An anonymous reader quotes a report from BleepingComputer: AT&T says a massive trove of data impacting 71 million people did not originate from its systems after a hacker leaked it on a cybercrime forum and claimed it was stolen in a 2021 breach of the company. While BleepingComputer has not been able to confirm the legitimacy of all the data in the database, we have confirmed some of the entries are accurate, including those whose data is not publicly accessible for scraping. The data is from an alleged 2021 AT&T data breach that a threat actor known as ShinyHunters attempted to sell on the RaidForums data theft forum for a starting price of $200,000 and incremental offers of $30,000. The hacker stated they would sell it immediately for $1 million.

AT&T told BleepingComputer then that the data did not originate from them and that its systems were not breached. "Based on our investigation today, the information that appeared in an internet chat room does not appear to have come from our systems," AT&T told BleepingComputer in 2021. When we told ShinyHunters that AT&T said the data did not originate from them, they replied, "I don't care if they don't admit. I'm just selling." AT&T continues to tell BleepingComputer today that they still see no evidence of a breach in their systems and still believe that this data did not originate from them.

Today, another threat actor known as MajorNelson leaked data from this alleged 2021 data breach for free on a hacking forum, claiming it was the data ShinyHunters attempted to sell in 2021. This data includes names, addresses, mobile phone numbers, encrypted date of birth, encrypted social security numbers, and other internal information. However, the threat actors have decrypted the birth dates and social security numbers and added them to another file in the leak, making those also accessible. BleepingComputer has reviewed the data, and while we cannot confirm that all 73 million lines are accurate, we verified some of the data contains correct information, including social security numbers, addresses, dates of birth, and phone numbers. Furthermore, other cybersecurity researchers, such as Dark Web Informer, who first told BleepingComputer about the leaked data, and VX-Underground have also confirmed some of the data to be accurate. Despite AT&T's statement, BleepingComputer says if you were an AT&T customer before and through 2021, it's "[safe] to assume that your data was exposed and can be used in targeted attacks."

Have I Been Pwned's Troy Hunt writes: "I have proven, with sufficient confidence, that the data is real and the impact is significant."

Longtime Slashdot reader theodp writes: Last October, tech-backed nonprofit Code.org publicly called out Indiana in its 2023 State of Computer Science Education report, advising the Hoosier state it needed to heed Code.org's new policy recommendation and "adopt a graduation requirement for all high school students in computer science." Having already joined 49 other Governors who signed a Code.org-organized compact calling for increased K-12 CS education in his state after coming under pressure from hundreds of the nation's tech, business, and nonprofit leaders, Indiana Governor Eric J. Holcomb apparently didn't need much convincing. "We must prepare our students for a digitally driven world by requiring Computer Science to graduate from high school," Holcomb proclaimed in his January State of the State Address. Two months later -- following Microsoft-applauded testimony for legislation to make it so by Code.org partners College Board and Nextech (the Indiana Code.org Regional Partner which is also paid by the Indiana Dept. of Education to prepare educators to teach K-12 CS, including Code.org's curriculum) -- Holcomb on Wednesday signed House Bill 1243 into law, making CS a HS graduation requirement. The IndyStar reports students beginning with the Class of 2029 will be required to take a computer science class that must include instruction in algorithms and programming, computing systems, data and analysis, impacts of computing and networks and the internet.

The new law is not Holcomb's first foray into K-12 CS education. Back in 2017, Holcomb and Indiana struck a deal giving Infosys (a big Code.org donor) the largest state incentive package ever -- $31M to bring 2,000 tech employees to Central Indiana — that also promised to make Indiana kids more CS savvy through the Infosys Foundation USA, headed at the time by Vandana Sikka, a Code.org Board member and wife of Infosys CEO Vishal Sikka. Following the announcement of the now-stalled deal, Holcomb led a delegation to Silicon Valley where he and Indiana University (IU) President Michael McRobbie joined Code.org CEO Hadi Partovi and Infosys CEO Vishal Sikka on a Thought Leader panel at the Infosys Confluence 2017 conference to discuss Preparing America for Tomorrow. At the accompanying Infosys Crossroads 2017 CS education conference, speakers included Sikka's wife Vandana, McRobbie's wife Laurie Burns McRobbie, Nextech President and co-CEO Karen Jung, Code.org execs, and additional IU educators. Later that year, IU 'First Lady' Laurie Burns McRobbie announced that Indiana would offer the IU Bloomington campus as a venue for Infosys Foundation USA's inaugural Pathfinders Summer Institute, a national event for K-12 teacher education in CS that offered professional development from Code.org and Nextech, as well as an unusual circumvent-your-school's-approval-and-name-your-own-stipend funding arrangement for teachers via an Infosys partnership with the NSF and DonorsChoose that was unveiled at the White House.

