"TikTok has lost its bid to strike down a law that could result in the platform being banned in the United States," reports CNN.

A U.S. federal appeals court just unanimously ruled in favor of the new U.S. law requiring TikTok's China-based owners to either sell the app next month or face an effective ban in the United States. Denying TikTok's argument that the law was unconstitutional, the judges found that the law does not "contravene the First Amendment to the Constitution of the United States," nor does it "violate the Fifth Amendment guarantee of equal protection of the laws"... After the [January 25] deadline, U.S. app stores and internet services could face hefty fines for hosting TikTok if it is not sold. (Under the legislation, President Biden may issue a one-time extension of the deadline.)

In a statement, TikTok indicated it would appeal the decision. "The Supreme Court has an established historical record of protecting Americans' right to free speech, and we expect they will do just that on this important constitutional issue," said company spokesperson Michael Hughes. "Unfortunately, the TikTok ban was conceived and pushed through based upon inaccurate, flawed and hypothetical information, resulting in outright censorship of the American people. The TikTok ban, unless stopped, will silence the voices of over 170 million Americans here in the US and around the world on January 19th, 2025"....

"People in the United States would remain free to read and share as much PRC propaganda (or any other content) as they desire on TikTok or any other platform of their choosing," the judges said. "What the Act targets is the PRC's ability to manipulate the content covertly. Understood in that way, the Government's justification is wholly consonant with the First Amendment."
The judges also wrote that "in part precisely because of the platform's expansive reach, Congress and multiple Presidents determined that divesting it from the PRC's control is essential to protect our national security... Congress judged it necessary to assume that risk given the grave national-security threats it perceived."

CNN notes that ByteDance "has previously indicated it will not sell TikTok."

An anonymous reader shared this report from Defense News: Following a pattern of undersea cable damage across European waters in the last year, with the most recent disruptions happening just weeks ago, top NATO officials have begun envisioning a capability that would allow the alliance to have permanent eyes above and under the waterline. In an interview with Defense News, Admiral Pierre Vandier, the alliance's Norfolk, Virginia-based commander for concepts and transformation, likened the idea to police CCTV cameras installed on street lights in urban trouble spots for recording evidence of crimes. "The technology is there to make this street-lighting with USVs," he said, using the military's shorthand for unmanned surface vessel. Vandier said his team is in the early stages of developing an unmanned surface vessel fleet so that "NATO can see and monitor daily its environment."

The first step would be to achieve this at a surface level, and then later under water... According to Vandier, the goal is to launch the drone surveillance fleet before the next NATO Summit, which will be held in the Netherlands next June.
The article notes the U.S. Navy's Task Force 59 (launched in 2021) is already "dedicated to integrating unmanned systems and AI in the U.S. Navy's 5th Fleet area of operations." This prompted Admiral Vandier to say the technology for an unmanned cable-watching fleet "already exists... everything is known and sold, so it is much more a matter of adoption than technology."

"Okay, we're doing this," begins a new announcement at The Verge: Today we're launching a Verge subscription that lets you get rid of a bunch of ads, gets you unlimited access to our top-notch reporting and analysis across the site and our killer premium newsletters, and generally lets you support independent tech journalism in a world of sponsored influencer content. It'll cost $7 / month or $50 / year — and for a limited time, if you sign up for the annual plan, we'll send you an absolutely stunning print edition of our CONTENT GOBLINS series, with very fun new photography and design... A surprising number of you have asked us to launch something like this, and we're happy to deliver. If you don't want to pay, rest assured that big chunks of The Verge will remain free — we're thinking about subscriptions a lot differently than everyone else...

If you're a Verge reader, you know we've been covering massive, fundamental changes to how the internet works for years now. Most major social media platforms are openly hostile to links, huge changes to search have led to the death of small websites, and everything is covered in a layer of AI slop and weird scams. The algorithmic media ecosystem is now openly hostile to the kind of rigorous, independent journalism we want to do.

