schwit1 shares a report from the New York Times: Pete Kayll, a musclebound veteran of Britain's Royal Marines, had an unusual instruction for the Bitcoin investors gathered in Switzerland in late October. "Just bite your way out," he told them. It was the final day of a weekend-long cryptocurrency convention on the shore of Lake Lugano, near the Italian border. A small group of investors had lined up in a conference room to have their hands bound with plastic zipties. Now they were learning how to get them off. "Your teeth will get through anything," Mr. Kayll advised. "But it will bloody well hurt."

Most people don't go to an international crypto conference expecting to learn how to gnaw through plastic. But after hours of panels devoted to topics like Bitcoin-collateralized loans, these investors were looking for something more practical. They wanted to know what to do if they were grabbed on the street and thrown into the back of a van. Already paranoid about scams, hacks and market turmoil, wealthy crypto investors have lately become terrified about a much graver threat: torture and kidnapping. These threats are known as "wrench attacks," which is a reference to a popular XKCD cartoon where a thief skips the hacking and just uses a wrench to force out the password.

According to the NYT, the best way to stay protected is staying low-profile, minimizing visible signs of wealth, using basic physical security tools, and preparing for self-defense. The report specifically recommends avoiding flashy displays of wealth like luxury watches and cars, watching for honey-traps, using hotel door stoppers, practicing escape techniques such as breaking zip-ties, hiring discreet bodyguards, and relying on panic-button apps like Glok to summon help quickly.

A 56-year-old tech industry veteran killed his mother and himself in Old Greenwich, Connecticut on August 5 after months of interactions with ChatGPT that encouraged his paranoid delusions.

Greenwich police discovered Stein-Erik Soelberg and his 83-year-old mother Suzanne Eberson Adams dead in their home. Videos posted by Soelberg documented conversations where ChatGPT repeatedly assured him he was sane while validating his beliefs about surveillance campaigns and poisoning attempts by his mother.

The chatbot told him a Chinese food receipt contained demonic symbols and that his mother's anger over a disconnected printer indicated she was "protecting a surveillance asset." OpenAI has contacted Greenwich police and announced plans for updates to help keep users experiencing mental distress grounded in reality.

Longtime Slashdot reader Xesdeeni writes: I received an email indicating Intuit will not support Windows 10 for the desktop versions of TurboTax starting this tax year. Laughably, they say "security is a top priority for us" before adding: "To use TurboTax Desktop software for tax year 2025, your computer will need to run on Microsoft Windows 11 [or] TurboTax Online."

I'm just paranoid enough to use the desktop version, since at least it limits what they see to the forms they send to the IRS -- rather than everything. Even if I was willing to endure the added burden of printing and mailing the forms, this would be the end of that, since I'm out on Windows 11 for the reasons you already know.
Here's what they sent: Hi there,

We're reaching out to provide an update on TurboTax Desktop software for tax year 2025. After October 14, 2025, Microsoft will no longer provide software updates, technical assistance, or security fixes for Windows 10 operating system. Because security is a top priority for us, TurboTax Desktop software for tax year 2025 onwards will not be compatible with Windows 10 operating system.

To use TurboTax Desktop software for tax year 2025, your computer will need to run on Microsoft Windows 11 operating system. You can also consider switching to TurboTax Online, which will work on any supported browser (available December 2025).

For more resources and additional information about this change, go to this help article: How does the end of support for Windows 10 affect my TurboTax Desktop experience?

Thanks for being part of the TurboTax family.

Warm regards,

The TurboTax Team Xesdeeni comments: "I've wanted a Linux offering for years now and only kept Windows for such limited products as this. I guess I can completely punt it now."

