An anonymous Slashdot reader shared this story from Interesting Engineering: Cybersecurity specialists from the research group DARKNAVY have demonstrated how modern humanoid robots can be compromised and weaponised through weaknesses in their AI-driven control systems.

In a controlled test, the team demonstrated that a commercially available humanoid robot could be hijacked with nothing more than spoken commands, exposing how voice-based interaction can serve as an attack vector rather than a safeguard, reports Yicaiglobal... Using short-range wireless communication, the hijacked machine transmitted the exploit to another robot that was not connected to the network. Within minutes, this second robot was also taken over, demonstrating how a single breach could cascade through a group of machines. To underline the real-world implications, the researchers issued a hostile command during the demonstration. The robot advanced toward a mannequin on stage and struck it, illustrating the potential for physical harm.

Phoronix reports on "an exciting post-Christmas patch series out on the Linux kernel mailing list" proposing "a new runtime standby ABI that is similar in nature to the 'Modern Standby' functionality found with Microsoft Windows..." Modern Standby is a low-power mode on Windows 11 for letting systems remain connected to the network and appear "sleeping" but will allow for instant wake-up for notifications, music playback, and other functionality. The display is off, the network remains online, and background tasks can wake-up the system if needed with Microsoft Modern Standby...

"This series introduces a new runtime standby ABI to allow firing Modern Standby firmware notifications that modify hardware appearance from userspace without suspending the kernel," [according to the email about the proposed patch series]. "This allows userspace to set the inactivity state of the device so that it looks like it is asleep (e.g., flashing the power button) while still being able to perform basic computations..."

Those interested can see the RFC patch series for the work in its current form, in particular the documentation patch outlines the proposed /sys/power/standby interface.

Taiwan's iPass has released a limited-edition prepaid payment card shaped exactly like a 3.5-inch floppy disk. The company, perhaps rightly so, felt the need to include a warning on the product listing: "This product only has a card function and does not have a 3.5mm [sic] disk function, please note before purchasing."

The NFC-enabled novelty card went on sale starting Christmas Eve and comes in black or yellow finishes at 1:1 scale. It works across Taiwan's public transport network -- buses, trains, subways, taxis, and bike rentals -- as well as convenience stores like 7-Eleven and FamilyMart, supermarkets, pharmacies, and fast-food chains including McDonald's and Burger King.

The floppy disk joins an increasingly absurd lineup of iPass form factors. Previous releases have included, Tom's Hardware reports, a Motorola DynaTAC replica, model trains, a flip-flop, an LED-lit Godzilla snow globe, and a blood bag. Taiwan's PCHome24 online store currently lists 838 different iPass card designs. A standard card costs NT$100 (about $3.20) and comes without stored value.

After more than two decades of promises and false starts in the mesh networking space, the smart home standards that Apple, Amazon and Google have each championed are finally set to escape their respective brand silos and work together in a single unified network.

Starting January 1, 2026, Thread 1.4 becomes the Thread Group's only certified standard, bringing a crucial new capability called credential sharing. Devices from different manufacturers can now securely join the same mesh network -- an Amazon Echo Show and an Apple HomePod mini in the same house will both be able to control the same Nanoleaf lightbulb. This marks a significant departure from Thread 1.3, released in 2022, where each brand's mesh network connected only to devices from that same brand.

The Thread Group launched in 2014 as a coalition led by Arm, Google's Nest Labs, and Samsung, later welcoming Apple and Amazon into the fold. Thread 1.4 handles low-power smart home devices and sensors, but homes also need high-bandwidth connections for laptops and phones. Wi-Fi 7 mesh serves that purpose and the Matter protocol acts as a translation layer between the two different mesh networks. Both Wi-Fi 7 and Matter arrived in products on store shelves in 2025.

Two years after generative AI was supposed to render India's $250 billion IT services industry obsolete, the sector is finding that enterprises still need someone to handle the unglamorous plumbing work that large-scale AI deployment demands. Less than 15% of organizations are meaningfully deploying the new technology, according to investment bank UBS, and Indian IT firms are positioning themselves to capture the preparatory work -- data cleanup, cloud migration, system integration -- that channel checks suggest could take two to three years before enterprise-wide AI becomes feasible.

The financials have held up better than the doomsday predictions suggested. Infosys now calls AI-led volume opportunities a bigger tailwind than the deflation threat, a reversal from 2024, and orderbooks held steady in the third quarter even as pricing pressure filtered through renewals. Infosys expects its orderbook to grow more than 50% this quarter, anchored by an NHS deal worth $1.6 billion over 15 years.

