The New York Times' product-recommendation service "Wirecutter" has sparked widening criticism about how laptops are reviewed. The technology/Apple blog Daring Fireball first complained that they "institutionally fetishize price over quality". That makes it all the more baffling that their recommended "Best Laptop" — not best Windows laptop, but best laptop, full stop — is a Dell XPS 13 that costs $1,340 but is slower and gets worse battery life (and has a lower-resolution display) than their "best Mac laptop", the $1,000 M1 MacBook Air.
Technically Dell's product won in a category titled "For most people: The best ultrabook" (and Wikipedia points out that ultrabook is, after all, "a marketing term, originated and trademarked by Intel.") But this leads blogger Jack Wellborn to an even larger question: why exactly do reviewers refuse to do a comparison between Wintel laptops and Apple's MacBooks? Is it that reviewers don't think they could fairly compare x86 and ARM laptops? It seems easy enough to me. Are they afraid that constantly showing MacBooks outperforming Wintel laptops will give the impression that they are in the bag for Apple? I don't see why. Facts are facts, and a lot of people need or want to buy a Windows laptop regardless. I can't help but wonder if, in the minds of many reviewers, MacBooks were PCs so long as they used Intel, and therefore they stopped being PCs once Apple switched to using their own silicon.
Saturday Daring Fireball responded with their own assessment. "Reviewers at ostensibly neutral publications are afraid that reiterating the plain truth about x86 vs. Apple silicon — that Apple silicon wins handily in both performance and efficiency — is not going to be popular with a large segment of their audience. Apple silicon is a profoundly inconvenient truth for many computer enthusiasts who do not like Macs, so they've gone into denial..."

Both bloggers cite as an example this review of Microsoft's Surface Laptop Go 2, which does begin by criticizing the device's old processor, its un-backlit keyboard, its small selection of ports, and its low-resolution touchscreen. But it ultimately concludes "Microsoft gets most of the important things right here, and there's no laptop in this price range that doesn't come with some kind of trade-off...." A crime of omission — or is the key phrase "in this price range"? (Which gets back to Daring Fireball's original complaint about "fetishizing price over quality.") Are Apple's new Silicon-powered laptops sometimes being left out of comparisons because they're more expensive?

In an update, Wellborn acknowledges that this alleged refusal-to-compare apparently actually precedes Apple's launch of its M1 chip. But he argues that now it's more important than ever to begin making those comparisons: It's a choice between a hot and noisy and/or slow PC laptop running Windows and a cool, silent, and fast MacBook. Most buyers don't know that choice now exists, and it's the reviewer's job to educate them. Excluding MacBooks from consideration does those buyers a considerable disservice.

"Uber has officially accepted responsibility for hiding a 2016 data breach that exposed the data of 57 million passengers and drivers..." reports Engadget.

Reuters explains this acknowledgement "was part of a settlement with U.S. prosecutors to avoid criminal charges." In entering a non-prosecution agreement, Uber admitted that its personnel failed to report the November 2016 hacking to the U.S. Federal Trade Commission [for nearly one year], even though the agency had been investigating the ride-sharing company's data security... U.S. Attorney Stephanie Hinds in San Francisco said the decision not to criminally charge Uber reflected new management's prompt investigation and disclosures, and Uber's 2018 agreement with the FTC to maintain a comprehensive privacy program for 20 years.

The San Francisco-based company is also cooperating with the prosecution of a former security chief, Joseph Sullivan, over his alleged role in concealing the hacking.
Here's what the Department of Justice is now alleging against that security chief (as summarized by Reuters last month: "he arranged to pay money to two hackers in exchange for their silence, while trying to conceal the hacking from passengers, drivers and the U.S. Federal Trade Commission."

That's led to three separate wire fraud charges against the former security chief, as well as two charges for obstruction of justice. The defendant was originally indicted in September 2020, and is believed to be the first corporate information security officer criminally charged with concealing a hacking. Prosecutors said Sullivan arranged to pay the hackers $100,000 in bitcoin, and have them sign nondisclosure agreements that falsely stated they had not stolen data.

Uber had a bounty program designed to reward security researchers who report flaws, not to cover up data thefts.... In September 2018, the San Francisco-based company paid $148 million to settle claims by all 50 U.S. states and Washington, D.C. that it was too slow to reveal the hacking.

