Disney plans to transition away from using Slack as its companywide collaboration tool after a hacking group leaked over a terabyte of data from the platform. Many teams at Disney have already begun moving to other enterprise-wide tools, with the full transition expected later this year. Reuters reports: Hacking group NullBulge had published data from thousands of Slack channels at the entertainment giant, including computer code and details about unreleased projects, the Journal reported in July. The data spans more than 44 million messages from Disney's Slack workplace communications tool, WSJ reported earlier this month. The company had said in August it was investigating an unauthorized release of over a terabyte of data from one of its communication systems.

Joe_Dragon shares a report: Four more large Internet service providers told the US Supreme Court this week that ISPs shouldn't be forced to aggressively police copyright infringement on broadband networks. While the ISPs worry about financial liability from lawsuits filed by major record labels and other copyright holders, they also argue that mass terminations of Internet users accused of piracy "would harm innocent people by depriving households, schools, hospitals, and businesses of Internet access."

The legal question presented by the case "is exceptionally important to the future of the Internet," they wrote in a brief filed with the Supreme Court on Monday. The amici curiae brief was filed by Altice USA (operator of the Optimum brand), Frontier Communications, Lumen (aka CenturyLink), and Verizon. The brief supports cable firm Cox Communications' attempt to overturn its loss in a copyright infringement lawsuit brought by Sony. Cox petitioned the Supreme Court to take up the case last month.

Sony and other music copyright holders sued Cox in 2018, claiming it didn't adequately fight piracy on its network and failed to terminate repeat infringers. A US District Court jury in the Eastern District of Virginia ruled in December 2019 that Cox must pay $1 billion in damages to the major record labels. Cox won a partial victory when the US Court of Appeals for the 4th Circuit vacated the $1 billion verdict, finding that Cox wasn't guilty of vicarious infringement because it did not profit directly from infringement committed by users of its cable broadband network. But the appeals court affirmed the jury's finding of willful contributory infringement and ordered a new damages trial.

Google is updating its Password Manager to allow users to sync passkeys across multiple devices, including Windows, macOS, Linux, and Android, with iOS and ChromeOS support coming soon. Engadget reports: Once saved, the passkey automatically syncs across other devices using Google Password Manager. The company says this data is end-to-end encrypted, so it'll be pretty tough for someone to go in and steal credentials. [...] Today's update also brings another layer of security to passkeys on Google Password Manager. The company has introduced a six-digit PIN that will be required when using passkeys on a new device. This would likely stop nefarious actors from logging into an account even if they've somehow gotten ahold of the digital credentials. Just don't leave the PIN number laying on a sheet of paper directly next to the computer.

The Federal Trade Commission said on Thursday it found that several social media and streaming services engaged in a "vast surveillance" of consumers, including minors, collecting and sharing more personal information than most users realized. From a report: The findings come from a study of how nine companies -- including Meta, YouTube and TikTok -- collected and used consumer data. The sites, which mostly offer free services, profited off the data by feeding it into advertising that targets specific users by demographics, according to the report. The companies also failed to protect users, especially children and teens.

The F.T.C. said it began its study nearly four years ago to offer the first holistic look into the opaque business practices of some of the biggest online platforms that have created multibillion-dollar ad businesses using consumer data. The agency said the report showed the need for federal privacy legislation and restrictions on how companies collect and use data. "Surveillance practices can endanger people's privacy, threaten their freedoms, and expose them to a host of harms, from identify theft to stalking," said Lina Kahn, the F.T.C.'s chair, in a statement.

Kenya signed a Memorandum of Understanding (MoU) with the U.S. on nuclear technology cooperation during the 2024 IAEA General Conference in Vienna, with the aim of safely integrating nuclear power into Kenya's energy mix by 2035. The agreement focuses on collaboration in nuclear safety, regulatory experience, and research. The Standard reports: The historic pact came a day after Prime Cabinet Secretary Musalia Mudavadi addressed the general session of the conference. Mudavadi had outlined Kenya's ambitious plans to integrate nuclear power into the country's energy mix by 2035, as part of a broader strategy to meet its growing energy demand. Kenya's current installed energy capacity, as of 2023, totals 3,321 MW, with significant contributions from geothermal (863 MW), hydroelectric power (838 MW), wind (436 MW), solar (173 MW), biomass (2 MW), and thermal energy (678 MW). However, despite these sources, the country still faces a shortfall in its energy supply. Experts say nuclear energy will be crucial in addressing this deficit and supporting Kenya's long-term industrialization goals.

