An anonymous reader quotes a report from TorrentFreak: With dozens of millions of monthly visits, Animeflix positioned itself as one of the most popular anime piracy portals. The site also has an active Discord community of around 35k members, who actively participate in discussions, art competitions, even a chess tournament. While rightsholders take no offense at these side-projects, the site's core business was streaming pirated videos. That hasn't gone unnoticed; last December Animeflix was listed as one of the shutdown targets of anti-piracy coalition ACE.

Whether these early enforcement efforts were responsible for the site's closure is unclear. In May, rightsholders increased the pressure through the High Court of India, obtaining a broad injunction that effectively suspended Animeflix's main domain name; Animeflix.live. This follow-up action didn't seem to hurt the site too much. It simply moved to new domains, Animeflix.gg and Animeflix.li, informing its users that the old domain name had become "unavailable." Yesterday, the site became unreachable again, initially returning a Cloudflare error message. This time, the domain wasn't the problem but, for reasons unknown, the team decided to shut down the site without prior notice.

"It is with a heavy heart that we announce the closure of Animeflix. After careful consideration, we have decided to shut down our service effective immediately. We deeply appreciate your support and enthusiasm over the years." "Thank you for being a part of our journey. We hope the joy and excitement of anime continue to brighten your days through other wonderful platforms," the Animeflix team adds. The Animeflix team doesn't provide any insight into its reasoning, but it's clear that keeping a site like that online isn't without challenges. And, when a pirate site shuts down, voluntarily or not, copyright issues typically play a role. It's clear that rightsholders were keeping an eye on the site, and were actively seeking out options to take it offline. That might have played a role in the shutdown decision but without more information from the team, we can only speculate.

Airlines in Europe will be forced to raise prices to fund the cost of cutting carbon emissions, the boss of British Airways owner IAG said. From a report: Luis Gallego told the Financial Times that switching to cleaner, more expensive sustainable fuel would "have a big impact" on the industry [the link may be paywalled] and put some people off flying. "Flying is going to be more expensive. That is an issue, we are trying to improve efficiency to mitigate that, but it will have an impact on demand," he said. He added that European airlines could become less competitive because of the bloc's tough net zero targets, which include a requirement for 6 per cent of jet fuel to be from sustainable sources by 2030.

"We agree with decarbonisation ... but I think we need to do it in a consistent way worldwide not to jeopardise European aviation," Gallego said. Sustainable aviation fuel (SAF) is made from a range of non-fossil fuel sources, from waste cooking oil to crops, and can emit 70 per cent less carbon dioxide than traditional jet fuel. But very little of it is being produced -- less than 1 per cent of total aviation fuel consumption last year was from sustainable sources -- meaning it is far more expensive than jet fuel. IAG itself used 12 per cent of the world's SAF last year across its five airlines, which include British Airways, Iberia and Aer Lingus.

storagedude shares a report from the Cyber Express: Some of the most widely used web and social media applications could be vulnerable to three newly discovered CocoaPods vulnerabilities -- including potentially millions of Apple devices, according to a report by The Cyber Express, the news service of threat intelligence vendor Cyble Inc. E.V.A Information Security researchers reported three vulnerabilities in the open source CocoaPods dependency manager that could allow malicious actors to take over thousands of unclaimed pods and insert malicious code into many of the most popular iOS and MacOS applications, potentially affecting "almost every Apple device." The researchers found vulnerable code in applications provided by Meta (Facebook, Whatsapp), Apple (Safari, AppleTV, Xcode), and Microsoft (Teams); as well as in TikTok, Snapchat, Amazon, LinkedIn, Netflix, Okta, Yahoo, Zynga, and many more.