A few years ago, we decided the only real way to survive all this was to stand apart and bet on our own website so that we could remain independent of these platforms and their algorithms. We didn't want to write stories to chase Google Search trends or because we thought they'd do well on social media. And we definitely didn't want to compromise our famously strict ethics policy to accept brand endorsement deals from the companies we cover, which almost all of our competitors in the creator economy are forced to do in order to run sustainable businesses...

[W]e intend to keep making this thing together for a long, long time. So many of you like The Verge that we've actually gotten a shocking number of notes from people asking how they can pay to support our work. It's no secret that lots of great websites and publications have gone under over the past few years as the open web falls apart, and it's clear that directly supporting the creators you love is a big part of how everyone gets to stay working on the modern internet. At the same time, we didn't want to simply paywall the entire site — it's a tragedy that traditional journalism is retreating behind paywalls while nonsense spreads across platforms for free.
The print premium for subscribers is described as a "beautiful / deranged print product" that's drawn from a series of articles "about what Google had done to the web, capped off by a feature about search engine optimization titled 'The People Who Ruined the Internet.'" But it ships with a satirical cover that instead proclaims it as "The Verge Guide to Search Engine Optimization". A tongue-in-check announcement explains: [A] year has passed, and we've had a change of heart. Maybe search engine optimization is actually a good thing. Maybe appeasing the search algorithm is not only a sustainable strategy for building a loyal audience, but also a strategic way to plan and produce content. What are journalists, if not content creators? Anyway, SEO community, consider this our apology. And what better way to say "our bad, your industry is not a cesspool of AI slop but a brilliant vision of what a useful internet could look like" than collecting all the things we've learned in one handy print magazine? Which is why I'm proud to introduce The Verge Guide to Search Engine Optimization: All the Tips, Tricks, Hints, Schemes, and Techniques for Promoting High-Quality Content!
Whoops — slip off the cover and the real title appears: "CONTENT GOBLINS" (written in green slime). Again, it's "an anthology of stories about 'content' and the people who 'make' it." In very Verge fashion, we are meeting the moment where the internet has been overrun by AI garbage by publishing a beautifully designed, limited edition print product. (Also, the last time we printed a magazine, it won a very prestigious design award.) Content Goblins collects some of our best stories over the past couple years, capturing the cynical push for the world's great art and journalism to be reduced into units that can be packaged, distributed, and consumed on the internet. Consider Content Goblins as our resistance to that movement. With terrific new art and photography, we're making the case that great reporting is vital and enduring — and worth paying for.

This gorgeous, grotesque magazine can be yours if you commit to an annual subscription to The Verge — while supplies last.

The Carnegie Endowment for Peace, a nonpartisan international affairs think tank, points out that when subsea internet cables were cut in November, Europe was more prepared: Where in the past there were no contingency plans for sabotage, there are now more maritime patrols, an attempt to forge deeper intelligence connections, and the beginnings of a new relationship with the private sector...

Even before the October 2023 incident, NATO, the EU, and certain European governments began to increase their efforts to boost subsea cable resilience and security. In February 2023, NATO stood up a new Critical Undersea Infrastructure Coordination Cell in Brussels to convene stakeholders and enhance coordination between the public and private sectors. In July 2023, NATO allies at the Vilnius Summit established a Maritime Center for the Security of Critical Undersea Infrastructure as part of the alliance's Maritime Command in Northwood, UK. In October 2023, after the first incident, NATO defense ministers endorsed a new Digital Ocean Vision, an initiative aimed at improving undersea surveillance. And in February 2024, the European Commission released its first "Recommendation on Secure and Resilient Submarine Cable Infrastructures," encouraging member states to conduct regular stress tests, improve information sharing amongst themselves, and improve cable maintenance and repair capabilities.
The article points out that the Chinese ship suspected in the 2023 cable cutting "ignored requests from Finnish and Estonian authorities to halt" and returned to China. But the Chinese ship suspected in November's cable-cutting "remains in international waters in the Kattegat, with naval and coast guard vessels from Denmark, Germany, and Sweden circling close by." Yet "Under international maritime law, these countries' authorities are not allowed to board..." Current provisions of international law are neither formulated to adequately protect subsea data cables from sabotage nor hold perpetrators accountable. This reality should lead the EU, as a body inherently focused on the resilience of international legal regimes, to push for updates that are better suited for the current geopolitical reality... Lawmakers should also explore ways to increase penalties for subsea cable damage, in part to deter acts of sabotage in the first place....

