Today, member companies of the Association of American Publishers (AAP) filed a copyright infringement lawsuit against Internet Archive (IA) in the United States District Court for the Southern District of New York. The suit asks the Court to enjoin IA's mass scanning, public display, and distribution of entire literary works, which it offers to the public at large through global-facing businesses coined "Open Library" and "National Emergency Library," accessible at both openlibrary.org and archive.org. In a statement, the Association of American Publishers (AAP) wrote: IA has brazenly reproduced some 1.3 million bootleg scans of print books, including recent works, commercial fiction and non-fiction, thrillers, and children's books. The plaintiffs --Hachette Book Group, HarperCollins Publishers, John Wiley & Sons and Penguin Random House -- publish many of the world's preeminent authors, including winners of the Pulitzer Prize, National Book Award, Newbery Medal, Man Booker Prize, Caldecott Medal and Nobel Prize. Despite the self-serving library branding of its operations, IA's conduct bears little resemblance to the trusted role that thousands of American libraries play within their communities and as participants in the lawful copyright marketplace. IA scans books from cover to cover, posts complete digital files to its website, and solicits users to access them for free by signing up for Internet Archive Accounts.

The sheer scale of IA's infringement described in the complaint -- and its stated objective to enlarge its illegal trove with abandon -- appear to make it one of the largest known book pirate sites in the world. IA publicly reports millions of dollars in revenue each year, including financial schemes that support its infringement design. In willfully ignoring the Copyright Act, IA conflates the separate markets and business models made possible by the statute's incentives and protections, robbing authors and publishers of their ability to control the manner and timing of communicating their works to the public. IA not only conflates print books and eBooks, it ignores the well-established channels in which publishers do business with bookstores, e-commerce platforms, and libraries, including for print and eBook lending. As detailed in the complaint, IA makes no investment in creating the literary works it distributes and appears to give no thought to the impact of its efforts on the quality and vitality of the authorship that fuels the marketplace of ideas.

Walmart uses "Everseen" AI technology in thousands of its stores "to prevent shoplifting at registers and self-checkout kiosks," reports Wired.

But some Walmart workers claim that instead it's often failed to stop actual instances of stealing, misidentified innocuous behavior as theft -- and made it harder for them to social distance: The workers said they had been upset about Walmart's use of Everseen for years and claimed colleagues had raised concerns about the technology to managers but were rebuked. They decided to speak to the press, they said, after a June 2019 Business Insider article reported Walmart's partnership with Everseen publicly for the first time. The story described how Everseen uses AI to analyze footage from surveillance cameras installed in the ceiling and can detect issues in real time, such as when a customer places an item in their bag without scanning it. When the system spots something, it automatically alerts store associates...

In interviews, the workers, whose jobs include knowledge of Walmart's loss-prevention programs, said their top concern with Everseen was false positives at self-checkout. The employees believe that the tech frequently misinterprets innocent behavior as potential shoplifting, which frustrates customers and store associates, and leads to longer lines. "It's like a noisy tech, a fake AI that just pretends to safeguard," said one worker.

The coronavirus pandemic has given their concerns more urgency. One Concerned Home Office Associate said they worry false positives could be causing Walmart workers to break social-distancing guidelines unnecessarily. When Everseen flags an issue, a store associate needs to intervene and determine whether shoplifting or another problem is taking place. In an internal communication from April obtained by WIRED, a corporate Walmart manager expressed strong concern that workers were being put at risk by the additional contact necessitated by false positives and asked whether the Everseen system should be turned off to protect customers and workers.

Before COVID-19, "it wasn't ideal, it was a poor customer experience," the worker said. "AI is now creating a public health risk."

Apple is working on a new way to offer specific parts of third-party apps across the system without needing to have them installed, 9to5Mac has learned based on an early build of iOS 14. From a report: The feature would allow users to experience parts of an app's functionality by scanning a QR Code. If you open a link or scan a QR code today from an app that you haven't installed on your iPhone or iPad, it will open that link in Safari. Apps can provide universal links, which open the app instead of Safari when the app is installed. But that could change in the near future with a new API internally referred to as "Clips" found on iOS 14 code. As 9to5Mac has analyzed this new API, we can say that it allows developers to offer interactive and dynamic content from their apps even if you haven't installed them. The Clips API is directly related to the QR Code reader in the build we have access to, so the user can scan a code linked to an app and then interact with it directly from a card that will appear on the screen.