The companies have been restructuring accordingly. TCS cut headcount by 2% and invested in a 1GW data-centre network while acquiring Salesforce advisory firm Coastal Cloud. HCLTech reduced margins by 100 basis points and became one of the first large systems integrators to partner with OpenAI; this week it announced acquisitions of Jaspersoft for $240 million and Belgian firm Wobby to expand agentic AI capabilities.

The bear case for the Indian IT sector assumed that AI would work out of the box. Two years in, it does not.

An anonymous reader quotes a report from the Wall Street Journal: It's harder than ever to mine bitcoin. And less profitable, too. But mining-company stocks are still flying, even with cryptocurrency prices in retreat. That's because these firms have something in common with the hottest investment theme on the planet: the massive, electricity-hungry data centers expected to power the artificial-intelligence boom. Some companies are figuring out how to remake themselves as vital suppliers to Alphabet, Amazon, Meta, Microsoft and other "hyperscalers" bent on AI dominance.

Bitcoin-mining -- using vast computer power to solve equations to unlock the digital currency -- has been a lucrative and cutting-edge pursuit in its own right. Lately, however, increased competition and other challenges have eroded profit margins. But just as the bitcoin-mining business began to cool, the AI build-out turned white hot. The AI arms race has created an insatiable demand for some assets the miners already have: data centers, cooling systems, land and hard-to-obtain contracts for electrical power -- all of which can be repurposed to train and power AI models.

It's not a seamless process. Miners often have to build new, specialized facilities, because running AI requires more-advanced cooling and network systems, as well as replacing bitcoin-mining computers with AI-focused graphics processing units. But signing deals with miners allows AI giants to expand faster and cheaper than starting new facilities from scratch. These companies still mine some bitcoin, but the transition gives miners a new source of deep-pocketed customers willing to commit to longer-term leases for their data centers.

"The opportunity for miners to convert to AI is one of the greatest opportunities I could possibly imagine," said Adam Sullivan, chief executive of Core Scientific, which has pivoted to AI data centers. The shift has boosted miners' stocks. The CoinShares Bitcoin Mining ETF has surged about 90% this year, a rally that has accelerated even as bitcoin erased its gains for 2025. The ETF holds shares of miners including Cipher Mining and IREN, both of which have surged following long-term deals with companies such as Amazon and Microsoft. Shares of Core Scientific quadrupled in 2024 after the company signed its first AI contract that February. The stock has gained 10% this year. The company now expects to exit bitcoin mining entirely by 2028.

An anonymous reader quotes a report from TechCrunch: Across Uzbekistan, a network of about a hundred banks of high-resolution roadside cameras continuously scan vehicles' license plates and their occupants, sometimes thousands a day, looking for potential traffic violations. Cars running red lights, drivers not wearing their seatbelts, and unlicensed vehicles driving at night, to name a few. The driver of one of the most surveilled vehicles in the system was tracked over six months as he traveled between the eastern city of Chirchiq, through the capital Tashkent, and in the nearby settlement of Eshonguzar, often multiple times a week. We know this because the country's sprawling license plate-tracking surveillance system has been left exposed to the internet.

Security researcher Anurag Sen, who discovered the security lapse, found the license plate surveillance system exposed online without a password, allowing anyone access to the data within. It's not clear how long the surveillance system has been public, but artifacts from the system show that its database was set up in September 2024, and traffic monitoring began in mid-2025. The exposure offers a rare glimpse into how such national license plate surveillance systems work, the data they collect, and how they can be used to track the whereabouts of any one of the millions of people across an entire country. The lapse also reveals the security and privacy risks associated with the mass monitoring of vehicles and their owners, at a time when the United States is building up its nationwide array of license plate readers, many of which are provided by surveillance giant Flock.

An anonymous reader quotes a report from the Associated Press: With just three days to go before Christmas, a cyberattack knocked France's national postal service offline Monday, blocking and delaying package deliveries and online payments. The timing was miserable for millions of people at the height of the Christmas season, as frazzled postal workers fended off frustrated customers. No one immediately claimed responsibility, but suspicions abounded.

What the postal service La Poste called a ''major network incident'' remained unresolved by Monday evening, more than eight hours after it was first reported. For a company that delivered 2.6 billion packages last year and employs more than 200,000 people, that's a big hit. La Poste said in a statement that a distributed denial of service incident, or DDoS, "rendered its online services inaccessible." It said the incident had no impact on customer data, but disrupted package delivery. Letters, including holiday greeting cards, could still be mailed and delivered. But transactions requiring tracking or access to the postal service internal computer systems were impossible.

