SonicSpike shares a report from Forbes: X, the social media site formerly known as Twitter, announced it would begin rolling out a peer-to-peer payment service similar to Venmo or PayPal this year -- a feature the social media site's billionaire owner Elon Musk has long pushed as part of his plan to develop an "everything app." X officially announced the new feature in a blog post, touting the new service designed to enhance "user utility and new opportunities for commerce." The company did not give a timeframe on when the new service would be available, but Musk previously told Ark Invest CEO Cathie Wood it could launch as early as "mid-2024."

According to the company, the new payment service will "showcas[e] the power of living more of your life in one place," as owner Elon Musk continues to promote X as a future "everything app" capable of handling social media, video and other original content on the same site. X Payments has registered to do business in at least 32 states, according to public records, and has acquired a money transmitter license needed to process payments in 10, TechCrunch reported in December.

Dan Goodin reports via Ars Technica: Software maker Ivanti is urging users of its end-point security product to patch a critical vulnerability that makes it possible for unauthenticated attackers to execute malicious code inside affected networks. The vulnerability, in a class known as a SQL injection, resides in all supported versions of the Ivanti Endpoint Manager. Also known as the Ivanti EPM, the software runs on a variety of platforms, including Windows, macOS, Linux, Chrome OS, and Internet of Things devices such as routers. SQL injection vulnerabilities stem from faulty code that interprets user input as database commands or, in more technical terms, from concatenating data with SQL code without quoting the data in accordance with the SQL syntax. CVE-2023-39336, as the Ivanti vulnerability is tracked, carries a severity rating of 9.6 out of a possible 10.

"If exploited, an attacker with access to the internal network can leverage an unspecified SQL injection to execute arbitrary SQL queries and retrieve output without the need for authentication," Ivanti officials wrote Friday in a post announcing the patch availability. "This can then allow the attacker control over machines running the EPM agent. When the core server is configured to use SQL express, this might lead to RCE on the core server." RCE is short for remote code execution, or the ability for off-premises attackers to run code of their choice. Currently, there's no known evidence the vulnerability is under active exploitation. Ivanti has also published a disclosure that is restricted only to registered users. A copy obtained by Ars said Ivanti learned of the vulnerability in October. [...]

Putting devices running Ivanti EDM behind a firewall is a best practice and will go a long way to mitigating the severity of CVE-2023-39336, but it would likely do nothing to prevent an attacker who has gained limited access to an employee workstation from exploiting the critical vulnerability. It's unclear if the vulnerability will come under active exploitation, but the best course of action is for all Ivanti EDM users to install the patch as soon as possible.

All new cars and vans bought in the UK must be zero emission by 2035, according to the latest legal mandate updated this week. From a report: The date for all new petrol and diesel cars to be banned was originally set for 2030. However, in September, Prime Minister Rishi Sunak pushed this date back to 2035. The government says this is giving consumers more time to make the switch and deal with the UK's charging infrastructure.

The transition will still be challenging. Eighty percent of new cars and 70 percent of new vans sold in Great Britain must be zero emission by 2030, increasing to 100 percent by 2035. While the government points to statistics indicating a 41 percent increase in zero-emission vehicles registered for the first time -- note, the vast majority of newly registered vehicles still remain conventionally powered -- charging infrastructure is an altogether different story. The government boasts of more than 50,000 public charge points, an increase of 44 percent year on year, but not all chargers are born equal. According to research from RAC, a local roadside assistance business, the government has failed to meet its target of having six or more rapid or ultra-rapid electric vehicle chargers at every motorway service area in England.

Andy Maxwell reports via TorrentFreak: As the crew of Artemis 2 prepare to become the first humans to fly to the moon since 1972, the possibilities of space travel are once again igniting imaginations globally. More than 92% of internet users who want to learn more about this historic mission and the program in general are statistically likely to use Google search. Behind the scenes, however, the ability to find relevant content is under attack. Blundering DMCA takedown notices sent by a company calling itself DMCA Piracy Prevention Inc. claim to protect the rights of an OnlyFans/Instagram model working under the name 'Artemis'. Instead, keyword-based systems that fail to discriminate between copyright-infringing content and that referencing the word Artemis in any other context, are flooding towards Google. They contain demands to completely deindex non-infringing, unrelated content, produced by innocent third parties all over the world.

