In the M2 MacBook Air, Apple has replaced an Intel-made component responsible for controlling the USB and Thunderbolt ports with a custom-made controller, meaning the last remnants of Intel are now fully out of the latest Mac. MacRumors reports: Earlier this month, the repair website iFixit shared a teardown of the new "MacBook Air," revealing a look inside the completely redesigned machine. One subtle detail that went largely unnoticed was that unlike previous Macs, the latest "MacBook Air" introduces custom-made controllers for the USB and Thunderbolt ports. iFixit mentioned it in their report, noting they located a "seemingly Apple-made Thunderbolt 3 driver, instead of the Intel chips we're familiar with." The new component was shared on Twitter earlier today, where it received more attention. Few details are known about the controllers, including whether they're custom-made by Apple or a third party.

Coinbase is facing a US probe into whether it improperly let Americans trade digital assets that should have been registered as securities, Bloomberg reported Tuesday, citing people familiar with the matter. From the report: The US Securities and Exchange Commission's scrutiny of Coinbase has increased since the platform expanded the number of tokens in which it offers trading, said two of the people, who asked not to be named because the inquiry hasn't been disclosed publicly. The probe by the SEC's enforcement unit predates the agency's investigation into an alleged insider trading scheme that led the regulator last week to sue a former Coinbase manager and two other people. "We are confident that our rigorous diligence process -- a process the SEC has already reviewed -- keeps securities off our platform, and we look forward to engaging with the SEC on the matter," Chief Legal Officer Paul Grewal said on Twitter.

ZDNet reports: Microsoft is rolling out a new security default for Windows 11 that will go a long way to preventing ransomware attacks that begin with password-guessing attacks and compromised credentials. The new account security default on account credentials should help thwart ransomware attacks that are initiated after using compromised credentials or brute-force password attacks to access remote desktop protocol (RDP) endpoints, which are often exposed on the internet.

RDP remains the top method for initial access in ransomware deployments, with groups specializing in compromising RDP endpoints and selling them to others for access.

The new feature is rolling out to Windows 11 in a recent Insider test build, but the feature is also being backported to Windows 10 desktop and server, according to Dave Weston, vice president of OS Security and Enterprise at Microsoft. "Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors. This technique is very commonly used in Human Operated Ransomware and other attacks — this control will make brute forcing much harder which is awesome!," Weston tweeted.

Weston emphasized "default" because the policy is already an option in Windows 10 but isn't enabled by default. That's big news and is a parallel to Microsoft's default block on internet macros in Office on Windows devices, which is also a major avenue for malware attacks on Windows systems through email attachments and links.... The defaults will be visible in the Windows Local Computer Policy directory "Account Lockout Policy".

The default "account lockout duration" is 10 minutes; the "account lockout threshold" is set to a maximum of 10 invalid logon attempts; a setting to "allow administrator account lockout" is enabled; and the "reset account lockout counter after" setting is set to 10 minutes.

This week America's Department of Defense "created an office to track unidentified objects in space and air, [and] under water," reports Space.com, "or even those that appear to travel between these domains." UFOs, or as they are now known, unidentified aerial phenomena (UAP) have been receiving newfound levels of government scrutiny not seen in decades. Multiple hearings and classified briefings have taken place in the halls of the U.S. Congress in recent months, and many lawmakers have expressed concern that America's airspace may not be as safe as we think due to the many sightings of unidentified objects military aviators and other armed forces personnel have reported.

With that in mind, the Department of Defense announced the creation of this new office in a statement published Wednesday (July 20). The office is known as the All-domain Anomaly Resolution Office, or AARO, and was established within the Office of the Under Secretary of Defense for Intelligence and Security... The office has six primary lines of effort: surveillance, collection and reporting; system capabilities and design; intelligence operations and analysis; mitigation and defeat; governance; and science and technology.
A statement from the U.S. Department of Defense spells out its mission:

• To synchronize efforts across the Department of Defense, and with other U.S. federal departments and agencies
• To detect, identify and attribute objects of interest in, on or near military installations, operating areas, training areas, special use airspace and other areas of interest
• As necessary, to mitigate any associated threats to safety of operations and national security.

