An anonymous reader quotes a report from Ars Technica: Tech support scammers have devised a method to inject their fake phone numbers into webpages when a target's web browser visits official sites for Apple, PayPal, Netflix, and other companies. The ruse, outlined in a post on Wednesday from security firm Malwarebytes, threatens to trick users into calling the malicious numbers even when they think they're taking measures to prevent falling for such scams. One of the more common pieces of security advice is to carefully scrutinize the address bar of a browser to ensure it's pointing to an organization's official website. The ongoing scam is able to bypass such checks.

The unknown actors behind the scam begin by buying Google ads that appear at the top of search results for Microsoft, Apple, HP, PayPal, Netflix, and other sites. While Google displays only the scheme and host name of the site the ad links to (for instance, https://www.microsoft.com/ the ad appends parameters to the path to the right of that address. When a target clicks on the ad, it opens a page on the official site. The appended parameters then inject fake phone numbers into the page the target sees.

Google requires ads to display the official domain they link to, but the company allows parameters to be added to the right of it that aren't visible. The scammers are taking advantage of this by adding strings to the right of the hostname. The parameters aren't displayed in the Google ad, so a target has no obvious reason to suspect anything is amiss. When clicked on, the ad leads to the correct hostname. The appended parameters, however, inject a fake phone number into the webpage the target sees. The technique works on most browsers and against most websites. Malwarebytes.com was among the sites affected until recently, when the site began filtering out the malicious parameters.

The UK Information Commissioner's Office has issued its first guidance demanding manufacturers of air fryers, smart speakers, fertility trackers, and smart TVs respect users' privacy rights after reports of excessive data collection in homes.

The regulator requires companies to ensure data security, provide transparency to consumers, and regularly delete collected information. Stephen Almond, the ICO's executive director for regulatory risk, said smart products know who users live with, their music preferences, and medication details. The guidance addresses "internet of things" devices, including fertility trackers that record menstrual dates and body temperature before sending data to manufacturer servers.

Additionally, smart speakers that monitor family members and visitors must allow users to configure settings that minimize personal information collection. The ICO warned manufacturers it stands ready to take enforcement action in the event of noncompliance.

In response to escalating tensions with Israel, Iran has begun throttling internet access, with plans to disconnect from the global internet entirely to prevent Israeli cyberattacks. The Iranian government also urges citizens to delete WhatsApp -- one of the country's most popular messaging platforms -- claiming without evidence that the Meta-owned app has been weaponed by Israel to spy on its users. (WhatsApp vehemently denied those claims in a statement to the Associated Press.) Telegram is also said to be blocked as well. The Verge reports: The announcements come amidst the escalating war between Iran and Israel, which broke out after Israel attacked the country on June 12th, and a rise in reported internet outages. Civilians have claimed that they've been unable to access basic but critical telecommunications services, such as messaging apps, maps, and sometimes the internet itself. Cloudflare reported that two major Iranian cellular carriers effectively went offline on Tuesday, and The New York Times reports that even VPNs, which Iranians frequently use to access banned sites like Facebook and Instagram, have become increasingly harder to access. [...]

Israel's role in the cyber outages has not been officially confirmed, but independent analysts at NetBlocks noticed a significant reduction of internet traffic originating from Iran on Tuesday, starting at 5:30 PM local time. According to Tasnim, a news network affiliated with the Iranian Revolutionary Guards, Iranians will still have access to the country's state-operated national internet service, though two Iranian officials told the Times that the internal bandwidth could be reduced by up to 80 percent.

President Trump will extend the deadline for ByteDance to divest TikTok's U.S. operations by another 90 days, marking the third extension since taking office. The extension aims to prevent a TikTok ban while negotiations with potential buyers like Oracle and Project Liberty continue. CNBC reports: "President Trump will sign an additional Executive Order this week to keep TikTok up and running," White House Press Secretary Karoline Leavitt said in a statement. "As he has said many times, President Trump does not want TikTok to go dark. This extension will last 90 days, which the Administration will spend working to ensure this deal is closed so that the American people can continue to use TikTok with the assurance that their data is safe and secure."

