Ukrainian police have reportedly arrested two members of a ransomware gang -- and while some have fingered REvil, no firm details have been published by cops from multiple countries. The Register reports: A round of speculation was triggered when inter-EU law enforcement body Europol declared this morning that Ukrainian fuzz had arrested "two prolific ransomware operators known for their extortionate demands," claimed to be up to [$81.3 million]. One of the two suspects arrested on September 28, according to the National Police of Ukraine, was a "hacker." The other allegedly "helped to withdraw money obtained by criminal means." $1.3m in cryptocurrency was said to have been frozen. A multinational police operation with input from France's National Gendarmerie and the US Federal Bureau of Investigation helped lead the Ukraine cops to their targets, with support from Europol and Interpol.

The 25-year-old suspect allegedly deployed "virus software," compromising remote-working software, with one attack vector being "through spam-mailings on corporate e-mail boxes of malicious content." "In total, the hacker attacked more than 100 foreign companies in North America and Europe," said the Ukrainian police, adding that they blamed the 25-year-old arrestee for causing $150m of damage to Western organizations. [...] Numerous people speculated on Twitter that the latest Ukrainian arrests were members of the REvil ransomware gang. This was based solely on Europol's claim that the two main accused had once issued an "extortionate" [$81.3 million] ransom demand, which has not been repeated by cops in Ukraine. REvil once issued a ransom demand for $70 millionagainst managed service provider Kaseya) but that is not the same sum...

The Guardian reports on "a new breed of scambaiters...taking over TikTok and YouTube."

And one of them has more than 1.5 million followers across both video platforms. "Three to four days a week, for one or two hours at a time, Rosie Okumura, 35, telephones thieves and messes with their minds," reports the Guardian: For the past two years, the LA-based voice actor has run a sort of reverse call centre, deliberately ringing the people most of us hang up on — scammers who pose as tax agencies or tech-support companies or inform you that you've recently been in a car accident you somehow don't recall. When Okumura gets a scammer on the line, she will pretend to be an old lady, or a six-year-old girl, or do an uncanny impression of Apple's virtual assistant Siri. Once, she successfully fooled a fake customer service representative into believing that she was Britney Spears. "I waste their time," she explains, "and now they're not stealing from someone's grandma...."

Batman became Batman to avenge the death of his parents; Okumura became a scambaiter after her mum was scammed out of $500... Thankfully, the bank was able to stop the money leaving her mother's account, but Okumura wanted more than just a refund. She asked her mum to give her the number she'd called and called it herself, spending an hour and 45 minutes wasting the scammer's time. "My computer's giving me the worst vibes," she began in Kim Kardashian's voice. "Are you in front of your computer right now?" asked the scammer. "Yeah, well it's in front of me, is that... that's like the same thing?" Okumura put the video on YouTube and since then has made over 200 more videos, through which she earns regular advertising revenue (she also takes sponsorships directly from companies).

"A lot of it is entertainment — it's funny, it's fun to do, it makes people happy," she says when asked why she scambaits. "But I also get a few emails a day saying, 'Oh, thank you so much, if it weren't for that video, I would've lost $1,500.'" Okumura isn't naive — she knows she can't stop people scamming, but she hopes to stop people falling for scams. "I think just educating people and preventing it from happening in the first place is easier than trying to get all the scammers put in jail...."
The Guardian also describes Jim Browning, a Northern Irish YouTuber with nearly 3.5 million subscribers who's been posting scambaiting videos for seven years. "Browning regularly gets access to scammers' computers and has even managed to hack into the closed-circuit TV footage of call centres in order to identify individuals. He then passes this information to the 'relevant authorities' including the police, money-processing firms and internet service providers...."

And they also tell the story of an American software engineer who joined with friends to convince a scammer he'd been offered a high-paying job — only to end up stranded in Laos after paying for a 600-miles flight.

"He was crying... that was the one where I was like, 'Ah, maybe I'm taking things a little too far.'"

