schwit1 quotes Input: A hacking group that has yet to identify itself found and stole more than 3 TB of private video from around the world — mainly collected from Singapore — and shared it on porn sites, according to reports from local media like The New Paper. While some of the footage was indeed pornographic in nature, other videos are more mundane.

More than 50,000 private IP-based cameras were accessed by hackers to amass the collection. Some were explicitly tagged with locations in Singapore, The New Paper reports, while others revealed their location as Singapore based on context clues such as book titles and home layout. Many show people (sometimes with their faces censored) in "various stages of undress or compromising positions...."

It's looking like poor security is the culprit. Clement Lee, a solutions architect for multinational software company Check Point Software Technologies, told The New Paper that the hacking of IP cameras is often due to "poor password management." IP cameras make it easy to access your video feeds from anywhere — which means it's also easy for hackers to access them from anywhere, once they've figured out your password...

The unfortunate fact of the matter is that internet-connected devices are inherently susceptible to hacking. Add lax encryption and lazy users to the mix and you have a recipe for disaster.

AmiMoJo shares a report from The Guardian: Weta Digital, the special effects company behind the orcs, dragons and battle scenes of the Oscar-winning Lord of the Rings trilogy, has launched an independent investigation into allegations of a toxic work culture including sexism, bullying and pornography being shared on its intranet. The investigation was ordered by the company's majority owners, who include the director Peter Jackson, his wife, Fran Welsh, and screenwriter Phillipa Boyens. It followed a months-long investigation by local television station TVNZ that found complaints had been ignored by senior management at Weta Digital, and long-standing issues raised by staff had been covered up. "The world's most beautiful toxic waste dump," is how one former employee described the award-winning company. Allegations from former staffers include sexism, bullying, and harassment, as well as "pornographic mailing lists,'" hosted on Weta Digital's intranet, in addition to staff openly viewing pornography in the studio.

The pornography mailing lists are alleged to have existed from at least 2002 to 2015, when they were shut down. "There was a tradition at the time called Porn Friday. Every Friday staff members would email round porn images to the whole team," a female former Weta employee told TVNZ. "The first Friday I worked there I was so surprised, intimidated and uncomfortable. You could opt out of receiving them, which I did. "But there were still conversations amongst the team in my office every Friday about what images were sent round." Another alleged that pornography was openly shared and watched in Weta offices. There were also allegations of sexual overtures and in some cases harassment. It was also alleged that some chose not to complain because the company is a world leader in the special effects industry, and those who experienced issues feared being blacklisted.

Esther Schindler writes: A 55-page proposal to make the FCC rewrite a law through administrative rulemaking would threaten small social sites and generate vast amounts of new business for trial lawyers. Expect some of the people who denounced net-neutrality regulations to cheer it on. The National Telecommunications and Information Administration (NTIA) would have the FCC rewrite Section 230 of the Communications Decency Act. "Instead of protecting social platforms when they moderate users' posts -- what the law actually says -- here the FCC would transmogrify that 1996 statute to hold them liable for such offenses as the Twitter trending-topics lists that Trump called Monday 'Really ridiculous, illegal, and, of course, very unfair!,' reports Forbes.

After Twitter began fact-checking Trump's tweets in late May, Trump responded with an executive order calling for a rewrite of CDA 230's core provisions. They offer immunity from civil (not criminal) liability to providers and users of an "interactive computer service" -- as in, any that hosts your posts -- for "any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected." Translation: an online service can decide posts supporting Trump are against its rules, and you won't be able to sue over that.

"Instead of forcing online services to take a hands-off attitude, CDA 230 encourages them to moderate content," reports Forbes. "The NTIA proposes to limit their immunity to moderating pornographic, violent or harassing content. All other curation would be subject to a checklist of such measures as documentation of moderation rules and 'timely notice' to users found violating them. A site that 'vouches for, editorializes, recommends, or promotes' user posts -- see, for instance, Twitter trending topics -- would also become liability for them."

The French Parliament unanimously agreed this week to introduce a nationwide age verification system for pornography websites, months after President Emmanuel Macron pledged to protect children against such content. From a report: Macron made the protection of children against adult content online a high-profile issue well before the coronavirus crisis hit. In January, tech companies, internet services providers and the adult movies industry signed a voluntary charter, pledging to roll out tools to help ensure minors don't have access to pornographic content. Within a broader law on domestic violence, the Senate decided in June to introduce an amendment requiring pornography websites to implement an age verification mechanism.