Long-time Slashdot reader schwit1 notes the office already has its own Twitter feed, providing "updates and information relative to our examinations of unidentified anomalous phenomena across space, air, and maritime domains."

9to5Mac reports: A Twitter data breach has allowed an attacker to get access to the contact details of 5.4M accounts. Twitter has confirmed the security vulnerability which allowed the data to be extracted. The data — which ties Twitter handles to phone numbers and email addresses — has been offered for sale on a hacking forum, for $30,000... There is as yet no way to check whether your account is included in the Twitter data breach.
More details from the Restore Privacy security news site: A verified Twitter vulnerability from January has been exploited by a threat actor to gain account data allegedly from 5.4 million users. While Twitter has since patched the vulnerability, the database allegedly acquired from this exploit is now being sold on a popular hacking forum, posted earlier today.... The seller on the hacking forum goes by the username "devil" and claims that the dataset includes "Celebrities, to Companies, randoms, OGs, etc."

An anonymous reader quotes a report from Ars Technica: Atlassian on Wednesday revealed three critical product vulnerabilities, including CVE-2022-26138 stemming from a hardcoded password in Questions for Confluence, an app that allows users to quickly receive support for common questions involving Atlassian products. The company warned the passcode was "trivial to obtain."

The company said that Questions for Confluence had 8,055 installations at the time of publication. When installed, the app creates a Confluence user account named disabledsystemuser, which is intended to help admins move data between the app and the Confluence Cloud service. The hardcoded password protecting this account allows for viewing and editing of all non-restricted pages within Confluence. "A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access any pages the confluence-users group has access to," the company said. "It is important to remediate this vulnerability on affected systems immediately."

A day later, Atlassian was back to report that "an external party has discovered and publicly disclosed the hardcoded password on Twitter," leading the company to ratchet up its warnings. "This issue is likely to be exploited in the wild now that the hardcoded password is publicly known," the updated advisory read. "This vulnerability should be remediated on affected systems immediately." The company warned that even when Confluence installations don't actively have the app installed, they may still be vulnerable. Uninstalling the app doesn't automatically remediate the vulnerability because the disabledsystemuser account can still reside on the system. To figure out if a system is vulnerable, Confluence users can use these instructions Atlassian provided for locating such accounts.

According to the company, the two ways to fix the issue are to disable or remove the "disabledsystemuser" account.

An anonymous reader quotes a report from Motherboard: A video started circulating on Twitter Thursday of a Boston Dynamics-style robot dog firing a submachine gun into targets amid a snowy backdrop. This type of robot dog (it doesn't seem like the robot in the video is a Boston Dynamics Spot, just looks a lot like it) is famous for dancing, but now appears to have fulfilled every warning given by journalists and analysts. It's got a gun and it's ready to kill. A lot of questions remain. First, the robot dog doesn't seem to be able to handle the recoil of the gun well. As it fires its rounds, the barrel trails up and the dog has to take a minute to get its balance back. We also don't know if the dog is firing on its own or if, and this is more likely, someone is off-camera pulling the trigger remotely.

The robot's feet, various ports, and its front are completely different from Boston Dynamics' Spot. There's dozens of knockoffs of the Boston Dynamics dog selling on the international market. The one in the video appears to be a UnitreeYusu "technology dog" selling on AliExpress for about $3,000. The feet, port placement, and joint coverings are all the same. The robot also has strips of Velcro on either of its flanks. The left flank bears a Russian flag and the other appears with a wolf's head. In another video on the channel, a man wears a similar patch on his arm. It appears to be a wolf's head insignia commonly associated with Russian Special Operations Forces or Spetsnaz. That doesn't mean that Spetsnaz is using armed robot dogs, as pretty much anyone can buy a similar patch online in various places.