An anonymous reader quotes a report from Ars Technica: The coronavirus crisis has forced the closure of libraries around the world, depriving the public of access to millions of printed books. Books old enough to be in the public domain may be available for free download online. Many recent books are available to borrow in e-book form. But there are many other books -- especially those published in the mid-to-late 20th century -- that are hard to access without going to a physical library. A consortium of university libraries called HathiTrust recently announced a solution to this problem, called the Emergency Temporary Access Service. It allows participating HathiTrust member libraries to offer their patrons digital scans of books that they can "check out" and read online.

HathiTrust has a history of pushing the boundaries of copyright. It was the defendant in a landmark 2014 ruling that established the legality of library book scanning. At the time, HathiTrust was only allowing people with print disabilities to access the full text of scanned books. Now HathiTrust is expanding access to more people -- though still with significant limits. The program is only available to patrons of member libraries like the Cornell library. Libraries can only "lend" as many copies of the book as it has physical copies on its shelves. Loans last for an hour and are automatically renewed if a patron is still viewing a book at the hour's end. If you want to read a book that's currently in use by another patron, you have to wait until they're finished. The service differs from the Internet Archive's National Emergency Library in that it limits the "lending" of copies to how many physical copies there are available on its shelves. "During the pandemic, the Internet Archive isn't limiting the number of people who can 'borrow' a book simultaneously," reports Ars.

"Cornell University legal scholar James Grimmelmann tells Ars that the limits on the HathiTrust program will put the group in a stronger position if it is ever challenged in court," the report adds. "The same fair use doctrine that allows HathiTrust to scan books in the first place might also justify what the organization is doing now -- though that's far from certain."

A leading civil liberties group is suing Homeland Security, claiming the agency is keeping the details of its airport face recognition program secret, which it says raises "profound civil liberties concerns." From a report: The American Civil Liberties Union filed the lawsuit in a New York federal court on Thursday, demanding that the agency turns over records to understand the scope of its airport face recognition system. The group wants to know who Homeland Security works with -- including private companies and airlines -- as well as internal policies and guidance on how the system is used. The face recognition system is part of a recent government initiative to scan the faces of travelers both arriving and departing the United States. Homeland Security claims the system will help crack down on immigration violations, such as visitors overstaying their visas. Although U.S. citizens can opt-out of having their faces scanned, it's not always openly advertised. Already more than a dozen U.S. airports have already rolled out the face scanning technology, with many more to go before the U.S. government hits its target of enrolling the largest 20 airports in the country by 2021.

According to 9to5Google, Google is working on a native Chrome OS app for printing and scanning documents. From the report: While there are many ways to start printing on Chrome OS, there's no real way to see what you've currently got queued to print, when not using Cloud Print [which is shutting down at the end of the year]. This is particularly frustrating if you've accidentally printed a long document as there's no way to cancel. [...] Late last month, work began on a new "Print Management app," starting with a Chrome OS specific flag in chrome://flags. Print Management is still in the early stages of development but we know that, like many Chrome OS apps, it'll be a web-based System Web App (SWA), which you can launch from the printers section of the main Settings app. Inside, you'll see a list of your recent printing attempts, including useful information like the job's name, what time it started, whether it succeeded, and which printer it was sent to.

And then, of course, on the flip side of working with paper documents is scanning, which is by no means easy to do on Chrome OS. Thankfully, Print Management will also include a UI for scanning documents and photos. The Chromium team is already working on this behind yet another flag.

A bipartisan pair of US senators on Thursday introduced long-rumored legislation known as the EARN IT Act. The bill is meant to combat child sexual exploitation online, but if passed, it could hurt encryption as we know it. Matthew Green, a cryptographer and professor at Johns Hopkins University, writes: Because the Department of Justice has largely failed in its mission to convince the public that tech firms should stop using end-to-end encryption, it's decided to try a different tack. Instead of demanding that tech firms provide access to messages only in serious criminal circumstances and with a warrant, the DoJ and backers in Congress have decided to leverage concern around the distribution of child pornography, also known as child sexual abuse material, or CSAM. [...] End-to-end encryption systems make CSAM scanning more challenging: this is because photo scanning systems are essentially a form of mass surveillance -- one that's deployed for a good cause -- and end-to-end encryption is explicitly designed to prevent mass surveillance. So photo scanning while also allowing encryption is a fundamentally hard problem, one that providers don't yet know how to solve.

