Several items were stolen from a woman's P.O. box. So she mailed herself a package containing an Apple AirTag, according to the Santa Barbara County Sheriff's office: Her mail was again stolen on Monday morning, including the package with the AirTag that she was able to track.

It is important to note that the victim did not attempt to contact the suspects on her own... The Sheriff's Office would like to commend the victim for her proactive solution, while highlighting that she also exercised appropriate caution by contacting law enforcement to safely and successfully apprehend the suspects.
CNN reports on what the authorities found: The suspected thieves were located in nearby Santa Maria, California, with the victim's mail — including the package containing the AirTag — and other items authorities believe were stolen from more than a dozen victims, according to the sheriff's office. Virginia Franchessca Lara, 27, and Donald Ashton Terry, 37, were arrested in connection with the crime, authorities said.

Lara was booked on felonies including possession of checks with intent to commit fraud, fictitious checks, identity theft, credit card theft and conspiracy, and remains held on a $50,000 bail as of Thursday, jail records show. Terry faces felony charges including burglary, possession of checks with intent to commit fraud, credit card theft, identity theft and conspiracy and was held on a $460,000 bail, according to jail records...

Authorities said they're working on contacting other victims of theft in this case.
Thanks to long-time Slashdot reader schwit1 for sharing the news.

An anonymous reader quotes a report from Electrek: The Biden administration has finalized a plan to expand solar on 31 million acres of federal lands in 11 western states. The proposed updated Western Solar Plan is a roadmap for Bureau of Land Management's (BLM) governance of solar energy proposals and projects on public lands. It bumps up the acreage from the 22 million acres it recommended in January, and this plan adds five additional states -- Idaho, Montana, Oregon, Washington, and Wyoming -- to the six states -- Arizona, California, Colorado, Nevada, New Mexico, and Utah -- analyzed in the original plan.

It would make the public lands available for potential solar development, putting solar farms closer to transmission lines or on previously disturbed lands and avoiding protected lands, sensitive cultural resources, and important wildlife habitats. [...] BLM surpassed its goal of permitting more than 25 gigawatts (GW) of clean energy projects on public lands earlier in 2024. It's permitted 29 GW of projects on public lands -- enough to power over 12 million homes. The Biden administration set the goal to achieve 100% clean electricity on the US grid by 2035.

An anonymous reader quotes a report from Ars Technica, written by Dan Goodin: A judge in Ohio has issued a temporary restraining order against a security researcher who presented evidence that a recent ransomware attack on the city of Columbus scooped up reams of sensitive personal information, contradicting claims made by city officials. The order, issued by a judge in Ohio's Franklin County, came after the city of Columbus fell victim to a ransomware attack on July 18 that siphoned 6.5 terabytes of the city's data. A ransomware group known as Rhysida took credit for the attack and offered to auction off the data with a starting bid of about $1.7 million in bitcoin. On August 8, after the auction failed to find a bidder, Rhysida released what it said was about 45 percent of the stolen data on the group's dark web site, which is accessible to anyone with a TOR browser.

Columbus Mayor Andrew Ginther said on August 13 that a "breakthrough" in the city's forensic investigation of the breach found that the sensitive files Rhysida obtained were either encrypted or corrupted, making them "unusable" to the thieves. Ginther went on to say the data's lack of integrity was likely the reason the ransomware group had been unable to auction off the data. Shortly after Ginther made his remarks, security researcher David Leroy Ross contacted local news outlets and presented evidence that showed the data Rhysida published was fully intact and contained highly sensitive information regarding city employees and residents. Ross, who uses the alias Connor Goodwolf, presented screenshots and other data that showed the files Rhysida had posted included names from domestic violence cases and Social Security numbers for police officers and crime victims. Some of the data spanned years.

On Thursday, the city of Columbus sued Ross (PDF) for alleged damages for criminal acts, invasion of privacy, negligence, and civil conversion. The lawsuit claimed that downloading documents from a dark web site run by ransomware attackers amounted to him "interacting" with them and required special expertise and tools. The suit went on to challenge Ross alerting reporters to the information, which ii claimed would not be easily obtained by others. "Only individuals willing to navigate and interact with the criminal element on the dark web, who also have the computer expertise and tools necessary to download data from the dark web, would be able to do so," city attorneys wrote. "The dark web-posted data is not readily available for public consumption. Defendant is making it so." The same day, a Franklin County judge granted the city's motion for a temporary restraining order (PDF) against Ross. It bars the researcher "from accessing, and/or downloading, and/or disseminating" any city files that were posted to the dark web. The motion was made and granted "ex parte," meaning in secret before Ross was informed of it or had an opportunity to present his case.

