A New York Times investigation by John Carreyrou claims a British cryptographer named Adam Back is the strongest circumstantial candidate yet for being Satoshi Nakamoto. The report citing overlaps in writing style, ideology, technical background, and old posts that outlined key parts of Bitcoin years before its launch. Carreyrou is a renowned investigative journalist and author, best known for exposing the massive fraud at Theranos while at the Wall Street Journal. Here's an excerpt from the report: ... As anyone steeped in Bitcoin lore will tell you, Satoshi was a master at the art of maintaining anonymity on the internet, leaving few, if any, digital footprints behind. But Satoshi did leave behind a corpus of texts, including a nine-page white paper (PDF) outlining his invention and his many posts on the Bitcointalk forum, an online message board where users gathered to discuss the digital currency's software, economics and philosophy. And that corpus, it turned out, had expanded significantly during the impostor's civil trial when Martti Malmi, a Finnish programmer who collaborated with Satoshi in Bitcoin's early days, released a trove of hundreds of emails he had exchanged with him. Emails Satoshi sent to other early Bitcoin adopters had surfaced before, but none came close in volume to the Malmi dump. If Satoshi was ever going to be found, I was convinced the key lay somewhere in these texts.

Then again, others must have gone down this road before me. Journalists, academics and internet sleuths had been trying to identify Satoshi for 16 years. During that span, more than 100 names had been put forward, including those of an Irish cryptography student, an unemployed Japanese American engineer, a South African criminal mastermind and the mathematician portrayed in the movie "A Beautiful Mind." The most alluring theories had focused on coincidences that aligned with what little was known about Satoshi: a particular code-writing style, a mysterious work history, an expertise in Bitcoin's key technical concepts, an anti-government worldview. But they had run aground under the weight of an alibi or some other piece of inconsistent or contrary evidence. Each failure had been met with glee by many members of the Bitcoin community. As they liked to point out, only Satoshi could definitively prove his identity by moving some of his coins. Any evidence short of that would be circumstantial.

It seemed foolish to think that I could somehow crack a case that had confounded so many others. But I craved the thrill of a big, challenging story. So I decided to try once more to unmask Bitcoin's mysterious creator. Back, for his part, denies being Satoshi, writing in a post on X: "i'm not satoshi, but I was early in laser focus on the positive societal implications of cryptography, online privacy and electronic cash, hence my ~1992 onwards active interest in applied research on ecash, privacy tech on cypherpunks list which led to hashcash and other ideas."

Five years ago, journalist and sci-fi author Cory Doctorow published a short story that explored the radicalization of individuals denied healthcare coverage. As The Guardian notes in a recent article, the story "might seem eerily similar" to the recent shooting of UnitedHealthcare's CEO. While it appears that the alleged shooter never read the story, Doctorow said: "I feel like the most important thing about that is that it tells you that this is not a unique insight." Doctorow continued: "that the question that I had is a question other people have had." As an activist in favor of liberalizing copyright laws and a proponent of the Creative Commons organization, it's important to note that Doctorow advocates for systemic reform through collective action rather than violence. Here's an excerpt from the The Guardian's article: In Radicalized, one of four novellas comprising a science fiction novel of the same name, Doctorow charts the journey of a man who joins an online forum for fathers whose partners or children have been denied healthcare coverage by their insurers after his wife is diagnosed with breast cancer and denied coverage for an experimental treatment. Slowly, over the course of the story, the men of the forum become radicalized by their grief and begin plotting -- and executing -- murders of health insurance executives and politicians who vote against universal healthcare.

In the wake of the December 4 shooting of UnitedHealthcare CEO Brian Thompson, which unleashed a wave of outrage at the U.S. health system, Doctorow's novella has been called prescient. When the American Prospect magazine republished the story last week, it wrote: "It is being republished with permission for reasons that will become clear if you read it." But Doctorow doesn't think he was on to something that no one else in the U.S. understood. [...]

In one part of the story, a man whose young daughter died after an insurance company refused to pay for brain surgery bombs the insurer's headquarters. "It's not vengeance. I don't have a vengeful bone in my body. Nothing I do will bring Lisa back, so why would I want revenge? This is a public service. There's another dad just like me," he shares in a video message on the forum. "And right now, that dad is talking to someone at Cigna, or Humana, or BlueCross BlueShield, and the person on the phone is telling that dad that his little girl has. To. Die. Someone in that building made the decision to kill my little girl, and everyone else in that building went along with it. Not one of them is innocent, and not one of them is afraid. They're going to be afraid, after this."

