A Tokyo court ruled that Cloudflare is liable for aiding manga piracy after failing to act on infringement notices and continuing to cache and serve content for major piracy sites, awarding about $3.2 million in damages. TorrentFreak says the decision sets a significant precedent in Japan, suggesting CDN providers can face direct liability when they don't verify customers or respond adequately to large-scale copyright abuse. From the report: After a wait of more than three and a half years, the Tokyo District Court rendered its decision this morning. In a statement provided to TorrentFreak by the publishers, they declare "Victory Against Cloudflare" after the Court determined that Cloudflare is indeed liable for the pirate sites' activities. In a statement provided to TorrentFreak, the publishers explain that they alerted Cloudflare to the massive scale of the infringement, involving over 4,000 works and 300 million monthly visits, but their requests to stop distribution were ignored.

"We requested that the company take measures such as stopping the distribution of pirated content from servers under its management. However, Cloudflare continued to provide services to the manga piracy sites even after receiving notices from the plaintiffs," the group says. The publishers add that Cloudflare continued to provide services even after receiving information disclosure orders from U.S. courts, leaving them with "no choice but to file this lawsuit."

"The judgment recognized that Cloudflare's failure to take timely and appropriate action despite receiving infringement notices from the plaintiffs, and its negligent continuation of pirated content distribution, constituted aiding and abetting copyright infringement, and that Cloudflare bears liability for damages to the plaintiffs," they write. "The judgment, in that regard, attached importance to the fact that Cloudflare, without conducting any identity verification procedures, had enabled a massive manga piracy site to operate "under circumstances where strong anonymity was secured,' as a basis for recognizing the company's liability."

The publishers believe that the judgment clarifies the conditions under which a company such as Cloudflare incurs liability for copyright infringement. Failure to carry out identity verification appears at the top of the publishers' list, followed by a lack of timely and appropriate action in response to infringement notices sent by rightsholders. "We believe this is an important decision given the current situation where piracy site operators often hide their identities and repeatedly conduct large-scale distribution using CDN services from overseas. We hope that this judgment will be a step toward ensuring proper use of CDN services. We will continue our efforts to protect the rights of works, creators, and related parties, while aiming for further expansion of legitimate content," the publishers conclude. Cloudflare plans to appeal the verdict.

An anonymous reader shares a report: This summer, Oslo's public-transport authority drove a Chinese electric bus deep into a decommissioned mine inside a nearby mountain to answer a question: Could it be hacked? Isolated by rock from digital interference, cybersecurity experts came back with a qualified yes: The bus could in theory be remotely disabled using the control system for the battery.

The revelation, presented at a recent public-transport conference, has spurred officials in Denmark and the U.K. to start their own investigations into Chinese vehicles. It has also fed into broader security concerns across Europe about the growing prevalence of Chinese-made equipment in the region's energy and telecommunications infrastructure.

The worry is the same for autos, solar panels and other connected devices: that mechanisms used for wirelessly delivering system updates could also be exploited by a hostile government or third-party hacker to compromise critical networks. [...] The Oslo transport authority, Ruter, said the bus's mobile-network connection via a Romanian SIM card gave manufacturer Yutong access to the control system for battery and power supply. Ruter said it is addressing the vulnerability by developing firewalls and delaying the signals sent to the vehicles, among other solutions.

The EU's cookie consent policies have been an annoying and unavoidable part of browsing the web in Europe since their introduction in 2018. But the cookie nightmare is about to crumble thanks to some big proposed changes announced by the European Commission today. From a report: Instead of having to click accept or reject on a cookie pop-up for every website you visit in Europe, the EU is preparing to enforce rules that will allow users to set their preferences for cookies at the browser level. "People can set their privacy preferences centrally -- for example via the browser -- and websites must respect them," says the EU. "This will drastically simplify users' online experience."

This key change is part of a new Digital Package of proposals to simplify the EU's digital rules, and will initially see cookie prompts change to be a simplified yes or no single-click prompt ahead of the "technological solutions" eventually coming to browsers. Websites will be required to respect cookie choices for at least six months, and the EU also wants website owners to not use cookie banners for "harmless uses" like counting website visits, to lessen the amount of pop-ups.