The Pidgin messaging app removed the ScreenShareOTR plugin from its third-party plugin list after it was found to be used to install keyloggers, information stealers, and malware targeting corporate networks. BleepingComputer reports: The plugin was promoted as a screen-sharing tool for secure Off-The-Record (OTR) protocol and was available for both Windows and Linux versions of Pidgin. According to ESET, the malicious plugin was configured to infect unsuspecting users with DarkGate malware, a powerful malware threat actors use to breach networks since QBot's dismantling by the authorities. [...] Those who installed it are recommended to remove it immediately and perform a full system scan with an antivirus tool, as DarkGate may be lurking on their system.

After publishing our story, Pidgin's maintainer and lead developer, Gary Kramlich, notified us on Mastodon to say that they do not keep track of how many times a plugin is installed. To prevent similar incidents from happening in the future, Pidgin announced that, from now on, it will only accept third-party plugins that have an OSI Approved Open Source License, allowing scrutiny into their code and internal functionality.

An anonymous reader quotes a report from Gizmodo: Thousands of Tennesseans were illegally denied Medicaid and other benefits due to programming and data errors in an algorithmic system the state uses to determine eligibility for low-income residents and people with disabilities, a U.S. District Court judge ruled this week. The TennCare Connect system -- built by Deloitte and other contractors for more than $400 million -- is supposed to analyze income and health information to automatically determine eligibility for benefits program applicants. But in practice, the system often doesn't load the appropriate data, assigns beneficiaries to the wrong households, and makes incorrect eligibility determinations, according to the decision (PDF) from Middle District of Tennessee Judge Waverly Crenshaw Jr.

"When an enrollee is entitled to state-administered Medicaid, it should not require luck, perseverance, and zealous lawyering for him or her to receive that healthcare coverage," Crenshaw wrote in his opinion. The decision was a result of a class action lawsuit filed in 2020 on behalf of 35 adults and children who were denied benefits. [...] ]Crenshaw found that TennCare Connect did not consider whether applicants were eligible for all available programs before it terminated their coverage. Deloitte was a major beneficiary of the nationwide modernization effort, winning contracts to build automated eligibility systems in more than 20 states, including Tennessee and Texas. Advocacy groups have asked (PDF) the Federal Trade Commission to investigate Deloitte's practices in Texas, where they say thousands of residents are similarly being inappropriately denied life-saving benefits by the company's faulty systems.

A recent indictment (PDF) of an Alaska man stands out due to the sophisticated use of multiple encrypted communication tools, privacy-focused apps, and dark web technology. "I've never seen anyone who, when arrested, had three Samsung Galaxy phones filled with 'tens of thousands of videos and images' depicting CSAM, all of it hidden behind a secrecy-focused, password-protected app called 'Calculator Photo Vault,'" writes Ars Technica's Nate Anderson. "Nor have I seen anyone arrested for CSAM having used all of the following: [Potato Chat, Enigma, nandbox, Telegram, TOR, Mega NZ, and web-based generative AI tools/chatbots]." An anonymous reader shares the report: According to the government, Seth Herrera not only used all of these tools to store and download CSAM, but he also created his own -- and in two disturbing varieties. First, he allegedly recorded nude minor children himself and later "zoomed in on and enhanced those images using AI-powered technology." Secondly, he took this imagery he had created and then "turned to AI chatbots to ensure these minor victims would be depicted as if they had engaged in the type of sexual contact he wanted to see." In other words, he created fake AI CSAM -- but using imagery of real kids.

The material was allegedly stored behind password protection on his phone(s) but also on Mega and on Telegram, where Herrera is said to have "created his own public Telegram group to store his CSAM." He also joined "multiple CSAM-related Enigma groups" and frequented dark websites with taglines like "The Only Child Porn Site you need!" Despite all the precautions, Herrera's home was searched and his phones were seized by Homeland Security Investigations; he was eventually arrested on August 23. In a court filing that day, a government attorney noted that Herrera "was arrested this morning with another smartphone -- the same make and model as one of his previously seized devices."