The cyberattack also hurt online banking. Customers of the company's banking arm, La Banque Postale, were blocked from using the application to approve payments or conduct other banking services. The bank redirected approvals to text messages instead. "Our teams are mobilized to resolve the situation quickly," the bank said in messages posted on social networks. The disruption came a week after France's government was targeted by a cyberattack that targeted the Interior Ministry, in charge of national security.

"It's all fixed," says that Apple developer who was locked out of his Apple Account after redeeming a compromised Apple Gift Card. "A lovely man from Singapore, working for Apple Executive Relations, who has been calling me every so often for a couple of days, has let me know it's all fixed. It looks like the gift card I tried to redeem, which did not work for me, and did not credit my account, was already redeemed in some way (sounds like classic gift card tampering), and my account was caught by that.

"Obviously it's unacceptable that this can happen, and I'm still trying to get more information out of him, but at least things are now mostly working.

"Strangely, he did tell me to only ever buy gift cards from Apple themselves; I asked if that means Apple's supply chain of Blackhawk Network, InComm, and other gift card vendors is insecure, and he was unwilling to comment."
Updates to his original blog post now include a frequently-asked questions list:

• Yes, I have the receipt for the card, including the activation receipt.
• Yes, the card was legitimately purchased, it's not from eBay.
• Yes, I have contacted the retailer.
• Yes, I do have backups... No, I don't know why parts of the account still kinda work, and parts don't.
• No, I didn't write this article with AI...
• Yes, Apple really did use emojis in their Live Chat...

An independent review found that at least ten technical and process failures during a routine firewall upgrade at Australia's Optus prevented emergency calls from reaching Triple Zero for 14 hours, during which 455 calls failed and two callers died. The Register reports: On Thursday, Optus published an independent report (PDF) on the matter written by Dr Kerry Schott, an Australian executive who has held senior management roles at many of the country's most significant businesses. The report found that Optus planned 18 firewall upgrades and had executed 15 without incident. But on the 16th upgrade, Optus issued incorrect instructions to its outsourced provider Nokia. [...] Schott summarized the incident as follows: "Three issues are clear during this incident. The first is the very poor management and performance within [Optus] Networks and their contractor, Nokia. Process was not followed, and incorrect procedures were selected. Checks were inadequate, controls avoided and alerts given insufficient attention. There appeared to be reticence in seeking more experienced advice within Networks and a focus on speed and getting the task done, rather than an emphasis on doing things properly."

The review also found that Optus' call center didn't appreciate it could be "the first alert channel for Triple Zero difficulties." The document also notes that Australian telcos try to route 000 calls during outages, but that doing so is not easy and is made harder by the fact that different smartphones behave in different ways. Optus does warn customers if their devices have not been tested for their ability to connect to 000, and maintains a list of known bad devices. But the report notes Optus's process "does not capture so-called 'grey' devices that have been bought online or overseas and may not be compliant." "To have a standard firewall upgrade go so badly is inexcusable," the document states. "Execution was poor and seemed more focussed on getting things done than on being right. Supervision of both network staff and Nokia must be more disciplined to get things right."

An anonymous reader quotes a report from Ars Technica: Microsoft is killing off an obsolete and vulnerable encryption cipher that Windows has supported by default for 26 years following more than a decade of devastating hacks that exploited it and recently faced blistering criticism from a prominent US senator. When the software maker rolled out Active Directory in 2000, it made RC4 a sole means of securing the Windows component, which administrators use to configure and provision fellow administrator and user accounts inside large organizations. RC4, short for Rivist Cipher 4, is a nod to mathematician and cryptographer Ron Rivest of RSA Security, who developed the stream cipher in 1987. Within days of the trade-secret-protected algorithm being leaked in 1994, a researcher demonstrated a cryptographic attack that significantly weakened the security it had been believed to provide. Despite the known susceptibility, RC4 remained a staple in encryption protocols, including SSL and its successor TLS, until about a decade ago. [...]

