An anonymous reader quotes a report from Ars Technica: Home buyers, sellers, real estate agents, and listing websites throughout the US have been stymied for five days by a cyberattack on a California company that provides a crucial online service used to track home listings. The attack, which commenced last Wednesday, hit Rapottoni, a software and services provider that supplies Multiple Listing Services to regional real estate groups nationwide. Better known as MLS, it provides instant access to data on which homes are coming to the market, purchase offers, and sales of listed homes. MLS has become essential for connecting buyers to sellers and to the agents and listing websites serving them.

"If you're an avid online refresher on any real estate website, you may have noticed a real nosedive in activity the last couple of days," Peg King, a realty agent in California's Sonoma County, wrote in an email newsletter she sent clients on Friday. "Real estate MLS systems across the country have been unusable since Wednesday after a massive cyberattack against major MLS provider, Rapattoni Corporation. This means that real estate markets (like ours!) can't list new homes, change prices, mark homes as pending/contingent/sold, or list open houses."

While Rapattoni has referred to the incident as a cyberattack, it has been widely reported that the event is a ransomware attack, in which criminals gain unauthorized access to a victim's network, encrypt or download crucial data and demand payment in exchange for decrypting the data or promising not to publish it. Rapattoni has so far not said publicly what sort of attack shut it down or other details. Rapattoni has yet to say whether personal information has been compromised. [...] Not all regional listing services are affected because some use data vendors other than Rapattoni. The damage the outage is causing to agents, buyers, renters, and sellers could get worse unless services are restored in the next few days. On Sunday, Rapattoni wrote: "We are continuing to investigate the nature and scope of the cyberattack that has caused a system outage and we are working diligently to get systems restored as soon as possible. All technical resources at our disposal are continuing to work around the clock through the weekend until this matter is resolved. We still do not have an ETA at this time, but we will continue to update you and keep you informed of our efforts."

An anonymous reader quotes a report from TorrentFreak: In the summer of 2021, DISH Network and Sling filed a copyright lawsuit against four unlicensed sports streaming sites, among them the popular SportsBay.org. After the plaintiffs named two alleged operators of the sites, this week a court in Texas held the pair liable for almost 2.5 million violations of the DMCA's anti-circumvention provisions and almost half a billion dollars in damages. [...] The complaint alleged that the unknown defendants circumvented (and provided technologies and services that circumvented) security measures employed by Sling and thereby provided "DISH's television programming" to users of their websites. The plaintiffs requested a permanent injunction, control of the defendants' domains, and damages of up to $2,500 for each violation of the DMCA's anti-circumvention provisions.

According to DISH's first amended complaint filed in January 2022, information obtained from the third-party service providers enabled the company to identify two men responsible for operating the SportsBay sites. Juan Barcan, an individual residing in Buenos Aires, Argentina, used his PayPal account to make payments to Namecheap and GitHub. Juan Nahuel Pereyra, also of Buenos Aires, used his PayPal account to make payments to Namecheap. On January 20, 2022, DISH sent a request to the Argentine Central Authority to serve Barcan and Pereyra under the Hague Convention. On October 31, 2022, the Central Authority informed DISH that Pereyra was served in Buenos Aires on September 14, 2022. Barcan was not served so after obtaining permission from the court, DISH served Barcan via a Gmail address used to make payments to Namecheap for the Sportsbay.org, Live-nba.stream, and Freefeds.com domain names. When the defendants failed to appear, DISH sought default judgment. [...]

In his order (PDF) handed down yesterday, District Judge Charles Eskridge entered a default judgment against Juan Barcan and Juan Nahuel Pereyra for violations of the DMCA's anti-circumvention provisions. The defendants and anyone acting in concert with them are permanently enjoined from circumventing any technological protection measure that controls access to Sling or DISH programming, including through the use of websites or any similar internet streaming service. Then comes the award for damages. "Plaintiffs are awarded $493,850,000 in statutory damages against Defendants, jointly and severally, for Defendants' 2,469,250 violations of section 1201(a)(2) of the DMCA," the order reads.

