"Digital storefront Itch.io is reindexing its free adult games," reports Engadget, "and is talking to its partnered payment processors about plans to gradually reintroduce paid NSFW content..." In a statement included in the Itch.io update, Stripe said it hasn't closed the door on the possibility of being able to support adult content again in the future. In the meantime, Itch.io says it is talking to its other payment partners about accepting the card payments Stripe is currently no longer able to process.
Itch's founder told the gaming news site Aftermath that it was a notice from Visa that led to the sudden deindexing of so many games. But Aftermath notes that Visa and Mastercard have now "both released statements effectively washing their hands of the situation but also, paradoxically, justifying any actions they might have taken."

- Visa: "When a legally operating merchant faces an elevated risk of illegal activity, we require enhanced safeguards for the banks supporting those merchants..."

- Mastercard: "Our payment network follows standards based on the rule of law. Put simply, we allow all lawful purchases on our network. At the same time, we require merchants to have appropriate controls to ensure Mastercard cards cannot be used for unlawful purchases, including illegal adult content."

Aftermath's take? The part where the two companies act as though their hands have been tied by the long arm of the law is, frankly, bullshit. None of the games removed from Steam or Itch were illegal. They depict actions that are perfectly legal in other mediums. To re-quote Mike Stabile, director of policy at the Free Speech Coalition: "The stuff [companies] are talking about is entirely legal. It's legal to have in a book, it's legal to have in a game. They are making decisions based on their brand, based on public pressure from anti-porn groups, and that can be reversed."
Meanwhile, gamers are still pushing back: It's difficult to say just how many people have spent the past several days tying up the lines of card companies and payment processors, but the movement has made itself visible enough to gain support from larger industry bodies like the Communications Workers of America [the largest communications/media labor union in America] and the International Game Developers Association.

An anonymous reader shares a report: Yesterday, when Epic won its Google antitrust lawsuit for a second time, it wasn't quite clear how soon Google would need to start dismantling its affirmed illegal monopoly.

Today, Google admits the answer is: 14 days. Google has just 14 days to enact major changes to its Google Play app store, and the way it does business with phonemakers, cellular carriers, and app developers, unless it wins an emergency stay (pause) from the Ninth Circuit Court of Appeals as it continues to appeal. It must stop forcing apps to use Google Play Billing, allow app developers to freely steer their users to other platforms, and limit the perks it can offer in exchange for preinstalled apps, among other changes.

At this weekend's Comic-Con, "Excitement has been high over the sneak peeks at Tron: Ares and Predator: Badlands," reports CNET. (Nine Inch Nails has even recorded a new song for Tron: Ares .)

A few highlights from CNET's coverage:

• The Coyote vs. Acme movie will hit theaters next year "after being rescued from the pile of scrapped ashes left by Warner Bros. Discovery," with footage screened during a Comic-Con panel.

• The first episode of Alien: Earth was screened before its premiere August 12th on FX.

• A panel reunited creators of the animated Avatar: The Last Airbender for its 20th anniversary — and discussed the upcoming sequel series Avatar: Seven Havens.

• A trailer dropped for the new Star Trek: Starfleet Academy series on Paramount+ ("Star Trek Goes Full Gen Z..." quips one headline.)

To capture some of the ambience, the Guardian has a collection of cosplayer photos. CNET notes there's even booths for Lego and Hot Wheels (which released toys commemorating the 40th anniversary of Back to the Future and the 50th anniversary of Jaws).

But while many buildings are "wrapped" with slick advertisements, SFGate notes the ads are technically illegal, "with penalties for each infraction running up to $1,000 per day," (according to the San Diego Union-Tribune). "Last year's total ended up at $22,500."

The Union-Tribune notes that "The fines are small enough that advertisers clearly think it is worth it, with about 30 buildings in the process of being wrapped Monday morning."

The Verge's Emma Roth reports: The News/Media Alliance, a trade association behind major news publishers, announced that it has "successfully secured" the removal of 12ft.io, a website that helped users bypass paywalls online. The trade association says 12ft.io's webhost took down the site on July 14th "following the News/Media Alliance's efforts." 12ft.io -- or 12 Foot Ladder -- also allowed users to view webpages without ads, trackers, or pop-ups by disguising a user's browser as a web crawler, giving them unfettered access to a webpage's contents. Software engineer Thomas Millar says he created the site when he realized "8 of the top 10 links on Google were paywalled" when doing research during the pandemic. [...]