A recent deindexing demand dated December 13, 2022, lists DMCA Piracy Prevention Inc. of Canada as the sender. The name of the content owner is redacted but the notice itself states that the company represents a content creator performing under the name Artemis. The notice demands the removal of 3,617 URLs from Google search. If successful, those URLs would be completely unfindable by more than 92% of the world's population who use that search engine. [...] At least 9 of the first 20 URLs in the notice demand the removal of non-infringing articles and news reports referencing the Artemis space program. None have anything to do with the content the sender claims to protect. [...]

Theories as to who might own and/or operate DMCA Piracy Prevention Inc. aren't hard to find but the company does exist and is registered as a corporate entity in Canada. Registered at the same address is a company with remarkably similar details. BranditScan is a corporate entity operating in exactly the same market offering similar if not identical services. BranditScan has sent DMCA takedown notices to Google under three different notifier accounts.

An anonymous reader quotes a report from NPR: The Biden administration released its highly anticipated proposal for doling out billions of dollars in tax credits to hydrogen producers Friday, in a massive effort to build out an industry that some hope can be a cleaner alternative to fossil fueled power. The U.S. credit is the most generous in the world for hydrogen production, Jesse Jenkins, a professor at Princeton University who has analyzed the U.S. climate law, said last week. The proposal -- which is part of Democrats' Inflation Reduction Act passed last year -- outlines a tiered system to determine which hydrogen producers get the most credits, with cleaner energy projects receiving more, and smaller, but still meaningful credits going to those that use fossil fuel to produce hydrogen.

Administration officials estimate the hydrogen production credits will deliver $140 billion in revenue and 700,000 jobs by 2030 -- and will help the U.S. produce 50 million metric tons of hydrogen by 2050. "That's equivalent to the amount of energy currently used by every bus, every plane, every train and every ship in the US combined," Energy Deputy Secretary David M. Turk said on a Thursday call with reporters to preview the proposal. [...] As part of the administration's proposal, firms that produce cleaner hydrogen and meet prevailing wage and registered apprenticeship requirements stand to qualify for a large incentive at $3 per kilogram of hydrogen. Firms that produce hydrogen using fossil fuels get less. The credit ranges from $.60 to $3 per kilo, depending on whole lifecycle emissions.

One contentious issue in the proposal was how to deal with the fact that clean, electrolyzer hydrogen draws tremendous amounts of electricity. Few want that to mean that more coal or natural gas-fired power plants run extra hours. The guidance addresses this by calling for producers to document their electricity usage through "energy attribute certificates" -- which will help determine the credits they qualify for. Rachel Fakhry, policy director for emerging technologies at the Natural Resources Defense Council called the proposal "a win for the climate, U.S. consumers, and the budding U.S. hydrogen industry." The Clean Air Task Force likewise called the proposal "an excellent step toward developing a credible clean hydrogen market in the United States."

Waymo has a new peer-reviewed study (PDF) to share that shows how safe its autonomous cars are compared to cars driven by humans. SFist reports: As the Chronicle notes, the study covers the 1.76 million driverless miles that Waymo's cars have registered in San Francisco so far, along with about 5.4 million miles registered elsewhere. It compares data about vehicle crashes of all kinds, and finds that Waymo vehicles were in involved in crashes resulting in injury or property damage far less often than human-driven cars. In fact, the "human benchmark" -- which is what Waymo is using to refer to human averages for various driving foibles -- is 5.55 crashes per 1 million miles. And the Waymo robot benchmark is just 0.6 crashes per 1 million miles. The overall figure for crash rates found Waymo's to be 6.7 times lower (0.41 incidents per 1 million miles) than the rate of humans (2.78 per million). This included data from Phoenix, San Francisco, and Los Angeles.

The report's "Conclusions" section is less than definitive in its findings, noting that the data of police-reported incidents across various jurisdictions may not be consistent or "apples-to-apples." "The benchmark rates themselves... varied considerably between locations and within the same location," the report's authors say. "This raises questions whether the benchmark data sources have comparable reporting thresholds (surveillance bias) or if other factors that were not controlled for in the benchmarks (time of day, mix of driving) is affecting the benchmark rates."

