms to access 800K+ support tickets sent to info@archive.org since 2018.

Whether you were trying to ask a general question, or requesting the removal of your site from the Wayback Machine — your data is now in the hands of some random guy. If not me, it'd be someone else.
The site BleepingComputer believes they know the larger context, starting with the fact that they've also "received numerous messages from people who received replies to their old Internet Archive removal requests... The email headers in these emails also pass all DKIM, DMARC, and SPF authentication checks, proving they were sent by an authorized Zendesk server."

BleepingComputer also writes that they'd "repeatedly tried to warn the Internet Archive that their source code was stolen through a GitLab authentication token that was exposed online for almost two years."

And that "the threat actor behind the actual data breach, who contacted BleepingComputer through an intermediary to claim credit for the attack," has been frustrated by misreporting. (Specifically, they insist there were two separate attacks last week — a DDoS attack and a separate data breach for a 6.4-gigabyte database which includes email addresses for the site's 33 million users.) The threat actor told BleepingComputer that the initial breach of Internet Archive started with them finding an exposed GitLab configuration file on one of the organization's development servers, services-hls.dev.archive.org. BleepingComputer was able to confirm that this token has been exposed since at least December 2022, with it rotating multiple times since then. The threat actor says this GitLab configuration file contained an authentication token allowing them to download the Internet Archive source code. The hacker say that this source code contained additional credentials and authentication tokens, including the credentials to Internet Archive's database management system. This allowed the threat actor to download the organization's user database, further source code, and modify the site.

The threat actor claimed to have stolen 7TB of data from the Internet Archive but would not share any samples as proof. However, now we know that the stolen data also included the API access tokens for Internet Archive's Zendesk support system. BleepingComputer attempted contact the Internet Archive numerous times, as recently as on Friday, offering to share what we knew about how the breach occurred and why it was done, but we never received a response.
"The Internet Archive was not breached for political or monetary reasons," they conclude, "but simply because the threat actor could...

"While no one has publicly claimed this breach, BleepingComputer was told it was done while the threat actor was in a group chat with others, with many receiving some of the stolen data. This database is now likely being traded amongst other people in the data breach community, and we will likely see it leaked for free in the future on hacking forums like Breached."

"The Wayback Machine, Archive-It, scanning, and national library crawls have resumed," announced the Internet Archive Thursday, "as well as email, blog, helpdesk, and social media communications. Our team is working around the clock across time zones to bring other services back online."

Founder Brewster Kahle told The Washington Post it's the first time in its almost 30-year history that it's been down more than a few hours. But their article says the Archive is "fighting back." Kahle and his team see the mission of the Internet Archive as a noble one — to build a "library of everything" and ensure records are kept in an online environment where websites change and disappear by the day. "We're all dreamers," said Chris Freeland, the Internet Archive's director of library services. "We believe in the mission of the Internet Archive, and we believe in the promise of the internet." But the site has, at times, courted controversy. The Internet Archive faces lawsuits from book publishers and music labels brought in 2020 and 2023 for digitizing copyrighted books and music, which the organization has argued should be permissible for noncommercial, archival purposes. Kahle said the hundreds of millions of dollars in penalties from the lawsuits could sink the Internet Archive.

Those lawsuits are ongoing. Now, the Internet Archive has also had to turn its attention to fending off cyberattacks. In May, the Internet Archive was hit with a distributed denial-of-service (DDoS) attack, a fairly common type of internet warfare that involves flooding a target site with fake traffic. The archive experienced intermittent outages as a result. Kahle said it was the first time the site had been targeted in its history... [After another attack October 9th], Kahle and his team have spent the week since racing to identify and fix the vulnerabilities that left the Internet Archive open to attack. The organization has "industry standard" security systems, Kahle said, but he added that, until this year, the group had largely stayed out of the crosshairs of cybercriminals. Kahle said he'd opted not to prioritize additional investments in cybersecurity out of the Internet Archive's limited budget of around $20 million to $30 million a year...

[N]o one has reliably claimed the defacement and data breach that forced the Internet Archive to sequester itself, said [cybersecurity researcher] Scott Helmef. He added that the hackers' decision to alert the Internet Archive of their intrusion and send the stolen data to Have I Been Pwned, the monitoring service, could imply they didn't have further intentions with it.... Helme said the episode demonstrates the vulnerability of nonprofit services like the Internet Archive — and of the larger ecosystem of information online that depends on them. "Perhaps they'll find some more funding now that all of these headlines have happened," Helme said. "And people suddenly realize how bad it would be if they were gone."
"Our priority is ensuring the Internet Archive comes online stronger and more secure," the archive said in Thursday's statement. And they noted other recent-past instances of other libraries also being attacked online: As a library community, we are seeing other cyber attacks — for instance the British Library, Seattle Public Library, Toronto Public Library, and now Calgary Public Library. We hope these attacks are not indicative of a trend."

For the latest updates, please check this blog and our official social media accounts: X/Twitter, Bluesky and Mastodon.

Thank you for your patience and ongoing support.

An anonymous reader quotes a report from MacRumors: Apple today reminded developers that the EU trader requirement in the European Union is now being enforced. Developers who distribute apps in the EU will now need to share information that includes address, phone number, and email address on the EU App Store. Submitting updates for apps on the App Store in the European Union now requires trader information that's added via App Store Connect, with those details shared on each developer's App Store page. App updates can no longer be submitted without trader information, and starting on February 17, 2025, apps that do not have a trader status set will be removed from the App Store in the EU until trader status is provided and verified.

The Digital Services Act (DSA) in the European Union requires Apple to verify and display trader contact information for all "traders" who are distributing apps on the App Store in the European Union. Developers who make money from the App Store through either an upfront purchase price or through in-app purchases are considered traders, regardless of size. Contact information for each developer that is considered a trader will be publicly available, and there will undoubtedly be some developers that are unhappy with the requirement. Independent developers and small companies may not have dedicated business addresses and phone numbers to provide, and will likely be reluctant to provide their personal contact information. You can learn more about the requirements on Apple's website.