An anonymous reader quotes a report from Reuters: Clearview AI is expanding sales of its facial recognition software to companies from mainly serving the police, it told Reuters, inviting scrutiny on how the startup capitalizes on billions of photos it scrapes from social media profiles. [...] Clearview primarily helps police identify people through social media images, but that business is under threat due to regulatory investigations. The settlement with the American Civil Liberties Union bans Clearview from providing the social-media capability to corporate clients.

Instead of online photo comparisons, the new private-sector offering [called "Clearview Consent"] matches people to ID photos and other data that clients collect with subjects' permission. It is meant to verify identities for access to physical or digital spaces. Vaale, a Colombian app-based lending startup, said it was adopting Clearview to match selfies to user-uploaded ID photos. [...] Clearview AI CEO Hoan Ton-That said a U.S. company selling visitor management systems to schools had signed up as well. He said a customer's photo database is stored as long as they wish and not shared with others, nor used to train Clearview's AI. But the face-matching that Clearview is selling to companies was trained on social media photos. It said the diverse collection of public images reduces racial bias and other weaknesses that affect rival systems constrained by smaller datasets. The company outlined their path forward in a press release Wednesday.

"Today, FRT is used to unlock your phone, verify your identity, board an airplane, access a building, and even for payment," Clearview AI CEO Hoan Ton-That said in a statement. "Now, we are offering companies who use facial recognition as part of a consent-based workflow access to Clearview AI's superior, industry-leading FRT algorithm, bringing an increased level of security and protection to the marketplace."

He added: "Using facial recognition as a preventative measure means fewer crimes and fewer victims. Ultimately, Clearview Consent is all about making everyday consumers feel more secure in a world that is rife with crime and fraud."

An anonymous reader quotes a report from The Guardian: Dutch police have received dozens of leads after using deepfake technology to virtually bring to life a teenager almost two decades after his murder. Sedar Soares was shot dead in 2003 while throwing snowballs with friends in the parking lot of a Rotterdam metro station. The 13-year-old's murder baffled police for years. Now, with the permission of Sedar's family, they have made a video in which the teen asks the public to help solve the cold-case crime.

In what Dutch police believe could be a world first, an eerily lifelike image of Sedar appears in the video as he greets the camera and picks up a football. Accompanied by stirring music, he walks through a guard of honor on the field, comprising his relatives, former teachers and friends. "Somebody must know who murdered my darling brother. That's why he has been brought back to life for this film," a voice says, before Sedar stops and drops his ball. "Do you know more? Then speak," Sedar and his relatives and friends say, before his image disappears from the field and the video gives the police contact details. Dutch police have posted the deepfake video on YouTube. You can also watch the making of the video in the documentary "Speak! Now!"

This week New York's attorney general announced they're officially "launching investigations into the social media companies that the Buffalo shooter used to plan, promote, and stream his terror attack." Slashdot reader echo123 points out that Discord confirmed that roughly 30 minutes before the attack a "small group" was invited to join the shooter's server. "None of the people he invited to review his writings appeared to have alerted law enforcement," reports the New York Times., "and the massacre played out much as envisioned."

But meanwhile, another Times article tells a tangentially-related story from 2019 about what ultimately happened to "a partial recording of a livestream by a gunman while he murdered 51 people that day at two mosques in Christchurch, New Zealand." For more than three years, the video has remained undisturbed on Facebook, cropped to a square and slowed down in parts. About three-quarters of the way through the video, text pops up urging the audience to "Share THIS...." Online writings apparently connected to the 18-year-old man accused of killing 10 people at a Buffalo, New York, grocery store Saturday said that he drew inspiration for a livestreamed attack from the Christchurch shooting. The clip on Facebook — one of dozens that are online, even after years of work to remove them — may have been part of the reason that the Christchurch gunman's tactics were so easy to emulate.

In a search spanning 24 hours this week, The New York Times identified more than 50 clips and online links with the Christchurch gunman's 2019 footage. They were on at least nine platforms and websites, including Reddit, Twitter, Telegram, 4chan and the video site Rumble, according to the Times' review. Three of the videos had been uploaded to Facebook as far back as the day of the killings, according to the Tech Transparency Project, an industry watchdog group, while others were posted as recently as this week. The clips and links were not difficult to find, even though Facebook, Twitter and other platforms pledged in 2019 to eradicate the footage, pushed partly by public outrage over the incident and by world governments. In the aftermath, tech companies and governments banded together, forming coalitions to crack down on terrorist and violent extremist content online. Yet even as Facebook expunged 4.5 million pieces of content related to the Christchurch attack within six months of the killings, what the Times found this week shows that a mass killer's video has an enduring — and potentially everlasting — afterlife on the internet.