Still, the report, one of several that Alphabet-owned Waymo has commissioned in recent months, is convincingly thorough and academic in its approach, and seems to be great news for the company as it hopes to scale up -- starting with the enormous LA market. Waymo, like Cruise previously, has sought to convince a skeptical public that driverless vehicles are, in fact, safer than humans. And this is another step toward doing so -- even if people are going to be naturally wary of sharing the road with too many robots.

The U.S. Securities and Exchange Commission on Friday denied a petition by the country's largest crypto exchange, Coinbase Global, seeking new rules from the agency for the digital asset sector. From a report: The five-member body, in a 3-2 vote, said it would not propose new rules because it fundamentally disagreed that current regulations are "unworkable" for the crypto sphere, as Coinbase has argued. The letter marked the latest in a broader tug-of-war between the crypto sector and the top U.S. markets regulator, which has repeatedly said most crypto tokens are securities and subject to its jurisdiction.

The agency has sued several crypto companies, including Coinbase, for listing and trading crypto tokens which it says should be registered as securities. "Existing laws and regulations apply to the crypto securities markets," SEC Chair Gary Gensler said in a separate statement supporting the decision. In 2022, the company pressed the SEC to create a bespoke set of rules for the crypto sector, arguing that existing U.S. securities laws are inadequate. In April, Coinbase appealed to a judge to force the SEC to respond to the petition.

Human trafficking to staff cyber scam call centers, once isolated to Southeast Asia, has expanded beyond the region, according to an Interpol investigation revealing new evidence of abuse in South America and the Middle East. Previous hotspots since 2021 were Cambodia, Laos and Myanmar. From a report: The latest five-month operation discovered that victims from Malaysia were being trafficked to work in Peruvian call centers and Ugandan victims were being trafficked to Dubai for the same reason, only to be diverted to Thailand and then Myanmar. Police in Telangana, India, recently registered their first case of human trafficking for the purposes of cyber fraud. An accountant was lured to southeast Asia to work for a cyber fraud operation before eventually being returned in exchange for a ransom payment.

Interpol said that in Myanmar alone, it identified trafficking victims originating from at least 22 different countries, although most come from the country's Kayin and Shan states. Operation Storm Makers II has led to hundreds of arrests and the rescue of more than 140 individuals, although the scale of the threat is much larger; many of the 360 investigations remain open and ongoing. Fake job ads luring victims with promises of high pay for light work in IT, marketing, modeling, and other roles now utilize AI translation tools to target non-Chinese speakers, expanding the victim pool, according to the report.

The recently-departed watchdog in charge of monitoring facial recognition technology in UK has joined the private firm he controversially approved, paving the way for the mass roll-out of biometric surveillance cameras in high streets across the country. From a report: In a move critics have dubbed an "outrageous conflict of interest," Professor Fraser Sampson, former biometrics and surveillance camera commissioner, has joined Facewatch as a non-executive director. Sampson left his watchdog role on 31 October, with Companies House records showing he was registered as a company director at Facewatch the following day, 1 November.

Campaigners claim this might mean he was negotiating his Facewatch contract while in post, and have urged the advisory committee on business appointments to investigate if it may have "compromised his work in public office." It is understood that the committee is currently considering the issue. Facewatch uses biometric cameras to check faces against a watch list and, despite widespread concern over the technology, has received backing from the Home Office, and has already been introduced in hundreds of high-street shops and supermarkets.

Researchers at Tohoku University in Japan found that wasabi improves both short- and long-term memory. CBS News reports: Rui Nouchi, the study's lead researcher and an associate professor at the school's Institute of Development, Aging and Cancer, told CBS News the results, while based on a limited sample of subjects without preexisting health conditions, exceeded their expectations. "We knew from earlier animal studies that wasabi conferred health benefits," he said in an interview from his office in northeast Japan. "But what really surprised us was the dramatic change. The improvement was really substantial."

