OpenAI says ChatGPT is "no longer limited to data before September 2021." It can now browse the internet to provide you with up-to-date information, "complete with direct links to sources." From the announcement: Since the original launch of browsing in May, we received useful feedback. Updates include following robots.txt and identifying user agents so sites can control how ChatGPT interacts with them. Browsing is particularly useful for tasks that require up-to-date information, such as helping you with technical research, trying to choose a bike, or planning a vacation.

Browsing is available to Plus and Enterprise users today, and we'll expand to all users soon. To enable, choose Browse with Bing in the selector under GPT-4.

"As a result of the move to working from home, Meta has walked away from one of its offices in London at the cost of 149 million pounds," writes Slashdot reader Bruce66423. The London Evening Standard reports: Meta paid the FTSE 250 developer 149 million pounds on Monday in order to break the lease on the building, 1 Triton Square. The tech firm, which also owns Instagram, let the space from 2021 following a refurbishment but never moved into the space. Meta has three open London sites including a neighbouring building in Regent's Place, near Warren Street in central London.

Analysts at BNP Paribas Exane claimed Meta has another 18 years on its lease at the site. British Land said it will receive the one-off payment to end the lease but the agreement would also reduce its earnings per share by 0.6% over the six months to next March.

An anonymous reader quotes a report from Ars Technica: GPUs from all six of the major suppliers are vulnerable to a newly discovered attack that allows malicious websites to read the usernames, passwords, and other sensitive visual data displayed by other websites, researchers have demonstrated in a paper (PDF) published Tuesday. The cross-origin attack allows a malicious website from one domain -- say, example.com -- to effectively read the pixels displayed by a website from example.org, or another different domain. Attackers can then reconstruct them in a way that allows them to view the words or images displayed by the latter site. This leakage violates a critical security principle that forms one of the most fundamental security boundaries safeguarding the Internet. Known as the same origin policy, it mandates that content hosted on one website domain be isolated from all other website domains. [...]

GPU.zip works only when the malicious attacker website is loaded into Chrome or Edge. The reason: For the attack to work, the browser must:

1. allow cross-origin iframes to be loaded with cookies
2. allow rendering SVG filters on iframes and
3. delegate rendering tasks to the GPU

For now, GPU.zip is more of a curiosity than a real threat, but that assumes that Web developers properly restrict sensitive pages from being embedded by cross-origin websites. End users who want to check if a page has such restrictions in place should look for the X-Frame-Options or Content-Security-Policy headers in the source. "This is impactful research on how hardware works," a Google representative said in a statement. "Widely adopted headers can prevent sites from being embedded, which prevents this attack, and sites using the default SameSite=Lax cookie behavior receive significant mitigation against personalized data being leaked. These protections, along with the difficulty and time required to exploit this behavior, significantly mitigate the threat to everyday users. We are in communication and are actively engaging with the reporting researchers. We are always looking to further improve protections for Chrome users."

An Intel representative, meanwhile, said that the chipmaker has "assessed the researcher findings that were provided and determined the root cause is not in our GPUs but in third-party software." A Qualcomm representative said "the issue isn't in our threat model as it more directly affects the browser and can be resolved by the browser application if warranted, so no changes are currently planned." Apple, Nvidia, AMD, and ARM didn't comment on the findings.

An informational write-up of the findings can be found here.

First the Washington Post summarizes what scientists believed in the 1970s. Chlorofluorocarbons, or (CFCs, "could float up into the stratosphere and break down a protective layer of ozone, allowing more ultraviolet light to enter the atmosphere and harm humans, crops, and entire ecosystems. In fact, this had already happened: There was a hole in the ozone layer over the South Pole." Experts view the subsequent treaty to cut down on the use of CFCs — the 1987 Montreal Protocol — as a landmark environmental achievement. Scientists estimate that the pact has prevented millions of cases of skin cancer. Today, the ozone hole is recovering well. But a provocative scientific paper published Friday in the journal AGU Advances suggests that the link between the ozone layer and human health is more complicated than it seems. Under certain circumstances, the researchers write, small decreases in the ozone layer could now save lives...