Cloudflare suffered its worst network outage in six years on Tuesday, beginning at 11:20 UTC. The disruption prevented the content delivery network from routing traffic for roughly three hours. The failure, writes Cloudflare in a blog post, originated from a database permissions change deployed at 11:05 UTC. The modification altered how a database query returned information about bot detection features. The query began returning duplicate entries. A configuration file used to identify automated traffic doubled in size and spread across the network's machines. Cloudflare's traffic routing software reads this file to distinguish bots from legitimate users. The software had a built-in limit of 200 bot detection features. The enlarged file contained more than 200 entries. The software crashed when it encountered the unexpected file size.

Users attempting to access websites behind Cloudflare's network received error messages. The outage affected multiple services. Turnstile security checks failed to load. The Workers KV storage service returned elevated error rates. Users could not log into Cloudflare's dashboard. Access authentication failed for most customers.

Engineers initially suspected a coordinated attack. The configuration file was automatically regenerated every five minutes. Database servers produced either correct or corrupted files during a gradual system update. Services repeatedly recovered and failed as different versions of the file circulated. Teams stopped generating new files at 14:24 UTC and manually restored a working version. Most traffic resumed by 14:30 UTC. All systems returned to normal at 17:06 UTC.

MI5 has warned U.K. lawmakers that Chinese intelligence operatives are using LinkedIn and recruitment fronts to target them for information gathering and long-term cultivation. PBS reports: Writing to lawmakers, House of Commons Speaker Lindsay Hoyle said a new MI5 "espionage alert" warned that Chinese nationals were "using LinkedIn profiles to conduct outreach at scale" on behalf of the Chinese Ministry of State Security. "Their aim is to collect information and lay the groundwork for long-term relationships, using professional networking sites, recruitment agents and consultants acting on their behalf," he said. MI5 issued the alert because the activity was "targeted and widespread," he added.

The MI5 alert cited LinkedIn profiles of two women, Amanda Qiu and Shirly Shen, and said other similar recruiters' profiles were acting as fronts for espionage. Home Office Minister Dan Jarvis said that apart from parliamentary staff, others including economists, think tank consultants and government officials have been similarly targeted. Jarvis said the government is rolling out a series of measures to tackle the risk, including investing 170 million pounds ($224 million) to renew encrypted technology used by civil servants to safeguard sensitive work. Opposition parties say authorities are not doing enough and are too wary of jeopardizing trade ties with China.

Mexico has finally lifted its long-running Tor ban for the main government portal, allowing privacy-focused users, journalists, and activists to access gob.mx again after more than a decade of blocking. That said, the open data portal and the former Tor-compatible whistleblower system remain inaccessible. CyberInsider reports: The development follows a long period of digital censorship that spanned two full six-year presidential terms, those of Enrique Pena Nieto and Andres Manuel Lopez Obrador, and continued into the early months of Claudia Sheinbaum Pardo's current administration. Research conducted by Jacobo Najera and Miguel Trujillo, published in October 2023, documented that 21 federal government agencies were blocking traffic from the Tor network, effectively excluding privacy-conscious users from vital public resources and services.

Blender 5.0 has been released with major upgrades including HDR and wide-gamut color support on Linux via Wayland/Vulkan, significant theme and UI improvements, new color-space tools, revamped curve and geometry features, and expanded hardware requirements. 9to5Linux reports: Blender 5.0 also introduces a working color space for Blend files, a new AgX HDR view, a new Convert to Display compositor node, new Rec.2100-PQ and Rec.2100-HLG displays that can be used for color grading for HDR video export, and new ACES 1.3 and 2.0 views as an alternative to AgX and Filmic.

A new "Jump Time by Delta" operator for jumping forward/backward in time by a user-specified delta has been introduced as well, along with a revamped Curve drawing, which better supports the new Curves object type and all of their features, and a new Geometry Attribute constraint.

Also new is a "Cylinder" option for curve display type that allows rendering thicker curves without the flat ribbon appearance, support for the Zstd (Zstandard) fast lossless compression algorithm for point caches, as well as a new "Curve Data" panel in edit mode that allows tweaking built-in curve attribute values. A full list of changes can be found here. You can download from the official website.