Ars Technica's Kyle Orland reports: Last month, ahead of the launch of the Switch 2 and its GameChat communication features, Nintendo updated its privacy policy to note that the company "may also monitor and record your video and audio interactions with other users." Now that the Switch 2 has officially launched, we have a clearer understanding of how the console handles audio and video recorded during GameChat sessions, as well as when that footage may be sent to Nintendo or shared with partners, including law enforcement. Before using GameChat on Switch 2 for the first time, you must consent to a set of GameChat Terms displayed on the system itself. These terms warn that chat content is "recorded and stored temporarily" both on your system and the system of those you chat with. But those stored recordings are only shared with Nintendo if a user reports a violation of Nintendo's Community Guidelines, the company writes.

That reporting feature lets a user "review a recording of the last three minutes of the latest three GameChat sessions" to highlight a particular section for review, suggesting that chat sessions are not being captured and stored in full. The terms also lay out that "these recordings are available only if the report is submitted within 24 hours," suggesting that recordings are deleted from local storage after a full day. If a report is submitted to Nintendo, the company warns that it "may disclose certain information to third parties, such as authorities, courts, lawyers, or subcontractors reviewing the reported chats." If you don't consent to the potential for such recording and sharing, you're prevented from using GameChat altogether.

Nintendo is extremely clear that the purpose of its recording and review system is "to protect GameChat users, especially minors" and "to support our ability to uphold our Community Guidelines." This kind of human moderator review of chats is pretty common in the gaming world and can even apply to voice recordings made by various smart home assistants. [...] Overall, the time-limited, local-unless-reported recordings Nintendo makes here seem like a minimal intrusion on the average GameChat user's privacy. Still, if you're paranoid about Nintendo potentially seeing and hearing what's going on in your living room, it's good to at least be aware of it.

An anonymous reader quotes a report from 404 Media: As part of the company's months-long obsession with catching employees leaking internal developments to the press, staff at Wordpress parent company Automattic recently noticed individually-unique watermarks on internal sites, according to employees who spoke to 404 Media. Automattic added the watermarks to an internal employee communications platform called P2. P2 is a WordPress product other workplaces can also use. There are hundreds of P2 sites across teams at Automattic alone; many are team-specific, but some are company-wide for announcements. The watermarks in Automattic's P2 instance are nearly invisible, rendered as a pattern overlaid on the site's white page backgrounds. Zooming in or manually changing the background color reveals the pattern. If, for example, a journalist published a screenshot leaked to them that was taken from P2, Automattic could theoretically identify the employee who shared it.

In October, as part of a series of buyout offers meant to test employee's loyalty to his leadership, Automattic CEO Matt Mullenweg issued a threat for anyone speaking to the press, saying they should "exit gracefully, or be fired tomorrow with no severance." Earlier this month, the company laid off nearly 300 people. [...] It's not clear when the watermarks started appearing on P2, and Automattic has not responded to a request for comment. But Mullenweg has been warring with web hosting platform WP Engine -- and as the story has developed, seemingly with his own staff -- since last year. [...] One Automattic employee told me they don't think anyone is shocked by the watermarking, considering Mullenweg's ongoing campaign to find leakers, but that it's still adding to the uncertain, demoralized environment at the company. "Can't help but feel even more paranoid now," they said.

An anonymous reader quotes a report from Wired: Two years ago when "Michael," an owner of cryptocurrency, contacted Joe Grand to help recover access to about $2 million worth of bitcoin he stored in encrypted format on his computer, Grand turned him down. Michael, who is based in Europe and asked to remain anonymous, stored the cryptocurrency in a password-protected digital wallet. He generated a password using the RoboForm password manager and stored that password in a file encrypted with a tool called TrueCrypt. At some point, that file got corrupted and Michael lost access to the 20-character password he had generated to secure his 43.6 BTC (worth a total of about [...] $5,300, in 2013). Michael used the RoboForm password manager to generate the password but did not store it in his manager. He worried that someone would hack his computer and obtain the password. "At [that] time, I was really paranoid with my security," he laughs.