A forthcoming Carnegie Endowment report will detail more in-depth recommendations on how Europe can both protect itself against future subsea cable damage and help expand trusted networks around the world.
The article also notes that "Of the hundreds of disruptions to cables that occur each year, the vast majority are caused by accidental human activity, like fishing, or natural events, like earthquakes."

In March, 2023 the Internet Archive lost in court, with a judge ruling they couldn't scan entire books and then lend them as ebooks. The Internet Archive appealed to a higher court, which also ruled against them in September of 2024.

Today, the Internet Archive made an announcement: that "While we are deeply disappointed with the Second Circuit's opinion in Hachette v. Internet Archive, the Internet Archive has decided not to pursue Supreme Court review." We will continue to honor the Association of American Publishers agreement to remove books from lending at their member publishers' requests.

We thank the many readers, authors and publishers who have stood with us throughout this fight. Together, we will continue to advocate for a future where libraries can purchase, own, lend and preserve digital books.

Nature: Millions of research articles are absent from major digital archives. This worrying finding, which Nature reported on earlier this year, was laid bare in a study by Martin Eve, who studies technology and publishing at Birkbeck, University of London. Eve sampled more than seven million articles with unique digital object identifiers (DOIs), a string of characters used to identify and link to specific publications, such as scholarly articles and official reports. Of these, he found that more than two million were 'missing' from archives -- that is, they were not preserved in major archives that ensure literature can be found in the future.

Eve, who is also a research developer at Crossref, an organization that registers DOIs, carried out the study in an effort to better understand a problem librarians and archivists already knew about -- that although researchers are generating knowledge at an unprecedented rate, it is not necessarily being stored safely for the future. One contributing factor is that not all journals or scholarly societies survive in perpetuity. For example, a 2021 study found that a lack of comprehensive and open archiving meant that 174 open-access journals, covering all major research topics and geographical regions, vanished from the web in the first two decades of this millennium.

A lack of long-term archiving particularly affects institutions in low- and middle-income countries, less-affluent institutions in rich countries and smaller, under-resourced journals worldwide. Yet it's not clear whether researchers, institutions and governments have fully taken the problem on board. [...] At the heart of the problem is a lack of money, infrastructure and expertise to archive digital resources. [...] For institutions that can afford it, one solution is to pay a preservation archive to safeguard content. Examples include Portico, based in New York City, and CLOCKSS, based in Stanford, California, both of which count a raft of publishers and libraries as customers.

"Are you spending hours scrolling mindlessly on Instagram reels and TikTok?" asks the BBC. "If so, you might be suffering from brain rot, which has become the Oxford word of the year." It is a term that captures concerns about the impact of consuming excessive amounts of low-quality online content, especially on social media. The word's usage saw an increase of 230% in its frequency from 2023 to 2024. Psychologist and Oxford University Professor, Andrew Przybylski says the popularity of the word is a "symptom of the time we're living in". Brain rot beat five other shortlisted words including demure, Romantasy and dynamic pricing... [And "slop".]

The first recorded use of brain rot dates much before the creation of the internet — it was written down in 1854 by Henry David Thoreau in his book Walden. He criticises society's tendency to devalue complex ideas and how this is part of a general decline in mental and intellectual effort. It leads him to ask: "While England endeavours to cure the potato rot, will not any endeavour to cure the brain-rot — which prevails so much more widely and fatally?" The word initially gained traction on social media among Gen Z and Gen Alpha communities, but it's now being used in the mainstream as a way to describe low-quality, low-value content found on social media.