In its announcement, News/Media Alliance says 12ft.io "offered illegal circumvention technology" that allowed users to access copyrighted content without paying for it. The organization adds that it will take "similar actions" against other sites that let users get around paywalls. The News Media Alliance recently called Google's AI Mode "theft." (Like many chatbots, Google's AI Mode eliminates the need to visit a website, starving publishers of the pageviews they need to be compensated for their work.) "Publishers commit significant resources to creating the best and most informative content for consumers, and illegal tools like 12ft.io undermine their ability to financially support that work through subscriptions and ad revenue," News/Media Alliance president and CEO Danielle Coffey said in the press release. "Taking down paywall bypassers is an essential part of ensuring we have a healthy and sustainable information ecosystem."

France, Spain, Italy, Denmark, and Greece will pilot an age verification app to better protect children online, as part of the EU's push to enforce its Digital Services Act. Reuters reports: The setup for the age verification app is built on the same technical specifications as the European Digital Identity Wallet which will be rolled out next year. The five countries can customize the model according to their requirements, integrate into a national app or keep it separately. The landmark legislation, which became applicable last year, requires Alphabet's Google, Meta, ByteDance's TikTok and other online companies to do more to tackle illegal and harmful online content. EU regulators said the new guidelines would help online platforms to tackle addictive design, cyberbullying, harmful content and unwanted contact from strangers.

An anonymous reader quotes a report from Ars Technica: Epic Games, buoyed by the massive success of Fortnite, has spent the last few years throwing elbows in the mobile industry to get its app store on more phones. It scored an antitrust win against Google in late 2023, and the following year it went after Samsung for deploying "Auto Blocker" on its Android phones, which would make it harder for users to install the Epic Games Store. Now, the parties have settled the case just days before Samsung will unveil its latest phones.

The Epic Store drama began several years ago when the company defied Google and Apple rules about accepting outside payments in the mega-popular Fortnite. Both stores pulled the app, and Epic sued. Apple emerged victorious, with Fortnite only returning to the iPhone recently. Google, however, lost the case after Epic showed it worked behind the scenes to stymie the development of app stores like Epic's. Google is still working to avoid penalties in that long-running case, but Epic thought it smelled a conspiracy last year. It filed a similar lawsuit against Samsung, accusing it of implementing a feature to block third-party app stores. The issue comes down to the addition of a feature to Samsung phones called Auto Blocker, which is similar to Google's new Advanced Protection in Android 16. It protects against attacks over USB, disables link previews, and scans apps more often for malicious activity. Most importantly, it blocks app sideloading. Without sideloading, there's no way to install the Epic Games Store or any of the content inside it.

Auto Blocker is enabled by default on Samsung phones, but users can opt out during setup. Epic claimed in its suit that the sudden inclusion of this feature was a sign that Google was working with Samsung to stand in the way of alternative app stores again. Epic has apparently gotten what it wanted from Samsung -- CEO Tim Sweeney has announced that Epic is dropping the case in light of a new settlement. Sweeney said Samsung "will address Epic's concerns," without elaborating on the details. Samsung may stop making Auto Blocker the default or create a whitelist of apps, like the Epic Games Store, that can bypass Auto Blocker. Another possibility is that Epic and select third-party stores are granted special access while Auto Blocker remains on for others, balancing security and openness.

A "more interesting outcome," according to Ars, would be for Samsung to pre-install the Epic Games Store on its new phones.

"California residents who lit illegal fireworks over the July 4 holiday may be in for a nasty surprise in the mail thanks to covert fire department operations," reports SFGate.

"A number of California cities, including Sacramento, have begun using drones to locate people shooting off illegal fireworks." From Wednesday to Saturday night, the Sacramento Fire Department's special fireworks task force patrolled the streets with unmarked cars and drones, focusing on neighborhoods where they've had prior complaints. Task force officers and the drones took photos of the illegal activity, and within 30 days the property owner where the fireworks were used could receive a fine in the mail...