"Because they must know in their hearts," he goes on. "Them, their lobbyists, the men in Congress who enabled them. They're parents. They know. Anyone who hurt their precious children, they'd hunt that person down like a dog. The only amazing thing about any of this is that no one has done it yet. I'm going to make a prediction right now, that even though I'm the first, I sure as hell will not be the last. There's more to come."

Social media giants confronted a familiar dilemma over user content moderation after murder suspect Luigi Mangione's arrest in the killing of UnitedHealthcare's CEO on Monday, highlighting the platforms' varied approaches to managing digital footprints of criminal suspects.

Meta quickly removed Mangione's Facebook and Instagram accounts under its "dangerous organizations and individuals" policy, while his account on X underwent a brief suspension before being reinstated with a premium subscription. LinkedIn maintained his profile, stating it did not violate platform policies. His Reddit account was suspended in line with the platform's policy on high-profile criminal suspects, while his Goodreads profile fluctuated between public and private status.

The New York Times adds: When someone goes from having a private life to getting public attention, online accounts they intended for a small circle of friends or acquaintances are scrutinized by curious strangers -- and journalists.

In some cases, these newly public figures or their loved ones can shut down the accounts or make them private. Others, like Mr. Mangione, who has been charged with murder, are cut off from their devices, leaving their digital lives open for the public's consumption. Either way, tech companies have discretion in what happens to the account and its content. Section 230 of the Communications Decency Act protects companies from legal liability for posts made by users.

An anonymous reader quotes a report from Ars Technica: In an editorial for Slate published Monday, renowned security researcher Bruce Schneier warned that AI models may enable a new era of mass spying, allowing companies and governments to automate the process of analyzing and summarizing large volumes of conversation data, fundamentally lowering barriers to spying activities that currently require human labor. In the piece, Schneier notes that the existing landscape of electronic surveillance has already transformed the modern era, becoming the business model of the Internet, where our digital footprints are constantly tracked and analyzed for commercial reasons.

Spying, by contrast, can take that kind of economically inspired monitoring to a completely new level: "Spying and surveillance are different but related things," Schneier writes. "If I hired a private detective to spy on you, that detective could hide a bug in your home or car, tap your phone, and listen to what you said. At the end, I would get a report of all the conversations you had and the contents of those conversations. If I hired that same private detective to put you under surveillance, I would get a different report: where you went, whom you talked to, what you purchased, what you did." Schneier says that current spying methods, like phone tapping or physical surveillance, are labor-intensive, but the advent of AI significantly reduces this constraint. Generative AI systems are increasingly adept at summarizing lengthy conversations and sifting through massive datasets to organize and extract relevant information. This capability, he argues, will not only make spying more accessible but also more comprehensive. "This spying is not limited to conversations on our phones or computers," Schneier writes. "Just as cameras everywhere fueled mass surveillance, microphones everywhere will fuel mass spying. Siri and Alexa and 'Hey, Google' are already always listening; the conversations just aren't being saved yet." [...]

In his editorial, Schneier raises concerns about the chilling effect that mass spying could have on society, cautioning that the knowledge of being under constant surveillance may lead individuals to alter their behavior, engage in self-censorship, and conform to perceived norms, ultimately stifling free expression and personal privacy. So what can people do about it? Anyone seeking protection from this type of mass spying will likely need to look toward government regulation to keep it in check since commercial pressures often trump technological safety and ethics. [...] Schneier isn't optimistic on that front, however, closing with the line, "We could prohibit mass spying. We could pass strong data-privacy rules. But we haven't done anything to limit mass surveillance. Why would spying be any different?" It's a thought-provoking piece, and you can read the entire thing on Slate.

The New York Times magazine tells the story of an innocuous-seeming message on LinkedIn in 2017 from Qu Hui, the deputy director of the China-based Provincial Association for International Science and Technology Development.