Prof Przybylski says "there's no evidence of brain rot actually being a thing. Instead it describes our dissatisfaction with the online world and it's a word that we can use to bundle our anxieties that we have around social media."
The New York Times points out that Oxford's past "word of the year" selections included "podcast" and "selfie" [Casper Grathwohl, the president of Oxford Languages, the company's dictionary division] noted the finalists were heavy on old-fashioned words that young people had repurposed in semi-ironic ways — the linguistic equivalent, he said, of "bell-bottoms coming back into fashion...."

"Slop" has undergone a similar update. There was a spike of more than 300 percent over the past year in references not to pig feed, but to "art, writing or other content generated using artificial intelligence, shared and distributed online in an indiscriminate or intrusive way, and characterized as being of low quality, inauthentic or inaccurate," according to Oxford. Like "brain rot," it "represents the underbelly of today's linguistic churn," Grathwohl said. "There's a sense that we are drowning in mediocre experiences as digital lives get clogged."

"Spacecraft, satellites, and space-based systems all face cybersecurity threats that are becoming increasingly sophisticated and dangerous," reports CNBC.

"With interconnected technologies controlling everything from navigation to anti-ballistic missiles, a security breach could have catastrophic consequences." Critical space infrastructure is susceptible to threats across three key segments: in space, on the ground segment and within the communication links between the two. A break in one can be a cascading failure for all, said Wayne Lonstein, co-founder and CEO at VFT Solutions, and co-author of Cyber-Human Systems, Space Technologies, and Threats. "In many ways, the threats to critical infrastructure on Earth can cause vulnerabilities in space," Lonstein said. "Internet, power, spoofing and so many other vectors that can cause havoc in space," he added. The integration of artificial intelligence into space projects has heightened the risk of sophisticated cyber attacks orchestrated by state actors and individual hackers. AI integration into space exploration allows more decision-making with less human oversight.

For example, NASA is using AI to target scientific specimens for planetary rovers. However, reduced human oversight could make these missions more prone to unexplained and potentially calamitous cyberattacks, said Sylvester Kaczmarek, chief technology officer at OrbiSky Systems, which specializes in the integration of AI, robotics, cybersecurity, and edge computing in aerospace applications. Data poisoning, where attackers feed corrupted data to AI models, is one example of what could go wrong, Kaczmarek said. Another threat, he said, is model inversion, where adversaries reverse-engineer AI models to extract sensitive information, potentially compromising mission integrity. If compromised, AI systems could be used to interfere with or take control of strategically important national space missions...

The U.S. government is tightening up the integrity and security of AI systems in space. The 2023 Cyberspace Solarium Commission report stressed the importance of designating outer space as a critical infrastructure sector, urging enhanced cybersecurity protocols for satellite operators... The rivalry between the U.S. and China includes the new battleground of space. As both nations ramp up their space ambitions and militarized capabilities beyond Earth's atmosphere, the threat of cyberattacks targeting critical orbital assets has become an increasingly pressing concern... Space-based systems increasingly support critical infrastructure back on Earth, and any cyberattacks on these systems could undermine national security and economic interests.

Friday the Software Freedom Conservancy announced the production release of the new OpenWrt One network router — designed specifically for running the Linux-based router OS OpenWrt (a member project of the SFC). "This is the first wireless Internet router designed and built with your software freedom and right to repair in mind.

"The OpenWrt One will never be locked down and is forever unbrickable." This device services your needs as its owner and user. Everyone deserves control of their computing. The OpenWrt One takes a great first step toward bringing software rights to your home: you can control your own network with the software of your choice, and ensure your right to change, modify, and repair it as you like.

The OpenWrt One demonstrates what's possible when hardware designers and manufacturers prioritize your software right to repair; OpenWrt One exuberantly follows these requirements of the copyleft licenses of Linux and other GPL'd programs. This device provides the fully copyleft-compliant source code release from the start. Device owners have all the rights as intended on Day 1; device owners are encouraged to take full advantage of these rights to improve and repair the software on their OpenWrt One. Priced at US$89 for a complete OpenWrt One with case (or US$68.42 for a caseless One's logic board), it's ready for a wide variety of use cases...