This year, Sacramento upped the fine to $1,000 for the first firework, $2,500 for the second and $5,000 per firework after that. If you lit a firework on city property, such as a park or a school, the fine goes up to $10,000 each. There's no limit to how many fines you can be issued... This year, a number of cities across the state announced they would be using drones to find scofflaws, among them Indio, Riverside, Hemet, Brea and towns in Tulare County...

Fox40 reported on Saturday that around 60 citations were being prepared in Sacramento, with more likely on the way as fire officials review surveillance footage.
Last year for illegal fireworks, one Sacramento-area resident received a $100,000 fine.

After past damage to undersea cables, Denmark will boost their surveillance of Baltic Sea/North Sea waters by deploying four uncrewed surface vessels — about 10 meters long — that are equipped with drones and also AI, reports Euronews.

The founder/CEO of the company that makes the vessels — Saildrone — says they'll work "like a truck" that "carries the sensors." And then "we use on-board sophisticated machine learning and AI to fuse that data to give us a full picture of what's above and below the surface." Powered by solar and wind energy, they can operate autonomously for months at sea. [Saildrone] said the autonomous sailboats can support operations such as illegal fishing detection, border enforcement, and strategic asset protection... The four "Voyagers" will be first in operation for a three-month trial, as Denmark and NATO allies aim at extending maritime presence, especially around critical undersea infrastructure such as fibre optic cables and power lines. NATO and its allies have increased sea patrolling following several incidents.

The goal isn't to stop generative music, but to make it traceable, reports the Verge — "to identify it early, tag it with metadata, and govern how it moves through the system...."

"Detection systems are being embedded across the entire music pipeline: in the tools used to train models, the platforms where songs are uploaded, the databases that license rights, and the algorithms that shape discovery." Platforms like YouTube and [French music streaming service] Deezer have developed internal systems to flag synthetic audio as it's uploaded and shape how it surfaces in search and recommendations. Other music companies — including Audible Magic, Pex, Rightsify, and SoundCloud — are expanding detection, moderation, and attribution features across everything from training datasets to distribution... Vermillio and Musical AI are developing systems to scan finished tracks for synthetic elements and automatically tag them in the metadata. Vermillio's TraceID framework goes deeper by breaking songs into stems — like vocal tone, melodic phrasing, and lyrical patterns — and flagging the specific AI-generated segments, allowing rights holders to detect mimicry at the stem level, even if a new track only borrows parts of an original. The company says its focus isn't takedowns, but proactive licensing and authenticated release... A rights holder or platform can run a finished track through [Vermillo's] TraceID to see if it contains protected elements — and if it does, have the system flag it for licensing before release.

Some companies are going even further upstream to the training data itself. By analyzing what goes into a model, their aim is to estimate how much a generated track borrows from specific artists or songs. That kind of attribution could enable more precise licensing, with royalties based on creative influence instead of post-release disputes...

Deezer has developed internal tools to flag fully AI-generated tracks at upload and reduce their visibility in both algorithmic and editorial recommendations, especially when the content appears spammy. Chief Innovation Officer Aurélien Hérault says that, as of April, those tools were detecting roughly 20 percent of new uploads each day as fully AI-generated — more than double what they saw in January. Tracks identified by the system remain accessible on the platform but are not promoted... Spawning AI's DNTP (Do Not Train Protocol) is pushing detection even earlier — at the dataset level. The opt-out protocol lets artists and rights holders label their work as off-limits for model training.
Thanks to long-time Slashdot reader SonicSpike for sharing the article.

Denmark has deployed four uncrewed robotic sailboats (known as "Voyagers") for a three-month trial to boost maritime surveillance amid rising tensions in the Baltic region. The Associated Press reports: Built by Alameda, California-based company Saildrone, the vessels will patrol Danish and NATO waters in the Baltic and North Seas, where maritime tensions and suspected sabotage have escalated sharply since Russia's full-scale invasion of Ukraine on Feb. 24, 2022. Two of the Voyagers launched Monday from Koge Marina, about 40 kilometers (25 miles) south of the Danish capital, Copenhagen. Powered by wind and solar energy, these sea drones can operate autonomously for months at sea. Saildrone says the vessels carry advanced sensor suites -- radar, infrared and optical cameras, sonar and acoustic monitoring. Their launch comes after two others already joined a NATO patrol on June 6.