Federal agents eventually obtained search warrants for two Gmail addresses the official was using, and "In what would prove to be a lucky break, the investigators found that each email address was the Apple ID used for an iPhone, linked to an iCloud account where data from the phones was periodically backed up. The agents were later able to obtain search warrants for the two iCloud accounts [that] opened a treasure trove." This included confirmation of what they had suspected all along: that Qu worked for Chinese intelligence. His real name was Xu Yanjun. He had worked at the Ministry of State Security since 2003, earning six promotions to become a deputy division director of the Sixth Bureau in the Jiangsu Province M.S.S. Like so many of us, he had taken pictures of important documents using his iPhone — his national ID card, pay stubs, his health insurance card, an application for vacation — which is how they ended up in his iCloud account. There, investigators also found an audio recording of a 2016 conversation with a professor at N.U.A.A. in which Xu had talked about his job in intelligence and the risks associated with traveling. "The leadership asks you to get the materials of the U.S. F-22 fighter aircraft," he told the professor. "You can't get it by sitting at home." The discovery of evidence of Xu's identity in an iCloud account makes for a kind of delicious reversal. The ubiquitous use of iPhones around the world — a result of America's technological prowess — was helping to fight back against a rival nation's efforts to steal technology.
Qu scheduled a meeting in Brussels with one American target — where he was arrested and extradited to America, becoming the first-ever Chinese intelligence official convicted on U.S. soil on charges of economic espionage. The prosecution contended that Xu had been systematically going after intellectual property at aerospace companies in the United States and Europe through cyberespionage and the use of human sources. It's not often that prosecutors find a one-stop shop for much of their evidence, but that's what Xu's iCloud account was — a repository of the spy's personal and professional life. That's because often Xu used his iPhone calendar as a diary, documenting not just the day's events but also his thoughts and feelings.... The messages in Xu's iCloud account enabled investigators to make another damning discovery. Xu had helped coordinate a cyberespionage campaign that targeted several aviation technology companies....

At the end of the trial, Xu was convicted of conspiring and attempting to commit economic espionage and theft of trade secrets.... According to Timothy Mangan, who led the prosecution, the evidence laid out during Xu's trial goes far beyond merely proving his guilt — it uncovers the systematic nature of China's vast economic espionage. The revelation of Xu's activities lifts the veil on how pervasive China's economic espionage is, according to the F.B.I. agent. If just one provincial officer can do what he did, the agent suggests, you can imagine how big the country's overall operations must be.
The article notes that the Chinese government "also offers financial incentives to help Chinese expats start their own businesses in China using trade secrets stolen from their American employers." It also cites a 2019 report from a congressional committee's security review that found "myriad ways in which Chinese companies, often backed by their government, help transfer strategic know-how from the United States to China." The maneuvers range from seemingly benign (acquiring American firms with access to key intellectual property) to notoriously coercive (compelling American companies to form joint ventures with Chinese firms and share trade secrets with them in return for access to the Chinese market) to outright theft. Cyberattacks have become an increasingly common tactic because they can't always be linked directly to the Chinese government. Over the past few years, however, federal agents and cybersecurity experts in the U.S. have identified the digital footprints left along the trails of these attacks — malware and I.P. addresses among them — and traced this evidence back to specific groups of hackers with proven ties to the Chinese government.
One 2020 indictment blamed five "computer hackers" in China for breaching more than 100 organizations.

Thanks to Slashdot reader schwit1 for sharing the article.

Tech companies and data brokers that misuse or misrepresent how they handle Americans' personal data, including reproductive health information, may find themselves on the hook with the Federal Trade Commission, the agency warned this week. From a report: On Monday, the FTC renewed its vow to investigate or sue companies that use Americans' digital data in unfair or deceptive ways, following an executive order by the Biden administration that explicitly called for it and other agencies to consider steps to protect abortion-seekers. Since the Supreme Court decision overturning Roe v. Wade, civil liberties experts have warned that Americans' extensive digital footprints could give away whether they have visited an abortion clinic or sought information on how to access an abortion, prompting questions about the security of that data.

"The misuse of mobile location and health information -- including reproductive health data -- exposes consumers to significant harm," the FTC said in a blog post. "The exposure of health information and medical conditions, especially data related to sexual activity or reproductive health, may subject people to discrimination, stigma, mental anguish, or other serious harms." It added: "The Commission is committed to using the full scope of its legal authorities to protect consumers' privacy. We will vigorously enforce the law if we uncover illegal conduct that exploits Americans' location, health, or other sensitive data."

