Andy Greenberg reports via Wired: More than two months after the start of a ransomware debacle whose impact ranks among the worst in the history of cybersecurity, the medical firm Change Healthcare finally confirmed what cybercriminals, security researchers, and Bitcoin's blockchain had already made all too clear: that it did indeed pay a ransom to the hackers who targeted the company in February. And yet, it still faces the risk of losing vast amounts of customers' sensitive medical data. In a statement sent to WIRED and other news outlets on Monday evening, Change Healthcare wrote that it paid a ransom to a cybercriminal group extorting the company, a hacker gang known as AlphV or BlackCat. "A ransom was paid as part of the company's commitment to do all it could to protect patient data from disclosure," the statement reads. The company's belated admission of that payment accompanied a new post on its website where it warns that the hackers may have stolen health-related data that would "cover a substantial proportion of people in America."

Cybersecurity and cryptocurrency researchers told WIRED last month that Change Healthcare appeared to have paid that ransom on March 1, pointing to a transaction of 350 bitcoins or roughly $22 million sent into a crypto wallet associated with the AlphV hackers. That transaction was first highlighted in a message on a Russian cybercriminal forum known as RAMP, where one of AlphV's allegedly jilted partners complained that they hadn't received their cut of Change Healthcare's payment. However, for weeks following that transaction, which was publicly visible on Bitcoin's blockchain and which both security firm Recorded Future and blockchain analysis firm TRM Labs told WIRED had been received by AlphV, Change Healthcare repeatedly declined to confirm that it had paid the ransom.

Change Healthcare's confirmation of that extortion payment puts new weight behind the cybersecurity industry's fears that the attack -- and the profit AlphV extracted from it -- will lead ransomware gangs to further target health care companies. "It 100 percent encourages other actors to target health care organizations," Jon DiMaggio, a researcher with cybersecurity firm Analyst1 who focuses on ransomware, told WIRED at the time the transaction was first spotted in March. "And it's one of the industries we don't want ransomware actors to target -- especially when it affects hospitals." Compounding the situation, a conflict between hackers in the ransomware ecosystem has led to a second ransomware group claiming to possess Change Healthcare's stolen data and threatening to sell it to the highest bidder on the dark web. Earlier this month that second group, known as RansomHub, sent WIRED alleged samples of the stolen data that appeared to come from Change Healthcare's network, including patient records and a contract with another health care company.

An anonymous reader quotes a report from Ars Technica: Quantum dots are already moving in the premium display category, particularly through QD-OLED TVs and monitors. The next step could be QDEL, short for "quantum dot electroluminescent," also known as NanoLED, screens. Not to be confused with the QLED (quantum light emitting diode) tech already available in TVs, QDEL displays don't have a backlight. Instead, the quantum dots are the light source. The expected result is displays with wider color spaces than today's QD-OLEDs (quantum dot OLEDs) that are also brighter, more affordable, and resistant to burn-in. It seems like QDEL is being eyed as one of the most potentially influential developments for consumer displays over the next two years. If you're into high-end display tech, QDEL should be on your radar.

You may know QDEL as NanoLED because that's what Nanosys, a quantum dot supplier developing the technology, calls it. QDEL has gone by other names, such as QLED -- before Samsung claimed that acronym for LCD-LED TVs that use quantum dots. You may also see QDEL referred to as QD-EL, QD-LED, or EL-QD. As the alphabet soup suggests, there are still some things to finalize with this tech. This article will mostly use the term QDEL, with occasional references to NanoLED. If none of those names sound familiar, it's probably because you can't buy any QDEL products yet. Suppliers suggest that could change in the next few years; Nanosys is targeting 2026 for commercial availability. [...]

Today's OLED screens use OLED material as their light source, with QD-OLED specifically applying quantum dots to convert the light into color. In QLED, the light source is a white backlight; QDEL displays apply electricity directly to quantum dots, which then generate light. QDEL uses a layer of quantum dots sandwiched between an anode and cathode to facilitates the flow of electricity into the quantum dots. QDEL displays have pixels made of a red quantum dot subpixel, green quantum dot subpixel, and -- differing from today's QLED and QD-OLED displays -- blue quantum dot subpixel. QDEL displays use the same quantum dot cores that QD-OLED and QLED products use, [Jeff Yurek, Nanosys' VP of marketing] told me, adding, "The functionalization of the outer layer of the [quantum dots] needs to be changed to make it compatible with each display architecture, but the cores that do the heavy lifting are pretty much the same across all of these."