And that, Schoolhouse Rock Fans, is one more example of how Microsoft's National Talent Strategy is becoming Code.org-celebrated K-12 CS state laws!

An anonymous reader quotes a report from TorrentFreak: Back in 2004, in the pre-Web 2.0 era, research indicated that BitTorrent was responsible for an impressive 35% of all Internet traffic. At the time, file-sharing via peer-to-peer networks was the main traffic driver as no other services consumed large amounts of bandwidth. Fast-forward two decades and these statistics are ancient history. With the growth of video streaming, including services such as YouTube, Netflix, and TikTok, file-sharing traffic is nothing more than a drop in today's data pool. [...]

This week, Canadian broadband management company Sandvine released its latest Global Internet Phenomena Report which makes it clear that BitTorrent no longer leads any charts. The latest data show that video and social media are the leading drivers of downstream traffic, accounting for more than half of all fixed access and mobile data worldwide. Needless to say, BitTorrent is nowhere to be found in the list of 'top apps'. Looking at upstream traffic, BitTorrent still has some relevance on fixed access networks where it accounts for 4% of the bandwidth. However, it's been surpassed by cloud storage apps, FaceTime, Google, and YouTube. On mobile connections, BitTorrent no longer makes it into the top ten. The average of 46 MB upstream traffic per subscriber shouldn't impress any file-sharer. However, since only a small percentage of all subscribers use BitTorrent, the upstream traffic per user is of course much higher.

A new EFF web page is urging U.S. readers to "Tell Congress: Stop the TikTok Ban," arguing the bill will "do little for its alleged goal of protecting our private information and the collection of our data by foreign governments." Tell Congress: Instead of giving the President the power to ban entire social media platforms based on their country of origin, our representatives should focus on what matters — protecting our data no matter who is collecting it... It's a massive problem that current U.S. law allows for all the big social media platforms to harvest and monetize our personal data, including TikTok. Without comprehensive data privacy legislation, this will continue, and this ban won't solve any real or perceived problems. User data will still be collected by numerous platforms and sold to data brokers who sell it to the highest bidder — including governments of countries such as China — just as it is now.

TikTok raises special concerns, given the surveillance and censorship practices of the country that its parent company is based in, China. But it's also used by hundreds of millions of people to express themselves online, and is an instrumental tool for community building and holding those in power accountable. The U.S. government has not justified silencing the speech of Americans who use TikTok, nor has it justified the indirect speech punishment of a forced sale (which may prove difficult if not impossible to accomplish in the required timeframe). It can't meet the high constitutional bar for a restriction on the platform, which would undermine the free speech and association rights of millions of people. This bill must be stopped.

Newsweek points out that a Chinese government post arguing the bill is "on the wrong side of fair competition" was flagged by users on X. "TikTok is banned in the People's Republic of China," the X community note read. (The BBC reports that "Instead, Chinese users use a similar app, Douyin, which is only available in China and subject to monitoring and censorship by the government.")

Newsweek adds that China "has also blocked access to YouTube, Facebook, Instagram, and Google services. X itself is also banned — though Chinese diplomats use the microblogging app to deliver Beijing's messaging to the wider world."

From the Wall Street Journal: Among the top concerns for [U.S.] intelligence leaders is that they wouldn't even necessarily be able to detect a Chinese influence operation if one were taking place [on TikTok] due to the opacity of the platform and how its algorithm surfaces content to users. Such operations, FBI director Christopher Wray said this week in congressional testimony, "are extraordinarily difficult to detect, which is part of what makes the national-security concerns represented by TikTok so significant...."