All of this brings us to EARN IT. The new bill, out of Lindsey Graham's Judiciary committee, is designed to force providers to either solve the encryption-while-scanning problem, or stop using encryption entirely. And given that we don't yet know how to solve the problem -- and the techniques to do it are basically at the research stage of R&D -- it's likely that "stop using encryption" is really the preferred goal. EARN IT works by revoking a type of liability called Section 230 that makes it possible for providers to operate on the Internet, by preventing the provider for being held responsible for what their customers do on a platform like Facebook. The new bill would make it financially impossible for providers like WhatsApp and Apple to operate services unless they conduct "best practices" for scanning their systems for CSAM. Since there are no "best practices" in existence, and the techniques for doing this while preserving privacy are completely unknown, the bill creates a government-appointed committee that will tell technology providers what technology they have to use. The specific nature of the committee is byzantine and described within the bill itself. Needless to say, the makeup of the committee, which can include as few as zero data security experts, ensures that end-to-end encryption will almost certainly not be considered a best practice.

Space.com has footage of Northrop Grumman's successful launch of a spacecraft that's bringing 7,500 pounds of supplies (as well as scientific equipment for experiments) to the astronauts on the International Space Station: Those experiments include studies into bone loss from prolonged exposure to weightlessness, bacteria-targeting viruses that could lead to new medications, as well as some cowpeas to be grown as part of a space food experiment. Heidi Parris, NASA's assistant program scientist for the International Space Station program's science office, said those experiments aim to use the weightless environment on the station to learn more about how to live off Earth, including on the moon and Mars.

One novel experiment is Mochii, a small scanning electron microscope about the size of a breadbox that can help astronauts quickly identify the composition of small particles, such as debris or contamination in spacesuits. "Currently the ISS has a blind spot, in that we can't perform this kind of analysis on orbit," James Martinez, a materials scientist at NASA's Johnson Space Center participating in the experiment... Another key experiment on Cygnus is the Spacecraft Fire Experiment IV, or Saffire-IV. As its name suggests, Saffire-IV is the fourth experiment to study how fire behaves in space
Northrop Grumman's Cygnus is one of two private spacecraft (SpaceX's Dragon capsules are the other) that currently haul cargo to the International Space Station for NASA. NG-13 is the 13th Cygnus mission to reach space for NASA by Northrop Grumman as part of the agency's Commercial Resupply Services...

Northrop Grumman's Cygnus NG-13 spacecraft will arrive at the International Space Station and be captured by a robotic arm on Tuesday, Feb. 18, at 4 a.m. EST (0900 GMT). NASA's live webcast of the rendezvous will begin at 2:30 a.m. EST (0730 GMT) and run through spacecraft capture.
The spacecraft will also be bringing the astronauts candy, fresh fruit, and three different kinds of cheese wedge -- cheddar, Parmesan and Fontina.

The Wi-Fi Alliance announced the new Wi-Fi 6E terminology for 802.11ax operation in the 6 GHz band last month. At CES 2020, Broadcom announced a number of Wi-Fi 6E access point solutions. Today, Broadcom is announcing the BCM4389 client Wi-Fi 6E chipset. From a report: Consumers can expect to see the chipset in the next generation of high-end smartphones. We have already covered the advantages of Wi-Fi 6E in terms of lower latency, higher throughput, and the availability of more number of 160 MHz channels in our coverage of the Wi-Fi Alliance announcement at CES. The BCM4389 builds upon Broadcom's success with the BCM4375, which happens to be the currently leading client Wi-Fi 6 chipset in the smartphone market. In addition to the new 6 GHz support with tri-band simultaneous operation and 160 MHz channel support, the BCM4389 also brings in additional power efficiency, thanks to its 16nm process technology and architectural improvements.

The BCM4375 is a 28nm chipset with 2x2 2.4 GHz and 2x2 5 GHz support, while the new BCM4389 adds 2x2 6 GHz to the mix. The scanning radio accounts for the additional radio chain. The Bluetooth 5.0 functionality has also received a boost with MIMO support. Broadcom claims that the new implementation can reduce pairing time by a factor of 2 and also alleviate glitching issues when connected to Wi-Fi at the same time (compared to the BCM4375). The icing on the cake is that the MIMO support works with implicit beamforming ensuring that legacy Bluetooth devices stand to benefit too.

