Joe Sullivan, Uber's former chief of security, faces criminal charges for his handling of a 2016 security breach. His trial this week has divided the security industry. From a report: Joe Sullivan was a rock star in the information security world. One of the first federal prosecutors to work on cybercrime cases in the late 1990s, he jumped into the corporate security world in 2002, eventually taking on high-profile roles as chief of security at Facebook and Uber. When the security community made its annual summer pilgrimage to Las Vegas for two conferences, Mr. Sullivan was an easily recognizable figure: tall with shaggy hair, wearing sneakers and a hoodie. "Everyone knew him; I was in awe, frankly," said Renee Guttmann, who was the chief information security officer for Coca-Cola and Campbell Soup. "He was an industry leader." So it came as a shock to many in the community when Mr. Sullivan was fired by Uber in 2017, accused of mishandling a security incident the year before. Despite the scandal, Mr. Sullivan got a new job as chief of security at Cloudflare, an internet infrastructure company.

But the investigation into the incident at Uber continued, and in 2020, the same prosecutor's office where Mr. Sullivan had worked decades earlier charged him with two felonies, in what is believed to be the first time a company executive has faced potential criminal liability for an alleged data breach. Mr. Sullivan has pleaded not guilty to the charges. Mr. Sullivan stepped down from his job at Cloudflare in July, in preparation for his trial, which begins this week in U.S. District Court in San Francisco. Other chief security officers are following the case closely, worried about what it means for them. [...] At the very least, security executives are worried about being on the hook for potential legal bills. Charles Blauner, a retired CISO and cybersecurity adviser, said security chiefs had taken a strong interest in directors and officers insurance, which covers the legal costs of executives who are sued as a result of their work with a company. "A lot of sitting chief information security officers are going to their bosses and asking if they have D.&O. insurance and, if not, can I have it?" Mr. Blauner said. "They are saying, 'If I'm going to be held liable for something our company does, I want legal coverage.'" After being charged, Mr. Sullivan sued Uber to force it to pay his legal fees in the criminal case, and they reached a private settlement.

An anonymous reader quotes a report from Bloomberg: A high-profile push by Congress to rein in the nation's biggest internet companies is at risk of failing with time running out to pass major legislation ahead of midterm elections. Alphabet's Google, Apple, Amazon.com and Meta and their trade groups have poured almost $95 million into lobbying since 2021 as they seek to derail the American Innovation and Choice Online Act, which has advanced further than any US legislative effort to address the market power of some of the world's richest companies. After a nearly two-year battle, the bill is now at a critical juncture as the Senate returns this week for a final stretch before the November midterms. Backers of the measure swear they have the necessary votes, yet it's unclear if they do, and the Senate will be busy with other must-pass spending legislation.

Although clipping the wings of tech giants through antitrust reform had support from both Republicans and Democrats during this Congress, a likely GOP majority in the House next year is expected to focus on allegations that internet platforms squelch conservative viewpoints. That's why tech lobbyists have been trying to run out the clock. Leading Republicans like California's Kevin McCarthy, who is on track to become Speaker under a GOP majority, have publicly opposed the antitrust push. The legislation's sponsors can see the window narrowing. Antitrust advocates were expecting a vote before Congress adjourned for four weeks in August. But Schumer told donors in July that it didn't have enough votes to pass.

The bill has 13 co-sponsors in the Senate, where it would need 60 votes to pass and be sent to the House. Supporters like Yelp's head of public policy Luther Lowe, a longtime Google critic, argue that enough undecided lawmakers would vote for the measure if it came to the floor. A Schumer spokesperson said he's working with the bill's sponsors to find the necessary votes and he still plans to bring it to the floor. The bill was approved by both the House and Senate Judiciary Committees on strong bipartisan votes. Several amendments have addressed concerns about privacy and security issues. What hasn't killed the bill "has made it stronger," said Yelp's Lowe. The measure seeks to restrict the companies from favoring their own products, so that competitors who depend on these platforms to reach consumers wouldn't be at a disadvantage. That could impact the design of Google Maps, the display of Apple Music on an iPhone or the prominence of Amazon Basics on the company's e-commerce site. "I don't see it going to the floor," said Michael Petricone, senior vice president of government affairs at the Consumer Technology Association, a trade group that counts Amazon, Google and Facebook among its members. "With an election coming up, I expect senators to come back and focus on issues that are popular with voters. Tech regulation is not one of those issues."