"It is clear some progress has been made since Christchurch, but we also live in a kind of world where these videos will never be scrubbed completely from the internet," said Brian Fishman, a former director of counterterrorism at Facebook who helped lead the effort to identify and remove the Christchurch videos from the site in 2019....

Facebook, which is owned by Meta, said that for every 10,000 views of content on the platform, only an estimated five were of terrorism-related material. Rumble and Reddit said the Christchurch videos violated their rules and they were continuing to remove them. Twitter, 4chan and Telegram did not respond to requests for comment
For what it's worth, this week CNN also republished an email they'd received in 2016 from 4chan's current owner, Hiroyuki Nishimura. The gist of the email? "If I liked censorship, I would have already done that."

But Slashdot reader Bruce66423 also shares an interesting observation from The Guardian's senior tech reporter about the major tech platforms. "According to Hany Farid, a professor of computer science at UC Berkeley, there is a tech solution to this uniquely tech problem. Tech companies just aren't financially motivated to invest resources into developing it." Farid's work includes research into robust hashing, a tool that creates a fingerprint for videos that allows platforms to find them and their copies as soon as they are uploaded...

Farid: It's not as hard a problem as the technology sector will have you believe... The core technology to stop redistribution is called "hashing" or "robust hashing" or "perceptual hashing". The basic idea is quite simple: you have a piece of content that is not allowed on your service either because it violated terms of service, it's illegal or for whatever reason, you reach into that content, and extract a digital signature, or a hash as it's called.... That's actually pretty easy to do. We've been able to do this for a long time. The second part is that the signature should be stable even if the content is being modified, when somebody changes say the size or the color or adds text. The last thing is you should be able to extract and compare signatures very quickly.

So if we had a technology that satisfied all of those criteria, Twitch would say, we've identified a terror attack that's being live-streamed. We're going to grab that video. We're going to extract the hash and we are going to share it with the industry. And then every time a video is uploaded with the hash, the signature is compared against this database, which is being updated almost instantaneously. And then you stop the redistribution.

It's a problem of collaboration across the industry and it's a problem of the underlying technology. And if this was the first time it happened, I'd understand. But this is not, this is not the 10th time. It's not the 20th time. I want to emphasize: no technology's going to be perfect. It's battling an inherently adversarial system. But this is not a few things slipping through the cracks.... This is a complete catastrophic failure to contain this material. And in my opinion, as it was with New Zealand and as it was the one before then, it is inexcusable from a technological standpoint.
"These are now trillion-dollar companies we are talking about collectively," Farid points out later. "How is it that their hashing technology is so bad?

Last week America's Justice Department "launched its first criminal prosecution involving the alleged use of cryptocurrency to evade U.S. economic sanctions," reports the Washington Post. They cite a nine-page opinion from a federal judge approving the government's criminal complaint against an American "accused of transmitting more than $10 million worth of bitcoin to a virtual currency exchange in one of a handful of countries comprehensively sanctioned by the U.S. government: Cuba, Iran, North Korea, Syria or Russia.

"In the ruling, the judge called cryptocurrency's reputation for providing anonymity to users a myth." He added that while some legal experts argue that virtual moneys such as bitcoin, ethereum or Tether are not subject to U.S. sanctions laws because they are created and move outside the traditional financial system, recent action taken by the Treasury Department's Office of Foreign Assets Control [OFAC] require federal courts to find otherwise.

"Issue One: virtual currency is untraceable? WRONG ... Issue Two: sanctions do not apply to virtual currency? WRONG," Faruqui wrote...

"The Department of Justice can and will criminally prosecute individuals and entities for failure to comply with OFAC's regulations, including as to virtual currency," Faruqui said. In the opinion, Faruqui wrote that he adopted guidance issued in October by OFAC, which stated that sanctions regulations apply equally to transactions involving virtual currencies as those involving the U.S. dollar or other traditional fiat currencies.