In order to enforce the law, the French audiovisual regulator CSA will be granted new powers to audit and sanction companies that do not comply -- sanctions could go as far as blocking access to the websites in France with a court order. The choice of verification mechanisms will be left up to the platforms. But lawmakers have suggested using credit card verification -- a system first adopted by the U.K., which mulled similar plans to control access to pornography but had to drop them in late 2019 because of technical difficulties and privacy concerns. Italy also approved a similar bill in late June, which raised the same concerns over its feasibility and compliance with the EU laws.

This week finally saw the federal sentencing of a former Yahoo software engineer who "admitted to using his access through his work at the company to hack into about 6,000 Yahoo accounts" back in 2018, according to America's Department of Justice: Ruiz admitted to targeting accounts belonging to younger women, including his personal friends and work colleagues. He made copies of images and videos that he found in the personal accounts without permission, and stored the data at his home. Once he had access to the Yahoo accounts, Ruiz admitted to compromising the iCloud, Facebook, Gmail, DropBox, and other online accounts of the Yahoo users in search of more private images and videos. After his employer observed the suspicious account activity, Ruiz admitted to destroying the computer and hard drive on which he stored the images.
He stopped working at Yahoo in July of 2018. The next month the FBI visited his home. He was indicted in April of 2019 and pleaded guilty in September — facing up to five years in prison and a $250,000 fine.

But it was not until this week that a federal court finally handed down its sentence for the "former Yahoo! engineer who hacked 6,000 accounts on a hunt for private sexual videos and pictures," according to one Bay Area newspaper.

The sentence? Five years of probation, with a home confinement condition: Reyes Daniel Ruiz, 35, of Tracy, is allowed to leave his home for "verified employment, medical needs and religious services," according to the sentencing terms. He has also been ordered to pay nearly $125,000 in fines and restitution, court records show...

He also accessed financial information, but his main goal was to steal pornographic files, prosecutors said. Assistant U.S. Attorney Daniel Kaleba asked for Ruiz to be sentenced to "a period of incarceration," arguing he'd violated not only the trust of his employee but the privacy of thousands of people. "By his estimation, he downloaded approximately two terabytes of data, and possessed between 1,000 and 4,000 private images and videos," Kaleba wrote in a sentencing memo.

The defense argued that Ruiz, who has no criminal history, deserved leniency because he accepted responsibility quickly. He admitted to destroying the hard drive where he stored the ill-gotten files when the FBI visited his home in August 2018. Ruiz told federal investigators that he acquired the pictures and videos for his own personal "self-gratification" and that he didn't share them online, a pre-sentence report says.
In October Gizmodo reported that Ruiz was now working for a Silicon Valley company specializing in SSO (single sign-on) solutions.

An anonymous reader quotes a report from Ars Technica: Microsoft has shut down a feature in its Bing search engine that shows popular articles from major websites after Ars Technica reported that the feature was showing wildly inappropriate results from the stock photo site Shutterstock. How inappropriate? Well, here are a couple of screenshots I took on Wednesday morning after a reader tipped me off to the problem.

"These search results were unacceptable, and we appreciate Ars Technica making us aware of them," Microsoft said in an emailed statement on Wednesday evening. "We've disabled the preview feature responsible for these results while we examine how they occurred and how we can prevent them in the future." As the name suggests, this "trending articles" carousel is supposed to highlight articles on a website (Shutterstock in this case) that are most popular at the moment. Microsoft didn't just shut it down for Shutterstock. It has disabled the feature for all websites. Microsoft says that its software attempts to filter out pornographic and racy content from results like this. But the company admitted that its filters failed in this case, and it vowed to improve them before re-enabling the feature.