"TikTok is resisting calls to preserve and hand over access to its content for war crime investigations," reports the Financial Times, "as lawyers and activists warn that the Chinese-owned app is a major data challenge in prosecuting atrocities in Russia's invasion of Ukraine." The video app's popularity with young Ukrainians and Russians posting footage of the war has made it a trove of digital intelligence that investigators are attempting to mine and archive as evidence of war crimes, crimes against humanity, and illegal acts of violence in Ukraine....

"I have concerns about the security of data there, and it is not fully clear where the interest and influence in the company is coming from," said Dia Kayyali, associate director for advocacy at Mnemonic, a nonprofit that archives digital documentation of human rights violations. "It is especially concerning that China could directly have access to that data...." Since early 2022, TikTok has met with human rights lawyers, activists, and others involved in Ukraine war crime investigations. However, it has yet to introduce any changes to its process or the product itself.

Criminal prosecutors are increasingly relying on social media posts from TikTok and others as a way to "bring the crime scene to the courtroom," said Karim Khan, chief prosecutor of the International Criminal Court. "Any effective investigation anywhere in the world now really requires a very effective harnessing of social media," said Khan. "People... recording killings or attacks or the consequences of attacks in real time, it can have absolutely fantastic probative value...."

TikTok said it regularly meets with organizations, government bodies, and third-party experts to gather feedback and is committed to cooperating with law enforcement while respecting the privacy of its users.

An anonymous reader quotes a report from The Daily Beast: On Sept. 5, 1992, computer engineer Laurie Houts, 25, was found fatally strangled in her car near a California garbage dump. Her boyfriend's roommate was arrested in connection with the case, but two trials -- and two hung juries -- later, a judge dismissed the case. The roommate moved to the Netherlands soon afterward. Over the weekend, the roommate -- now the chief executive of a small software company -- was arrested as he landed at John F. Kennedy International Airport in New York City, according to the Santa Clara County Office of the District Attorney. John Woodward, the 58-year-old CEO and president of ReadyTech, is expected to be extradited to Santa Clara County by the end of the month, District Attorney Jeff Rosen said Monday. Once there, Woodward will be arraigned for the third time in Houts' murder by strangulation.

Houts' body was discovered by a passerby less than a mile from her office at Adobe Systems in Mountain View more than 30 years ago, according to the San Francisco Chronicle. A rope was around her neck, and there were footprints on the inside of her windshield, which were called "a sign of her struggle with Woodward" by the district attorney's office. Forensic science at the time was able to match Woodward to fingerprints found outside the car, but investigators could not prove that he had been inside the vehicle. Still, when Houts' boyfriend made a call, monitored by police, to Woodward soon after the 25-year-old's death, he "did not deny" killing Houts. Instead, according to a police summary of the matter, Woodward asked what evidence the authorities had against him and suggested to the roommate that they "meet in a parking lot" to talk more.

Woodward, who had no alibi for the night Houts was killed, was arrested that same year. Prosecutors alleged that Woodward had developed an "unrequited" romantic interest in Houts' boyfriend. The theory was criticized as homophobic at Woodward's first trial by his defense lawyer in 1995, the The Mercury News reported Monday, and the jury deadlocked on his innocence, voting 8-4 for acquittal. A year later, despite a judge barring the romantic-rival argument, the jury hearing Woodward's second trial again hung itself, this time ruling 7-5. The judge soon dismissed the case for insufficient evidence. But advances in DNA technology allowed detectives to link Woodward to the rope around Houts' neck for the first time last year, Rosen's statement said. Investigators in both the Santa Clara County Crime Lab and Mountain View Police Department matched both Woodward's genetic material and fibers on his sweatpants to "the murder weapon," police said.

Myanmar's junta government is installing Chinese-built cameras with facial recognition capabilities in more cities across the country, Reuters reported Monday, citing three people with direct knowledge of the matter. From the report: In tenders to procure and install the security cameras and facial recognition technology, the plans are described as safe city projects aimed at maintaining security and, in some cases, preserving civil peace, said the people who are or have been involved in the projects. Since the February 2021 coup, local authorities have started new camera surveillance projects for at least five cities including Mawlamyine - the country's fourth-largest city, according to information from the three people who asked not to be identified for fear of reprisals by the junta. The new projects are in addition to five cities where camera systems touted as crime prevention measures were either installed or planned by the previous government led by Aung San Suu Kyi, according to the sources and local media.