An anonymous reader quotes a report from New Atlas: New research led by Wen-Sung Chung and Justin Marshall of the University of Queensland is shedding new light on the complexity of squid brains. Using MRI scanning to examine the brain of the of the reef squid Sepioteuthis lessoniana, the researchers have produced a new map of neural connections that improves our understanding of their behavior. The cephalopods are widely recognized as the most intelligent of mollusks, but how do they rate when they are competing against something other than clams? Cephalopods show all sorts of complex behavior, like being able to recognize patterns, solve problems, communicate through signals, and camouflage themselves in different textures and colors, despite being colorblind.

But just how complex are these neural circuits? The answer may lie in the maps made by the new MRI scans. "This the first time modern technology has been used to explore the brain of this amazing animal, and we proposed 145 new connections and pathways, more than 60 percent of which are linked to the vision and motor systems," says Chung. "The modern cephalopods, a group including octopus, cuttlefish, and squid, have famously complex brains, approaching that of a dog and surpassing mice and rats, at least in neuronal number. For example, some cephalopods have more than 500 million neurons, compared to 200 million for a rat and 20,000 for a normal mollusk." "Chung says that this complexity may be an example of convergent evolution, where very distantly related animals, like dogs and squids, evolve similar solutions," the report adds. "It's why the eye of the squid is remarkably similar to that of the human eye, even though the two parted ways in evolutionary terms about 560 million years ago."

The research was published in the journal iScience.

ZDNet is reporting on a security breach leaking "a massive list of Telnet credentials for more than 515,000 servers, home routers, and IoT (Internet of Things) 'smart' devices."
The list, which was published on a popular hacking forum, includes each device's IP address, along with a username and password for the Telnet service, a remote access protocol that can be used to control devices over the internet... Some devices were located on the networks of known internet service providers (indicating they were either home router or IoT devices), but other devices were located on the networks of major cloud service providers...

According to experts to who ZDNet spoke this week, and a statement from the leaker himself, the list was compiled by scanning the entire internet for devices that were exposing their Telnet port. The hacker then tried using (1) factory-set default usernames and passwords, or (2) custom, but easy-to-guess password combinations.... To our knowledge, this marks the biggest leak of Telnet passwords known to date.

As ZDNet understands, the list was published online by the maintainer of a DDoS-for-hire (DDoS booter) service... When asked why he published such a massive list of "bots," the leaker said he upgraded his DDoS service from working on top of IoT botnets to a new model that relies on renting high-output servers from cloud service providers.

With a phone, anywhere else is always just a tap away. From a column: Those old enough to remember video-rental stores will recall the crippling indecision that would overtake you while browsing their shelves. With so many options, any one seemed unappealing, or insufficient. In a group, different tastes or momentary preferences felt impossible to balance. Everything was there, so there was nothing to watch. Those days are over, but the shilly-shally of choosing a show or movie to watch has only gotten worse. First, cable offered hundreds of channels. Now, each streaming service requires viewers to manipulate distinct software on different devices, scanning through the interfaces on Hulu, on Netflix, on AppleTV+ to find something "worth watching." Blockbuster is dead, but the emotional dread of its aisles lives on in your bedroom.

This same pattern has been repeated for countless activities, in work as much as leisure. Anywhere has become as good as anywhere else. The office is a suitable place for tapping out emails, but so is the bed, or the toilet. You can watch television in the den -- but also in the car, or at the coffee shop, turning those spaces into impromptu theaters. Grocery shopping can be done via an app while waiting for the kids' recital to start. Habits like these compress time, but they also transform space. Nowhere feels especially remarkable, and every place adopts the pleasures and burdens of every other. It's possible to do so much from home, so why leave at all?

An anonymous reader quotes USA Today: What if you could pay for your groceries using your veins?

Amazon filed a patent for technology that could identify you by scanning the wrinkles in the palm of your hand and by using a light to see beneath your skin to your blood vessels. The resulting images could be used to identify you as a shopper at Amazon Go stores. It was previously reported that the Seattle-based tech giant might install these hi-tech scanners in Whole Foods grocery stores. However, the U.S. Patent and Trademark Office published an application on Thursday that suggests the e-commerce behemoth sets its sites on Amazon Go stores...