The government is cagey about how, exactly, this criminal activity was unearthed, noting only that Herrera "tried to access a link containing apparent CSAM." Presumably, this "apparent" CSAM was a government honeypot file or web-based redirect that logged the IP address and any other relevant information of anyone who clicked on it. In the end, given that fatal click, none of the "I'll hide it behind an encrypted app that looks like a calculator!" technical sophistication accomplished much. Forensic reviews of Herrera's three phones now form the primary basis for the charges against him, and Herrera himself allegedly "admitted to seeing CSAM online for the past year and a half" in an interview with the feds.

Most of the attention today has been focused on California's controversial "kill switch" AI safety bill, which passed the California State Assembly by a 45-11 vote. However, California legislators passed another tech bill this week which requires internet browsers and mobile operating systems to offer a simple tool for consumers to easily opt out of data sharing and selling for targeted advertising. Slashdot reader awwshit shares a report from The Record: The state's Senate passed the landmark legislation after the General Assembly approved it late Wednesday. The Senate then added amendments to the bill which now goes back to the Assembly for final sign off before it is sent to the governor's desk, a process Matt Schwartz, a policy analyst at Consumer Reports, called a "formality." California, long a bellwether for privacy regulation, now sets an example for other states which could offer the same protections and in doing so dramatically disrupt the online advertising ecosystem, according to Schwartz.

"If folks use it, [the new tool] could severely impact businesses that make their revenue from monetizing consumers' data," Schwartz said in an interview with Recorded Future News. "You could go from relatively small numbers of individuals taking advantage of this right now to potentially millions and that's going to have a big impact." As it stands, many Californians don't know they have the right to opt out because the option is invisible on their browsers, a fact which Schwartz said has "artificially suppressed" the existing regulation's intended effects. "It shouldn't be that hard to send the universal opt out signal," Schwartz added. "This will require [browsers and mobile operating systems] to make that setting easy to use and find."

An anonymous reader quotes a report from Ars Technica: A controversial bill aimed at enforcing safety standards for large artificial intelligence models has now passed the California State Assembly by a 45-11 vote. Following a 32-1 state Senate vote in May, SB-1047 now faces just one more procedural state senate vote before heading to Governor Gavin Newsom's desk. As we've previously explored in depth, SB-1047 asks AI model creators to implement a "kill switch" that can be activated if that model starts introducing "novel threats to public safety and security," especially if it's acting "with limited human oversight, intervention, or supervision." Some have criticized the bill for focusing on outlandish risks from an imagined future AI rather than real, present-day harms of AI use cases like deep fakes or misinformation. [...]

If the Senate confirms the Assembly version as expected, Newsom will have until September 30 to decide whether to sign the bill into law. If he vetoes it, the legislature could override with a two-thirds vote in each chamber (a strong possibility given the overwhelming votes in favor of the bill). At a UC Berkeley Symposium in May, Newsom said he worried that "if we over-regulate, if we overindulge, if we chase a shiny object, we could put ourselves in a perilous position." At the same time, Newsom said those over-regulation worries were balanced against concerns he was hearing from leaders in the AI industry. "When you have the inventors of this technology, the godmothers and fathers, saying, 'Help, you need to regulate us,' that's a very different environment," he said at the symposium. "When they're rushing to educate people, and they're basically saying, 'We don't know, really, what we've done, but you've got to do something about it,' that's an interesting environment." Supporters of the AI safety bill include state senator Scott Weiner and AI experts including Geoffrey Hinton and Yoshua Bengio. Bengio supports the bill as a necessary step for consumer protection and insists that AI should not be self-regulated by corporations, akin to other industries like pharmaceuticals and aerospace.

Stanford professor Fei-Fei Li opposes the bill, arguing that it could have harmful effects on the AI ecosystem by discouraging open-source collaboration and limiting academic research due to the liability placed on developers of modified models. A group of business leaders also sent an open letter Wednesday urging Newsom to veto the bill, calling it "fundamentally flawed."

A U.S. appeals court has revived a lawsuit against TikTok over a child's death, potentially limiting tech companies' legal shield under Section 230. The 3rd U.S. Circuit Court of Appeals ruled that the law does not protect TikTok from claims that its algorithm recommended a deadly "blackout challenge" to a 10-year-old girl.