The internet is rife with online communities where users can go and share Zoom conference codes and request that pranksters connect and hurl insults, play pornographic material, or make death threats against other participants -- in a practice called Zoom-bombing or a Zoom raid. From a report: ZDNet began tracking the tactic since mid-March when the term was first coined following a TechCrunch article. Ever since then, Zoom-bombing incidents have increased, as articles in major news outlets like the New York Times and the BBC have made the practice a favorite pastime for all the teenagers stuck in their homes during the current coronavirus (COVID-19) quarantines. From a niche prank that started on a derelict Discord channel, Zoom-bombing has now spread to enormous proportions -- being so rampant these days that the FBI sent a nationwide alert last week, urging companies, schools, and universities to take steps to secure their Zoom channels. But as Zoom-bombing became more popular, more pranksters wanted to join on the fun, and more users wanted their friends' Zoom meetings disrupted. And as the old saying goes; where there's a demand, there's always a supply. Over the course of the past week, the number of places on the public internet where you can request a zoom raid from a gang of bored teenagers has exploded.

Friday's first-ever remote meeting for the Los Angeles City Council had to shut down for 20 minutes because of pranksters posting "pornographic videos".

The Los Angeles Daily News has the story: Council President Nury Martinez called a recess about an hour into the meeting, which is centered around a Los Angeles-centric relief package for workers, renters and homeless people during the public health crisis. She said there were "inappropriate videos" being posted. Soon afterward, city officials' voices could be heard discussing turning peoples' video capabilities off on the channel.
The reporter posted on Twitter that the meeting faced other challenges. "Councilman Joe Buscaino just yelled at his kids to be quiet." ("Maybe it's past Joe's bedtime," joked an assistant news editor.) The meeting ran on for nearly 11 hours, and by the end just six people remained in Zoom's meeting room.

"Seven people on the 15-member City Council voted to ban all evictions in Los Angeles, with 6 against. But that was not enough to pass the ban. They needed 8 votes."

samleecole shares a report: On May 1, 2016, in the middle of final exams, a young woman got a text message that would change her life forever. It included a screenshot of a pornographic video posted online, featuring her. Panicking, she quickly tried to justify what she had done. "They said it would only be in Australia," she told her friend, according to court documents. "I only did it for money." The video spread like wildfire. Jane Doe 11 -- one of 22 women who sued porn production company Girls Do Porn in 2016 for coercing them to have sex on video and lying to them about how the videos would be distributed -- learned from the student council president that "everyone was watching it in the library, so much so that the internet essentially crashed."

In October 2019, after Michael Pratt was charged with federal sex trafficking crimes, Pornhub removed Girls Do Porn's official Pornhub channel, as well as pages promoting Girls Do Porn as "top shelf" content and a reason to pay Pornhub a subscription fee. In January, after the ruling in the civil case found Girls Do Porn owed 22 women a total of $13 million, the official GirlsDoPorn.com site was taken offline. But even with the official site shut down and its owners in jail or on the run, the ruling has done little to stop the spread of the videos online. Pornhub claims that victims of nonconsensual porn -- as many of the Girls Do Porn videos are -- can easily request to remove videos from the site, and that those videos can be "fingerprinted." Broadly speaking, video fingerprinting is a method for software to identify, extract, and then summarize characteristic components or metadata of a video, allowing that video to be uniquely identified by its "fingerprint." According to Pornhub, this would automatically prevent future attempts to upload a video that was flagged.

But a Motherboard investigation found that this system can be easily and quickly circumvented with minor editing. Pornhub's current method for removing Girls Do Porn videos and other forms of non-consensual porn not only puts the onus of finding and flagging videos almost entirely on potentially-traumatized victims -- those victims can't even rely on the system to work.

An anonymous reader quotes a report from ZDNet: While the 2020 U.S. presidential elections have lawmakers on edge over AI-generated fake videos, a new study by Netherlands-based deepfake-detection outfit Deeptrace shows that the main victims today are women. According to Deeptrace, deepfake videos have exploded in the past year, rising from 8,000 in December 2018 to 14,678 today. And not surprisingly for the internet, nearly all of the material is pornography, which accounts for 96% of the deepfake videos it's found online. The fake videos have been viewed 134 million times.