The MoU was signed by the Kenya Nuclear Regulatory Authority (KNRA) and the United States Nuclear Regulatory Commission (USNRC), with both parties expressing optimism about the future of nuclear cooperation between the two nations. [...] Areas of cooperation will include sharing of operating experience and regulatory experience, cooperation in joint programs of nuclear safety research and trainings. Kenya, along with several other developing nations, is exploring the potential use of nuclear energy beyond electricity generation, including its applications in health and agriculture. As the country moves forward with its nuclear aspirations, experts highlight the importance of robust regulatory frameworks and international cooperation to ensure the safe and effective deployment.

schwit1 shares a report from SpaceNews: The FAA announced Sept. 17 that it notified SpaceX of $633,009 in proposed fines for violating terms of its launch licenses during the June 2023 Falcon 9 launch of the Satria-1, or PSN Satria, broadband satellite and the July 2023 Falcon Heavy launch of Jupiter-3, or EchoStar-24, broadband satellite. Both launches were successful.

For the Satria-1 launch, the FAA said in its enforcement notice (PDF) to the company that SpaceX had requested in May 2023 changes to its communications plan to allow the use of a new launch control center at the company's "Hangar X" facility at the Kennedy Space Center and to skip a poll of launch controllers at two hours before liftoff. The FAA notified SpaceX shortly before the scheduled launch that it would not be able to approve those changes and modify the license in time, although the enforcement notice did not state why. SpaceX went ahead and used the Hangar X control center and skipped the "T-2 hours" poll for the launch. The agency concluded that violated two conditions of its launch license, which allowed for civil penalties of up to $283,009 each. The FAA said it planned to fine SpaceX a combined $350,000 for that launch.

A month later, SpaceX conducted the Falcon Heavy launch of Jupiter-3, but nine days before the launch the company requested a modification to its launch license to allow it to use a new tank farm for RP-1 fuel at KSC's Launch Complex 39A, according to a separate enforcement notice. The FAA notified SpaceX two days before the scheduled launch that the agency would not be able to modify the license in time, but SpaceX nonetheless used the new tank farm for the launch. The agency said it proposed to fine SpaceX the maximum $283,009 for that violation. Instead of participating in administrative procedures, SpaceX CEO Elon Musk said it would take the FAA to court. "SpaceX will be filing suit against the FAA for regulatory overreach," he posted on X.

An anonymous reader quotes a report from Ars Technica: The Senate Judiciary Committee is scheduled to consider two bills Thursday that would effectively nullify the Supreme Court's rulings against patents on broad software processes and human genes. Open source and Internet freedom advocates are mobilizing and pushing back. The Patent Eligibility Restoration Act (or PERA, S. 2140), sponsored by Sens. Thom Tillis (R-NC) and Chris Coons (D-Del.), would amend US Code such that "all judicial exceptions to patent eligibility are eliminated." That would include the 2014 ruling in which the Supreme Court held, with Justice Clarence Thomas writing, that simply performing an existing process on a computer does not make it a new, patentable invention. "The relevant question is whether the claims here do more than simply instruct the practitioner to implement the abstract idea of intermediated settlement on a generic computer," Thomas wrote. "They do not." That case also drew on Bilski v. Kappos, a case in which a patent was proposed based solely on the concept of hedging against price fluctuations in commodity markets. [...]

Another wrinkle in the PERA bill involves genetic patents. The Supreme Court ruled in June 2013 that pieces of DNA that occur naturally in the genomes of humans or other organisms cannot, themselves, be patented. Myriad Genetics had previously been granted patents on genes associated with breast and ovarian cancer, BRCA1 and BRCA2, which were targeted in a lawsuit led by the American Civil Liberties Union (ACLU). The resulting Supreme Court decision -- this one also written by Thomas -- found that information that naturally occurs in the human genome could not be the subject to a patent, even if the patent covered the process of isolating that information from the rest of the genome. As with broad software patents, PERA would seemingly allow for the patenting of isolated human genes and connections between those genes and diseases like cancer. [...] The Judiciary Committee is set to debate and potentially amend or rewrite PREVAIL and PERA (i.e. mark up) on Thursday.