Ari Redbord, who served in 2019 and 2020 as a senior adviser to the Treasury Department's undersecretary for terrorism and financial intelligence, called the case the first U.S. criminal prosecution targeting solely the use of cryptocurrency in a sanctions case. He said the ruling made clear such conduct is traceable and "immutable — in other words, transactions using cryptocurrency are forever.... What we are seeing is that the Department of Justice is going to actively go after actors that attempt to use cryptocurrency, but also that it is hard to use cryptocurrency to evade sanctions," Redbord said. "It shows, in many respects, cryptocurrency is not a good tool for sanctions evasion or money laundering."
In this case, The Register reports, "An unnamed American citizen allegedly used a US-based IP address to run an online payments platform" in a sanctioned country. The service advertised itself as being "designed to evade US sanctions" and claimed its transactions were untraceable, it was alleged. We're told the defendant bought and sold Bitcoin using a US-based online currency exchange using fiat currency from a US bank account.
The Post argues that this prosecution represents "a new U.S. criminal sanctions enforcement push targeting cryptocurrency transactions at a time of rising concern over the extent to which illicit actors can use or are using such methods to launder money or do business with countries the United States has cut off from the dollar..."

The Department of Justice announced today a policy shift in that it will no longer prosecute good-faith security research that would have violated the country's federal hacking law the Computer Fraud and Abuse Act (CFAA). Motherboard: The move is significant in that the CFAA has often posed a threat to security researchers who may probe or hack systems in an effort to identify vulnerabilities so they can be fixed. The revision of the policy means that such research should not face charges.

"Computer security research is a key driver of improved cybersecurity," Deputy Attorney General Lisa O. Monaco said in a statement published with the announcement. "The department has never been interested in prosecuting good-faith computer security research as a crime, and today's announcement promotes cybersecurity by providing clarity for good-faith security researchers who root out vulnerabilities for the common good." The policy itself reads that "the Department's goals for CFAA enforcement are to promote privacy and cybersecurity by upholding the legal right of individuals, network owners, operators, and other persons to ensure the confidentiality, integrity, and availability of information stored in their information systems."

Han Bing, a former database administrator for Lianjia, a Chinese real-estate brokerage giant, has been sentenced to 7 years in prison for logging into corporate systems and deleting the company's data. BleepingComputer reports: Bing allegedly performed the act in June 2018, when he used his administrative privileges and "root" account to access the company's financial system and delete all stored data from two database servers and two application servers. This has resulted in the immediate crippling of large portions of Lianjia's operations, leaving tens of thousands of its employees without salaries for an extended period and forcing a data restoration effort that cost roughly $30,000. The indirect damages from the disruption of the firm's business, though, were far more damaging, as Lianjia operates thousands of offices, employs over 120,000 brokers, owns 51 subsidiaries, and its market value is estimated to be $6 billion.

Slashdot reader DevNull127 writes: 10 people were killed in a grocery store in Buffalo, New York this afternoon — and three more were injured — by a gunman who livestreamed the massacre on Twitch. "A Twitch spokesperson said the platform has investigated and confirmed that the stream was removed 'less than two minutes after the violence started,'" reports NBC News.

The Raw Story reports that the 18-year-old suspected gunman had also apparently posted a 106-page manifesto online prior to the attack. A researcher at George Washington University program on extremism studied the manifesto, and points out that the suspected shooter "states that he was radicalized online on 4chan and was inspired by Brenton Tarrant's manifesto and livestreamed mass shooting in New Zealand."

The suspect reportedly used an assault rifle.
Less than two weeks ago, Slashdot posted the following:

28-year-old Brenton Tarrant killed 51 people in New Zealand in 2019. The Associated Press reports that at that point he'd been reading 4chan for 14 years, according to his mother — since the age of 14.

The year before, 25-year-old Alek Minassian, who killed 11 people in Toronto in 2018, namechecked 4chan in a pre-attack Facebook post.

But the Guardian now adds another a story from nine days ago — when a 23-year-old shooter with 1,000 rounds of ammunition opened fire from his apartment in Washington D.C. "Just two minutes after the shooting began, someone under the username "Raymond Spencer" logged onto the normally-anonymous 4chan and started a new thread titled 'shool [sic] shooting'. The newly published message contained a link — to a 30-second video of images captured from the digital scope of Spencer's rifle...."
NBC News reported that while Saturday's suspected shooter was livestreaming, "Some users of the website 4chan discussed the attack, and at least one archived the video in real-time, releasing photos of dead civilians inside the supermarket over the course of Saturday afternoon."