The researchers initially were examining something else: what would happen to the chemistry of the atmosphere if humans injected sulfates into the stratosphere, a controversial strategy to cool the planet. But in the process, they found that the chemicals would alter the atmosphere's ozone content — with consequences for human health. Sulfate chemicals are known to deplete ozone high in the atmosphere, but, the paper shows, they could also decrease ground-level air pollution. Ozone, or O3, occurs in two forms in the atmosphere: what scientists call "good ozone" in the stratosphere, the layer of the atmosphere that sits 6 to 31 miles above the surface, and "bad ozone" in the troposphere, the atmospheric layer that reaches to the ground... an air pollutant in the troposphere that comes from power plants, cars, and industrial sites. It can be deadly, exacerbating respiratory diseases. According to one study, over 400,000 people died from long-term exposure to ozone in 2019 alone.

The new paper shows that "good ozone" and "bad ozone" can interact in unexpected ways. When good ozone is depleted, more UV light reaches the troposphere, which increases the rate of skin cancer. But UV light also catalyzes chemical reactions in the troposphere, including one in which hydroxide, or OH — which some scientists call the "Pac-Man of the atmosphere" — swallows up pollutants. The more UV light, the more OH eats up dangerous pollutants. This decrease in ground-level air pollution, according to the study, could actually outweigh the rise in skin cancer. A small decrease in stratospheric ozone, according to their study, could save between 33,000 and 86,000 lives every year.

Only a few papers have made this connection, including one in 2018 that similarly found that a small decrease in the ozone layer could save lives from air pollution... One way to read the study is as another warning of how dangerous ground-level air pollution is and how far the world still needs to go to clean it up. (Outdoor air pollution writ large is associated with an estimated 4.2 million premature deaths every year.)

A federal judge has granted a request to block the California Age-Appropriate Design Code Act (CAADCA), a law that requires special data safeguards for underage users online. The Verge reports: In a ruling (PDF) issued today, Judge Beth Freeman granted a preliminary injunction for tech industry group NetChoice, saying the law likely violates the First Amendment. It's the latest of several state-level internet regulations to be blocked while a lawsuit against them proceeds, including some that are likely bound for the Supreme Court. The CAADCA is meant to expand on existing laws -- like the federal COPPA framework -- that govern how sites can collect data from children. But Judge Freeman objected to several of its provisions, saying they would unlawfully target legal speech. "Although the stated purpose of the Act -- protecting children when they are online -- clearly is important, NetChoice has shown that it is likely to succeed on the merits of its argument that the provisions of the CAADCA intended to achieve that purpose do not pass constitutional muster," wrote Freeman.

Freeman cites arguments made by legal writer Eric Goldman, who argued that the law would force sites to erect barriers for children and adults alike. Among other things, the ruling takes issue with the requirement that sites estimate visitors' ages to detect underage users. The provision is ostensibly meant to cut down on the amount of data collected about young users, but Freeman notes that it could involve invasive technology like face scans or analyzing biometric information -- ironically requiring users to provide more personal information.

The law offers sites an alternative of making data collection for all users follow the standards for minors, but Freeman found that this would also chill legal speech since part of the law's goal is to avoid targeted advertising that would show objectionable content to children. "Data and privacy protections intended to shield children from harmful content, if applied to adults, will also shield adults from that same content," Freeman concluded.

A group of publishers in the U.S. have filed a lawsuit against the "notorious" online database Library Genesis (Libgen), a website known for providing free access to scientific papers and books. The lawsuit accuses Libgen of facilitating the unauthorized distribution of copyrighted academic materials. The Register reports: The suit, filed in a New York federal court [PDF], asks for a legal order "requiring the transfer of the Libgen domain names to plaintiffs or, at plaintiffs' election, canceling or deleting the Libgen domain names," with the idea of frustrating visitors -- mostly students -- believed to number in their millions. The filing said that according to similarweb.com, the sites collectively were visited by 9 million people from the U.S. each month from March to May 2023. The suit alleges that several of the Libgen websites solicit "donations" from users. "These solicitations are in English and seek payments only in Bitcoin or [Monero]." It adds: "one Libgen Site reports that it has raised $182,540 from donations since January 1, 2023."