ByteDance was nearing the deadline of June 19, to sell TikTok's U.S. operations in order to satisfy a national security law that the Supreme Court upheld just a few days before Trump's second presidential inauguration. Under the law, app store operators like Apple and Google and internet service providers would be penalized for supporting TikTok. ByteDance originally faced a Jan. 19 deadline to comply with the national security law, but Trump signed an executive order when he first took office that pushed the deadline to April 5. Trump extended the deadline for the second time a day before that April mark. Trump told NBC News in May that he would extend the TikTok deadline again if no deal was reached, and he reiterated his plans on Thursday.

An anonymous reader shares a report: Iran's cybersecurity authority has banned officials from using devices that connect to the internet, apparently fearing being tracked or hacked by Israel. According to the state-linked Fars news agency, Iranian officials and their bodyguards have been told they are not allowed to use any equipment that connects to public internet or telecommunications networks.

Google Cloud has attributed last week's widespread outage to a flawed code update in its Service Control system that triggered a global crash loop due to missing error handling and lack of feature flag protection. The Register reports: Google's explanation of the incident opens by informing readers that its APIs, and Google Cloud's, are served through our Google API management and control planes." Those two planes are distributed regionally and "are responsible for ensuring each API request that comes in is authorized, has the policy and appropriate checks (like quota) to meet their endpoints." The core binary that is part of this policy check system is known as "Service Control."

On May 29, Google added a new feature to Service Control, to enable "additional quota policy checks." "This code change and binary release went through our region by region rollout, but the code path that failed was never exercised during this rollout due to needing a policy change that would trigger the code," Google's incident report explains. The search monopolist appears to have had concerns about this change as it "came with a red-button to turn off that particular policy serving path." But the change "did not have appropriate error handling nor was it feature flag protected. Without the appropriate error handling, the null pointer caused the binary to crash."

Google uses feature flags to catch issues in its code. "If this had been flag protected, the issue would have been caught in staging." That unprotected code ran inside Google until June 12th, when the company changed a policy that contained "unintended blank fields." Here's what happened next: "Service Control, then regionally exercised quota checks on policies in each regional datastore. This pulled in blank fields for this respective policy change and exercised the code path that hit the null pointer causing the binaries to go into a crash loop. This occurred globally given each regional deployment."

Google's post states that its Site Reliability Engineering team saw and started triaging the incident within two minutes, identified the root cause within 10 minutes, and was able to commence recovery within 40 minutes. But in some larger Google Cloud regions, "as Service Control tasks restarted, it created a herd effect on the underlying infrastructure it depends on ... overloading the infrastructure." Service Control wasn't built to handle this, which is why it took almost three hours to resolve the issue in its larger regions. The teams running Google products that went down due to this mess then had to perform their own recovery chores. Going forward, Google has promised a couple of operational changes to prevent this mistake from happening again: "We will improve our external communications, both automated and human, so our customers get the information they need asap to react to issues, manage their systems and help their customers. We'll ensure our monitoring and communication infrastructure remains operational to serve customers even when Google Cloud and our primary monitoring products are down, ensuring business continuity."

An anonymous reader quotes a report from Ars Technica: Subscribers in Southern California of Spectrum's Internet service experienced outages over the weekend following what company officials said was an attempted theft of copper lines located in Van Nuys, a suburb located 20 miles from downtown Los Angeles. The people behind the incident thought they were targeting copper lines, the officials wrote in a statement Sunday. Instead, they cut into fiber optic cables. The cuts caused service disruptions for subscribers in Van Nuys and surrounding areas. Spectrum has since restored service and is offering a $25,000 reward for information leading to the apprehension of the people responsible. Spectrum will also credit affected customers one day of service on their next bill.