The main active component of Japanese wasabi is a biochemical called 6-MSITC, a known antioxidant and anti-inflammatory known to exist in only trace amounts elsewhere throughout the plant kingdom, Nouchi said. The double-blind, randomized study involved 72 healthy subjects, aged 60 to 80. Half of them took 100 milligrams of wasabi extract at bedtime, with the rest receiving a placebo. After three months, the treated group registered "significant" boosts in two aspects of cognition, working (short-term) memory, and the longer-lasting episodic memory, based on standardized assessments for language skills, concentration and ability to carry out simple tasks. No improvement was seen in other areas of cognition, such as inhibitory control (the ability to stay focused), executive function or processing speed.

Subjects who received the wasabi treatment saw their episodic memory scores jump an average of 18%, Nouchi said, and scored on average 14% higher than the placebo group overall. The researchers theorized that 6-MSITC reduces inflammation and oxidant levels in the hippocampus, the area of the brain responsible for memory function, and boosts neural plasticity. Compared with the control group, the study said, subjects dosed with wasabi "showed improved verbal episodic memory performance as well as better performance in associating faces and names, which is often the major memory-related problem in older adults." But here's the rub: most of the "wasabi" you order at sushi restaurants is made of ordinary white horseradish, dyed green. "Genuine wasabi must be consumed fresh, with the stubbly rhizome, or stem of the plant, grated tableside just before eating," notes the report. "On the plus side, just a small dab offers the same benefits as the capsule supplements used in the Tohoku study, or 0.8 milligrams of 6-MSITC."

The study has been published in the journal Nutrients.

"Two articles from Electrek and InsideEVs describe Hyundai and Kia's new 'Uni Wheel' drive system that could revolutionize EV design," writes longtime Slashdot reader Uncle_Meataxe. From a report: Described by its makers as a "paradigm-shifting vehicle drive system," the Uni Wheel moves the main drive system components to the vacant space within an EVs wheel hubs. The approach utilizes a planetary gear configuration consisting of a sun gear in the center, four pinion gears on each side, and a ring gear surrounding everything. Traditional ICE vehicles utilize CV joints, but by moving them closer to the wheels requires a short drive train length and as a result, a decrease in efficiency and durability -- especially over bumpy terrain. Hyundai and Kia's Uni Wheel system on the other hand, can transmit power with almost zero changes to efficiency, regardless of wheel movement. "Advantages include more platform space and more room within an EV's interior," adds Uncle_Meataxe. "When this system may be integrated into an actual EV remains unclear, but Kia and Hyundai have already registered eight patents related to the technology." You can learn more about the new drive system via an instructional video on YouTube.

The Free Sofware Foundation issued a clarifying blog post this week, saying the organization is "pleased when people use GNU licenses to distribute and license software."

But "we condemn the use of unauthorized, confusing derivatives of the licenses." Unfortunately, some authors engage in confusing practices by drafting licenses using existing terms and conditions of GNU free software licenses, without the intention of granting all four freedoms to users. For example, we have long seen attempts to add restrictions to the license text itself, placed in the LICENSE file, or included elsewhere in the program's release. An example is the so-called "Commons Clause," which, when applied to a free software license, affirms that the program is covered by the license. But, at the same time, is contradicting in its meaning by asserting that selling copies of the program or implementing a commercial service with the program is prohibited.

The immediate consequence of the practice of inserting a restriction into a GNU license in this way is the confusion it causes for the community. Users still see the name of the original license, with its preamble and terms and conditions intact, transmitting a strong message that the purpose of the license is to enable users — grant users — their essential software freedoms. This message is clear from the license's text, and is bolstered from the renown accrued by the FSF and GNU trademarks, and their decades of free software advocacy. At the same time, these same users see a contradictory statement of the "Commons Clause," which is clearly contrary to the sprit of the free software movement and the Free Software Definition...

[T]o make it even clearer that added restrictions are incompatible with our license, we gave users the right to delete such added restrictions [in 2007] and preserve the program's freedom. But we at the FSF have another legal tool against attempts to release programs under GNU General Public Licenses that have been wrongly altered to become nonfree licenses. The FSF holds copyrights and common law trademarks to the GNU family of General Public Licenses. Moreover, the FSF holds registered trademarks for "FSF," "Free Software Foundation," and "GNU." [...] We can't control the drafting by others of proprietary software licenses, but we can and do forbid doing this in a way that misleadingly associates those licenses with GNU or GNU licenses... [W]e are entitled to legally enforce our copyright and trademark for FSF licenses that have been altered by added restrictions to a verbatim GNU license...