A federal judge ruled Tuesday that Meta did not illegally stifle competition when it acquired Instagram and WhatsApp. The decision marks Big Tech's first major victory against antitrust enforcement that began during President Donald Trump's first term. The U.S. Federal Trade Commission had sought to force Meta to sell or restructure the platforms to restore competition among social media networks. Meta argued it faced competitive pressure from TikTok, YouTube, and Apple's messaging app.

A majority of global fund managers think companies are overinvesting, as market anxiety grows about the sustainability of the AI spending boom. From a report: A net 20 per cent of fund managers surveyed this month by Bank of America said companies were spending too much on their investments -- the first time this has been a majority view in data running back to 2005. "This jump is driven by concerns over the magnitude and financing of the AI capex boom," said BofA analysts.

The surge in investment to develop AI infrastructure has been a dominant theme in the record rally in US tech stocks this year -- with chipmaker Nvidia becoming the world's first $5tn company last month -- but growing concerns about the sustainability of this spending has caused a pullback on Wall Street in recent weeks.

Google released Gemini 3 on Tuesday, launching its latest AI model with a breakthrough score of 1501 Elo on the LMArena Leaderboard alongside state-of-the-art performance across multiple benchmarks including 91.9% on GPQA Diamond for PhD-level reasoning and 37.5% on Humanity's Last Exam without tool usage. The model is available starting today in the Gemini app, AI Mode in Search for Google AI Pro, Google AI Studio, Vertex AI and the newly launched Google Antigravity agentic development platform. Third-party platforms including Cursor, GitHub, JetBrains, Manus, and Replit are also gaining access.

Separately, Google said AI Overviews now have 2 billion users every month. Gemini app has topped 650 million users per month.

Microsoft has rolled out a new preview build for Windows 11 Insiders in the Dev and Beta Channel this week that introduces a new toggle called 'experimental agentic features' that can be enabled or disabled in the Windows Settings app. From a report: According to Microsoft, this new toggle is designed to "allow agents to use new Windows agentic features." The company says the feature will work with AI-powered apps, which "help you automate everyday tasks -- like organizing files, scheduling meetings, or sending emails -- so you can spend less time on busy work and more time on what matters most. One powerful way apps are implementing AI today is by interacting with your apps and your files, using vision and advanced reasoning to click, type and scroll like a human would."

The setting in the Windows Setting says "When this setting is on, agents can use Windows agentic features." Features such as the recently announced Copilot Actions for Windows feature are going to take advantage of this new experimental agentic feature capability.

Researchers at the University of Vienna extracted phone numbers for 3.5 billion WhatsApp users by systematically checking every possible number through the messaging service's contact discovery feature. The technique yielded profile photos for 57% of those accounts and profile text for 29 percent. The researchers checked roughly 100 million numbers per hour using WhatsApp's browser-based app.

The team warned Meta in April and deleted their data. The company implemented stricter rate-limiting by October to prevent such mass enumeration. Meta called the exposed information "basic publicly available information" and said it found no evidence of malicious exploitation. The vulnerability had been identified before. In 2017, Dutch researcher Loran Kloeze published a blog post detailing the same enumeration technique. Meta responded then that WhatsApp's privacy settings were functioning as designed and denied him a bug bounty reward. The researchers collected 137 million U.S. phone numbers. In India, they found nearly 750 million numbers. They also discovered 2.3 million Chinese numbers and 1.6 million Myanmar numbers, despite WhatsApp being banned in both countries. The researchers analyzed the cryptographic keys and found some accounts used duplicate keys. They speculate this resulted from unauthorized WhatsApp clients rather than a platform flaw.

Every company would be affected if the AI bubble were to burst, the head of Google's parent firm Alphabet has told the BBC. From the report: Speaking exclusively to BBC News, Sundar Pichai said while the growth of artificial intelligence investment had been an "extraordinary moment", there was some "irrationality" in the current AI boom. It comes amid fears in Silicon Valley and beyond of a bubble as the value of AI tech companies has soared in recent months and companies spend big on the burgeoning industry.

Asked whether Google would be immune to the impact of the AI bubble bursting, Mr Pichai said the tech giant could weather that potential storm, but also issued a warning. "I think no company is going to be immune, including us," he said. In a wide-ranging exclusive interview at Google's California headquarters, he also addressed energy needs, slowing down climate targets, UK investment, the accuracy of his AI models, and the effect of the AI revolution on jobs.