An anonymous reader quotes a report from KrebsOnSecurity: The U.S. Drug Enforcement Administration (DEA) says it is investigating reports that hackers gained unauthorized access to an agency portal that taps into 16 different federal law enforcement databases. KrebsOnSecurity has learned the alleged compromise is tied to a cybercrime and online harassment community that routinely impersonates police and government officials to harvest personal information on their targets. On May 8, KrebsOnSecurity received a tip that hackers obtained a username and password for an authorized user of esp.usdoj.gov, which is the Law Enforcement Inquiry and Alerts (LEIA) system managed by the DEA. According to this page at the Justice Department website, LEIA "provides federated search capabilities for both EPIC and external database repositories," including data classified as "law enforcement sensitive" and "mission sensitive" to the DEA.

A document published by the Obama administration in May 2016 (PDF) says the DEA's El Paso Intelligence Center (EPIC) systems in Texas are available for use by federal, state, local and tribal law enforcement, as well as the Department of Defense and intelligence community. EPIC and LEIA also have access to the DEA's National Seizure System (NSS), which the DEA uses to identify property thought to have been purchased with the proceeds of criminal activity (think fancy cars, boats and homes seized from drug kingpins). The screenshots shared with this author indicate the hackers could use EPIC to look up a variety of records, including those for motor vehicles, boats, firearms, aircraft, and even drones.

From the standpoint of individuals involved in filing these phony EDRs, access to databases and user accounts within the Department of Justice would be a major coup. But the data in EPIC would probably be far more valuable to organized crime rings or drug cartels, said Nicholas Weaver, a researcher for the International Computer Science Institute at University of California, Berkeley. Weaver said it's clear from the screenshots shared by the hackers that they could use their access not only to view sensitive information, but also submit false records to law enforcement and intelligence agency databases. "I don't think these [people] realize what they got, how much money the cartels would pay for access to this," Weaver said. "Especially because as a cartel you don't search for yourself you search for your enemies, so that even if it's discovered there is no loss to you of putting things ONTO the DEA's radar."

Facial recognition is making a comeback in the United States as bans to thwart the technology and curb racial bias in policing come under threat amid a surge in crime and increased lobbying from developers. From a report: Virginia in July will eliminate its prohibition on local police use of facial recognition a year after approving it, and California and the city of New Orleans as soon as this month could be next to hit the undo button. Homicide reports in New Orleans rose 67% over the last two years compared with the pair before, and police say they need every possible tool. "Technology is needed to solve these crimes and to hold individuals accountable," police Superintendent Shaun Ferguson told reporters as he called on the city council to repeal a ban that went into effect last year.

According to figures from trade group IAB and PwC, the podcast advertising business in the United States is expected to grow to an estimated $4.2 billion in 2024. Variety reports: The sector hit $1.45 billion in 2021, representing 72% annual growth, according to the report. In 2021, U.S. podcast advertising revenue grew twice as fast as the total internet advertising market, which was up 35% last year, according to the 2021 PwC/IAB Internet Advertising Revenue Report. Still, U.S. podcast advertising revenue is poised to continue double-digit growth, growing more than 100% over the next two years to an estimated $4.2 billion in 2024, per the report.

According to the latest IAB/PwC podcast report, three key factors are driving podcast ad revenue growth: the ongoing increase in listeners and content; increased use of automated ad tech, as ad revenue served via dynamic ad insertion (DAI) has almost doubled in two years to take 84% share in 2021 (versus ads embedded in podcast audio); and growth of ad spending in categories that historically had lower spend volumes like sports and true crime. "Everything right now is aligned to drive growth," said Chris Bruderle, IAB's VP of research and insights. "There's more engaging and diverse podcast content than ever, and that is translating into larger, more attractive audiences. But more than anything, podcasting has proven that it can deliver beyond direct-to-consumer advertising to support brand-building and drive business outcomes."