While fingerprint scanners have been around for years, Amazon hopes to innovate by developing a personal identification system that you don't have to touch. Imagine hovering your hand in front of an infrared light as a camera snaps two images -- one from the surface, and one that looks for "deeper characteristics such as veins." An internal computer system would then identify you based on that information.

A reader shares a report from Stuff.co.nz: Christchurch electrician Tim Fensom has been awarded $23,200 after he was fired for refusing to use a face scanning system. Fensom worked for construction company KME Services for eight months as a lead electrician during the construction of Christchurch's new hospital before he was fired on October 30, 2018, the Employment Relations Authority said in its determination. KME managing director Tim Lane replaced the company's paper-based timesheets with a biometric system that scanned workers' faces when they arrived and left the hospital construction site after two other subcontracting companies started using it. When Fensom raised concerns, he was told to use the system or receive a warning for breaching KME's health and safety policy.
[...]
Fensom was on a two week holiday while the system was being rolled out. When he returned on October 29, Fensom declined to use the face scanner, and instead signed in on a paper timesheet and carried on with his day. That day Fensom was given a formal warning letter for not following KME's health and safety policies. The next day when he refused again, Fensom was fired for serious misconduct. The ERA said KME failed to consult its employees about alternatives to paper-based timesheets before switching to the face-scanning software. KME was ordered to pay Fensom $12,000 as compensation for humiliation and injury to feelings and $11,286 in lost wages.

The team behind npm, the biggest package manager for JavaScript libraries, issued a security alert yesterday, advising all users to update to the latest version (6.13.4) to prevent "binary planting" attacks. From a report: Npm (Node.js Package Manager) devs say the npm command-line interface (CLI) client is impacted by a security bug -- a combination between a file traversal and an arbitrary file (over)write issue. The bug can be exploited by attackers to plant malicious binaries or overwrite files on a user's computer. The vulnerability can be exploited only during the installation of a boobytrapped npm package via the npm CLI. "However, as we have seen in the past, this is not an insurmountable barrier," said the npm team, referring to past incidents where attackers planed backdoored or boobytrapped packages on the official npm repository. Npm devs say they've been scanning the npm portal for packages that may contain exploit code designed to exploit this bug, but have not seen any suspicious cases. "That does not guarantee that it hasn't been used, but it does mean that it isn't currently being used in published packages on the [official npm] registry," npm devs said.

Android Authority argues that the new Microsoft Chromium Edge browser "is full of neat tricks" and "packs more features than Firefox": The final major feature is called Apps. Essentially, Apps allows you to download and install web pages and web apps for use without the Edge browser. Previously, you had to find these dedicated web apps via the Microsoft Store, but now Edge handles downloading and managing web apps all in the browser. For example, you can download the Twitter web app via Edge just by visiting the Twitter website and clicking "install this site as an app" from the settings menu. Once installed, you can run the webpage as an app directly from your desktop, taskbar, or start menu like any other piece of software. It's like saving links only better, as some web apps can run offline too. Alternatively, you can install the Android Authority webpage and run it as an app to catch up with the latest news without having to boot up Edge each time. It's pretty neat and something that I intend to use more often.

Overall, Edge offers everything you'll want in a web browser and more. Microsoft finally feels on the cutting edge of the internet.
The browser does have a smaller range of supported extensions, but you can also manually install Chrome extensions, according to the article. It adds that Microsoft Edge Chromium "typically uses just 70 to 75 percent of the RAM required by Chrome [and] is even more lightweight than Firefox."

And while acknowledging that Microsoft's Windows 10 "has its share" of telemetry issues, the article adds that "at no point during my couple of weeks with Edge have I noticed it thrashing my hard drive.

"Chrome has a habit of scanning various files on my computer, despite opting out of all the available data sharing options. This isn't great for system performance and raises obvious security questions."

Public facial recognition terminals in China can be fooled with just a mask, as some recent experiments have shown. The Verge reports: An AI company, Kneron, shared a video with The Verge of tests it ran at facial recognition terminals in China where it appeared to fool the systems. Kneron asked us not to publish the video, so we will describe what we saw -- and it looked pretty convincing. In two examples, a tester approaches AliPay and WeChat terminals at shops in China while wearing a 3D mask of his face, and the facial recognition system identifies the mask as his face, allowing the purchase. In another example, the same person feeds his ID card into a train station turnstile while wearing his mask, and the turnstile's facial recognition system accepts the mask as his face.