An anonymous reader shared this report from The New York Times: More than $1.7 trillion worldwide is expected to be invested in technologies such as wind, solar power, electric vehicles and batteries globally this year, according to the International Energy Agency, compared with just over $1 trillion in fossil fuels. That is by far the most ever spent on clean energy in a year. Those investments are driving explosive growth. China, which already leads the world in the sheer amount of electricity produced by wind and solar power, is expected to double its capacity by 2025, five years ahead of schedule. In Britain, roughly one-third of electricity is generated by wind, solar and hydropower. And in the United States, 23 percent of electricity is expected to come from renewable sources this year, up 10 percentage points from a decade ago... [F]rom Beijing to London, Tokyo to Washington, Oslo to Dubai, the energy transition is undeniably racing ahead...

[C]lean energy became cheap far faster than anyone expected. Since 2009, the cost of solar power has plunged by 83 percent, while the cost of producing wind power has fallen by more than half. The price of lithium-ion battery cells fell 97 percent over the past three decades. Today, solar and wind power are the least expensive new sources of electricity in many markets, generating 12 percent of global electricity and rising... The rapid drop in costs for solar energy, wind power and batteries can be traced to early government investment and steady improvements over time by hundreds of researchers, engineers and entrepreneurs around the world. "The world has produced nearly three billion solar panels at this point, and every one of those has been an opportunity for people to try to improve the process," said Gregory Nemet, a solar power expert at the University of Wisconsin-Madison. "And all of those incremental improvements add up to something very dramatic." An equally potent force, along with the technological advances, has been an influx of money — in particular, a gusher since 2020 of government subsidies...

In the United States, President Biden signed a trio of laws during his first two years in office that allocated unprecedented funds for clean energy: A $1 trillion bipartisan infrastructure law provided money to enhance the power grid, buy electric buses for schools and build a national network of electric vehicle chargers... Combined, the three laws have prompted companies to announce at least $230 billion in manufacturing investments so far... The U.S. solar industry installed a record 6.1 gigawatts of capacity in the first quarter of 2023, a 47 percent increase over the same period last year. And those low costs have led many of the United States' biggest corporations, such as Alphabet, Amazon and General Motors, to purchase large amounts of wind and solar power...

Amazon is reducing packaging on millions of deliveries. From a report: Millions of Amazon orders are arriving on doorsteps across the U.S. without any extra packaging. A new television may sit in the manufacturer's box at the door. A blender appears as if it were picked off a store shelf. The same for a box of baby wipes or trash bags. The change represents the next frontier in the tech giant's overhaul of its delivery processes, one Chief Executive Andy Jassy hopes will appeal to customers who are put off by the volume of Amazon-branded boxes they receive and discard every week.

The company in the past year revamped its logistics network, enabling faster and more efficient deliveries. Eliminating or reducing packaging has become increasingly important for the company to maintain its dominance, reduce costs and reach its goals related to its climate impact. "The recognition by a number of senior leaders was just that this is becoming more and more important," said Pat Lindner, who Amazon hired last year as its first vice president of packaging and innovation. "There's a significant need for our company to take the next step in innovation around packaging." About 11% of items that the company delivers now arrive without extra packaging, or what the company calls "ships in own container," Amazon said.

An anonymous reader quotes a report from TechCrunch: Imagine being able to sit behind a hacker and observe them take control of a computer and play around with it. That's pretty much what two security researchers did thanks to a large network of computers set up as a honeypot for hackers. The researchers deployed several Windows servers deliberately exposed on the internet, set up with Remote Desktop Protocol, or RDP, meaning that hackers could remotely control the compromised servers as if they were regular users, being able to type and click around. Thanks to these honeypots, the researchers were able to record 190 million events and 100 hours of video footage of hackers taking control of the servers and performing a series of actions on them, including reconnaissance, installing malware that mines cryptocurrencies, using Android emulators to conduct click fraud, brute-forcing passwords for other computers, hiding the hackers' identities by using the honeypot as a starting point for another attack, and even watching porn. The researchers said a hacker successfully logging into its honeypot can generate "tens of events" alone.

The "Rangers," according to the two, carefully explored the hacked computers, doing reconnaissance, sometimes changing passwords, and mostly leaving it at that. "Our hypothesis is that they are evaluating the system they compromised so that another profile of attacker can come back later," the researchers wrote in a blog post published on Wednesday to accompany their talk. The "Barbarians" use the compromised honeypot computers to try and bruteforce into other computers using known lists of hacked usernames and passwords, sometimes using tools such as Masscan, a legitimate tool that allows users to port-scan the whole internet, according to the researchers. The "Wizards" use the honeypot as a platform to connect to other computers in an attempt to hide their trails and the actual origin of their attacks. According to what Bergeron and Bilodeau wrote in their blog post, defensive teams can gather threat intelligence on these hackers, and "reach deeper into compromised infrastructure."