Apple plans to nearly double the workforce in its fast-growing digital advertising business less than 18 months after it introduced sweeping privacy changes that hobbled its bigger rivals in the lucrative industry. Financial Times: The iPhone maker has about 250 people on its ad platforms team, according to LinkedIn. According to Apple's careers website, it is looking to fill another 216 such roles, almost quadruple the 56 it was hiring in late 2020. Apple disputed the figures but declined to elaborate. The digital ads industry has been on edge about Apple's advertising ambitions since it launched privacy rules last year that disrupted the $400bn digital ads market, making it difficult to tailor ads to Apple's 1bn-plus iPhone users.

Since the policy was introduced, Facebook parent Meta, Snap and Twitter have lost billions of dollars in revenue -- and far more in market valuation, although there have been additional contributing factors. "It was really almost like a global panic," said Jade Arenstein, global service lead at Incubeta, a South Africa-based marketing performance company, of the impact of Apple's changes. Meanwhile, Apple's once-fledgling ads business is now "incredibly fast-growing," according to a job ad. The business has gone from just a few hundred million dollars of revenue in the late 2010s to about $5bn this year, according to research group Evercore ISI, which expects Apple to have a $30bn ads business within four years.

The Financial Times tells how the head of a Ukrainian cybersecurity company recruited dozens of "high-level Ukrainian hackers" and borrowed a Starlink internet satellite for "the large-scale infiltration of internet-connected security cameras to surveil Russian-occupied territory, and honey-trapping Russian soldiers into revealing their bases." [T]hey hacked thousands of security and traffic cameras in Belarus and parts of Ukraine that Russia had occupied. To filter the information, the team wrote machine-learning code that helped them separate military movements from ordinary traffic, and they funnelled the information to the military via a public portal.

In one example, described to the Financial Times with photographs and locations, they identified a remote Russian base near occupied Melitopol in southern Ukraine. Then, using fake profiles of attractive women on Facebook and Russian social media websites, they tricked soldiers into sending photos that they geolocated, and shared with the Ukrainian military....

A few days later, they watched on TV as the base was blown up by Ukrainian artillery.

The Seattle Times reports: Meta, Facebook's parent company, repeatedly and intentionally violated Washington campaign-ad transparency law and must pay penalties yet to be determined, a judge ruled Friday.

The court also denied Meta's attempt to invalidate Washington's decades-old transparency law, according to Attorney General Bob Ferguson, whose office has repeatedly sued Meta over its failure to abide by the law.... In a statement, Ferguson said his office defeated Facebook's "cynical attempt" to gut Washington's campaign-finance transparency law. "On behalf of the people of Washington, I challenge Facebook to accept this decision and do something very simple — follow the law," he said.

Meta did not immediately respond to a request for comment.

Washington's transparency law, originally passed by voters through an initiative in 1972, requires ad sellers such as Meta to disclose the names and addresses of political ad buyers, the targets of such ads and the total number of views of each ad.
Meta says that rather than comply with the law, Facebook has stopped serving campaign ads altogether in Washington, GeekWire reports, "after determining that the company wouldn't be able to reasonably comply with the law."

But "The current suit against Meta, filed in April 2020, asserts that the company continued to accept political ads in the state after promising to stop." The judge will now consider fines and a potential injunction against the social media giant, reported Eli Sanders, a Seattle journalist who covered the dispute for years for The Stranger newspaper and more recently in his Wild West newsletter....

In court filings, Meta called Washington state "an outlier," arguing that the disclosure law violates the First Amendment by unfairly targeting political speech, and imposing onerous timelines for disclosing what Meta considers unreasonable degrees of detail to people who request information about political ads.

Big U.S. tech companies have flocked to the World Artificial Intelligence Conference that opened Thursday in Shanghai, drawing a stark contrast with Washington's ongoing efforts to distance itself economically from China. From a report: The opening ceremony included a virtual address by Qualcomm CEO Cristiano Amon, who said the company will supply the most complete and comprehensive technology and solutions in China and the world. Apple, Advanced Micro Devices, Facebook parent Meta and GE HealthCare also have executives or booths at the event, according to Chinese media. Europe's semiconductor industry is represented as well, with executives from Netherlands-based NXP Semiconductors, a major supplier of automotive chips, and Germany's Infineon Technologies discussing development plans.