"Cyber criminals using a ransomware-as-a-service scheme have been spotted complaining that the group they rent the malware from could be using a hidden backdoor to grab ransom payments for themselves," reports ZDNet: REvil is one of the most notorious and most common forms of ransomware around and has been responsible for several major incidents. The group behind REvil lease their ransomware out to other crooks in exchange for a cut of the profits these affiliates make by extorting Bitcoin payments in exchange for the ransomware decryption keys that the victims need. But it seems that cut isn't enough for those behind REvil: it was recently disclosed that there's a secret backdoor coded into their product, which allows REvil to restore the encrypted files without the involvement of the affiliate. This could allow REvil to takeover negotiations with victims, hijack the so-called "customer support" chats — and steal the ransom payments for themselves.

Analysis of underground forums by cybersecurity researchers at Flashpoint suggests that the disclosure of the REvil backdoor hasn't gone down well with affiliates. One forum user claimed to have had suspicions of REvil's tactics, and said their own plans to extort $7 million from a victim was abruptly ended. They believe that one of the REvil authors took over the negotiations using the backdoor and made off with the money.

Mexico's scientific community has reacted with outrage after the country's chief prosecutor requested arrest warrants for 31 scientists, researchers and academics on accusations of organised crime, money laundering and embezzlement -- charges that could land them alongside drug cartel kingpins in one of the country's most notorious lockups. From a report: A judge at the maximum security Altiplano prison -- from which Joaquin "El Chapo" Guzman escaped in 2015 -- denied granting the arrest warrants on Wednesday. But the federal prosecutor immediately announced plans to pursue arrest warrants for the third time. The university professors have been accused of violating a law that prevents members of an advisory board from receiving money from a government science fund. But that law was passed in 2019, and the scientists got the $2.5m years earlier when it was apparently legal. Those involved have denied the funds were illegal or misused. The National Council on Science and Technology (Conacyt) has described the reaction to the arrest warrant applications as "a concerted wave of disinformation," which was spreading "terror" in the scientific community.

Federal prosecutors allege that Elizabeth Holmes and the No. 2 at Theranos, Ramesh "Sunny" Balwani, "broke the law by deceiving investors about how well the business was doing and the capabilities of its testing machines, in addition to allegedly providing false or flawed test results to patients," reports NPR.

But they add that in Silicon Valley, the trial has launched this debate. "Since Holmes was following a playbook used by dozens of tech CEOs, why is she the only one to face prosecution when a company becomes engulfed in a scandal?" To Ellen Pao, the former CEO of Reddit, who is a vocal critic of gender discrimination in tech, sexism is partially to blame. "When you see which CEOs get to continue to wreak havoc on consumers and the market, it's people who look like the venture capitalists, who are mostly white men," Pao said. She points to Adam Neumann, who drove WeWork into the ground; former Uber CEO Travis Kalanick, who resigned after a sexual harassment scandal; and Juul's Kevin Burns, who stepped down amid questions over the company's role in stoking the youth vaping epidemic. There were lawsuits, settlements and more fallout — but notably, Pao points out, no criminal prosecutions.

"That all these people continue to lead their lives and not be held accountable for all the harm that they've caused, it does send a message," she said.

Former prosecutors who have tried white-collar crime say there are several reasons why Holmes stands out among disgraced tech CEOs. First, the allegedly fraudulent behavior was egregious: Holmes told the world she had a miracle machine that would upend laboratory science. Prosecutors say, compared with her claims, the technology barely did anything at all. Mark MacDougall, a former federal prosecutor who focused on fraud cases in the U.S. Justice Department, said Theranos' being a biotech company raised the stakes. "It allows the government to contend, with some evidence, that the health of private citizens, the health of innocent people, was put at risk," MacDougall said. Another reason Holmes was charged, according to former prosecutors, was that the government says it obtained evidence that she acted intentionally, which can be difficult to establish in fraud cases.
Prosecutors now plan to show Holmes "knowingly and intentionally" defrauded investors and patients, "something her defense team says is false," the article points out. "Proving that Holmes is guilty will turn on demonstrating her intent, since exaggerating a product's potential, missing financial forecasts and running a secretive company do not constitute federal crimes."

Pao's argument is that Holmes "was encouraged by the high-risk, high-reward culture of venture capital. That said, Pao said she is not defending Holmes, saying her behavior warranted prosecution."

"At the same time, Pao wants a broader discussion in Silicon Valley about why other CEOs accused of wrongdoing have not faced criminal consequences."