A coalition of tech giants, including Google, Microsoft and Yahoo, have pledged support for a New York bill that would ban the use of controversial search warrants that can identify people based on their location data and internet search keywords. From a report: In a brief statement, the coalition known as Reform Government Surveillance said it "supports the adoption of New York Assembly Bill A84A, the Reverse Location Search Prohibition Act, which would prohibit the use of reverse location and reverse keyword searches." The bill, if passed, would become the first state law to ban so-called geofence warrants and keyword search warrants, which rely on demanding tech companies turn over data about users who were near the scene of a crime or searched for particular keywords at a specific point in time. But the bill hasn't moved since it was referred to a committee for discussion in January, the first major hurdle before it can be considered for a floor vote.

Thieves are targeting digital currency investors on the street in a wave of "crypto muggings," police have warned, with victims reporting that thousands of pounds have been stolen after their mobile phones were seized. From a report: Anonymised crime reports provided to the Guardian by City of London police, as part of a freedom of information request, reveal criminals are combining physical muscle with digital knowhow to part people from their cryptocurrency. One victim reported they had been trying to order an Uber near Londonâ(TM)s Liverpool Street station when muggers forced them to hand over their phone. While the gang eventually gave the phone back, the victim later realised that $6,150-worth of ethereum digital currency was missing from their account with the crypto investing platform Coinbase.

In another case, a man was approached by a group of people offering to sell him cocaine and agreed to go down an alley with them to do the deal. The men offered to type a number into his phone but instead accessed his cryptocurrency account, holding him against a wall and forcing him to unlock a smartphone app with facial verification. They transferred $7,400-worth of ripple, another digital currency, out of his account. A third victim said he had been vomiting under a bridge when a mugger forced him to unlock his phone using a fingerprint, then changed his security settings and stole $35,300, including cryptocurrency.

American's Justice Department announced Friday that the CEO of Mining Capital Coin, "a purported cryptocurrency mining and investment platform," has been indicted "for allegedly orchestrating a $62 million global investment fraud scheme."

CNN reports: According to a US Securities and Exchange Commission complaint filed last month, Capuci sold mining packages to more than 65,000 investors since at least January 2018. The group promised daily returns of 1% for up to a year, the SEC press release says. [Capuci apparently said that revenue stabilized the company's cryptocurrency, Capital Coin, according to the DOJ's sttement.] But instead, the DOJ alleges, Capuci diverted the funds to his own cryptocurrency wallets. MCC netted at least $8.1 million from the sale of the mining packages and $3.2 million in initiation fees, which funded a lavish lifestyle, including Lamborghinis, a yacht and real estate, according to the SEC complaint....

The release alleges another fraudulent MCC investment avenue, "Trading Bots," which Capuci claimed operated at "very high frequency, being able to do thousands of trades per second." Capuci claimed the Trading Bots would provide daily returns, according to the DOJ release. ["But instead was diverting the funds to himself and co-conspirators."] Capuci also allegedly ran a pyramid scheme, according to the DOJ, recruiting promoters to sell the mining packages and promising them gifts ranging from Apple watches to Capuci's personal Ferrari, the press release says. ["Capuci further concealed the location and control of the fraud proceeds obtained from investors by laundering the funds internationally through various foreign-based cryptocurrency exchanges."]

The DOJ charged Capuci with conspiracy to commit wire fraud, conspiracy to commit securities fraud, and conspiracy to commit international money laundering. He could face up to 45 years in prison if convicted of all counts.
One U.S. attorney warned in the statement, "As with any emerging market, those who invest in cryptocurrency must beware of profit-making opportunities that appear too good to be true."

The statement also argues that cryptocurrency-based fraud "undermines financial markets worldwide, as bad actors defraud investors, and limits the ability of legitimate entrepreneurs to innovate within this emerging space."

Thanks to Slashdot reader quonset for sharing the story!

This week the Washington Post described Russia as "struggling under an unprecedented hacking wave" — with one survey finding Russia is now the world's leader for leaked sensitive data (such as passwords and email addresses). "Federation government: your lack of honor and blatant war crimes have earned you a special prize..." read a message left behind on one of the breached networks...