Grand is a famed hardware hacker who in 2022 helped another crypto wallet owner recover access to $2 million in cryptocurrencyhe thought he'd lost forever after forgetting the PIN to his Trezor wallet. Since then, dozens of people have contacted Grand to help them recover their treasure. But Grand, known by the hacker handle "Kingpin," turns down most of them, for various reasons. Grand is an electrical engineer who began hacking computing hardware at age 10 and in 2008 cohosted the Discovery Channel's Prototype This show. He now consults with companies that build complex digital systems to help them understand how hardware hackers like him might subvert their systems. He cracked the Trezor wallet in 2022 using complex hardware techniques that forced the USB-style wallet to reveal its password. But Michael stored his cryptocurrency in a software-based wallet, which meant none of Grand's hardware skills were relevant this time. [...] Michael contacted multiple people who specialize in cracking cryptography; they all told him "there's no chance" of retrieving his money. But last June he approached Grand again, hoping to convince him to help, and this time Grand agreed to give it a try, working with a friend named Bruno in Germany who also hacks digital wallets.

Grand and Bruno spent months reverse engineering the version of the RoboForm program that they thought Michael had used in 2013 and found that the pseudo-random number generator used to generate passwords in that version -- and subsequent versions until 2015 -- did indeed have a significant flaw that made the random number generator not so random. The RoboForm program unwisely tied the random passwords it generated to the date and time on the user's computer -- it determined the computer's date and time, and then generated passwords that were predictable. If you knew the date and time and other parameters, you could compute any password that would have been generated on a certain date and time in the past. [...] There was one problem: Michael couldn't remember when he created the password. According to the log on his software wallet, Michael moved bitcoin into his wallet for the first time on April 14, 2013. But he couldn't remember if he generated the password the same day or some time before or after this. So, looking at the parameters of other passwords he generated using RoboForm, Grand and Bruno configured RoboForm to generate 20-character passwords with upper- and lower-case letters, numbers, and eight special characters from March 1 to April 20, 2013. It failed to generate the right password. [...] Instead, they revealed that they had finally found the correct password -- no special characters. It was generated on May 15, 2013, at 4:10:40 pm GMT.

An anonymous reader writes: In the early 70s, young filmmakers John Carpenter and Dan O'Bannon created a spaceship tale for a graduation project -- little knowing it would influence Alien and many other works. Made for $60,000 by film school students, horror maestro John Carpenter's directorial debut Dark Star is now regarded as a sci-fi cult classic. Having just turned 50 years old, it's a world away from much of the sci-fi that came before it and would come after, neither space odyssey nor space opera, rather a bleak, downbeat and often absurd portrait of a group of people cooped together in a malfunctioning interstellar tin can. Arguably its most famous scene consists of an existential debate between an astronaut and a sentient bomb. Dark Star was a collaboration between Carpenter, who directed and scored the film, and Dan O'Bannon, who in addition to co-writing the script, acted as editor, production designer, and visual effects supervisor, as well as playing the volatile, paranoid Sergeant Pinback. They met as budding filmmakers at the University of Southern California. "While [Carpenter and O'Bannon] couldn't be more dissimilar in personality, they were both very energetic and focused," says Daniel Griffiths, director of Let There Be Light: The Odyssey of Dark Star (2010), the definitive documentary about the making of the film.

The sci-fi films of this period tended to be bleak and dystopian, explains John Kenneth Muir, author of The Films of John Carpenter -- films like Silent Running (1972), in which all plant life on Earth is extinct, or George Lucas's 1971 debut THX-1138, in which human emotion is suppressed. "Dark Star arrived in this world of dark, hopeless imaginings, but took the darkness one step further into absurd nihilism." Carpenter and O'Bannon set out to make the "ultimate riff on Stanley Kubrick's 2001: A Space Odyssey," says Griffiths. While Kubrick's 1968 film, explains Muir, was one "in which viewers sought meaning in the stars about the nature of humanity, there is no meaning to life in Dark Star". Rather, says Muir, it parodies 2001 "with its own sense of man's irrelevance in the scheme of things". Where Kubrick scored his film with classical music, Dark Star opens with a country song, Benson, Arizona. (A road in the real-life Benson is named in honor of the film). The film was even released with the tagline "the spaced-out odyssey." Dark Star captured the mood of the time in which it was made, says Muir, the atmosphere of Nixon's America. "The 1960s was all about utopian dreaming and bringing change to America in the counterculture. The 1970s represent what writer Johnny Byrne called 'The wake-up from the hippie dream', a reckoning with the fact that the more things change, the more they stay the same." [...]