The gun is also Russian. It appears to be a PP-19 Vityaz, a submachine gun based on the AK-74 design. As the dog wanders around and fires, it sometimes moves in front of an armored personnel carrier with a unique triangular door. That's a BDRM-2, a Russian armored car that's been spotted recently in Ukraine. Finally, there's the account the video originally appeared on. Before making its way to Twitter, the video of the dog was posted to the YouTube account of Alexander Atamov on March 22, 2022. Atamov is listed on his LinkedIn profile as the founder of "HOVERSURF" and his Facebook page lists him as living in Moscow. He posted a picture of the robot dog on March 21. According to Facebook's translation of his post, he called the dog "Skynet."

It appears that a crypto Twitter user named Cobie influenced the FBI into bringing an insider trading case. From a report: The US Attorney's Office for the Southern District of New York is bringing an indictment against a former Coinbase employee, who allegedly tipped his brother and his buddy about which assets were about to list on Coinbase -- leading to $1.5 million in "realized and unrealized gains," according to the indictment. This is the first insider trading case involving cryptocurrency markets, says U.S. Attorney Damian Williams, in a statement.

Ishan Wahi, the Coinbase employee who was charged, was involved in listing new crypto assets on Coinbase's exchange. When Coinbase announces that a new token will be listed, that token often pops in value -- which means that the company told employees to keep silent about Coinbase's listing plans. Wahi started working for Coinbase in October 2020. In August 2021, he was allowed access to a channel where Coinbase employees discussed listing new projects with details like "exact announcement / launch dates + timelines."

An anonymous reader quotes a report from 9to5Google: With the addition of the developer-generated Data safety section this year, Google Play removed the old list of app permissions. The Play Store is now reversing this decision in response to user feedback and will have both coexist. In a short thread this morning, Android Developers (@AndroidDev) on Twitter said it "heard your feedback that you find the app permissions section in Google Play useful, and we've decided to reinstate it." It will be "back shortly," but the company did not specify if this will be done through a server-side change or whether a new version of the Play Store app is required: "The Data safety section provides users with a simplified view of how an app collects, shares, & secures user data, but we also want to make app permissions information easily viewable for users to understand an app's ability to access specific restricted data & actions too."

As Google summarizes, the Play permissions list is "based on the install-time permissions that an app declares in its manifest," and "represents an app's ability to access specific data." Data safety is focused on what an app collects and shares with third parties, similar to Apple's App Store. As of July 20, Google is directly warning "non-compliant new app submissions and app updates" that don't completely fill out the Data safety form. Developers have until August 22 to comply or they won't be able to publish new apps or updates. After that, applications might be removed from the Play Store.

An anonymous reader quotes a report from The New York Times: While working at Twitter from 2013 to 2015, Ahmad Abouammo was responsible for helping celebrities, journalists and other notable figures in the Middle East promote their Twitter accounts. He handled requests for Twitter's coveted blue verification badges and arranged tours of the San Francisco headquarters. But the Justice Department says he misused his access to Twitter user data, gathering the personal information of political dissidents and passing it to Saudi Arabia in exchange for a luxury watch and hundreds of thousands of dollars.

Mr. Abouammo, who is charged with acting as an agent of a foreign power inside the United States, committing wire fraud and laundering money, is set to stand trial this week in federal court in San Francisco. "We look forward to vindicating Mr. Abouammo and for him to have his day in court," said Angela Chuang, a lawyer representing him. The government expects Mr. Abouammo's legal team to argue that he worked lawfully as a consultant to Saudi Arabia, according to a court filing. Ms. Chuang declined to comment on legal strategy. The case, which illustrates the Saudi government's intensity in pursuing information about its critics, is unfolding at a delicate point in diplomacy between the United States and Saudi Arabia.