Critics of the bill include libertarian-leaning lawmakers, such as Sen. Rand Paul (R., Ky.), who have decried it as a form of government censorship. "The Constitution says that you have a First Amendment right to express yourself," Paul told reporters Thursday. TikTok's users "express themselves through dancing or whatever else they do on TikTok. You can't just tell them they can't do that." In the House, a bloc of 50 Democrats voted against the bill, citing concerns about curtailing free speech and the impact on people who earn income on the app. Some Senate Democrats have raised similar worries, as well as an interest in looking at a range of social-media issues at rival companies such as Meta Platforms.

"The basic idea should be to put curbs on all social media, not just one," Sen. Elizabeth Warren (D., Mass.) said Thursday. "If there's a problem with privacy, with how our children are treated, then we need to curb that behavior wherever it occurs."
Some context from the Columbia Journalism Review: Roughly one-third of Americans aged 18-29 regularly get their news from TikTok, the Pew Research Center found in a late 2023 survey. Nearly half of all TikTok users say they regularly get news from the app, a higher percentage than for any other social media platform aside from Twitter.

Almost 40 percent of young adults were using TikTok and Instagram for their primary Web search instead of the traditional search engines, a Google senior vice president said in mid-2022 — a number that's almost certainly grown since then. Overall, TikTok claims 150 million American users, almost half the US population; two-thirds of Americans aged 18-29 use the app.
Some U.S. politicians believe TikTok "radicalized" some of their supporters "with disinformation or biased reporting," according to the article.

Meanwhile in the Guardian, a Duke University law professor argues "this saga demands a broader conversation about safeguarding democracy in the digital age." The European Union's newly enacted AI act provides a blueprint for a more holistic approach, using an evidence- and risk-based system that could be used to classify platforms like TikTok as high-risk AI systems subject to more stringent regulatory oversight, with measures that demand transparency, accountability and defensive measures against misuse.
Open source advocate Evan Prodromou argues that the TikTok controversy raises a larger issue: If algorithmic curation is so powerful, "who's making the decisions on how they're used?" And he also proposes a solution.

"If there is concern about algorithms being manipulated by foreign governments, using Fediverse-enabled domestic software prevents the problem."

"Multiple users around the world have started to notice new Microsoft Bing pop-up ads that look a lot like malware..." reports Lifehacker, describing the adds as "very low quality" and "extremely pixelated..."

"It's just Microsoft doing a bad job of trying to get you to switch to its products."

The Register explains: [W]hile using Google's desktop browser on Windows 10 or 11, a dialog box suddenly and irritatingly appears to the side of the screen urging folks to make Microsoft's Bing the default search engine in Chrome. Not only that, netizens are told they can use Chrome to interact with Bing's OpenAI GPT-4-powered chat bot, allowing them to ask questions and get answers using natural language. We can forgive those who thought this was malware at first glance. "Chat with GPT-4 for free on Chrome!" the pop-up advert, shown below, declares. "Get hundreds of daily chat turns with Bing AI."

It goes on: "Try Bing as default search," then alleges: "Easy to switch back. Install Bing Service to improve chat experience." Users are encouraged to click on "Yes" in the Microsoft pop-up to select Bing as Chrome's default search engine. What's really gross is the next part. Clicking "Yes" installs the Bing Chrome extension and changes the default search provider. Chrome alerts the user in another dialog box that something potentially malicious is trying to update their settings. Google's browser recommends you click on a "Change it back" button to undo the tweak.

But Redmond is one step ahead, displaying a message underneath Chrome's alert that reads: "Wait — don't change it back! If you do, you'll turn off Microsoft Bing Search for Chrome and lose access to Bing AI with GPT-4 and DALL-E 3."

This is where we're at: Two Big Tech giants squabbling in front of users via dialog boxes.
"Essentially, users are caught in a war of pop-ups between one company trying to pressure you into using its AI assistant/search engine," writes Engadget, "and another trying to keep you on its default (which you probably wanted if you installed Chrome in the first place).

"Big Tech's battles for AI and search supremacy are turning into obnoxious virtual shouting matches in front of users' eyeballs as they try to browse the web."

Or, as Lifehacker puts it, "If Microsoft really wants to increase the number of users turning to Bing for its search results, it needs to prove that there's a real reason to switch. And these malware-like ads aren't the solution."

When it comes to TikTok, "The Chinese government is signaling that it won't allow a forced sale..." reported the Wall Street Journal Friday, "limiting options for the app's owners as buyers begin lining up to bid for its U.S. operations..."