"Federal prosecutors plan to criminally charge a former Boeing Co. pilot they suspect of misleading aviation regulators about safety issues blamed for two fatal crashes of the 737 Max," reports the Wall Street Journal, citing "people familiar with the matter."

Mark Forkner, who was Boeing's 737 Max chief technical pilot during the aircraft's development, is likely to face prosecution in the coming weeks, these people said... Boeing BA, admitted in a criminal settlement reached with prosecutors earlier this year that two of its employees — unnamed in that agreement — conspired to defraud the FAA about 737 Max training issues in order to benefit themselves and the company.
CBS News offers more details: It would, says the Journal, "be the first attempt to hold a Boeing employee accountable" for conduct before the two crashes. [Forkner] was the lead contact between the aviation giant and the Federal Aviation Administration over how pilots should be trained to fly the planes, the Journal said. According to documents published in early 2020, Forkner withheld details about the planes' faulty flight handling system known as the Maneuvering Characteristics Augmentation System, or MCAS — later blamed for both crashes — from regulators.

The Journal said it wasn't clear what charges Forkner would face... A lawyer for Forkner, David Gerger, didn't respond to requests for comment Thursday from the Journal. Gerger has said in the past that Forkner, a pilot and Air Force veteran, wouldn't put pilots or passengers in danger.

The Guardian tells the story of "a viral sensation in the global underworld," the high-security An0m phones, which launched with "a grassroots marketing campaign, identifying so-called influencers — 'well-known crime figures who wield significant power and influence over other criminal associates', according to a US indictment — within criminal subcultures." An0m could not be bought in a shop or on a website. You had to first know a guy. Then you had to be prepared to pay the astronomical cost: $1,700 for the handset, with a $1,250 annual subscription, an astonishing price for a phone that was unable to make phone calls or browse the internet.

Almost 10,000 users around the world had agreed to pay, not for the phone so much as for a specific application installed on it. Opening the phone's calculator allowed users to enter a sum that functioned as a kind of numeric open sesame to launch a secret messaging application. The people selling the phone claimed that An0m was the most secure messaging service in the world. Not only was every message encrypted so that it could not be read by a digital eavesdropper, it could be received only by another An0m phone user, forming a closed loop system entirely separate from the information speedways along which most text messages travel. Moreover, An0m could not be downloaded from any of the usual app stores. The only way to access it was to buy a phone with the software preinstalled...

[U]sers could set an option to wipe the phone's data if the device went offline for a specified amount of time. Users could also set especially sensitive messages to self-erase after opening, and could record and send voice memos in which the phone would automatically disguise the speaker's voice. An0m was marketed and sold not so much to the security conscious as the security paranoid...

An0m was not, however, a secure phone app at all. Every single message sent on the app since its launch in 2018 — 19.37m of them — had been collected, and many of them read by the Australian federal police (AFP) who, together with the FBI, had conceived, built, marketed and sold the devices.

On 7 June 2021, more than 800 arrests were made around the world....
Law enforcement agencies ultimately saw An0m as a creative workaround for unbreakable encryption, according to the Guardian. "Why debate tech companies on privacy issues through costly legal battles if you can simply trick criminals into using your own monitored network?"

The Guradian's story was shared by jd (Slashdot user #1,658), who sees an ethical question. "As the article notes, what's to stop a tyrant doing the same against rivals or innocent protestors?"

Jay Leiderman, a California defense attorney known for his whistleblower advocacy and defense of political dissidents and hackers, was confirmed dead in Ventura County on Thursday. He was 50 years old. From a report: Dubbed the "Hacktivist's Advocate" by The Atlantic in 2012, Leiderman gained national attention for his pro-bono work for clients accused of crashing corporate and government websites, including members of the group Anonymous. They were rarely good cases.

Leiderman's hacking clients had a nagging habit of openly admitting to the things they were accused of doing. One spent a decade fleeing authorities in several countries, giving interviews, all the while on the lam. (The client was just captured in June.) Still, their causes struck a chord with the Queens-born attorney, who'd long held to a rebellious legal philosophy. After a city in California passed a law criminalizing homelessness, the same client knocked one of its websites offline for half an hour. Where the FBI saw a felony computer crime worth up to 15 years in prison, Leiderman saw a peaceful protest against an unjust law -- a protest, he noted, that caused no perceptible harm.