Documents were stolen from Russia's media regulator and 20 years of email from one of Russia's government-owned TV/radio broadcasting companies. Ukraine's government is even suggesting targets through its "IT Army" channel on telegram, and has apparently distributed the names of hundreds of Russia's own FSB security agents. And meanwhile, the Post adds, "Ordinary criminals with no ideological stake in the conflict have also gotten in on the act, taking advantage of preoccupied security teams to grab money as the aura of invincibility falls, researchers said." Soon after the invasion, one of the most ferocious ransomware gangs, Conti, declared that it would rally to protect Russian interests in cyberspace. The pledge backfired in a spectacular fashion, since like many Russian-speaking crime groups it had affiliates in Ukraine. One of them then posted more than 100,000 internal gang chats, and later the source code for its core program, making it easier for security software to detect and block attacks.

Network Battalion 65 [a small hacktivist group formed as the war began looking inevitable] went further. It modified the leaked version of the Conti code to evade the new detections, improved the encryption and then used it to lock up files inside government-connected Russian companies. "We decided it would be best to give Russia a taste of its own medicine. Conti caused (and still causes) a lot of heartache and pain for companies all around the world," the group said. "As soon as Russia ends this stupidity in Ukraine, we will stop our attacks completely."

In the meantime, Network Battalion 65 has asked for ransomware payments even as it has shamed victims on Twitter for having poor security. The group said it hasn't gotten any money yet but would donate anything it collects to Ukraine.
Ars Technica quotes a cybersecurity researcher who now says "there are tens of terabytes of data that's just falling out of the sky."

Thanks to long-time Slashdot reader SpzToid for sharing the article!

tsu doh nimh shares a report from Krebs on Security: Faced with a brain drain of smart people fleeing the country following its invasion of Ukraine, the Russian Federation is floating a new strategy to address a worsening shortage of qualified information technology experts: Forcing tech-savvy people within the nation's prison population to perform low-cost IT work for domestic companies. Multiple Russian news outlets published stories on April 27 saying the Russian Federal Penitentiary Service had announced a plan to recruit IT specialists from Russian prisons to work remotely for domestic commercial companies.

Russians sentenced to forced labor will serve out their time at one of many correctional centers across dozens of Russian regions, usually at the center that is closest to their hometown. Alexander Khabarov, deputy head of Russia's penitentiary service, said his agency had received proposals from businessmen in different regions to involve IT specialists serving sentences in correctional centers to work remotely for commercial companies. Khabarov told Russian media outlets that under the proposal people with IT skills at these facilities would labor only in IT-related roles, but would not be limited to working with companies in their own region. "We are approached with this initiative in a number of territories, in a number of subjects by entrepreneurs who work in this area," Khabarov told Russian state media organization TASS. "We are only at the initial stage. If this is in demand, and this is most likely in demand, we think that we will not force specialists in this field to work in some other industries."

28-year-old Brenton Tarrant killed 51 people in New Zealand in 2019. The Associated Press reports that at that point he'd been reading 4chan for 14 years, according to his mother — since the age of 14.

The year before, 25-year-old Alek Minassian, who killed 11 people in Toronto in 2018, namechecked 4chan in a pre-attack Facebook post.

But the Guardian now adds another a story from nine days ago — when a 23-year-old shooter with 1,000 rounds of ammunition opened fire from his apartment in Washington D.C. Just two minutes after the shooting began, someone under the username "Raymond Spencer" logged onto the normally-anonymous 4chan and started a new thread titled "shool [sic] shooting". The newly published message contained a link — to a 30-second video of images captured from the digital scope of Spencer's rifle....

Even as police stormed the apartment building where Spencer hid, with officers maneuvering past a surveillance camera that he had set up in the hallway and was monitoring, Spencer continued to post to the message board. "They're in the wrong part of the building right now searching," he posted at one point. A few minutes later: "Waiting for police to catch up with me."

As he waited, Spencer logged on to Wikipedia to edit the entry for Edmund Burke School, which he had just opened fire on....

Police believe Spencer shot himself to death as officers breached his apartment.

Major technology companies have been duped into providing sensitive personal information about their customers in response to fraudulent legal requests, and the data has been used to harass and even sexually extort minors, according to four federal law enforcement officials and two industry investigators. Bloomberg: The companies that have complied with the bogus requests include Meta, Apple, Alphabet's Google, Snap, Twitter and Discord, according to three of the people. All of the people requested anonymity to speak frankly about the devious new brand of online crime that involves underage victims. The fraudulently obtained data has been used to target specific women and minors, and in some cases to pressure them into creating and sharing sexually explicit material and to retaliate against them if they refuse, according to the six people.