"They have also sent signals to TikTok's owner, Beijing-based ByteDance, that company executives have interpreted as meaning the government would rather the app be banned in the U.S. than be sold, according to people familiar with the matter."

But that's not always how it plays out. McClatchy notes that in 2019 the Committee on Foreign Investment in the U.S. ordered Grindr's Chinese owners to relinquish control of Grindr. "A year later, the Chinese owners voluntarily complied and sold the company to San Vicente Acquisition, incorporated in Delaware, for around $608 million, according to Forbes."

And CNN reminds us that the world's most-populous country already banned TikTok more than three years ago: In June 2020, after a violent clash on the India-China border that left at least 20 Indian soldiers dead, the government in New Delhi suddenly banned TikTok and several other well-known Chinese apps. "It's important to remember that when India banned TikTok and multiple Chinese apps, the US was the first to praise the decision," said Nikhil Pahwa, the Delhi-based founder of tech website MediaNama. "[Former] US Secretary of State Mike Pompeo had welcomed the ban, saying it 'will boost India's sovereignty.'"

While India's abrupt decision shocked the country's 200 million TikTok users, in the four years since, many have found other suitable alternatives. "The ban on Tiktok led to the creation of a multibillion dollar opportunity ... A 200 million user base needed somewhere to go," said Pahwa, adding that it was ultimately American tech companies that seized the moment with their new offerings... Within a week of the ban, Meta-owned Instagram cashed in by launching its TikTok copycat, Instagram Reels, in India. Google introduced its own short video offering, YouTube Shorts. Homegrown alternatives such as MX Taka Tak and Moj also began seeing a rise in popularity and an infux in funding. Those local startups soon fizzled out, however, unable to match the reach and financial firepower of the American firms, which are flourishing.
In fact, at the time India "announced a ban on more than 50 Chinese apps," remembers the Washington Post, adding that Nepal also announced a ban on TikTok late last year.

Their article points out that TikTok has also been banned by top EU policymaking bodies, while "Government staff in some of the bloc's 27 member states, including Belgium, Denmark and the Netherlands, have also been told not to use TikTok on their work phones." Canada banned TikTok from all government-issued phones in February 2023, after similar steps in the United States and the European Union.... Britain announced a TikTok ban on government ministers' and civil servants' devices last year, with officials citing the security of state information. Australia banned TikTok from all federal government-owned devices last year after seeking advice from intelligence and security agencies.
A new EFF web page warns that America's new proposed ban on TikTok could also apply to apps like WeChat...

Microsoft has eliminated egress fees for customers removing data from its Azure cloud, joining Amazon Web Services and Google in this move. The decision comes as the European Data Act's provisions targeting lock-in terms are set to take effect in 2025. Microsoft adds: Azure already offers the first 100GB/month of egressed data for free to all customers in all Azure regions around the world. If you need to egress more than 100GB/month, please follow these steps to claim your credit. Contact Azure Support for details on how to start the data transfer-out process. Please comply with the instructions to be eligible for the credit. Azure Support will apply the credit when the data transfer process is complete and all Azure subscriptions associated to the account have been canceled. The exemption on data transfer out to the internet fees also aligns with the European Data Act and is accessible to all Azure customers globally and from any Azure region.

Roman Sterlingov, the founder of a $400 million crypto-mixing service called Bitcoin Fog, has been convicted of money laundering in a United State District Court on Tuesday. Other charges include money laundering conspiracy, operating an unlicensed money-transmitting business, and violations of the D.C. Money Transmitters Act. CoinTelegraph reports: Sterlingov, however, had argued throughout the trial that he was only a user of the service, and not its operator. His attorney, Tok Ekeland said in a March 12 X post that his team will appeal the verdict. According to evidence presented at the trial, Sterlingov operated Bitcoin Fog from October 2011 to April 2021, which acted as a money laundering service for "criminals seeking to hide their illicit proceeds from law enforcement."

The service moved over 1.2 million Bitcoin over the decade-long operation -- worth $400 million at the time of the transactions -- with the bulk of cryptocurrency coming from darknet marketplaces tied to narcotics, computer fraud abuse and identity theft, the government said. Bitcoin Fog also served distributors of child sexual abuse material. Evidence used to convict Sterlingov found that the "vast majority" of crypto deposited to his crypto exchange accounts came from "Bitcoin clusters" associated with Bitcoin Fog. "Evidence presented at trial clearly showed that the defendant laundered hundreds of millions of illicit funds from the dark web through Bitcoin Fog in an attempt to conceal the origin of those funds," said Internal Revenue Service (IRS) Criminal Investigation Chief Jim Lee.

