An anonymous reader quotes a report from TechCrunch: As generative AI content starts to fill our social apps, a project to bring back Vine's six-second looping videos is launching with Twitter co-founder Jack Dorsey's backing. On Thursday, a new app called diVine will give access to more than 100,000 archived Vine videos, restored from an older backup that was created before Vine's shutdown. The app won't just exist as a walk down memory lane; it will also allow users to create profiles and upload their own new Vine videos. However, unlike on traditional social media, where AI content is often haphazardly labeled, diVine will flag suspected generative AI content and prevent it from being posted. According to TechCrunch, a volunteer preservation group called the Archive Team saved Vine's content when it shut down in 2016. The only problem was that everything was stored in massive 40-50 GB binary blob files that were basically unusable for casual viewing.

Evan Henshaw-Plath (who goes by the name Rabble), an early Twitter employee and member of Jack Dorsey's nonprofit "and Other Stuff," dug into those backup files to try and salvage as much as he could. He spent months writing big-data extraction scripts, reverse-engineering how the archived binaries were structured, and reconstructing the original video files, old user info, view counts, and more. "I wasn't able to get all of them out, but I was able to get a lot out and basically reconstruct these Vines and these Vine users, and give each person a new user [profile] on this open network," he said.

Rabble estimates that through this process he was able to successfully recover 150,000-200,000 Vine videos from around 60,000 creators. diVine then rebuilt user profiles on top of the decentralized Nostr protocol so creators can reclaim their accounts, request takedowns, or upload missing videos.

You can check out the app for yourself at diVine.video. It's available in beta form on both iOS and Android.

prisoninmate shares a report from 9to5Linux: The GNOME Project released today GNOME 49 "Brescia" as the latest stable version of this widely used desktop environment for GNU/Linux distributions, a major release that introduces exciting new features. Highlights of GNOME 49 include a new "Do Not Disturb" toggle in Quick Settings, a dedicated Accessibility menu in the login screen, support for handling unknown power profiles in the Quick Settings menu, support for YUV422 and YUV444 (HDR) color spaces, support for passive screen casts, and support for async keyboard map settings.

GNOME 49 also introduces support for media controls, restart and shutdown actions on the lock screen, support for dynamic users for greeter sessions in the GNOME Display Manager (GDM), and support for per-monitor brightness sliders in Quick Settings on multi-monitor setups. For a full list of changes, check out the release notes.

An anonymous reader quotes a report from Axios: Tinder is mandating new users in California verify their profiles using facial recognition technology starting Monday, executives exclusively tell Axios. The move aims to reduce impersonation and is part of Tinder parent Match Group's broader effort to improve trust and safety amid ongoing user frustration. The Face Check feature prompts users to take a short video selfie during onboarding. The biometric face scan, powered by FaceTec, then confirms the person is real and present and whether their face matches their profile photos. It also checks if the face is used across multiple accounts. If the criteria are met, the user receives a photo verified badge on their profile. The selfie video is then deleted. Tinder stores a non-reversible, encrypted face map to detect duplicate profiles in the future.

Face Check is separate from Tinder's ID Check, which uses a government-issued ID to verify age and identity. "We see this as one part of a set of identity assurance options that are available to users," Match Group's head of trust and safety Yoel Roth says. "Face Check ... is really meant to be about confirming that this person is a real, live person and not a bot or a spoofed account." "Even if in the short term, it has the effect of potentially reducing some top-line user metrics, we think it's the right thing to do for the business," Rascoff said.

An anonymous reader quotes a report from Ars Technica: An Arizona woman has been accused of helping generate millions of dollars for North Korea's ballistic missile program by helping citizens of that country land IT jobs at US-based Fortune 500 companies. Christina Marie Chapman, 49, of Litchfield Park, Arizona, raised $6.8 million in the scheme, federal prosecutors said in an indictment unsealed Thursday. Chapman allegedly funneled the money to North Korea's Munitions Industry Department, which is involved in key aspects of North Korea's weapons program, including its development of ballistic missiles. Part of the alleged scheme involved Chapman and co-conspirators compromising the identities of more than 60 people living in the US and using their personal information to get North Koreans IT jobs across more than 300 US companies.