According to Bergeron and Bilodeau, the "Thieves" have the clear goal of monetizing their access to these honeypots. They may do that by installing crypto miners, programs to perform click fraud or generate fake traffic to websites they control, and selling access to the honeypot itself to other hackers. Finally, the "Bards" are hackers with very little or almost no skills. These hackers used the honeypots to use Google to search for malware, and even watch porn. These hackers sometimes used cell phones instead of desktop or laptop computers to connect to the honeypots. Bergeron and Bilodeau said they believe this type of hacker sometimes uses the compromised computers to download porn, something that may be banned or censored in their country of origin. In one case, a hacker "was downloading the porn and sending it to himself via Telegram. So basically circumventing a country-level ban on porn," Bilodeau told TechCrunch. "What I think [the hacker] does with this then is download it in an internet cafe, using Telegram, and then he can put it on USB keys, and he can sell it." These types of honeypots could be useful for law enforcement or cybersecurity defensive teams. "Law enforcement could lawfully intercept the RDP environments used by ransomware groups and collect intelligence in recorded sessions for use in investigations," the researchers wrote in the blog post. "Blue teams for their part can consume the [Indicators of Compromise] and roll out their own traps in order to further protect their organization, as this will give them extensive documentation of opportunistic attackers' tradecraft."

Moreover, if hackers start to suspect that the servers they compromise may be honeypots, they will have to change strategies and decide whether the risks of being caught are worth it, "leading to a slow down which will ultimately benefit everyone," according to the researchers.

National Geographic: Research does show that heart attacks, also called myocardial infarctions, are on the rise in younger people. Common symptoms include chest pain or discomfort; pain that radiates into the jaw, neck, back or arms; shortness of breath; and feeling weak or faint. A study of more than 2,000 young adults admitted for heart attack between 2000 and 2016 in two U.S. hospitals found that 1 in 5 were 40 years old or younger -- and that the proportion of this group has been increasing by 2 percent each year for the last decade.

The study, published in 2019 in the American Journal of Medicine, also found that people ages 40 or younger who have had a heart attack are just as likely as older adults to die from another heart attack, stroke, or other reason. In fact, increases in heart disease among younger adults in 2020 and 2021 are responsible for more than 4 percent of the most recent declines in life expectancy in the U.S., according to an editorial published in March in JAMA Network. The problem isn't uniquely American. Research shows that adults in Pakistan and India, for example, are also experiencing heart attacks at younger ages.

The White House on Tuesday held its first-ever cybersecurity "summit" on the ransomware attacks plaguing U.S. schools, in which criminal hackers have dumped online sensitive student data, including medical records, psychiatric evaluations and even sexual assault reports. PBS reports: At least 48 districts have been hit by ransomware attacks this year -- already three more than in all of 2022, according to the cybersecurity firm Emsisoft. All but 10 had data stolen, the firm reported. Typically, Russian-speaking foreign-based gangs steal the data -- sometimes including the Social Security numbers and financial data of district staff -- before activating network-encrypting malware then threaten to dump it online unless paid in cryptocurrency. "Last school year, schools in Arizona, California, Washington, Massachusetts, West Virginia, Minnesota, New Hampshire and Michigan were all victims of major cyber attacks," the deputy national security advisor for cyber, Anne Neuberger, told the summit.

An October 2022 report from the Government Accountability Office, a federal watchdog agency, found that more than 1.2 million students were affected in 2020 alone -- with lost learning ranging from three days to three weeks. Nearly one in three U.S. districts had been breached by the end of 2021, according to a survey by the Center for Internet Security, a federally funded nonprofit. "Do not underestimate the ruthlessness of those who would do us harm," said Homeland Security Secretary Alejandro Mayorkas during the summit, noting that even reports on suicide attempts have been dumped online by criminal extortionists and urging educators to avail themselves of federal resources already available.

Among measures announced at the summit: The Cybersecurity and Infrastructure Security Agency will step up tailored security assessments for the K-12 sector while technology providers, including Amazon Web Services, Google and Cloudflare, are offering grants and other support. A pilot proposed by Federal Communications Commission Chair Jessica Rosenworcel -- yet to be voted on by the agency -- would make $200 million available over three years to strengthen cyber defense in schools and libraries.