The vulnerabilities have been patched, yet the researchers still found 685 Pods "that had an explicit dependency using an orphaned Pod; doubtless there are hundreds or thousands more in proprietary codebases." The newly discovered vulnerabilities -- one of which (CVE-2024-38366) received a 10 out of 10 criticality score -- actually date from a May 2014 CocoaPods migration to a new 'Trunk' server, which left 1,866 orphaned pods that owners never reclaimed. While the vulnerabilities have been patched, the work for developers and DevOps teams that used CocoaPods before October 2023 is just getting started. "Developers and DevOps teams that have used CocoaPods in recent years should verify the integrity of open source dependencies used in their application code," the E.V.A researchers said. "The vulnerabilities we discovered could be used to control the dependency manager itself, and any published package." [...] "Dependency managers are an often-overlooked aspect of software supply chain security," the researchers wrote. "Security leaders should explore ways to increase governance and oversight over the use these tools." "While there is no direct evidence of any of these vulnerabilities being exploited in the wild, evidence of absence is not absence of evidence." the EVA researchers wrote. "Potential code changes could affect millions of Apple devices around the world across iPhone, Mac, AppleTV, and AppleWatch devices."

While no action is required by app developers or users, the EVA researchers recommend several ways to protect against these vulnerabilities. To ensure secure and consistent use of CocoaPods, synchronize the podfile.lock file with all developers, perform CRC validation for internally developed Pods, and conduct thorough security reviews of third-party code and dependencies. Furthermore, regularly review and verify the maintenance status and ownership of CocoaPods dependencies, perform periodic security scans, and be cautious of widely used dependencies as potential attack targets.

The number of climate lawsuits filed against companies around the world is rising swiftly, a report has found, and a majority of cases that have concluded have been successful. From a report: About 230 climate-aligned lawsuits have been filed against corporations and trade associations since 2015, two-thirds of which have been initiated since 2020, according to the analysis published on Thursday by the Grantham Research Institute on Climate Change and the Environment. One of the most rapidly growing forms of litigation is over "climate-washing" -- when companies are accused of misrepresenting their progress towards environmental targets -- and the analysis found that 47 such cases were filed against companies and governments in 2023.

As climate communications are increasingly scrutinised, there has been arise in climate-washing litigation, often with positive outcomes for those bringing the cases. Of the 140 climate-washing cases reviewed between 2016 and 2023, 77 have officially concluded, 54 of which ended with a ruling in favour of the claimant. More than 30 cases in 2023 concerned the "polluter pays" principle, whereby companies are held accountable for climate damage caused by high greenhouse gas emissions. The authors also highlighted six "turning off the taps" cases, which challenge the flow of finance to areas which hinder climate goals.

In 2021, Apple announced plans for a new $1 billion campus in North Carolina, set to include a new engineering and research center and support up to 3,000 employees. According to Lauren Ohnesorge of Triangle Business Journal (paywalled), Apple remains committed to the project, but the timeline has been delayed by four years. MacRumors reports: A limited amount of progress on the campus has been made since the announcement, and Apple has not provided updates on construction until now. Apple told Triangle Business Journal that it has paused work on the campus, and it is working with North Carolina Governor Roy Cooper and the North Carolina Department of Commerce to extend the project's timeline by four years.

Apple last year filed development plans for the first phase of construction, but the specific timeline for the project has never been clear. Apple's plans for Research Triangle Park include six buildings and a parking garage totaling 700,000 square feet of office space, 190,000 square feet of accessory space, and close to 3,000 parking spaces spanning 41 acres. Apple owns 281 acres of land in the area where it plans to build its campus, so there could ultimately be several phases of construction. As it prepares to build the NC research center, Apple is leasing more than 200,000 square feet of office space in Cary, North Carolina. In a statement, Apple said it is still committed to the project: "Apple has been operating in North Carolina for over two decades. And we're deeply committed to growing our teams here. In the last three years, we've added more than 600 people to our team in Raleigh, and we're looking forward to developing our new campus in the coming years."