Last week, Microsoft said it was finally deprecating RC4 and cited its susceptibility to Kerberoasting, the form of attack, known since 2014, that was the root cause of the initial intrusion into Ascension's network. "By mid-2026, we will be updating domain controller defaults for the Kerberos Key Distribution Center (KDC) on Windows Server 2008 and later to only allow AES-SHA1 encryption," Matthew Palko, a Microsoft principal program manager, wrote. "RC4 will be disabled by default and only used if a domain administrator explicitly configures an account or the KDC to use it." [...] Following next year's change, RC4 authentication will no longer function unless administrators perform the extra work to allow it. In the meantime, Palko said, it's crucial that admins identify any systems inside their networks that rely on the cipher. Despite the known vulnerabilities, RC4 remains the sole means of some third-party legacy systems for authenticating to Windows networks. These systems can often go overlooked in networks even though they are required for crucial functions.

To streamline the identification of such systems, Microsoft is making several tools available. One is an update to KDC logs that will track both requests and responses that systems make using RC4 when performing requests through Kerberos. Kerberos is an industry-wide authentication protocol for verifying the identities of users and services over a non-secure network. It's the sole means for mutual authentication to Active Directory, which hackers attacking Windows networks widely consider a Holy Grail because of the control they gain once it has been compromised. Microsoft is also introducing new PowerShell scripts to sift through security event logs to more easily pinpoint problematic RC4 usage. Microsoft said it has steadily worked over the past decade to deprecate RC4, but that the task wasn't easy. "The problem though is that it's hard to kill off a cryptographic algorithm that is present in every OS that's shipped for the last 25 years and was the default algorithm for so long, Steve Syfuhs, who runs Microsoft's Windows Authentication team, wrote on Bluesky. "See," he continued, "the problem is not that the algorithm exists. The problem is how the algorithm is chosen, and the rules governing that spanned 20 years of code changes."

An anonymous reader quotes a report from Reuters: Several dozen people protested on Sunday in the Siberian city of Tomsk against Russia's ban on U.S. children's gaming platform Roblox, a rare show of public dissent as popular irritation over the ban gains some momentum. In wartime Russia, censorship is extensive: Moscow blocks or restricts social media platforms such as Snapchat, Facebook, Instagram, WhatsApp and YouTube while distributing its own narrative through a network of social media and Russian media. Russia's communications watchdog Roskomnadzor said on December 3 it had blocked Roblox because it was "rife with inappropriate content that can negatively impact the spiritual and moral development of children."

In Tomsk, 2,900 km (1,800 miles) east of Moscow, several dozen people braved the snow to hold up hand-drawn placards reading "Hands off Roblox" and "Roblox is the victim of the digital Iron Curtain" in Vladimir Vysotsky Park, according to photographs provided by an organizer of the protest. "Bans and blocks are all you are able to do," read one placard. The photographs showed about 25 people standing in a circle in the snow, holding up placards. In Russia, the ban on Roblox has triggered a debate over censorship, child safety in relation to technology and even the effectiveness of censorship in a digitalized world where children can bypass many bans in a few clicks.

A Kansas man who sued Verizon in small claims court after the carrier refused to unlock his iPhone has won his case, scoring a small but meaningful victory against a company that retroactively applied a policy change to deny his unlock request.

Patrick Roach bought a discounted iPhone 16e from Verizon's Straight Talk brand in February 2025, intending to pay for one month of service before switching the device to US Mobile. Under FCC rules dating back to a 2019 waiver, Verizon must unlock phones 60 days after activation on its network. Verizon refused to unlock the phone, citing a new policy implemented on April 1, 2025 requiring "60 days of paid active service."

Roach had purchased his device over a month before that policy took effect. Magistrate Judge Elizabeth Henry ruled in October 2025 that applying the changed terms to Roach's earlier purchase violated the Kansas Consumer Protection Act. The court ordered Verizon to refund Roach's $410.40 purchase price plus court costs. Roach had previously rejected a $600 settlement offer because it would have required him to sign a non-disclosure agreement. He estimated spending about 20 hours on the lawsuit but said "it wasn't about" the money.

One of the most water-scarce regions on Earth is now experiencing a dramatic atmospheric shift that's pushing moisture onto Oman's northern coast at rates more than 1.5 times the global average, according to a Washington Post investigation of global atmospheric data [non-paywalled source]. The change has turned extreme rainfall into a recurrent source of catastrophe across the Arabian Peninsula. In the 126 years between 1881 and 2007, just six hurricane-strength storms hit Oman or came within 60 miles of the country. At least four more have made landfall in the past 15 years alone.

Research from Sultan Qaboos University analyzing 8,000 storms across 69 rainfall stations found that half of all rain in Oman falls within the first 90 minutes of a 24-hour storm. These intense bursts quickly overwhelm the desert's ability to absorb water and send flash floods racing through wadis -- normally dry riverbeds where many communities are built. In response, Dubai is constructing an $8 billion underground stormwater network spanning more than 120 miles. Oman has agreements to build 58 new dams and is studying 14 major wadis that funnel to its al-Batinah coastline.