Because QDEL pixels make their own light and can therefore turn off completely, QDEL displays can deliver the same deep blacks and rich contrast that made OLED popular. But with the use of direct-view quantum dots, stakeholders are claiming the potential for wider color gamuts than we've seen in consumer displays before. With fewer layers and parts, there are also implications for QDEL product pricing, longevity, and even thinness. [...] The fact that quantum dots are already being successfully applied to LCD-LED and OLED screens is encouraging for future QDEL products. QDEL stakeholders claim that the tech could bring efficiencies like lower power consumption and higher brightness than OLED. (Research using a prototype device has recorded quantum dot light-emitting diodes reaching 614,000 nits. Of course, those aren't the type of results you should expect to see in a real-life consumer product.) There's also hope that QDEL could eventually last longer than OLED, especially since QDEL doesn't rely on organic materials that can cause burn-in.

The Ray-Ban Meta Smart Glasses now feature support for multimodal AI -- without the need for a projector or $24 monthly fee. (We're looking at you, Humane AI.) With the new update, the Meta AI assistant will be able to analyze what you're seeing, and it'll give you smart, helpful answers or suggestions. The Verge reports: First off, there are some expectations that need managing here. The Meta glasses don't promise everything under the sun. The primary command is to say "Hey Meta, look and..." You can fill out the rest with phrases like "Tell me what this plant is." Or read a sign in a different language. Write Instagram captions. Identify and learn more about a monument or landmark. The glasses take a picture, the AI communes with the cloud, and an answer arrives in your ears. The possibilities are not limitless, and half the fun is figuring out where its limits are. [...]

To me, it's the mix of a familiar form factor and decent execution that makes the AI workable on these glasses. Because it's paired to your phone, there's very little wait time for answers. It's headphones, so you feel less silly talking to them because you're already used to talking through earbuds. In general, I've found the AI to be the most helpful at identifying things when we're out and about. It's a natural extension of what I'd do anyway with my phone. I find something I'm curious about, snap a pic, and then look it up. Provided you don't need to zoom really far in, this is a case where it's nice to not pull out your phone. [...]

But AI is a feature of the Meta glasses. It's not the only feature. They're a workable pair of livestreaming glasses and a good POV camera. They're an excellent pair of open-ear headphones. I love wearing mine on outdoor runs and walks. I could never use the AI and still have a product that works well. The fact that it's here, generally works, and is an alright voice assistant -- well, it just gets you more used to the idea of a face computer, which is the whole point anyway.

A lawsuit is alleging Amazon was so desperate to keep up with the competition in generative AI it was willing to breach its own copyright rules. From a report: The allegation emerges from a complaint accusing the tech and retail mega-corp of demoting, and then dismissing, a former high-flying AI scientist after it discovered she was pregnant. The lawsuit was filed last week in a Los Angeles state court by Dr Viviane Ghaderi, an AI researcher who says she worked successfully in Amazon's Alexa and LLM teams, and achieved a string of promotions, but claims she was later suddenly demoted and fired following her return to work after giving birth. She is alleging discrimination, retaliation, harassment and wrongful termination, among other claims.

General Motors (GM) has been selling data about the driving behavior of millions of people to insurance companies, leading to higher premiums for some drivers, according to a recent investigation. The affected drivers were not informed about the tracking, which was carried out through GM's OnStar connected services plan and the Smart Driver program. The New York Times reporter who broke the story discovered that her own driving data had been shared with data brokers working with the insurance industry, despite not being enrolled in the program. GM has since discontinued the Smart Driver product and stopped sharing data with LexisNexis and Verisk, following customer feedback and federal lawsuits filed by drivers across the country.

Chinese tech giant Kuaishou is laying off employees in their mid-30s as part of a company-wide restructuring plan dubbed "Limestone," FT reported Tuesday, citing people with direct knowledge of the matter. The move highlights the pervasive ageism in China's tech sector, where younger workers are favored for their perceived willingness to work long hours and keep up with the latest technological developments, the report adds.