This new product has completed full FCC compliance tests; it's confirmed that OpenWrt met all of the FCC compliance requirements. Industry "conventional wisdom" often argues that FCC requirements somehow conflict with the software right to repair. SFC has long argued that's pure FUD. We at SFC and OpenWrt have now proved copyleft compliance, the software right to repair, and FCC requirements are all attainable in one product!

You can order an OpenWrt One now! Since today is the traditional day in the USA when folks buy gifts for love ones, we urge you to invest in a wireless router that can last! We do expect that for orders placed today, sellers will deliver by December 22 in most countries... Regardless of where you buy from, for every purchase of a new OpenWrt One, a US$10 donation will go to the OpenWrt earmarked fund at Software Freedom Conservancy. Your purchase not only improves your software right to repair, but also helps OpenWrt and SFC continue to improve the important software and software freedom on which we all rely!
LWN.net points out that OpenWrt has also "served as the base on which a lot of network-oriented development (including the bufferbloat-reduction work) has been done." The OpenWrt One was designed to be a functional network router that would serve as a useful tool for the development of OpenWrt itself. To that end, the hope was to create a device that was entirely supported by upstream free software, and which was as unbrickable as it could be... The OpenWrt One comes with a two-core Arm Cortex-A53 processor, 1GB of RAM, and 256MB of NAND flash memory. There is also a separate, read-only 16MB NOR flash array in the device. Normally, the OpenWrt One will boot and run from the NAND flash, but there is a small switch in the back that will cause it to boot from the NOR instead. This is a bricking-resistance feature; should a software load break the device, it can be recovered by booting from NOR and flashing a new image into the NAND array. ..

After booting into the new image, the One behaved like any other OpenWrt router... What could be more interesting is seeing this router get into the hands of developers and enthusiasts who will use it to make OpenWrt (and other small-system distributions) better.
Long-time Slashdot reader dumfrac writes: The intent to build the device was announced on the OpenWRT forums earlier this year. It is based on MediaTek MT7981B (Filogic 820) SoC and MediaTek MT7976C dual-band WiFi 6 chipset and the board is made by Banana Pi. A poll to select the logo was run in April on the OpenWRT forums, and now the hardware is available for purchase. .

From a new web project called IMG_0001: Between 2009 and 2012, iPhones had a built-in "Send to YouTube" button in the Photos app. Many of these uploads kept their default IMG_XXXX filenames, creating a time capsule of raw, unedited moments from random lives. Inspired by Ben Wallace, I made a bot that crawled YouTube and found 5 million of these videos! Watch them below, ordered randomly.
The Washington Post reports that it's the same 22-year-old software engineer who created Bop Spotter — that phone on a telephone pole using the Shazam app to identify songs people play in public.

And his new site includes only videos "posted before 2015, with fewer than 150 views each and durations shorter than 150 seconds." In about 12 hours total, Walz said, he coded a website that takes millions of these unedited, raw videos from more than nine years ago and serves them to viewers at random. The resulting project, titled IMG_0001 and hosted on his personal website, plays out like a glimpse into different worlds: Hit play and your first video may show teenagers practicing a dance in a high school hallway. That wraps up, and it rolls into footage of a dog frolicking in a snowy backyard...

Viewers were gripped by the videos' unfiltered nature, a contrast to the heavily produced and camera-aware content found on TikTok and YouTube today. Writer Ryan Broderick wrote in his newsletter Garbage Day that the project is "beautiful, haunting, funny, and sort of magical. Like staring into a security camera of the past." Mashable's Tim Marcin called it "the kind of authenticity that's all too rare online these days."

The website has more than 280,000 views and millions of video plays, Walz said — meaning plenty of viewers are sticking around to watch many of the videos.
The article includes an intesting observation from Christian Sandvig, a digital media professor at the University of Michigan. "The people who made the video might not even remember that they shared them!"

SpzToid writes: A Chinese commercial vessel that has been surrounded by European warships in international waters for a week is central to an investigation of suspected sabotage that threatens to test the limits of maritime law -- and heighten tensions between Beijing and European capitals.