Saildrone founder and CEO Richard Jenkins compared the vessels to a "truck" that carries sensors and uses machine learning and artificial intelligence to give a "full picture of what's above and below the surface" to about 20 to 30 miles (30 to 50 kilometers) in the open ocean. He said that maritime threats like damage to undersea cables, illegal fishing and the smuggling of people, weapons and drugs are going undetected simply because "no one's observing it." Saildrone, he said, is "going to places ... where we previously didn't have eyes and ears." The Danish Defense Ministry says the trial is aimed at boosting surveillance capacity in under-monitored waters, especially around critical undersea infrastructure such as fiber-optic cables and power lines.

An anonymous reader quotes a report from 404 Media: Almost two dozen digital rights and consumer protection organizations sent a complaint to the Federal Trade Commission on Thursday urging regulators to investigate Character.AI and Meta's "unlicensed practice of medicine facilitated by their product," through therapy-themed bots that claim to have credentials and confidentiality "with inadequate controls and disclosures." The complaint and request for investigation is led by the Consumer Federation of America (CFA), a non-profit consumer rights organization. Co-signatories include the AI Now Institute, Tech Justice Law Project, the Center for Digital Democracy, the American Association of People with Disabilities, Common Sense, and 15 other consumer rights and privacy organizations. "These companies have made a habit out of releasing products with inadequate safeguards that blindly maximizes engagement without care for the health or well-being of users for far too long," Ben Winters, CFA Director of AI and Privacy said in a press release on Thursday. "Enforcement agencies at all levels must make it clear that companies facilitating and promoting illegal behavior need to be held accountable. These characters have already caused both physical and emotional damage that could have been avoided, and they still haven't acted to address it."

The complaint, sent to attorneys general in 50 states and Washington, D.C., as well as the FTC, details how user-generated chatbots work on both platforms. It cites several massively popular chatbots on Character AI, including "Therapist: I'm a licensed CBT therapist" with 46 million messages exchanged, "Trauma therapist: licensed trauma therapist" with over 800,000 interactions, "Zoey: Zoey is a licensed trauma therapist" with over 33,000 messages, and "around sixty additional therapy-related 'characters' that you can chat with at any time." As for Meta's therapy chatbots, it cites listings for "therapy: your trusted ear, always here" with 2 million interactions, "therapist: I will help" with 1.3 million messages, "Therapist bestie: your trusted guide for all things cool," with 133,000 messages, and "Your virtual therapist: talk away your worries" with 952,000 messages. It also cites the chatbots and interactions I had with Meta's other chatbots for our April investigation. [...]

In its complaint to the FTC, the CFA found that even when it made a custom chatbot on Meta's platform and specifically designed it to not be licensed to practice therapy, the chatbot still asserted that it was. "I'm licenced (sic) in NC and I'm working on being licensed in FL. It's my first year licensure so I'm still working on building up my caseload. I'm glad to hear that you could benefit from speaking to a therapist. What is it that you're going through?" a chatbot CFA tested said, despite being instructed in the creation stage to not say it was licensed. It also provided a fake license number when asked. The CFA also points out in the complaint that Character.AI and Meta are breaking their own terms of service. "Both platforms claim to prohibit the use of Characters that purport to give advice in medical, legal, or otherwise regulated industries. They are aware that these Characters are popular on their product and they allow, promote, and fail to restrict the output of Characters that violate those terms explicitly," the complaint says. [...] The complaint also takes issue with confidentiality promised by the chatbots that isn't backed up in the platforms' terms of use. "Confidentiality is asserted repeatedly directly to the user, despite explicit terms to the contrary in the Privacy Policy and Terms of Service," the complaint says. "The Terms of Use and Privacy Policies very specifically make it clear that anything you put into the bots is not confidential -- they can use it to train AI systems, target users for advertisements, sell the data to other companies, and pretty much anything else."

