New York Attorney General Letitia James is suing three cryptocurrency companies -- Gemini, Genesis, and Digital Currency Group (DCG) -- over claims they misled investors, leading to the loss of over $1 billion. From a report: In a lawsuit filed on Thursday, James says their alleged fraudulent schemes affected over 230,000 investors. The lawsuit targets Gemini, the crypto exchange owned by Cameron and Tyler Winklevoss, and its Earn program. The firm marketed Gemini Earn as a high-yield program that involved customers investing with Genesis Global Capital, which is owned by DCG. However, James alleges that Gemini knew investing with Genesis was risky and misled customers as a result.

"A set of merge requests were opened to drop X.ORG (X11) from GNOME desktop," writes Slashdot reader motang. Phoronix reports: This merge request would remove the X11 session targets within gnome-session: "This is the first step towards deprecating the x11 session, the systemd targets are removed, but the x11 functionality is still there in so you can restore the x11 session by installing the targets in the appropriate place on your own. X11 has been receiving less and less testing. We have been defaulting to the wayland session since 2016 and it's about time we drop the x11 session completely. Let's remove the targets this cycle and maybe carry on with removing rest of the x11 session code next cycle."

That was followed by this merge request that would land later on -- more than likely, one cycle later -- for actually removing the X11 session code. Dropping that code would lighten up gnome-session by 3.6k lines of code directly.

An anonymous reader quotes a report from TechCrunch: Several groups of hacktivists have targeted Israeli websites with floods of malicious traffic following a surprise land, sea and air attack launched against Israel by militant group Hamas on Saturday, which prompted Israel to declare war and retaliate. Israeli newspaper The Jerusalem Post reported Monday that since Saturday morning its website was down "due to a series of cyberattacks initiated against us." At the time of writing, the paper's website still appeared down.

Rob Joyce, director of cybersecurity at the National Security Agency, reportedly said at a conference on Monday that there have been denial of service (DDoS) attacks and defacements of websites, without attributing the cyberattacks to particular groups. "But we're not yet seeing real [nation] state malicious actors," Joyce reportedly said. [...] Joyce's remarks appear to confirm findings of security researcher Will Thomas, who told TechCrunch that he has seen more than 60 websites taken down with DDoS attacks, and more than five websites that were defaced as of Monday.

It is common for hacktivist groups to launch cyberattacks during armed conflict, similar to what happened in Ukraine. These hackers are often not affiliated with any governments but rather a decentralized group of politically motivated hackers. Their activities can disrupt websites and services, but are far more limited compared to the activities of nation-state hacking groups. Researchers and government agencies like the NSA say they have only seen activity by hacktivists so far in this Hamas-Israel conflict. "The thing that has surprised me about the hacktivism surrounding this conflict is the amount of international groups involved, such as those allegedly from Bangladesh, Pakistan, and Morocco all also targeting Israel in support of Palestine," said Thomas. "We also seen long-time threat actors returning who have participated in attacks and spread them using the hashtag #OpIsrael for years."

"I have seen several posts of cybercriminal service operators such as DDoS-for-Hire or Initial Access Brokers offering their services to those wanting to target Israel or Palestine," he added.

An anonymous reader writes: Amidst a winter marked by scarce gas supplies, the German government has opted to retain its lignite coal power plants on standby for another season. Originally, Germany had planned a phased shutdown of coal plants in exchange for a portion of the government's €40 billion coal phase-out fund. However, last year, disruptions in Russian gas supplies post-Ukraine war prompted an emergency decision to keep coal plants operational. This measure is now extended for the upcoming winter, maintaining 1.9 GWs of lignite capacity alongside the existing 45 GW of coal power plants.

The primary purpose of these lignite plants is to alleviate gas demand during peak times and stabilize prices. Despite the economic benefits, the move raises environmental concerns, given lignite's status as a major climate polluter. The government acknowledges this and plans to assess the additional carbon emissions resulting from keeping coal plants on standby, estimated to be between 2.5 and 5.6 tonnes of CO2.

The German government emphasized the persistence of the goal to ideally complete the coal phase-out by 2030 and meet climate targets.