Snapchat's terms of service for its "My Selfie" tool reserve the right to use users' AI-generated images in ads. While users can opt out by disabling the "See My Selfie in Ads" feature, it is enabled by default. 404 Media's Emanuel Maiberg reports: A support page on the Snapchat website titled "What is My Selfie?" explains further: "You'll take selfies with your Snap camera or select images from your camera roll. These images will be used to understand what you look like to enable you, Snap and your friends to generate novel images of you. If you're uploading images from the camera roll, only add images of yourself," Snapchat's site says. "After you've successfully onboarded, you may have access to some features powered by My Selfie, like Cameos stickers and AI Snaps. We are constantly adding features and functionality so stay tuned for more My Selfie features."

After seeing the popup, I searched for instances of people getting ads featuring their own face on Snapchat, and found this thread on the r/Privacy Reddit community where a user claimed exactly this happened to them. In an email to 404 Media, Snapchat said that it couldn't confirm or deny whether this user was served an ad featuring their face, but if they did, the ad was not using My Selfie images. Snapchat also said that it investigated the claim in the Reddit thread and that the advertiser, yourdreamdegree.com, has a history of advertising on Snapchat and that Snapchat believes the ad in question does not violate any of its policies. "The photo that was used in the advertisement is clearly AI, however, it is very clearly me," the Reddit user said. "It has my face, my hair, the clothing I wear, and even has my lamp & part of a painting on my wall in the background. I have no idea how they got photos of me to be able to generate this ad." Snapchat confirmed the news but emphasized that advertisers do not have access to Snapchat users' generative AI data. "You are correct that our terms do reserve the right, in the future, to offer advertising based on My Selfies in which a Snapchatter can see themselves in a generated image delivered to them," a Snapchat spokesperson said. "As explained in the onboarding modal, Snapchatters have full control over this, and can turn this on and off in My Selfie Settings at any time."

Late last month, Brazilian Justice Alexandre de Moraes ordered X to suspend operations in Brazil after a months-long dispute with X owner Elon Musk. The conflict centered on Musk's refusal to appoint a legal representative in the country and his refusal to take down disinformation and far-right accounts. However, on Wednesday, X bypassed the court-ordered block by utilizing third-party cloud services, allowing many Brazilian users to access the platform without the need for a virtual private network (VPN). From a report: The number of Brazilians accessing X is unknown, according to [Abrint, the Brazilian Association of Internet and Telecommunications providers]. "I believe the change was probably intentional. Why would X use a third-party service that ends up being slower than its own?" said Basilio Perez, a board member at Abrint.

Any revised order from Brazil's national telecommunications agency Anatel, which is responsible for implementing the court ruling, will need to be more specific, because blocking cloud access is complex and may jeopardize government agencies and financial services providers, Perez said.

Anatel has identified the problem and is working to first notify content delivery network providers, followed by telecom companies to block access again to X in Brazil, according to a person familiar with the situation. The same person said it is not clear how long it will take for the providers to comply with the order.

The Register's Jessica Lyons reports: Chinese state-sponsored spies have been spotted inside a global engineering firm's network, having gained initial entry using an admin portal's default credentials on an IBM AIX server. In an exclusive interview with The Register, Binary Defense's Director of Security Research John Dwyer said the cyber snoops first compromised one of the victim's three unmanaged AIX servers in March, and remained inside the US-headquartered manufacturer's IT environment for four months while poking around for more boxes to commandeer. It's a tale that should be a warning to those with long- or almost-forgotten machines connected to their networks; those with shadow IT deployments; and those with unmanaged equipment. While the rest of your environment is protected by whatever threat detection you have in place, these legacy services are perfect starting points for miscreants.

This particular company, which Dwyer declined to name, makes components for public and private aerospace organizations and other critical sectors, including oil and gas. The intrusion has been attributed to an unnamed People's Republic of China team, whose motivation appears to be espionage and blueprint theft. It's worth noting the Feds have issued multiple security alerts this year about Beijing's spy crews including APT40 and Volt Typhoon, which has been accused of burrowing into American networks in preparation for destructive cyberattacks.

After discovering China's agents within its network in August, the manufacturer alerted local and federal law enforcement agencies and worked with government cybersecurity officials on attribution and mitigation, we're told. Binary Defense was also called in to investigate. Before being caught and subsequently booted off the network, the Chinese intruders uploaded a web shell and established persistent access, thus giving them full, remote access to the IT network -- putting the spies in a prime position for potential intellectual property theft and supply-chain manipulation. If a compromised component makes it out of the supply chain and into machinery in production, whoever is using that equipment or vehicle will end up feeling the brunt when that component fails, goes rogue, or goes awry.