"Criminal acts of network vandalism have become an issue affecting the entire telecommunications industry, not just Spectrum, largely due to the increase in the price of precious metals," the officials wrote in a statement issued Sunday. "These acts of vandalism are not only a crime, but also affect our customers, local businesses and potentially emergency services. Spectrum's fiber lines do not include any copper." Outage information service Downdetector showed that thousands of subscribers in and around Van Nuys reported outages starting a little before noon on Sunday. Within about 12 hours, the complaint levels returned to normal. Spectrum officials told the Los Angeles Times that personnel had to splice thousands of fiber lines to restore service to affected subscribers.

KDE isn't the only organization reaching out to " as Microsoft prepares to end support for Windows 10.

"Now, The Document Foundation, maker of LibreOffice, has also joined in to support the Endof10 initiative," reports the tech blog Neowin: The foundation writes: "You don't have to follow Microsoft's upgrade path. There is a better option that puts control back in the hands of users, institutions, and public bodies: Linux and LibreOffice. Together, these two programmes offer a powerful, privacy-friendly and future-proof alternative to the Windows + Microsoft 365 ecosystem."

It further adds the "real costs" of upgrading to Windows 11 as it writes:

"The move to Windows 11 isn't just about security updates. It increases dependence on Microsoft through aggressive cloud integration, forcing users to adopt Microsoft accounts and services. It also leads to higher costs due to subscription and licensing models, and reduces control over how your computer works and how your data is managed. Furthermore, new hardware requirements will render millions of perfectly good PCs obsolete.... The end of Windows 10 does not mark the end of choice, but the beginning of a new era. If you are tired of mandatory updates, invasive changes, and being bound by the commercial choices of a single supplier, it is time for a change. Linux and LibreOffice are ready — 2025 is the right year to choose digital freedom!"
The first words on LibreOffice's announcement? "The countdown has begun...."

"People are replacing Google search with artificial intelligence tools like ChatGPT," reports the Washington Post.

But that's just the first change, according to a New York-based start-up devoted to watching for content-scraping AI companies with a free analytics product and "ensuring that these intelligent agents pay for the content they consume." Their data from 266 web sites (half run by national or local news organizations) found that "traffic from retrieval bots grew 49% in the first quarter of 2025 from the fourth quarter of 2024," the Post reports. A spokesperson for OpenAI said that referral traffic to publishers from ChatGPT searches may be lower in quantity but that it reflects a stronger user intent compared with casual web browsing.

To capitalize on this shift, websites will need to reorient themselves to AI visitors rather than human ones [said TollBit CEO/co-founder Toshit Panigrahi]. But he also acknowledged that squeezing payment for content when AI companies argue that scraping online data is fair use will be an uphill climb, especially as leading players make their newest AI visitors even harder to identify....

In the past eight months, as chatbots have evolved to incorporate features like web search and "reasoning" to answer more complex queries, traffic for retrieval bots has skyrocketed. It grew 2.5 times as fast as traffic for bots that scrape data for training between the fourth quarter of 2024 and the first quarter of 2025, according to TollBit's report. Panigrahi said TollBit's data may underestimate the magnitude of this change because it doesn't reflect bots that AI companies send out on behalf of AI "agents" that can complete tasks on a user's behalf, like ordering takeout from DoorDash. The start-up's findings also add a dimension to mounting evidence that the modern internet — optimized for Google search results and social media algorithms — will have to be restructured as the popularity of AI answers grows. "To think of it as, 'Well, I'm optimizing my search for humans' is missing out on a big opportunity," he said.

Installing TollBit's analytics platform is free for news publishers, and the company has more than 2,000 clients, many of which are struggling with these seismic changes, according to data in the report. Although news publishers and other websites can implement blockers to prevent various AI bots from scraping their content, TollBit found that more than 26 million AI scrapes bypassed those blockers in March alone. Some AI companies claim bots for AI agents don't need to follow bot instructions because they are acting on behalf of a user.
The Post also got this comment from the chief operating officer for the media company Time, which successfully negotiated content licensing deals with OpenAI and Perplexity.