Fossil fuel exploration should cease globally by 2030 and funding to rescue poor countries from the impacts of the climate crisis should reach $200bn to $400bn a year by the same date, according to proposals in a UN report before the next climate summit. The Guardian: Countries were still "way off track" to meet the goals of the 2015 Paris climate agreement, the report found, and much more action would be needed to make it possible to limit global heating to 1.5C above preindustrial levels. The UN's synthesis report on the global stocktake, published on Wednesday, will form the basis for discussions at the Cop28 conference in Dubai, which begins at the end of November. The global stocktake is a process mandated under the Paris agreement, intended to check every five years on countries' progress on meeting their emissions-cutting goals.

Simon Stiell, the UN's climate chief, said the report offered a range of actions for governments to consider. "[These are] clear targets which provide a north star for the action that is required by countries," he said. Greenhouse gas emissions are still rising but there is broad agreement they must peak by 2025 at the latest if there is to be a chance of limiting temperature rises to 1.5C. "This is a major opportunity being presented for the course correction that is so urgently called for," Stiell said. "[The report] lays out elements that can be incorporated into a response." But while most countries agreed on the need to change direction, he said, there was "significant divergence" on how to achieve the changes needed.

A startup named OceanWell has partnered with southern California's Las Virgenes Municipal Water District "to study the feasibility of harvesting drinking water from desalination pods placed on the ocean floor," reports the Los Angeles Times: The company says that by combining desalination with off-shore energy technology, it can solve many of the challenges associated with traditional, land-based desalination, including high energy costs and salty byproducts that threaten marine life. The process could produce as much as 10 million gallons of fresh water per day — a significant gain for an inland district almost entirely reliant on imported supplies...

OceanWell says its technology can use up to 40% less energy by harvesting the water in pods placed at depths of about 1,400 feet, where naturally immense water pressure can help power the filtration process... Land-based facilities try to squeeze out as much freshwater as possible to help balance high energy costs, with typical targets of 50% freshwater and 50% brine from every gallon processed. But because OceanWell uses "free" pressure from the ocean, it can operate at a lower recovery rate of 10% to 15%, producing a much less salty byproduct that can be dissolved back into ambient conditions within seconds, she said...

The partnership with Las Virgenes will allow OceanWell to "stress test" the technology's capabilities in the reservoir and collect more data, said Kalyn Simon, OceanWell's director of engagement. The current goal is to be fully operational by 2028, producing an estimated 10 million gallons of freshwater per day.
Thanks to Slashdot reader Bruce66423 for sharing the article.

Rishi Sunak has vowed to press ahead with watering down key green measures despite intense criticism, because he still believes the UK will hit its net zero target in 2050. From a report: The prime minister defended defying the recommendations of the Climate Change Committee (CCC) and said he had "absolute confidence and belief" the country was on track to meet its end goal. In a BBC radio interview on Thursday morning, Sunak shrugged off suggestions he had ignored the view of the official body that advises governments on reducing emissions. He said: "I'm very happy to have opinions and advice from everybody, and everyone's entitled to their view. We're very confident -- being in government, with all the information at our disposal -- that we we are on track to hit all our targets."

Sunak told Radio 4's Today programme that Margaret Thatcher would have agreed with his rationale, and that it was not right for "working families" to face significant costs as part of the country's transition to net zero. But he struggled to provide an explanation for claims he had scrapped measures critics said had never seriously been mooted -- such as an alleged tax on meat, compulsory car sharing and forcing households to use seven recycling bins. "These are all things that have been raised by very credible people," he argued. When pressed, Sunak was unable to provide evidence that those specific measures had been suggested by anyone and instead said they had been euphemistically advocated for by bodies such as the CCC.

An anonymous reader quotes a report from Computer Weekly: A doctoral thesis by American investigative journalist and post-doctoral researcher Jacob Appelbaum has now revealed unpublished information from the Snowden archive. These revelations go back a decade, but remain of indisputable public interest:

- The NSA listed Cavium, an American semiconductor company marketing Central Processing Units (CPUs) – the main processor in a computer which runs the operating system and applications -- as a successful example of a "SIGINT-enabled" CPU supplier. Cavium, now owned by Marvell, said it does not implement back doors for any government.
- The NSA compromised lawful Russian interception infrastructure, SORM. The NSA archive contains slides showing two Russian officers wearing jackets with a slogan written in Cyrillic: "You talk, we listen." The NSA and/or GCHQ has also compromised Key European LI [lawful interception] systems.
- Among example targets of its mass surveillance program, PRISM, the NSA listed the Tibetan government in exile.