Investigators suspect that the crew of the Yi Peng 3 bulk carrier -- 225 meters long, 32 meters wide and loaded with Russian fertilizer -- deliberately severed two critical data cables last week as its anchor was dragged along the Baltic seabed for over 100 miles.

Their probe now centers on whether the captain of the Chinese-owned ship, which departed the Russian Baltic port of Ust-Luga on Nov. 15, was induced by Russian intelligence to carry out the sabotage. It would be the latest in a series of attacks on Europe's critical infrastructure that law-enforcement and intelligence officials say have been orchestrated by Russia.

Meta plans to build a $10 billion private, "mother of all" undersea fiber-optic cable network spanning over 40,000 kilometers around the world, according to TechCrunch. The project, dubbed "W" for its shape, would run from the U.S. east coast to the west coast via India, South Africa and Australia, avoiding regions prone to cable sabotage including the Red Sea and South China Sea.

The social media giant, which co-owns 16 existing cable networks, aims to gain full control over traffic prioritization for its services. The project mirrors Google's strategy of private cable ownership. The construction could take 5-10 years to complete.

Nearly 89% of smart device manufacturers fail to disclose how long they will provide software updates for their products, a Federal Trade Commission staff study found this week. The review of 184 connected devices, including hearing aids, security cameras and door locks, revealed that 161 products lacked clear information about software support duration on their websites.

Basic internet searches failed to uncover this information for two-thirds of the devices. "Consumers stand to lose a lot of money if their smart products stop delivering the features they want," said Samuel Levine, Director of the FTC's Bureau of Consumer Protection. The agency warned that manufacturers' failure to provide software update information for warranted products costing over $15 may violate the Magnuson Moss Warranty Act. The FTC also cautioned that companies could violate the FTC Act if they misrepresent product usability periods. The study excluded laptops, personal computers, tablets and automobiles from its review.

The FCC said it has approved a license for T-Mobile and SpaceX's Starlink to provide supplemental coverage to cover internet dead zones. Reuters reports: The license marks the first time the FCC has authorized a satellite operator collaborating with a wireless carrier to provide supplemental telecommunications coverage from space on some flexible-use spectrum bands allocated to terrestrial service. The partnership aims to extend the reach of wireless networks to remote areas and eliminate "dead zones."

T-Mobile and SpaceX announced a partnership in 2022 and in January the first set of satellites supporting the partnership was launched into low-Earth orbit with SpaceX's Falcon 9 rocket. "The FCC is actively promoting competition in the space economy by supporting more partnerships between terrestrial mobile carriers and satellite operators to deliver on a single network future that will put an end to mobile dead zones," said FCC Chair Jessica Rosenworcel.

The Macquarie Dictionary, the national dictionary of Australia, has picked "enshittification" as its word of the year. Gizmodo reports: The Australians define the word as "the gradual deterioration of a service or product brought about by a reduction in the quality of service provided, especially of an online platform, and as a consequence of profit-seeking." We've all felt this. Google search is filled with garbage. The internet is clogged with SEO-farming websites that clog up results. Facebook is an endless stream of AI-generated slop. Zoom wants you to test out its new AI features while you're trying to go into a meeting. Twitter has become X, and its owner thinks sharing links is a waste of time. Last night I reinstalled Windows 11 on a desktop machine and got pissed as it was finalized and Microsoft kept trying to get me to install OneDrive, Office 360, Call of Duty Black Ops 6, and a bunch of other shit I didn't want. Writer and activist Cory Doctorow coined the term enshittification in 2022, and recently offered potential solutions to the age-old phenomenon in an interview with The Register.

"We need to have prohibition and regulation that prohibits the capital markets from funding predatory pricing," he explained. "It's very hard to enter the market when people are selling things below cost. We need to prohibit predatory acquisitions. Look at Facebook: buying Instagram, and Mark Zuckerberg sending an email saying we're buying Instagram because people don't like Facebook and they're moving to Instagram, and we just don't want them to have anywhere else to go."