Connor Jones reports via The Register: Stanford University says the cybersecurity incident it dealt with last year was indeed ransomware, which it failed to spot for more than four months. Keen readers of El Reg may remember the story breaking toward the end of October 2023 after Akira posted Stanford to its shame site, with the university subsequently issuing a statement simply explaining that it was investigating an incident, avoiding the dreaded R word. Well, surprise, surprise, ransomware was involved, according to a data breach notice sent out to the 27,000 people affected by the attack.

Akira targeted the university's Department of Public Safety (DPS) and this week's filing with the Office of the Maine Attorney General indicates that Stanford became aware of the incident on September 27, more than four months after the initial breach took place. According to Monday's filing, the data breach occurred on May 12 2023 but was only discovered on September 27 of last year, raising questions about whether the attacker(s) was inside the network the entire time and why it took so long to spot the intrusion.

It's not fully clear what information was compromised, but the draft letters include placeholders for three different variables. However, the filing with Maine's AG suggests names and social security numbers are among the data types to have been stolen. All affected individuals have been offered 24 months of free credit monitoring, including access to a $1 million insurance reimbursement policy and ID theft recovery services. Akira's post dedicated to Stanford on its leak site claims it stole 430 GB worth of data, including personal information and confidential documents. It's all available to download via a torrent file and the fact it remains available for download suggests the research university didn't pay whatever ransom the attackers demanded.

Apple is planning to make further changes in EU countries to allow some developers to distribute their iOS apps directly from a website. From a report: The new web distribution feature will be available with a software update "later this spring," according to Apple, providing developers with a key new way to distribute iOS apps in EU markets without the need for a separate app store -- as long as they're willing to adhere to Apple's strict rules.

While Apple is opening up iOS to more third-party apps here, these are still some key security protections around how apps are distributed via websites -- namely, you'll still have to work within the strict Apple app development ecosystem.

Contributors from Apple, Google, Microsoft, and Mozilla, writing for BrowserBench: Since the initial version of the Speedometer benchmark was released in 2014 by the WebKit team, it has become a key tool for browser engines to drive performance optimizations as users and developers continue to demand richer and smoother experiences online.

We're proud to release Speedometer 3.0 today as a collaborative effort between the three major browser engines: Blink, Gecko, and WebKit. Like previous releases (Speedometer 2 in 2018 and Speedometer 1 in 2014), it's designed to measure web application responsiveness by simulating user interactions on real web pages. Today's release of Speedometer 3.0 marks a major step forward in web browser performance testing: it introduces a better way of measuring performance and a more representative set of tests that reflect the modern Web.

This is the first time the Speedometer benchmark, or any major browser benchmark, has been developed through a cross-industry collaboration supported by each major browser engine: Blink/V8, Gecko/SpiderMonkey, and WebKit/JavaScriptCore. It's been developed under a new governance model, driven by consensus, and is hosted in a shared repository that's open to contribution. This new structure involves a lot of collective effort: discussions, research, debates, decisions, and hundreds of PRs since we announced the project in December 2022.

Speedometer 3 adds many new tests. We started designing this new benchmark by identifying some key scenarios and user interactions that we felt were important for browsers to optimize. In particular, we added new tests that simulate rendering canvas and SVG charts (React Stockcharts, Chart.js, Perf Dashboard, and Observable Plot), code editing (CodeMirror), WYSIWYG editing (TipTap), and reading news sites (Next.js and Nuxt.js).

A anonymous reader shares a report: Personal artificial intelligence assistants that know our health status and legal history inside out. The ability to transfer your data from one place to another seamlessly without any roadblocks. These are just some of the predictions for the future of the web from the inventor of the World Wide Web, Tim Berners-Lee, on the 35th anniversary of its invention.

[...] Another thing Berners-Lee says might happen in the future is a big tech company being forced to break up. [...] Berners-Lee said he always prefers it when tech companies "do the right thing by themselves" before regulators step in. "That's always been the spirit of the internet." He uses the example of the Data Transfer Initiative, a private initiative that launched in 2018 and is now backed by the likes of Google, Apple, and Meta, to encourage portability of photos, videos and other data between their platforms.