15-year-old Ellis Pinsky stole $23.8 million worth of cryptocurrency — and his life was never the same. For example, Rolling Stone reports, in his last year of high school, "Four men wearing ski masks and gloves, armed with knives, rope, brass knuckles, and a fake 9 mm," crept around the back of his home in the suburbs: Two weeks before the break-in, a lawsuit had been filed against him, and news stories had circulated connecting him to the hack. He knew that the thieves wanted this money, the millions and millions of dollars he had stolen. He also knew that he couldn't give it to them. He didn't have it. Not anymore.
The magazine paints the portrait of "an anxious young man in Invisalign braces" who describes the revelation he'd had at the age of 13. "The internet held such secrets. All he had to do was uncover them." As he soon found, there were plenty of people working to uncover them all the time, and willing to share their methods — for a price.... Realizing that a lot of the information social engineers used came from hacked databases, he began teaching himself to program, particularly to do the Structured Query Language injections and cross-site scripting that allowed him to attack companies' database architecture. The terabyte upon terabyte of databases he extracted, traded, and hoarded made him valuable to OGUsers as well as to others, like the Russian hackers he was able to converse with thanks to his fluency with his mother's native language... By the time he was 14, he tells me, "I think it's fair to say I had the capabilities to hack anyone."
The article describes him as "attending high school by day and extracting the source code of major corporations by night.... He was 14 years old and taken with the thrill of possessing a hidden superpower, of spending his nights secretly tapping into an underground world where he was esteemed and even feared. And then, in the morning, being called downstairs to breakfast." He wrote a Python script to comb through social media networks and seek out any mentions of working for a [cellphone] carrier. Then he'd reach out with an offer of compensation for helping him with a task. Every fifth or sixth person — underpaid and often working a short-term contract — would say they were game, as Pinsky tells it. For a couple hundred dollars' worth of bitcoin, they'd be willing to do a SIM swap, no questions asked. Eventually, Pinsky says, he had employees at every major carrier also working for him. Then the stakes got even higher. It was only a matter of time before OG hackers, known to each other as "the Community," realized that if they could use the SIM-swapping method to steal usernames, they could just as easily use it to steal cryptocurrency...
In one massive heist Pinksky stole 10% of all the Trigger altcoins on the market from crypto impresario Michael Terpin. ("As Pinsky's money launderers were converting it, the market was crashing in real time.") Pinsky recruited a crew to launder the money — at least one of which simply kept it — but even with all the conversion fees, he still made off with millions. And then... For a while, he half-expected the FBI to knock on his door at any moment, just like in the movies; but as time passed, he grew less anxious.... He says he moved on to learning different types of programming. He ran a sneaker business that used bots and scripts to snap up limited pairs then flip them... He went to soccer practice. He and his friends had started hanging out with girls on the weekend, driving down to the docks where you could see the glowing lights from the Tappan Zee Bridge.
Until Terpin figured out it was Pinsky who'd robbed him: Pinsky and his legal team preempted his arrest by contacting the U.S. attorney directly and offering his cooperation. In February 2020, he voluntarily returned every last thing he says he got from the Terpin heist: 562 bitcoins, the Patek watch, and the cash he'd stored in the safe under his bed.... When I ask if he has also worked with the FBI to help bring down other hackers, he blinks quickly and then changes the subject.
Pinsky has not been criminally charged — partly because he was a minor, but also because of his cooperation with law enforcement. But filing a civil suit, Terpin wants to be compensated with triple the amount stolen, arguing that the teenager who robbed him was running an organized crime racket and that he should be heavily punished to set an example.

Rolling Stone's article raisees the question: what should happen next?

An anonymous reader quotes a report from Ars Technica: Arizona passed a law making it harder to record police by limiting how close bystanders can be while recording specified law enforcement activity. [...] The new Arizona law requires any bystanders recording police activity in the state to stand at a minimum of 8 feet away from the action. If bystanders move closer after police have warned them to back off, they risk being charged with a misdemeanor and incurring fines of up to $500, jail time of up to 30 days, or probation of up to a year. Sponsored by Republican state representative John Kavanagh, the law known as H.B. 2319 makes it illegal to record police at close range. In a USA Today op-ed, Kavanagh said it is important to leave this buffer for police to protect law enforcement from being assaulted by unruly bystanders. He said "there's no reason" to come closer and predicted tragic outcomes for those who do, saying, "Such an approach is unreasonable, unnecessary, and unsafe, and should be made illegal."