Ars Technica's Jon Brodkin reports: Lobby groups for Internet service providers claim that ISPs' customer service is so good already that the government shouldn't consider any new regulations to mandate improvements. They also claim ISPs face so much competition that market forces require providers to treat their customers well or lose them to competitors. Cable lobby group NCTA-The Internet & Television Association told the Federal Communications Commission in a filing (PDF) that "providing high-quality products and services and a positive customer experience is a competitive necessity in today's robust communications marketplace. To attract and retain customers, NCTA's cable operator members continuously strive to ensure that the customer support they provide is effective and user-friendly. Given these strong marketplace imperatives, new regulations that would micromanage providers' customer service operations are unnecessary."

Lobby groups filed comments in response to an FCC review of customer service that was announced last month, before the presidential election. While the FCC's current Democratic leadership is interested in regulating customer service practices, the Republicans who will soon take over opposed the inquiry. USTelecom, which represents telcos such as AT&T and Verizon, said that "the competitive broadband marketplace leaves providers of broadband and other communications services no choice but to provide their customers with not only high-quality broadband, but also high-quality customer service."

"If a provider fails to efficiently resolve an issue, they risk losing not only that customer -- and not just for the one service, but potentially for all of the bundled services offered to that customer -- but also any prospective customers that come across a negative review online. Because of this, broadband providers know that their success is dependent upon providing and maintaining excellent customer service," USTelecom wrote. While the FCC Notice of Inquiry said that providers should "offer live customer service representative support by phone within a reasonable timeframe," USTelecom's filing touted the customer service abilities of AI chatbots. "AI chat agents will only get better at addressing customers' needs more quickly over time -- and if providers fail to provide the customer service and engagement options that their customers expect and fail to resolve their customers' concerns, they may soon find that the consumer is no longer a customer, having switched to another competitive offering," the lobby group said.

An anonymous reader quotes a report from Ars Technica: The Supreme Court signaled it may take up a case that could determine whether Internet service providers must terminate users who are accused of copyright infringement. In an order (PDF) issued today, the court invited the Department of Justice's solicitor general to file a brief "expressing the views of the United States."

In Sony Music Entertainment v. Cox Communications, the major record labels argue that cable provider Cox should be held liable for failing to terminate users who were repeatedly flagged for infringement based on their IP addresses being connected to torrent downloads. There was a mixed ruling at the US Court of Appeals for the 4th Circuit as the appeals court affirmed a jury's finding that Cox was guilty of willful contributory infringement but reversed a verdict on vicarious infringement "because Cox did not profit from its subscribers' acts of infringement." That ruling vacated a $1 billion damages award and ordered a new damages trial. Cox and Sony are both seeking a Supreme Court review. Cox wants to overturn the finding of willful contributory infringement, while Sony wants to reinstate the $1 billion verdict.

The Supreme Court asking for US input on Sony v. Cox could be a precursor to the high court taking up the case. For example, the court last year asked the solicitor general to weigh in on Texas and Florida laws that restricted how social media companies can moderate their platforms. The court subsequently took up the case and vacated lower-court rulings, making it clear that content moderation is protected by the First Amendment.

Lawyers for the United States on Monday said that Google had created a monopoly with its services to place ads online, closing out an antitrust trial over the company's dominance in advertising technology that could add to the Silicon Valley giant's mounting woes. From a report: The legal case concerns a system of software that is used by advertisers to place ads on websites around the internet. Aaron Teitelbaum, a lawyer for the Justice Department, told Judge Leonie M. Brinkema of the U.S. District Court for the Eastern District of Virginia that the company had linked its products together in a way that made it hard for publishers and advertisers to use alternatives.

"Google is once, twice, three times a monopolist," he said. "These are the markets that make the free and open internet possible." Google's lead lawyer, Karen Dunn, countered that the government had failed to offer the evidence to prove its case and was on shaky legal ground. "Google's conduct is a story of innovation in response to competition," she said. The arguments conclude U.S. et al. v. Google, an antitrust suit that the Justice Department and eight states filed against Google last year. (More states have joined the suit since then.) The agency and states accused the internet giant of abusing control of its ad technology and violating antitrust law, in part through the acquisition of the advertising software company Doubleclick in 2008. Next, Judge Brinkema will decide the merits of the case in the coming months.