Licenses that confuse users about the freedoms they grant are damaging to the free software movement because they threaten to dilute the value and power of these licenses. When GNU licenses are misused through such confusing practices, it harms the renown accrued by the GNU project and the FSF over decades of free software advocacy. It is our duty to all computer users to stop these practices, and, if necessary, we will use our legal rights to this end.

An anonymous reader shared this report from security research Brian Krebs: In the summer of 2022, KrebsOnSecurity documented the plight of several readers who had their accounts at big-three consumer credit reporting bureau Experian hijacked after identity thieves simply re-registered the accounts using a different email address. Sixteen months later, Experian clearly has not addressed this gaping lack of security. I know that because my account at Experian was recently hacked, and the only way I could recover access was by recreating the account...

The homepage said I needed to provide a Social Security number and mobile phone number, and that I'd soon receive a link that I should click to verify myself. The site claims that the phone number you provide will be used to help validate your identity. But it appears you could supply any phone number in the United States at this stage in the process, and Experian's website would not balk.
One user said they recreated their account this week — even though the phone number they'd input was a random number. "The only difference: it asked me FIVE questions about my personal history (last time it only asked three) before proclaiming, 'Welcome back, Pete!,' and granting full access," @PeteMayo wrote. "I feel silly saving my password for Experian; may as well just make a new account every time."

And Krebs points out that "Regardless, users can simply skip this step by selecting the option to 'Continue another way.'" Experian then asks for your full name, address, date of birth, Social Security number, email address and chosen password. After that, they require you to successfully answer between three to five multiple-choice security questions whose answers are very often based on public records. When I recreated my account this week, only two of the five questions pertained to my real information, and both of those questions concerned street addresses we've previously lived at — information that is just a Google search away...

Experian will send a message to the old email address tied to the account, saying certain aspects of the user profile have changed. But this message isn't a request seeking verification: It's just a notification from Experian that the account's user data has changed, and the original user is offered zero recourse here other than to a click a link to log in at Experian.com. And of course, a user who receives one of these notices will find that the credentials to their Experian account no longer work. Nor do their PIN or account recovery question, because those have been changed also. Your only option at this point is recreate your account at Experian and steal it back from the ID thieves!
Experian's security measures "are constantly evolving," insisted Experian spokesperson Scott Anderson — though Krebs remains unsatisfied. Anderson said all consumers have the option to activate a multi-factor authentication method that's requested each time they log in to their account. But what good is multi-factor authentication if someone can simply recreate your account with a new phone number and email address?

Despite having a population of just 1,400, until recently, Tokelau's .tk domain had more users than any other country. Here's why: Tokelau, a necklace of three isolated atolls strung out across the Pacific, is so remote that it was the last place on Earth to be connected to the telephone-- only in 1997. Just three years later, the islands received a fax with an unlikely business proposal that would change everything. It was from an early internet entrepreneur from Amsterdam, named Joost Zuurbier. He wanted to manage Tokelau's country-code top-level domain, or ccTLD -- the short string of characters that is tacked onto the end of a URL. Up until that moment, Tokelau, formally a territory of New Zealand, didn't even know it had been assigned a ccTLD. "We discovered the .tk," remembered Aukusitino Vitale, who at the time was general manager of Teletok, Tokelau's sole telecom operator.

Zuurbier said "that he would pay Tokelau a certain amount of money and that Tokelau would allow the domain for his use," remembers Vitale. It was all a bit of a surprise -- but striking a deal with Zuurbier felt like a win-win for Tokelau, which lacked the resources to run its own domain. In the model pioneered by Zuurbier and his company, now named Freenom, users could register a free domain name for a year, in exchange for having advertisements hosted on their websites. If they wanted to get rid of ads, or to keep their website active in the long term, they could pay a fee.