The strong American showing is good news for China, which needs advanced chip technology to power its AI development and is keen to win over companies that can provide it. The business opportunities afforded by the massive Chinese market remain essential to many American companies. China is a leading information technology production hub, as well as the world's top auto production center -- an increasingly important field for chipmakers as the number of semiconductors used in vehicles continues to rise. Qualcomm generated roughly two-thirds of its sales last year in China, a major production base for many of the smartphone manufacturers that are among its main customers. The country accounts for just under 30% of sales at AMD and Intel, 20% at Micron Technology and over 30% at NXP.

A jeweler. A plastic surgeon. An OnlyFans Model. They and others received a blue check in likely the biggest Instagram verification scheme revealed to date. After ProPublica started asking questions, Meta removed badges from over 300 accounts. From a report: To his more than 150,000 followers on Instagram, Dr. Martin Jugenburg is Real Dr. 6ix, a well-coiffed Toronto plastic surgeon posting images and video of his work sculpting the decolletage, tucking the tummies and lifting the faces of his primarily female clientele.

Jugenburg's physician-influencer tendencies led to a six-month suspension of his Ontario medical license in 2021 after he admitted to filming patient interactions and sharing images of procedures without consent. He apologized for the lapse and is currently facing a class-action lawsuit from female patients who say their privacy was violated. But on Spotify, Apple Music and Deezer, and in roughly a dozen sponsored posts scattered across the web, Jugenburg's career and controversial history was eclipsed by a new identity. On those platforms, he was DJ Dr. 6ix, a house music producer who's celebrated for his "inherent instinctual ability for music composition" and who "assures his followers that his music is absolutely unique." It's an unconvincing persona -- perhaps even less so once his "music" is played. But it was enough to secure what he wanted: a verification badge for his Instagram account.

The coveted blue tick can be difficult to obtain and is supposed to assure that anyone who bears one is who they claim to be. A ProPublica investigation determined that Jugenburg's dubious alter ego was created as part of what appears to be the largest Instagram account verification scheme ever uncovered. With a generous greasing of cash, the operation transformed hundreds of clients into musical artists in an attempt to trick Meta, the owner of Instagram and Facebook, into verifying their accounts and hopefully paving the way to lucrative endorsements and a coveted social status. Since at least 2021, at least hundreds of people -- including jewelers, crypto entrepreneurs, OnlyFans models and reality show TV stars -- were clients of a scheme to get improperly verified as musicians on Instagram, according to the investigation's findings and information from Meta.

An anonymous reader quotes a report from The Register: Google in November will prohibit Android VPN apps in its Play store from interfering with or blocking advertising, a change that may pose problems for some privacy applications. The updated Google Play policy, announced last month, will take effect on November 1. It states that only apps using the Android VPNService base class, and that function primarily as VPNs, can open a secure device-level tunnel to a remote service. Such VPNs, however, cannot "manipulate ads that can impact apps monetization."

The rules appear to be intended to deter data-grabbing VPN services, such as Facebook's discontinued Onavo, and to prevent ad fraud. The T&Cs spell out that developers must declare the use of VPNservice in their apps' Google Play listing, must encrypt data from the device to the VPN endpoint, and must comply with Developer Program Policies, particularly those related to ad fraud, permissions, and malware.

Blokada, a Sweden-based maker of an ad-blocking VPN app, worries this rule will hinder at least the previous iteration of its software, v5, and other privacy-oriented software. "Google claims to be cracking down on apps that are using the VPN service to track user data or rerouting user traffic to earn money through ads," Reda Labdaoui, marketing and sales manager at Blokada, wrote last week in a a forum post. "However, these policy changes also apply to apps that use the service to filter traffic locally on the device." Labdaoui suggests Blokada v6, which launched in June, should not be affected because it does filtering in the cloud without violating Google's device policies. But other apps may not be so fortunate.

Just over two years after its launch, Facebook is shutting down the Facebook Gaming app on October 28, 2022. Now, when you open the app, you'll see a banner stating that the app will no longer be available on iOS and Android after that date. The app also won't be available on the Google Play Store or the Apple App Store. From a report: "Despite this news, our mission to connect players, fans and creators with the games they love hasn't changed, and you'll still be able to find your games, streamers and groups when you visit Gaming in the Facebook app," the notice reads. "We want to extend our heartfelt thanks to all of you for everything that you've done to build a thriving community for gamers and fans since this app first launched."