As another part of the alleged conspiracy, Chapman operated a "laptop farm" at one of her residences to give the employers the impression the North Korean IT staffers were working from within the US; the laptops were issued by the employers. By using proxies and VPNs, the overseas workers appeared to be connecting from US-based IP addresses. Chapman also received employees' paychecks at her home, prosecutors said. Federal prosecutors said that Chapman and three North Korean IT workers -- using the aliases of Jiho Han, Chunji Jin, Haoran Xu, and others -- had been working since at least 2020 to plan a remote-work scheme. In March of that year, prosecutors said, an individual messaged Chapman on LinkedIn and invited her to "be the US face" of their company. From August to November of 2022, the North Korean IT workers allegedly amassed guides and other information online designed to coach North Koreans on how to write effective cover letters and resumes and falsify US Permanent Resident Cards.

Under the alleged scheme, the foreign workers developed "fictitious personas and online profiles to match the job requirements" and submitted fake documents to the Homeland Security Department as part of an employment eligibility check. Chapman also allegedly discussed with co-conspirators about transferring the money earned from their work. Chapman was arrested Wednesday. It wasn't immediately known when she or Didenko were scheduled to make their first appearance in court. If convicted, Chapman faces 97.5 years in prison, and Didenko faces up to 67.5 years.

The Verge reports: Some AirPods will be gaining a new hearing health feature, supported by iOS 17, that can check yourself for potential hearing issues and may be able to determine your body temperature via your ear canal, according to Bloomberg's Mark Gurman in today's Power On newsletter. He also says all of Apple's new headphones will include USB-C, and that the company is planning new AirPods Pro and AirPods Max models — but he doesn't think new hardware is coming soon.

AirPods already support audiograms — audio profiles that tell the AirPods where your hearing may be weakest so that they can tune themselves to your hearing abilities. Right now, you can generate an audiogram using the app Mimi, which Apple would be Sherlocking — an infamous Apple tendency to fold third-party features and apps into its operating system — with a built-in hearing test feature...

Gurman says Apple is also exploring positioning the AirPods as hearing aids, now that the FDA has approved over-the-counter sales of hearing aids without a prescription... Gurman believes the new health features are "several months or even years away," and that although USB-C AirPods may be coming soon, AirPods Pro themselves are so far on a three-year refresh cycle.

Bluesky, the Twitter alternative backed by Twitter co-founder and CEO Jack Dorsey, has hit the App Store and more testers are gaining access. Though the app is still only available as an invite-only beta, its App Store arrival signals that a public launch could be nearing. TechCrunch reports: We haven't heard much from Bluesky since October 2022, when the team behind the project shared an update on the Bluesky blog, detailing the status of the social protocol that powers its new Twitter-like app, also called Bluesky. AT (originally called ADX, or "Authenticated Transfer Protocol,") is Bluesky's main effort while the Bluesky mobile app serves to showcase the protocol in action. [...]

We received an invite to the service and found it to be a functional, if still rather bare-bones, Twitter-like experience. Users create a handle which is then represented as @username.bsky.social as well as the display name that appears more prominently in bold text, as on Twitter. As a brand-new app, Bluesky's suggested user list didn't immediately impress with big names of public figures during onboarding. The app itself presents a simplified user interface where you can click a plus button to create a post of 256 characters, which can include photos. Where Twitter asks "What's happening?," Bluesky asks "What's up?" You can search for and follow other individuals, much like on Twitter, then view their updates in a Home timeline. User profiles contain the same sort of features you'd expect: a profile pic, background, bio and metrics, like the number of followers and posts a user has, as well as how many people they're following. Profile feeds are also divided into two sections, like Twitter: posts and posts & replies.

Bluesky users can share, mute and block accounts, but advanced tools, like adding them to lists, are not yet available. The discover tab in the bottom center of the app's navigation is useful, offering more "who to follow" suggestions and a running feed of recently posted Bluesky updates. The latter gives you the opportunity to find more people who you might like to follow, based on their posts rather than just a bio. Posts themselves can be replied to, retweeted, liked and, from a three-dot menu, reported, shared via the iOS Share Sheet to other apps, or copied as text. Another tab lets you check on your Notifications, including likes, reposts, follows and replies, also much like Twitter. There are no DMs. You can download the app here, but you're still going to need an invite code.