[...] Mr. Abouammo was charged in 2019 along with another former Twitter employee, Ali Alzabarah. The Justice Department said the men had used their Twitter access to dig up information about thousands of users and shared the information with Ahmed Almutairi, who the department said had served as their go-between with Saudi officials. Mr. Almutairi previously ran a social media marketing company that did work for the Saudi royal family. The men gathered "private user data, such as device identifiers, phone numbers, IP addresses, all of which could have been used by the Saudi government to identify and locate the individuals behind the accounts, including political dissidents," the Justice Department said in a court filing. When Twitter management confronted Mr. Alzabarah, he fled to Saudi Arabia, the Justice Department said. He and Mr. Almutairi remain wanted by U.S. law enforcement. Mr. Abouammo, who worked briefly at Amazon after leaving Twitter, was arrested in Seattle in 2019. He is free on bail but traveled to the San Francisco Bay Area for the trial. The report notes the "fraught" timing for U.S.-Saudi relations, as President Biden just returned from his first visit to the kingdom in hopes of securing closer Saudi-Israeli relations and relief from high gas prices. "It is also a fraught moment for Twitter, as the company faces heightened scrutiny over its data security practices and wages a high-stakes legal battle against Elon Musk, who is trying to back out of a deal to acquire the social media company," adds the report.

Zipmex, a Singapore-based digital assets trading platform, today announced that it is pausing customer withdrawals. From a report: The company took to Twitter on Wednesday to announce the move, citing "a combination of circumstances beyond our control" that made it take the decision. "Due to a combination of circumstances beyond our control including volatile market conditions, and the resulting financial difficulties of our key business partners, to maintain the integrity of our platform, we would be pausing withdrawals until further notice," said the exchange.

Zipmex, which markets itself as "Asia's leading digital assets exchange" and has offices in Thailand, Indonesia, and Australia, offers a variety of products including cryptocurrency spot trading and interest-bearing accounts. According to the company's website, users can enjoy up to 10% in rewards per year by depositing their funds on the platform. For example, Zipmex claims to offer 6% returns on Bitcoin (BTC) and Ethereum (ETH), and 10% on the USDC stablecoin. The startup, which counts Eduardo Saverin's B Capital as an investor, had concluded a $52 million fundraise in March this year.

On July 7th Art News explained how 95-year-old Austrian artist Herbert W. Franke "has recently become a sensation within the art world the crypto space," describing the digital pioneer as a computer artist using algorithms and computer programs to visualize math as art. Last month, the physicist and science fiction writer was behind one of the most talked about digital artworks at a booth by the blockchain company Tezos at Art Basel. Titled MONDRIAN (1979), the work paid tribute to artist Piet Mondrian's iconic geometric visuals using a program written on one of the first home computers.

Days before this, Franke, who studied physics in Vienna following World War II and started working at Siemens in 1953, where he conducted photographic experiments after office hours, launched 100 images from his famed series "Math Art" (1980-95) as NFTs on the Quantum platform. The drop was meant to commemorate his birthday on May 14 and to raise funds for his foundation. The NFTs sold out in 30 seconds, with the likes of pioneering blockchain artist Kevin Abosch purchasing a few.
In one of his last interviews, Franke told the site that blockchain "is a totally new environment, and this technology is still in its early stages, like at the beginning of computer art. But I am convinced that it has opened a new door for digital art and introduced the next generation to this new technology." It echoed something he'd said in his first book, published in 1957, which he later quoted in the interview (a full 65 years later). "Technology is usually dismissed as an element hostile to art. I want to try to prove that it is not..."

This morning, long-time Slashdot reader Qbertino wrote: The German IT news site heise reports (article in German) that digital art pioneer, SF author ("The Mind Net") and cyberspace avantgardist Herbert W. Franke has died at age 95. His wife recounted on his Twitter account: "Herbert loved to call himself the dinosaur of computer art. I am [...] devastated to announce that our beloved dinosaur has left the earth.

"He passed away knowing there is a community of artists and art enthusiasts deeply caring about his art and legacy." Among much pioneering work he founded one of the worlds first digital art festivals "Ars Electronica" in Austria in 1979.
Franke's wife is still running the Art Meets Science web site dedicated to Franke's work. Some highlights from its biography of Franke's life: Herbert W. Franke, born in Vienna on May 14, 1927, studied physics and philosophy at the University of Vienna and received his doctorate in 1951... An Apple II was his first personal computer which he bought 1980. He developed a program as early as 1982 that used a midi interface to control moving image sequences through music....