This week, Kavanagh has succeeded in making close-range recording illegal in Arizona, with only a few exceptions. Perhaps most critically, the person involved in the police activity -- someone being questioned, arrested, or handled by police -- can record, as long as it doesn't interfere with police actions. The same exception extends to anyone recording while in a vehicle involved in a police stop. Additionally, anyone recording activity from an enclosed structure on private property still has a right to record police within 8 feet -- unless law enforcement "determines that the person is interfering" or "it is not safe" for them to be in the area. That caveat potentially gives police a lot of discretion over who can record and when.

Kavanagh said he decided to push for this change in Arizona law after some Tucson officers complained that bystanders sometimes stood a foot or two behind them while recording arrests. The state representative also told USA Today that his decision to set the minimum distance at 8 feet "is based upon 8 feet being established by the US Supreme Court as being a reasonable distance as they applied it to people entering and leaving abortion clinics when faced with protesters." Responding to critics who think citizens should be able to get closer to law enforcement activity, Kavanagh said, "The argument that filming from 8 feet away does not allow for a proper view of the scene is ridiculous." He cited impactful police brutality recordings that were recorded from further distances, including Rodney King (100 feet) and Freddie Gray ("clearly 8 to 10 feet away"). In 2017, a federal appeals court ruled that the First Amendment protects individuals' right to film police officers performing their official duties.

The ACLU says this law is a "chilling" use of the "public's most effective tool against police wrongdoing in violation of our First Amendment rights." ACLU staff attorney K.M. Bell added: "By limiting our ability to record police interactions, this law will undoubtedly make it even more difficult to hold police officers accountable for misconduct."

A Miami-based CEO has been arrested for allegedly importing $1 billion worth of counterfeit Cisco equipment from China and then selling it on Amazon and eBay. From a report: The Justice Department announced today that it had indicted 38-year-old Onur "Ron" Aksoy for selling the counterfeit Cisco gear via numerous online storefronts. Allegedly, Aksoy imported tens of thousands of fraudulent Cisco devices from China and Hong Kong. He then created at least 19 companies in New Jersey and Florida, dubbed the "Pro Network," to help him resell the hardware as genuine through the e-commerce sites.

"The operation allegedly generated over $100 million in revenue, and Aksoy received millions of dollars for his personal gain," the Justice Department said. The Cisco equipment Aksoy allegedly sold was usually older, lower-end models that were previously bought or discarded. Counterfeiters in China then modified the equipment, making the devices appear as if they were newer or more expensive Cisco product models. "As alleged, the Chinese counterfeiters often added pirated Cisco software and unauthorized, low-quality, or unreliable components -- including components to circumvent technological measures added by Cisco to the software to check for software license compliance and to authenticate the hardware," the Justice Department said. In addition, the counterfeit products were packaged with authentic-looking labels, boxes, and documentation.

Sunny Balwani, the former president and chief operating officer of bankrupt blood-testing company Theranos, on Thursday was found guilty of 12 counts of conspiracy and fraud against certain investors and patients. Axios reports: It's a similar verdict to one handed down in January to Theranos founder and ex-CEO Elizabeth Holmes, who once dated Balwani. Balwani isn't a household name like Holmes, but he was instrumental in building a billion-dollar house of cards that duped both investors and patients. Balwani's attorneys tried to pin the blame for Theranos' failures on Holmes, much as her attorneys had tried to blame Balwani.

As we wrote when the trial began: Holmes tried to thread an incredibly narrow rhetorical needle, denying the existence of fraud while also redirecting blame. Balwani seems to be attempting something similar; claiming he was a savvy executive with lots of past success, but also a naif who was bamboozled by Holmes. But prosecutors, who originally wanted to try the pair together, often used Balwani's own words against him. For example, they presented a text message from Balwani to Holmes that read: "I am responsible for everything at Theranos." One big difference between the trials, however, was that Balwani didn't testify in his own defense.