The man behind last month's scraping of LinkedIn data, which exposed the location, phone numbers, and inferred salaries of 700 million users, says that he did it "for fun" -- though he is also selling the data. 9to5Mac reports: BBC News spoke with the man who took the data, under the name Tom Liner: "How would you feel if all your information was catalogued by a hacker and put into a monster spreadsheet with millions of entries, to be sold online to the highest paying cyber-criminal? That's what a hacker calling himself Tom Liner did last month 'for fun' when he compiled a database of 700 million LinkedIn users from all over the world, which he is selling for around $5,000 [...]. In the case of Mr Liner, his latest exploit was announced at 08:57 BST in a post on a notorious hacking forum [...] 'Hi, I have 700 million 2021 LinkedIn records,' he wrote. Included in the post was a link to a sample of a million records and an invite for other hackers to contact him privately and make him offers for his database."

Liner says he was also behind the scraping of 533 million Facebook profiles back in April (you can check whether your data was grabbed): "Tom told me he created the 700 million LinkedIn database using 'almost the exact same technique' that he used to create the Facebook list. He said: 'It took me several months to do. It was very complex. I had to hack the API of LinkedIn. If you do too many requests for user data in one time then the system will permanently ban you.'"

This afternoon Elon Musk tweeted a special URL allowing viewers outside the U.S. to simultaenously livestream his 90-minute appearance on Saturday Night Live for the first time in more than 100 countries, starting at 11:30 p.m. EST. The A.V. Club had a sardonic reaction to the livestreaming on YouTube: Good news for anyone looking at tonight's upcoming broadcast of Saturday Night Live — in which labor-busting vaccine skeptic Elon Musk will be given a platform to broadcast his techno-dystopian brain contents to the world — and thought, "Wow, there's not enough Google involved here." Well, not anymore.
Musk has already appeared in a two promos for the show. (Though CNN quips that the tonight's live show means NBC is "relying on Musk to filter his thoughts in real time, despite little evidence, historically, of him holding back on just about anything he wants to say — even when under scrutiny by federal regulators.") And the rest of the world is getting ready too. While Tesla brought the Cybertruck prototype to its New York City store, Lucid Air made plans to broadcast an ad for its coming 500-mile-range electric car that will compete with cars from Musk's Tesla.

Meanwhile, Bleeping Computer reports that Twitter scammers have been hacking into verified Twitter accounts and changing the profiles to impersonate SNL's, then replying to Musk's tweets with URL's lead to cryptocurrency giveaway scams. "We have determined that the scammers have made at least $97,054.62 over the past two days. The Ethereum giveaway scams also earned them $13,758." And the Dogecoin scammers netted at least $42,456.

And this week Slate also noted a spike in the price of Dogecoin. The joke cryptocurrency based on a shiba inu meme is up — uh, let me check — about 20 percent since this time Tuesday, has just about doubled in price since April 27, and as of this moment is up about 26,000 percent for the year (lol). It's trading around 64 cents as I type this... [I]t's probably not worth overthinking this. We're living in the stonks era. Elon is going on a sketch comedy show and is hinting that he might bring up a dumb digital token that everyone finds inherently funny. Now CNBC is hauling on experts to illuminate what the hell is going on, and members of the financial media are having to write earnest explainers about why you should invest in the dog money with caution, as if a single sane person would think otherwise.

What makes the whole rally uniquely amusing, compared with, say, the rise of Bitcoin, is that it's a willfully dumb affront not just to traditional finance, but also to the broader crypto community — which has, shall we say, mixed feelings about Dogecoin, mostly because they think it makes their project, which they tend to treat with self-righteous seriousness, look very silly... Dogecoin is the, well, underdog of the crypto world, the currency that was looked down upon by much of the Bitcoin- and Ethereum-boosting elite. Except now it has an $82 billion market cap. The dogecoiners — basically the sweet, dumb, bong-ripping frat of the crypto world — find all this hilarious.
So what will happen tonight? Ultimately castmember Michael Che, who co-hosts the show's parody newscast segment Weekend Update, joked that while some of the show's performers objected to Musk's appearance, he saw the selection of Musk as both "polarizing" and "exciting."