Judge Patty Shwartz wrote that Section 230 only immunizes third-party content, not recommendations made by TikTok's own algorithm. The decision marks a departure from previous rulings, citing a recent Supreme Court opinion that platform algorithms reflect "editorial judgments." This interpretation could significantly impact how courts apply Section 230 to social media companies' content curation practices.

An anti-piracy coalition comprised of major studios in the U.S. and across the globe is claiming victory against Fmovies, a significant streaming operation based in Vietnam. From a report: On Thursday the Alliance for Creativity and Entertainment revealed that it had worked with Hanoi police to shutter Fmovies and affiliated sites, which together made up "the largest pirate streaming operation in the world," according to the organization. With sites including bflixz, flixtorz, movies7, myflixer, and aniwave in addition to Fmovies, the operation attracted more than 6.7 billion visits between January 2023 and June 2024, ACE says.

The effort also shut down video hosting provider Vidsrc.to and its affiliated sites, which were "operated by the same suspects," per ACE. Two Vietnamese men were arrested by Hanoi police in connection with Fmovies and have yet to be charged. Charles Rivkin, the chairman and CEO of Hollywood trade group the Motion Picture Association and the chairman of ACE, called the action "a stunning victory for casts, crews, writers, directors, studios, and the creative community across the globe" in a statement. His colleague Larissa Knapp, evp and chief content protection officer for the MPA, said the takedown sent a "powerful deterrent message."

Yelp has filed an antitrust lawsuit against Google, accusing the search giant of maintaining its local search monopoly by preferencing its own services over competitors, harming competition and reducing quality. "Yelp claims that the way Google directs users toward its own local search vertical from its general search engine results page should be considered illegal tying of separate products to keep rivals from reaching scale," adds The Verge. From the report: Yelp wants the court to order Google to stop the allegedly anticompetitive conduct and to pay it damages. It demanded a jury trial and filed the suit in the Northern District of California, where a different jury found that Google had an illegal monopoly through its app store in its fight against Epic Games.

The company was emboldened to bring its own lawsuit against Google after the DOJ's win in its antitrust case about the company's allegedly exclusionary practices around the distribution of search services. Yelp CEO Jeremy Stoppelman told The New York Times that following that decision, "the winds on antitrust have shifted dramatically." Previously, he told the Times, he'd hesitated to bring a suit because of the resources it would require and because he saw it as the government's job to enforce the antitrust laws. "Yelp's claims are not new," Google spokesperson Peter Schottenfels said in a statement. "Similar claims were thrown out years ago by the FTC, and recently by the judge in the DOJ's case. On the other aspects of the decision to which Yelp refers, we are appealing. Google will vigorously defend against Yelp's meritless claims."

Three former Backpage executives, including co-founder Michael Lacey, were sentenced to prison for promoting prostitution and laundering money while disguising their activities as a legitimate classified business. The Associated Press reports: A jury convicted Lacey, 76, of a single count of international concealment money laundering last year, but deadlocked on 84 other prostitution facilitation and money laundering charges. U.S. District Judge Diane Humetewa later acquitted Lacey of dozens of charges for insufficient evidence, but he still faces about 30 prostitution facilitation and money laundering charges. Authorities say the site generated $500 million in prostitution-related revenue from its inception in 2004 until it was shut down by the government in 2018.

Lacey's lawyers say their client was focused on running an alternative newspaper chain and wasn't involved in day-to-day operations of Backpage. But Humetewa told Lacey during Wednesday's sentencing he was aware of the allegations against Backpage and did nothing. "In the face of all this, you held fast," Humetewa said. "You didn't do a thing." Two other Backpage executives, Chief Financial Officer John Brunst and Executive Vice President Scott Spear, also were convicted last year and were each sentenced on Wednesday to 10 years in prison. The judge ordered Lacey and the two executives to report to the U.S. Marshals Service in two weeks to start serving their sentences.

An anonymous reader shares a report: Following the arrest of Telegram CEO and co-founder Pavel Durov Saturday, the 39-year-old billionaire, Drov has been indicted on multiple charges after appearing in front of a Paris Court on Wednesday. He has been indicted on charges of Complicity in the administration of an online platform to enable an illicit transaction, by an organized gang. This charge carries a maximum penalty of 10 years imprisonment and a fine of $555,000.

