An anonymous reader quotes a report from Motherboard: Crime and neighborhood watch app Citizen has ambitions to deploy private security workers to the scene of disturbances at the request of app users, according to leaked internal Citizen documents and Citizen sources. The plans mark a dramatic expansion of Citizen's purview. It is currently an app where users report "incidents" in their neighborhoods and, based on those reports and police scanner transcriptions, the app sends "real-time safety alerts" to users about crime and other incidents happening near where a user is located. It is essentially a mapping app that allows users to both report and learn about crime (or what users of the app perceive to be crime) in their neighborhood. The introduction of in-person, private security forces drastically alters the service, and potential impact, that Citizen may offer in the future, and provides more context as to why a Citizen-branded vehicle has been spotted driving around Los Angeles. The news comes after Citizen offered a $30,000 bounty against a person it falsely accused of starting a wildfire.

In short, the product, described as "security response" in internal emails, would have Citizen send a car with private security forces to an app user, according to the former employee. A private security company working with Citizen would provide the response staff, the former employee added. A second Citizen source confirmed this description of the service. Citizen has been actively testing the program, with what the company describes as quick response times and instant communication between Citizen and security partners, according to the emails.

Currently, Citizen offers a subscription product called "Protect," which costs $19.99 per month. Protect sends a user's location to a Citizen employee when it's turned on, can stream video to a "Protect agent" when activated using a safeword, and is pitched to users as a "digital bodyguard." Protect also advertises "Instant emergency response to your exact location," and says "Live monitoring means you never have to walk alone." It is not clear if the private security response would be tied to Protect or another service. A Citizen spokesperson told Motherboard that "LAPS offers a personal rapid response service that we are testing internally with employees as a small test. For example, if someone would like an escort to walk them home late at night, they can request this service. We have spoken with various partners in designing this pilot project." They declined to answer other questions from Motherboard.

Amazon said on Tuesday it is extending a moratorium on police use of its facial recognition software. The company imposed the ban last year after the murder of George Floyd by law enforcement in June 2020. Reuters reports: Civil liberties advocates have long warned that inaccurate face matches by law enforcement could lead to unjust arrests, as well as to a loss of privacy and chilled freedom of expression. Amazon's extension, which Reuters was first to report, underscores how facial recognition remains a sensitive issue for big companies. The world's largest online retailer did not comment on the reason for its decision. Last year, it said it hoped Congress would put in place rules to ensure ethical use of the technology, though no such law has materialized. Amazon also faced calls this month from activists who wanted its software ban to be permanent.

Slashdot reader quonset writes: To this day no one is sure why he did it, but in 1989 a Harvard-taught evolutionary biologist named Joseph Popp mailed out 20,000 floppy discs with malware on them to people around the world. At the time he was doing research into AIDS and the discs had been sent to attendees of the World Health Organization's AIDS conference in Stockholm.

Eddy Willems was working for an insurance company in Belgium and his boss asked him to see what was on the disc...
CNN picks up the story: Willems was expecting to see medical research when the disc's contents loaded. Instead he became a victim of the first act of ransomware — more than 30 years before the ransomware attack on the US Colonial Pipeline... A few days after inserting the disc, Willems' computer locked and a message appeared demanding that he send $189 in an envelope to a PO Box in Panama. "I didn't pay the ransom or lose any data because I figured out how to reverse the situation," he told CNN Business.

He was one of the lucky ones: Some people lost their life's work.

"I started to get calls from medical institutions and organizations asking how I got around it," said Willems, who is now a cybersecurity expert at G Data, which developed the world's first commercial antivirus solution in 1987. "The incident created a lot of damage back in those days. People lost a lot of work. It was not a marginal thing — it was a big thing, even then...." It's unclear if any people or organizations paid the ransom.
CSO reports that Popp was eventually arrested and charged with multiple counts of blackmail after law enforcement identified him as the owner of the P.O. box where the ransom checks were to be sent.

CNN adds that "One of the biggest problems about ransomware nowadays is that ransoms are often paid with cryptocurrency, such as bitcoin, which is exchanged anonymously and not traceable."