If you've been using the app, you can download your search data before the app is discontinued. The app launched in April 2020 toward the start of the COVID-19 pandemic as a way for users to watch their favorite streamers, play instant games and take part in gaming groups. Facebook experienced some hurdles trying to launch the app, as Apple rejected the app numerous times, citing its rules that prohibit apps with the main purpose of distributing casual games. Apple's rules forced Facebook to remove actual gameplay functionality from the app.

The Rand Corporation is an American (nonprofit) think tank. And veliath (Slashdot reader #5,435) spotted their recent warning about "a plausible scenario that could soon take place in the metaverse." A political candidate is giving a speech to millions of people. While each viewer thinks they are seeing the same version of the candidate, in virtual reality they are actually each seeing a slightly different version. For each and every viewer, the candidate's face has been subtly modified to resemble the viewer.... The viewers are unaware of any manipulation of the image. Yet they are strongly influenced by it: Each member of the audience is more favorably disposed to the candidate than they would have been without any digital manipulation.

This is not speculation. It has long been known that mimicry can be exploited as a powerful tool for influence. A series of experiments by Stanford researchers has shown that slightly changing the features of an unfamiliar political figure to resemble each voter made people rate politicians more favorably. The experiments took pictures of study participants and real candidates in a mock-up of an election campaign. The pictures of each candidate were modified to resemble each participant. The studies found that even if 40 percent of the participant's features were blended into the candidate's face, the participants were entirely unaware the image had been manipulated.

In the metaverse, it's easy to imagine this type of mimicry at a massive scale.

At the heart of all deception is emotional manipulation. Virtual reality environments, such as Facebook's (now Meta's) metaverse, will enable psychological and emotional manipulation of its users at a level unimaginable in today's media.... We are not even close to being able to defend users against the threats posed by this coming new medium.... In VR, body language and nonverbal signals such as eye gaze, gestures, or facial expressions can be used to communicate intentions and emotions. Unlike verbal language, we often produce and perceive body language subconsciously....

We must not wait until these technologies are fully realized to consider appropriate guardrails for them. We can reap the benefits of the metaverse while minimizing its potential for great harm.
They recommend developing technology that detect the application of this kind of VR manipulation.

"Society did not start paying serious attention to classical social media — meaning Facebook, Twitter, and the like — until things got completely out of hand. Let us not make the same mistake as social media blossoms into the metaverse."

"Facebook's corporate parent has reached a tentative settlement in a lawsuit alleging the world's largest social network service allowed millions of its users' personal information to be fed to Cambridge Analytica," reports the Associated Press: Terms of the settlement reached by Meta Platforms, the holding company for Facebook and Instagram, weren't disclosed in court documents filed late Friday. The filing in San Francisco federal court requested a 60-day stay of the action while lawyers finalize the settlement. That timeline suggested further details could be disclosed by late October.

The accord was reached just a few weeks before a Sept. 20 deadline for Meta CEO Mark Zuckerberg and his long-time chief operating officer, Sheryl Sandberg, to submit to depositions during the final phases of pre-trial evidence gathering, according to court documents... The lawsuit, which had been seeking to be certified as a class action representing Facebook users, had asserted the privacy breach proved Facebook is a "data broker and surveillance firm," as well as a social network.
Some background from UPI: The Facebook users sued the platform in June 2018, accusing it of violating privacy rules when it shared personal data with Cambridge Analytica and other third parties.... In March 2018, whistleblower and Cambridge Analytica co-founder Christopher Wylie revealed the data mining company was holding onto Facebook user data without the users' consent even after Facebook told the company to delete it.
Reuters describes Cambridge Analytica as "the now-defunct British political consultancy."

Politico reports that now lawyers for both Facebook and the plaintiffs have "asked the judge to put the lawsuit on hold for 60 days to allow the parties to 'finalize a written settlement agreement' and present it for preliminary approval by the court."

Are there better ways to fight misinformation? "Researchers at Google, the University of Cambridge and the University of Bristol tested a different approach that tries to undermine misinformation before people see it," reports the New York Times. (Alternate URL here.)

Instead of using the term "debunking," they're calling it "pre-bunking...." The researchers found that psychologically "inoculating" internet users against lies and conspiracy theories — by pre-emptively showing them videos about the tactics behind misinformation — made people more skeptical of falsehoods afterward, according to an academic paper published in the journal Science Advances on Wednesday.... The users were taught about tactics such as scapegoating and deliberate incoherence, or the use of conflicting explanations to assert that something is true, so that they could spot lies. Researchers tested some participants within 24 hours of seeing a pre-bunk video and found a 5 percent increase in their ability to recognize misinformation techniques.