An anonymous reader quotes a report from TechCrunch: Poland-based spyware LetMeSpy is no longer operational and said it will shut down after a June data breach wiped out its servers, including its huge trove of data stolen from thousands of victims' phones. In a notice on its website in both English and Polish, LetMeSpy confirmed the "permanent shutdown" of the spyware service and that it would cease operations by the end of August. The notice said LetMeSpy is blocking users from logging in or signing up with new accounts. A separate notice on LetMeSpy's former login page, which no longer functions, confirmed earlier reports that the hacker who breached the spyware operation also deleted the data on its servers. "The breach consisted of unauthorized access to the LetMeSpy website's database, downloading and at the same time deleting data from the website by the author of the attack," the notice reads. LetMeSpy's app no longer functions, a network traffic analysis by TechCrunch shows, and the spyware maker's website no longer provides the spyware app for download.

LetMeSpy was an Android phone monitoring app that was purposefully designed to stay hidden on a victim's phone home screen, making the app difficult to detect and remove. When planted on a person's phone -- often by someone with knowledge of their phone passcode -- apps like LetMeSpy continually steal that person's messages, call logs and real-time location data. A copy of the database was obtained by nonprofit transparency collective DDoSecrets, which indexes leaked datasets in the public interest, and shared with TechCrunch for analysis. The data showed that LetMeSpy, until recently, had been used to steal data from more than 13,000 compromised Android devices worldwide, though LetMeSpy's website claimed prior to the breach that it controlled more than 236,000 devices. The database also contained information that shows the spyware was developed by a Krakow-based tech company called Radeal, whose chief executive Rafal Lidwin did not respond to a request for comment.

The Federal Communications Commission is paving the way for $75 monthly subsidies to make broadband service more affordable for low-income households in certain "high-cost" areas. From a report: The $75 subsidy will be part of the Affordable Connectivity Program (ACP) that generally offers $30 monthly discounts to people with low incomes. The ACP was created by Congress in late 2021 and implemented by the FCC to replace a previous pandemic-related subsidy program. The ACP already provides $75 monthly subsidies for homes on tribal lands, but not in other areas. The US law that created the ACP lets the FCC make $75 subsidies available in areas where the costs of building broadband networks are higher than average.

That's what the FCC did in its action announced yesterday. "The Infrastructure Act specified that the $75 monthly benefit would support providers that can demonstrate that the standard $30 monthly benefit would cause them to experience 'particularized economic hardship' such that they would be unable to maintain part or all of their broadband network in a high-cost area," the FCC said. ACP subsidies are distributed to Internet service providers that enroll in the program and give customers discounts. Comcast, Charter Spectrum, AT&T, Verizon, and other ISPs last year agreed to make $30 plans with download speeds of at least 100Mbps available to eligible low-income households, essentially making the Internet service free when the $30 subsidy is applied.

Recently Ars Technica reported on "another application for SpaceX's Starship architecture that the company is studying," adding that NASA "is on board to lend expertise.

"Though still in a nascent phase of tech development, the effort could result in repurposing Starship into a commercial space station, something NASA has a keen interest in because there are no plans for a government-owned research lab in low-Earth orbit after the International Space Station is decommissioned after 2030." NASA announced last month a new round of agreements with seven commercial companies, including SpaceX. The Collaborations for Commercial Space Capabilities (CCSC) program is an effort established to advance private sector development of emerging products and services that could be available to customers — including NASA — in approximately five to seven years... NASA passed over SpaceX's bid for a funded space station development agreement in 2021, identifying concerns about SpaceX's plans for scaling its life-support system to enable long-duration missions and SpaceX's plan for a single docking port, among other issues. The space agency isn't providing any funding for the new CCSC effort, which includes the Starship space station concept, but the government will support the industry with technical expertise, including expert assessments, lessons learned, technologies, and data.

Apart from the SpaceX agreement, NASA said it will provide non-financial support to Blue Origin's initiative to develop a crew spacecraft for orbital missions that would launch on the company's New Glenn rocket. The agency also supports Northrop Grumman's development of a human-tended research platform in low-Earth orbit to work alongside the company's planned space station. The other companies NASA picked for unfunded agreements were: Sierra Space's proposal for a crewed version of its Dream Chaser spacecraft, Vast's concept for a privately owned space station, ThinkOrbital's plan to develop welding, cutting, inspection, and additive manufacturing technology for construction work in space, and Special Aerospace Services for collaboration on an autonomous maneuvering unit to assist, or potentially replace, spacewalkers working outside a space station.