A ransomware attack affecting a pipeline that supplies 45% of the fuel supplies for the Eastern U.S. has now led U.S. president Biden to declare a regional emergency providing "regulatory relief" to expand fuel delivery by other routes.

Axios reports: Friday night's cyberattack is "the most significant, successful attack on energy infrastructure" known to have occurred in the U.S., notes energy researcher Amy Myers Jaffe, per Politico. It follows other significant cyberattacks on the federal government and U.S. companies in recent months... 5,500 miles of pipeline have been shut down in response to the attack.
The BBC reports: Experts say fuel prices are likely to rise 2-3% on Monday, but the impact will be far worse if it goes on for much longer... Colonial Pipeline said it is working with law enforcement, cyber-security experts and the Department of Energy to restore service. On Sunday evening it said that although its four mainlines remain offline, some smaller lateral lines between terminals and delivery points are now operational...

Independent oil market analyst Gaurav Sharma told the BBC there is a lot of fuel now stranded at refineries in Texas. "Unless they sort it out by Tuesday, they're in big trouble," said Sharma. "The first areas to be impacted would be Atlanta and Tennessee, then the domino effect goes up to New York..." The temporary waiver issued by the Department of Transportation enables oil products to be shipped in tankers up to New York, but this would not be anywhere near enough to match the pipeline's capacity, Mr Sharma warned.
UPDATE (5/10): "On Monday, U.S. officials sought to soothe concerns about price spikes or damage to the economy by stressing that the fuel supply had so far not been disrupted," reports the Associated Press, "and the company said it was working toward 'substantially restoring operational service' by the weekend."

CNN reports that a criminal group originating from Russia named DarkSide "is believed to be responsible for a ransomware cyberattack on the Colonial Pipeline, according to a former senior cyber official. DarkSide typically targets non-Russian speaking countries, the source said... Bloomberg and The Washington Post have also reported on DarkSide's purported involvement in the cyberattack..."

If so, NBC News adds some sobering thoughts: Although Russian hackers often freelance for the Kremlin, early indications suggest this was a criminal scheme — not an attack by a nation state, the sources said. But the fact that Colonial had to shut down the country's largest gasoline pipeline underscores just how vulnerable American's cyber infrastructure is to both criminals and national adversaries, such as Russia, China and Iran, experts say. "This could be the most impactful ransomware attack in history, a cyber disaster turning into a real-world catastrophe," said Andrew Rubin, CEO and co-founder of Illumio, a cyber security firm...

If the culprit turns out to be a Russian criminal group, it will underscore that Russia gives free reign to criminal hackers who target the West, said Dmitri Alperovitch, co-founder of the cyber firm CrowdStrike and now executive chairman of a think tank, the Silverado Policy Accelerator. "Whether they work for the state or not is increasingly irrelevant, given Russia's obvious policy of harboring and tolerating cyber crime," he said.
Citing multiple sources, the BBC reports that DarkSide "infiltrated Colonial's network on Thursday and took almost 100GB of data hostage. After seizing the data, the hackers locked the data on some computers and servers, demanding a ransom on Friday. If it is not paid, they are threatening to leak it onto the internet... "

The BBC also shares some thoughts from Digital Shadows, a London-based cyber-security firm that tracks global cyber-criminal groups to help enterprises limit their exposure online: Digital Shadows thinks the Colonial Pipeline cyber-attack has come about due to the coronavirus pandemic — the rise of engineers remotely accessing control systems for the pipeline from home. James Chappell, co-founder and chief innovation officer at Digital Shadows, believes DarkSide bought account login details relating to remote desktop software like TeamViewer and Microsoft Remote Desktop.

He says it is possible for anyone to look up the login portals for computers connected to the internet on search engines like Shodan, and then "have-a-go" hackers just keep trying usernames and passwords until they get some to work.

"We're seeing a lot of victims now, this is seriously a big problem now," said Mr Chappell.

NBC News reports more than 440 Americans have now been charged with storming the U.S. Capitol building on January 6th, with charges now filed against people from 44 of America's 50 states. They describe it as "one of the largest criminal investigations in American history." The largest number come from Texas, Pennsylvania, and Florida, in that order. Men outnumber women among those arrested by 7 to 1, with an average age of 39, according to figures compiled by the Program on Extremism at George Washington University in Washington, D.C. A total of 44 are military veterans.
Hundreds of arrests happened because rioters later bragged online: In nearly 90 percent of the cases, charges have been based at least in part on a person's own social media accounts.