He was also indicted on charges of refusal to communicate at the request of authorities; Complicity in the offenses in particular of making available without legitimate reason a program or data designed to an attack on an automated data processing system, organized gang dissemination of images of minors of a child pornography nature, drug trafficking, organized gang fraud, criminal conspiracy with a view to committing crimes or offenses; Laundering of crimes or offenses by organized games; Provision of cryptology services aimed at ensuring confidentiality functions without compliant declaration. Durov has been placed under judicial supervision with an obligation to provide a deposit of 5 million euros and he must report to the police station twice a week and is banned from leaving France. From earlier today: Telegram CEO Released By Police, Transferred To Court For Possible Indictment.

Telegram CEO Pavel Durov is heading to court for a possible indictment after being released from police custody, authorities in France said on Wednesday. From a report: "An investigating judge has ended Pavel Durov's police custody and will have him brought to court for a first appearance and a possible indictment," according to a statement from the Paris prosecutor's office that was quoted in an Associated Press article. Durov was arrested in Paris on Saturday and questioned by police for several days. The French investigative judge will "decide whether to place him under formal investigation following his arrest as part of a probe into organized crime on the messaging app," Reuters wrote today.

"Being placed under formal investigation in France does not imply guilt or necessarily lead to trial, but indicates that judges consider there is enough to the case to proceed with the probe. Investigations can last years before being sent to trial or shelved," Reuters wrote. The judge's decision on a formal investigation is expected today, the article said. On Monday, prosecutor Laure Beccuau issued a statement saying Durov was arrested "in the context of a judicial investigation" into a "person unnamed." The wording leaves open the possibility that the unnamed person is someone else, but the prosecutor's statement listed a raft of potential charges that may indicate what Durov could be charged with. Update: Telegram CEO Indicted in Paris Court .

Device manufacturers across multiple industries are lobbying against proposed legislation that would require military contractors to provide the U.S. military with easier access to repair materials and information, according to a document obtained by 404 Media.

The legislation, Section 828 of the Defense Reauthorization Act, aims to address the military's current inability to repair equipment ranging from fighter jets to Navy battleships without relying on contractors. Sen. Elizabeth Warren highlighted the issue in a May hearing, citing examples of how repair restrictions lead to increased costs and operational delays for the Department of Defense.

The lobbying effort extends beyond military contractors to include organizations representing industries such as irrigation equipment, motorcycles, tractors, plumbing, medical devices, and consumer technology. In a letter to lawmakers, these groups argue that the legislation would impose significant burdens on contractors and undermine existing technical data rights statutes.

U.S. Securities and Exchange Commission (SEC) has issued a Wells notice to OpenSea, the leading non-fungible token (NFT) marketplace, threatening legal action over alleged securities violations. The SEC contends that NFTs traded on OpenSea's platform may constitute securities, a move that could have far-reaching implications for the digital art and collectibles industry. OpenSea CEO Devin Finzer denounced the SEC's action as an overreach that could stifle innovation and harm creators. The company pledged $5 million to cover legal fees for NFT creators and developers who receive Wells notices.

An anonymous reader quotes a report from Electrek: Over 192,000 publicly available charging ports are now online, and approximately 1,000 new chargers are being added each week. To build on this momentum, the federal government has awarded $521 million in grants to further expand the national network, with new chargers being deployed across 29 states, two Federally Recognized Tribes, and the District of Columbia.

The $521 million investment is divided into two key areas: 41 community projects ($321 million) and 10 corridor fast-charging projects ($200 million). The grant awards also support President Biden's Justice40 Initiative, which aims for 40% of the overall benefits of federal investments to flow to disadvantaged communities, with over half of the funding going to sites in disadvantaged communities. US Transportation Secretary Pete Buttigieg emphasized the importance of this initiative, stating, "The Biden-Harris Administration has been clear about America leading the EV revolution, and thanks to the historic [Bipartisan Infrastructure Law] package, we're building a nationwide EV charger network to make sure all drivers have an accessible, reliable, and convenient way to charge their vehicles."

ole_timer shares a report from Ars Technica, written by Beth Mole There's more bad news for the company behind an experimental MDMA therapy for post-traumatic stress disorder, which the Food and Drug Administration roundly rejected earlier this month. According to a report from The Wall Street Journal, the FDA is now expanding an investigation into clinical trials behind the experimental psychedelic therapy -- even though the agency has already rejected it. Agency investigators reportedly interviewed four additional people last week, asking questions regarding whether the trials underreported side effects.