North Korea has vastly expanded its use of the internet in ways that enable its leader, Kim Jong-un, to evade a "maximum pressure" American sanctions campaign and turn to new forms of cybercrime to prop up his government, according to a new study. From a report: The study concludes that since 2017 -- the year President Trump threatened "fire and fury like the world has never seen" against the country -- the North's use of the internet has surged about 300 percent. Nearly half of that traffic now flows through a new connection in Russia, avoiding the North's longtime dependency on a single digital pipeline through China. The surge has a clear purpose, according to the report released Sunday by Recorded Future, a Cambridge, Mass., group known for its deep examinations of how nations use digital weaponry: circumventing financial pressure and sanctions by the West. Over the past three years, the study concluded, North Korea has improved its ability to both steal and "mine" cryptocurrencies, hide its footprints in gaining technology for its nuclear program and cyberoperations, and use the internet for day-to-day control of its government.

"What this tells you is that our entire concept of how to control the North's financial engagement with the world is based on an image of the North that is fixed in the past," said Priscilla Moriuchi, a former National Security Agency analyst who directed the study and has long focused on North Korea and Iran. "They have succeeded at an easy-to-replicate model of how to move large amounts of money around the world, and do it in a way our sanctions do not touch. Our sanctions system needs a radical update," she concluded. The report helps solve the mystery of why the country's economy appears to have survived, and in some sectors actually grown, as the United States and its allies have talked about their success in choking off oil supplies and cracking down on North Korea's skillful production of counterfeit American currency.

Google has announced plans to limit the ability of other companies to track people across the internet and collect information about them, a significant change that has widespread ramifications for online privacy as well as the digital economy. From a report: The company said Tuesday that it plans to phase out the use of digital tools known as tracking cookies, which other companies use to identify people online and learn more about them. The move is meant to offer users greater control over their digital footprints and enhance user privacy, according to Google. But the move could also provide Google with even greater control over the online advertising market, which the company already dominates. Google said the change will come to its Chrome web browser and be rolled out over two years. Google did not announce any changes to its own data collection methods.

Google also said that a previously announced change to make third-party cookies more secure and precise in their abilities will be rolled out in February. Justin Schuh, director of engineering for trust and safety for Google's Chrome, said the search giant needs time to enact changes because it is working with advertisers and publishers to address the need for cookies to remember sign-ins, embed third-party services such as weather widgets and deliver targeted advertising. But he did not downplay the significance of Google's announcement. "We want to change the way the web works," he said in an interview.

Facebook said Tuesday it's rolling out a long-awaited privacy feature that will let users see and clear information from apps and websites they browse outside of the social network. Some people in Ireland, South Korea, and Spain will gain access to this feature first, but the company plans to broaden the availability soon. From a report: Facebook collects information about its users in two ways: first, through the information you input into its website and apps, and second, by tracking which websites you visit while you're not on Facebook. That's why, after you visit a clothing retailer's website, you'll likely see an ad for it in your Facebook News Feed or Instagram feed. Basically, Facebook monitors where you go, all across the internet, and uses your digital footprints to target you with ads. But Facebook users have never been able to view this external data Facebook collected about them, until now.

Facebook tracks your browsing history via the "Login with Facebook" button, the "like" button, Facebook comments, and little bits of invisible code, called the Facebook pixel, embedded on other sites. Today the company will start to roll out a feature called "Off-Facebook Activity" that allows people to manage that external browsing data -- finally delivering on a promise it made over a year ago when CEO Mark Zuckerberg announced at a company event that it would develop a feature then called "Clear History." The new tool will display a summary of those third-party websites that shared your visit with Facebook, and will allow you to disconnect that browsing history from your Facebook account. You can also opt out of future off-Facebook activity tracking, or selectively stop certain websites from sending your browsing activity to Facebook. Nearly a third of all websites include a Facebook tracker, according to several studies.

"Like many bad ideas, this one started with Bud Light," reports Slate. As four high school seniors sat around shooting the breeze before graduation, they decided to vandalize their school as a senior prank. Disguised with T-shirts over their faces to evade security cameras, the young men originally set out to spray-paint "Class of 2018," but in a moment one of the men describes to the Washington Post as "a blur," their graffiti fest took a turn toward swastikas, racial slurs attacking the school's principal, and other hateful symbols.

Despite their covered faces, school officials had no problem finding who was responsible: The students' phones had automatically connected with the school's Wi-Fi using their unique logins. Their digital fingerprints tipped off administrators to who was on campus just before midnight, and, as the Post describes, they were held accountable for their crime. But the incident also showcases how little we know about what we're giving away with our digital footprints. These men had clearly given thought about how to stay anonymous -- they knew they needed masks to foil the cameras -- but they didn't think the devices in their pockets could give them away.
The AP adds that the prison sentences for the four teenagers "ranged from eight to 18 weekends behind bars."