In the succeeding years, tiny Tokelau became an unlikely internet giant -- but not in the way it may have hoped. Until recently, its .tk domain had more users than any other country's: a staggering 25 million. But there has been and still is only one website actually from Tokelau that is registered with the domain: the page for Teletok. Nearly all the others that have used .tk have been spammers, phishers, and cybercriminals. Everyone online has come across a .tk -- even if they didn't realize it. Because .tk addresses were offered for free, unlike most others, Tokelau quickly became the unwitting host to the dark underworld by providing a never-ending supply of domain names that could be weaponized against internet users. Scammers began using .tk websites to do everything from harvesting passwords and payment information to displaying pop-up ads or delivering malware.

China's presence is growing in cybersecurity technology, with companies such as Huawei and Tencent accounting for six of the top 10 global patent holdings in the sector as of August. From a report: Chinese companies have made headway in technological fields that affect economic security, according to industry insiders, as they focus on fostering their own tech amid the growing standoff between the U.S. and China. The rankings, compiled by Nikkei in cooperation with U.S. information services provider LexisNexis, are based on patents registered in 95 countries and regions, including Japan, the U.S., China and the European Union. Patent registrations were screened for the cybersecurity field using such factors as the international patent classification, with filings of the same patent in multiple countries counted as a single patent.

As of August, IBM led the rankings with 6,363 patents. Huawei Technologies came in second with 5,735 patents and Tencent Holdings placed third with 4,803. Other Chinese companies in the top 10 included financial services provider Ant Group in sixth with 3,922 patents, followed by power transmission company State Grid Corp. of China with 3,696, Alibaba Group Holding with 3,122 and sovereign wealth fund China Investment with 3,042. Patent applications filed by Chinese companies have increased since around 2018, when the U.S. began to impose full-scale export controls on Chinese high-tech companies. Compared with 10 years ago, IBM's patent holdings increased by a factor of 1.5. In contrast, holdings for Huawei and Tencent were 2.3 times and 13 times higher, respectively.

Security reporter Brian Krebs: The top-level domain for the United States -- .US -- is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. The findings come close on the heels of a report that identified .US domains as among the most prevalent in phishing attacks over the past year. Researchers at Infoblox say they've been tracking what appears to be a three-year-old link shortening service that is catering to phishers and malware purveyors. Infoblox found the domains involved are typically three to seven characters long, and hosted on bulletproof hosting providers that charge a premium to ignore any abuse or legal complaints. The short domains don't host any content themselves, but are used to obfuscate the real address of landing pages that try to phish users or install malware.

Infoblox says it's unclear how the phishing and malware landing pages tied to this service are being initially promoted, although they suspect it is mainly through scams targeting people on their phones via SMS. A new report says the company mapped the contours of this link shortening service thanks in part to pseudo-random patterns in the short domains, which all appear on the surface to be a meaningless jumble of letters and numbers. "This came to our attention because we have systems that detect registrations that use domain name generation algorithms," said Renee Burton, head of threat intelligence at Infoblox. "We have not found any legitimate content served through their shorteners."

Blake Brittain reports via Reuters: A judge in California federal court on Monday trimmed a lawsuit by visual artists who accuse Stability AI, Midjourney and DeviantArt of misusing their copyrighted work in connection with the companies' generative artificial intelligence systems. U.S. District Judge William Orrick dismissed some claims from the proposed class action brought by Sarah Andersen, Kelly McKernan and Karla Ortiz, including all of the allegations against Midjourney and DeviantArt. The judge said (PDF) the artists could file an amended complaint against the two companies, whose systems utilize Stability's Stable Diffusion text-to-image technology.

Orrick also dismissed McKernan and Ortiz's copyright infringement claims entirely. The judge allowed Andersen to continue pursuing her key claim that Stability's alleged use of her work to train Stable Diffusion infringed her copyrights. "Even Stability recognizes that determination of the truth of these allegations -- whether copying in violation of the Copyright Act occurred in the context of training Stable Diffusion or occurs when Stable Diffusion is run -- cannot be resolved at this juncture," Orrick said.