"The vast majority of the AI bots out there absolutely are not sourcing the content through any kind of paid mechanism... There is a very, very long way to go."

An anonymous reader quotes a report from the Wall Street Journal: Since 2022, the U.S. has tightened the noose around the sale of high-end AI chips and other technology to China overnational-security concerns. Yet Chinese companies have made advances using workarounds. In some cases, Chinese AI developers have been able to substitute domestic chips for the American ones. Another workaround is to smuggle AI hardware into China through third countries. But people in the industry say that has become more difficult in recent months, in part because of U.S. pressure. That is pushing Chinese companies to try a further option: bringing their data outside China so they can use American AI chips in places such as Southeast Asia and the Middle East (source paywalled; alternative source). The maneuvers are testing the limits of U.S. restrictions. "This was something we were consistently concerned about," said Thea Kendler, who was in charge of export controls at the Commerce Department in the Biden administration, referring to Chinese companies remotely accessing advanced American AI chips. Layers of intermediaries typically separate the Chinese users of American AI chips from the U.S. companies -- led by Nvidia -- that make them. That leaves it opaque whether anyone is violating U.S. rules or guidance. [...]

At the Chinese AI developer, the Malaysia game plans take months of preparation, say people involved in them. Engineers decided it would be fastest to fly physical hard drives with data into the country, since transferring huge volumes of data over the internet could take months. Before traveling, the company's engineers in China spent more than eight weeks optimizing the data sets and adjusting the AI training program, knowing it would be hard to make major tweaks once the data was out of the country. The Chinese engineers had turned to the same Malaysian data center last July, working through a Singaporean subsidiary. As Nvidia and its vendors began to conduct stricter audits on the end users of AI chips, the Chinese company was asked by the Malaysian data center late last year to work through a Malaysian entity, which the companies thought might trigger less scrutiny.

The Chinese company registered an entity in Kuala Lumpur, Malaysia's capital, listing three Malaysian citizens as directors and an offshore holding company as its parent, according to a corporate registry document. To avoid raising suspicions at Malaysian customs, the Chinese engineers packed their hard drives into four different suitcases. Last year, they traveled with the hard drives bundled into one piece of luggage. They returned to China recently with the results -- several hundred gigabytes of data, including model parameters that guide the AI system's output. The procedure, while cumbersome, avoided having to bring hardware such as chips or servers into China. That is getting more difficult because authorities in Southeast Asia are cracking down on transshipments through the region into China.

Multiple popular services -- including Google, Google Cloud, AWS, Spotify, Discord, Cloudflare, Google Nest, Azure, Box and Shopify -- are experiencing at least a partial outage globally that began around 2:25pm ET Friday, according to user complaints with reports flooding in across social media and outage tracking sites. Cloudflare has confirmed ongoing issues that started within the past hour. It remains unclear what prompted the outage.

More details to follow.

A coordinated spam operation has infiltrated abandoned subdomains belonging to major institutions including Nvidia, Stanford University, NPR, and the U.S. government's vaccines.gov site, flooding them with AI-generated content that subsequently appears in search results and Google's AI Overview feature.

The scheme, reports 404 Media, posted over 62,000 articles on Nvidia's events.nsv.nvidia.com subdomain before the company took it offline within two hours of being contacted by reporters. The spam articles, which included explicit gaming content and local business recommendations, used identical layouts and a fake byline called "Ashley" across all compromised sites. Each targeted domain operates under different names -- "AceNet Hub" on Stanford's site, "Form Generation Hub" on NPR, and "Seymore Insights" on vaccines.gov -- but all redirect traffic to a marketing spam page. The operation exploits search engines' trust in institutional domains, with Google's AI Overview already serving the fabricated content as factual information to users searching for local businesses.

A dating site launched last week by Belgian artist Dries Depoorter matches potential partners based on their internet browsing histories rather than curated profiles or photos. Browser Dating requires users to download a Chrome or Firefox extension that exports and uploads their recent search data, creating matches based on shared online behaviors and interests rather than traditional dating app metrics.