An outage at Cloudflare that began moments ago has knocked many popular websites, including ChatGPT and X, according to user reports. Cloudflare says on its website: "Cloudflare is aware of, and investigating an issue which potentially impacts multiple customers. Further detail will be provided as more information becomes available."

Update: In a statement after the outage was resolved, Cloudflare CTO said: Earlier today we failed our customers and the broader Internet when a problem in Cloudflare network impacted large amounts of traffic that rely on us. The sites, businesses, and organizations that rely on Cloudflare depend on us being available and I apologize for the impact that we caused.

Transparency about what happened matters, and we plan to share a breakdown with more details in a few hours. In short, a latent bug in a service underpinning our bot mitigation capability started to crash after a routine configuration change we made. That cascaded into a broad degradation to our network and other services. This was not an attack.

That issue, impact it caused, and time to resolution is unacceptable. Work is already underway to make sure it does not happen again, but I know it caused real pain today. The trust our customers place in us is what we value the most and we are going to do what it takes to earn that back.

Chinese automakers are rapidly expanding across South America, boosted by the new Chinese-built Port of Chancay, aggressive pricing, local partnerships, and growing regional demand. Reuters reports: China has been ramping up sales since the opening last year of the Port of Chancay, north of Lima. The Chinese-built megaport has halved trans-Pacific shipping times just as Chinese manufacturers face rising barriers to entry in the United States and greater trade restrictions in Europe.

BYD, which makes EVs, plug-in hybrids and combustion engine cars, plans to open a fourth dealership in Lima by the end of this year, while Chery and Geely have more than a dozen in total in Peru. Chinese carmakers face a profit-destroying price war at home and a growing surplus of new cars rolling out of Chinese factory lines. Much of this excess is being shipped overseas to the Middle East, Central Asia and Latin America, according to global automotive analyst Felipe Munoz at JATO Dynamics.

The Chinese have "carved out space," across both electric and petrol-powered cars, said Martin Bresciani, president of Chile's automotive business chamber, CAVEM. "The Chinese have already demonstrated that they match global standards in quality." Chinese brands reached 29.6% of all new passenger car sales in Chile in the first quarter of this year. [...] Part of China's success has been partnering with trusted local importers to offer more affordable models tailored to regional tastes, according to seven dealerships Reuters spoke to in Peru, Chile, Uruguay and Argentina.

Even after disabling remote control and officially ending support for early Nest Learning Thermostats, Google is still receiving detailed sensor and activity data from these devices, including temperature changes, motion, and ambient light. The Verge reports: After digging into the backend, security researcher Cody Kociemba found that the first- and second-generation Nest Learning Thermostats are still sending Google information about manual temperature changes, whether a person is present in the room, if sunlight is hitting the device, and more. Kociemba made the discovery while participating in a bounty program created by FULU, a right-to-repair advocacy organization cofounded by electronics repair technician and YouTuber Louis Rossmann.

FULU challenged developers to come up with a solution to restore smart functionality to Nest devices no longer supported by Google, and that's exactly what Kociemba did with his open-source No Longer Evil project. But after cloning Google's API to create this custom software, he started receiving a trove of logs from customer devices, which he turned off. "On these devices, while they [Google] turned off access to remotely control them, they did leave in the ability for the devices to upload logs. And the logs are pretty extensive," Kociemba tells The Verge. [...] "I was under the impression that the Google connection would be severed along with the remote functionality, however that connection is not severed, and instead is a one-way street," Kociemba says.

An anonymous reader shares a report: The use of AI in the latest Call of Duty has prompted a US lawmaker to call for regulations to prevent artificial intelligence from taking jobs away from human workers. Rep. Ro Khanna (D-Calif.), who represents a large swathe of Silicon Valley, took aim at Call of Duty: Black Ops 7 after buyers noticed the popular shooter contains a significant amount of AI-generated icons, posters, and achievements. Gamers are criticizing it as filled with "AI slop."

On Friday, Khanna tweeted: "We need regulations that prevent companies from using AI to eliminate jobs to extract greater profits." He added, "Artists at these companies need to have a say in how AI is deployed. They should share in the profits. And there should be a tax on mass displacement."