Only in recent years has "art from the machine" begun to interest traditional museums as a branch of modern art. Franke, who from the beginning was firmly convinced of the future importance of this art movement, has also assembled a collection of computer graphics that is unique in the world, documenting 50 years of this development with works by respected international artists, supplemented by his own works....

As a physicist, Franke was predestined to bring science and technology closer to the general public in popular form due to his talent as a writer, which became apparent early on. About one-third of his nearly fifty books, as well as uncounted journal articles...

Franke's novels and stories are not about predicting future technologies, nor about forecasting our future way of life, but rather about the intellectual examination of possible models of our future and their philosophical as well as ethical interpretation. In this context, however, Franke attaches great importance to the seriousness of scientific or technological assessments of the future in the sense of a feasibility analysis. In his opinion, a serious and meaningful discussion about future developments can basically only be conducted on this basis. In this respect, Franke is not a typical representative of science fiction, but rather a visionary who, as a novelist, deals with relevant questions of social future and human destiny on a high intellectual level.

The Washington Post reports: In the frantic first weeks of Russia's invasion of Ukraine, the U.S. tech companies that control the world's largest information hubs sprang into action. Responding to pressure from Western governments, social media apps such as Facebook, Instagram and YouTube banned or throttled Russian state media accounts, beefed up their fact-checking operations, curtailed ad sales in Russia and opened direct lines to Ukrainian officials, inviting them to flag Russian disinformation and propaganda to be taken down.

As the war grinds toward its sixth month, however, Russian propaganda techniques have evolved — and the tech firms haven't kept up.

Ukrainian officials who have flagged thousands of tweets, YouTube videos and other social media posts as Russian propaganda or anti-Ukrainian hate speech say the companies have grown less responsive to their requests to remove such content. New research shared with The Washington Post by a Europe-based nonprofit initiative confirms that many of those requests seem to be going unheeded, with accounts parroting Kremlin talking points, spewing anti-Ukrainian slurs or even impersonating Ukrainian officials remaining active on major social networks. As a result, researchers say, Kremlin-backed narratives are once again propagating across Europe, threatening to undermine popular support for Ukraine in countries that it views as critical to its defense....

With big state media accounts suspended or muffled, researchers say Russian leaders and influencers have shifted to the semiprivate messaging app Telegram to direct information campaigns via swarms of smaller accounts.
The Post reports that Google-owned YouTube hasn't returned emails for almost two months, according to the deputy head of the Ukrainian government's Strategic Communications and Information Security center. And the Post notes that researchers found LinkedIn "removed fewer than half of the posts that Ukrainian officials flagged as examples of Russian propaganda justifying the war....

"On the positive side, the researchers found that Facebook had removed all 98 of the posts the Ukrainian government and its partners flagged as containing anti-Ukrainian hate speech, though many of the accounts responsible remained active."

An anonymous reader quotes a report from Wired: [R]esearchers from the New Jersey Institute of Technology are warning this week about a novel technique attackers could use to de-anonymize website visitors and potentially connect the dots on many components of targets' digital lives. The findings (PDF), which NJIT researchers will present at the Usenix Security Symposium in Boston next month, show how an attacker who tricks someone into loading a malicious website can determine whether that visitor controls a particular public identifier, like an email address or social media account, thus linking the visitor to a piece of potentially personal data.

When you visit a website, the page can capture your IP address, but this doesn't necessarily give the site owner enough information to individually identify you. Instead, the hack analyzes subtle features of a potential target's browser activity to determine whether they are logged into an account for an array of services, from YouTube and Dropbox to Twitter, Facebook, TikTok, and more. Plus the attacks work against every major browser, including the anonymity-focused Tor Browser. "If you're an average internet user, you may not think too much about your privacy when you visit a random website," says Reza Curtmola, one of the study authors and a computer science professor at NJIT. "But there are certain categories of internet users who may be more significantly impacted by this, like people who organize and participate in political protest, journalists, and people who network with fellow members of their minority group. And what makes these types of attacks dangerous is they're very stealthy. You just visit the website and you have no idea that you've been exposed."