Despite the lack of NASA funding, the new collaboration announcement with SpaceX laid out — in broad strokes, at least — one of the directions SpaceX may want to take Starship. NASA said it will work with SpaceX on an "integrated low-Earth orbit architecture" that includes the Starship vehicle and other SpaceX programs, including the Dragon crew capsule and Starlink broadband network.
The artice links to a recent NASA document detailing SpaceX's space station concept. Phil McAlister, who heads NASA's commercial spaceflight division, says its size and reduced cost "could have a far-reaching impact on the sustainable development of the low-Earth orbit) economy...

"Adding increased confidence is the company's plan to self-fund Starship development from its launch and satellite enterprises."

Thanks to long-time Slashdot reader Amiga Trombone for sharing the article.

"NASA has reestablished full communications with Voyager 2," according to a mission update posted Friday: The agency's Deep Space Network facility in Canberra, Australia, sent the equivalent of an interstellar "shout" more than 12.3 billion miles (19.9 billion kilometers) to Voyager 2, instructing the spacecraft to reorient itself and turn its antenna back to Earth. With a one-way light time of 18.5 hours for the command to reach Voyager, it took 37 hours for mission controllers to learn whether the command worked. At 12:29 a.m. EDT on Aug. 4, the spacecraft began returning science and telemetry data, indicating it is operating normally and that it remains on its expected trajectory.
"Had the Earth-based signals not reached Voyager 2, the spacecraft is already programmed to reorient itself multiple times a year to keep its antenna pointing in our planet's direction," CNN points out. "The next reset was already scheduled for October 15. But the team didn't want to wait that long..."

After controllers sent the wrong command to the 46-year-old spacecraft, Voyager 2's antenna needed to be shifted "a mere 2 degrees," notes The Associated Press:

Voyager 2 has been hurtling through space since its launch in 1977 to explore the outer solar system. Launched two weeks later, its twin, Voyager 1, is now the most distant spacecraft — 15 billion miles (24 billion kilometers) away — and still in contact. As long as their plutonium power holds, the Voyagers may be alive and well for the 50th anniversary of their launch in 2027, according to Dodd. Among the scientific tidbits they've beamed back in recent years include details about the interstellar magnetic field and the abundance of cosmic rays.

Long-time Slashdot reader KindMind shares a report from The Register: Researchers at MIT claim to have found a novel new way to store energy using nothing but cement, a bit of water, and powdered carbon black -- a crystalline form of the element. The materials can be cleverly combined to create supercapacitors, which could in turn be used to build power-storing foundations of houses, roadways that could wirelessly charge vehicles, and serve as the foundation of wind turbines and other renewable energy systems -- all while holding a surprising amount of energy, the team claims. According to a paper published in the Proceedings of the National Academy of Sciences, 45 cubic meters of the carbon-black-doped cement could have enough capacity to store 10 kilowatt-hours of energy -- roughly the amount an average household uses in a day. A block of cement that size would measure about 3.5 meters per side and, depending on the size of the house, the block could theoretically store all the energy an off-grid home using renewables would need." [...]

Just three percent of the mixture has to be carbon black for the hardened cement to act as a supercapacitor, but the researchers found that a 10 percent carbon black mixture appears to be ideal. Beyond that ratio, the cement becomes less stable -- not something you want in a building or foundation. The team notes that non-structural use could allow higher concentrations of carbon black, and thus higher energy storage capacity. The team has only built a tiny one-volt test platform using its carbon black mix, but has plans to scale up to supercapacitors the same size as a 12-volt automobile battery -- and eventually to the 45 cubic meter block. Along with being used for energy storage, the mix could also be used to provide heat -- by applying electricity to the conductive carbon network encased in the cement, MIT noted.
As Science magazine puts it, "Tesla's Powerwall, a boxy, wall-mounted, lithium-ion battery, can power your home for half a day or so. But what if your home was the battery?"

Pirate eBook repository Z-Library has launched browser extensions that should make it easier for users to find the site if its current domains are seized in the future. While the site doesn't explicitly mention the U.S. Government crackdown, it likely plays a key role in the decision to make these extensions available. TorrentFreak reports: Since the shadow library is now well aware that its domain names could be taken away at any moment, numerous precautions are being taken to mitigate the risks. A few weeks ago, Z-Library released a dedicated desktop application that should make it easier to access the site. The software has the ability to redirect users to working domains and whenever necessary, connect over the Tor network, which also helps to evade blocking efforts. In an announcement this week, the operators of the shadow library unveiled new precautionary tools to redirect users to working domains, including any new ones, should they be needed.