The Black Hat Europe hacker conference in London included a session titled "Don't Judge an Audiobook by Its Cover" about a two critical (and now fixed) flaws in Amazon's Kindle. The Times reports both flaws were discovered by engineering analyst Valentino Ricotta (from the cybersecurity research division of Thales), who was awarded a "bug bounty" of $20,000 (£15,000 ). He said: "What especially struck me with this device, that's been sitting on my bedside table for years, is that it's connected to the internet. It's constantly running because the battery lasts a long time and it has access to my Amazon account. It can even pay for books from the store with my credit card in a single click. Once an attacker gets a foothold inside a Kindle, it could access personal data, your credit card information, pivot to your local network or even to other devices that are registered with your Amazon account."

Ricotta discovered flaws in the Kindle software that scans and extracts information from audiobooks... He also identified a vulnerability in the onscreen keyboard. Through both of these, he tricked the Kindle into loading malicious code, which enabled him to take the user's Amazon session cookies — tokens that give access to the account. Ricotta said that people could be exposed to this type of hack if they "side-load" books on to the Kindle through non-Amazon stores.
Ricotta donated his bug bounties to charity...

Steven J. Vaughan-Nichols files this report from Tokyo: At the invitation-only Linux Kernel Maintainers Summit here, the top Linux maintainers decided, as Jonathan Corbet, Linux kernel developer, put it, "The consensus among the assembled developers is that Rust in the kernel is no longer experimental — it is now a core part of the kernel and is here to stay. So the 'experimental' tag will be coming off." As Linux kernel maintainer Steven Rosted told me, "There was zero pushback."

This has been a long time coming. This shift caps five years of sometimes-fierce debate over whether the memory-safe language belonged alongside C at the heart of the world's most widely deployed open source operating system... It all began when Alex Gaynor and Geoffrey Thomas at the 2019 Linux Security Summit said that about two-thirds of Linux kernel vulnerabilities come from memory safety issues. Rust, in theory, could avoid these by using Rust's inherently safer application programming interfaces (API)... In those early days, the plan was not to rewrite Linux in Rust; it still isn't, but to adopt it selectively where it can provide the most security benefit without destabilizing mature C code. In short, new drivers, subsystems, and helper libraries would be the first targets...

Despite the fuss, more and more programs were ported to Rust. By April 2025, the Linux kernel contained about 34 million lines of C code, with only 25 thousand lines written in Rust. At the same time, more and more drivers and higher-level utilities were being written in Rust. For instance, the Debian Linux distro developers announced that going forward, Rust would be a required dependency in its foundational Advanced Package Tool (APT).

This change doesn't mean everyone will need to use Rust. C is not going anywhere. Still, as several maintainers told me, they expect to see many more drivers being written in Rust. In particular, Rust looks especially attractive for "leaf" drivers (network, storage, NVMe, etc.), where the Rust-for-Linux bindings expose safe wrappers over kernel C APIs. Nevertheless, for would-be kernel and systems programmers, Rust's new status in Linux hints at a career path that blends deep understanding of C with fluency in Rust's safety guarantees. This combination may define the next generation of low-level development work.

Stanford researchers spent much of the past year building an AI bot called Artemis that scans networks for software vulnerabilities, and when they pitted it against ten professional penetration testers on the university's own engineering network, the bot outperformed nine of them. The experiment offers a window into how rapidly AI hacking tools have improved after years of underwhelming performance.

"We thought it would probably be below average," said Justin Lin, a Stanford cybersecurity researcher. Artemis found bugs at a fraction of human cost -- just under $60 per hour compared to the $2,000 to $2,500 per day that professional pen testers typically charge. But its performance wasn't flawless. About 18% of its bug reports were false positives, and it completely missed an obvious vulnerability on a webpage that most human testers caught. In one case, Artemis found a bug on an outdated page that didn't render in standard browsers; it used a command-line tool called Curl instead of Chrome or Firefox.