One video opens with a mournful piano tune and a little girl grasping a teddy bear, as a narrator says, "What happens next will make you tear up." Then the narrator explains that emotional content compels people to pay more attention than they otherwise would, and that fear-mongering and appeals to outrage are keys to spreading moral and political ideas on social media. The video offers examples, such as headlines that describe a "horrific" accident instead of a "serious" one, before reminding viewers that if something they see makes them angry, "someone may be pulling your strings."

Beth Goldberg, one of the paper's authors and the head of research and development at Jigsaw, a technology incubator within Google, said in an interview that pre-bunking leaned into people's innate desire to not be duped. "This is one of the few misinformation interventions that I've seen at least that has worked not just across the conspiratorial spectrum but across the political spectrum," Ms. Goldberg said.

Jigsaw will start a pre-bunking ad campaign on YouTube, Facebook, Twitter and TikTok at the end of August for users in Poland, Slovakia and the Czech Republic, meant to head off fear-mongering about Ukrainian refugees who entered those countries after Russia invaded Ukraine. It will be done in concert with local fact checkers, academics and disinformation experts. The researchers don't have plans for similar pre-bunking videos ahead of the midterm elections in the United States, but they are hoping other tech companies and civil groups will use their research as a template for addressing misinformation....

The effects of pre-bunking last for only between a few days and a month.... The researchers wrote that pre-bunking worked like medical immunization: "Pre-emptively warning and exposing people to weakened doses of misinformation can cultivate 'mental antibodies' against fake news."

After offering them for over a decade, Heroku announced this week that it will eliminate all of its free services -- pushing users to paid plans. From a report: Starting November 28, the Salesforce-owned cloud platform as a service will stop providing free product plans and shut down free data services and soon (on October 26) will begin deleting inactive accounts and associated storage for accounts that have been inactive for over a year. In a blog post, Bob Wise, Heroku general manager and Salesforce EVP, blamed "abuse" on the demise of the free services, which span the free plans for Heroku Dynos and Heroku Postgres as well as the free plan for Heroku Data for Redis.

[...] Wise went on to note that Heroku will be announcing a student program at Salesforce's upcoming Dreamforce conference in September, but the details remain a mystery at this point. For the uninitiated, Heroku allows programmers to build, run and scale apps across programming languages including Java, PHP, Scala and Go. Salesforce acquired the company for $212 million in 2010 and subsequently introduced support for Node.js and Clojure and Heroku for Facebook, a package to simplify the process of deploying Facebook apps on Heroku infrastructure. Heroku claims on its website that it's been used to develop 13 million apps to date.

New research claims that of five major Big Tech firms, Google tracks more private data about users than any other -- and Apple tracks the least. AppleInsider reports: Apple has previously introduced App Tracking Transparency specifically to protect the privacy of users from other companies. However, a new report says that Apple is also avoiding doing any more tracking itself than is needed to run its services. According to StockApps.com, Apple "is the most privacy-conscious firm out there." "Apple only stores the information that is necessary to maintain users' accounts," it continues. "This is because their website is not as reliant on advertising revenue as are Google, Twitter, and Facebook."

The StockApps.com report does not list what it describes as the "data points" that Big Tech firms collect for every user. However, it says they include location details, browser history, activity on third-party websites, and in Google's case, also emails in Gmail. It also doesn't detail its methodology, but does say that it used marketing firm digitalinformationworld to investigate Apple, Amazon, Facebook, Google, and Twitter. Of these five, Google reportedly tracks 39 separate data points per user, while Apple tracks only 12. Unexpectedly, Facebook is stated as tracking only 14 data points, while Amazon tracks 23, and Twitter tracks 24.

The National Meteorological Service predicted a severe storm over the weekend, prompting the government to postpone fireworks planned for a national holiday. The weather ended up being calm. The New York Times: Meteorology is sometimes referred to as the only field where the experts can be consistently wrong and still keep their jobs. But that did not seem to apply in Hungary on Monday, when the country's top two weather officials were fired after an inaccurate forecast. Their predictions of extreme weather conditions in Budapest had prompted the government to postpone fireworks for its national holiday, St. Stephen's Day, seven hours before they were scheduled to begin on Saturday. The night turned out to be calm.