Global internet freedom declined for a 15th consecutive year, according to Freedom House's annual report. Semafor: "Always grim reading," this year's is particularly sobering, Tech Policy Press noted, with the lowest-ever portion of users living in countries categorized as "free." Conditions declined in 27 of the 72 countries assessed, with those in Kenya -- where anti-corruption protests were quelled, in part, by a seven-hour internet shutdown -- deteriorating the most. China and Myanmar tied for least-free, and the US' ranking dropped, while Iceland retained its top spot for the freest digital environment. Bangladesh improved the most. The most consistent trend observed over 15 years, Freedom House noted, is the growing digital influence of state actors: "Online spaces are more manipulated than ever."

Anthropic CEO Dario Amodei says he's uneasy about how much power a handful of tech leaders -- including himself -- have over the future of artificial intelligence. From a report: "I think I'm deeply uncomfortable with these decisions being made by a few companies, by a few people," Amodei told Anderson Cooper in a "60 Minutes" episode that aired Sunday. "Like who elected you and Sam Altman?" asked Anderson. "No one. Honestly, no one," Amodei replied.

"Windows is evolving into an agentic OS," Microsoft's president of Windows Pavan Davuluri posted on X.com, "connecting devices, cloud, and AI to unlock intelligent productivity and secure work anywhere."

But former Uber software engineer and engineering manager Gergely Orosz was unimpressed. "Can't see any reason for software engineers to choose Windows with this weird direction they are doubling down on. So odd because Microsoft has building dev tools in their DNA... their OS doesn't look like anything a builder who wants OS control could choose. Mac or Linux it is for devs."

Davuluri "has since disabled replies on his original post..." notes the blog Windows Central, "which some people viewed as an attempt to shut out negative feedback." But he also replied to that comment... Davuluri says "we care deeply about developers. We know we have work to do on the experience, both on the everyday usability, from inconsistent dialogs to power user experiences. When we meet as a team, we discuss these pain points and others in detail, because we want developers to choose Windows..." The good news is Davuluri has confirmed that Microsoft is listening, and is aware of the backlash it's receiving over the company's obsession with AI in Windows 11. That doesn't mean the company is going to stop with adding AI to Windows, but it does mean we can also expect Microsoft to focus on the other things that matter too, such as stability and power user enhancements.
Elsewhere on X.com, Microsoft CEO Satya Nadella shared his own thoughts on "the net benefit of the AI platform wave ." The Times of India reports: Nadella said tech companies should focus on building AI systems that create more value for the people and businesses using them, not just for the companies that make the technology. He cited Bill Gates to emphasize the same: "A platform is when the economic value of everybody that uses it exceeds the value of the company that creates it."Tesla CEO Elon Musk responded to Nadella's post with a facepalm emoji.

Nadella said this idea matters even more during the current AI boom, where many firms risk giving away too much of their own value to big tech platforms. "The real question is how to empower every company out there to build their own AI-native capabilities," he wrote. Nadella says Microsoft's partnership with OpenAI is an example of zero-sum mindset industry... [He also cited Microsoft's "work to bring AMD into the fleet."]
More from Satya Nadella's post: Thanks to AI, the [coding] category itself has expanded and may ultimately become one of the largest software categories. I don't ever recall any analyst ever asking me about how much revenue Visual Studio makes! But now everyone is excited about AI coding tools. This is another aspect of positive sum, when the category itself is redefined and the pie becomes 10x what it was! With GitHub Copilot we compete for our share and with GitHub and Agent HQ we also provide a platform for others.

Of course, the real test of this era won't be when another tech company breaks a valuation record. It will be when the overall economy and society themselves reach new heights. When a pharma company uses AI in silico to bring a new therapy to market in one year instead of twelve. When a manufacturer uses AI to redesign a supply chain overnight. When a teacher personalizes lessons for every student. When a farmer predicts and prevents crop failure.That's when we'll know the system is working.

Let us move beyond zero-sum thinking and the winner-take-all hype and focus instead on building broad capabilities that harness the power of this technology to achieve local success in each firm, which then leads to broad economic growth and societal benefits. And every firm needs to make sure they have control of their own destiny and sovereignty vs just a press release with a Tech/AI company or worse leak all their value through what may seem like a partnership, except it's extractive in terms of value exchange in the long run.