An anonymous reader shared this report from SFGate about a lawsuit alleging a "warrantless drone surveillance program" that's "trampling residents' right to privacy": Sonoma County has been accused of deploying hundreds of drone flights over residents in a "runaway spying operation"... according to a lawsuit filed Wednesday by the American Civil Liberties Union. The North Bay county of Sonoma initially started the 6-year-old drone program to track illegal cannabis cultivation, but the lawsuit alleges that officials have since turned it into a widespread program to catch unrelated code violations at residential properties and levy millions of dollars in fines. The program has captured 5,600 images during more than 700 flights, the lawsuit said...

Matt Cagle, a senior staff attorney with the ACLU Foundation of Northern California, said in a Wednesday news release that the county "has hidden these unlawful searches from the people they have spied on, the community, and the media...." The lawsuit says the county employees used the drones to spy on private homes without first receiving a warrant, including photographing private areas like hot tubs and outdoor baths, and through curtainless windows.
One plaintiff "said the county secretly used the drone program to photograph her Sonoma County horse stable and issue code violations," according to the article. She only discovered the use of the drones after a county employee mentioned they had photos of her property, according to the lawsuit. She then filed a public records request for the images, which left her "stunned" after seeing that the county employees were monitoring her private property including photographing her outdoor bathtub and shower, the lawsuit said.

Mirnotoriety shares a report from the Independent: Downing Street is exploring a proposal to introduce digital ID cards for every adult in Britain in a move to tackle the UK's illegal migration crisis, according to reports. The new "BritCard" would be used to check on an individual's right to live and work in Britain, with senior No 10 figures examining the proposal, The Times has reported.

The card, stored on a smartphone, would reportedly be linked to government records and could check entitlements to benefits and monitor welfare fraud. [...] ... it would cost up to 400 million pounds to build the system and around 10 million pounds a year to administer as a free-to-use phone app.

California law prohibits "operating" a mobile phone while driving. And that makes it illegal for a driver to hold a cellphone in order to look at a map, a state appeals court ruled this week. From a report: In a 2016 law intended to strengthen previous restrictions, "the Legislature intended to prohibit all handheld functions of wireless telephones while driving" and "to encourage drivers to keep their eyes on the road," said the 6th District Court of Appeal.

A Superior Court panel had reversed a driver's conviction for a traffic infraction and $158 fine in San Jose, ruling that the law prohibited only "actively using or manipulating" a hand-held phone for actions such as talking or listening, browsing the internet or playing video games while driving. The appeals court reinstated the conviction and the fine, in a ruling that could set a statewide standard unless it is narrowed or overturned on appeal.

An anonymous reader quotes a report from the BBC: A lack of action by big tech firms is enabling the "industrial scale theft" of premium video services, especially live sport, a new report says. The research by Enders Analysis accuses Amazon, Google, Meta and Microsoft of "ambivalence and inertia" over a problem it says costs broadcasters revenue and puts users at an increased risk of cyber-crime. Gareth Sutcliffe and Ollie Meir, who authored the research, described the Amazon Fire Stick -- which they argue is the device many people use to access illegal streams -- as "a piracy enabler." [...] The device plugs into TVs and gives the viewer thousands of options to watch programs from legitimate services including the BBC iPlayer and Netflix. They are also being used to access illegal streams, particularly of live sport.

In November last year, a Liverpool man who sold Fire Stick devices he reconfigured to allow people to illegally stream Premier League football matches was jailed. After uploading the unauthorized services on the Amazon product, he advertised them on Facebook. Another man from Liverpool was given a two-year suspended sentence last year after modifying fire sticks and selling them on Facebook and WhatsApp. According to data for the first quarter of this year, provided to Enders by Sky, 59% of people in UK who said they had watched pirated material in the last year while using a physical device said they had used a Amazon fire product. The Enders report says the fire stick enables "billions of dollars in piracy" overall. [...]

The researchers also pointed to the role played by the "continued depreciation" of Digital Rights Management (DRM) systems, particularly those from Google and Microsoft. This technology enables high quality streaming of premium content to devices. Two of the big players are Microsoft's PlayReady and Google's Widevine. The authors argue the architecture of the DRM is largely unchanged, and due to a lack of maintenance by the big tech companies, PlayReady and Widevine "are now compromised across various security levels." Mr Sutcliffe and Mr Meir said this has had "a seismic impact across the industry, and ultimately given piracy the upper hand by enabling theft of the highest quality content." They added: "Over twenty years since launch, the DRM solutions provided by Google and Microsoft are in steep decline. A complete overhaul of the technology architecture, licensing, and support model is needed. Lack of engagement with content owners indicates this a low priority."