"You know, what's funny is that I would say I know about 20 to 25% of the white people that get to host the show anyway. So Elon, I was like, 'Oh, I know who he is at least.'"

Share your own reactions in the comments.

Last week, Apple released macOS Big Sur and the rollout was anything but smooth. The mass upgrade caused the Apple servers responsible for checking if a user opens an app not downloaded from the App Store to slow to a crawl. Apple eventually fixed the problem, "but concerns about paralyzed Macs were soon replaced by an even bigger worry -- the vast amount of personal data Apple, and possibly others, can glean from Macs performing certificate checks each time a user opens an app that didn't come from the App Store," writes Dan Goodin via Ars Technica. From the report: Before Apple allows an app into the App Store, it must first pass a review that vets its security. Users can configure the macOS feature known as Gatekeeper to allow only these approved apps, or they can choose a setting that also allows the installation of third-party apps, as long as these apps are signed with a developer certificate issued by Apple. To make sure the certificate hasn't been revoked, macOS uses OCSP -- short for the industry standard Online Certificate Status Protocol -- to check its validity. [...] Somehow, the mass number of people upgrading to Big Sur on Thursday seems to have caused the servers at ocsp.apple.com to become overloaded but not fall over completely. The server couldn't provide the all clear, but it also didn't return an error that would trigger the soft fail. The result was huge numbers of Mac users left in limbo.

The post Your Computer Isn't Yours was one of the catalysts for the mass concern. It noted that the simple HTML get-requests performed by OCSP were unencrypted. That meant that not only was Apple able to build profiles based on our minute-by-minute Mac usage, but so could ISPs or anyone else who could view traffic passing over the network. (To prevent falling into an infinite authentication loop, virtually all OCSP traffic is unencrypted, although responses are digitally signed.) Fortunately, less alarmist posts like this one provided more helpful background. The hashes being transmitted weren't unique to the app itself but rather the Apple-issued developer certificate. That still allowed people to infer when an app such as Tor, Signal, Firefox, or Thunderbird was being used, but it was still less granular than many people first assumed. The larger point was that, in most respects, the data collection by ocsp.apple.com wasn't much different from the information that already gets transmitted in real time through OCSP every time we visit a website. [...] In short, though, the takeaway was the same: the potential loss of privacy from OCSP is a trade-off we make in an effort to check the validity of the certificate authenticating a website we want to visit or a piece of software we want to install.

In an attempt to further assure Mac users, Apple on Monday published this post. It explains what the company does and doesn't do with the information collected through Gatekeeper and a separate feature known as notarization, which checks the security even of non-App Store apps. The post went on to say that in the next year, Apple will provide a new protocol to check if developer certificates have been revoked, provide "strong protections against server failure," and present a new OS setting for users who want to opt out of all of this. [...] People who don't trust OCSP checks for Mac apps can turn them off by editing the Mac hosts file. Everyone else can move along.

Nikola founder Trevor Milton has stepped down as executive chairman after a short seller accused Milton and the hydrogen and electric truck startup of misleading investors and overstating the value of a business deal. From a report: Milton has also resigned from the company's board, Nikola said in a statement on Sunday. The company has previously denied the allegations and threatened legal action against the research company that made them. Stephen Girsky, a former vice chairman of General Motors (GM) and current board member at Nikola, will take over as chairman, effective immediately. "The focus should be on the company and its world-changing mission, not me. I intend to defend myself against false accusations leveled against me by outside detractors," Milton said in a statement posted on Twitter. As part of the transition agreement that Nikola filed with the Securities & Exchange Commission, Milton agreed to revise any references to the positions he held at Nikola on his social media profiles so it's clear he no longer holds them. He also agreed to check with lawyers for Nikola before posting anything about the company. By late Monday morning, Milton had made his Twitter account private, but his LinkedIn account remained public and active.

An open database exposing records containing the sensitive data of hotel customers as well as US military personnel and officials has been disclosed by researchers. ZDNet reports: On Monday, vpnMentor's cybersecurity team, led by Noam Rotem and Ran Locar, said the database belonged to Autoclerk, a service owned by Best Western Hotels and Resorts group. Autoclerk is a reservations management system used by resorts to manage web bookings, revenue, loyalty programs, guest profiles, and payment processing.