The new browser extensions are available for both Chrome and Firefox and promise 'seamless access' to alternative domains in the event that existing ones run into trouble. "Say goodbye to searching for available domains, as this handy extension takes care of everything for you. Simplify your online library experience and enjoy seamless access to a world of knowledge, right at your fingertips. "After launching the extension, the process of searching for an available domain will begin. Within some seconds when the domain is found, you will be redirected to the library homepage," Z-Library explains.

While installing browser extensions should always happen with caution, in just a few hours thousands of Z-Library users have already installed the new software. According to the Chrome store, the Z-Library Finder currently has over 7,000 users. These extensions may indeed help to point users to new domain names, but the solution isn't bulletproof. The authorities may attempt to remove the listings from the Chrome and Firefox extension libraries, for example. Even if Z-Library decides to self-host these tools, they still rely on technical infrastructure that could be targeted in the future. That being said, the releases are still notable; it's rare to a service going full steam ahead in the face of an active criminal case.

A cyberattack has disrupted hospital computer systems in several states, forcing some emergency rooms to close and ambulances to be diverted, and many primary care services remained closed on Friday as security experts worked to determine the extent of the problem and resolve it. From a report: The "data security incident" began Thursday at facilities operated by Prospect Medical Holdings, which is based in California and has hospitals and clinics there and in Texas, Connecticut, Rhode Island and Pennsylvania. "Upon learning of this, we took our systems offline to protect them and launched an investigation with the help of third-party cybersecurity specialists," the company said in a statement Friday. "While our investigation continues, we are focused on addressing the pressing needs of our patients as we work diligently to return to normal operations as quickly as possible." In Connecticut, the emergency departments at Manchester Memorial and Rockville General hospital were closed for much of Thursday and patients were diverted to other nearby medical centers.

[...] The FBI in Connecticut issued a statement saying it is working with "law enforcement partners and the victim entities" but could not comment further on an ongoing investigation. Elective surgeries, outpatient appointments, blood drives and other services were suspended, and while the emergency departments reopened late Thursday, many primary care services were closed on Friday, according to the Eastern Connecticut Health Network, which runs the facilities. Patients were being contacted individually, according to the network's website. Similar disruptions also were reported at other facilities system-wide.

An anonymous reader quotes a report from Ars Technica: Elon Musk's tunneling company has permission to significantly expand its operations under the city of Las Vegas. Last month, the Las Vegas City Council voted unanimously to approve the Boring Company's plan to dig more tunnels under the city, following in the steps of Clark County, which in May gave a similar thumbs-up to the tunneling concern. The company's plan calls for 68 miles of tunnels and 81 stations, served by a fleet of Tesla electric vehicles, each able to carry three passengers at a time.

Despite the unanimous approval, Mayor Carolyn Goldman had a litany of concerns, including safety, low throughput of passengers, and a lack of accessibility. However, she said that "hotels are begging for transportation options." [...] Should the Boring Company see this project through to completion, 60 of the stations would be in Clark County, mostly concentrated down the Strip and the major casinos, with the remaining 21 in the city of Las Vegas.

The Excel World Championship is coming back to ESPN this week. On Friday morning at 7AM ET, as part of ESPN's annual "The Ocho" event, a few of the world's foremost Excel experts will battle to solve puzzles on the biggest stage in sports. From a report: The Ocho is an ESPN event designed to show off otherwise un-televised sports -- Excel is on the docket alongside "2023 Slippery Stairs," the "Pillow Fight Championship," and competitions in everything from belt-sanding to sign spinning -- but it's still a big deal. When competitive Excel showed up on the network last year, the sport found a whole new audience. More than 800,000 people have since watched the full 2.5-hour competition on YouTube (ESPN showed a 30-minute edit of the battle), and the folks who started the World Championship say it changed the event's trajectory forever.

As corporate leaders call for an end to pandemic-era remote work arrangements, unions in Australia are setting a precedent and fighting back, taking to court the country's biggest bank and wrangling with the federal government to demand WFH, as it is known, to become the norm. From a report: "All the deep changes in the Australian labour market have come out of crises. When you have a jolt, you never return to the way the world was," said John Buchanan, head of the University of Sydney's Health and Work Research Network. "We're always ahead of the pack in the English-speaking world, say compared to the UK, US, New Zealand." Empowered by the lowest unemployment rate in half a century, staff at Commonwealth Bank of Australia took the A$170 billion ($114 billion) lender to the industrial tribunal to challenge a directive to work from the office half of the time.