These revelations have surfaced for the first time thanks to a doctoral thesis authored by Appelbaum towards earning a degree in applied cryptography from the Eindhoven University of Technology in the Netherlands. Communication in a world of pervasive surveillance is a public document and has been downloaded over 18,000 times since March 2022 when it was first published. [...] We asked Jacob Appelbaum, currently a post-doctoral researcher at the Eindhoven University of Technology, why he chose to publish those revelations in a technically written thesis rather than a mass-circulation newspaper. He replied: "As an academic, I see that the details included are in the public interest, and highly relevant for the topic covered in my thesis, as it covers the topic of large-scale adversaries engaging in targeted and mass surveillance." According to The Register, "Marvell (the owner of Cavium since 2018) denies the allegations that it or Cavium placed backdoors in products at the behest of the U.S. government.

Appelbaum's thesis wasn't given much attention until it was mentioned in Electrospaces.net's security blog last week.

China accused the U.S. of infiltrating Huawei servers beginning in 2009, part of a broad-based effort to steal data that culminated in tens of thousands of cyber-attacks against Chinese targets last year. From a report: The Tailored Access Operations unit of the National Security Agency carried out the attacks in 2009, which then continuously monitored the servers, China's Ministry of State Security said in a post on its official WeChat account on Wednesday. It didn't provide details of attacks since 2009. Cyberattacks are a point of tension between Washington and Beijing, which has accused its political rival of orchestrating attacks against Chinese targets ever since Edward Snowden made explosive allegations about U.S. spying. Washington and cybersecurity researchers have said the Asian country has sponsored attacks against the West.

The ministry's accusations emerged as the two countries battle for technological supremacy. Huawei in particular has spurred alarm in Washington since the telecom leader unveiled a smartphone powered by an advanced chip it designed, which was made by Semiconductor Manufacturing International Corp. That's in spite of years-long U.S. sanctions intended to cut Huawei off from the American technology it needs to design sophisticated chips and phones. The U.S. has been "over-stretching" the concept of national security with its clampdown on Chinese enterprises, Foreign Ministry spokeswoman Mao Ning told reporters at a regular press briefing in Beijing on Wednesday. "What we want to tell the US is that suppression and containing of China will not stop China's development. It will only make us more resolved in our development," Mao said.

Microsoft Gaming CEO Phil Spencer would really like to buy Nintendo someday. From a report: In an August 2020 email to two top Microsoft marketing executives, Spencer wrote that "Nintendo is THE prime asset for us in Gaming" and that "getting Nintendo would be a career moment and I honestly believe a good move for both companies." The emails were revealed as part of a tranche of leaked documents from the FTC v. Microsoft lawsuit. One executive, Takeshi Numoto, asked Spencer and Chris Capossela in an email titled "random thought" about why Microsoft isn't finding acquisition targets like Nintendo a "more attractive" way to "increase our consumer exposure and relevance."

GoDaddy needs to cut more jobs, reduce the tech budget, and address why it is falling short of financial targets outlined at its shareholder day in 2022, or the board should consider exploring a sale of the business. From a report: This is the view from activist investor Starboard Blue LLP, GoDaddy's third largest shareholder and one which is agitating for change and a seat on the corporation's board, something it has so far failed to secure. An open letter [PDF] to GoDaddy's top brass starts off friendly enough, with Starboard Value managing member Peter Feld describing the business as a "one-stop shop for micro- and small-businesses looking to develop a web presence."

Feld says Starboard Value invested in the stock, a move it made public in early 2022, on the basis of opportunities for strong revenue growth, "meaningful margin expansion" and a "more appropriate capital allocation strategy." "Unfortunately, despite each of these opportunities remaining, over the last 18 months we have been disappointed by GoDaddy's operational, financial and stock price performance," the letter adds. At the investor day, GoDaddy projected compound annual growth in revenue of 10 percent between 2022 and 2024, as well as 15 percent EBITDA, 20 percent free cashflow per share and $3 billion in share buybacks. Further reading: Alphabet Selling Google Domains Assets To Squarespace.

