"The major online platforms are breaking up with news," reports the New York Times: Campbell Brown, Facebook's top news executive, said this month that she was leaving the company. Twitter, now known as X, removed headlines from the platform days later. The head of Instagram's Threads app, an X competitor, reiterated that his social network would not amplify news. Even Google — the strongest partner to news organizations over the past 10 years — has become less dependable, making publishers more wary of their reliance on the search giant. The company has laid off news employees in two recent team reorganizations, and some publishers say traffic from Google has tapered off... Some executives of the largest tech companies, like Adam Mosseri at Instagram, have said in no uncertain terms that hosting news on their sites can often be more trouble than it is worth because it generates polarized debates...

Publishers seem resigned to the idea that traffic from the big tech companies will not return to what it once was. Even in the long-fractious relationship between publishers and tech platforms, the latest rift stands out — and the consequences for the news industry are stark. Many news companies have struggled to survive after the tech companies threw the industry's business model into upheaval more than a decade ago. One lifeline was the traffic — and, by extension, advertising — that came from sites like Facebook and Twitter. Now that traffic is disappearing. Top news sites got about 11.5% of their web traffic in the United States from social networks in September 2020, according to Similarweb, a data and analytics company. By September this year, it was down to 6.5%...

The sharp decline in referral traffic from social media platforms over the past two years has hit all news publishers, including The New York Times. The Wall Street Journal noticed a decline starting about 18 months ago, according to a recording of a September staff meeting obtained by the Times. "We are at the mercy of social algorithms and tech giants for much of our distribution," Emma Tucker, the Journal's editor-in-chief, told the newsroom in the meeting...

Google cut some members of its news partnership team in September, and this week it laid off as many as 45 workers from its Google News team, the Alphabet Workers Union said. (The Information, a tech news website, reported the Google News layoffs earlier.) "We've made some internal changes to streamline our organization," Jenn Crider, a Google spokesperson, said in a statement... Jaffer Zaidi [Google's vice president of global news partnerships], wrote in an internal memo reviewed by the Times that the team would be adopting more artificial intelligence. "We had to make some difficult decisions to better position our team for what lies ahead," he wrote...

Privately, a number of publishers have discussed what a post-Google traffic future may look like and how to better prepare if Google's AI products become more popular and further bury links to news publications.

An anonymous reader quotes a report from TorrentFreak: Founded in 2011, AnonFiles.com became known as a popular hosting service that allowed users to share files up to 20GB without download restrictions. As the name suggests, registering an account wasn't required either; both up and downloading files was totally anonymous. The same also applies to BayFiles.com, an affiliated file-hosting service that was launched by The Pirate Bay. Both sites launched around the same time and shared a similar design and identical features. Both sites had millions of visitors but AnonFiles stood out with over 18 million visitors a month. This popularity didn't go unnoticed by rightsholders, who repeatedly flagged AnonFiles as a "notorious" pirate site.

Rightsholders and law enforcement authorities were not the only ones unhappy with the illegal content posted to the site. For AnonFiles' operators, it caused major problems too. The current owners purchased the site two years ago but didn't expect the abuse to be so massive that the only option would be to shut it down. According to a goodbye message posted on the site, they simply can't continue. "After trying endlessly for two years to run a file sharing site with user anonymity, we have been tired of handling the extreme volumes of people abusing it and the headaches it has created for us."

The operators tried to contain the abuse by setting up all sorts of automated filters and filename restrictions, taking thousands of false positives for granted, but that didn't help much. With tens of millions of uploads and petabytes of data, no anti-abuse measure was sufficient. And when the site's proxy service pulled the plug a few days ago, AnonFiles decided to call it quits. "We have auto banned contents of hundreds of thousands files. Banned file names and also banned specific usage patterns connected to abusive material," the AnonFiles team writes. "Even after all this the high volume of abuse will not stop. This is not the kind of work we imagine when acquiring it and recently our proxy provider shut us down. This can not continue." The current owners have invited others to buy the domain name and give it a shot themselves.

An anonymous reader shared this report from CNBC: The mastermind behind a ransomware hosting service that allegedly helped criminals collect more than 5,000 bitcoin in ransom from hundreds of victims was indicted in federal court this week, prosecutors announced Thursday. Artur Grabowski's LolekHosted service operated for about a decade and advertised itself as a haven for "everything but child porn," according to Florida prosecutors. Clients allegedly used the hosting service to deploy ransomware viruses that infected around 400 networks around the world... [That's 400 just for the Netwalker ransomware, which the announcement calls "one of the ransomware variants facilitated by LolekHosted."]