A New York man, Robert Chapman, bragged on the dating app Bumble that he'd been in the Capitol during the riot. The person he was seeking to date responded, "We are not a match," and notified the FBI.
In fact, the investigative agency has now received "hundreds of thousands" of tips from the public, and has even posted photos of people who participated in the riots online asking for the public's help to identify them.

But NBC also reports that technology is being used to identify participants:

• "Investigators have also used facial recognition software, comparing images from surveillance cameras and an outpouring of social media and news agency videos against photo databases of the FBI and at least one other federal agency, Customs and Border Protection, according to court documents."

• Investigators "have also subpoenaed records from companies providing cellphone service, allowing agents to tell whether a specific person's phone was inside the Capitol during the siege."

Video site LiveLeak, best known for hosting gruesome footage that mainstream rivals wouldn't touch, has shut down after fifteen years in operation. In its place is "ItemFix," a site that bans users from uploading media containing "excessive violence or gory content." The Verge reports: In a blog post, LiveLeak founder Hayden Hewitt did not give an explicit reason for the site's closure, saying only that: "The world has changed a lot over these last few years, the Internet alongside it, and we as people." In a video posted on his YouTube channel Trigger Warning, Hewitt offered no further details, but said that maintaining LiveLeak had become a struggle, and that he and his team "just didn't have it in us to carry on fighting." "Everything's different now, everything moves on," says Hewitt, before adding in an aside to the camera: "I don't fucking like it. I liked it much better when it was the Wild West."

LiveLeak has been a mainstay of internet culture for many years, its name synonymous with footage of murder, terrorism, and everyday incidents of crime and violence. A sinister doppelganger to sites like YouTube, LiveLeak was founded in 2006 and grew out of a culture of early internet "shock sites" like Ogrish, Rotten.com, and BestGore: websites that hosted violent and pornographic content with the express aim of disgusting visitors.

[D]emand for such extreme content will always exist, even if individual sites like LiveLeak come and go. In his farewell blog post, the site's founder Hayden Hewitt emphasized the importance of the site's community. "To the members, the uploaders, the casual visitors, the trolls and the occasionally demented people who have been with us. You have been our constant companions and although we probably didn't get to communicate too often you're appreciated more than you realize," he writes. "On a personal level you have fascinated and amused me with your content. Lastly, to those no longer with us. I still remember you."

Business Insider reports: Former Netflix vice president of IT Michael Kail was convicted by a federal jury on Friday of 28 counts of fraud and money laundering, the U.S. Department of Justice announced in a press release.

Kail, who was indicted in 2018, used his position to create a "pay-to-play" scheme where he approved contracts with outside tech companies looking to do business with Netflix in exchange for taking bribes and kickbacks, according to evidence presented to the jury, the release said. Kail accepted bribes or kickbacks from nine different companies totaling more than $500,000 as well as stock options, according to the Department of Justice's press release...

Netflix sued Kail after he left the company in 2014 to take a role as Yahoo's CIO, accusing him of fraud and breaching his fiduciary duties.
One FBI agent says that Kail "stole the opportunity to work with an industry pioneer from honest, hardworking, Silicon Valley companies," according to the details in the Department of Justice statement: To facilitate kickback payments, the evidence at trial showed that Kail created and controlled a limited liability corporation called Unix Mercenary, LLC. Established on February 7, 2012, Unix Mercenary had no employees and no business location. Kail was the sole signatory to its bank accounts...

Kail faces a maximum sentence of twenty years in prison and a fine of $250,000, or twice his gross gain or twice the gross loss to Netflix, whichever is greater, for each count of a wire or mail fraud conviction, and ten years in prison and a fine of $250,000 for each count of a money laundering conviction.