Dan Boneh, a Stanford computer science professor who advised the researchers, noted that vast amounts of software shipped without being vetted by LLMs could now be at risk. "We're in this moment of time where many actors can increase their productivity to find bugs at an extreme scale," said Jacob Klein, head of threat intelligence at Anthropic.

schwit1 shares a report from CBS News: perm from a donor who unknowingly carried a cancer-causing gene has been used to conceive nearly 200 babies across Europe, an investigation by 14 European public service broadcasters, including CBS News' partner network BBC News, has revealed. Some children conceived using the sperm have already died from cancer, and the vast majority of those who inherited the gene will develop cancer in their lifetimes, geneticists said. The man carrying the gene passed screening checks before he became a donor at the European Sperm Bank when he was a student in 2005. His sperm has been used by women trying to conceive for 17 years across multiple countries.

The cancer-causing mutation occurred in the donor's TP53 gene -- which prevents cells in the body from turning cancerous -- before his birth, according to the investigation. It causes Li Fraumeni syndrome, which gives affected people a 90% chance of developing cancers, particularly during childhood, as well as breast cancer in later life. Up to 20% of the donor's sperm contained the mutated TP53 gene. Any children conceived with affected sperm will have the dangerous mutation in every cell of their body. The affected donor sperm was discovered when doctors seeing children with cancers linked to sperm donation raised concerns at this year's European Society of Human Genetics.

At the time, 23 children with the genetic mutation had been discovered, out of 67 children linked to the donor. Ten of those children with the mutation had already been diagnosed with cancer. Freedom of Information requests submitted by journalists across multiple countries revealed at least 197 children were affected, though it is not known how many inherited the genetic mutation. More affected children could be discovered as more data becomes available.

NASA has lost contact with its MAVEN Mars orbiter after it passed behind Mars. When it remerged from behind the planet, the spacecraft never resumed communications. SpaceNews reports: MAVEN launched in November 2013 and entered orbit around Mars in September 2014. The spacecraft's primary science mission is to study the planet's upper atmosphere and interactions with the solar wind, including how the atmosphere escapes into space. That is intended to help scientists understand how the planet changes from early in its history, when it had a much thicker atmosphere and was warm enough to support liquid water on its surface.

MAVEN additionally serves as a communications relay, using a UHF antenna to link the Curiosity and Perseverance rovers on the Martian surface with the Deep Space Network. NASA's Mars Odyssey and Mars Reconnaissance Orbiter spacecraft also serve as communications relays for the rovers, but are both significantly older than MAVEN. The spacecraft has suffered some technical problems in the past, notably with its inertial measurement units (IMUs) used for navigation. In 2022, MAVEN switched to an "all-stellar" navigation system to minimize the use of the IMUs.

MAVEN has enough propellant to maintain its orbit through at least the end of the decade. NASA's fiscal year 2026 budget proposal, though, zeroed out funding for MAVEN, which cost $22.6 million to operate in 2024. MAVEN was one of several missions "operating well past the end of prime mission" the proposal would terminate, despite MAVEN's role as a communications relay.

A startup called Operation Bluebird is petitioning the US Patent and Trademark Office to strip X Corp of the "Twitter" and "tweet" trademarks, hoping to relaunch a new Twitter with the old brand, bird logo, and "town square" vibe. "The TWITTER and TWEET brands have been eradicated from X Corp.'s products, services, and marketing, effectively abandoning the storied brand, with no intention to resume use of the mark," the petition states. "The TWITTER bird was grounded." Ars Technica reports: If successful, two leaders of the group tell Ars, Operation Bluebird would launch a social network under the name Twitter.new, possibly as early as late next year. (Twitter.new has created a working prototype and is already inviting users to reserve handles.)

Michael Peroff, an Illinois attorney and founder of Operation Bluebird, said that in the intervening years, more Twitter-like social media networks have sprung up or gained traction -- like Threads, Mastodon, and Bluesky. But none have the scale or brand recognition that Twitter did prior to Musk's takeover. "There certainly are alternatives," Peroff said. "I don't know that any of them at this point in time are at the scale that would make a difference in the national conversation, whereas a new Twitter really could."

Similarly, Peroff's business partner, Stephen Coates, an attorney who formerly served as Twitter's general counsel, said that Operation Bluebird aims to recreate some of the magic that Twitter once had. "I remember some time ago, I've had celebrities react to my content on Twitter during the Super Bowl or events," he told Ars. "And we want that experience to come back, that whole town square, where we are all meshed in there." "Mere 'token use' won't be enough to reserve the mark," said Mark Lemley, a Stanford Law professor and expert in trademark law. "Or [X] could defend if it can show that it plans to go back to using Twitter. Consumers obviously still know the brand name. It seems weird to think someone else could grab the name when consumers still associate it with the ex-social media site of that name. But that's what the law says."