The tactic is considered by law enforcement and other investigators to be the newest criminal tool to obtain personally identifiable information that can be used not only for financial gain but to extort and harass innocent victims. It is particularly unsettling since the attackers are successfully impersonating law enforcement officers. The tactic is impossible for victims to protect against, as the best way to avoid it would be to not have an account on the targeted service, according to the people. It's not clear how often the fraudulent data requests have been used to sexually extort minors. Law enforcement and the technology companies are still trying to assess the scope of the problem.

CNN profiles Bellingcat, a Netherlands-based investigative group specializing in "open-source intelligence". And investigator Christo Grozev tells CNN that authoritarian governments make their work easier, because "they love to gather data, comprehensive data, on ... what they consider to be their subjects, and therefore there's a lot of centralized data."

"And second, there's a lot of petty corruption ... within the law enforcement system, and this data market thrives on that." Billions have been spent on creating sophisticated encrypted communications for the military in Russia. But most of that money has been stolen in corrupt kickbacks, and the result is they didn't have that functioning system... It is shocking how incompetent they are. But it was to be expected, because it's a reflection of 23 years of corrupt government.
Interestingly there's apparently less corruption in China — though more whistleblowers. But Bellingcat's first investigation involved the 2014 downing of a Boeing 777 over eastern Ukraine that killed 283 passengers. (The Dutch Safety Board later concluded it was downed by a surface-to-air missile launched from pro-Russian separatist-controlled territory in Ukraine.) "At that time, a lot of public data was available on Russian soldiers, Russian spies, and so on and so forth — because they still hadn't caught up with the times, so they kept a lot of digital traces, social media, posting selfies in front of weapons that shoot down airliners. That's where we kind of perfected the art of reconstructing a crime based on digital breadcrumbs..."

"By 2016, it was no longer possible to find soldiers leaving status selfies on the internet because a new law had been passed in Russia, for example, banning the use of mobile phones by secret services and by soldiers. So we had to develop a new way to get data on government crime. We found our way into this gray market of data in Russia, which is comprised of many, many gigabytes of leaked databases, car registration databases, passport databases. Most of these are available for free, completely freely downloadable from torrent sites or from forums and the internet." And for some of them, they're more current. You actually can buy the data through a broker, so we decided that in cases when we have a strong enough hypothesis that a government has committed the crime, we should probably drop our ethical boundaries from using such data — as long as it is verifiable, as long as it is not coming from one source only but corroborated by at least two or three other sources of data. That's how we develop it. And the first big use case for this approach was the ... poisoning of Sergei and Yulia Skripal in 2018 (in the United Kingdom), when we used this combination of open source and data bought from the gray market in Russia to piece together who exactly the two poisoners were. And that worked tremendously....

It has been what I best describe as a multilevel computer game.... [W]hen we first learned that we can get private data, passport files and residence files on Russian spies who go around killing people, they closed the files on those people. So every spy suddenly had a missing passport file in the central password database. But that opened up a completely new way for us to identify spies, because we were just able to compare older versions of the database to newer versions. So that allowed us to find a bad group of spies that we didn't even know existed before.

The Russian government did realize that that's maybe a bad idea to hide them from us, so they reopened those files but just started poisoning data. They started changing the photographs of some of these people to similar looking, like lookalikes of the people, so that they confused us or embarrass us if we publish a finding but it's for the wrong guy. And then we'll learn how to beat that.
When asked about having dropped some ethical boundaries about data use, Grozev replies "everything changes. Therefore, the rules of journalism should change with the changing times." "And it's not common that journalism was investigating governments conducting government-sanctioned crimes, but now it's happening." With a country's ruler proclaiming perpetual supreme power, "This is not a model that traditional journalism can investigate properly. It's not even a model that traditional law enforcement can investigate properly." I'll give an example. When the British police asked, by international agreement, for cooperation from the Russian government to provide evidence on who exactly these guys were who were hanging around the Skripals' house in 2018, they got completely fraudulent, fake data from the Russian government....