An anonymous reader shares a report: Over the weekend, a clip from a recent interview with Telegram's founder Pavel Durov went semi-viral on X (previously Twitter). In the video, Durov tells right-wing personality Tucker Carlson that he is the only product manager at the company, and that he only employs "about 30 engineers." Security experts say that while Durov was bragging about his Dubai-based company being "super efficient," what he said was actually a red flag for users.

"Without end-to-end encryption, huge numbers of vulnerable targets, and servers located in the UAE? Seems like that would be a security nightmare," Matthew Green, a cryptography expert at Johns Hopkins University, told TechCrunch. (Telegram spokesperson Remi Vaughn disputed this, saying it has no data centers in the UAE.) Green was referring to the fact that -- by default -- chats on Telegram are not end-to-end encrypted like they are on Signal or WhatsApp. A Telegram user has to start a "Secret Chat" to switch on end-to-end encryption, making the messages unreadable to Telegram or anyone other than the intended recipient.

Also, over the years, many people have cast doubt over the quality of Telegram's encryption, given that the company uses its own proprietary encryption algorithm, created by Durov's brother, as he said in an extended version of the Carlson interview. Eva Galperin, the director of cybersecurity at the Electronic Frontier Foundation and a longtime expert in the security of at-risk users, said that it's important to remember that Telegram, unlike Signal, is a lot more than just a messaging app.

Thomas Claburn reports via The Register: Once again, IBM has been sued for age discrimination, this time alongside spin-off Kyndryl, for allegedly cutting the jobs of older workers while creating similar positions for younger ones. The complaint [PDF] was filed on Tuesday in New York City, on behalf of five veteran executives and employees who collectively served the two corporations for more than 150 years. The IBM plaintiffs include: Michael Nolan, former Director of Strategy and Planning for IBM's Software Unit; Karla Bousquet, former VP, CEO of Events at IBM, Karla; Jay Zeltzer, former Business Automation Leader; and Teresa Cook, former VP of Client Experience. Randall Blanchard, former Services Account manager, is suing Kyndryl, having previously been with Big Blue.

Despite IBM chief global HR officer Nickel LaMoreaux's 2022 rejection of what she characterized as "false claims of systemic age discrimination," the lawsuit argues the mainframe titan is still targeting older workers. The legal filing cites a 2021 case, Townsley v. Int'l Bus. Machines Corp, in which executive Sam Ladah, who is accused of attempting "to keep ageist IBM executive level planning documents confidential," said those documents from five to six years earlier were still being used for hiring decisions. To further support the claim that the targeting of older workers continues to this day, the complaint says, "A recently leaked video of [CEO Arvind] Krishna confirms that IBM has continued its practice of using secretive top-down pressure to gerrymander its workforce to reflect the demographic preferences of its executives."

The 2023 video, published by conservative political activist James O'Keefe, appears to show Krishna tying manager bonuses to diversity targets in a context where such targets are alleged to be discriminatory. Basically, IBM has been accused of threatening to withhold bonuses from bosses if they don't hire a diverse enough range of techies -- more Hispanic and Black people -- leading to qualified candidates -- Asian people and others -- being ignored on the basis of their race. The latest lawsuit also points to Wimbish v. IBM, an age discrimination complaint filed in September by two human resources managers. "In their complaint, these fired HR managers alleged that IBM's HR still constantly consider an employee's 'runway' when determining if that worker would be terminated," the complaint says. "'Runway' is coded language for how long IBM HR expects an employee to remain at IBM before they retire, a direct proxy for age."

A researcher has found a bug that allows anyone to impersonate Microsoft corporate email accounts, making phishing attempts look credible and more likely to trick their targets. From a report: As of this writing, the bug has not been patched. To demonstrate the bug, the researcher sent an email to TechCrunch that looked like it was sent from Microsoft's account security team. Last week, Vsevolod Kokorin, also known online as Slonser, wrote on X (formerly Twitter) that he found the email-spoofing bug and reported it to Microsoft, but the company dismissed his report after saying it couldn't reproduce his findings. This prompted Kokorin to publicize the bug on X, without providing technical details that would help others exploit it.