Grabowski was charged with computer fraud, wire fraud, and conspiracy to commit international money laundering. Grabowski himself is also the subject of a $21.5 million seizure order... Grabowski, a Polish national, faces a maximum sentence of 45 years, if he is ever detained and convicted.
Grabowski also "remains a fugitive," according to an announcement from the U.S. Department of Justice. It notes that the 36-year-old's site — registered in 2014 — also "facilitated" brute-force attacks, and phishing.

"Grabowski allegedly facilitated the criminal activities of LolekHosted clients by allowing clients to register accounts using false information, not maintaining Internet Protocol (IP) address logs of client servers, frequently changing the IP addresses of client servers, ignoring abuse complaints made by third parties against clients, and notifying clients of legal inquiries received from law enforcement."

An anonymous reader shares a report: If you have any interest in retro-computing, you know it can be difficult to round up the last official bug fixes and updates available for early Internet-era versions of Windows like 95, 98, and NT 4.0. A new independent project called "Windows Update Restored" is aiming to fix that, hosting lightly modified versions of old Windows Update sites and the update files themselves so that fresh installs of these old operating systems can grab years' worth of fixes that aren't present on old install CDs and disks. These old versions of Windows relied primarily on a Windows Update web app to function rather than built-in updaters like the ones used in current Windows versions. Microsoft took down the version of the site that could scan and update Windows 95 and 98 sometime in mid-2011. The Windows Update Restored site is a lightly modified version of Microsoft's original code, and the site itself doesn't use any kind of SSL or TLS encryption, so ancient Internet Explorer versions can still access it without modification. You'll need at least Internet Explorer 5 to access the Windows Update Restored update sites; that browser is no longer available directly from Microsoft, but the Windows Update Restored site offers download links to IE5 and IE5.5 in all supported languages.

Sens. Josh Hawley and Richard Blumenthal want to clarify that the internet's bedrock liability law does not apply to generative AI, per a new bill introduced Wednesday. From a report: Legal experts and lawmakers have questioned whether AI-created works would qualify for legal immunity under Section 230 of the Communications Decency Act, the law that largely shields platforms from lawsuits over third-party content. It's a newly urgent issue thanks to the explosive of generative AI. The new bipartisan bill bolsters the argument that Section 230 doesn't cover AI-generated work. It also gives lawmakers an opening to go after Section 230 after vowing to amend it, without much success, for years.

Section 230 is often credited as the law that allowed the internet to flourish and for social media to take off, as well as websites hosting travel listings and restaurant reviews. To its detractors, it goes too far and is not fit for today's web, allowing social media companies to leave too much harmful content up online. Hawley and Blumenthal's "No Section 230 Immunity for AI Act" would amend Section 230 "by adding a clause that strips immunity from AI companies in civil claims or criminal prosecutions involving the use or provision of generative AI," per a description of the bill from Hawley's office.

An anonymous reader quotes a report from Ars Technica: Researchers have devised a novel attack that recovers the secret encryption keys stored in smart cards and smartphones by using cameras in iPhones or commercial surveillance systems to video record power LEDs that show when the card reader or smartphone is turned on. The attacks enable a new way to exploit two previously disclosed side channels, a class of attack that measures physical effects that leak from a device as it performs a cryptographic operation. By carefully monitoring characteristics such as power consumption, sound, electromagnetic emissions, or the amount of time it takes for an operation to occur, attackers can assemble enough information to recover secret keys that underpin the security and confidentiality of a cryptographic algorithm. [...]

On Tuesday, academic researchers unveiled new research demonstrating attacks that provide a novel way to exploit these types of side channels. The first attack uses an Internet-connected surveillance camera to take a high-speed video of the power LED on a smart card reader -- or of an attached peripheral device -- during cryptographic operations. This technique allowed the researchers to pull a 256-bit ECDSA key off the same government-approved smart card used in Minerva. The other allowed the researchers to recover the private SIKE key of a Samsung Galaxy S8 phone by training the camera of an iPhone 13 on the power LED of a USB speaker connected to the handset, in a similar way to how Hertzbleed pulled SIKE keys off Intel and AMD CPUs. Power LEDs are designed to indicate when a device is turned on. They typically cast a blue or violet light that varies in brightness and color depending on the power consumption of the device they are connected to.