The publishers also claim the people who run LibGen -- named in the suit as Does 1-50 and whom it says "are believed to reside outside of the United States at unknown foreign locations" -- derive "revenue from interstate or international commerce, including through advertisements." It goes on to add: "Defendants compete directly with Plaintiffs by distributing infringing copies of their works for free, displacing legitimate sales. When a consumer obtains Plaintiffs' works from the Libgen Sites instead of through legitimate channels, no remuneration is provided to Plaintiffs or their authors for the substantial investments they have made to create and publish the works."

The textbook publishers claim that "through social media and from their peers, students are bombarded with messages to use the Libgen Sites instead of paying for legal copies of textbooks" -- thus depriving the publishers and the authors they represent of their income. The suit also asks for damages without detailing an amount, although it asks for "an accounting and disgorgement of Defendants' profits, gains, and advantages realized from their unlawful conduct." The complaint claims the ads are in English and for various "U.S. products, such as browser extensions and online games". The suit adds that some "also appear to be phishing attempts, which can result in users downloading a virus or other malicious program onto their computers."

The lawsuit also calls out Google and "other intermediaries," U.S. companies it claims help LibGen "conduct their unlawful operations" -- "NameCheap for domain registration services, Cloudflare for proxy services, and Google for search engine services." It goes on to include a screenshot of Google's "knowledge panel," which it says "describes Libgen as a site [that] enables free access to content that is otherwise paywalled or not digitized elsewhere."

An anonymous reader quotes a report from CNN: A cyberattack at Clorox is causing wide-scale disruption of the company's operations, hampering its ability to make its cleaning materials, Clorox said Monday. Clorox said some of its products are now in short supply as it has struggled to meet consumer demand during the disruption. Clorox didn't specify which of its products are affected.

The company on Monday revealed in a regulatory filing that it detected unauthorized activity in some of its information technology systems in August. Clorox said it immediately took action to stop the attack, including reducing its operations. It now believes the attack has been contained. Still, Clorox has not been able to get its manufacturing operations back up to full speed. The company said it is fulfilling and processing orders manually. The company doesn't expect to begin the process of returning to normal operations until next week.

"Clorox has already resumed production at the vast majority of its manufacturing sites and expects the ramp up to full production to occur over time," the company said. "At this time, the company cannot estimate how long it will take to resume fully normalized operations." The company said the cyberattack and the delays will hurt its current-quarter financial results materially, although Clorox said determining any longer-term impact would be premature, "given the ongoing recovery."

An anonymous reader shared this report from TechCrunch: In March, WordPress.com owner Automattic made a commitment to the fediverse — the decentralized social networks that include the Twitter rival Mastodon and others — with the acquisition of an ActivityPub plug-in that allows WordPress blogs to reach readers on other federated platforms. Now, the company is announcing ActivityPub 1.0.0 for WordPress has been released allowing WordPress blogs to be followed by others on apps like Mastodon and others in the fediverse and then receive replies back as comments on their own sites.

Since the acquisition, the company has improved on the original software in a number of ways, including by now allowing the ability to add blog-wide catchall accounts instead of only per-author. It also introduced the ability to add a "follow me" block to help visitors follow your profile and a "followers" block to show off your followers, noted Automattic design engineer Matt Wiebe, in a post on X... For the time being, the software supports self-hosted WordPress blogs, but Wiebe teased that support for WordPress.com blogs was "coming soon."
Last year Automattic's CEO Matt Mullenweg announced Tumblr would add support for ActivityPub, the article adds. "But more recently, Mullenweg told us he's been investigating not only ActivityPub, but also other protocols like Nostr and Bluesky's AT Protocol."