Printer manufacturer Canon is warning that sensitive Wi-Fi settings don't automatically get wiped during resets, so customers should manually delete them before selling, discarding, or getting them repaired to prevent the settings from falling into the wrong hands. From a report: "Sensitive information on the Wi-Fi connection settings stored in the memories of inkjet printers (home and office/large format) may not be deleted by the usual initialization process," company officials wrote in an advisory on Monday. They went on to say that manual wiping should occur "when your printer may be in the hand of any third party, such as when repairing, lending or disposing the printer."

Like many printers these days, those from Canon connect to networks over Wi-Fi. To do this, users must provide the SSID name, the password preventing unauthorized access to the network, and in some cases, additional information such as Wi-Fi network type, the local network IP address, the MAC address, and network profile. It would be reasonable to assume that performing a simple factory reset that returns all settings to their defaults would be enough to remove these settings, but Monday's advisory indicated that isn't necessarily the case. In the event this information is exposed, malicious actors could use them to gain unauthorized access to a network hosting a Canon printer.

Once known for distributing hacking tools and shaming software companies into improving their security, a famed group of technology activists is now working to develop a system that will allow the creation of messaging and social networking apps that won't keep hold of users' personal data. From a report: The group, Cult of the Dead Cow, has developed a coding framework that can be used by app developers who are willing to embrace strong encryption and forsake revenue from advertising that is targeted to individuals based on detailed profiles gleaned from the data most apps now routinely collect. The team is building on the work of such free products as Signal, which offers strong encryption for text messages and voice calls, and Tor, which offers anonymous web surfing by routing traffic through a series of servers to disguise the location of the person conducting the search.

The latest effort, to be detailed at the massive annual Def Con hacking conference in Las Vegas next week, seeks to provide a foundation for messaging, file sharing and even social networking apps without harvesting any data, all secured by the kind of end-to-end encryption that makes interception hard even for governments. Called Veilid, and pronounced vay-lid, the code can be used by developers to build applications for mobile devices or the web. Those apps will pass fully encrypted content to one another using the Veilid protocol, its developers say. As with the file-sharing software BitTorrent, which distributes different pieces of the same content simultaneously, the network will get faster as more devices join and share the load, the developers say. In such decentralized "peer-to-peer" networks, users download data from each other instead of from a central machine.

An anonymous reader quotes a report from Ars Technica: Film companies lost another attempt to force Reddit to identify anonymous users who discussed piracy. A federal court on Saturday quashed a subpoena (PDF) demanding users' names and other identifying details, agreeing with Reddit's argument that the film companies' demands violate the First Amendment. The plaintiffs are 20 producers of popular movies who are trying to prove that Internet service provider Grande is liable for its subscribers' copyright infringement because the ISP allegedly ignores piracy on its network. Reddit isn't directly involved in the copyright case. But the film companies filed a motion to compel Reddit to respond to a subpoena demanding "basic account information including IP address registration and logs from 1/1/2016 to present, name, email address and other account registration information" for six users who wrote comments on Reddit threads in 2011 and 2018.

"The issue is whether that discovery is permissible despite the users' right to speak anonymously under the First Amendment," US Magistrate Judge Laurel Beeler wrote in her ruling against the film copyright holders. "The court denies the motion because the plaintiffs have not demonstrated a compelling need for the discovery that outweighs the users' First Amendment right to anonymous speech." The film companies seeking Reddit users' identities include After II Movie LLC, Bodyguard Productions, Hitman 2 Productions, Millennium Funding, Nikola Productions, Rambo V Productions, and Dallas Buyers Club LLC. As Beeler's ruling on Saturday noted, they sought the identities of two users who wrote about torrenting on Grande's network in 2018 [...]. The companies also sought identities of four users who commented in a 2011 thread. "I have grande. No issues with torrent or bandwidth caps," one user comment said. Another Reddit user wrote, "I have torrented like a motherfucker all over grande and have never seen anything." Reddit's filing (PDF) pointed out that the statute of limitations for copyright infringement is three years. The film companies said (PDF) the statute of limitations is irrelevant to whether the comments can provide evidence in the case against Grande.