When Dark Star premiered at the FILMEX expo in 1974, the audience response was largely positive. "They recognized the film's absurdist humor and celebrated its student film roots," says Griffiths. It had a limited theatrical release in 1975, but it was not a commercial success. "The film met with negative reviews from critics, and general disinterest from audiences," says Muir. "Both Carpenter and O'Bannon realized that all the struggles they endured to make the film did not matter to audiences, they only cared about the finished product. I think they were discouraged," says Griffiths. The growth of the VHS market, however, helped it find its audience and propelled it towards cult status. Its influence can still be felt, perhaps most directly in Ridley Scott's Alien, for which O'Bannon, who died in 2009, wrote the screenplay. The two films share DNA. Alien is also set on a grotty working vessel with a bickering crew, only this time the alien wasn't played for laughs.

An anonymous reader quotes a report from TechCrunch: In 2015, as part of the wave of encrypting all the things on the internet, encouraged by the Edward Snowden revelations, Facebook announced that it would allow users to receive encrypted emails from the company. Even at the time, this was a feature for the paranoid users. By turning on the feature, all emails sent from Facebook -- mostly notifications of "likes" and private messages -- to the users who opted-in would be encrypted with the decades-old technology called Pretty Good Privacy, or PGP. Eight years later, Facebook is killing the feature due to low usage, according to the company. The feature was deprecated Tuesday. Facebook declined to specify exactly how many users were still using the encrypted email feature.

Intel CEO Pat Gelsinger has downplayed the threat of rival chipmakers creating processors based on the Arm architecture for PCs. From a report: "Arm and Windows client alternatives, generally they've been relegated to pretty insignificant roles in the PC business," he told analysts during the x86 giant's Q3 earnings call Thursday. "We take all our competition seriously, but I think history is our guide here. We don't see these as potentially being all that significant overall," he added, a sentiment somewhat at odds with Microsoft which last week cited analyst research predicting Arm's PC market share will grow from its curernt 14 percent to 25 percent by 2027.

Which seems far from "pretty insignificant." Gelsinger's words also contrast markedly with past Intel CEO Andy Grove, who penned a book titled "Only the Paranoid Survive: How to Exploit the Crisis Points That Challenge Every Company." While Gelsinger doesn't see Arm as a threat, he said Intel Foundry Services is more than happy to work with chipmakers to build chips based on the architecture. "When you're thinking about other alternative architectures like Arm, we also say, 'Wow, what a great opportunity for our foundry'," he said. To that end, the in April 2023 the chipmaker announced a strategic partnership with Arm to make it easier to produce chips on the architecture in Intel foundries.

An anonymous reader quotes a report from Bloomberg: Remote working may have peaked in the UK as a loosening labor market hands power back to employers, according to research by LinkedIn. In September, 12% of UK jobs advertised on the site were remote, compared with 16% in January, as "paranoid" employers worry about the productivity of working from home, said Josh Graff, the managing director of LinkedIn for EMEA and Latin America. The company also found that three out of four bosses in the UK are concerned that the current economic slowdown means they will have to go back on flexible working, in a global survey of around 3,000 C-suite executives at large organizations.

Despite the falling percentage of remote and hybrid work being advertised, it is still popular with candidates, said Graff. He noted that although just 12% of jobs advertised were remote, they got 20% of all applications. Graff described this as a "growing disconnect between what professionals want and what employers are offering." Graff added that staff and bosses also disagree about the efficacy of working from home, with "paranoia" about the amount getting done. Microsoft research found that 80% of managers felt their teams were less productive when they were not in the office. About 85% of managers worry they can't tell if employees are getting enough done, while 87% of workers say their productivity is just fine, Microsoft found.