Orrick agreed with all three companies that the images the systems actually created likely did not infringe the artists' copyrights. He allowed the claims to be amended but said he was "not convinced" that allegations based on the systems' output could survive without showing that the images were substantially similar to the artists' work. The judge also dismissed other claims from the artists, including that the companies violated their publicity rights and competed with them unfairly, with permission to refile. Orrick dismissed McKernan and Ortiz's copyright claims because they had not registered their images with the U.S. Copyright Office, a requirement for bringing a copyright lawsuit.

An anonymous reader quotes a report from TorrentFreak: As far as we know, Brazil-based file-sharing forum FileWarez.com first appeared in August 2004, its domain name having been registered the previous month. The default language was naturally Portuguese and according to this image from the Wayback Machine, potential members needed a basic grip of the language to sign up. After all, Google Translate wouldn't exist for another two years. At some point in the years that followed, FileWarez shifted to a Netherlands .NL domain supported by filewarez.no-ip.biz, which may suggest a site regularly on the move. In 2008, unspecified problems saw the .NL domain dumped in favor of a new one. Riding out problems, various issues, and bouts of downtime, FileWarez.tv stayed in place for the next 15.5 years. Then two weeks ago, after establishing itself as Brazil's oldest file-sharing forum, FileWarez suddenly vanished.

In a press release Wednesday, global music industry group IFPI announced that "prominent illegal file-sharing forum, FileWarez," was shut down following co-ordinated action by record companies, anti-piracy body APDIF, and local cybercrime unit, Cyber Gaeco. "IFPI, the organization that represents the recorded music industry worldwide, alongside its Brazilian national group Pro-Musica, have welcomed the successful action against FileWarez.tv -- one of the most prominent illegal file sharing sites in Brazil -- by the Brazilian special cybercrime unit of prosecutor's office of Sao Paulo, Cyber Gaeco," the announcement reads. "FileWarez was the most established illegal filesharing forum in Brazil, dedicated to sharing illegal music content. While active, the site had more than 118,000 registered users with at least 24,000 monthly active users."

Amanda Hoover reports via Wired: As few as 2 percent of New York City's previous 22,000 short-term rentals on Airbnb have been registered with the city since a new law banning most listings came into effect in early September. But many illegal short-term rental listings are now being advertised on social media and lesser known platforms, with some still seemingly being listed on Airbnb itself. The number of short-term listings on Airbnb has fallen by more than 80 percent, from 22,434 in August to just 3,227 by October 1, according to Inside Airbnb, a watchdog group that tracks the booking platform. But just 417 properties have been registered with the city, suggesting that very few of the city's short-term rentals have been able to get permission to continue operating.

The crackdown in New York has created a "black market" for short-term rentals in the city, claims Lisa Grossman, a spokesperson for Restore Homeowner Autonomy and Rights (RHOAR), a local group that opposed the law. Grossman says she's seen the short-term rental market pick up steam on places like Facebook since the ban. "People are going underground," she says. New York's crackdown on short-term rentals has dramatically reshaped the vacation rental market in the city. People are using sites like Craigslist, Facebook, Houfy, and others, where they can search for guests or places to book without the checks and balances of booking platforms like Airbnb. Hotel prices are expected to rise with more demand. After the rule change, Airbnb CEO Brian Chesky said the company would be shifting attention away from New York, which was once its biggest market.

"I was always hopeful that New York City would lead the way -- that we would find a solution in New York, and people would say, 'If they can make it in New York, they can make it anywhere,'" Chesky said during an event in September. "I think, unfortunately, New York is no longer leading the way -- it's probably a cautionary tale."

A network connectivity error caused Mastodon to severely undercount its users. According to founder and CEO Eugen Rochko, the decentralized social network actually has 407,814 more monthly active users than it had been reporting previously. "The adjustment also included a gain of 2.34 million registered users across an additional 727 servers that had not been counted due to the error," reports TechCrunch. From the report: The issue was impacting the metrics reported on Mastodon's statistics aggregator on its joinmastodon.org/servers page, which had been undercounting users between October 2 and October 8. This issue has now been resolved, Rochko said. That leaves Mastodon with a total of 1.8 million monthly active users at present, an increase of 5% month-over-month and 10,000 servers, up 12% -- a testament to Mastodon's current upward swing at a time when the nature of X continues to remain in flux.