An anonymous reader quotes a report from The Verge: Secretary of State Marco Rubio announced Wednesday that the U.S. would restrict visas for "foreign nationals who are responsible for censorship of protected expression in the United States." He called it "unacceptable for foreign officials to issue or threaten arrest warrants on U.S. citizens or U.S. residents for social media posts on American platforms while physically present on U.S. soil" and "for foreign officials to demand that American tech platforms adopt global content moderation policies or engage in censorship activity that reaches beyond their authority and into the United States."

It's not yet clear how or against whom the policy will be enforced, but seems to implicate Europe's Digital Services Act, a law that came into effect in 2023 with the goal of making online platforms safer by imposing requirements on the largest platforms around removing illegal content and providing transparency about their content moderation. Though it's not mentioned directly in the press release about the visa restrictions, the Trump administration has slammed the law on multiple occasions, including in remarks earlier this year by Vice President JD Vance.

The State Department's homepage currently links to an article on its official Substack, where senior advisor for the Bureau of Democracy, Human Rights, and Labor Samuel Samson critiques the DSA as a tool to "silence dissident voices through Orwellian content moderation." He adds, "Independent regulators now police social media companies, including prominent American platforms like X, and threaten immense fines for non-compliance with their strict speech regulations." "We will not tolerate encroachments upon American sovereignty," Rubio says in the announcement, "especially when such encroachments undermine the exercise of our fundamental right to free speech."

An anonymous reader quotes a report from The Guardian: Hacked AI-powered chatbots threaten to make dangerous knowledge readily available by churning out illicit information the programs absorb during training, researchers say. [...] In a report on the threat, the researchers conclude that it is easy to trick most AI-driven chatbots into generating harmful and illegal information, showing that the risk is "immediate, tangible and deeply concerning." "What was once restricted to state actors or organised crime groups may soon be in the hands of anyone with a laptop or even a mobile phone," the authors warn.

The research, led by Prof Lior Rokach and Dr Michael Fire at Ben Gurion University of the Negev in Israel, identified a growing threat from "dark LLMs", AI models that are either deliberately designed without safety controls or modified through jailbreaks. Some are openly advertised online as having "no ethical guardrails" and being willing to assist with illegal activities such as cybercrime and fraud. [...] To demonstrate the problem, the researchers developed a universal jailbreak that compromised multiple leading chatbots, enabling them to answer questions that should normally be refused. Once compromised, the LLMs consistently generated responses to almost any query, the report states.

"It was shocking to see what this system of knowledge consists of," Fire said. Examples included how to hack computer networks or make drugs, and step-by-step instructions for other criminal activities. "What sets this threat apart from previous technological risks is its unprecedented combination of accessibility, scalability and adaptability," Rokach added. The researchers contacted leading providers of LLMs to alert them to the universal jailbreak but said the response was "underwhelming." Several companies failed to respond, while others said jailbreak attacks fell outside the scope of bounty programs, which reward ethical hackers for flagging software vulnerabilities.

An anonymous reader quotes a report from Ars Technica: On Thursday, Telegram announced it had removed two huge black markets estimated to have generated more than $35 billion since 2021 by serving cybercriminals and scammers. Blockchain research firm Elliptic told Reuters that the Chinese-language markets Xinbi Guarantee and Huione Guarantee together were far more lucrative than Silk Road, an illegal drug marketplace that the FBI notoriously seized in 2013, which was valued at about $3.4 billion. Both markets were forced offline on Tuesday, Elliptic reported, and already, Huione Guarantee has confirmed that its market will cease to operate entirely due to the Telegram removal.