"Germany's Federal Criminal Police Office (BKA) purchased access to NSO Group's Pegasus spyware in 2019 after internal efforts to create similar iOS and Android surveillance tools failed," reports AppleInsider. The news comes less than a month after the Digital Agenda committee chairman of Germany's federal parliament, Manual Hoferlin, declared Apple to be on a "dangerous path" with plans to enact on-device child sexual assault material monitoring. He said the system undermines "secure and confidential communication" and represents the "biggest breach of the dam for the confidentiality of communication that we have seen since the invention of the Internet." From the report: The federal government revealed the agreement with NSO in a closed-door session with the German parliament's Interior Committee on Tuesday, reports Die Zeit. When the BKA began to use Pegasus is unclear. While Die Zeit says the tool was purchased in 2019 and is currently used in concert with a less effective state-developed Trojan, a separate report from Suddeutsche Zeitung, via DW.com, cites BKA Vice President Martina Link as confirming an acquisition in late 2020 followed by deployment against terrorism and organized crime suspects in March.

Officials made the decision to adopt Pegasus in spite of concerns regarding the legality of deploying software that can grant near-unfettered access to iPhone and Android handsets. As noted in the report, NSO's spyware exploits zero-day vulnerabilities to gain access to smartphones, including the latest iPhones, to record conversations, gather location data, access chat transcripts and more. Germany's laws state that authorities can only infiltrate suspects' cellphone and computers under special circumstances, while surveillance operations are governed by similarly strict rules.

BKA officials stipulated that only certain functions of Pegasus be activated in an attempt to bring the powerful tool in line with the country's privacy laws, sources told Die Zeit. It is unclear how the restrictions are implemented and whether they have been effective. Also unknown is how often and against whom Pegasus was deployed. According to Die Zeit, Germany first approached NSO about a potential licensing arrangement in 2017, but the plan was nixed due to concerns about the software's capabilities. Talks were renewed after the BKA's attempts to create its own spyware fell short.

The Los Angeles police department (LAPD) has directed its officers to collect the social media information of every civilian they interview, including individuals who are not arrested or accused of a crime, according to records shared with the Guardian. From a report: Copies of the "field interview cards" that police complete when they question civilians reveal that LAPD officers are instructed to record a civilian's Facebook, Instagram, Twitter and other social media accounts, alongside basic biographical information. An internal memo further shows that the police chief, Michel Moore, told employees that it was critical to collect the data for use in "investigations, arrests, and prosecutions," and warned that supervisors would review cards to ensure they were complete.

The documents, which were obtained by the not-for-profit organization the Brennan Center for Justice, have raised concerns about civil liberties and the potential for mass surveillance of civilians without justification. "There are real dangers about police having all of this social media identifying information at their fingertips," said Rachel Levinson-Waldman, a deputy director at the Brennan Center, noting that the information was probably stored in a database that could be used for a wide range of purposes. The Brennan Center conducted a review of 40 other police agencies in the US and was unable to find another department that required social media collection on interview cards (though many have not publicly disclosed copies of the cards). The organization also obtained records about the LAPD's social media surveillance technologies, which have raised questions about the monitoring of activist groups including Black Lives Matter.

Cybercrime and computer security reporter Brian Krebs tells the story of a cybercrime group that compromises up to 100,000 email inboxes per day, and apparently does little else with this access except siphon gift card and customer loyalty program data that can be resold online. From the report: The data in this story come from a trusted source in the security industry who has visibility into a network of hacked machines that fraudsters in just about every corner of the Internet are using to anonymize their malicious Web traffic. For the past three years, the source -- we'll call him "Bill" to preserve his requested anonymity -- has been watching one group of threat actors that is mass-testing millions of usernames and passwords against the world's major email providers each day. Bill said he's not sure where the passwords are coming from, but he assumes they are tied to various databases for compromised websites that get posted to password cracking and hacking forums on a regular basis. Bill said this criminal group averages between five and ten million email authentication attempts daily, and comes away with anywhere from 50,000 to 100,000 of working inbox credentials.