The UK labor market is still running hot with the 3.5% unemployment rate the lowest since 1974, according to the Office for National Statistics. However, Graff said the hiring rate on LinkedIn fell by 10% in the UK in September from a year earlier, in a sign of slowdown. Graff cautioned that returning to "command and control" structures might not be good for businesses, as they risk losing "motivated employees at a moment when they need them most." "While difficult decisions undoubtedly have to be taken, it's important to remember that your employees are your company's most precious asset," he said. "They have experience of your systems, your processes. They're aligned with your culture and values and importantly they are the ones that hold deep customer relationships as well."

BleepingComputer was recently contacted by an alleged "venture capitalist" firm that wanted to invest or purchase our site. However, as we later discovered, this was a malicious campaign designed to install malware that provides remote access to our devices. Lawrence Abrams from BleepingComputer writes: Last week, BleepingComputer received an email to our contact form from an IP address belonging to a United Kingdom virtual server company. Writing about cybersecurity for so long, I am paranoid regarding email, messaging, and visiting unknown websites. So, I immediately grew suspicious of the email, fired up a virtual machine and VPN, and did a search for Vuxner. Google showed only a few results for 'Vuxner,' with one being for a well-designed and legitimate-looking vuxner[.]com, a site promoting "Vuxner Chat -- Next level of privacy with free instant messaging." As this appeared to be the "Vuxner chat" the threat actors referenced in their email, BleepingComputer attempted to download it and run it on a virtual machine.

BleepingComputer found that the VuxnerChat.exe download [VirusTotal] actually installs the "Trillian" messaging app and then downloads further malware onto the computer after Trillian finishes installing. As this type of campaign looked similar to other campaigns that have pushed remote access and password-stealing trojans in the past, BleepingComputer reached out to cybersecurity firm Cluster25 who has previously helped BleepingComputer diagnose similar malware attacks in the past. Cluster25 researchers explain in a report coordinated with BleepingComputer that the Vuxner[.]com is hosted behind Cloudflare, however they could still determine hosting server's actual address at 86.104.15[.]123.

The researchers state that the Vuxner Chat program is being used as a decoy for installing a remote desktop software known as RuRAT, which is used as a remote access trojan. Once a user installs the Vuxner Trillian client and exits the installer, it will download and execute a Setup.exe executable [VirusTotal] from https://vuxner[.]com/setup.exe. When done, the victim will be left with a C:\swrbldin folder filled with a variety of batch files, VBS scripts, and other files used to install RuRAT on the device. Cluster25 told BleepingComputer that the threat actors are using this attack to gain initial access to a device and then take control over the host. Once they control the host, they can search for credentials and sensitive data or use the device as a launchpad to spread laterally in a network.

Open source is no place for secrets. From a report: This is a critical time for the Good Chip Intel. After the vessel driftied through the Straits of Lateness towards the Rocks of Irrelevance, Captain Pat parachuted into the bridge to grab the helm and bark "Full steam ahead!" Its first berth at Alder Lake is generally seen as a return to competitive form, but that design started well before Gelsinger's return and there's still zero room for navigational errors in the expeditions ahead. At least one of the course corrections looks a bit rum. Intel has long realised the importance of supporting open source to keep its chips dancing with Linux. Unlike the halcyon days of Wintel dominance, though, this means being somewhat more open about the down-and-dirty details of exactly how its chips do their thing. You can't sign an NDA with the Linux kernel.

Chipmakers are notoriously paranoid: Silicon Valley was born in intrigue and suspicion. Despite Intel's iconic CEO Andy Grove making paranoia a corporate mantra, Intel became relatively relaxed. Qualcomm and Apple would throw you into their piranha pools merely for asking questions if they could, while Intel has learned to give as well as take. But it may be going back to bad habits. One of the new things not open to discussion is something called Software Defined Silicon (SDSi), about which Intel has nothing to say. Which is odd because it has just submitted supporting code for it to the Linux kernel. The code itself doesn't say anything about SDSi, instead adding a mechanism to control whatever it is via some authorised secure token. It basically unlocks hardware features when the right licence is applied. That's not new. Higher performance or extra features in electronic test equipment often comes present but disabled on the base models, and the punter can pay to play later. But what might it mean in SDSi and the Intel architecture?