There are definitely limitations to this type of test, though. The video only shows one person making attempts with their mask, and it's unclear if that one mask worked in every single attempt, or if another mask would work for each one of these tests as well. It's also worth noting that none of the systems were relying entirely on facial recognition for identification. Both the AliPay and WeChat terminals required the person to enter digits of the phone number associated with their identity, and at the train station, you have to present a physical ID card before the facial recognition system even starts scanning. Also, you might hope another human would intervene if a person pulled out a mask of another human's face while trying to pay for groceries?

The nonprofit Open Source Technology Improvement Fund connects open-source security projects with funding and logistical support. (Launched in 2015, the Illinois-based group includes on its advisory council representatives from DuckDuckGo and the OpenVPN Project.)

To raise more money, they're now planning to offer "hacker-themed swag" and apparel created with a state-of-the art direct-to-garment printer -- and they're using Kickstarter to help pay for that printer: With the equipment fully paid for, we will add a crucial revenue stream to our project so that we can get more of our crucial work funded. OSTIF is kicking-in half of the funding for the new equipment from our own donated funds from previous projects, and we are raising the other half through this KickStarter. We have carefully selected commercial-grade equipment, high quality materials, and gathered volunteers to work on the production of the shirts and wallets.
Pledges of $15 or more will be rewarded with an RFID-blocking wallet that blocks "drive-by" readers from scanning cards in your pocket, engraved with the message of your choice. And donors pledging $18 or more get to choose from their "excellent gallery" of t-shirts. Dozens of artists have contributed more than 40 specially-commissioned "hacker-themed" designs, including "Resist Surveillance" and "Linux is Communism" (riffing on a 2000 remark by Microsoft's CEO Steve Ballmer).

There's also shirts commemorating Edward Snowden (including one with an actual NSA document leaked by Edward Snowden) as well as a mock concert t-shirt for the "world tour" of the EternalBlue exploit listing locations struck after it was weaponized by the NSA. One t-shirt even riffs on the new millennial catchphrase "OK boomer" -- replacing it with the phrase "OK Facebook" using fake Cyrillic text.

And one t-shirt design shows an actual critical flaw found by the OSTIF while reviewing OpenVPN 2.4.0.

So far they have 11 backers, earning $790 of their $45,000 goal.

"A massive database storing tens of millions of SMS text messages, most of which were sent by businesses to potential customers, has been found online," reports TechCrunch. The database belongs to a company that works with over 990 cell phone operators and reaches more than 5 billion subscribers around the world, according to the researchers.

TechCrunch writes: The database is run by TrueDialog, a business SMS provider for businesses and higher education providers, which lets companies, colleges, and universities send bulk text messages to their customers and students. The Austin, Texas-based company says one of the advantages to its service is that recipients can also text back, allowing them to have two-way conversations with brands or businesses.

The database stored years of sent and received text messages from its customers and processed by TrueDialog. But because the database was left unprotected on the internet without a password, none of the data was encrypted and anyone could look inside. Security researchers Noam Rotem and Ran Locar found the exposed database earlier this month as part of their internet scanning efforts... Many of the messages we reviewed contained codes to access online medical services to obtain, and password reset and login codes for sites including Facebook and Google accounts...

One table alone had tens of millions of messages, many of which were message recipients trying to opt-out of receiving text messages.

b-dayyy quotes Linux Security: A new and particularly troublesome ransomware variant has been identified in the wild. Dubbed NextCry, this nasty strain of ransomware encrypts data on NextCloud Linux servers and has managed to evade the detection of public scanning platforms and antivirus engines. To make matters worse, there is currently no free decryption tool available for victims.

Ransomware hunter and creator of ID Ransomware Michael Gillespie notes that the NextCry ransomware, which is a Python script compiled in a Linux ELF binary using pyInstaller, oddly uses Base64 to encode file names as well as the content of files which have already been encrypted. Gillespie has also confirmed that NextCry encrypts data using the AES algorithm with a 256-bit key.

The ransom note that NextCry victims receive reads "READ_FOR_DECRYPT", and demands 0.025 BTC for a victim's files to be unlocked.