Governments are failing to cut greenhouse gas emissions fast enough to meet the goals of the Paris agreement and to stave off climate disaster, a major report by the UN has found. From a report: Meeting the goals will require "phasing out all unabated fossil fuels," the report says, in an acknowledgment that some oil-producing countries may find hard to take. The need to phase out fossil fuels has not been explicitly adopted by the UN before, under successive rounds of climate talks, and language over "phasing out" or "phasing down" fossil fuels has caused controversy at the annual UN climate talks.

There is a "rapidly narrowing window" for governments to move faster, according to the report, as global greenhouse gas emissions must peak by 2025 at the latest, and be rapidly reduced from there, to limit temperature rises to 1.5C above pre-industrial levels. Emissions are still rising, however, and there is a gap of 20 to 23 gigatonnes of CO2 between the cuts needed by 2030 to limit global temperatures to 1.5C and the world's current emissions trajectory. The report, which was expected next week but was published hurriedly in draft by the UN on Friday, will form the basis of the first "global stocktake" under the 2015 Paris agreement. That process is meant to track countries' efforts to meet the goals of the treaty.

An anonymous reader quotes a report from CNBC: Chinese state-aligned influence and disinformation campaigns are impersonating U.S. voters and targeting political candidates on multiple social media platforms with improved sophistication, Microsoft said in a threat analysis report Thursday. Chinese Communist Party-affiliated "covert influence operations have now begun to successfully engage with target audiences on social media to a greater extent than previously observed," according to the report, which focused on the rise in "digital threats from East Asia." The Microsoft report also cautioned that some Chinese influence campaigns are now using generative artificial intelligence to create visual content that's "already drawn higher levels of engagement from authentic" users, a trend the company said began around March.

Chinese influence campaigns have historically struggled to gain traction with intended targets, who in this case are U.S. voters and residents. But since the 2022 midterm elections, those efforts have become more effective, Microsoft warned. Microsoft found content from Chinese influence campaigns on multiple apps, including Meta's Facebook and Instagram, Microsoft-owned LinkedIn, and X. In August, Facebook parent Meta announced it had disrupted the largest ever identified disinformation campaign and linked it to China state-affiliated actors. Microsoft's report included screenshots of two different X posts in April that were identified as CCP-affiliated disinformation. Both were about the Black Lives Matter movement and had the same graphic. The first came from an automated CCP-affiliated account. The second, Microsoft said, was uploaded by an account impersonating a conservative U.S. voter seven hours later.

Slash_Account_Dot writes: Customs and Border Protection (CBP) has told airports it plans to increase its targets for scanning passengers with facial recognition as they leave the U.S., according to an internal airport email obtained by 404 Media. The new goal will be to scan 75 percent of all passengers, the email adds. The news signals CBP's increasing focus on biometric, and in particular facial recognition, systems at airports. Although it is unclear if related to the shift in goals, one traveler was also recently told by airline industry staff "CBP said everyone has to do it" when they asked to opt-out of facial recognition while boarding for an international flight last month.

Chinese oil giant Sinopec last month made a surprise announcement that mostly flew under the radar. It's now expecting gasoline demand in China to peak this year, two years earlier than its previous outlooks. The main culprit? The surging number of electric vehicles on the road. Bloomberg: Calling peaks is often a no-win endeavor for industry analysts. The call will either be correct but seem obvious after the fact, or wrong and lead to years of mockery. But this isn't an analyst calling a peak; it's China's largest fuel distributor. Sinopec knows the fuel business, and more importantly, it has an interest in the business remaining robust. Saying it's all downhill from here for gasoline is quite a statement.

China has been the largest driver of global growth for refined oil products like gasoline and diesel over the last two decades. But EV adoption rates in China are now soaring, with August figures likely to show plug-in vehicles hitting 38% of new passenger-vehicle sales. That's up from just 6% in 2020 and is starting to materially dent fuel demand. Fuel demand in two and three-wheeled vehicles is already in structural decline, with BNEF estimating that 70% of total kilometers traveled by these vehicles already switched over to electric. Fuel demand for cars will be the next to turn, since well over 5% of the passenger-vehicle fleet is now either battery-electric or plug-in hybrid. The internal combustion vehicle fleet is also becoming more efficient due to rising fuel-economy targets.