"Until now, China's influence campaigns have been focused on amplifying propaganda defending its policies on Taiwan and other subjects," reports the New York Times.

But a new piece co-authored by the newspaper's national security correspondent and its misinformation investigative reporter notes a new effort identified by researchers from Microsoft, the RAND Corporation, the University of Maryland, the intelligence company Recorded Future, and news-rating service NewsGuard. And that newly-discovered effort "suggests that Beijing is making more direct attempts to sow discord in the United States."

It began when, sensing an opportunity,"China's increasingly resourceful information warriors pounced" after high winds in Hawaii downed three power lines that sparked wildfires in Hawaii on August 8th... The disaster was not natural, they said in a flurry of false posts that spread across the internet, but was the result of a secret "weather weapon" being tested by the United States. To bolster the plausibility, the posts carried photographs that appeared to have been generated by artificial intelligence programs, making them among the first to use these new tools to bolster the aura of authenticity of a disinformation campaign... Recorded Future first reported that the Chinese government mounted a covert campaign to blame a "weather weapon" for the fires, identifying numerous posts in mid-August falsely claiming that MI6, the British foreign intelligence service, had revealed "the amazing truth behind the wildfire." Posts with the exact language appeared on social media sites across the internet, including Pinterest, Tumblr, Medium and Pixiv, a Japanese site used by artists. Other inauthentic accounts spread similar content, often accompanied with mislabeled videos, including one from a popular TikTok account, The Paranormal Chic, that showed a transformer explosion in Chile...

The Chinese campaign operated across many of the major social media platforms — and in many languages, suggesting it was aimed at reaching a global audience. Microsoft's Threat Analysis Center identified inauthentic posts in 31 languages, including French, German and Italian, but also in less prominent ones like Igbo, Odia and Guarani. The artificially generated images of the Hawaii wildfires identified by Microsoft's researchers appeared on multiple platforms, including a Reddit post in Dutch. "These specific A.I.-generated images appear to be exclusively used" by Chinese accounts used in this campaign, Microsoft said in a report. "They do not appear to be present elsewhere online."
The researchers "suggested that China was building a network of accounts that could be put to use in future information operations, including the next U.S. presidential election," according to the article. It adds that president Biden "has cut off China's access to the most advanced chips and the equipment made to produce them."

The article adds that the impact of China's misinformation campaign "is difficult to measure, though early indications suggest that few social media users engaged with the most outlandish of the conspiracy theories."

The cloud-based system the Air Force is co-developing with Canada to enable instantaneous combat data-sharing is just about ready for prime time, although the looming threat of a budget gap may slow its global deployment. The Drive reports: Cloud-based command-and-control (CBC2), a pillar of the service's Advanced Battle Management System (ABMS), will hit initial operating capability roughly on schedule next month, Brig. Gen. Luke Cropsey, integrating program officer for Command, Control, Communications and Battle Management, told The War Zone and other outlets this week at the Air, Space, and Cyber conference near Washington, D.C. It's headed to three unspecified base locations within the first half of 2024, Cropsey said, with others to follow at "more scale" as what's anticipated to be a five-year rollout plan gets underway. [...] CBC2 is designed to replace the hardware-based Battle Control System-Fixed, which provides command-and-control for Canada and the U.S., including Alaska and Hawaii. Officially made a program in 2022, CBC2 is "a set of microservice applications," according to an Air Force release, that can take in more than 750 radar feeds and deliver them to a single user interface. "The system then allows operators to create machine-generated courses of action to help shorten the tactical C2 kill chain and send a desired effect via machine-to-machine connections," the release adds.