The U.K. government has tabled an amendment (PDF) to the Online Safety Bill that could put it on a collision course with end-to-end encryption. TechCrunch reports: It's proposing to give the incoming internet regulator, Ofcom, new powers to force messaging platforms and other types of online services to implement content-scanning technologies, even if their platform is strongly encrypted -- meaning the service/company itself does not hold keys to decrypt and access user-generated content in the clear. The home secretary, Priti Patel, said today that the governments wants the bill to have greater powers to tackle child sexual abuse.

"Child sexual abuse is a sickening crime. We must all work to ensure criminals are not allowed to run rampant online and technology companies must play their part and take responsibility for keeping our children safe," she said in a statement -- which also offers the (unsubstantiated) claim that: "Privacy and security are not mutually exclusive -- we need both, and we can have both and that is what this amendment delivers." The proposed amendment is also being targeted at terrorism content -- with the tabled clause referring to: "Notices to deal with terrorism content or CSEA [child sexual exploitation & abuse] content (or both)."

These notices would allow Ofcom to order a regulated service to use "accredited" technology to identify CSEA or terrorism content which is being publicly shared on their platform and "swiftly" remove it. But the proposed amendment goes further -- also allowing Ofcom to mandate that regulated services use accredited technical means to prevent users from encountering these types of (illegal) content -- whether it's being shared publicly or privately via the service, raising questions over what the power might mean for E2E encryption.

In a study conducted in Columbus, researchers found that neighborhoods with more dogs had lower rates of homicide, robbery and, to a lesser extent, aggravated assaults compared to areas with fewer dogs, at least when residents also had high levels of trust in each other. Phys.Org reports: The results suggest that people walking their dogs puts more "eyes on the street," which can discourage crime, said Nicolo Pinchak, lead author of the study and a doctoral student in sociology at The Ohio State University. "People walking their dogs are essentially patrolling their neighborhoods," Pinchak said. "They see when things are not right, and when there are suspect outsiders in the area. It can be a crime deterrent."

For the study, researchers looked at crime statistics from 2014 to 2016 for 595 census block groups -- the equivalent of neighborhoods -- in the Columbus area. They obtained survey data from a marketing firm that asked Columbus residents in 2013 if they had a dog in their household. Finally, they used data from the Adolescent Health and Development in Context study (which Browning runs) to measure trust in individual neighborhoods. As part of that study, residents were asked to rate how much they agreed that "people on the streets can be trusted" in their neighborhoods. Research has shown that trust among neighbors is an important part of deterring crime, because it suggests residents will help each other when facing a threat and have a sense of "collective efficacy" that they can have a positive impact on their area, Pinchak said.

Results of this study showed, as expected, that neighborhoods with high levels of trust had lower levels of homicide, robbery and aggravated assaults when compared to neighborhoods with low levels of trust. But among high-trust neighborhoods, those with high concentrations of dogs showed an additional drop in crime compared to those with low concentrations of dogs. Among the high-trust neighborhoods, neighborhoods high in dog concentration had about two-thirds the robbery rates of those low in dog concentration and about half the homicide rates, the study found. It really has to do with the dog walking, Pinchak said. [...] Results showed that the trust and dog-walking combination helped reduce street crimes: those crimes like homicides and robberies that tend to occur in public locations, including streets and sidewalks. The study found that more dogs in a neighborhood was also related to fewer property crimes, like burglaries, irrespective of how much residents trust each other, Pinchak said. [...] The protective effect of dogs and trust was found even when a wide range of other factors related to crime was taken into account, including the proportion of young males in the neighborhood, residential instability and socioeconomic status. The study was published in the journal Social Forces.

Royal Mail's stamps are finally entering the digital world, with printed codes that can be used to track letters or linked to videos. Collectors, traditionalists and royalists are not amused. From a report: In February, Royal Mail introduced a new design for its standard stamps, which have changed so little since the launch of the Penny Black in 1840 that they are officially known as "definitives." The new stamps -- "plum purple" for first class, "holly green" for second -- still feature the same regal profile introduced more than 50 years ago. But what is most bothering purists -- and leading Johnson to the brink of direct action -- is the addition next to the Queen of a digital barcode. The rectangular codes -- which look like QR codes but are apparently not QR codes, which are a particular, and trademarked, kind of code -- are designed to stop counterfeiting and to enable the tracking of all letters to improve efficiency. Correspondents will soon be able to share photo or video messages by linking digital content to their coded stamps. Recipients will view it via the Royal Mail app (currently the codes link to a short film featuring Shaun the Sheep and a plasticine postwoman).