The numbers suggest deepfake porn is still niche but also growing quickly. Additionally, 90% of the fake content depicted women from the U.S., UK, and Canada, while 2% represented women from South Korea and 2% depicted women from Taiwan. "Deepfake pornography is a phenomenon that exclusively targets and harms women," the company notes. That small number of non-pornographic deepfake videos it analyzed on YouTube mostly contained (61%) synthesized male subjects. According to Henry Ajder, a researcher at Deeptrace, currently most of the deepfake porn involves famous women. But he reckons the threat to all women is likely to increase as it becomes less computationally expensive to create deepfakes. As for the political threat, there actually aren't that many cases where deepfakes have changed a political outcome.

An anonymous reader quotes a report from The Verge: California has passed a law meant to prevent altered "deepfake" videos from influencing elections, in a plan that has raised free speech concerns. Last week, Gov. Gavin Newsom signed into law AB 730, which makes it a crime to distribute audio or video that gives a false, damaging impression of a politician's words or actions. The law applies to any candidate within 60 days of an election, but includes some exceptions. News media will be exempt from the requirement, as will videos made for satire or parody. Potentially deceptive video or audio will also be allowed if it includes a disclaimer noting that it's fake. The law will sunset in 2023. The report notes that Newsom also signed a law that would ban pornographic deepfakes made without consent.

dryriver shares a report from CNN: Sports brand Asics has issued an apology after "objectionable content" played on the screens above its store in Auckland, New Zealand. Pornographic videos were shown on promotional screens for hours outside an Asics store in Auckland, New Zealand on Sunday morning, the New Zealand Herald reported. The Japanese sportswear brand apologized Sunday, saying the material had been played above its central Auckland store due to a hack. "This morning an unknown person gained access to the screens above our Central Auckland store and some objectionable content was displayed on the screens," said the statement published on Asics New Zealand's Facebook page. Security officer Dwayne Hinagano told the New Zealand Herald that an explicit sex video played for hours and was seen by startled passers-by. "The video ran for a long time, maybe two hours from 8am until the shop staff arrived at about 10am. Some people were shocked, but others just stopped and watched," Hinagano told the news outlet, which also cited witnesses who said the video had been running since 1 a.m. Over the weekend, two hackers managed to upload a porn video to an interstate billboard outside Detroit. According to news reports, the pornography played for about 20 minutes before it was removed.

"Police in the suburb of Auburn Hills said in a statement that the unidentified pair, who appear to be young white men, were captured by video shortly before 11 p.m. Saturday breaking into a building at the base of the electronic billboard on Interstate 75," reports NBC News. "The building, which is surrounded by a six-foot fence and is unstaffed, houses the computer that controls the sign, a police official told NBC affiliate WDIV."

The transmission and viewing of online videos generates 300 million tonnes of carbon dioxide a year, or nearly 1 per cent of global emissions. On-demand video services such as Netflix account for a third of this, with online pornographic videos generating another third. From a report: This means the watching of pornographic videos generates as much CO2 per year as is emitted by countries such as Belgium, Bangladesh and Nigeria. That's the conclusion of a French think tank called The Shift Project. Earlier this year, it estimated that digital technologies produce 4 per cent of greenhouse gas emissions and that this figure could soar to 8 per cent by 2025. Now it has estimated the CO2 emissions due to online videos alone. The report's authors used 2018 reports by companies Cisco and Sandvine to work out global video internet traffic. They then estimated how much electricity was used to carry this video data and view it on different devices, from phones to TVs. Finally, they estimated the overall emissions using global average figures for carbon emissions from electricity generation. Online video accounted for 60 per cent of global data flows in 2018, the report states, or 1 zettabyte of data (one thousand billion billion bytes).

An anonymous reader quotes a report from Motherboard: GitHub recently removed code from its website that used neural networks to algorithmically strip clothing from images of women. The multiple code repositories were spun off from an app called DeepNude, a highly invasive piece of software that was specifically designed to create realistic nude images of women without their consent. The news shows how after DeepNude's creator pulled the plug on his own invention late last month following a media and public backlash, some platforms are now stopping the spread of similar tools. "We do not proactively monitor user-generated content, but we do actively investigate abuse reports. In this case, we disabled the project because we found it to be in violation of our acceptable use policy," a GitHub spokesperson told Motherboard in a statement. "We do not condone using GitHub for posting sexually obscene content and prohibit such conduct in our Terms of Service and Community Guidelines."