In addition to delivering data faster and streamlining communication, CBC2 will build in new artificial intelligence elements. A January Government Accountability Office report states that it will build upon Pathfinder, an AI-empowered prototype that ingests "data that would in the past have been ... left on the cutting room floor," as North American Aerospace Defense Command chief Gen. Glen VanHerck put it in remarks reported by C4ISRNet. A September 2020 paper (PDF) from the Canada Institute described Pathfinder as "giving new life to old sensors" for NORAD's defense. "In a recent demonstration," the paper stated, "The Pathfinder system was tied to Federal Aviation Administration radars, and without any modification to the radars themselves, consistently demonstrated an ability to effectively detect and track very small unmanned aircraft, previously thought to be beyond the capability of the system."

Late Friday a Burning Man press release claimed that "zero stuck or abandoned vehicles remain on site or on the exit road, as people have returned with friends and tow trucks to retrieve them."

But the Reno Gazette-Journal reports that as of 5 p.m. Friday, "at least a half-dozen vehicles were still scattered across miles of the Black Rock National Conservation Area, public land Burning Man leases from the Bureau of Land Management. Their drivers appeared to have made a run for the exit and got stuck in mud out on the playa. One burned-out RV that caught fire in the exit queue was still on site."

The press release from the Burning Man project claimed their entire community of attendees, sometimes called "Black Rock City," had now "disappeared, leaving no trace." But the Reno Gazette-Journal says... Entire abandoned camps were still in what had been Black Rock City, the temporary encampment that draws more than 70,000 burners each year. Tents, garbage bags, rugs, boxes, boots stuck in mud, a barbecue grill, cans of oil and even a wig were seen on Friday. Pershing County Sheriff Jerry Allen estimated there were still up to 10,000 people on site Thursday but a steady stream of RVS and cars continued to leave the playa... Burning Man did not return request for comment... "I am concerned about this year and the amount of stuff being left out," Allen told the Reno Gazette-Journal on Friday. "Dispatch has told me that in the last two days a lot of (car and truck) rental agencies and motor home businesses are looking for their vehicles still out there...

On Friday, the site was busy with campers who were cleaning up sites. Some abandoned camps sites had signs that said they would return. One sign said, "We will come back Thur. Fri. Sat. to clean up. Too many sick people."
The newspaper points out that event volunteers traditionally spend three weeks after the event doing a major clean-up effort. "The restoration crews they have doing that do an outstanding job," a public affairs specialist for the Bureau of Land Management told the newspaper.

Rotten Tomatoes celebrated its 25th year of assigning scores to movies based on their aggregate review. Now Vulture writes that Rotten Tomatoes "can make or break" movies, "with implications for how films are perceived, released, marketed, and possibly even green-lit". But unfortuately, the site "is also erratic, reductive, and easily hacked."

Vulture tells the story of a movie-publicity company contacting "obscure, often self-published critics" to say the film's teams "feel like it would benefit from more input from different critics" — while making undisclosed payments of $50 or more.) A critic asking if it's okay to pan the movie was informed that "super nice" critics move their bad reviews onto sites not included in Rotten Tomatoes scores.

Vulture says after bringing this to the site's attention, Rotten Tomatoes "delisted a number of the company's movies from its website and sent a warning to writers who reviewed them." But is there a larger problem? Filmmaker Paul Schrader even opines that "Audiences are dumber. Normal people don't go through reviews like they used to. Rotten Tomatoes is something the studios can game. So they do...." A third of U.S. adults say they check Rotten Tomatoes before going to the multiplex, and while movie ads used to tout the blurbage of Jeffrey Lyons and Peter Travers, now they're more likely to boast that a film has been "Certified Fresh...."

Another problem — and where the trickery often begins — is that Rotten Tomatoes scores are posted after a movie receives only a handful of reviews, sometimes as few as five, even if those reviews may be an unrepresentative sample. This is sort of like a cable-news network declaring an Election Night winner after a single county reports its results. But studios see it as a feature, since, with a little elbow grease, they can sometimes fool people into believing a movie is better than it is.