It is expensive for Intel and OEMs alike to have multiple physical variants of anything; much better if you make one thing that does everything and charge for unlocking it. It's a variant of a trick discovered by hackish school kids in the late 1970s, where cheaper Casio scientific calculators used exactly the same hardware as the more expensive model. Casio just didn't print all the functions on the keyboards of the pleb kit. Future Intel chips will doubtless have cores and cache disabled until magic numbers appear, and with the SoC future beckoning that can extend to all manner of IO, acceleration, and co-processing features. It might even be there already. From engineering, marketing, and revenue perspectives, this is great. Intel could make an M1-like SoC that can be configured on the fly for different platforms, getting the design, performance, and fab efficiencies that Apple enjoys while making sense for multiple OEMs. There could be further revenue from software upgrades, or even subscription models.

The Guardian tells the story of "a viral sensation in the global underworld," the high-security An0m phones, which launched with "a grassroots marketing campaign, identifying so-called influencers — 'well-known crime figures who wield significant power and influence over other criminal associates', according to a US indictment — within criminal subcultures." An0m could not be bought in a shop or on a website. You had to first know a guy. Then you had to be prepared to pay the astronomical cost: $1,700 for the handset, with a $1,250 annual subscription, an astonishing price for a phone that was unable to make phone calls or browse the internet.

Almost 10,000 users around the world had agreed to pay, not for the phone so much as for a specific application installed on it. Opening the phone's calculator allowed users to enter a sum that functioned as a kind of numeric open sesame to launch a secret messaging application. The people selling the phone claimed that An0m was the most secure messaging service in the world. Not only was every message encrypted so that it could not be read by a digital eavesdropper, it could be received only by another An0m phone user, forming a closed loop system entirely separate from the information speedways along which most text messages travel. Moreover, An0m could not be downloaded from any of the usual app stores. The only way to access it was to buy a phone with the software preinstalled...

[U]sers could set an option to wipe the phone's data if the device went offline for a specified amount of time. Users could also set especially sensitive messages to self-erase after opening, and could record and send voice memos in which the phone would automatically disguise the speaker's voice. An0m was marketed and sold not so much to the security conscious as the security paranoid...

An0m was not, however, a secure phone app at all. Every single message sent on the app since its launch in 2018 — 19.37m of them — had been collected, and many of them read by the Australian federal police (AFP) who, together with the FBI, had conceived, built, marketed and sold the devices.

On 7 June 2021, more than 800 arrests were made around the world....
Law enforcement agencies ultimately saw An0m as a creative workaround for unbreakable encryption, according to the Guardian. "Why debate tech companies on privacy issues through costly legal battles if you can simply trick criminals into using your own monitored network?"

The Guradian's story was shared by jd (Slashdot user #1,658), who sees an ethical question. "As the article notes, what's to stop a tyrant doing the same against rivals or innocent protestors?"

Slashdot has featured "the 61 books Elon Musk has recommended on Twitter" as well as the 41 books Mark Zuckerberg recommended on Facebook. Both lists were compiled by a slick web site (with Amazon referrer codes) called "Most Recommended Books." But they've also created pages showing books recommended by over 400 other public figures — incuding Bill Gates and the late Steve Jobs — which provide surprisingly revealing glimpses into the minds of two very different men.

Here's some of the highlights...

Jake Voytko, who previously worked at Google, writing in a blog post: [...] Let's move away from Google's competitive advantages. How does DuckDuckGo perform for most of my search traffic? DuckDuckGo does a good job. I haven't found a reason to switch back to Google. I combed through my browser's history of DuckDuckGo searches. I compared it to my Google search history. When I fell back to Google, I often didn't find what I wanted on Google either. Most of my searches relate to my job, which means that most of my searches are technical queries. DuckDuckGo serves good results for my searches. I'll admit that I'm a paranoid searcher: I reformat error strings, remove identifiers that are unique to my code, and remove quotes before searching. I'm not sure how well DuckDuckGo would handle copy/pasted error strings with lots of quotes and unique identifiers. This means that I don't know if DuckDuckGo handles all technical searches well. But it does a good job for me.