Palo Alto Networks boasts 70,000 customers in 150 countries, including 85% of the Fortune 500.

But this week "thousands of Palo Alto Networks firewalls were compromised by attackers exploiting two recently patched security bug," reports the Register: The intruders were able to deploy web-accessible backdoors to remotely control the equipment as well as cryptocurrency miners and other malware. Roughly 2,000 devices had been hijacked as of Wednesday — a day after Palo Alto Networks pushed a patch for the holes — according to Shadowserver and Onyphe. As of Thursday, the number of seemingly compromised devices had dropped to about 800. The vendor, however, continues to talk only of a "limited number" of exploited installations... The Register has asked for clarification, including how many compromised devices Palo Alto Networks is aware of, and will update this story if and when we hear back from the vendor.

Rumors started swirling last week about a critical security hole in Palo Alto Networks appliances that allowed remote unauthenticated attackers to execute arbitrary code on devices. Exploitation requires access to the PAN-OS management interface, either across the internet or via an internal network. The manufacturer did eventually admit that the firewall-busting vulnerability existed, and had been exploited as a zero-day — but it was still working on a patch. On Tuesday, PAN issued a fix, and at that time said there were actually two vulnerabilities. The first is a critical (9.3 CVSS) authentication bypass flaw tracked as CVE-2024-0012. The second, a medium-severity (6.9 CVSS) privilege escalation bug tracked as CVE-2024-9474. The two can be chained together to allow remote code execution (RCE) against the PAN-OS management interface... once the attackers break in, they are using this access to deploy web shells, Sliver implants, and/or crypto miners, according to Wiz threat researchers.

Craig Newmark "is alarmed about potential cybersecurity risks in the U.S.," according to Yahoo Finance. The 71-year-old Craigslist founder says "our country is under attack now" in a new interview with Yahoo Finance executive editor Brian Sozzi on his Opening Bid podcast.

But Newmark also revealed what he's doing about it: [H]e started Craig Newmark Philanthropies to primarily invest in projects to protect critical American infrastructure from cyberattacks. He told Sozzi he is now spending $200 million more to address the issue, on top of an initial $100 million pledge revealed in September of this year. He encouraged other wealthy people to join him in the fight against cyberattacks. "I tell people, 'Hey, the people who protect us could use some help. The amounts of money comparatively are small, so why not help out,'" he said... The need for municipalities and other government entities to act rather than react remains paramount, warns Newmark. "I think a lot about this," said Newmark.

"I've started to fund networks of smart volunteers who can help people protect infrastructure, particularly [for] the small companies and utilities across the country who are responsible for most of our electrical and power supplies, transportation infrastructure, [and] food distribution.... A lot of these systems have no protection, so an adversary could just compromise them, saying unless you do what we need, we can start shutting off these things," he continued. Should that happen, recovery "could take weeks and weeks without your water supply or electricity."
A web page at Craig Newmark Philanthropies offers more details Craig was part of the whole "duck and cover" thing, in the 50s and 60s, and realizes that we need civil defense in the cyber domain, "cyber civil defense." This is patriotism, for regular people.

He's committed $100 million to form a Cyber Civil Defense network of groups who are starting to protect the country from cyber threats. Attacks on our power grids, our cyber infrastructure and even the internet-connected gadgets and appliances in our homes are real. If people think that's alarmist, tell them to "Blame Craig." The core of Cyber Civil Defense [launched in 2022] includes groups like Aspen Digital, Global Cyber Alliance, and Consumer Reports, focusing on citizen cyber education and literacy, cyber tool development, and cybersecurity workforce programs aimed at diversifying the growing field.
It's already made significant investments in groups like the Ransomware Task Force and threat watchdog group Shadowserver Foundation...