An anonymous reader quotes a report from Wired: For a decade, Bitcoin Fog has offered to obscure the source and destination of its customers' cryptocurrency, making it one of the most venerable institutions in the dark web economy. Now the IRS says it has finally identified the Russian-Swedish administrator behind that long-running anonymizing system and charged him with laundering hundreds of millions of dollars worth of bitcoins, much of which was sent to or from dark web drug markets. What gave him away? The trail of his own decade-old digital transactions.

US authorities on Tuesday arrested Roman Sterlingov in Los Angeles, according to court records, and charged him with laundering more than 1.2 million bitcoins -- worth $336 million at the times of the payments -- over the 10 years that he allegedly ran Bitcoin Fog. According to the IRS criminal investigations division, Sterlingov, a citizen of Russia and Sweden, allowed users to blend their transactions with those of others to prevent anyone examining the Bitcoin blockchain from tracing any individual's payments. He took commissions on those transactions of 2 to 2.5 percent. In total, the IRS calculates, Sterlingov allegedly took home roughly $8 million worth of bitcoin through the service, based on exchange rates at the times of each transaction. That's before factoring in Bitcoin's massive appreciation over the past decade. Ironically, it appears that the 2011 transactions Sterlingov allegedly used to set up Bitcoin Fog's server hosting are what put the IRS on his trail. Of the $336 million the complaint accuses Bitcoin Fog of laundering, at least $78 million passed through the service to various narcotics-selling dark web markets like the Silk Road, Agora, and AlphaBay over the years that followed. The IRS also appears to have used undercover agents in 2019 to transact with Bitcoin Fog, in one case sending messages to Bitcoin Fog's administrator that explicitly stated that they hoped to launder proceeds from selling ecstasy. Bitcoin Fog completed that user's transactions without a response.

Most remarkable, however, is the IRS's account of tracking down Sterlingov using the very same sort of blockchain analysis that his own service was meant to defeat. The complaint outlines how Sterlingov allegedly paid for the server hosting of Bitcoin Fog at one point in 2011 using the now-defunct digital currency Liberty Reserve. It goes on to show the blockchain evidence that identifies Sterlingov's purchase of that Liberty Reserve currency with bitcoins: He first exchanged euros for the bitcoins on the early cryptocurrency exchange Mt. Gox, then moved those bitcoins through several subsequent addresses, and finally traded them on another currency exchange for the Liberty Reserve funds he'd use to set up Bitcoin Fog's domain. Based on tracing those financial transactions, the IRS says, it then identified Mt. Gox accounts that used Sterlingov's home address and phone number, and even a Google account that included a Russian-language document on its Google Drive offering instructions for how to obscure Bitcoin payments. That document described exactly the steps Sterlingov allegedly took to buy the Liberty Reserve funds he'd used.

An anonymous reader quotes a report from Gizmodo: A Maryland defense attorney has decided to challenge the conviction of one of his clients after it was recently discovered that the phone cracking product used in the case, produced by digital forensics firm Cellebrite, has severe cybersecurity flaws that could make it vulnerable to hacking. Ramon Rozas, who has practiced law for 25 years, told Gizmodo that he was compelled to pursue a new trial after reading a widely shared blog post written by the CEO of the encryption chat app Signal, Moxie Marlinspike. It was just about a week ago that Marlinspike brutally dunked on Cellebrite -- writing, in a searing takedown, that the company's products lacked basic "industry-standard exploit mitigation defenses," and that security holes in its software could easily be exploited to manipulate data during cell phone extraction.

Given the fact that Cellebrite's extraction software is used by law enforcement agencies the world over, questions have naturally emerged about the integrity of investigations that used the tech to secure convictions. For Rozas, the concerns center around the fact that "Cellebrite evidence was heavily relied upon" to convict his client, who was charged in relation to an armed robbery. The prosecution's argument essentially turned on that data, which was extracted from the suspect's phone using the company's tools. In a motion recently filed, Rozas argued that because "severe defects" have since been uncovered about the technology, a "new trial should be ordered so that the defense can examine the report produced by the Cellebrite device in light of this new evidence, and examine the Cellebrite device itself." "I think it's going to take a while to figure out what the exact legal ramifications of this are," says Megan Graham, a Clinical Supervising Attorney at the Samuelson Law, Technology & Public Policy Clinic with Berkeley Law School. "I don't know how likely it is that cases would be thrown out," she said, adding that a person who has already been convicted would likely have to "show that someone else identified this vulnerability and exploited it at the time" -- not an especially easy task.