There are many domains where Google outperforms DuckDuckGo. Product search and local search are some examples. I recently made a window plug. It was much easier to find which big-box hardware stores had the materials I need with Google. I also recently bought a pair of ANC headphones. I got much better comparison information starting at Google. Google also shines with sparse results like rare programming error messages. If you're a programmer, you know what I'm talking about: imagine a Google search page with three results. One is a page in Chinese that has the English error string, one is a forum post that gives you the first hint that you need to solve the problem, and one is the error string in the original source code in Github. DuckDuckGo often returns nothing for these kinds of searches. Even though Google is better for some specific domains, I am confident that DuckDuckGo can find what I need. When it doesn't, Google often doesn't help either.

Apple is suing the former chief architect of its iPhone and iPad microprocessors, who in February quit to co-found a data-center chip design biz. From a report: In a complaint filed in the Santa Clara Superior Court, in California, USA, and seen by The Register, the Cupertino goliath claimed Gerard Williams, CEO of semiconductor upstart Nuvia, broke his Apple employment agreement while setting up his new enterprise. Williams -- who oversaw the design of Apple's custom high-performance mobile Arm-compatible processors for nearly a decade -- quit the iGiant in February to head up the newly founded Nuvia. The startup officially came out of stealth mode at the end of November, boasting it had bagged $53m in funding. It appears to be trying to design silicon chips, quite possibly Arm-based ones, for data center systems; it is being coy right now with its plans and intentions.

[...] Apple's lawsuit alleged Williams hid the fact he was preparing to leave Apple to start his own business while still working at Apple, and drew on his work in steering iPhone processor design to create his new company. Crucially, Tim Cook & Co's lawyers claimed he tried to lure away staff from his former employer. All of this was, allegedly, in breach of his contract. The iGiant also reckoned Williams had formed the startup in hope of being bought by Apple to produce future systems for its data centers. [...] Apple's side of the story, however, has been challenged by Williams, who accused the Mac giant of wrongdoing. Last month, his team hit back with a counter argument alleging that Apple doesn't have a legal leg to stand on. The paperwork states Apple's employment contract provisions in this case are not enforceable under California law: they argue the language amounts to a non-compete clause, which is, generally speaking, a no-no in the Golden State. Thus, they say, Williams was allowed to plan and recruit for his new venture while at Apple. [...] They also allege that Apple's evidence in its complaint, notably text messages he exchanged with another Apple engineer and conversations with his eventual Nuvia co-founders, were collected illegally by the highly paranoid iPhone maker.

Matthew Green, a cryptographer and professor at Johns Hopkins University, writes: So what did Snowden's leaks really tell us? The brilliant thing about the Snowden leaks was that he didn't tell us much of anything. He showed us. Most of the revelations came in the form of a Powerpoint slide deck, the misery of which somehow made it all more real. And despite all the revelation fatigue, the things he showed us were remarkable. I'm going to hit a few of the highlights from my perspective. Many are cryptography-related, just because that's what this blog is about. Others tell a more basic story about how vulnerable our networks are.

"Collect it all"

Prior to Snowden, even surveillance-skeptics would probably concede that, yes, the NSA collects data on specific targets. But even the most paranoid observers were shocked by the sheer scale of what the NSA was actually doing out there. The Snowden revelations detailed several programs that were so astonishing in the breadth and scale of the data being collected, the only real limits on them were caused by technical limitations in the NSA's hardware. Most of us are familiar with the famous examples, like nationwide phone metadata collection. But it's the bizarre, obscure leaks that really drive this home. "Optic Nerve": From 2008-2010 the NSA and GCHQ collected millions of still images from every Yahoo! Messenger webchat stream, and used them to build a massive database for facial recognition. The collection of data had no particular rhyme or reason -- i.e., it didn't target specific users who might be a national security threat. It was just... everything.