Less than 1,000 users have signed up since the platform's launch, paying a one-time fee of $10.3 for unlimited matches or using a free tier limited to five connections. Depoorter, known for digital art projects exploring surveillance and technology, says the concept emerged from a 2016 workshop where participants shared a year of search history data. The platform processes browsing data locally using Google's Firebase tools.

Hong Kong authorities have invoked national security laws for the first time to ban the Taiwan-made video game Reversed Front: Bonfire, accusing it of promoting "secessionist agendas, such as 'Taiwan independence' and 'Hong Kong independence.'" Engadget reports: Reversed Front: Bonfire was developed by a group known as ESC Taiwan, who are outspoken critics of the China's Communist Party. The game disappeared from the Apple App Store in Hong Kong less than 24 hours after authorities issued the warning. Google already removed the game from the Play Store back in May, because players were using hate speech as part of their usernames. ESC Taiwan told The New York Times that that the game's removal shows that apps like theirs are subject to censorship in mainland China. The group also thanked authorities for the free publicity on Facebook, as the game experienced a surge in Google searches.

The game uses anime-style illustrations and allows players to fight against China's Communist Party by taking on the role of "propagandists, patrons, spies or guerrillas" from Hong Kong, Taiwan, Tibet, Mongolia and Xinjiang, which is home to ethnic minorities like the Uyghur. That said, they can also choose to play as government soldiers. In its warning, Hong Kong Police said that anybody who shares or recommends the game on the internet may be committing several offenses, including "incitement to secession, "incitement to subversion" and "offenses in connection with seditious intention." Anybody who has downloaded the game will be considered in "possession of a publication that has a seditious intention," and anybody who provides financial assistance to it will be violating national security laws, as well. "Those who have downloaded the application should uninstall it immediately and must not attempt to defy the law," the authorities wrote.

Apple executives defended the company's AI strategy this week after acknowledging that major Siri features announced at last year's Worldwide Developers Conference remain undelivered and were quietly pulled from development plans. Craig Federighi, Apple's senior vice president of software engineering, told the Wall Street Journal that the company is rebuilding Siri from the ground up, admitting that while Apple had working software for the promised features, "it didn't converge in the way quality-wise that we needed it to."

The missing capabilities included Siri's ability to search through apps and respond to on-screen activities, features that were demonstrated a year ago but never shipped to users. In the upcoming iOS 26, Apple has instead incorporated more OpenAI technology, allowing users to interact with ChatGPT through camera and screenshots and generate images using OpenAI's tools. Federighi defended the strategy by comparing Apple's position to the early internet era, when the company focused on making other services accessible rather than building competing platforms.

An anonymous reader quotes a report from TorrentFreak: Fresh data released by piracy tracking outfit MUSO shows that pirate sites remain popular. In a report released today, MUSO reveals that there were 216 billion pirate site visits globally in 2024, a slight decrease compared to the 229 billion visits recorded a year earlier. TV piracy remains by far the most popular category, representing over 44.6% of all website visits. This is followed by the publishing category with 30.7%, with film, software and music all at a respectable distance. Pirate site visitors originate from all over the world, but one country stands tall above all the rest: America. The United States remains the top driver of pirate site traffic accounting for more than 12% of all traffic globally, good for 26.7 billion visits in 2024. India has been steadily climbing the ranks for years and currently sits in second place with 17.6 billion annual visits, with Russia, Indonesia, and Vietnam completing the top five. As a country with one of the largest populations worldwide, it's not a complete surprise that the U.S. tops the list. If we counted visits per internet user, Canada and Ukraine would top the list.