In about half the cases the credentials are being checked via "IMAP," which is an email standard used by email software clients like Mozilla's Thunderbird and Microsoft Outlook. With his visibility into the proxy network, Bill can see whether or not an authentication attempt succeeds based on the network response from the email provider (e.g. mail server responds "OK" = successful access). You might think that whoever is behind such a sprawling crime machine would use their access to blast out spam, or conduct targeted phishing attacks against each victim's contacts. But based on interactions that Bill has had with several large email providers so far, this crime gang merely uses custom, automated scripts that periodically log in and search each inbox for digital items of value that can easily be resold. And they seem particularly focused on stealing gift card data.

"Sometimes they'll log in as much as two to three times a week for months at a time," Bill said. "These guys are looking for low-hanging fruit -- basically cash in your inbox. Whether it's related to hotel or airline rewards or just Amazon gift cards, after they successfully log in to the account their scripts start pilfering inboxes looking for things that could be of value." According to Bill, the fraudsters aren't downloading all of their victims' emails: That would quickly add up to a monstrous amount of data. Rather, they're using automated systems to log in to each inbox and search for a variety of domains and other terms related to companies that maintain loyalty and points programs, and/or issue gift cards and handle their fulfillment. Why go after hotel or airline rewards? Because these accounts can all be cleaned out and deposited onto a gift card number that can be resold quickly online for 80 percent of its value.

The Washington Post reports that the U.S. government "plans to expand its use of facial recognition to pursue criminals and scan for threats, an internal survey has found, even as concerns grow about the technology's potential for contributing to improper surveillance and false arrests." Ten federal agencies — the departments of Agriculture, Commerce, Defense, Homeland Security, Health and Human Services, Interior, Justice, State, Treasury and Veterans Affairs — told the Government Accountability Office they intend to grow their facial recognition capabilities by 2023, the GAO said in a report posted to its website Tuesday. Most of the agencies use face-scanning technology so employees can unlock their phones and laptops or access buildings, though a growing number said they are using the software to track people and investigate crime. The Department of Agriculture, for instance, said it wants to use it to monitor live surveillance feeds at its facilities and send an alert if it spots any faces also found on a watch list...

The GAO said in June that 20 federal agencies have used either internally developed or privately run facial recognition software, even though 13 of those agencies said they did not "have awareness" of which private systems they used and had therefore "not fully assessed the potential risks ... to privacy and accuracy." In the current report, the GAO said several agencies, including the Justice Department, the Air Force and Immigration and Customs Enforcement, reported that they had used facial recognition software from Clearview AI, a firm that has faced lawsuits from privacy groups and legal demands from Google and Facebook after it copied billions of facial images from social media without their approval... Many federal agencies said they used the software by requesting that officials in state and local governments run searches on their own software and report the results. Many searches were routed through a nationwide network of "fusion centers," which local police and federal investigators use to share information on potential threats or terrorist attacks...

U.S. Customs and Border Protection officials, who have called the technology "the way of the future," said earlier this month that they had run facial recognition scans on more than 88 million travelers at airports, cruise ports and border crossings. The systems, the officials said, have detected 850 impostors since 2018 — or about 1 in every 103,000 faces scanned.

An anonymous reader writes: Software used by the Department of Homeland Security to scan the records of millions of immigrants can automatically flag naturalized Americans to potentially have their citizenship revoked based on secret criteria, according to documents reviewed by The Intercept. The software, known as ATLAS, takes information from immigrants' case files and runs it though various federal databases. ATLAS looks for indicators that someone is dangerous or dishonest and is ostensibly designed to detect fraud among people who come into contact with the U.S. immigration system. But advocates for immigrants believe that the real purpose of the computer program is to create a pretext to strip people of citizenship. Whatever the motivation, ATLAS's intended outcome is ultimately deportation, judging from the documents, which originate within DHS and were obtained by the Open Society Justice Initiative and Muslim Advocates through Freedom of Information Act lawsuits.