In a report shared with ZDNet, the researchers said the open Elasticsearch database was discovered through vpnMentor's web mapping project. It was possible to access the database, given it had no encryption or security barriers whatsoever, and perform searches to examine the records contained within. The team says that "thousands" of individuals were impacted, although due to ethical reasons it was not possible to examine every record in the leaking database to come up with a specific number. Hundreds of thousands of booking reservations for guests were available to view and data including full names, dates of birth, home addresses, phone numbers, dates and travel costs, some check-in times and room numbers, and masked credit card details were also exposed. Some of the records were logs for U.S. Army generals visiting Russia and Israel, the report says. In total, the AWS-hosted database contained over 179GB of data.

Location social networks never took off, and Gowalla's star burned out fast. Gilt sold at a loss. And Tumblr, recently sold by Yahoo for less than 1 percent of what it originally paid, has become a cautionary tale. If you haven't been paying close attention, you'd be forgiven for assuming that Foursquare had fallen prey to the same fates as its once-hot peers. From a report: But you'd be wrong. This year, Foursquare's revenue will surpass $100 million, a critical mile marker for any company on its way to a public offering. In fact its story of success is a perfect tech-industry parable: A charming, rickety, vintage-2000s social app that's survived the last decade by evolving into a powerhouse enterprise data-extraction business. In 2014, Foursquare made a decision to shift its attention from its consumer apps to a growing business-to-business operation; five years later, 99 percent of Foursquare's business comes from its software and data products. Its clients include Uber, Twitter, Apple, Snapchat, and Microsoft. The company is still shining brightly, not because location-based social networks or New York's start-up scene have finally reached escape velocity, but because Foursquare had something that other start-ups didn't: location technology rivaled by only Google and Facebook.

[...] By 2014, Foursquare made the decision to focus on providing software tools and data to app developers, advertisers, and brands. Foursquare began charging developers for the use of its location technology in their own apps (it has worked with more than 150,000 to date) and selling its data to brands, marketers, advertisers, and data-hungry investors. The company's tools could measure foot traffic in and out of brick-and-mortar locations and build consumer profiles based on where people had recently visited. Soon, Foursquare began brandishing its power with public market predictions. It projected iPhone sales in 2015 based on traffic to Apple stores and, in 2016, the huge drop in Chipotle's sales figures (thanks to E. coli) two weeks before the burrito-maker announced its quarterly earnings. Co-founder and executive chairman Dennis Crowley says the human check-ins gave Foursquare engineers and data scientists the ability to verify and adjust location readings from other sources, like GPS, Wi-Fi, and Bluetooth. As it turns out, the goofy badges for Uncle Tony that made Foursquare easy to dismiss as a late-2000s fad were an incredibly powerful tool. [...] In addition to all of those active check-ins, at some point Foursquare began collecting passive data using a "check-in button you never had to press." It doesn't track people 24/7 (in addition to creeping people out, doing so would burn through phones' batteries), but instead, if users opt-in to allow the company to "always" track their locations, the app will register when someone stops and determine whether that person is at a red light or inside an Urban Outfitters. The Foursquare database now includes 105 million places and 14 billion check-ins.

The Guardian profiles 66-year-old Craigslist founder (and former IBM programmer) Craig Newmark, calling him "a survivor from the era of internet optimism."

He's now investing "significant sums" to protect the future of the news industry -- "and rejects the idea his website helped cause journalism's financial crisis" [H]e firmly rejects any notion that all the philanthropy -- an estimated $50m in the past year including to New York Public Radio, new publication the Markup and local journalism efforts such as the American Journalism Project -- is an attempt to assuage guilt, a reach for atonement. "That takes an active imagination that I don't understand. I have very little imagination...."