A wealthy stock trader and "skilled computer hacker" was sentenced Monday to nine years in prison for the fiery death of a man who was helping him secretly dig tunnels for a nuclear bunker beneath a Maryland home. Baltimore Sun reports: Daniel Beckwitt, 28, had faced a maximum of 30 years in prison when Montgomery County Circuit Court Judge Margaret Schweitzer sentenced him. In total, Beckwitt was sentenced to 21 years but the judge suspended all but nine years of the sentence. In April, a jury convicted Beckwitt of second-degree murder and involuntary manslaughter in the September 2017 death of 21-year-old Askia Khafra. During the trial, Montgomery County prosecutor Marybeth Ayres accused Beckwitt of recklessly endangering Khafra's life. Beckwitt ignored obvious signs of danger and sacrificed safety for secrecy while they dug a network of tunnels beneath a home in Bethesda, a suburb of Washington, D.C., the prosecutor said.

Defense attorney Robert Bonsib had told jurors the fire was an accident, not a crime. Firefighters found Khafra's naked, charred body in the basement of Beckwitt's trash-filled house, only a few steps from an exit. Prosecutors said the extreme hoarding conditions in the home prevented Khafra from escaping. Hours before the fire broke out in the basement, Khafra texted Beckwitt to warn him it smelled like smoke in the tunnels. Ayres said Beckwitt didn't respond for more than six hours before telling Khafra that there had been a "major electrical failure." Instead of getting Khafra out of the tunnels, Beckwitt told him that he "just switched it all over to another circuit," according to the prosecutor. Bonsib said Beckwitt screamed for help from neighbors after the fire broke out and tried to rescue his friend from the blaze before heavy smoke and flames forced him to retreat. A prosecutor described Beckwitt as having "a paranoid fixation on a possible nuclear attack by North Korea."

The tunnels that Khafra was working on were kept a secret, so much so that Beckwitt "tried to trick Khafra into thinking they were digging the tunnels in Virginia instead of Maryland by having him don 'blackout glasses' before taking him on a long drive," the report says. "Khafra had a cellphone with him in the tunnels, but Beckwitt used internet 'spoofing' to make it appear they were digging in Virginia."

Drones have become an increasingly popular tool for industry and government. But the Department of Homeland Security is warning that drones manufactured by Chinese companies could pose security risks, including that the data they gather could be stolen. From a report: The department sent out an alert on the subject on May 20, and a video on its website notes that drones in general pose multiple threats, including "their potential use for terrorism, mass casualty incidents, interference with air traffic, as well as corporate espionage and invasions of privacy." "We're not being paranoid," the video's narrator adds. Most drones bought in the U.S. are manufactured in China, with most of those drones made by one company, DJI Technology. Lanier Watkins, a cyber-research scientist at Johns Hopkins University's Information Security Institute, said his team discovered vulnerabilities in DJI's drones. "We could pull information down and upload information on a flying drone," Watkins said. "You could also hijack the drone." The vulnerabilities meant that "someone who was interested in, you know, where a certain pipeline network was or maybe the vulnerabilities in a power utilities' wiring might be able to access that information," he noted.

Facebook's reputation has only continued to get more sullied in recent weeks, and it's taking a toll on employees. According to a new report, things over at the old FB are, well, kind of grim. From the report: "People now have burner phones to talk shit about the company -- not even to reporters, just to other employees," one former employee said. Another described the current scene as a "bunker mentality," meaning that after nearly two years of continuous bad press some people are, to borrow a phrase, leaning in as hard as they can to cope. "It's otherwise rational, sane people who're in Mark's orbit spouting full-blown anti-media rhetoric, saying that the press is ganging up on Facebook," said the former employee. Further reading: Facebook Employees Are Calling Former Colleagues To Look For Jobs Outside the Company and Asking About the Best Way To Leave.