Shell PLC has quietly abandoned its plan to spend $100 million a year on carbon credits, "which is the largest offset program among corporations," notes CarbonCredits.com. The move comes six months after its new CEO Wael Sawan took office. From the report: In June, Sawan announced a major shift in Shell's strategy -- to maintain its current level of oil production until 2030, not to reduce it as initially declared, while reducing costs and increasing shareholders profits. What the CEO missed to reveal at the time is the energy giant's plans for investing in carbon credit projects. These credits are part of Shell's offsetting program in line with its 2050 net zero emissions goal. Shell has made a commitment to cut Scope 1 and 2 emissions by 50% by 2030 and reach net zero by 2050. It managed to reduce total emissions from all scopes (Scope 1, 2, and 3) in 2022 compared to 2016 levels. A big part of the oil major's carbon reduction strategy is the use of carbon credits to offset emissions.

Originally, Shell aimed at spending $100 million each year on carbon offsets. The oil company also targeted to generate 120 million carbon credits yearly by 2030 from natural carbon sequestration projects. These targets would have offset about 10% of Shell's carbon emissions. But with the company's recent revelation, they confirmed that they're putting an end to those plans. However, the company hasn't revealed publicly any new plans for carbon credits or how they now intend to meet their climate targets. According to Shell, those prior goals weren't attainable due to the lack of carbon offsets that meet its quality standards. [...]

As what [Flora Ji, a 17-year Shell veteran confirmed], Shell's long-term approach to carbon reduction toward net zero follows the Science-Based Targets initiative. That means avoiding emissions first and reducing them before resorting to carbon offsets. If Shell stays loyal to its net zero pledge, it will still need carbon offsets eventually, according to BloombergNEF analysis. The Dutch energy giant will be needing the offset credits for the residual emissions on its way to net zero. Indeed, Shell is not totally abandoning its carbon offset efforts; only the $100M and 120M credit targets. And though it's prioritizing its short-term goal of maximizing profits, it has yet to disclose new plans for its long-term climate targets.

An anonymous reader quotes a report from Ars Technica: Russia's military intelligence unit has been targeting Ukrainian Android devices with "Infamous Chisel," the tracking name for new malware that's designed to backdoor devices and steal critical information, Western intelligence agencies said on Thursday. "Infamous Chisel is a collection of components which enable persistent access to an infected Android device over the Tor network, and which periodically collates and exfiltrates victim information from compromised devices," intelligence officials from the UK, US, Canada, Australia, and New Zealand wrote (PDF). "The information exfiltrated is a combination of system device information, commercial application information and applications specific to the Ukrainian military."

Infamous Chisel gains persistence by replacing the legitimate system component known as netd with a malicious version. Besides allowing Infamous Chisel to run each time a device is restarted, the malicious netd is also the main engine for the malware. It uses shell scripts and commands to collate and collect device information and also searches directories for files that have a predefined set of extensions. Depending on where on the infected device a collected file is located, netd sends it to Russian servers either immediately or once a day. When exfiltrating files of interest, Infamous Chisel uses the TLS protocol and a hard-coded IP and port. Use of the local IP address is likely a mechanism to relay the network traffic over a VPN or other secure channel configured on the infected device. This would allow the exfiltration traffic to blend in with expected encrypted network traffic. In the event a connection to the local IP and port fails, the malware falls back to a hard-coded domain that's resolved using a request to dns.google.

Infamous Chisel also installs a version of the Dropbear SSH client that can be used to remotely access a device. The version installed has authentication mechanisms that have been modified from the original version to change the way users log in to an SSH session. [...] The report didn't say how the malware gets installed. In the advisory Ukraine's security service issued earlier this month (PDF), officials said that Russian personnel had "captured Ukrainian tablets on the battlefield, pursuing the aim to spread malware and abuse available access to penetrate the system." It's unclear if this was the vector.