ATLAS helps DHS investigate immigrants' personal relationships and backgrounds, examining biometric information like fingerprints and, in certain circumstances, considering an immigrant's race, ethnicity, and national origin. It draws information from a variety of unknown sources, plus two that have been criticized as being poorly managed: the FBI's Terrorist Screening Database, also known as the terrorist watchlist, and the National Crime Information Center. Powered by servers at tech giant Amazon, the system in 2019 alone conducted 16.5 million screenings and flagged more than 120,000 cases of potential fraud or threats to national security and public safety. Ultimately, humans at DHS are involved in determining how to handle immigrants flagged by ATLAS. But the software threatens to amplify the harm caused by bureaucratic mistakes within the immigration system, mistakes that already drive many denaturalization and deportation cases. "ATLAS should be considered as suspect until it is shown not to generate unfair, arbitrary, and discriminatory results," said Laura Bingham, a lawyer with the Open Society Justice Initiative. "From what we are able to scrutinize in terms of the end results -- like the disparate impact of denaturalization based on national origin -- there is ample reason to consider ATLAS a threat to naturalized citizens."

In a 2015 video, PCMag's lead mobile analyst Sascha Segan showed off "One of the coolest phones at this year's CES."

He's now written an article titled "How I Got Suckered by an (Alleged) $10M Phone Scam. The biggest mobile-phone mystery of the 2010s is finally coming to an ignominious end, as yesterday the U.S. attorney for Utah charged Chad Sayers, founder of entirely notional mobile phone firm Saygus, with conducting a $10 million fraud scheme. Saygus "had" a series of "phones" from 2009-2016 that existed as prototypes that the company took on trade shows and to press tours. There was never any real evidence of production runs. The U.S. Attorney now claims Sayers and associated took $10 million in investor money and lived on it without ever really planning to release a product. (I learned this via David Ruddock....)

The phone kept just...not happening. Sayers' genius was that he produced just enough prototypes to show off and kept them in a constant state of pre-sale... "DEFENDANT failed to disclose that device certification with Verizon expired in 2013 and was never renewed," the Department of Justice notes. A new version of the phone then popped up again in 2015, this one supposedly covered in Kevlar with 320GB of storage. Sayers flogged that prototype until early 2016, at which point he said it was coming "next month."

The Department of Justice says: "Between April 7, 2015 and January 10, 2017, DEFENDANT made at least 26 public statements on Twitter that its phone would be shipping 'this month,' 'this week,' or was otherwise launching, when in fact, it has never launched...."

Sayers kept going on press tours and buying expensive trade-show booths with prototypes of phones that would never hit the market, drumming up enough gullible mainstream press coverage (myself included) to presumably attract a continual stream of investors with his claim of being the next big thing.

"ShotSpotter" is an AI-powered tool that claims it can detect the sound of gunshots. To install it can cost up to $95,000 per square mile — every year — reports the Associated Press.

There's just one problem. "The algorithm that analyzes sounds to distinguish gunshots from other noises has never been peer reviewed by outside academics or experts." "The concern about ShotSpotter being used as direct evidence is that there are simply no studies out there to establish the validity or the reliability of the technology. Nothing," said Tania Brief, a staff attorney at The Innocence Project, a nonprofit that seeks to reverse wrongful convictions.

A 2011 study commissioned by the company found that dumpsters, trucks, motorcycles, helicopters, fireworks, construction, trash pickup and church bells have all triggered false positive alerts, mistaking these sounds for gunshots. ShotSpotter CEO Ralph Clark said the company is constantly improving its audio classifications, but the system still logs a small percentage of false positives. In the past, these false alerts — and lack of alerts — have prompted cities from Charlotte, North Carolina, to San Antonio, Texas, to end their ShotSpotter contracts, the AP found.
And the potential for problems isn't just hypothetical. Just ask 65-year-old Michael Williams: Williams was jailed last August, accused of killing a young man from the neighborhood who asked him for a ride during a night of unrest over police brutality in May... "I kept trying to figure out, how can they get away with using the technology like that against me?" said Williams, speaking publicly for the first time about his ordeal. "That's not fair." Williams sat behind bars for nearly a year before a judge dismissed the case against him last month at the request of prosecutors, who said they had insufficient evidence.

Williams' experience highlights the real-world impacts of society's growing reliance on algorithms to help make consequential decisions about many aspects of public life... ShotSpotter evidence has increasingly been admitted in court cases around the country, now totaling some 200. ShotSpotter's website says it's "a leader in precision policing technology solutions" that helps stop gun violence by using "sensors, algorithms and artificial intelligence" to classify 14 million sounds in its proprietary database as gunshots or something else. But an Associated Press investigation, based on a review of thousands of internal documents, emails, presentations and confidential contracts, along with interviews with dozens of public defenders in communities where ShotSpotter has been deployed, has identified a number of serious flaws in using ShotSpotter as evidentiary support for prosecutors. AP's investigation found the system can miss live gunfire right under its microphones, or misclassify the sounds of fireworks or cars backfiring as gunshots.