"Maybe the companies were prompted a bit by the possibility of regulation," Berners-Lee said. "But this was an independent thing." However, he added: "Things are changing so quickly. AI is changing very, very quickly. There are monopolies in AI. Monopolies changed pretty quickly back in the web. Maybe at some point in the future, agencies will have to work to break up big companies, but we don't know which company that will be."

Researchers at Cado Security Labs received an alert about a honeypot using the Docker Engine API. "A Docker command was received..." they write, "that spawned a new container, based on Alpine Linux, and created a bind mount for the underlying honeypot server's root directory..." Typically, this is exploited to write out a job for the Cron scheduler to execute... In this particular campaign, the attacker exploits this exact method to write out an executable at the path /usr/bin/vurl, along with registering a Cron job to decode some base64-encoded shell commands and execute them on the fly by piping through bash.

The vurl executable consists solely of a simple shell script function, used to establish a TCP connection with the attacker's Command and Control (C2) infrastructure via the /dev/tcp device file. The Cron jobs mentioned above then utilise the vurl executable to retrieve the first stage payload from the C2 server... To provide redundancy in the event that the vurl payload retrieval method fails, the attackers write out an additional Cron job that attempts to use Python and the urllib2 library to retrieve another payload named t.sh
"Multiple user mode rootkits are deployed to hide malicious processes," they note. And one of the shell scripts "makes use of the shopt (shell options) built-in to prevent additional shell commands from the attacker's session from being appended to the history file... Not only are additional commands prevented from being written to the history file, but the shopt command itself doesn't appear in the shell history once a new session has been spawned."

The same script also inserts "an attacker-controlled SSH key to maintain access to the compromised host," according to the article, retrieves a miner for the Monero cryptocurrency and then "registers persistence in the form of systemd services" for both the miner and an open source Golang reverse shell utility named Platypus.

It also delivers "various utilities," according to the blog Security Week, "including 'masscan' for host discovery." Citing CADO's researchers, they write that the shell script also "weakens the machine by disabling SELinux and other functions and by uninstalling monitoring agents." The Golang payloads deployed in these attacks allow attackers to search for Docker images from the Ubuntu or Alpine repositories and delete them, and identify and exploit misconfigured or vulnerable Hadoop, Confluence, Docker, and Redis instances exposed to the internet... ["For the Docker compromise, the attackers spawn a container and escape from it onto the underlying host," the researchers writes.]

"This extensive attack demonstrates the variety in initial access techniques available to cloud and Linux malware developers," Cado notes. "It's clear that attackers are investing significant time into understanding the types of web-facing services deployed in cloud environments, keeping abreast of reported vulnerabilities in those services and using this knowledge to gain a foothold in target environments."

Long-time Slashdot reader garote writes: It's the year 1991. You're a teenage computer geek.

You've just upgraded to an Apple IIgs, your first "16-bit" computer. To relieve the crushing boredom of your High School coursework, you and your friends embark on the computer geek equivalent of forming a heavy metal band: Making your own video game.

You meet at the benches during lunch hour, and pass around crude plans scribbled on graph paper. You assign each other impressive titles like "Master Programmer", "Sound Designer", and "Area Data Input". You swap 3.5" disks like furtive secret agents, and stay up coding untl 3am. Your parents look at your owlish eyes — and your slipping grades — and ask if you're "on drugs".

If that sounds familiar, this essay may prove interesting. It uses the game my friends and I started — but didn't finish — in High School over 30 years ago, to explore the absurd programming contortions we did to make it playable on the Apple IIgs: The red-headed stepchild of the Apple II line; a machine that languished for six years without a hardware upgrade to avoid competing with the Macintosh.

Thanks to the recent release of the first cycle-accurate emulator for this machine, you can actually play the game in all its screen-tearing glory. You can also explore the source code which has survived for 30 years, and been adapted to build on modern hardware thanks to Merlin32 and CiderPress II. "Nowadays, the content of the game itself is only good for an embarrassing laugh," according to the web page, "but I feel that the code we hammered out shows the unique challenges of a bygone era, which should be remembered..."