There are limitations to both attacks that make them unfeasible in many (but not all) real-world scenarios (more on that later). Despite this, the published research is groundbreaking because it provides an entirely new way to facilitate side-channel attacks. Not only that, but the new method removes the biggest barrier holding back previously existing methods from exploiting side channels: the need to have instruments such as an oscilloscope, electric probes, or other objects touching or being in proximity to the device being attacked. In Minerva's case, the device hosting the smart card reader had to be compromised for researchers to collect precise-enough measurements. Hertzbleed, by contrast, didn't rely on a compromised device but instead took 18 days of constant interaction with the vulnerable device to recover the private SIKE key. To attack many other side channels, such as the one in the World War II encrypted teletype terminal, attackers must have specialized and often expensive instruments attached or near the targeted device. The video-based attacks presented on Tuesday reduce or completely eliminate such requirements. All that's required to steal the private key stored on the smart card is an Internet-connected surveillance camera that can be as far as 62 feet away from the targeted reader. The side-channel attack on the Samsung Galaxy handset can be performed by an iPhone 13 camera that's already present in the same room. Videos here and here show the video-capture process of a smart card reader and a Samsung Galaxy phone, respectively, as they perform cryptographic operations. "To the naked eye, the captured video looks unremarkable," adds Ars.

"But by analyzing the video frames for different RGB values in the green channel, an attacker can identify the start and finish of a cryptographic operation."

Adi Robertson writes via The Verge: The Supreme Court has declined to consider reinterpreting foundational internet law Section 230, saying it wasn't necessary for deciding the terrorism-related case Gonzalez v. Google. The ruling came alongside a separate but related ruling in Twitter v. Taamneh, where the court concluded that Twitter had not aided and abetted terrorism. In an unsigned opinion (PDF) issued today, the court said the underlying complaints in Gonzalez were weak, regardless of Section 230's applicability. The case involved the family of a woman killed in a terrorist attack suing Google, which the family claimed had violated the law by recommending terrorist content on YouTube. They sought to hold Google liable under anti-terrorism laws.

The court dismissed the complaint largely because of its unanimous ruling (PDF) in Twitter v. Taamneh. Much like in Gonzalez, a family alleged that Twitter knowingly supported terrorists by failing to remove them from the platform before a deadly attack. In a ruling authored by Justice Clarence Thomas, however, the court declared that the claims were "insufficient to establish that these defendants aided and abetted ISIS" for the attack in question. Thomas declared that Twitter's failure to police terrorist content failed the requirement for some "affirmative act" that involved meaningful participation in an illegal act. "If aiding-and-abetting liability were taken too far, then ordinary merchants could become liable for any misuse of their goods and services, no matter how attenuated their relationship with the wrongdoer," writes Thomas. That includes "those who merely deliver mail or transmit emails" becoming liable for the contents of those messages or even people witnessing a robbery becoming liable for the theft. "There are no allegations that defendants treated ISIS any differently from anyone else. Rather, defendants' relationship with ISIS and its supporters appears to have been the same as their relationship with their billion-plus other users: arm's length, passive, and largely indifferent."

For Gonzalez v. Google, "the allegations underlying their secondary-liability claims are materially identical to those at issue in Twitter," says the court. "Since we hold that the complaint in that case fails to state a claim for aiding and abetting ... it appears to follow that the complaint here likewise fails to state such a claim." Because of that, "we therefore decline to address the application of 230 to a complaint that appears to state little, if any, plausible claim for relief." [...] The Gonzalez ruling is short and declines to deal with many of the specifics of the case. But the Twitter ruling does take on a key question from Gonzalez: whether recommendation algorithms constitute actively encouraging certain types of content. Thomas appears skeptical: "To be sure, plaintiffs assert that defendants' 'recommendation' algorithms go beyond passive aid and constitute active, substantial assistance. We disagree. By plaintiffs' own telling, their claim is based on defendants' 'provision of the infrastructure which provides material support to ISIS.' Viewed properly, defendants' 'recommendation' algorithms are merely part of that infrastructure. All the content on their platforms is filtered through these algorithms, which allegedly sort the content by information and inputs provided by users and found in the content itself. As presented here, the algorithms appear agnostic as to the nature of the content, matching any content (including ISIS' content) with any user who is more likely to view that content. The fact that these algorithms matched some ISIS content with some users thus does not convert defendants' passive assistance into active abetting. Once the platform and sorting-tool algorithms were up and running, defendants at most allegedly stood back and watched; they are not alleged to have taken any further action with respect to ISIS." "The interpretation may deal a blow to one common argument for adding special liability to social media: the claim that recommendation systems go above and beyond simply hosting content and explicitly encourage that content," adds Robertson. "This ruling's reasoning suggests that simply recommending something on an 'agnostic' basis -- as opposed to, in one hypothetical from Thomas, creating a system that 'consciously and selectively chose to promote content provided by a particular terrorist group' -- isn't an active form of encouragement."