"Any measure that weakens encryption works against the national interest," reports a bipartisan committee in the U.S. Congress. Mark Wilson quotes Beta News: The Congressional Encryption Working Group (EWG) was set up in the wake of the Apple vs FBI case in which the FBI wanted to gain access to the encrypted contents of a shooter's iPhone. The group has just published its end-of-year report summarizing months of meetings, analysis and debate. The report makes four key observations, starting off with: "Any measure that weakens encryption works against the national interest".

This is certainly not a new argument against encryption backdoors for the likes of the FBI, but it is an important one... The group says: "Congress should not weaken this vital technology... Cryptography experts and information security professionals believe that it is exceedingly difficult and impractical, if not impossible, to devise and implement a system that gives law enforcement exceptional access to encrypted data without also compromising security against hackers, industrial spies, and other malicious actors...
The report recommends that instead, Congress "should foster cooperation between the law enforcement community and technology companies," adding "there is already substantial cooperation between the private sector and law enforcement." [PDF] It also suggests that analyzing the metadata from "our digital 'footprints'...could play a role in filling in the gap. The technology community leverages this information every day to improve services and target advertisements. There appears to be an opportunity for law enforcement to better leverage this information in criminal investigations."

A growing number of colleges are providing graduating students tools to improve their online image. The services arrange for positive results on search engine inquiries by pushing your party pictures, and other snapshots of your lapsed judgement off the first page. Syracuse, Rochester and Johns Hopkins are among the schools that are offering such services free of charge. From the article: "Samantha Grossman wasn't always thrilled with the impression that emerged when people Googled her name. 'It wasn't anything too horrible,' she said. 'I just have a common name. There would be pictures, college partying pictures, that weren't of me, things I wouldn't want associated with me.' So before she graduated from Syracuse University last spring, the school provided her with a tool that allowed her to put her best Web foot forward. Now when people Google her, they go straight to a positive image — professional photo, cum laude degree and credentials — that she credits with helping her land a digital advertising job in New York."

scubamage writes "Six weeks ago, my home was broken into while my fiance and I were at work. Two laptops were stolen, an iPad, a power brick, a safe (complete with several years worth of taxes, my birth certificate, and old copies of my driver's license), a digital SLR, and several other costly items. We are now dealing with an attorney because the homeowner's insurance is fighting us on a number of items and we're not backing down. It has been a nightmare. However, we've now noticed that someone has been visiting our house during the day. There has been garbage left sitting on our back porch table, so its unlikely to have blown there. We've also seen footprints in our garden that are not there in the morning. Our neighborhood is essentially empty during the day, and we want to know who is on our property while we're not. If we're really lucky, reporting it to the police could recover some of our property. My fiance has asked me to assemble a home security system that is motion activated, and both notifies us of an entry, as well as records video or rapid HD stillframes when sensing motion. The goal is to do this cheaply and more effectively than going with a private security company like ADT (who, consequently, our police department told us to ignore due to the incredibly high rate of false alarms). We've already gotten the dog and the gun, so we have those bases covered. What suggestions do you have on setting up home security systems, and what have you done to build one in the past?"

Ponca City, We Love You writes "More than twice as many Americans googled themselves in 2006 than five years previous — and many are googling their friends and romantic interests as well, according to a report released ecently by the Pew Internet and American Life Project. The survey shows that the percentage of US adult Internet users who have looked for information about themselves through Google or another search engine has more than doubled in the past five years (pdf) from 22 percent in August, 2001 to 47 percent in December, 2006. Only 3 percent of internet self-googlers say they Google themselves regularly, 22 percent say 'every once in a while,' and three-quarters say they have googled themselves once or twice. The original report, 'Digital Footprints,' contains many more interesting observations (pdf)."

Last week you submitted questions for Dr. Herb Thompson, author of the latest Microsoft-sponsored Windows vs. Linux study. Here are his answers. Please feel free to ask follow-up questions. Dr. Thompson says he'll respond to as many as he can. He's registered a new Slashdot username, FFE4, specifically to participate in this discussion. All others claiming to be him are imposters. So read, post, ask, and enjoy.

A new book argues that gender discrimination laws and software technologies are combining to destroy privacy in the United States. At particular risk is the American notion of the "Inviolate Personality," -- the part of every person's private thoughts, deeds and communications thought to be beyond the reach of public and governmental exposure and scrutiny. For those who love to speak and roam freely online, this is no small loss. First of two parts (so they'll both be shorter).