"2004 was already an eventful year for Linux," writes ZDNet's Jack Wallen. "As I reported at the time, SCO was trying to drive Linux out of business. Red Hat was abandoning Linux end-user fans for enterprise customers by closing down Red Hat Linux 9 and launching the business-friendly Red Hat Enterprise Linux (RHEL). Oh, and South African tech millionaire and astronaut Mark Shuttleworth [also a Debian Linux developer] launched Canonical, Ubuntu Linux's parent company.

"Little did I — or anyone else — suspect that Canonical would become one of the world's major Linux companies."

Mark Shuttleworth answered questions from Slashdot reader in 2005 and again in 2012. And this year, Canonical celebrates its 20th anniversary. ZDNet reports: Canonical's purpose, from the beginning, was to support and share free software and open-source software... Then, as now, Ubuntu was based on Debian Linux. Unlike Debian, which never met a delivery deadline it couldn't miss, Ubuntu was set to be updated to the latest desktop, kernel, and infrastructure with a new release every six months. Canonical has kept to that cadence — except for the Ubuntu 6.06 release — for 20 years now...

Released in October 2004, Ubuntu Linux quickly became synonymous with ease of use, stability, and security, bridging the gap between the power of Linux and the usability demanded by end users. The early years of Canonical were marked by rapid innovation and community building. The Ubuntu community, a vibrant and passionate group of developers and users, became the heart and soul of the project. Forums, wikis, and IRC channels buzzed with activity as people from all over the world came together to contribute code, report bugs, write documentation, and support each other....

Canonical's influence extends beyond the desktop. Ubuntu Linux, for example, is the number one cloud operating system. Ubuntu started as a community desktop distribution, but it's become a major enterprise Linux power [also widely use as a server and Internet of Things operating system.]
The article notes Canonical's 2011 creation of the Unity desktop. ("While Ubuntu Unity still lives on — open-source projects have nine lives — it's now a sideline. Ubuntu renewed its commitment to the GNOME desktop...")

But the article also argues that "2016, on the other hand, saw the emergence of Ubuntu Snap, a containerized way to install software, which --along with its rival Red Hat's Flatpak — is helping Linux gain some desktop popularity."

An anonymous reader quotes a report from Android Police: Seven years ago, Google announced that it would phase out all Chrome apps on Windows, Mac, and Linux by 2018 (it would actually take until 2023). In its place would be what the company called Progressive Web Apps (PWAs), web apps that can be installed on a user's desktop that act as if they are practically natural apps and programs. The idea grew quickly, with Chrome users having installed PWAs in record numbers by the beginning of 2022. Soon, every website will be installable on desktops through PWAs.

In Chrome Canary (the daily build version of Google Chrome and typically a couple of versions ahead of the stable build), websites can now be installed on desktops. As part of the latest daily build, Google has added an "Install page as app" option to the "Save and share" submenu on the desktop version (via @Leopeva64 on X). This makes clicking the app -- which is just the website made to look and feel like a native app -- always open in its own window. Sites that already have their own PWAs, like YouTube or Reddit, have been prompting users to install them for a while now and will have their "Install page as app" function actually showing the name of the site. For example, YouTube's entry will show as "Install YouTube." In February, it became possible to enable the flags necessary to make any website into a PWA, but it seems to have just now become fully implemented.

As reported by 404 Media, the New York Times has issued hundreds of copyright takedown requests against Wordle clones "in which it asserts not just ownership over the Wordle name but over the broad concepts and mechanics of the word game, which includes its '5x6 grid' and 'green tiles to indicate correct guesses.'" From the report: The Times filed at least three DMCA takedown requests with coders who have made clones of Wordle on GitHub. These include two in January and, crucially, a new DMCA filed this week against Chase Wackerfuss, the coder of a repository called âoeReactle,â which cloned Wordle in React JS (JavaScript). The most recent takedown request is critical because it not only goes after Reactle but anyone who has forked Reactle to create a different spinoff game; an archive of the Reactle code repository shows that it was forked 1,900 times to create a diverse set of games and spinoffs. These include Wordle clones in dozens of languages, crossword versions of Wordle, emoji and bird versions of world, poker and AI spinoffs, etc.