While China's labor law does not explicitly prohibit age discrimination, some have interpreted it as such. However, tech executives have openly expressed their preference for younger employees, with companies like ByteDance and Pinduoduo boasting some of the youngest workforces in the industry. The economic slowdown and regulatory crackdowns have exacerbated the problem, with tens of thousands of jobs cut across the sector in recent months. Those over 35 face significant challenges in finding new employment, as even the civil service and service sector prioritize younger applicants. The situation has left many older tech workers anxious about their future job prospects, the report adds.

Google has fired another 20 workers for participating in protests against its $1.2 billion cloud computing contract with the Israeli government, according to an activist group representing the workers. From a report: In total, the company has now fired around 50 employees over sit-in protests held in Google offices last week that were part of yearslong discontent among a group of Google and Amazon workers over claims that Israel is using the companies' services to harm Palestinians. Google has denied those claims, saying Project Nimbus, the cloud-computing contract, doesn't involve "highly sensitive, classified, or military workloads relevant to weapons or intelligence services," and that Israeli government ministries that use its commercial cloud must agree to its terms of services and other policies.

No Tech For Apartheid, the group representing the workers, claimed in a statement that Google is attempting to "quash dissent, silence its workers, and reassert its power over them." "That's because Google values its profit, and its $1.2 billion contract with the Israeli government and military, more than people. And it certainly values it over its own workers," it said. The group said it will continue organizing until Google cancels Project Nimbus. Further reading: Google To Employees: 'We Are a Workplace'.

According to French business magazine Challenges, Apple has acquired Datakalab -- a Paris-based startup specializing in artificial intelligence compression and computer vision technology. 9to5Mac reports: Datakalab described itself as "experts in low power, runtime efficient, and deep learning algorithms" that work on device. On its LinkedIn page, Datakalab highlights "industry leading compression and adaptation to deploy embedded computer vision that is fast, cost-effective and precise." Prior to the Apple acquisition had between 10 and 20 employees.

From Datakalab's now-defunct website: "Datakalab is a French technology company that develops computer image analysis algorithms to measure flows in public space. The images are instantly transformed into anonymized statistical data processed locally in 100ms. Datakalab does not store any images or personal data and only keeps statistical data. Datakalab products are built according to the principle of 'Privacy by Design.'"

While neither Apple nor DatakaLab have acknowledged the acquisition, Challenges says that the deal was reported to the European Commission this month. The report says that Datakalab's two founders did not join Apple, but multiple other employees did make the jump. Datakalab also held multiple patents related to AI compression and vision technology. The acquisition makes perfect sense given Apple's rumored ambitions to run its upcoming AI-related features in iOS 18 "entirely on device."

Amazon confirmed it is ending Prime Air drone delivery operations in Lockeford, California. The Central California town of 3,500 was the company's second U.S. drone delivery site, after College Station, Texas. Operations were announced in June 2022. From a report: The retail giant is not offering details around the setback, only noting, "We'll offer all current employees opportunities at other sites, and will continue to serve customers in Lockeford with other delivery methods. We want to thank the community for all their support and feedback over the past few years."

College Station deliveries will continue, along with a forthcoming site in Tolleson, Arizona set to kick off deliveries later this year. Tolleson, a city of just over 7,000, is located in Maricopa County, in the western portion of the Phoenix metropolitan area. Prime Air's arrival brings same-day deliveries to Amazon customers in the region, courtesy of a hybrid fulfillment center/delivery station. The company says it will be contacting impacted customers when the service is up and running. There's no specific information on timing beyond "this year," owing, in part, to ongoing negotiations with both local officials and the FAA required to deploy in the airspace.

Yet another international cop shop has come out swinging against end-to-end encryption - this time it's Europol which is urging an end to implementation of the tech for fear police investigations will be hampered by protected DMs. The Register: In a joint declaration of European police chiefs published over the weekend, Europol said it needs lawful access to private messages, and said tech companies need to be able to scan them (ostensibly impossible with E2EE implemented) to protect users. Without such access, cops fear they won't be able to prevent "the most heinous of crimes" like terrorism, human trafficking, child sexual abuse material (CSAM), murder, drug smuggling and other crimes.

"Our societies have not previously tolerated spaces that are beyond the reach of law enforcement, where criminals can communicate safely and child abuse can flourish," the declaration said. "They should not now." The joint statement, which was agreed to in cooperation with the UK's National Crime Agency, isn't exactly making a novel claim. It's nearly the same line of reasoning that the Virtual Global Taskforce, an international law enforcement group founded in 2003 to combat CSAM online, made last year when Meta first first started talking about implementing E2EE on Messenger and Instagram.