[...] David Gold, the head of public affairs and policy at Royal Mail Group, knew the coded stamps would create a stir. "Collectors, traditionalists and royalists feel a sense of ownership over stamps," he says. It's why the new stamps, the designs for which had to be approved by Buckingham Palace, include a fake perforation as a kind of dignity screen between code and Queen (who is also, notably, facing the other way). Gold says the codes mean Royal Mail can track all letters, allowing it to better monitor, predict and respond to regional changes in demand, for example. He is also confident the unique codes will stop the fraudulent washing of postmark ink and resale of used stamps -- a crime that he claims costs Royal Mail "tens of millions" of pounds a year.

The former top corporate lawyer at Apple pleaded guilty to insider trading charges, for what prosecutors called a five-year scheme to trade ahead of the iPhone maker's quarterly earnings announcements. Gene Levoff, 48, of San Carlos, California, pleaded guilty to six securities fraud charges at a hearing before U.S. District Judge William Martini in Newark, New Jersey. From a report: Levoff allegedly exploited his roles as corporate secretary, head of corporate law and co-chair of a committee that reviewed drafts of Apple's results to generate $604,000 of illegal gains on more than $14 million of trades from 2011 to 2016. Prosecutors said Levoff ignored the quarterly "blackout periods" that barred trading before Apple's results were released, as well as the company's broader insider trading policy -- which he was responsible for enforcing. "Gene Levoff betrayed the trust of one of the world's largest tech companies for his own financial gain," First Assistant U.S. Attorney Vikas Khanna in New Jersey said in a statement.

A hacker has claimed to have procured a trove of personal information from the Shanghai police on one billion Chinese citizens, which tech experts say, if true, would be one of the biggest data breaches in history. From a report: The anonymous internet user, identified as "ChinaDan," posted on hacker forum Breach Forums last week offering to sell the more than 23 terabytes (TB) of data for 10 bitcoin BTC=, equivalent to about $200,000. "In 2022, the Shanghai National Police (SHGA) database was leaked. This database contains many TB of data and information on Billions of Chinese citizen," the post said. "Databases contain information on 1 Billion Chinese national residents and several billion case records, including: name, address, birthplace, national ID number, mobile number, all crime/case details." Reuters was unable to verify the authenticity of the post. The Shanghai government and police department did not respond to requests for comment on Monday.

The British army is "investigating an apparent hack," reports Engadget, after its official Twitter and YouTube accounts were compromised Sunday: News of the breach was first reported by Web3 is Going Great . According to the blog, both accounts were simultaneously compromised to promote two different cryptocurrency scams.

Although it has since been scrubbed, the army's verified Twitter account was briefly changed to look like a page for The Possessed, a project involving a collection of 10,000 animated NFTs with a price floor of 0.58 Ethereum (approximately $1,063). During that time, the account tweeted out multiple links to a fake minting website....

Over on YouTube, the army's channel [had] been made to look like a page for Ark Invest...livestreaming videos that repurpose old footage of Elon Musk, Jack Dorsey and Ark CEO Katie Wood discussing cryptocurrency. The clips feature an overlay promoting "double your money" Bitcoin and Ethereum scams. According to Web3 is Going Great, a similar scheme netted scammers $1.3 million this past May. It's unclear who is behind the attacks.

Slashdot reader thegarbz writes: In 2019 Maastricht University in the Netherlands was hit with a ransomware attack which locked 25,000 staff and students out of their research data. The university agreed to pay a ransom of €200,000 to unlock the encrypted data, reports German broadcaster DW. It seems that a small part of the ransom has been recovered, but with a twist.

A university official said the money will go into "a fund to help financially strapped students."

Reuters shares the results of its investigation into what it calls "mercenary hackers": Reuters identified 35 legal cases since 2013 in which Indian hackers attempted to obtain documents from one side or another of a courtroom battle by sending them password-stealing emails. The messages were often camouflaged as innocuous communications from clients, colleagues, friends or family. They were aimed at giving the hackers access to targets' inboxes and, ultimately, private or attorney-client privileged information.