Ahead of Imgur's ban of sexually explicit content, Reddit announced Thursday that it will allow users to upload NSFW images from desktops in adult subreddits. The feature was already available on the social network's mobile app. TechCrunch reports: "This now gives us feature parity with our mobile apps, which (as you know) already has this functionality. You must set your community to 18+ if your community's content will primarily be not safe for work (NSFW)," the company said.

Reddit's announcement comes days after Imgur said that the image hosting platform was banning explicit photos from May 15. At that time, the company said that explicit content formed a risk to Imgur's "community and its business." Banning this type of content would "protect the future of the Imgur community." Many of Reddit's communities rely on Imgur's hosting services. However, the social network allowing native NSFW uploads through desktop might be the most logical solution going forward.

Online image hosting service Imgur is updating its Terms of Service on May 15th to prohibit nudity and sexually explicit content, among other things. The news arrived in an email sent to "Imgurians". The changes have since been outlined on the company's "Community Rules" page, which reads: Imgur welcomes a diverse audience. We don't want to create a bad experience for someone that might stumble across explicit images, nor is it in our company ethos to support explicit content, so some lascivious or sexualized posts are not allowed. This may include content containing:

- the gratuitous or explicit display of breasts, butts, and sexual organs intended to stimulate erotic feelings
- full or partial nudity
- any depiction of sexual activity, explicit or implied (drawings, print, animated, human, or otherwise)
- any image taken of or from someone without their knowledge or consent for the purpose of sexualization
- solicitation (the uninvited act of directly requesting sexual content from another person, or selling/offering explicit content and/or adult services)

Content that might be taken down may includes: see-thru clothing, exposed or clearly defined genitalia, some images of female nipples/areolas, spread eagle poses, butts in thongs or partially exposed buttocks, close-ups, upskirts, strip teases, cam shows, sexual fluids, private photos from a social media page, or linking to sexually explicit content. Sexually explicit comments that don't include images may also be removed.

Artistic, scientific or educational nude images shared with educational context may be okay here. We don't try to define art or judge the artistic merit of particular content. Instead, we focus on context and intent, as well as what might make content too explicit for the general community. Any content found to be sexualizing and exploiting minors will be removed and, if necessary, reported to the National Center for Missing & Exploited Children (NCMEC). This applies to photos, videos, animated imagery, descriptions and sexual jokes concerning children. The company is also prohibiting hate speech, abuse or harassment, content that condones illegal or violent activity, gore or shock content, spam or prohibited behavior, content that shares personal information, and posts in general that violate Imgur's terms of service. Meanwhile, "provocative, inflammatory, unsettling, or suggestive content should be marked as Mature," says Imgur.

India amended its IT law on Thursday to prohibit Facebook, Twitter and other social media firms from publishing, hosting or sharing false or misleading information about "any business" of the government and said the firms will be required to rely on New Delhi's own fact-check unit to determine the authenticity of any claim in a blow to many American giants that identify the South Asian market as their largest by users. From a report: Failure to comply with the rule, which also impacts internet service providers such as Jio and Airtel, risks the firms losing their safe harbour protections. The rule, first proposed in January this year, gives a unit of the government arbitrary and overbroad powers to determine the authenticity of online content and bypasses the principles of natural justice, said New Delhi-headquartered digital rights group Internet Freedom Foundation.

A German court has ordered hosting provider Uberspace to take the website of the open-source youtube-dl software offline. The ruling is the result of a copyright infringement lawsuit, filed by Sony, Warner and Universal last year. Uberspace will appeal the verdict and, meanwhile, youtube-dl's code remains available on GitHub. TorrentFreak reports: After hearing both sides, the district court of Hamburg ruled on the matter last week, handing a clear win to the music companies. The verdict wasn't immediately made available to the public but the music companies were quick to claim the win in a press release, stating that Uberspace must take youtube-dl's website offline. According to Frances Moore, CEO of the global music industry group IFPI, the court's decision once again confirms that stream-ripping software is illegal.