Qualcomm faces potential disruption to its Windows on Arm laptops due to a legal battle with Arm, while MediaTek prepares to enter the market. Qualcomm's exclusivity deal with Microsoft for Copilot+ PCs, based on its Snapdragon SoCs, is set to expire this year.

MediaTek plans to launch its own Windows on Arm chip in late 2024, though it's unclear if it has Microsoft's approval. The legal dispute stems from Qualcomm's acquisition of Nuvia, with Arm claiming Nuvia's licenses are non-transferable without permission. Arm terminated the licenses, requiring Qualcomm to stop using processor designs developed under those agreements. Arm asserts current Copilot+ SoCs descend from Nuvia's chips, potentially subjecting them to an injunction if Arm prevails in court. Qualcomm maintains its existing Arm license rights cover its custom CPUs. Both companies declined to comment on the ongoing legal matter.

An anonymous reader quotes a report from Ars Technica: Hackers working for the Chinese government gained access to more than 20,000 VPN appliances sold by Fortinet using a critical vulnerability that the company failed to disclose for two weeks after fixing it, Netherlands government officials said. The vulnerability, tracked as CVE-2022-42475, is a heap-based buffer overflow that allows hackers to remotely execute malicious code. It carries a severity rating of 9.8 out of 10. A maker of network security software, Fortinet silently fixed the vulnerability on November 28, 2022, but failed to mention the threat until December 12 of that year, when the company said it became aware of an "instance where this vulnerability was exploited in the wild." On January 11, 2023 -- more than six weeks after the vulnerability was fixed -- Fortinet warned a threat actor was exploiting it to infect government and government-related organizations with advanced custom-made malware. Netherlands government officials wrote in Monday's report: Since the publication in February, the MIVD has continued to investigate the broader Chinese cyber espionage campaign. This revealed that the state actor gained access to at least 20,000 FortiGate systems worldwide within a few months in both 2022 and 2023 through the vulnerability with the identifier CVE-2022-42475 . Furthermore, research shows that the state actor behind this campaign was already aware of this vulnerability in FortiGate systems at least two months before Fortinet announced the vulnerability. During this so-called 'zero-day' period, the actor alone infected 14,000 devices. Targets include dozens of (Western) governments, international organizations and a large number of companies within the defense industry.

The state actor installed malware at relevant targets at a later date. This gave the state actor permanent access to the systems. Even if a victim installs security updates from FortiGate, the state actor continues to have this access. It is not known how many victims actually have malware installed. The Dutch intelligence services and the NCSC consider it likely that the state actor could potentially expand its access to hundreds of victims worldwide and carry out additional actions such as stealing data. Even with the technical report on the COATHANGER malware, infections from the actor are difficult to identify and remove. The NCSC and the Dutch intelligence services therefore state that it is likely that the state actor still has access to systems of a significant number of victims.

"Researchers observed a new Linux variant of the TargetCompany ransomware family that targets VMware ESXi environments," reports BleepingComputer: In a report Wednesday, cybersecurity company Trend Micro says that the new Linux variant for TargetCompany ransomware makes sure that it has administrative privileges before continuing the malicious routine... Once on the target system, the payload checks if it runs in a VMware ESXi environment by executing the 'uname' command and looking for 'vmkernel.' Next, a "TargetInfo.txt" file is created and sent to the command and control (C2) server. It contains victim information such as hostname, IP address, OS details, logged-in users and privileges, unique identifiers, and details about the encrypted files and directories. The ransomware will encrypt files that have VM-related extensions (vmdk, vmem, vswp, vmx, vmsn, nvram), appending the ".locked" extension to the resulting files.

Finally, a ransom note named "HOW TO DECRYPT.txt" is dropped, containing instructions for the victim on how to pay the ransom and retrieve a valid decryption key. "After all tasks have been completed, the shell script deletes the payload using the 'rm -f x' command so all traces that can be used in post-incident investigations are wiped from impacted machines."