Newmark, by his own admission not a journalist, says: "I had great hopes for citizen journalism 10, 15 years ago. It hasn't worked out. One reason is that journalism is a profession. You have to know how to write well. You have to fact-check. You have to know how to develop sources, often over years. You have to have specialised knowledge on a beat like disinformation or crime or birds. Citizen journalists can complement what's going on and, sometimes, citizens come to journalism with skills... Now I think more: what are the practical problems of professional journalism? For example, we've seen a couple of cases where bad actors will try to really hurt a publication by engaging in lengthy, frivolous lawsuits. There is a great need for shared risk pool insurance, media insurance in the US, and I talk to people about that...."

Social media fights, he insists, get attention but are not representative of what is really going on. Much of it is manufactured. "Americans are much more reasonable and moderate than what you might guess when you see a little Twitter war. But I'm guessing that the purpose of many Twitter wars is to polarise people and, in fact, we've seen that happen because you can often trace some of the fighting groups to the same location. Outrage is profitable. Most of the outrage I've seen in the online world -- I would guess 80% -- someone's faking it for profit..."

Indeed, he remains convinced that the internet is still a positive for humanity. "It allows people of goodwill to get together and work together for common good...."
The Guardian notes that during their interview, Craig also "cheerfully admits he is 'simulating' social skills."

theodp writes: Amazon Future Engineer students across the country are graduating from high school," reports the Amazon Day One blog, "and to celebrate, Amazonians visited select classrooms to meet some of the students and to check out their impressive computer science progress and end of year projects [TV coverage of an 'Amazon graduation'].

Amazon Future Engineer "is a four-part, childhood-to-career program aimed at inspiring and educating 10 million students from underrepresented and underserved communities each year to try computer science and coding. Amazon strives to achieve this by inspiring millions of children through coding camps and Code.org's Hour of Code program, funding computer science courses in high schools across the country, providing 100 students with four-year college scholarships in computer science, and offering Amazon internships to scholarship recipients."

The importance of CS education to Amazon is highlighted in a new Washingtonian story, The Real Story of How Virginia Won Amazon's HQ2, which reports, "Northern Virginia's ultimate proposal was centered around an effort to provide Amazon -- or any other tech firm that wanted to come -- with all the educated workers it needed, now and in the future. [Virginia Economic Development Partnership CEO Stephen] Moret's team proposed increasing tech education from kindergarten through 12th grade, expanding university offerings to produce up to 17,500 new bachelor's degrees in computer science and related fields, and building a tech campus that could produce the same number of master's degrees."

And in a recent Brookings Institution fireside chat, Moret noted, "we analyzed substantially all of the LinkedIn profiles of HQ1 — the Seattle workforce... And if you look at the tech occupations — that was the space they were the most concerned about — literally half of all the people at Amazon Seattle headquarters that are working in some kind of tech occupation, half of them have at least one degree in computer science. So, that was a really big data point for us; and that really shaped a lot of how we built our package.

An anonymous reader shares a report: Google's been messing around with indoor maps for years; you can check the layout of many department stores and other large indoor spaces in Google Maps. Find My Device can show on those maps where your device is located. Here's the changelog for the latest version: "Support for indoor maps to help you find your device in airports, malls, or other large buildings. And, Support for work profiles."

An anonymous reader quotes a report from ZDNet: Google announced today four new security features for securing Google accounts. These four updates are meant to bolster protections before and after users sign into accounts, but also in the case of recovering after a hack. According to Google's Jonathan Skelker, the first of these protections that Google has rolled out today comes into effect even before users start typing their username and password. In the coming future, Skelker says that Google won't allow users to sign into accounts if they disabled JavaScript in their browser. The reason is that Google uses JavaScript to run risk assessment checks on the users accessing the login page, and if JavaScript is disabled, this allows crooks to pass through those checks undetected. This change is likely to impact only a very small number of users -- around 0.01 percent according to Google's data -- but it will likely impact bots harder, as many of them run through headless browsers where this feature is turned off for performance reasons. Google also plans to pull data from Google Play Protect and list all malicious apps that are still installed on a user's Android smartphone. Google's Jonathan Skelker says they will be notifying you "whenever you share any data from your Google Account," expanding on the notifications it sends when you've granted access to sensitive information, like Gmail data or your Google Contacts.

"Last but not least is a security feature that Google plans to use after an account hack," reports ZDNet. "This feature is already live and is a new set of procedures for regaining access and re-securing compromised profiles. The procedure is detailed in this Google support page, and besides just helping users regain access to accounts, it will also help them check financial activity related to Google Pay accounts, review new files added to Gmail or Drive, and secure other accounts at other services that are tied to the main Google account."