On Sunday, Hungary's national meteorological service, the Orszagos Meteorologiai Szolgalat, issued an apology, saying that the weather on Saturday had been the least likely scenario based on its models. "Unfortunately, this uncertainty factor is part of our profession, we have tried to communicate this as well," the agency said on its Facebook page. By Monday, the head of the weather service and her deputy had been fired by Hungary's innovation minister, Laszlo Palkovics, a top official under Prime Minister Viktor Orban. On Tuesday, the service issued another statement on Facebook, saying it was a professional institution and not a political one. The agency said it did the best it could to prepare the forecasts, based on the date and time of the planned fireworks, using the available information to its experts. St. Stephen's Day celebrates the role of Stephen I, who became king in 1000 A.D., in the founding of the Hungarian state. "Our firm position is that despite significant decision-making pressure, the colleagues of the O.M.S.Z. performed the best of their knowledge and are not responsible for any alleged or real damage," the agency said, using an acronym for the agency.

Meta will now allow users of its Quest VR headsets to log in with a new Meta account instead of a Facebook account, the company announced on Tuesday. The Verge reports: The company had said in July that this change would be rolling out in August, and it marks a shift from an unpopular policy announced in 2020 that required users to log in to their headsets with a Facebook account instead of a separate Oculus account. Users can create Meta accounts through the Meta mobile app using an email address, Facebook account, or Instagram account. Once you create a Meta account, you'll need to set up a linked Meta Horizon social profile that will be used in VR. As with Facebook accounts before, you'll need one of these accounts to use a Quest headset.

"Our new Meta account structure gives you more flexibility and control, letting you choose how you do and don't show up -- and whether Facebook and / or Instagram is part of your experience in VR and other surfaces where you use your Meta Horizon profile," Meta says in its blog post. If you want to set up a Meta account, the company has instructions in the blog post and in a video. If you are still using an Oculus account, you'll be able to do so until January 1st, 2023. After that date, you'll need to make a Meta account. The company says the option to make a Meta account and a Meta Horizon profile is rolling out now, so if you aren't able to just yet, you should be given the option soon.

An anonymous reader quotes a report from CNN: Twitter has major security problems that pose a threat to its own users' personal information, to company shareholders, to national security, and to democracy, according to an explosive whistleblower disclosure obtained exclusively by CNN and The Washington Post. The disclosure, sent last month to Congress and federal agencies, paints a picture of a chaotic and reckless environment at a mismanaged company that allows too many of its staff access to the platform's central controls and most sensitive information without adequate oversight. It also alleges that some of the company's senior-most executives have been trying to cover up Twitter's serious vulnerabilities, and that one or more current employees may be working for a foreign intelligence service.

The whistleblower, who has agreed to be publicly identified, is Peiter "Mudge" Zatko, who was previously the company's head of security, reporting directly to the CEO. Zatko further alleges that Twitter's leadership has misled its own board and government regulators about its security vulnerabilities, including some that could allegedly open the door to foreign spying or manipulation, hacking and disinformation campaigns. The whistleblower also alleges Twitter does not reliably delete users' data after they cancel their accounts, in some cases because the company has lost track of the information, and that it has misled regulators about whether it deletes the data as it is required to do. The whistleblower also says Twitter executives don't have the resources to fully understand the true number of bots on the platform, and were not motivated to. Bots have recently become central to Elon Musk's attempts to back out of a $44 billion deal to buy the company (although Twitter denies Musk's claims).

Zatko was fired by Twitter in January for what the company claims was poor performance. According to Zatko, his public whistleblowing comes after he attempted to flag the security lapses to Twitter's board and to help Twitter fix years of technical shortcomings and alleged non-compliance with an earlier privacy agreement with the Federal Trade Commission. Zatko is being represented by Whistleblower Aid, the same group that represented Facebook whistleblower Frances Haugen. John Tye, founder of Whistleblower Aid and Zatko's lawyer, told CNN that Zatko has not been in contact with Musk, and said Zatko began the whistleblower process before there was any indication of Musk's involvement with Twitter. After this article was initially published, Alex Spiro, an attorney for Musk, told CNN, "We have already issued a subpoena for Mr. Zatko, and we found his exit and that of other key employees curious in light of what we have been finding." "Mr. Zatko was fired from his senior executive role at Twitter in January 2022 for ineffective leadership and poor performance," the Twitter spokesperson said. "What we've seen so far is a false narrative about Twitter and our privacy and data security practices that is riddled with inconsistencies and inaccuracies and lacks important context. Mr. Zatko's allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers and its shareholders. Security and privacy have long been company-wide priorities at Twitter and will continue to be."