At least 75 U.S. and European companies, three dozen advocacy and media groups and numerous Western business executives were the subjects of these hacking attempts, Reuters found.

The Reuters report is based on interviews with victims, researchers, investigators, former U.S. government officials, lawyers and hackers, plus a review of court records from seven countries. It also draws on a unique database of more than 80,000 emails sent by Indian hackers to 13,000 targets over a seven-year period. The database is effectively the hackers' hit list, and it reveals a down-to-the-second look at who the cyber mercenaries sent phishing emails to between 2013 and 2020.... The targets' lawyers were often hit, too. The Indian hackers tried to break into the inboxes of some 1,000 attorneys at 108 different law firms, Reuters found....

"It is an open secret that there are some private investigators who use Indian hacker groups to target opposition in litigation battles," said Anthony Upward, managing director of Cognition Intelligence, a UK-based countersurveillance firm.

The legal cases identified by Reuters varied in profile and importance. Some involved obscure personal disputes. Others featured multinational companies with fortunes at stake. From London to Lagos, at least 11 separate groups of victims had their emails leaked publicly or suddenly entered into evidence in the middle of their trials. In several cases, stolen documents shaped the verdict, court records show.
Reuters spoke to email experts including Linkedin, Microsoft and Google to help confirm the authenticity of the data they'd received, and reports that one high-profile victim was WeWork co-founder Adam Neumann. (After Reuters told him he'd been targetted starting in 2017, Neumann hired a law firm.) "Reuters reached out to every person in the database — sending requests for comment to each email address — and spoke to more than 250 individuals. Most of the respondents said the attempted hacks revealed in the email database occurred either ahead of anticipated lawsuits or as litigation was under way."

America's FBI has been investigating the breachers since at least early 2018, Reuters reports, adding that pressure is now increasing on private eyes who acted as go-betweens for interested clients.

Meanwhile, Reuters found former employees of the mercenary firms, who told them that the firms employed dozens of workers — though "a month's salary could be as low as 25,000 rupees (then worth about $370), according to two former workers and company salary records...

"Asked about the hacker-for-hire industry, an official with India's Ministry of Justice referred Reuters to a cybercrime hotline, which did not respond to a request for comment."

An anonymous reader quotes a report from NBC News: A teen charged with setting a fire that killed five members of a Senegalese immigrant family in Denver, Colorado, has become the first person to challenge police use of Google search histories to find someone who might have committed a crime, according to his lawyers. In documents filed Thursday in Denver District Court, lawyers for the 17-year-old argue that the police violated the Constitution when they got a judge to order Google to check its vast database of internet searches for users who typed in the address of a home before it was set ablaze on Aug. 5, 2020. Three adults and two children died in the fire.

That search of Google's records helped point investigators to the teen and two friends, who were eventually charged in the deadly fire, according to police records. All were juveniles at the time of their arrests. Two of them, including the 17-year-old, are being tried as adults; they both pleaded not guilty. The defendant in juvenile court has not yet entered a plea. The 17-year-old's lawyers say the search, and all evidence that came from it, should be thrown out because it amounted to a blind expedition through billions of Google users' queries based on a hunch that the killer typed the address into a search bar. That, the lawyers argued, violated the Fourth Amendment, which protects against unreasonable searches. "People have a privacy interest in their internet search history, which is really an archive of your personal expression," said Michael Price, who is lead litigator of the National Association of Criminal Defense Lawyers' Fourth Amendment Center and one of the 17-year-old's attorneys. "Search engines like Google are a gateway to a vast trove of information online and the way most people find what they're looking for. Every one of those queries reveals something deeply private about a person, things they might not share with friends, family or clergy."

Price said that allowing the government to sift through Google's vast trove of searches is akin to allowing the government access to users' "thoughts, concerns, questions, fears." He added: "Every one of those queries reveals something deeply private about a person, things they might not share with friends, family or clergy," Price said. "'Psychiatrists in Denver.' 'Abortion providers near me.' 'Does God exist.' Every day, people pose those questions to Google seeking information."