Here's how. When a studio is prepping the release of a new title, it will screen the film for critics in advance. It's a film publicist's job to organize these screenings and invite the writers they think will respond most positively. Then that publicist will set the movie's review embargo in part so that its initial Tomatometer score is as high as possible at the moment when it can have maximal benefits for word of mouth and early ticket sales... [I]n February, the Tomatometer score for Ant-Man and the Wasp: Quantumania debuted at 79 percent based on its first batch of reviews. Days later, after more critics had weighed in, its rating sank into the 40s. But the gambit may have worked. Quantumania had the best opening weekend of any movie in the Ant-Man series, at $106 million. In its second weekend, with its rottenness more firmly established, the film's grosses slid 69 percent, the steepest drop-off in Marvel history.

In studios' defense, Rotten Tomatoes' hastiness in computing its scores has made it practically necessary to cork one's bat. In a strategic blunder in May, Disney held the first screening of Indiana Jones and the Dial of Destiny at Cannes, the world's snootiest film festival, from which the first 12 reviews begot an initial score of 33 percent. "What they should've done," says Publicist No. 1, "was have simultaneous screenings in the States for critics who might've been more friendly." A month and a half later, Dial of Destiny bombed at the box office even though friendly critics eventually lifted its rating to 69 percent. "They had a low Rotten Tomatoes score just sitting out there for six weeks before release, and that was deadly," says a third publicist.

In a deal that could be worth $200 million, Microsoft announced that it is purchasing 315,000 metric tons of carbon removal over a multi-year period from climate tech startup Heirloom Carbon. It's one of the biggest deals of its kind, reports The Wall Street Journal (paywalled). GeekWire reports: San Francisco-based Heirloom is harnessing a geologic approach to catching and holding carbon dioxide. Limestone naturally binds to carbon, but Heirloom's technology dramatically speeds up the process, cutting it from years to days. The startup operates the only U.S. facility permanently capturing carbon. Even more important than the volume of carbon to be removed is the deal's ability to unlock additional funding and investments to grow Heirloom's business and the sector more broadly.

Microsoft previously invested in Heirloom through its $1 billion Climate Innovation Fund. The new deal represents a financially empowering "bankable agreement," said Heirloom CEO Shashank Samala. "Bankable agreements of this magnitude enable Heirloom to raise project finance for our rapid scale-up, fueling exponential growth like what we've seen in the renewable energy industry," Samala said in a statement. The guaranteed cash flow can facilitate financing needed to build Heirloom's next two commercial sites. The deal is also "an example of the impact of the Biden administration's 2021 infrastructure bill," notes the report. "[T]he purchase was tied to Heirloom being selected by the U.S. Department of Energy as one of the nation's direct air capture (DAC) hubs. It will receive $600 million of matching funding thanks to the designation."

Ruby on Rails creator David Heinemeier Hansson has removed TypeScript from the forthcoming version 8 of the Turbo framework, saying he has "never been a fan," but many Turbo users have protested that the decision was rushed and the change is unwelcome. From a report: A comment on the GitHub pull request that removes TypeScript states that this "is a step back, for both library users and contributors." This comment has -- at the time of writing -- 357 likes and just 8 downvotes, suggesting wide support. Turbo is a framework for delivering HTML pages intended to "dramatically reduce the amount of custom JavaScript," and is sponsored by Hannson's company 37signals, whose products include the Basecamp project management platform and the Hey messaging system. Turbo is the engine of Hotwire, short for "HTML over the wire," because it prefers sending HTML itself rather than JSON data and JavaScript code.

Although Turbo itself is not among the most popular frameworks, Ruby on Rails is well-known and used by major web sites including GitHub and Shopify. Hansson posted that TypeScript "pollutes the code with type gymnastics that add ever so little joy to my development experience, and quite frequently considerable grief. Things that should be easy become hard." The community around the open source Turbo project though is for the most part perplexed and disappointed, not only by the change itself, but also by the manner in which it was made.