Thanks to long-time Slashdot reader joshuark for sharing the article.

Retailers are struggling to rein in the proliferation of scammers tricking Americans into buying thousands of dollars' worth of gift cards. From a report: The Federal Trade Commission estimates that Americans lost at least $217 million to gift card scams last year. That number is likely higher, given many victims are too embarrassed to report to law enforcement. Cracking down on gift card scams was a hot topic this week at the National Retail Federation's (NRF) cybersecurity conference in Long Beach, California.

Some gift card scams start with texts from people pretending to be tech support, your boss, the government or a wrong number. Eventually, those conversations lead to someone asking the victim to buy gift cards on their behalf and send the barcode number to them via text. Others involve criminals in physical locations, tampering with a gift card to access the barcode information and then stealing the funds without taking the actual card. Each scam targets vulnerable populations: elderly, less-tech savvy people; those who are lonely and work from home; and even young kids, experts say.

The 34-year-old Hubble Space Telescope is now operating with its final two working gyroscopes, necessitating a switch to a less productive "one-gyro" mode to extend its operational life. This contingency plan will reduce Hubble's productivity by over 12%, limit its ability to track fast-moving objects, and decrease the portion of the sky it can observe. That said, NASA expects it to keep functioning through 2035. Science.org reports: Normally, Hubble measures its location in space with a system that includes three gyroscopes -- rapidly spinning wheels that can sense forces in three directions. But in a 4 June press conference, NASA officials said one of the telescope's three remaining gyroscopes is on the fritz. The agency is now invoking a contingency plan: a "one-gyro" mode that keeps the other functioning gyroscope in reserve. The mode will reduce the telescope's productivity by more than 12% but preserve its ability to observe for years to come, Mark Clampin, NASA's astrophysics division director, said at the press conference. "We believe this is our best approach to support Hubble science through this decade and into the next."

Hubble's gyroscopes, which spin at 19,200 revolutions per minute, are extremely precise but finicky. The agency has flown a total of 22 gyroscopes across various servicing missions and is now down to the last two of the six currently onboard. In one-gyro mode, Hubble must rely on its less precise star trackers and other sensors to verify its position, a slower process that leads to reduced productivity. "It will take us more time to slew from one target attitude to the next, and to be able to lock on to that science target," said Patrick Crouse, Hubble's project manager at NASA's Goddard Space Flight Center.

A one-gyro Hubble will also struggle to track fast-moving targets, such as asteroids within the orbit of Mars, and to swivel to spot transient distant phenomena such as supernovae, according to a 2016 report (PDF) from the Space Telescope Science Institute, which operates Hubble. In addition, the inefficiencies of one-gyro mode will reduce the portion of the sky that Hubble can safely point to at any given moment, from 82% to roughly 40%, including a larger avoidance zone near the Sun. It won't be able to observe Venus or the Moon, nor will it be able to reliably spot comets when they're near the Sun. Its ability to scrutinize distant exoplanets will also be hampered, especially in gathering the spectral measurements used to discern alien atmospheres. Furthermore, a one-gyro Hubble won't be able to perform as many simultaneous observations with the new JWST space observatory. Moving forward, the two telescopes' fields of view at any given moment may overlap by less than 20%, according to a 2019 estimate anticipating this event from a Hubble advisory committee.

AmiMoJo shares a report: The world is off track to meet the goal of tripling renewable electricity generation by 2030, a target viewed as vital to enable a swift global transition away from fossil fuels, but there are promising signs that the pace of progress may be picking up.

Countries agreed last December on a tripling of renewable power by the end of this decade. But few have yet taken concrete steps to meet this requirement and on current policies and trends global renewable generation capacity would only roughly double in developed countries, and slightly more than double globally by 2030, according to an analysis by the International Energy Agency.