The "Sexually Obscene" section of GitHub's Community Guidelines states: "Don't post content that is pornographic. This does not mean that all nudity, or all code and content related to sexuality, is prohibited. We recognize that sexuality is a part of life and non-pornographic sexual content may be a part of your project, or may be presented for educational or artistic purposes. We do not allow obscene sexual content or content that may involve the exploitation or sexualization of minors."

New age restrictions on pornography that are set to come into effect in the UK next month are a "privacy timebomb," a new report by privacy watchdog Open Rights Group has warned. They say that the data protection in place to protect consumers is "vague, imprecise and largely a 'tick box' exercise." The Independent reports: The identity checks needed to stop under-18s from visiting pornographic websites will force any commercial provider of online pornography to carry out "robust" checks on their users to ensure they are adults. The age verification measures will be introduced on 15 July but a recent YouGov poll showed that 76 per cent of the British public is unaware of the ID checks being introduced. "With one month until rollout, the UK porn block is a privacy timebomb," the report stated.

Estimates suggest around 20 million adults in the UK watch porn, meaning the scale of any privacy breaches could be vast. "Due to the sensitive nature of age verification data, there needs to be a higher standard of protection than the baseline which is offered by data protection legislation," said Open Rights Group executive director Jim Killock. "The BBFC's standard is supposed to deliver this. However, it is a voluntary standard, which offers little information about the level of data protection being offered and provides no means of redress if companies fail to live up to it." Mr Killock said the standard was therefore "pointless and misleading."

"The U.S. is recommending a 12.5 year prison sentence for Paul Hansmeier, one of the lead attorneys of the controversial law firm Prenda," reports TorrentFreak: Last summer, Hansmeier admitted that he is guilty of conspiracy to commit mail fraud and wire fraud, as well as conspiracy to commit money laundering. With the final decision coming up, the Government and the defendant have now issued their sentencing recommendations. According to the Government, it is clear that Hansmeier was the driving force behind the entire scheme.... "Paul Hansmeier selected the pornographic movies for his brother to upload based upon how attractive they would be to BitTorrent users, thus deliberately encouraging the piracy Hansmeier pretended to hate," the Government writes...

With the IP-addresses that were obtained through this honeypot scheme, Prenda requested subpoenas to obtain the names and addresses of Internet subscribers. These people were then threatened into settling for figures up to $3,000. Whether they were guilty or not appeared to be irrelevant. "Hansmeier was generally content to take this step without investigating whether the subscriber was, in fact, the infringer. Hansmeier thus inflicted plenty of pain on persons who did not, in fact, download his pornographic bait," the Government writes.

In total, Prenda Law generated roughly $3,000,000 from the fraudulent copyright lawsuits they filed at courts throughout the United States. While it is by no means illegal to go after file-sharers, the Prenda attorneys crossed a line by repeatedly lying to or misleading the courts. Hansmeier also filmed and produced many videos himself, leading the court to believe that these were from a third-party company... Also, the court was led to believe that pirates caused financial damage, even though the videos were never commercially distributed.
Arguing for a sentence of 150 months, the government writes that Hansmeier "was greedy, arrogant, devious, mendacious, and consistently positioned other people to be damaged by his conduct, even as he enjoyed the proceeds of the scheme he orchestrated." Hansmeier's attorney counters that his client should spend no more than 87 months in prison, with an additional three years of supervision -- and that there should be no fine, since restitution will be paid to those damaged by his scheme.

"Either way," writes TorrentFreak, "it is clear that the Prenda attorney will likely spend several years in prison."

Google has banned dozens of Android apps downloaded millions of times from the official Play Store after researchers discovered they were being used to display phishing and scam ads or perform other malicious acts. Ars Technica reports: A blog post published by security firm Trend Micro listed 29 camera- or photo-related apps, with the top 11 of them fetching 100,000 to 1 million downloads each. One crop of apps caused browsers to display full-screen ads when users unlocked their devices. Clicking the pop-up ads in some cases caused a paid online pornography player to be downloaded, although it was incapable of playing content. The apps were carefully designed to conceal their malicious capabilities. The apps also hid their icons from the Android app list. That made it hard for users to uninstall the apps, since there was no icon to drag and delete. The apps also used compression archives known as packers to make it harder for researchers -- or presumably, tools Google might use to weed out malicious apps -- from analyzing the wares.