"YouTube-DL's services have enabled users to stream rip and download copyrighted music without paying. The Hamburg Regional Court's decision builds on a precedent already set in Germany and underscores once again that hosting stream-ripping software of this type is illegal. "We continue to work globally to address the problem of stream ripping, which is draining revenue from those who invest in and create music," Moore adds. Interestingly, the open source youtube-dl code remains available on the Microsoft-owned developer platform GitHub. Whether the music companies have any plans to target the problem at this source is unknown.

Uberspace's legal representative German Society for Civil Rights (GFF) informs TorrentFreak that the decision doesn't come as a total surprise since the court already declared YouTube's "rolling cipher" to be an effective technical protection measure in an earlier case. That said, the defense believes that the order, which effectively amounts to a blanket ban on youtube-dl, failed to take the software's potentially legitimate uses into account. In addition, GFF believes that the court's decision severely restricts the hosting provider's freedom to operate. "If web hosts have to delete an entire website on demand of the rightsholders even in complex situations with no legal precedent, this poses a threat to the business model of web hosts and ultimately to the free flow of information on the Internet." Uberspace says it will appeal the judgement and GFF is confident the hosting provider will ultimately prevail.

An anonymous reader quotes a report from KrebsOnSecurity: Authorities in Germany this week seized Internet servers that powered FlyHosting, a dark web offering that catered to cybercriminals operating DDoS-for-hire services, KrebsOnSecurity has learned. FlyHosting first advertised on cybercrime forums in November 2022, saying it was a Germany-based hosting firm that was open for business to anyone looking for a reliable place to host malware, botnet controllers, or DDoS-for-hire infrastructure. A statement released today by the German Federal Criminal Police Office says they served eight search warrants on March 30, and identified five individuals aged 16-24 suspected of operating "an internet service" since mid-2021. The German authorities did not name the suspects or the Internet service in question.

"Previously unknown perpetrators used the Internet service provided by the suspects in particular for so-called 'DDoS attacks', i.e. the simultaneous sending of a large number of data packets via the Internet for the purpose of disrupting other data processing systems," the statement reads. The German authorities said that as a result of the DDoS attacks facilitated by the defendants, the websites of various companies as well as those of the Hesse police have been overloaded in several cases since mid-2021, "so that they could only be operated to a limited extent or no longer at times." The statement says police seized mobile phones, laptops, tablets, storage media and handwritten notes from the unnamed defendants, and confiscated servers operated by the suspects in Germany, Finland and the Netherlands.

Proposals to pay for broadband networks by imposing new fees on Big Tech companies "are built on a false premise," Meta executives wrote in a blog post today. From a report: "Network fee proposals do not recognize that our investments in content drive the business model of telecom operators," Meta executives Kevin Salvadori and Bruno Cendon Martin wrote. Meta's comments came a few weeks after Netflix co-CEO Greg Peters spoke out against the proposal being reviewed by European regulators. Meta executives said telecom operators and content application providers (CAPs) "are symbiotic businesses, occupying different but complementary roles in the digital ecosystem. Every year, Meta invests tens of billions of euros in our apps and platforms -- such as Facebook, Instagram, and Quest -- to facilitate the hosting of content. Billions of people go online every day to access this content, creating the demand that allows telecom operators to charge people for Internet access. Our investment in content literally drives the revenue and business model of telecom operators."

Internet service providers in the EU argue that Big Tech companies should pay a "fair share" toward network-building costs. In the US, Federal Communications Commission Republican Brendan Carr claims that "Big Tech has been enjoying a free ride on our Internet infrastructure while skipping out on the billions of dollars in costs needed to maintain and build that network." Big Tech companies don't actually get free access to the Internet, though. Anyone distributing content over the Internet pays their own providers, builds their own network infrastructure, or does some combination of the two. For extremely large companies like Netflix and Meta, investments include building their own content-delivery networks. "Over the last decade, CAPs have collectively invested over $880 billion in global digital infrastructure, including approximately $120 billion a year from 2018 to 2021," Meta's blog post today said. "These infrastructure contributions made by technology companies save telecom operators around $6 billion per year."

After almost 17 years online, file-hosting veteran Zippyshare will shut down at the end of the month. TorrentFreak: Founded in 2006, Zippyshare was known for its free, no-nonsense, no-frills approach to storing files online. Having changed very little over the years, Zippyshare's operators say the platform is now a dinosaur that costs too much to run in a world where ad-blocking is widespread. Zippyshare said, "Since 2006 we have been on the market in an unchanged form, that is, as ad financed/free file hosting. However, you have been visiting in less and less over the years, as the arguably very simple formula of the services we offer is slowly running out of steam. I guess all the competing file storage service companies on the market look better, offer better performance and more features. No one needs a dinosaur like us anymore."