Governments should include targets and policies on renewables in their national action plans for the climate (called nationally determined contributions, or NDCs), which are a requirement under the Paris agreement, the IEA found. Many currently fail to do so, even though vast increases in renewable power are essential to meeting the treaty's aspiration of limiting temperature rises to 1.5C above pre-industrial levels.

The IEA, the gold standard for global energy research, analysed the domestic policies and targets of nearly 150 countries, and found they would result in about 8,000GW of renewable energy capacity by 2030. That amount is about 70% of what is necessary to reach 11,000GW of capacity, the amount needed for the tripling goal agreed at the Cop28 UN climate summit in Dubai last year.

An anonymous reader quotes a report from PCMag: Justin Long, the actor known for playing the Mac guy in Apple's mid-2000s ad campaign is once again switching sides -- this time to promote new Windows laptops from Qualcomm. Long appeared in a video that Qualcomm showed during its Computex keynote. To introduce the segment, CEO Cristiano Amon said Qualcomm captured video of a "very special person" preordering a Windows Copilot+ laptop built with a Snapdragon X Elite chip.

In the clip, we see Long typing on an Apple MacBook at home and getting annoyed by all the incoming notifications, which include warnings that his laptop only has a 1% battery life and is running out of disk space. Long types in a search for "Where can I find a Snapdragon-powered PC?" and then stares at the camera, looking a bit ashamed, before saying: "What? Things change." Amon then returned to the stage to tell the Computex audience: "Yes, things change." In 2021, Long starred in an Intel ad campaign to promote the company's Windows PCs.

Further reading: Arm Targets 50% of Windows PC Market Share in Five Years, CEO Says

British chip designer Arm expects to capture more than half of the Windows PC market within the next five years, CEO Rene Haas said in an interview. The company's optimism comes as Microsoft and its hardware partners gear up to introduce a new generation of AI-powered PCs running on Arm-designed chips, potentially reshaping the Intel-dominated industry. Haas attributed Microsoft's commitment to supporting Arm's technology through enhanced developer tools as a key factor in the anticipated market shift.

An anonytmous reader shared a recent report from BleepingComputer: Cybercriminals are abusing Stack Overflow in an interesting approach to spreading malware — answering users' questions by promoting a malicious PyPi package that installs Windows information-stealing malware... "We further noticed that a StackOverflow account 'EstAYA G' [was] exploiting the platform's community members seeking debugging help [1, 2, 3] by directing them to install this malicious package as a 'solution' to their issue even though the 'solution' is unrelated to the questions posted by developers," explained Sonatype researcher Ax Sharma in the Sonatype report.
Sonatype's researcher "noticed that line 17 was laden with ...a bit too many whitespaces," according to the report, "in turn hiding code much further to the right which would be easy to miss, unless you notice the scroll bar. The command executes a base64-encoded payload..."

And then, reports BleepingComputer... When deobfuscated, this command will download an executable named 'runtime.exe' from a remote site and execute it. This executable is actually a Python program converted into an .exe that acts as an information-stealing malware to harvest cookies, passwords, browser history, credit cards, and other data from web browsers. It also appears to search through documents for specific phrases and, if found, steal the data as well.

All of this information is then sent back to the attacker, who can sell it on dark web markets or use it to breach further accounts owned by the victim.

The staggering electricity demand needed to power next-generation technology is forcing the US to rely on yesterday's fuel source: coal. From a report: Retirement dates for the country's ageing fleet of coal-fired power plants are being pushed back as concerns over grid reliability and expectations of soaring electricity demand force operators to keep capacity online. The shift in phasing out these facilities underscores a growing dilemma facing the Biden administration as the US race to lead in artificial intelligence and manufacturing drives an unprecedented growth in power demand that clashes with its decarbonisation targets. The International Energy Agency estimates the AI application ChatGPT uses nearly 10 times as much electricity as Google Search.