Forensic reports prepared by ShotSpotter's employees have been used in court to improperly claim that a defendant shot at police, or provide questionable counts of the number of shots allegedly fired by defendants. Judges in a number of cases have thrown out the evidence... The company's methods for identifying gunshots aren't always guided solely by the technology. ShotSpotter employees can, and often do, change the source of sounds picked up by its sensors after listening to audio recordings, introducing the possibility of human bias into the gunshot detection algorithm. Employees can and do modify the location or number of shots fired at the request of police, according to court records. And in the past, city dispatchers or police themselves could also make some of these changes.
Three more eye-popping details from the AP's 4,000-word exposé

• "One study published in April in the peer-reviewed Journal of Urban Health examined ShotSpotter in 68 large, metropolitan counties from 1999 to 2016, the largest review to date. It found that the technology didn't reduce gun violence or increase community safety..."

• "Forensic tools such as DNA and ballistics evidence used by prosecutors have had their methodologies examined in painstaking detail for decades, but ShotSpotter claims its software is proprietary, and won't release its algorithm..."

• "In 2018, it acquired a predictive policing company called HunchLab, which integrates its AI models with ShotSpotter's gunshot detection data to purportedly predict crime before it happens."

"Hackers have drained Japanese cryptocurrency exchange Liquid of $97 million worth of Ethereum and other digital coins," reports Forbes: The company, in a tweet posted late Thursday, announced the compromise and said it is moving assets that were not affected into more secure "cold wallet" storage. The company has also suspended deposits and withdrawals... Liquid did not put a dollar figure on the amount, but blockchain analytics company Elliptic said its analysis estimates the losses at about $97 million...

Of that, $45 million were in Ethereum tokens, which are being converted into Ether, preventing the hacker from having those assets frozen. Other cryptos taken in the heist include Bitcoin, XRP, and stablecoins.

For the first time, Google has published the number of geofence warrants it's historically received from U.S. authorities, providing a rare glimpse into how frequently these controversial warrants are issued. ZDNet's Zack Whittaker reports: The figures, published Thursday, reveal that Google has received thousands of geofence warrants each quarter since 2018, and at times accounted for about one-quarter of all U.S. warrants that Google receives. The data shows that the vast majority of geofence warrants are obtained by local and state authorities, with federal law enforcement accounting for just 4% of all geofence warrants served on the technology giant. According to the data, Google received 982 geofence warrants in 2018, 8,396 in 2019 and 11,554 in 2020. But the figures only provide a small glimpse into the volume of warrants received and did not break down how often it pushes back on overly broad requests.

Geofence warrants are also known as "reverse-location" warrants, since they seek to identify people of interest who were in the near vicinity at the time a crime was committed. Police do this by asking a court to order Google, which stores vast amounts of location data to drive its advertising business, to turn over details of who was in a geographic area, such as a radius of a few hundred feet at a certain point in time, to help identify potential suspects. Google has long shied away from providing these figures, in part because geofence warrants are largely thought to be unique to Google. Law enforcement has long known that Google stores vast troves of location data on its users in a database called Sensorvault, first revealed by The New York Times in 2019. Google spokesperson Alex Krasov said in a statement: "We vigorously protect the privacy of our users while supporting the important work of law enforcement. We developed a process specifically for these requests that is designed to honor our legal obligations while narrowing the scope of data disclosed."

A secret terrorist watchlist with 1.9 million records, including classified "no-fly" records was exposed on the internet. The list was left accessible on an Elasticsearch cluster that had no password on it. BleepingComputer reports: July this year, Security Discovery researcher Bob Diachenko came across a plethora of JSON records in an exposed Elasticsearch cluster that piqued his interest. The 1.9 million-strong recordset contained sensitive information on people, including their names, country citizenship, gender, date of birth, passport details, and no-fly status. The exposed server was indexed by search engines Censys and ZoomEye, indicating Diachenko may not have been the only person to come across the list.