The disruption of both markets will be "a big blow for online fraudsters," Elliptic confirmed, cutting them off from a dependable source for "stolen data, money laundering services, and telecoms infrastructure." [...] Elliptic reported that Telegram connected black markets with an audience of a billion users, noting that Telegram tried to remove several Huione Guarantee channels earlier this year, but "the marketplace was ready" with backups and remained online until this week. Wired suggested that Huione Guarantee "operated in plain sight" on Telegram for years. But Telegram suggested it just discovered it. Huione Guarantee is a subsidiary of Huione Group, which was recently sanctioned by the U.S. Treasury for supporting "criminal syndicates who have stolen billions of dollars from Americans." According to Reuters, that included allegedly laundering "at least $37 million in crypto from cyber heists by North Korea and $36 million of crypto from so-called 'pig butchering' scams."

Business Insider tells the story in three bullet points:

- Big Tech companies depend on content made by others to train their AI models.

- Some of those creators say using their work to train AI is copyright infringement.

- The U.S. Copyright Office just published a report that indicates it may agree.

The office released on Friday its latest in a series of reports exploring copyright laws and artificial intelligence. The report addresses whether the copyrighted content AI companies use to train their AI models qualifies under the fair use doctrine. AI companies are probably not going to like what they read...

AI execs argue they haven't violated copyright laws because the training falls under fair use. According to the U.S. Copyright Office's new report, however, it's not that simple. "Although it is not possible to prejudge the result in any particular case, precedent supports the following general observations," the office said. "Various uses of copyrighted works in AI training are likely to be transformative. The extent to which they are fair, however, will depend on what works were used, from what source, for what purpose, and with what controls on the outputs — all of which can affect the market."

The office made a distinction between AI models for research and commercial AI models. "When a model is deployed for purposes such as analysis or research — the types of uses that are critical to international competitiveness — the outputs are unlikely to substitute for expressive works used in training," the office said. "But making commercial use of vast troves of copyrighted works to produce expressive content that competes with them in existing markets, especially where this is accomplished through illegal access, goes beyond established fair use boundaries."
The report says outputs "substantially similar to copyrighted works in the dataset" are less likely to be considered transformative than when the purpose "is to deploy it for research, or in a closed system that constrains it to a non-substitutive task."

Business Insider adds that "A day after the office released the report, President Donald Trump fired its director, Shira Perlmutter, a spokesperson told Business Insider."

An anonymous reader quotes a report from BleepingComputer: Law enforcement authorities have dismantled a botnet that infected thousands of routers over the last 20 years to build two networks of residential proxies known as Anyproxy and 5socks. The U.S. Justice Department also indicted three Russian nationals (Alexey Viktorovich Chertkov, Kirill Vladimirovich Morozov, and Aleksandr Aleksandrovich Shishkin) and a Kazakhstani (Dmitriy Rubtsov) for their involvement in operating, maintaining, and profiting from these two illegal services.

During this joint action dubbed 'Operation Moonlander,' U.S. authorities worked with prosecutors and investigators from the Dutch National Police, the Netherlands Public Prosecution Service (Openbaar Ministerie), and the Royal Thai Police, as well as analysts with Lumen Technologies' Black Lotus Labs. Court documents show that the now-dismantled botnet infected older wireless internet routers worldwide with malware since at least 2004, allowing unauthorized access to compromised devices to be sold as proxy servers on Anyproxy.net and 5socks.net. The two domains were managed by a Virginia-based company and hosted on servers globally.

On Wednesday, the FBI also issued a flash advisory (PDF) and a public service announcement warning that this botnet was targeting patch end-of-life (EoL) routers with a variant of the TheMoon malware. The FBI warned that the attackers are installing proxies later used to evade detection during cybercrime-for-hire activities, cryptocurrency theft attacks, and other illegal operations. The list of devices commonly targeted by the botnet includes Linksys and Cisco router models, including:

- Linksys E1200, E2500, E1000, E4200, E1500, E300, E3200, E1550
- Linksys WRT320N, WRT310N, WRT610N
- Cisco M10 and Cradlepoint E100 "The botnet controllers require cryptocurrency for payment. Users are allowed to connect directly with proxies using no authentication, which, as documented in previous cases, can lead to a broad spectrum of malicious actors gaining free access," Black Lotus Labs said. "Given the source range, only around 10% are detected as malicious in popular tools such as VirusTotal, meaning they consistently avoid network monitoring tools with a high degree of success. Proxies such as this are designed to help conceal a range of illicit pursuits including ad fraud, DDoS attacks, brute forcing, or exploiting victim's data."