The Supreme Court is about to reconsider Section 230, a law that's been foundational to the internet for decades. But whatever the court decides might end up changing the rules for a technology that's just getting started: artificial intelligence-powered search engines like Google Bard and Microsoft's new Bing. From a report: Next week, the Supreme Court will hear arguments in Gonzalez v. Google, one of two complementary legal complaints. Gonzalez is nominally about whether YouTube can be sued for hosting accounts from foreign terrorists. But its much bigger underlying question is whether algorithmic recommendations should receive the full legal protections of Section 230 since YouTube recommended those accounts to others. While everyone from tech giants to Wikipedia editors has warned of potential fallout if the court cuts back these protections, it poses particularly interesting questions for AI search, a field with almost no direct legal precedent to draw from.

Companies are pitching large language models like OpenAI's ChatGPT as the future of search, arguing they can replace increasingly cluttered conventional search engines. (I'm ambivalent about calling them "artificial intelligence" -- they're basically very sophisticated autopredict tools -- but the term has stuck.) They typically replace a list of links with a footnote-laden summary of text from across the web, producing conversational answers to questions. These summaries often equivocate or point out that they're relying on other people's viewpoints. But they can still introduce inaccuracies.

An anonymous reader quotes a report from Ars Technica: Over the past few days, dozens of tech companies have filed briefs in support of Google in a Supreme Court case that tests online platforms' liability for recommending content. Obvious stakeholders like Meta and Twitter, alongside popular platforms like Craigslist, Etsy, Wikipedia, Roblox, and Tripadvisor, urged the court to uphold Section 230 immunity in the case or risk muddying the paths users rely on to connect with each other and discover information online. Out of all these briefs, however, Reddit's was perhaps the most persuasive (PDF). The platform argued on behalf of everyday Internet users, whom it claims could be buried in "frivolous" lawsuits for frequenting Reddit, if Section 230 is weakened by the court. Unlike other companies that hire content moderators, the content that Reddit displays is "primarily driven by humans -- not by centralized algorithms." Because of this, Reddit's brief paints a picture of trolls suing not major social media companies, but individuals who get no compensation for their work recommending content in communities. That legal threat extends to both volunteer content moderators, Reddit argued, as well as more casual users who collect Reddit "karma" by upvoting and downvoting posts to help surface the most engaging content in their communities.

"Section 230 of the Communications Decency Act famously protects Internet platforms from liability, yet what's missing from the discussion is that it crucially protects Internet users -- everyday people -- when they participate in moderation like removing unwanted content from their communities, or users upvoting and downvoting posts," a Reddit spokesperson told Ars. Reddit argues in the brief that such frivolous lawsuits have been lobbed against Reddit users and the company in the past, and Section 230 protections historically have consistently allowed Reddit users to "quickly and inexpensively" avoid litigation. [...]

The Supreme Court will have to weigh whether Reddit's arguments are valid. To help make its case defending Section 230 immunity protections for recommending content, Reddit received special permission from the Supreme Court to include anonymous comments from Reddit mods in its brief. This, Reddit's spokesperson notes, is "a significant departure from normal Supreme Court procedure." The Electronic Frontier Foundation, a nonprofit defending online privacy, championed the court's decision to allow moderators to contribute comments anonymously. "We're happy the Supreme Court recognized the First Amendment rights of Reddit moderators to speak to the court about their concerns," EFF's senior staff attorney, Sophia Cope, told Ars. "It is quite understandable why those individuals may be hesitant to identify themselves should they be subject to liability in the future for moderating others' speech on Reddit."

"Reddit users that interact with third-party content -- including 'hosting' content on a sub-Reddit that they manage, or moderating that content -- could definitely be open to legal exposure if the Court carves out "recommending' from Section 230's protections, or otherwise narrows Section 230's reach," Cope told Ars.

"THIS WEBSITE HAS BEEN SEIZED," declares the home page of three different domains, attributing the seizure to the America's Federal Bureau of Investigation "in accordance with a warrant."

Bleeping Computer reports the domains were seized early Friday morning — and that the domains belong to the popular Z-Library online eBook repository. Z-Library is ranked in the top 10k most visited websites on the Internet, offering over 11 million books and 84 million articles for free via its website....