"Going forward, I think it's just hard to tell," Graham said. "We now know that this vulnerability exists, and it creates concerns about the security of Cellebrite devices and the integrity of evidence." But there's a lot that we don't know, she emphasized. Among Graham's concerns, she said that "we don't know if the vulnerability is being exploited," and that makes it difficult to discern when it could become an issue in past cases. "I think there will be cases where defense attorneys are able to get judges engaged [on this issue]. They will present the security concerns, worries about manipulated evidence, and it might be persuasive. I think there will be a wide array of responses when it comes to how this plays out in cases," she said.

An anonymous reader quotes a report from Motherboard: A mansion owned by Feras Antoon, a Pornhub executive, was torched in an apparent arson last night. Police told VICE they were initially called to a property in Montreal's upper class Ahuntsic-Cartierville neighborhood at 11:30 P.M when two people were spotted trespassing on the property. Julien Levesque, a media relations officer for Montreal Police, said when authorities arrived on the scene shortly thereafter they found the multi-million dollar property ablaze. The fire was so massive that more than 80 firefighters were called in and the neighbors were forced to evacuate nearby properties. Authorities got the fire under control by 2:30 A.M. and say no one was hurt, although several neighbors had to be evacuated.

"Police officers who arrived on site were able to see that the fire began inside the residence," said Levesque. "Earlier this morning our arson squad from Montreal police took charge of the investigation. They were onsite this morning to analyze all the scene, meet some witnesses to try to understand what was the cause and the circumstances of the beginning of this fire." "Over the weekend, a fire occurred at my residence," Antoon told VICE in a statement. "The residence was under construction. I am grateful that my family and I and our neighbors are safe. Out of respect for the ongoing police investigation, I will not be commenting further." The report notes that MindGeek, Pornhub's parent company, has been under scrutiny from Canadian parliament since December, "when the access to information, privacy, and ethics committee moved to bring the company in for testimony about its 'failure to prohibit rape videos and other illegal content from its site.'"

"An Oklahoma woman was recently informed that she was charged with felony embezzlement of rented property for not returning a VHS tape over 20 years ago," reports Business Insider: Caron McBride reportedly rented the "Sabrina The Teenage Witch" tape at a now closed store in Norman, Oklahoma in 1999, according to KOKH-TV. She was charged a year later, in March 2000, after it was not returned, KOKH-TV reported citing documents. McBride was notified about the charge by the Cleveland County District Attorney's Office when she was attempting to change the name of her license after she got married, the news station reported...

"I had lived with a young man, this was over 20 years ago. He had two kids, daughters that were 8, 10, or 11 years old, and I'm thinking he went and got it and didn't take it back or something. I have never watched that show in my entire life, just not my cup of tea. Meanwhile, I'm a wanted felon for a VHS tape," McBride told the news station.
"Documents show the movie was rented at movie place in Norman, Oklahoma, which closed in 2008..." reports one local news station: McBride said over the last 20 years, she's been let go from several jobs without being given a reason why, and said it now all makes sense. "This is why. Because when they ran my criminal background check, all they're seeing is those two words: felony embezzlement," McBride said.
"The DA's office says the charge was filed under a previous district attorney," reports a local Oklahoma station, "and after reviewing the case, they thought it was fit to dismiss it."

But McBride still has to get an attorney to expunge the incident from her record.

According to Sacramento CBS affiliate KOVR-TV, Yana Sydnor called the police to report a possible home invasion. Turns out, it was a robovac that her son turned on before leaving for the weekend. Android Police reports: At 1 a.m., she and her 2-year-old daughter woke up to loud booms coming from her stairs disrupting her meditation music. She texted her friends about the sounds before they quickly responded, urging her to call 911. "I hear someone walking down my stairs, so it's like boom, boom, boom, boom, boom," Sydnor recalls telling the dispatcher. Desperate to exit the house and avoid a run-in with the invader, she ran to the bathroom, put her daughter in the tub, and thought about grabbing a ladder to get them both outside to ground level.