Slashdot reader umafuckit shared this article from The Guardian: The data analytics firm that worked with Donald Trump's election team and the winning Brexit campaign harvested millions of Facebook profiles of U.S. voters, in one of the tech giant's biggest ever data breaches, and used them to build a powerful software program to predict and influence choices at the ballot box... Christopher Wylie, who worked with a Cambridge University academic to obtain the data, told the Observer: "We exploited Facebook to harvest millions of people's profiles. And built models to exploit what we knew about them and target their inner demons. That was the basis the entire company was built on."

Documents seen by the Observer, and confirmed by a Facebook statement, show that by late 2015 the company had found out that information had been harvested on an unprecedented scale. However, at the time it failed to alert users and took only limited steps to recover and secure the private information of more than 50 million individuals... On Friday, four days after the Observer sought comment for this story, but more than two years after the data breach was first reported, Facebook announced that it was suspending Cambridge Analytica and Kogan from the platform, pending further information over misuse of data. Separately, Facebook's external lawyers warned the Observer on Friday it was making "false and defamatory" allegations, and reserved Facebook's legal position...

The evidence Wylie supplied to U.K. and U.S. authorities includes a letter from Facebook's own lawyers sent to him in August 2016, asking him to destroy any data he held that had been collected by GSR, the company set up by Kogan to harvest the profiles... Facebook did not pursue a response when the letter initially went unanswered for weeks because Wylie was travelling, nor did it follow up with forensic checks on his computers or storage, he said. "That to me was the most astonishing thing. They waited two years and did absolutely nothing to check that the data was deleted. All they asked me to do was tick a box on a form and post it back."
Wylie worked with Aleksandr Kogan, the creator of the "thisisyourdigitallife" app, "who has previously unreported links to a Russian university and took Russian grants for research," according to the article. Kogan "had a licence from Facebook to collect profile data, but it was for research purposes only. So when he hoovered up information for the commercial venture, he was violating the company's terms...

"At the time, more than 50 million profiles represented around a third of active North American Facebook users, and nearly a quarter of potential U.S. voters."

Europe has a message for employers: Think twice before you check the social media profiles of job applicants. From a report: European officials have issued new guidelines that warn bosses about the legal hazards of scrolling through the social media profiles of potential hires. The rules require employers to issue a disclaimer before they check applicants' online accounts, including Facebook, Instagram, Snapchat, Twitter and LinkedIn. If applicants don't see the warning, the company could be in breach of European Union data protection rules. Employers are also barred from compiling social media data as part of the hiring process unless it is "necessary and relevant" for a particular job. The guidelines are part of a lengthy document clarifying data protection laws that apply to employers across 28 EU countries.

Google I/O, the company's annual developer tracking^wdevelopers conference, has opened today in San Francisco. This year the company has reduced the number of conference sessions to 80, but also promised a broader approach than in previous years -- in other words, there may be a shift in focus a bit from Google's best known platforms (Chrome/Chrome OS and Android). Given its wide-ranging acquisitions and projects (like the recent purchase of Nest, which itself promptly bought Dropcam, the ever smarter fleet of self-driving cars, the growing number of Glass devices in the wild, and the announcement of a 3D scanning high end tablet quite unlike the Nexus line of tablets and phones), there's no shortage of edges to focus on. Judging from the booths set up in advance of the opening (like one with a sign announcing "The Physical Web," expect some of the stuff that gets lumped into "the Internet of Things." Watch this space -- updates will appear below -- for notes from the opening keynote, or follow along yourself with the live stream, and add your own commentary in the comments. In the days to come, watch for some video highlights of projects on display at I/O, too. Update: 06/25 17:41 GMT by T : Updates rolling in below on Android, wearables, Android in cars, Chromecast, smart watches, etc.Keep checking back! (Every few minutes, I get another chunk in there.)

A couple of weeks ago you had the chance to ask Khan Academy lead developer Ben Kamens about the future of online education and the academy itself. Below you'll find his answers to the questions we sent and a few extra that he found interesting.