"The scary side of it is: With our supply chain, we have an assumed risk chain, where whoever is consuming the final product -- whether it is the government, the US Department of the Defense, school systems â" assumes all of the risks of all the interconnected pieces of the supply chain," Dwyer told The Register. Plus, he added, adversarial nations are well aware of this, "and the attacks continually seem to be shifting left." That is to say, attempts to meddle with products are happening earlier and earlier in the supply-chain pipeline, thus affecting more and more victims and being more deep-rooted in systems. Breaking into a classified network to steal designs or cause trouble is not super easy. "But can I get into a piece of the supply chain at a manufacturing center that isn't beholden to the same standards and accomplish my goals and objectives?" Dwyer asked. The answer, of course, is yes. [...]

The House Energy and Commerce Committee has approved the AM for Every Vehicle Act, which mandates that automakers include AM radio in new vehicles without additional charges. The Verge reports: The bill passed the committee on a roll-call vote of 45-2 and now heads to the full House for final approval. The bill, titled the AM for Every Vehicle Act, would direct the National Highway Traffic Safety Administration (NHTSA) to issue a rule that "requires automakers to maintain AM broadcast radio in their vehicles without a separate or additional payment, fee, or surcharge." Supporters say they are pushing the bill out of a concern that the slow demise of AM radio could make it more difficult to broadcast emergency information during a natural disaster or other related events. Conservatives are also worried about losing a lucrative platform for right-wing news and media. [...]

Automakers generally see AM radio as an obsolete technology, arguing that there are other, better technologies, such as internet streaming, HD radio delivered on FM bands, or some apps that provide AM content that will make up for the absence of AM radio in vehicles. Critics say the bill could also add to the costs of producing EVs at a time when many manufacturers are struggling to rein in their costs. "With a new mandate, [EV companies] will have to go through a significant powertrain redesign, vehicle redesign," Albert Gore, executive director of the Zero Emission Transportation Association, said in an interview earlier this year, "because of the degree to which electric motor generates this [electromagnetic] interference."

Longtime Slashdot reader theodp writes: Python in Excel is now generally available for Windows users of Microsoft 365 Business and Enterprise," Microsoft announced in a Monday blog post. "Last August, in partnership with Anaconda, we introduced an exciting new addition to Excel by integrating Python, making it possible to seamlessly combine Python and Excel analytics within the same workbook, no setup required. Since then, we've brought the power of popular Python analytics libraries such as pandas, Matplotlib, and NLTK to countless Excel users." Microsoft also announced the public preview of Copilot in Excel with Python, which will take users' natural language requests for analysis and automatically generate, explain, and insert Python code into Excel spreadsheets.

While drawing criticism for limiting Python execution to locked-down Azure cloud containers, Python in Excel has also earned accolades from the likes of Python creator Guido van Rossum, now a Microsoft Distinguished Engineer, as well as Pandas creator Wes McKinney.

Left unmentioned in Monday's announcement is that Microsoft managed to convince the USPTO to issue it a patent in July 2024 on the Enhanced Integration of Spreadsheets With External Environments (alt. source), which Microsoft explains covers the "implementation of enhanced integrations of native spreadsheet environments with external resources such as-but not limited to-Python." All of which may come as a surprise to software vendors and individuals that were integrating Excel and external programming environments years before Microsoft filed its patent application in September 2022.

Former MoviePass CEO Mitch Lowe pleaded guilty to securities fraud, admitting he misled investors about the viability of the company's $9.95-a-month movie subscription service, and faces up to five years in prison. His co-defendant, former Helios and Matheson CEO Ted Farnsworth, faces similar charges and is scheduled for trial in March 2025; Farnsworth has been in federal custody since August 2023 due to bond violations involving misuse of company funds. Variety reports: Farnsworth and Lowe were the architects of MoviePass' doomed all-you-can-watch offering, which resulted in hundreds of millions of dollars in investor losses in 2017 and 2018. Investigators found that Lowe tried to stem the losses by throttling the service, forcing high-volume users to reset their passwords and verify their tickets. The two men were charged in November 2022 on counts of wire fraud and securities fraud. According to Lowe's plea agreement, the government estimates the total losses from the scheme at $303 million -- though Lowe contends it is less than that. Lowe remains free on bond, and is due back in court in Miami on March 21 for a status conference. Lowe published a memoir in 2022 in which he reflected on the downfall of MoviePass, entitled "Watch and Learn: How I Turned Hollywood Upside Down with Netflix, Redbox, and Moviepass."