An anonymous reader quotes a report from PsychNewsDaily: Scientists from the University of Chicago have developed a new algorithm that can predict future crime a week in advance with about 90% accuracy, and within a range of about 1000 feet. It does so by learning patterns from public data on violent and property crimes. The tool was tested and validated using historical data from the City of Chicago around two broad categories of reported events: violent crimes (homicides, assaults, and batteries) and property crimes (burglaries, thefts, and motor vehicle thefts). These data were used because they were most likely to be reported to police in urban areas where there is historical distrust and lack of cooperation with law enforcement. Such crimes are also less prone to enforcement bias, unlike drug crimes, traffic stops, and other misdemeanor infractions.

The new model isolates crime by looking at the time and spatial coordinates of discrete events, and detecting patterns to predict future events. It divides the city into "spatial tiles" roughly 1,000 feet across, and predicts crime within these areas. Previous models relied more on traditional neighborhood or political boundaries, which are subject to bias. The model performed just as well with data from seven other U.S. cities: Atlanta, Austin, Detroit, Los Angeles, Philadelphia, Portland, and San Francisco.

Lead author Ishanu Chattopadhyay is careful to note that the tool's accuracy does not mean it should be used to direct law enforcement policy; police departments, for example, should not use it to swarm neighborhoods proactively to prevent crime, Chattopadhyay said. Instead, it should be added to a toolbox of urban policies and policing strategies to address crime. "We created a digital twin of urban environments. If you feed it data from what happened in the past, it will tell you what's going to happen in the future," he said. "It's not magical; there are limitations, but we validated it and it works really well," Chattopadhyay added. "Now you can use this as a simulation tool to see what happens if crime goes up in one area of the city, or there is increased enforcement in another area. If you apply all these different variables, you can see how the systems evolve in response." The findings have been published in the journal Nature Human Behavior.

An anonymous reader quotes a report from TorrentFreak: Megaupload founder Kim Dotcom does not seem like a happy man right now. After accusing two of his former colleagues [Mathias Ortmann and Bram van der Kolk] of facilitating Chinese spying, Dotcom says that a report is being produced to show that mass infringement is taking place on Mega, a company he co-founded. Surprisingly, he says it will include live pirate links to content posted by Mega users. [...] Turning his attention to former colleagues Ortmann and van der Kolk, last week Dotcom publicly blamed them for his exit from Mega, claiming they had "stolen" the company from him. How this dovetails with previous allegations related to his major falling out with former Mega CEO Tony Lentino, who also founded domain name registrar Instra, is unknown.

Local media reports suggest that Dotcom hasn't spoken to former friends Ortmann and van der Kolk for years but their recent deal to avoid extradition in the Megaupload case by pleading guilty to organized crime charges puts Dotcom in a tough spot. "My co-defendants who claimed to be innocent for 10+ years were offered a sweet exit deal for a false confession," he said last week. And he wasn't finished there. After a research team found that Mega was vulnerable to attacks that allow for a "full compromise of the confidentiality of user files", Ortmann himself responded via a security notification stating that the issues had been fixed. In response, Dotcom accused Ortmann and van der Kolk of creating "backdoors" in Mega so that the Chinese government could decrypt users' files. "Same shady guys who just made a deal with the US and NZ Govt to get out of the US extradition case by falsely accusing me," he added.

Whether this reference to the no-extradition-deal betrayed what was really on Dotcom's mind is up for debate but whatever the motivation, he's not letting it go. In a tweet posted yesterday, he again informed his 850K+ followers that the company he founded "is not safe" and people who think that their files are unreadable by Mega are wrong. Shortly after, Dotcom delivered another message, one even darker in tone. It targeted Mega, the company he co-founded and where his colleagues still work. It's possible to interpret the tweet in several ways but none seem beneficial to his former colleagues, Mega, or its users. "In addition to security vulnerabilities a comprehensive report about mass copyright infringement on Mega with millions of active links and channels is in the works," he said. "[P]erhaps the most worrying thing about this new complication in an escalating dispute is its potential to affect the minority of users that actually store infringing files on Mega," adds TorrentFreak. "Any detailed report of 'mass copyright infringement' will draw negative attention directly to them, especially if the report includes active hyperlinks as Dotcom suggests."

"Couple that with Dotcom's allegations that the content of user files can be read, any conclusion that this upcoming infringement report hasn't been thought through from a user perspective can be easily forgiven..."