"I write to submit a revised DMCA Notice regarding an infringing repository (and hundreds of forked repositories) hosted by Github that instruct users how to infringe The New York Times Co.'s ('The Times') copyright in its immensely popular Wordle game and create knock-off copies of the same. Unfortunately, hundreds of individuals have followed these instructions and published infringing Wordle knock-off games that The Times has spent the past month removing, including off of Github's websites," the DMCA takedown request against Reactle reads. "The Times's Wordle copyright includes the unique elements of its immensely popular game, such as the 5x6 grid, green tiles to indicate correct guesses, yellow tiles to indicate the correct letter but the wrong place within the word, and the keyboard directly beneath the grid. This gameplay is copied exactly in the repository, and the owner instructs others how to knock off the game and create an identical word game," it adds.

The DMCA request then says that GitHub must delete forks of the repository, which it writes were "infringing to the same extent as the parent repository" and which it says were made in what was "clearly bad faith." [...] The DMCA takedown requests are particularly notable because they come at a time when the New York Times is financially thriving, while many of its competitors are losing money, laying people off, and shutting down. The Times is thriving in part because Wordle, the crossword puzzle, and its recipe apps are juggernauts. The company has been aggressively expanding its "Games" business with Wordle, Connections, and a brand new word search game called Strands. The New York Times issued a statement in response: "The Times has no issue with individuals creating similar word games that do not infringe The Times's 'Wordle' trademarks or copyrighted gameplay. The Times took action against a GitHub user and others who shared his code to defend its intellectual property rights in Wordle. The user created a 'Wordle clone' project that instructed others how to create a knock-off version of The Times's Wordle game featuring many of the same copyrighted elements. As a result, hundreds of websites began popping up with knock-off 'Wordle' games that used The Times's 'Wordle' trademark and copyrighted gameplay without authorization or permission."

An anonymous reader quotes a report from the BBC: A group of US lawmakers has introduced a bill that would require Chinese tech giant ByteDance to sell off the popular video-sharing TikTok app within six months or face a ban. For years American officials have raised concerns that data from the app could fall into the hands of the Chinese government. A bipartisan set of 19 lawmakers introduced the legislation on Tuesday. TikTok called the bill a disguised "outright ban."

In a statement announcing the bill, the lawmakers said "applications like TikTok that are controlled by foreign adversaries pose an unacceptable risk to US national security." The bill would give ByteDance 165 days to divest, or it would be blocked from the app store and web hosting platforms in the US. TikTok has previously argued against divestment, saying a change in ownership would not impose new restrictions on data use. [...] The House Energy and Commerce Committee said it would consider the latest bill on Thursday. "This legislation will trample the First Amendment rights of 170 million Americans and deprive 5 million small businesses of a platform they rely on to grow and create jobs," TikTok said in a statement to the BBC.

Former President Donald Trump attempted to completely ban TikTok in 2020, but that was unsuccessful. More recently, a group of senators introduced legislation to block TikTok last year, but it was stalled due to lobbying from the company.

An anonymous reader quotes a report from The Register: Criminals have probably stolen nearly 30,000 Fidelity Investments Life Insurance customers' personal and financial information -- including bank account and routing numbers, credit card numbers and security or access codes -- after breaking into Infosys' IT systems in the fall. According to Fidelity, in documents filed with the Maine attorney general's office, miscreants "likely acquired" information about 28,268 people's life insurance policies after infiltrating Infosys.

"At this point, [Infosys] are unable to determine with certainty what personal information was accessed as a result of this incident," the insurer noted in a letter [PDF] sent to customers. However, the US-headquartered firm says it "believes" the data included: names, Social Security numbers, states of residence, bank accounts and routing numbers, or credit/debit card numbers in combination with access code, password, and PIN for the account, and dates of birth. In other words: Potentially everything needed to drain a ton of people's bank accounts, pull off any number of identity theft-related scams -- or at least go on a massive online shopping spree.

LockBit claimed to be behind the Infosys intrusion in November, shortly after the Indian tech services titan disclosed the "cybersecurity incident" affecting its US subsidiary, Infosys McCamish Systems aka IMS. It reported that the intrusion shuttered some of its applications and IT systems [PDF]. This was before law enforcement shut down at least some of LockBit's infrastructure in December, although that's never a guarantee that the gang will slink off into obscurity -- as we're already seen. "Since learning of this event, we have been engaged with IMS to understand IMS's actions to investigate and contain the event, implement remedial measures, and safely restore its services," Fidelity assured its customers. "In addition, we remain engaged with IMS as they continue their investigation of this incident and its impact on the data they maintain."