People involved in the trial have previously alleged, among other things, that ill effects, such as suicidal thoughts, went undocumented, and trial participants were discouraged from reporting them to bolster the chances of FDA approval. Overall, the MDMA trials faced crushing criticism amid the FDA's review, with outside experts and agency advisers calling out allegations of sexual misconduct at one trial site, as well as flaws in overall trial designs, multiple sources of biases, and claims that the company behind the therapy, Lykos, fostered a cult-like belief in psychedelics.

According to the Journal, the recent interviews were being conducted by the FDA's Office of Regulatory Affairs, which oversees inspections, and a subdivision of that office called Biomedical Research Monitoring Program, which works to ensure the quality and integrity of data submitted to FDA. Notably, when the agency rejected MDMA, it advised Lykos to conduct a new trial. While the FDA's rejection and expanded investigation are bad enough for Lykos, the company announced this month that it's laying off 75 percent of its staff and overhauling its leadership. The moves were in response to the FDA's rejections, the company said. Additionally, a scientific journal retracted three of the company's MDMA studies, citing "protocol violations amounting to unethical conduct" in its trials, echoing claims raised amid the FDA review.

In a letter to the House Judiciary Committee, Meta CEO Mark Zuckerberg expressed regret for not being more vocal about "government pressure" to censor COVID-19-related content. He also acknowledged that Meta shouldn't have demoted a New York Post story about President Biden's family before the 2020 election. The Hill reports: Zuckerberg said senior Biden administration officials "repeatedly pressured" Meta, the parent company of Facebook and Instagram, to "censor" content in 2021. "I believe the government pressure was wrong, and I regret that we were not more outspoken," he wrote to House Judiciary Chair Jim Jordan (R-Ohio). "Like I said to our teams at the time, I feel strongly that we should not compromise our content standards due to pressure from any Administration in either direction -- and we're ready to push back if something like this happens again," Zuckerberg added.

The Meta CEO also said the company "shouldn't have demoted" a New York Post story about corruption allegations involving President Biden's family ahead of the 2020 election while waiting for fact-checkers to review it. The social media company has since updated its policies and processes, including no longer demoting content in the U.S. while waiting for fact-checkers, he noted. Zuckerberg also said in Monday's letter that he does not plan to make contributions to local jurisdictions to support election infrastructure this cycle, like he did during the 2020 election.

The contributions, which were "designed to be non-partisan," were accused of being unfairly distributed between left-leaning and right-leaning areas and labeled "Zuckerbucks" by Republicans. "Still, despite the analyses I've seen showing otherwise, I know that some people believe this work benefited one party over the other," Zuckerberg said. "My goal is to be neutral and not play a role one way or another -- or to even appear to be playing a role." House Judiciary Republicans touted the letter as a "big win for free speech," writing on X: "Mark Zuckerberg just admitted three things: 1. Biden-Harris Admin 'pressured' Facebook to censor Americans. 2. Facebook censored Americans. 3. Facebook throttled the Hunter Biden laptop story."

"Mark Zuckerberg also tells the Judiciary Committee that he won't spend money this election cycle. That's right, no more Zuck-bucks. Huge win for election integrity," it added.

OpenAI said in a letter that it supports California bill AB 3211, which requires tech companies to label AI-generated content. Reuters reports: San Francisco-based OpenAI believes that for AI-generated content, transparency and requirements around provenance such as watermarking are important, especially in an election year, according to a letter sent to California State Assembly member Buffy Wicks, who authored the bill. "New technology and standards can help people understand the origin of content they find online, and avoid confusion between human-generated and photorealistic AI-generated content," OpenAI Chief Strategy Officer Jason Kwon wrote in the letter, which was reviewed by Reuters.

AB 3211 has already passed the state Assembly by a 62-0 vote. Earlier this month it passed the senate appropriations committee, setting it up for a vote by the full state Senate. If it passes by the end of the legislative session on Aug. 31, it would advance to Governor Gavin Newsom to sign or veto by Sept. 30.