According to TechCrunch, unnamed hackers reportedly breached the spyware firm WebDetetive, deleting device information to protect surveillance victims and denying spyware users new data. Engadget reports: Users of the spyware won't get any new data from their targets. "Because #fuckstalkerware," the hackers wrote in a note obtained by TechCrunch. The WebDetetive breach compromised more than 76,000 devices belonging to customers of the stalkerware, and more than 1.5 gigabytes of data freed from app's servers, according to the hackers.

While TechCrunch did not independently confirm the deletion of victim's data from the WebDetetive server, a cache of data shared by the hackers provided a look at what they were able to accomplish. TechCrunch also worked with a nonprofit that logs exposed datasets, DDoSecrets, to verify and analyze the information. Hackers obtained information on customers like IP addresses and devices that they targeted.

An anonymous reader shared this report from the New York Times: It is powered into flight by a rocket engine. It can fly a distance equal to the width of China. It has a stealthy design and is capable of carrying missiles that can hit enemy targets far beyond its visual range. But what really distinguishes the Air Force's pilotless XQ-58A Valkyrie experimental aircraft is that it is run by artificial intelligence, putting it at the forefront of efforts by the U.S. military to harness the capacities of an emerging technology whose vast potential benefits are tempered by deep concerns about how much autonomy to grant to a lethal weapon.

Essentially a next-generation drone, the Valkyrie is a prototype for what the Air Force hopes can become a potent supplement to its fleet of traditional fighter jets, giving human pilots a swarm of highly capable robot wingmen to deploy in battle. Its mission is to marry artificial intelligence and its sensors to identify and evaluate enemy threats and then, after getting human sign-off, to move in for the kill... The emergence of artificial intelligence is helping to spawn a new generation of Pentagon contractors who are seeking to undercut, or at least disrupt, the longstanding primacy of the handful of giant firms who supply the armed forces with planes, missiles, tanks and ships. The possibility of building fleets of smart but relatively inexpensive weapons that could be deployed in large numbers is allowing Pentagon officials to think in new ways about taking on enemy forces.

It also is forcing them to confront questions about what role humans should play in conflicts waged with software that is written to kill...
The article adds that the U.S. Air Force plans to build 1,000 to 2,000 AI drones for as little as $3 million apiece. "Some will focus on surveillance or resupply missions, others will fly in attack swarms and still others will serve as a 'loyal wingman' to a human pilot....

"A recently revised Pentagon policy on the use of artificial intelligence in weapons systems allows for the autonomous use of lethal force — but any particular plan to build or deploy such a weapon must first be reviewed and approved by a special military panel."

The New York Times explores harrowing stories about recent airplane near-miss "close calls" on U.S. runways: The incidents — highlighted in preliminary F.A.A. safety reports but not publicly disclosed — were among a flurry of at least 46 close calls involving commercial airlines last month alone... While there have been no major U.S. plane crashes in more than a decade, potentially dangerous incidents are occurring far more frequently than almost anyone realizes — a sign of what many insiders describe as a safety net under mounting stress. So far this year, close calls involving commercial airlines have been happening, on average, multiple times a week, according to a Times analysis of internal F.A.A. records, as well as thousands of pages of federal safety reports and interviews with more than 50 current and former pilots, air traffic controllers and federal officials.

The incidents often occur at or near airports and are the result of human error, the agency's internal records show... The close calls have involved all major U.S. airlines and have happened nationwide... In addition to the F.A.A. records, The Times analyzed a database maintained by NASA that contains confidential safety reports filed by pilots, air traffic controllers and others in aviation. The analysis identified a similar phenomenon: In the most recent 12-month period for which data was available, there were about 300 accounts of near collisions involving commercial airlines... One problem is that despite repeated recommendations from safety authorities, the vast majority of U.S. airports have not installed warning systems to help prevent collisions on runways.

But the most acute challenge, The Times found, is that the nation's air traffic control facilities are chronically understaffed. While the lack of controllers is no secret — the Biden administration is seeking funding to hire and train more — the shortages are more severe and are leading to more dangerous situations than previously known. As of May, only three of the 313 air traffic facilities nationwide had enough controllers to meet targets set by the F.A.A. and the union representing controllers, The Times found. Many controllers are required to work six-day weeks and a schedule so fatiguing that multiple federal agencies have warned that it can impede controllers' abilities to do their jobs properly.