BMW has made a U-turn on a controversial subscription service that saw drivers pay a fee to activate the heated seats already fitted to their car. From a report: First announced in 2020, the subscription was intended to be one of many ways to offer flexibility to customers, who could opt in to pay for vehicle functions when it suited them, then stop paying when they were no longer wanted. But instead of options like increased electric car performance -- as was later offered by Mercedes -- or other technology-driven functions like autonomous parking or a 5G data connection, BMW drew criticism for charging a subscription for heated seats already installed at the factory. Now though, BMW will no longer offer such a service.

"Two stalled driverless taxis blocked an ambulance carrying a critically injured patient," writes the San Francisco Chronicle, citing a paywalled report from Forbes. The delay "contributed to 'poor patient outcome' — the person died 20 to 30 minutes after reaching the hospital, according to a report by San Francisco firefighters that the taxi company disputes."

The report was obtained by Forbes, which recently published a story detailing accounts by San Francisco firefighters who say driverless taxis have repeatedly interfered with their emergency response. However, Forbes also reported that Cruise provided a video that disputed SFFD's account of the August 14 incident. The video, Forbes reported, shows that one Cruise car quickly left the scene while the other remained stalled at the intersection with an open lane to its right, which traffic was passing through. Forbes said it was not clear from the video if the ambulance could have navigated into the open lane.

Hannah Lindow, a Cruise spokesperson, told the Chronicle that the Cruise vehicle that stopped did so to yield to first responders directing traffic. "Throughout the entire duration the (autonomous vehicle) is stopped, traffic remains unblocked and flowing to the right of the AV. The ambulance behind the AV had a clear path to pass the AV as other vehicles, including another ambulance, proceeded to do," Lindow said in an email. "As soon as the victim was loaded into the ambulance, the ambulance left the scene immediately and was never impeded from doing so by the AV."

Here's how the Washington Post tells the story of 34-year-old marketer (and former model) Madison Conradis, who discovered nude behind-the-scenes photos from 10 years earlier had leaked after a series of photographer web sites were breached: Now the photos along with her name and contact information were on 4chan, a lawless website that allows users to post anonymously about topics as varied as music and white supremacy... Facebook users registered under fake names such as "Joe Bummer" sent her direct messages demanding that she send new, explicit photos, or else they would further spread the already leaked photos. Some pictures landed in her father's Instagram messages, while marketing clients told her about the nude images that came their way. Madison was at a friend's party when she got a panicked call from the manager of a hotel restaurant where she had worked: The photos had made their way to his inbox. After two years, hoping a new Florida law against cyberharassment would finally end the torture, Madison walked into her local Melbourne police station and shared everything. But she was told that what she was experiencing was not criminal.

What Madison still did not know was that other women were in the clutches of the same man on the internet — and all faced similar reactions from their local authorities. Without help from the police, they would have to pursue justice on their own.
Some cybersleuthing revealed the four women all had one follower in common on Facebook: Christopher Buonocore. (They were his ex-girlfriend, his ex-fiance, his relative, and a childhood friend.) Eventually Madison's sister Christine — who had recently passed the bar exam — "prepared a 59-page document mapping the entire case with evidence and relevant statutes in each of the victims' jurisdictions. She sent the document to all the women involved, and each showed up at her respective law enforcement offices, dropped the packet in front of investigators and demanded a criminal investigation." The sheriff in Florida's Manatee County, Christine's locality, passed the case up to federal investigators. And in July 2019, the FBI took over on behalf of all six women on the basis of the evidence of interstate cyberstalking that Christine had compiled...

The U.S. attorney for the Middle District of Florida took action at the end of December 2020, but without a federal law criminalizing the nonconsensual distribution of intimate images, she charged Buonocore with six counts of cyberstalking instead, which can apply to some cases involving interstate communication done with the intent to kill, injure, intimidate, harass or surveil someone. He pleaded guilty to all counts the following January...

U.S. District Judge Thomas Barber sentenced Buonocore to 15 years in federal prison — almost four years more than the prosecutor had requested.