An anonymous reader shares a report: To accommodate tech companies' pivots to artificial intelligence, tech companies are increasingly investing in ways to power AI's immense electricity needs. Most recently, OpenAI CEO Sam Altman invested in Exowatt, a company using solar power to feed data centers, according to the Wall Street Journal. That's on the heals of OpenAI partner, Microsoft, working on getting approval for nuclear energy to help power its AI operations. Last year Amazon, which is a major investor in AI company Anthropic, said it invested in more than 100 renewable energy projects, making it the "world's largest corporate purchaser of renewable energy for the fourth year in a row."

The co-founder of Silicon Valley-based software testing startup HeadSpin was sentenced Friday to 18 months in prison and a $1 million fine, reports SFGate — for defrauding investors. Lachwani pleaded guilty to two counts of wire fraud and a count of securities fraud in April 2023, after federal prosecutors accused him of, for years, lying to investors about HeadSpin's finances to raise more money. HeadSpin, founded in 2015, grew to a $1.1 billion valuation by 2020 with over $115 million in funding from investors including Google Ventures and Iconiq Capital... He had personally altered invoices, lied to the company accountant and sent slide decks with fraudulent information to investors, [according to the government's 2021 criminal complaint]...

Breyer, per the New York Times, rejected Lachwani's lawyer's argument that because HeadSpin investors didn't end up losing money, he should receive a light sentence. The judge, who often oversees tech industry cases, reportedly said: "If you win, there are no serious consequences — that simply can't be the law." Still, the sentencing was far lighter than it could have been. The government's prosecuting attorneys had asked for a five-year prison term.
The New York Times reported in December that HeadSpin's financial statements had "often arrived months late, if at all, investors said in legal declarations," while the company's financial department "consisted of one external accountant who worked mostly from home using QuickBooks." And the comnpany also had no human resources department or organizational chart... After Manish Lachwani founded the Silicon Valley software start-up HeadSpin in 2015, he inflated the company's revenue numbers by nearly fourfold and falsely claimed that firms including Apple and American Express were customers. He showed a profit where there were losses. He used HeadSpin's cash to make risky trades on tech stocks. And he created fake invoices to cover it all up.

What was especially breathtaking was how easily Mr. Lachwani, now 48, pulled all that off... [HeadSpin] had no chief financial officer, had no human resources department and was never audited. Mr. Lachwani used that lack of oversight to paint a rosier picture of HeadSpin's growth. Even though its main investors knew the start-up's financials were not accurate, according to Mr. Lachwani's lawyers, they chose to invest anyway, eventually propelling HeadSpin to a $1.1 billion valuation in 2020. When the investors pushed Mr. Lachwani to add a chief financial officer and share more details about the company's finances, he simply brushed them off. These details emerged this month in filings in U.S. District Court for the Northern District of California after Mr. Lachwani had pleaded guilty to three counts of fraud in April...

The absence of controls at HeadSpin is part of an increasingly noticeable pattern at Silicon Valley start-ups that have run into trouble. Over the past decade, investors in tech start-ups were so eager to back hot companies that many often overlooked reckless behavior and gave up key controls like board seats, all in the service of fast growth and disruption. Then when founders took the ethos of "fake it till you make it" too far, their investors were often unaware or helpless...

Now, amid a start-up shakeout, more frauds have started coming to light. The founder of the college aid company Frank has been charged, the internet connectivity start-up Cloudbrink has been sued, and the social media app IRL has been investigated and sued. Last month, Mike Rothenberg, a Silicon Valley investor, was found guilty on 21 counts of fraud and money laundering. On Monday, Trevor Milton, founder of the electric vehicle company Nikola, was sentenced to four years in prison for lying about Nikola's technological capabilities.
The Times points out that similarly, FTX only had a three-person board "with barely any influence over the company, tracked its finances on QuickBooks and used a small, little-known accounting firm." And that Theranos had no financial audits for six years.

The EU's European Data Protection Board oversees its privacy-protecting GDPR policies.

Earlier this week, TechCrunch reported that nearly two dozen civil society groups and nonprofits wrote the Board an open letter "urging it not to endorse a strategy used by Meta that they say is intended to bypass the EU's privacy protections for commercial gain."