Officers arrived within 10 minutes of Sydnor's call. They rammed the front door wide open only to find a poor robovac, fresh from a tumble down a flight of stairs. "My son turned on the vacuum cleaner because he didn't want to do chores before he left for the weekend," she explained to the reporter after a moment of exasperated silence. The vacuum hadn't been used for 2 years and, even after the fall, it still works. We couldn't make out the make and model of the robovac, so we don't quite know if it could stop itself from going over the ledge much less what exactly happened in this case if it did have the ability.

Britain's Court of Appeals has cleared a group of 42 sub-postmasters and postmistresses for theft, fraud and false accounting. They were convicted, with some imprisoned, after the Post Office installed faulty software in the branches where these office operators worked. The BBC reports: Following the convictions - including theft, fraud and false accounting -- some former postmasters went to prison, were shunned by their communities and struggled to secure work. Some lost their homes, and even failed to get insurance owing to their convictions. Some have since died. They always said the fault was in the computer system, which had been used to manage post office finances since 1999.

The Horizon system, developed by the Japanese company Fujitsu, was first rolled out in 1999 to some post offices to be used for a variety of tasks including accounting and stocktaking. But from an early stage it appeared to have significant bugs which could cause the system to misreport, sometimes involving substantial sums of money. Horizon-based evidence was used by the Post Office to successfully prosecute 736 people. But campaigners fought a long and series of legal battles for compensation in the civil courts, which have been followed by referrals by the Criminal Cases Review Commission. A Post Office spokesman said: "We sincerely apologize to the postmasters affected by our historical failures. Throughout this appeals process we have supported the quashing of the overwhelming majority of these convictions and the judgment will be an important milestone in addressing the past."

Long-time Slashdot reader Martin S. reacts: As a software geek, the part I find most troubling is that blind faith that those in authority placed in the software without proper accounting. Accounting systems and Software are deterministic, well they should be. IF the system/software worked correctly, this missing money must have shown up somewhere. Software defects are always traceable. It might be expensive and time consuming but persistence will win in the end. Somebody somewhere is responsible for this and defacto framing of these people is criminal in principle, if not in law.

The operators of the Darkside ransomware are expanding their extortion tactics with a new technique aimed at companies that are listed on NASDAQ or other stock exchanges. From a report: In a message posted on their dark web portal, the Darkside crew said it is willing to notify crooked market traders in advance so they can short a company's stock price before they list its name on their website as a victim. The Darkside crew believes that the negative impact of having a traded company's name listed on its website would be enough to cause its stock price to fall and for a crooked trader to make a profit.

"While other ransomware families previously discussed how to leverage the effect of a publicly disclosed cyber attack on the stock market, they have never made it their official attack vector," Dmitry Smilyanets, threat intel analyst at Recorded Future, told The Record today. "DarkSide becomes the first ransomware variant to make it formal." However, the announcement also serves as an indirect method to threaten hacked companies that not paying the ransom demand could result in negative press large enough to impact their market listings and enough to push some victims into paying the asked ransom.

"A true-crime podcast has been credited with providing valuable information in a missing person case from the 1990s after two men were arrested," reports Newsweek: Kristin Smart, 19, of Stockton, California, went missing in May 1996 after returning to her dorm at California Polytechnic State University campus in San Luis Obispo. The case received widespread attention from Chris Lambert's Your Own Backyard podcast dedicated to investigating Smart's disappearance, which he began in September 2019.

The last person who was thought to have seen Smart alive was Paul Flores, 44, who was also a freshman at the time, when he offered to walk Smart back to her dorm. Since Smart's disappearance, Flores has been a person of interest, suspect, and prime suspect. Now, District Attorney Dan Dow alleges that Flores killed her in his dorm room following an attempted rape. On Tuesday, April 13, Flores was arrested for her murder, and his father Ruben Flores, 80, was arrested as an accessory to murder for allegedly helping his son conceal Smart's body, which has never been found.