The researcher discovered the exposed database on July 19th, interestingly, on a server with a Bahrain IP address, not a US one. However, the same day, he rushed to report the data leak to the U.S. Department of Homeland Security (DHS). "I discovered the exposed data on the same day and reported it to the DHS." "The exposed server was taken down about three weeks later, on August 9, 2021." "It's not clear why it took so long, and I don't know for sure whether any unauthorized parties accessed it," writes Diachenko in his report. The researcher considers this data leak to be serious, considering watchlists can list people who are suspected of an illicit activity but not necessarily charged with any crime. "In the wrong hands, this list could be used to oppress, harass, or persecute people on the list and their families." "It could cause any number of personal and professional problems for innocent people whose names are included in the list," says the researcher.

Dan Guido's cybersecurity consulting firm Trail of Bits claims its clients range from Facebook to DARPA. CNET tells the story of what happened after someone stole Guido's electric scooter: The cybersecurity CEO, located in Brooklyn, New York, had hidden two Apple AirTags inside the black scooter, concealed with black duct tape. He set out the next day to locate the vehicle with help from the little Bluetooth trackers. Spoiler alert: He succeeded.

Guido works at the New York City-based Trail of Bits, a cybersecurity research and consulting firm that serves clients in the defense, tech, finance and blockchain industries. He chronicled his hunt for the scooter in a series of tweets Monday, sharing both the challenges and successes of his wild journey... After some convincing, two police officers eventually agreed to accompany him to the scooter's location. Then, they spotted something promising: an e-bike store.

After venturing inside, Guido received a ping, alerting him the elusive scooter was nearby...
Guido's tweets document the rest of the big confrontation. "As I further inspect the scooter, the cops start asking questions: Do you sell used e-bikes? Do you collect info from the seller? Do you ask they prove ownership? What is the contact info for the person who dropped this scooter off? No, No, No, and we don't know...

"An employee inside realizes we're investigating further. He immediately becomes agitated: I should be happy I got my scooter back and leave. It's my fault for getting it stolen. I'm screwing up his day. This isn't how we do things in Brooklyn. More joined in..."

Among Guido's final tweets of advice: "Limit your in-person interactions and always involve the police. Don't try to retrieve your stolen goods until you have backup."

Apple Insider adds that "This Apple Insider. "">isn't the first time that Apple's AirTags have been used to locate missing or stolen items. Back in July, a tech enthusiast said he used the tracking accessories to find his missing wallet hours after losing it on the New York City subway."

An anonymous reader quotes a report from Ars Technica: Samsung Group's leader, Jay Y. Lee, is out of jail on parole today. Lee was serving a 30-month sentence for his role in "Choi-gate," a major 2016 South Korean political scandal that brought down South Korean then-President Park Geun-hye. In 2017, Lee was originally sentenced to five years in jail after being found guilty of bribery, embezzlement, capital flight, and perjury. An appeal and retrial cut Lee's five-year prison sentence down to 30 months after suspending the charges for bribery and embezzlement. Lee served 18 months of that sentence, and now he's out on parole.

Upon his release, Lee told reporters, "I've caused much concern for the people. I deeply apologize. I am listening to the concerns, criticisms, worries, and high expectations for me. I will work hard." Lee's release from prison is controversial. The pro-business side of South Korean politics wants to see Lee back on the streets because Samsung is a massive part of South Korea's economy, and jailing the leader has delayed major strategic decisions at the company. Civic groups say South Korea's business elite get a different set of rules from everyone else and that Lee's parole is the latest sign of that reality.

Samsung makes up anywhere from 10-20 percent of South Korea's GDP, depending on how the latest quarter is going. As the top dog at Samsung, Lee has the final say on major investments and acquisitions, and one of the big decisions he needs to make is where to build a $17 billion chip factory in the US. The plant could be operational as soon as October 2022, and with the world currently in the middle of a global chip shortage, there's pressure to get everything started. US businesses have even been lobbying South Korea to pardon Lee in the hopes that the deal would go through. Lee reportedly left prison to head to Samsung headquarters, but he still has more legal issues to deal with. In October, he will face another trial relating to the Samsung C&T merger, this time for accounting fraud and stock price manipulation.