An estimated 54 gigawatts of US coal powered generation assets, about 4 per cent of the country's total electricity capacity, is expected to be retired by the end of the decade, a 40 per cent downward revision from last year, according to S&P Global Commodity Insights, citing reliability concerns. "You can't replace the fossil plants fast enough to meet the demand," said Joe Craft, chief executive of Alliance Resource Partners, one of the largest US coal producers. "In order to be a first mover on AI, we're going to need to embrace maintaining what we have." Operators slowing down retirements include Alliant Energy, which last week delayed plans to convert its Wisconsin coal-fired plant to gas from 2025 to 2028. Earlier this year, FirstEnergy announced it was scrapping its 2030 target to phase out coal, citing "resource adequacy concerns." Further reading: Data Centers Could Use 9% of US Electricity By 2030, Research Institute Says.

An anonymous reader quotes a report from Ars Technica: Some of the most infamous so-called shadow libraries have increasingly faced legal pressure to either stop pirating books or risk being shut down or driven to the dark web. Among the biggest targets are Z-Library, which the US Department of Justice has charged with criminal copyright infringement, and Library Genesis (Libgen), which was sued by textbook publishers last fall for allegedly distributing digital copies of copyrighted works "on a massive scale in willful violation" of copyright laws. But now these shadow libraries and others accused of spurning copyrights have seemingly found an unlikely defender in Nvidia, the AI chipmaker among those profiting most from the recent AI boom.

Nvidia seemed to defend the shadow libraries as a valid source of information online when responding to a lawsuit from book authors over the list of data repositories that were scraped to create the Books3 dataset used to train Nvidia's AI platform NeMo. That list includes some of the most "notorious" shadow libraries -- Bibliotik, Z-Library (Z-Lib), Libgen, Sci-Hub, and Anna's Archive, authors argued. However, Nvidia hopes to invalidate authors' copyright claims partly by denying that any of these controversial websites should even be considered shadow libraries.

"Nvidia denies the characterization of the listed data repositories as 'shadow libraries' and denies that hosting data in or distributing data from the data repositories necessarily violates the US Copyright Act," Nvidia's court filing said. The chipmaker did not go into further detail to define what counts as a shadow library or what potentially absolves these controversial sites from key copyright concerns raised by various ongoing lawsuits. Instead, Nvidia kept its response brief while also curtly disputing authors' petition for class-action status and defending its AI training methods as fair use. "Nvidia denies that it has improperly used or copied the alleged works," the court filing said, arguing that "training is a highly transformative process that may include adjusting numerical parameters including 'weights,' and that outputs of an LLM may be based, at least in part, on such 'weights.'" "Nvidia's argument likely depends on the court agreeing that AI models ingesting published works in order to transform those works into weights governing AI outputs is fair use," notes Ars. "However, authors have argued that 'these weights are entirely and uniquely derived from the protected expression in the training dataset' that has been copied without getting authors' consent or providing authors with compensation."

"Authors suing Nvidia have taken the next step, linking the chipmaker to shadow libraries by arguing that 'these shadow libraries have long been of interest to the AI-training community because they host and distribute vast quantities of unlicensed copyrighted material. For that reason, these shadow libraries also violate the US Copyright Act.'"

fjo3 quotes a report from Reuters: SpaceX on Wednesday launched an inaugural batch of operational spy satellites it built as part of a new U.S. intelligence network designed to significantly upgrade the country's space-based surveillance powers, the first deployment of several more planned this year. The spy network was revealed in a pair of Reuters reports earlier this year showing SpaceX is building hundreds of satellites for the U.S. National Reconnaissance Office, an intelligence agency, for a vast system in orbit capable of rapidly spotting ground targets almost anywhere in the world.

SpaceX's Falcon 9 rocket lifted off from the Vandenberg Space Force Base in Southern California at 4 a.m. EDT on Wednesday, carrying into space what the NRO said was the "first launch of the NRO's proliferated systems featuring responsive collection and rapid data delivery." "Approximately half a dozen launches supporting NRO's proliferated architecture are planned for 2024, with additional launches expected through 2028," the agency said, without naming the number of satellites deployed.