Zatko also alleges that the Indian government forced Twitter to put a government agent on the payroll, giving them access to sensitive user data. "Twitter is engaged in a legal challenge against the Indian government after it asked a local court in July to overturn some government orders to remove content from the social media platform, and alleged abuse of power by officials," adds Reuters.

BitChute and Odysee serve up conspiracies, racism and graphic violence to millions of viewers. Taking advantage of Big Tech disinformation crackdowns and the rise of Trump, the sites reflect a new media universe -- one where COVID-19 is fake, Russia fights Nazis in Ukraine, and mass shootings are 'false flag' operations. From a report: A day after a mass shooting in Buffalo, New York last May, the video-sharing website BitChute was amplifying a far-right conspiracy theory that the massacre was a so-called false flag operation, meant to discredit gun-loving Americans. Three of the top 15 videos on the site that day blamed U.S. federal agents instead of the true culprit: a white-supremacist teenager who had vowed to "kill as many blacks as possible" before shooting 13 people, killing 10. Other popular videos uploaded by BitChute users falsely claimed COVID-19 vaccines caused cancers that "literally eat you" and spread the debunked claim that Microsoft founder Bill Gates caused a global baby-formula shortage.

BitChute has boomed as YouTube, Twitter and Facebook tighten rules to combat misinformation and hate speech. An upstart BitChute rival, Odysee, has also taken off. Both promote themselves as free-speech havens, and they're at the forefront of a fast-growing alternative media system that delivers once-fringe ideas to millions of people worldwide. Searching the two sites on major news topics plunges viewers into a labyrinth of outlandish conspiracy theories, racist abuse and graphic violence. As their viewership has surged since 2019, they have cultivated a devoted audience of mostly younger men, according to data from digital intelligence firm Similarweb.

Facebook's parent company Meta is heading into another political battle over the planned introduction of end-to-end encryption (E2EE) in its Messenger chat platform. From a report: The UK's home secretary, Priti Patel, makes this clear in an op-ed for Tory mouthpiece The Telegraph this week, saying it would be a "grotesque betrayal" if the company didn't consider issues of child safety while introducing E2EE. Similar arguments are likely to be raised in the US, too. Meta has been working on adding E2EE to Messenger for years, and recently confirmed that it aims to encrypt all chats and calls on the platform by default next year. (It currently only offers default E2EE on its other big chat platform, WhatsApp, though users can opt-in to E2EE on Messenger on a chat-by-chat basis.)

The move is reigniting decades-old debates in politics and tech about the right way to balance user privacy and safety. In the US, these arguments have been heightened by the potential for police to issues search warrants for user chats in order to enforce new abortion laws after the overturn of Roe v. Wade. In the UK, arguments over encryption tend to focus on child safety and the dissemination of of child sexual abuse material, or CSAM. "A great many child predators use social media platforms such as Facebook to discover, target and sexually abuse children," writes Patel in her op-ed. "It is vital that law enforcement have access to the information they need to identify the children in these images and safeguard them from vile predators."

What do you when people hate your $10 billion selfie? "Mark Zuckerberg, in response to a torrent of critical memes mocking the graphics of Meta's newest project, has heard his critics — and changed his selfie," reports CNN: Zuckerberg debuted Horizon Worlds, a virtual reality social app, in France and Spain earlier this week, sharing a somewhat flat, goofy digital avatar in front of an animated Eiffel Tower and la Sagrada Família.

The internet immediately jumped in, mocking what many users viewed as (hopefully) preliminary graphics for a venture that Meta has spent at least $10 billion in the last year.

New York Times tech columnist Kevin Roose compared the graphics to "worse than a 2008 Wii game" on Twitter. Slate used the term " buttcheeks." Twitter was less kind: "eye-gougingly ugly" and "an international laughing stock" popping up. Many compared it to early 90's graphics and pointed out how lifeless and childish the Zuckerberg selfie looked. It quickly won the designation "dead eyes."

Well, Zuckerberg has apparently seen the memes, because on Friday he announced there are major updates coming — along with new avatar graphics.
In a CNBC report on how Zuckerberg "is getting dragged on the internet for how ugly the graphics of this game are," they'd actually quoted a Forbes headline that asked, "Does Mark Zuckerberg not understand how bad his metaverse is?"