An anonymous reader shares The Hill's report from earlier this month. Apparently America's tax-collecting Internal Revenue Service "cannot locate thousands of microfilm cartridges containing millions of sensitive individual and business tax account records, according to a watchdog report." The Treasury Inspector General for Tax Administration said in a report released August 8 that the IRS cannot account for microfilm cartridges — which contain backups of tax records as required under federal law — from fiscal 2010 that were originally stored at a processing center in Fresno, California... The watchdog also found seven empty boxes, which could hold up to 168 cartridges total, at the Ogden Tax Processing Center in Utah. Ogden personnel did not know where the missing cartridges were.

More than 4,000 cartridges containing business tax account information from fiscal 2018 and 4,500 cartridges containing individual tax account information from fiscal 2019 also could not be accounted for at the Kansas City facility, according to the report.

"The personal taxpayer and tax information included on these backup cartridges is key information that can be used to commit tax refund fraud identity theft," the report noted.

The U.S. Department of Defense has launched a website collecting publicly available, declassified information on unidentified anomalous phenomena (UAPs). "For now, the general public will be able to read through the posted information," reports CNET. "Soon, US government employees, contractors, and service members with knowledge of US programs can report their own sightings, and later, others will be able to submit reports." From the report: "This website will provide information, including photos and videos, on resolved UAP cases as they are declassified and approved for public release," the department said in a release posted on Thursday. "The website's other content includes reporting trends and a frequently asked questions section as well as links to official reports, transcripts, press releases, and other resources that the public may find useful, such as applicable statutes and aircraft, balloon and satellite tracking sites."

For now, one of the most interesting parts of the site is its trends section. Apparently, most reported UAPs are round, either white, silver or translucent, spotted at around 10,000 to 30,000 feet, 1-4 meters in size, and do not emit thermal exhaust. Hotspots for sightings include both the US East and West coasts. There's also a small section of videos with names such as "DVIDS Video - Unresolved Case: Navy 2021 Flyby," and "UAP Video: Middle East Object." Readers are able to leave comments on the videos. Of the "Middle East Object" video, one person writes,"Noticed I never saw it cast a shadow. But other objects have shadows."

An anonymous reader quotes a report from Ars Technica: The day before a Texas antiporn law that requires age verification to access adult websites was set to take effect, the state's attorney general, Angela Colmenero, has been at least temporarily blocked from enforcing the law. US District Judge David Alan Ezra granted a preliminary injunction temporarily blocking enforcement after the Free Speech Coalition (FSC) joined adult performers and sites like Pornhub in a lawsuit opposing the law. Today, they convinced Ezra that Texas' law violates the First Amendment and would have "a chilling effect on legally-protected speech," FSC said in a press release.

"This is a huge and important victory against the rising tide of censorship online," Alison Boden, FSC's executive director, said. "From the beginning, we have argued that the Texas law, and those like it, are both dangerous and unconstitutional. We're pleased that the court agreed with our view that [the law's] true purpose is not to protect young people, but to prevent Texans from enjoying First Amendment protected expression. The state's defense of the law was not based in science or technology, but ideology and politics." Now, Texas will have to wait until this lawsuit is litigated to enforce the law. [...] According to FSC, in addition to free speech concerns, the law needed to be blocked because it would have exposed consumers to "significant privacy risks" by forcing adult-website visitors to show digital IDs. A spokesperson for Pornhub's parent company Aylo told Ars: "We are pleased with the court's decision today, which reaffirms our position that the age verification law implemented in Texas is unconstitutional. We have publicly supported mandatory age verification of viewers of adult content for years, but any method of age verification must preserve user privacy and safety."

"The only solution that makes the Internet safer, preserves user privacy, and stands to prevent children from accessing age-inappropriate content is performing age verification at the device level," Aylo's spokesperson said. "We are pleased that the court recognizes the severity of compelled speech and its presence in this law that Texas has implemented. We are proud to fight for our industry and the performers that use it to legally earn a living, and we are glad to see the court recognize that this law is unconstitutional and would have required adult entertainers to falsely imply that their content poses health risks."

A similar age verification initiative in Australia was halted yesterday, citing concerns around privacy and security of the technology.