How this de-anonymization attack works is difficult to explain but relatively easy to grasp once you have the gist. Someone carrying out the attack needs a few things to get started: a website they control, a list of accounts tied to people they want to identify as having visited that site, and content posted to the platforms of the accounts on their target list that either allows the targeted accounts to view that content or blocks them from viewing it -- the attack works both ways. Next, the attacker embeds the aforementioned content on the malicious website. Then they wait to see who clicks. If anyone on the targeted list visits the site, the attackers will know who they are by analyzing which users can (or cannot) view the embedded content. [...] Complicated as it may sound, the researchers warn that it would be simple to carry out once attackers have done the prep work. It would only take a couple of seconds to potentially unmask each visitor to the malicious site -- and it would be virtually impossible for an unsuspecting user to detect the hack. The researchers developed a browser extension that can thwart such attacks, and it is available for Chrome and Firefox. But they note that it may impact performance and isn't available for all browsers.

NFT marketplace OpenSea announced today that it's laying off around 20% of the company's employees. TechCrunch reports: "... [T]he reality is that we have entered an unprecedented combination of crypto winter and broad macroeconomic instability, and we need to prepare the company for the possibility of a prolonged downturn," OpenSea CEO Devin Finzer said in a message shared with staff that he posted publicly on Twitter as well. The company did not specify exactly how many employees were impacted by the decision, but the company's LinkedIn page indicates the company has around 750+ employees currently. Finzer says that impacted employees will be receiving severance and health insurance "into 2023" as well as accelerated equity vesting.

The layoffs raise questions about the company's aggressive growth tactics and how they approached the sustainability of the NFT sector's breakneck growth. In his note to staff, Finzer says the company has years of runway ahead of it with these changes, assuming things don't get even bleaker. "The changes we're making today put us in a position to maintain multiple years of runway under various crypto winter scenarios (5 years at the current volume), and give us high confidence that we will only have to go through this process once," Finzer writes, later adding, "Winter is our time to build."

theodp writes: On Monday, a who's who of the nation's tech leaders -- organized as CEOs for CS by the tech-backed nonprofit Code.org -- issued a public challenge in a letter to 'the Governors of the United States', calling on the Govs to bring more computer science to K-12 students in their states.

On Thursday, as the National Governors Association kicked off their 2022 Summer Meeting, 50 of the nation's Governors -- many of whom are members of the Code.org-advised Govs for CS -- accepted the nation's CEOs' challenge, signing a Compact To Expand K-12 Computer Science Education, which may involve a number of strategies, including "requiring a computer science credit for high school graduation."

News of the Governors' K-12 CS education compact coincidentally came on the same day as the nation's K-12 CS teachers gathered in Chicago to kickoff the Tech Giant and Code.org-sponsored CSTA 2022 Annual Conference.

Law students getting ready to take the Bar exam digitally may run into a serious issue: one of the nation's most frequently-used test-taking software packages, Examplify, is incompatible with Intel's latest generation of processors. From a report: In a notice to users, ExamSoft, the company that owns Examplify, writes that 12th Gen Intel processors aren't compatible with its software. "New Windows devices containing the Intel 12th generation chipset are triggering Examplify's automatic virtual machine check," Examplify's notice reads. "These are NOT currently supported. Therefore, they cannot be used for the upcoming July 2022 bar exam." One user drew attention to the issue in a post on Twitter, and included a screencap of what appears to be a notice given to Bar applicants.