Trend Micro researchers discovered another batch of apps that falsely promised to allow users to "beautify" their pictures by uploading them to a designated server. Instead of delivering an edited photo, however, the server provided a picture with a fake update prompt in nine different languages. The apps made it possible for the developers to collect the uploaded photos, possibly for use in fake profile pics or for other malicious purposes. The developers took pains to prevent users from detecting what was happening. "The remote server used by these apps is encoded with BASE64 twice in the code," Wu wrote. "In addition, several of these apps can also hide themselves via the same hidden technique mentioned above."

Tumblr, the underground social media site known for its pornographic content and tight-knit community, will be instituting a major change to its guidelines in a couple of weeks. The company said in a blog post today that it will permanently ban adult content from its platform on December 17th. The company flatly stated that "adult content will no longer be allowed here." The Verge reports: Banned content includes photos, videos, and GIFs of human genitalia, female-presenting nipples, and any media involving sex acts, including illustrations. The exceptions include nude classical statues and political protests that feature nudity. The new guidelines exclude text, so erotica remains permitted. Illustrations and art that feature nudity are still okay -- so long as sex acts aren't depicted -- and so are breastfeeding and after-birth photos.

After December 17th, any explicit posts will be flagged and deleted by algorithms. For now, Tumblr is emailing users who have posted adult content flagged by algorithms and notifying them that their content will soon be hidden from view. Posts with porn content will be set to private, which will prevent them from being reblogged or shared elsewhere in the Tumblr community. "Blogs that have been either self-flagged or flagged by us as 'explicit' per our old policy and before December 17, 2018 will still be overlaid with a content filter when viewing these blogs directly," the blog post reads. "While some of the content on these blogs may now be in violation of our policies and will be actioned accordingly, the blog owners may choose to post content that is within our policies in the future, so we'd like to provide that option..."

Starbucks announced that it will start blocking pornography viewing on its stores' Wi-Fi starting in 2019. "A Starbucks representative told NBC News that the viewing of 'egregious content' over its stores' Wi-Fi has always violated its policy, but the company now has a way to stop it," reports NBC News. From the report: "We have identified a solution to prevent this content from being viewed within our stores and we will begin introducing it to our U.S. locations in 2019," the company representative said. The announcement was first reported by Business Insider and comes after a petition from internet-safety advocacy group Enough is Enough garnered more than 26,000 signatures. The nonprofit launched a porn-free campaign aimed at McDonald's and Starbucks in 2014, and it says that while McDonald's "responded rapidly and positively," Starbucks did not.

In a letter that [Enough is Enough CEO Donna Rice Hughes] said she received from Starbucks over the summer, the company vowed to address the issue "once we determine that our customers can access our free Wi-Fi in a way that also doesn't involuntarily block unintended content." Starbucks has not released details about how it plans to restrict the viewing of pornographic sites or illegal content over its Wi-Fi. In response, the vice president of YouPorn responded by sending a memo to staff banning Starbucks products from company offices starting Jan. 1, 2019.

samleecole shares a report from Motherboard: The parental controls in the iPhone's new iOS 12 are blocking innocuous sexual education content on Safari, while allowing websites like the white supremacist Daily Stormer and searches for bomb-making instructions through its filter. The settings, found under Screen Time in the new iOS 12, are meant to give parents greater control over how their kids use their phones unsupervised, including filters for "explicit" content and content ratings and restrictions, with the option to "limit adult websites." As tested by Motherboard, the filter blocks longstanding educational sites like Scarleteen and O.school, but allows sites like The Daily Stormer, an extremist neo-Nazi white supremacist platform.

The filter in question "limits adult websites" on Safari. When Motherboard tested this filter, we found several similarly blocked searches and websites: The searches "how to say no to sex," "sex assault hotline," and "sex education" were all restricted, but the results for the searches "how to poison my mom," "how to join isis," and "how to make a bomb" were allowed. 4chan and 8chan are blocked, but Reddit -- including many NSFW and porn-focused subreddits, are not. The subreddit r/gonewild, which is pornographic, is not caught by the filter, which even allows users to click through Reddit's own age-gating.