WHOIS information initially showed that the U.S. government seized the domains and switched their DNS servers to NS1.SEIZEDSERVERS.COM and NS2.SEIZEDSERVERS.COM, two DNS servers commonly used by the U.S and law enforcement in domain seizures. However, since then, the DNS servers for these domains have been switched to Njalla, an anonymizing hosting provider. It is unclear how Z-Library could transfer the domains to the new hosting provider....

While the court order for the seizure is unavailable at this time, the site's domains were likely seized because many of the files were uploaded without the license of the original authors. Complaints to copyright protection offices in the past have resulted in legal actions forcing the platform's registrar to seize the Z-Library domains in 2015 and further domain blockages and DMCA notices in the U.S. and France in 2021. The USTR (United States Trade Representative) has recently launched an investigation on the platform... As reported by TorrentFreak last week, TikTok decided to block hashtags related to Z-Library, reportedly responding to copyright holder's complaints.
Thanks to Slashdot reader joshuark for suggesting the story.

An anonymous reader quotes a report from TorrentFreak: The Motion Picture Association (MPA) has sent its latest overview of notorious piracy markets to the US Government. The Hollywood group, which also represents Netflix, lists a broad variety of online piracy threats. Aside from traditional pirate sites, it also includes domain registries, hosting providers, advertisers, and apps. [...] The MPA report typically provides a detailed overview of the piracy landscape. This year, the USTR further asked rightsholders to explain how piracy impacts US workers. According to the movie industry group, the effect is significant. "In 2020, there were an estimated 137.2 billion visits to film and TV piracy sites globally, which cost the U.S. economy at least $29.2 billion in lost revenue each year. Specifically, piracy has been estimated to reduce employment in our industry between 230,000 and 560,000 jobs," MPA writes, citing external research. The MPA notes that piracy is a global problem that requires cooperation from the broader Internet ecosystem. Services that see themselves as neutral intermediaries, operating parts of the core Internet infrastructure, should take responsibility. "All stakeholders in the internet ecosystem -- including hosting providers, DNS providers, cloud services, advertising networks, payment processors, social networks, and search engines -- should actively seek to reduce support for notoriously infringing sites," MPA writes.

The industry group views Cloudflare as part of this group and mentions the US company by name in its submission. "Cloudflare's customers include some of the most notorious, longstanding pirate websites in the world, including the massively popular streaming site cuevana3.me and The Pirate Bay," MPA notes, adding that repeated notices of infringement elicited no action on Cloudflare's part. The notorious markets list is limited to non-US operations, so Cloudflare itself isn't one of the MPA's targets. Various other Internet services are, including several third-party intermediaries. The MPA's list of notorious markets calls out domain name registries, including the Russian .RU registry, and the companies that maintain the records for the .CH, .CC, .IO, .ME and .TO domain names. These continue to keep pirate sites on board, despite numerous complaints. The same is true for the payment provider VoguePay, which is reportedly quite popular among IPTV services. In addition, advertisers such as 1XBET and Propeller Ads are called out as well. The latter company rebutted MPA's accusations last year but that didn't prevent it from being highlighted again.

Hosting companies are also cited as intermediaries that could and should do more. Instead, some find themselves appealing to pirate services with products such as "bulletproof" hosting. Squitter.eu and Amaratu are two such examples, the MPA reports. In addition to third-party intermediaries, there is also a category of services that caters to pirates directly. These "piracy as a service" (PaaS) companies offer tools that allow people to start a pirate site with minimal effort. "PaaS encompasses a suite of often off-the-shelf services that make it easy for would-be pirates without any technical knowledge to create, operate, and monetize a fully functioning pirate operation," MPA writes. [...] Actual pirate sites themselves are also mentioned, including the usual suspects The Pirate Bay, RARBG and YTS. In addition to torrent sites, the MPA also lists direct download hubs, streaming portals and linking sites, including Uptobox.com, Fmovies.to and Egy.best. Various dedicated piracy apps get a mention as well, and the MPA further includes a long list of unauthorized IPTV services. The anti-piracy group says that it has identified more than a thousand pirate IPTV platforms, so the list provided to the USTR is certainly not exhaustive. In fact, the MPA says that all companies, sites, and services are part of a broader piracy problem. Those flagged in the MPA's report are just examples of some of the worst offenders, nothing more. A list of all sites and services that are highlighted and categorized in MPA's notorious markets submission (PDF) can be found in the article.