Meta's strategy is sometimes called "Pay or Okay," writes long-time Slashdot reader AmiMoJo : Meta offers users a choice: "consent" to tracking, or pay over €250/year to use its sites without invasive monetization of personal data.
Meta prefers the phrase "subsccription for no ads," and told TechCrunch it makes them compliant with EU laws: A raft of complaints have been filed against Meta's implementation of the pay-or-consent tactic since it launched the "no ads" subscription offer last fall. Additionally, in a notable step last month, the European Union opened a formal investigation into Meta's tactic, seeking to find whether it breaches obligations that apply to Facebook and Instagram under the competition-focused Digital Markets Act. That probe remains ongoing.
The letter to the Board called for "robust protections that prioritize data subjects' agency and control over their information." And Wednesday the board issued its first decision:

"[I]n most cases, it will not be possible for [social media services] to comply with the requirements for valid consent, if they confront users only with a choice between consenting to processing of personal data for behavioural advertising purposes and paying a fee." The EDPB considers that offering only a paid alternative to services which involve the processing of personal data for behavioural advertising purposes should not be the default way forward for controllers. When developing alternatives, large online platforms should consider providing individuals with an 'equivalent alternative' that does not entail the payment of a fee. If controllers do opt to charge a fee for access to the 'equivalent alternative', they should give significant consideration to offering an additional alternative. This free alternative should be without behavioural advertising, e.g. with a form of advertising involving the processing of less or no personal data.
EDPB Chair, Anu Talus added: "Controllers should take care at all times to avoid transforming the fundamental right to data protection into a feature that individuals have to pay to enjoy."

Late Friday night the U.S. Senate "reauthorized the Foreign Intelligence Surveillance Act, a key. U.S. surveillance authority," reports Axios, "shortly after it expired in the early hours Saturday morning." The president then signed the bill into law. The reauthorization came despite bipartisan concerns about Section 702, which allows the government to collect communications from non-U.S. citizens overseas without a warrant. The legislation passed the Senate 60 to 34, with 17 Democrats, Sen. Bernie Sanders (I-Vt.) and 16 Republicans voting "nay." It extends the controversial Section 702 for two more years.
The bill had already passed last week in the U.S. House of Representatives, explains CNN: Under FISA's Section 702, the government hoovers up massive amounts of internet and cell phone data on foreign targets. Hundreds of thousands of Americans' information is incidentally collected during that process and then accessed each year without a warrant — down from millions of such queries the US government ran in past years. Critics refer to these queries as "backdoor" searches...

According to one assessment, it forms the basis of most of the intelligence the president views each morning and it has helped the U.S. keep tabs on Russia's intentions in Ukraine, identify foreign efforts to access US infrastructure, uncover foreign terror networks and thwart terror attacks in the U.S.
An interesting detail from The Verge: Sens. Ron Wyden (D-OR) and Josh Hawley (R-MO) introduced an amendment that would have struck language in the House bill that expanded the definition of "electronic communications service provider." Under the House's new provision, anyone "who has access to equipment that is being or may be used to transmit or store wire or electronic communications." The expansion, Wyden has claimed, would force "ordinary Americans and small businesses to conduct secret, warrantless spying." The Wyden-Hawley amendment failed 34-58, meaning that the next iteration of the FISA surveillance program will be more expansive than before.
Saturday morning the U.S. House of Representatives passed a bill banning TikTok if its Chinese owner doesn't sell the app.

Long-time Slashdot reader AmiMoJo shares an article from TechSpot: Zilog is retiring the Z80 after 48 years on the market. Originally developed as a project stemming from the Intel 8080, it eventually rose to become one of the most popular and widely used 8-bit CPUs in both gaming and general computing devices.

The iconic IC device, developed by Federico Faggin, will soon be phased out, and interested parties only have a few months left to place their orders before Zilog's manufacturing partner ends support for the technology... Federico Faggin, an Intel engineer, founded Zilog in 1974 after his work on the Intel 4004, the first 4-bit CPU. The Zilog Z80 was then released in July 1976, conceived as a software-compatible 'extension' and enhancement of the Intel 8080 processor.
Back in 1999 Slashdot was calling Zilog's updated eZ80 "one of the fastest 8-bit CPUs available today, executing code 4 times faster than a standard Z80 operating at the same clock speed."

Another headline, from 2001: Zilog To File For Chapter 11...