Twitter faced a brief outage on Thursday, leaving thousands of users without service for about an hour. From a report: At the peak, at 8:20 a.m. in New York, 54,582 users reported problems on Downdetector.com, an outage tracking platform. Twitter's website displayed an error message and prompted users to reload the page. It wasn't immediately clear what caused the outage. A message on Twitter's support account posted at 9:10 a.m. said: "Some of you are having issues accessing Twitter and we're working to get it back up and running for everyone. Thanks for sticking with us." By 9:16 a.m., about 1,600 users reported they were still having trouble. The last time Twitter faced an outage was in February, when the site crashed due to a "technical bug" on the page. In its early days, Twitter was famous for crashing amid high traffic, leading to the iconic "fail whale" image that popped up when service was down.

Lenovo has released a security advisory to inform customers that more than 70 of its laptops are affected by a UEFI/BIOS vulnerability that can lead to arbitrary code execution. SecurityWeek reports: Researchers at cybersecurity firm ESET discovered a total of three buffer overflow vulnerabilities that can allow an attacker with local privileges to affected Lenovo devices to execute arbitrary code. However, Lenovo says only one of the vulnerabilities (CVE-2022-1892) impacts all devices, while the other two impact only a handful of laptops. "The vulnerabilities can be exploited to achieve arbitrary code execution in the early phases of the platform boot, possibly allowing the attackers to hijack the OS execution flow and disable some important security features," ESET explained. "These vulnerabilities were caused by insufficient validation of DataSize parameter passed to the UEFI Runtime Services function GetVariable. An attacker could create a specially crafted NVRAM variable, causing buffer overflow of the Data buffer in the second GetVariable call," it added.

Lenovo has also informed customers about Retbleed, a new speculative execution attack impacting devices with Intel and AMD processors. The company has also issued an advisory for a couple of vulnerabilities affecting many products that use the XClarity Controller server management engine. These flaws can allow authenticated users to cause a DoS condition or make unauthorized connections to internal services.

An anonymous reader writes: There are three constants in life: death, taxes and the "lofi hip hop radio -- beats to relax/study to" YouTube stream. That is, until YouTube falsely hit the Lofi Girl channel with a DMCA takedown, bringing the beloved streams offline for the first time in over 2 years. With over 668 million views, the stream was one of YouTube's most popular places for people to go when they wanted to listen to calming, yet engaging music while studying or working. Listeners sometimes used the stream's live chat like an anonymized, distant study group, reminding each other to take breaks and drink water. So when the stream suddenly stopped, fans were worried.

[...] Yesterday, Lofi Girl addressed the sudden takedown in a tweet, stating that "the lofi radios have been taken down because of false copyright strikes." In response, fans of Lofi Girl circulated the tag #BringBackLofiGirl to get YouTube's attention. Some even went as far as to spam and troll FMC Music, the Malaysian label that allegedly issued the false copyright complaint, while others created fan art. Lofi Girl told TechCrunch that all of the channel's music is released through its record label, Lofi Records, so they have the necessary rights to share it. Because Lofi Girl has the proper rights to the music, YouTube determined that the account is not in violation of copyright laws. The platform responded to Lofi Girl on Twitter Monday, saying that the missing livestream videos should be reinstated in 24 to 48 hours.

If past precedent holds true, Lofi Girl's next stream will have to start again from the beginning, rather than as a continuation of the existing 2-year-long stream. In 2020, the channel faced a similar problem when an accidental suspension ended its 13,000-hour stream. In that case, YouTube also owned up to its mistakes and reinstated the account, but the same issues have apparently returned. [...] Today, in YouTube's reply to Lofi Girl, the company said that the takedown requests were "abusive," meaning that they were leveraged as an attack against the channel, rather than out of actual concern for copyright violations. This behavior is incredibly common, but platforms have struggled to determine when these reports are legitimate and when they're unsubstantiated. "This event has shone a light on an underlying problem on the platform: It's 2022, and there are countless smaller creators out there, many of which engaged in this discussion, that continue to be hit daily by these false claims on both videos and livestreams," Lofi Girl wrote in a tweet.

"We're shocked and disappointed to see that there's still not any kind of protection or manual review of these false claims," Lofi Girl wrote on Twitter. "At the end of the day, it was entirely out of our control, and the sad part is that there was no way to appeal beforehand/prevent it from happening."