Apple has increased its out-of-warranty battery replacement fee for iPhone 16 pro models. From a report: Apple Stores can replace the battery inside an iPhone 16 pro or iPhone 16 pro Max for $119 in the U.S., which is up from $99 for the iPhone 15 pro and iPhone 15 pro Max. This is a 20% increase to the fee, which includes the cost of a new battery and service by an Apple Store. The fee may vary at third-party Apple Authorized Service providers. The fee remains $99 for the standard iPhone 16 and iPhone 16 Plus. Customers with AppleCare+ can still get an iPhone 16 pro battery replaced for free, but only if the battery retains less than 80% of its original capacity.

Apple says all four iPhone 16 models are equipped with larger batteries, and all of the devices received an internal redesign for improved heat dissipation, according to the company. A metal enclosure was rumored for at least some iPhone 16 batteries, but we are still waiting for teardowns to get a proper look inside of the devices.

An EFF article calls out a "brazen attempt to privatize" a wireless frequency band (900 MHz) which America's FCC's left " as a commons for all... for use by amateur radio operators, unlicensed consumer devices, and industrial, scientific, and medical equipment." The spectrum has also become "a hotbed for new technologies and community-driven projects. Millions of consumer devices also rely on the range, including baby monitors, cordless phones, IoT devices, garage door openers." But NextNav would rather claim these frequencies, fence them off, and lease them out to mobile service providers. This is just another land-grab by a corporate rent-seeker dressed up as innovation. EFF and hundreds of others have called on the FCC to decisively reject this proposal and protect the open spectrum as a commons that serves all.

NextNav [which sells a geolocation service] wants the FCC to reconfigure the 902-928 MHz band to grant them exclusive rights to the majority of the spectrum... This proposal would not only give NextNav their own lane, but expanded operating region, increased broadcasting power, and more leeway for radio interference emanating from their portions of the band. All of this points to more power for NextNav at everyone else's expense.

This land-grab is purportedly to implement a Positioning, Navigation and Timing (PNT) network to serve as a US-specific backup of the Global Positioning System(GPS). This plan raises red flags off the bat. Dropping the "global" from GPS makes it far less useful for any alleged national security purposes, especially as it is likely susceptible to the same jamming and spoofing attacks as GPS. NextNav itself admits there is also little commercial demand for PNT. GPS works, is free, and is widely supported by manufacturers. If Nextnav has a grand plan to implement a new and improved standard, it was left out of their FCC proposal. What NextNav did include however is its intent to resell their exclusive bandwidth access to mobile 5G networks. This isn't about national security or innovation; it's about a rent-seeker monopolizing access to a public resource. If NextNav truly believes in their GPS backup vision, they should look to parts of the spectrum already allocated for 5G.

The open sections of the 900 MHz spectrum are vital for technologies that foster experimentation and grassroots innovation. Amateur radio operators, developers of new IoT devices, and small-scale operators rely on this band. One such project is Meshtastic, a decentralized communication tool that allows users to send messages across a network without a central server. This new approach to networking offers resilient communication that can endure emergencies where current networks fail. This is the type of innovation that actually addresses crises raised by Nextnav, and it's happening in the part of the spectrum allocated for unlicensed devices while empowering communities instead of a powerful intermediary. Yet, this proposal threatens to crush such grassroots projects, leaving them without a commons in which they can grow and improve.

This isn't just about a set of frequencies. We need an ecosystem which fosters grassroots collaboration, experimentation, and knowledge building. Not only do these commons empower communities, they avoid a technology monoculture unable to adapt to new threats and changing needs as technology progresses. Invention belongs to the public, not just to those with the deepest pockets. The FCC should ensure it remains that way.

NextNav's proposal is a direct threat to innovation, public safety, and community empowerment. While FCC comments on the proposal have closed, replies remain open to the public until September 20th. The FCC must reject this corporate land-grab and uphold the integrity of the 900 MHz band as a commons.