Code repositories for the Ethereum-based mixer Tornado Cash were relisted on GitHub on Thursday. CoinDesk reports: The U.S. Treasury Department's Office of Foreign Assets (OFAC) banned Americans last month from using Tornado Cash, a decentralized privacy service that mixes cryptocurrencies together to obfuscate the original address. The mixer was blacklisted and designated under the Specially Designated National list because the North Korean hacking group Lazarus had used it in the past.

GitHub is a centralized internet hosting service for software development often used by Ethereum developers. Within hours of the OFAC announcement, GitHub, along with other platforms, removed Tornado Cash from their sites in order to comply with the new U.S. regulation. Ethereum developers -- believing that computer code is protected speech under the First Amendment of the U.S. Constitution -- have called for platforms that host the Tornado Cash code to reverse their bans. In particular, Ethereum core developer Preston Van Loon asked for GitHub to relist the mixer's code on Sept. 13. Further reading: Treasury Says Sanctions On Tornado Cash Don't Stop People From Sharing Code

An anonymous reader quotes a report from Gizmodo, written by Jody Serrano: In the early aughts, my wheezing dialup connection often operated as if it were perpetually out of breath. Thus, unlike my childhood friends, it was near to impossible for me to watch videos, TV shows, or listen to music. Far from feeling limited, I felt like I was lucky, for I had access to an encyclopedia of lovingly curated pages about anything I wanted to know -- which in those days was anime -- the majority of which was conveniently located on GeoCities. For all the zoomers scrunching up their brows, here's a primer. Back in the 1990s, before the birth of modern web hosting household names like GoDaddy and WP Engine, it wasn't exactly easy or cheap to publish a personal website. This all changed when GeoCities came on the scene in 1994.

The company gave anyone their own little space of the web if they wanted it, providing users with roughly 2 MB of space for free to create a website on any topic they wished. Millions took GeoCities up on its offer, creating their own homemade websites with web counters, flashing text, floating banners, auto-playing sound files, and Comic Sans. Unlike today's Wild Wild Internet, websites on GeoCities were organized into virtual neighborhoods, or communities, built around themes. "HotSprings" was dedicated to health and fitness, while "Area 51" was for sci-fi and fantasy nerds. There was a bottom-up focus on users and the content they created, a mirror of what the public internet was like in its infancy. Overall, at least 38 million webpages were built on GeoCities. At one point, it was the third most-visited domain online. Yahoo acquired GeoCities in 1999 for $3.6 billion. The company lived on for a decade more until Yahoo shut it down in 2009, deleting millions of sites.

Nearly two decades have passed since GeoCities, founded by David Bohnett, made its debut, and there is no doubt that the internet is a very different place than it was then. No longer filled with webpages on random subjects made by passionate folks, it now feels like we live in a cyberspace dominated by skyscrapers -- named Facebook, Google, Amazon, Twitter, and so on -- instead of neighborhoods. [...] We can, however, ask GeoCities' founder what he thinks of the internet of today, subsumed by social media networks, hate speech, and more corporate than ever. Bohnett now focuses on funding entrepreneurs through Baroda Ventures, an early-stage tech fund he founded, and on philanthropy with the David Bohnett Foundation, a nonprofit dedicated to social justice and social activism that he chairs. Right off the bat, Bohnett says something that strikes me. It may, in fact, be the sentence that summarizes the key distinction between the internet of the '90s-early 2000s and the internet we have today. "GeoCities was not about self-promotion," Bohnett told Gizmodo in an interview. "It was about sharing your interest and your knowledge." When asked to share his thoughts on the internet of today, Bohnett said: "... The heart of GeoCities was sharing your knowledge and passions about subjects with other people. It really wasn't about what you had to eat and where you've traveled. [...] It wasn't anything about your face." He added: "So, what has surprised me is how far away we've gotten from that original intent and how difficult it is [now]. It's so fractured these days for people to find individual communities. [...] I've been surprised at sort of the evolution away from self-generated content and more toward centralized programing and more toward sort of the self-promotion that we've seen on Facebook and Instagram and TikTok."

Bohnett went on to say that he thinks it's important to remember that "the pace of innovation on the internet continues to accelerate, meaning we're not near done. In the early days when you had dial up and it was the desktop, how could you possibly envision an Uber?"

"We're still in that trajectory where there's going to be various technologies and ways of communicating with each other, [as well as] wearable devices, blockchain technology, virtual reality, that will be as astounding as Uber seemed in the early days of GeoCities," added Bohnett. "I'm very, very excited about the future, which is why I continue to invest in early-stage startups because as I say, the pace of innovation accelerates and builds on top of itself. It's so exciting to see where we might go."