San Luis Obispo County Sheriff Ian Parkinson said that they arrested the father and son on Tuesday after a search at Ruben Flores' home using ground-penetrating radar and cadaver dogs last month resulted in new evidence linked to Smart's disappearance... Parkinson also credited the Your Own Backyard podcast with raising awareness of the case which resulted in "valuable information" after a key witness came forward.
The Associated Press calls it "the latest in a line of true-crime podcasts credited with producing results in court," noting investigations by the Up and Vanished podcast also "led a man to confess to killing a Georgia beauty queen."

And they list some of the "compelling clues" uncovered by the podcaster investigating Kristin Smart's disappearance: A former colleague of Paul Flores' mother, Susan Flores, told him Mrs. Flores came into work after Memorial Day weekend 1996 — when Smart went missing — saying she didn't sleep well because her husband had gotten a phone call in the middle of the night and left in his car. "The speculation has been all along that Paul called his dad in the middle of the night and his dad came up and helped him get rid of Kristin's body," Lambert said.

A tenant who lived for a year at Susan Flores' home told him she heard a watch alarm every morning at 4:20 a.m. Smart had worked as a lifeguard at 5 a.m. at the Cal Poly pool, so it's possible she set her watch to wake up at that early hour.

An anonymous reader quotes a report from Gizmodo: Throughout December, someone was setting fires at the Martin Luther King Jr. Community Presbyterian Church, a "predominately Black" congregation located in Springfield, Massachusetts. An FBI affidavit claims that the last of these fires, set on Dec. 28, "essentially destroyed" the building -- burning away large parts of the interior. During this period, the same person is suspected of having carried out a "series of tire-slashings" targeted at vehicles near or around the church -- a majority of which were owned by Black individuals. Now, 44-year-old Maine resident Dushko Vulchev has been arrested in connection to the crimes. He was charged in a federal court in Springfield on Thursday, a release from the U.S. Justice Department shows, and is potentially facing decades behind bars.

Court documents illustrate how state, local and federal authorities used a variety of surveillance footage and data collection to piece together Vulchev's whereabouts and place him at or near these crimes. In particular, the vandal slipped up when he allegedly slashed the tires of a Tesla located not far from the church. Authorities say one of the car's many pre-installed security cameras caught blatant images of the culprit as he damaged the tires, then later returned to steal them along with the vehicle's rims. "Based on my training and experience and this investigation, I am aware that the Tesla mentioned above is equipped with cameras at various points around the body," said the FBI agent who wrote the affidavit. "I have reviewed video footage retrieved from the Tesla showing an individual that I can identify as Vulchev...The video footage from the Tesla shows Vulchev at a close distance crouching near the Tesla and using a tire iron to remove the wheels." Using other data collected and a variety of local surveillance footage, law enforcement was able to build a case against Vulchev.

A man who was falsely accused of shoplifting has sued the Detroit Police Department for arresting him based on an incorrect facial recognition match. The American Civil Liberties Union filed suit on behalf of Robert Williams, whom it calls the first US person wrongfully arrested based on facial recognition. The Verge reports: The Detroit Police Department arrested Williams in 2019 after examining security footage from a shoplifting incident. A detective used facial recognition technology on a grainy image from the video, and the system flagged Williams as a potential match based on a driver's license photo. But as the lawsuit notes, facial recognition is frequently inaccurate, particularly with Black subjects and a low-quality picture. The department then produced a photo lineup that included Williams' picture, showed it to a security guard who hadn't actually witnessed the shoplifting incident, and obtained a warrant when that guard picked him from the lineup.

Williams -- who had been driving home from work during the incident -- spent 30 hours in a detention center. The ACLU later filed a formal complaint on his behalf, and the prosecutor's office apologized, saying he could have the case expunged from his records. The ACLU claims Detroit police used facial recognition under circumstances that they should have known would produce unreliable results, then dishonestly failed to mention the system's shortcomings -- including a "woefully substandard" image and the known racial bias of recognition systems.

Last month America's Federal Bureau of Investigation released its annual report on internet crime, which a former federal prosecutor bemoans as "another record year." The bureau received 791,790 complaints of "internet-enabled crime" in 2020 (a 69 percent increase over the prior year), representing over $4.1 billion in reported losses (a 20 percent increase). These complaints included a wide array of crimes, such as phishing, spoofing, extortion, data breaches, and identity theft. Collectively, they represent further evidence of the Justice Department's long-running failure to effectively pursue internet fraud.