So the only way to counter that as a journalist is to get the data that the Russian government is refusing to hand over. And if this is the only way to get it, and if you can be sure that you can prove that this is valid data and authentic data — I think it is incumbent on journalists to find the truth. And especially when law enforcement refuses to find the truth because of honoring the sovereign system of respecting other governments.
It was Bellingcat that identified the spies who's poisoned Russian opposition leader Alexey Navalny. CNN suggests that for more details on their investigation, and "to understand Vladimir Putin's stranglehold on power in Russia, watch the new film Navalny which premieres Sunday at 9 p.m. ET on CNN."

The movie's tagline? "Poison always leaves a trail."

The nonprofit online news site Virginia Mercury investigated their state police departments' "real-time location warrants," which are "addressed to telephone companies, ordering them to regularly ping a customers' phone for its GPS location and share the results with police." Public records requests submitted to a sampling of 18 police departments around the state found officers used the technique to conduct more than 7,000 days worth of surveillance in 2020. Court records show the tracking efforts spanned cases ranging from high-profile murders to minor larcenies.... Seven departments responded that they did not have any relevant billing records, indicating they don't use the technique. Only one of the departments surveyed, Alexandria, indicated it had an internal policy governing how their officers use cellphone tracking, but a copy of the document provided by the city was entirely redacted....

Drug investigations accounted for more than 60 percent of the search warrants taken out in the two jurisdictions. Larcenies were the second most frequent category. Major crimes like murders, rapes and abductions made up a fraction of the tracking requests, accounting for just under 25 of the nearly 400 warrants filed in the jurisdictions that year.
America's Supreme Court "ruled that warrantless cellphone tracking is unconstitutional back in 2012," the article points out — but in practice those warrants aren't hard to get. "Officers simply have to attest in an affidavit that they have probable cause that the tracking data is 'relevant to a crime that is being committed or has been committed'.... There's been limited public discussion or awareness of the kinds of tracking warrants the judiciary is approving." "I don't think people know that their cell phones can be converted to tracking devices by police with no notice," said Steve Benjamin, a criminal defense lawyer in Richmond who said he's recently noticed an uptick in cases in which officers employed the technique. "And the reality of modern life is everyone has their phone on them during the day and on their nightstand at night. ... It's as if the police tagged them with a chip under their skin, and people have no idea how easily this is accomplished."
The case for these phone-tracking warrants?

• The executive director of the Virginia Association of Chiefs of Police tells the site that physical surveillance ofen requires too many resources — and that cellphone tracking is safer. "It may be considered an intrusive way of gathering data on someone, but it's certainly less dangerous than physical tracking."
• A spokesperson for the Chesterfield County police department [responsible for 64% of the state's tracking] argued that "We exist to preserve human life and protect the vulnerable, and we will use all lawful tools at our disposal to do so." And they added that such "continued robust enforcement efforts" were a part of the reason that the county's still-rising number of fatal drug overdoses had not risen more.

The site also obtained bills from four major US cellphone carriers, and reported how much they were charging police for providing their cellphone-tracking services:

• "T-Mobile charged $30 per day, which comes to $900 per month of tracking."
• "AT&T charged a monthly service fee of $100 and an additional $25 per day the service is utilized, which comes to $850 per 30 days of tracking..."
• "Verizon calls the service 'periodic location updates,' charging $5 per day on top of a monthly service fee of $100, which comes to $200 per 30 days of tracking."
• "Sprint offered the cheapest prices to report locations back to law enforcement, charging a flat fee of $100 per month."

Thanks to Slashdot reader Beerismydad for sharing the article!

"Cryptocurrency has changed the game of cybercrime," argues Vice's Christian Devolu, in a new episode of their video series CRYPTOLAND. "Hackers and cybergangs have been locking down the data of large corporations, police departments, and even hospitals, and demanding ransom — and guess what they're asking for? Cryptocurrency!"

In short, argues an article accompanying the episode, cryptocurrency "gave birth to the ransomware epidemic."

Slashdot reader em1ly shares one highlight from the video: The team visits a school district in Missouri ["just one of around 1,000 U.S. schools hacked last year with ransomware"] that was the victim of a ransomware attack. ["Luckily, the school's backups were not impacted...."]
Another interesting observation from the article: When ransom payments do happen, companies like Chainalysis can track the Bitcoin through the blockchain, identifying the hackers' wallets and collaborating with law enforcement in an attempt to recover the funds or identify the hackers themselves.