Since the start of the pandemic, the scope and frequency of this criminal activity has become noticeably worse. Online fraudsters have stolen government relief checks, sold fake test kits and vaccines, and exploited the altruistic impulses of the American public through fake charities. But the broader failure has wreaked incalculable harm on the American public for years, including those in our most vulnerable and less tech-savvy populations, like senior citizens. The FBI's most recent report makes it clear that the government needs to dramatically step up and rethink its approach to combating internet-based fraud — including how it tracks this problem, as well as how it can punish and deter these crimes more effectively going forward...

One major reason that internet fraud remains such a persistent and vexing problem is that the Justice Department has never made it a real priority — in part because these kinds of cases are not particularly attractive to prosecutors. Victim losses on an individual basis tend to be relatively small and widely dispersed. A substantial amount of this crime also originates abroad, and it can be hard and bureaucratically cumbersome to obtain evidence from foreign governments — particularly from countries where these scams comprise a large, de facto industry that employs many people. It is also far more challenging to find and secure cooperating insider witnesses when the perpetrators are beyond our borders. And even under the best of circumstances, the large body of documentary evidence that fraud cases involve can be exceedingly difficult to gather and review. If you manage to overcome all of those obstacles, you may still end up having to deal with years of extradition-related litigation before anyone ever sees the inside of a courtroom. Making matters worse, much of the press does not treat these cases as particularly newsworthy — itself a symptom of how routine internet fraud has become — and prosecutors like being in the press...

[T]ime is not on our side. This is a problem that will continue to metastasize — including in new and unpredictable ways — unless and until the federal government dramatically steps up its enforcement efforts.

An anonymous reader quotes a report from The Record: The FBI has arrested on Thursday a Texas man who planned to blow up one of the Amazon Web Services (AWS) data centers in an attempt to "kill of about 70% of the internet." Seth Aaron Pendley, 28, of Wichita Falls, Texas, was arraigned in front of a Texas judge today and formally indicted with a malicious attempt to destroy a building with an explosive.

The US Department of Justice said Pendley was arrested on Thursday after he tried to acquire C-4 plastic explosives from an undercover FBI employee in Fort Worth, Texas. The FBI said they learned of Pendley's plans after the suspect confided in January 2021 via Signal, an encrypted communications app, to a third-party source about plans to blow up one of Amazon's Virginia-based data centers. The source alerted the FBI and introduced the suspect to the undercover agent on March 31. "The suspect allegedly told an FBI agent that he wanted to attack Amazon's data center because the company was providing web servers to the FBI, CIA, and other federal agencies and that he hoped to bring down 'the oligarchy' currently in power in the United States," the report says.

Pendley could face up to 20 years in federal prison if he's found guilty and convicted.

ExtremeTech's Joel Hruska tells the story of a recent high-speed boat chase involving up to 300 Nvidia CMP 30HX GPUs. From the report: Our movie-like story kicked off with Chinese authorities detaining a fishing boat anchored near Hong Kong International Airport. Men on the fishing boat were swapping cargo over to a speedboat. When authorities approached, the smugglers hopped into the speedboat and fled. While the customs officials were unable to apprehend the smugglers in the subsequent high-speed chase, the hapless fishing boat owner was unable to get away. Confiscated goods, according to THG, included sea cucumbers, shark fins, and other various tech products and gadgets. The graphics cards were considered a surprise.

There's a certain dark hilarity in imagining drug dealers across the world offering their clientele multiple ounces of weed or an RTX 3060, but in this case, the haul consisted of low-end 30HX CMP cards. Nvidia offers a range of CMP cards, with performance ranging from 26MH/s to 86MH/s. The 30HX and 40HX are believed to be based on Turing silicon -- the GTX 1660 Super and RTX 2070, respectively. The 50X and 90HX are harder to pin down. The 50HX is a touch faster than the known mining performance of the RTX 2080 Ti, while the 90HX is about 10 percent slower than the known mining performance of an RTX 3080. If the 50HX is based on the RTX 2080 Ti, it's fielding a smaller amount of VRAM; the RTX 2080 Ti offered 11GB, while the 50HX has just 10GB.