While pirate site visits dipped by more than 5% in 2024, one category saw substantial growth. Visits to publishing-related pirate sites increased 4.3% from 63.6 to 66.4 billion. The increase is largely driven by the popularity of manga, which accounts for more than 70% of all publishing piracy. Traditional book piracy, meanwhile, is stuck at 5%. The publishing piracy boom is relatively new. Over the past five years, the category grew by more than 100% while the overall number of global pirate site visits remained relatively flat. Looking at the global demand, we see that the U.S. also leads the charge here, followed by Indonesia and Russia. Notably, Japan, the home of manga, ranks fifth in the publishing category. This stands out because Japan is not listed in the global top 15 in terms of total pirate site visits.

In the other content categories, MUSO's data shows a dip in pirate site visits. The changes are relatively modest for TV (-6.8%) and software (-2.1%) but the same isn't true for the music and film categories. In 2024, there were 18% fewer visits for pirated movies compared to a year earlier. MUSO notes that this is due to a "lighter blockbuster calendar" which reduced piracy peaks. "The drop in demand is as much about what wasn't released as it is about access," the report explains. The music category saw a 19% decline in piracy visits year over year, with a more uplifting explanation for rightsholders. According to MUSO, the drop can be partly attributed to "secure app ecosystems" and the "wide adoption of licensed platforms like Spotify and Apple Music."

"It is true, Google AI is stomping on the entire internet," writes Slashdot reader TheWho79, sharing a report from the Wall Street Journal. "From HuffPost to the Atlantic, publishers prepare to pivot or shut the doors. ... Even highly regarded old school bullet-proof publications like Washington Post are getting hit hard." From the report: Traffic from organic search to HuffPost's desktop and mobile websites fell by just over half in the past three years, and by nearly that much at the Washington Post, according to digital market data firm Similarweb. Business Insider cut about 21% of its staff last month, a move CEO Barbara Peng said was aimed at helping the publication "endure extreme traffic drops outside of our control." Organic search traffic to its websites declined by 55% between April 2022 and April 2025, according to data from Similarweb.

At a companywide meeting earlier this year, Nicholas Thompson, chief executive of the Atlantic, said the publication should assume traffic from Google would drop toward zero and the company needed to evolve its business model. [...] "Google is shifting from being a search engine to an answer engine," Thompson said in an interview with The Wall Street Journal. "We have to develop new strategies."

The rapid development of click-free answers in search "is a serious threat to journalism that should not be underestimated," said William Lewis, the Washington Post's publisher and chief executive. Lewis is former CEO of the Journal's publisher, Dow Jones. The Washington Post is "moving with urgency" to connect with previously overlooked audiences and pursue new revenue sources and prepare for a "post-search era," he said.

At the New York Times, the share of traffic coming from organic search to the paper's desktop and mobile websites slid to 36.5% in April 2025 from almost 44% three years earlier, according to Similarweb. The Wall Street Journal's traffic from organic search was up in April compared with three years prior, Similarweb data show, though as a share of overall traffic it declined to 24% from 29%. Further reading: Google's AI Mode Is 'the Definition of Theft,' Publishers Say

Connor Jones reports via The Register: Security researchers managed to access the live feeds of 40,000 internet-connected cameras worldwide and they may have only scratched the surface of what's possible. Supporting the bulletin issued by the Department of Homeland Security (DHS) earlier this year, which warned of exposed cameras potentially being used in Chinese espionage campaigns, the team at Bitsight was able to tap into feeds of sensitive locations. The US was the most affected region, with around 14,000 of the total feeds streaming from the country, allowing access to the inside of datacenters, healthcare facilities, factories, and more. Bitsight said these feeds could potentially be used for espionage, mapping blind spots, and gleaning trade secrets, among other things.

Aside from the potential national security implications, cameras were also accessed in hotels, gyms, construction sites, retail premises, and residential areas, which the researchers said could prove useful for petty criminals. Monitoring the typical patterns of activity in retail stores, for example, could inform robberies, while monitoring residences could be used for similar purposes, especially considering the privacy implications. "It should be obvious to everyone that leaving a camera exposed on the internet is a bad idea, and yet thousands of them are still accessible," said Bitsight in a report. "Some don't even require sophisticated hacking techniques or special tools to access their live footage in unintended ways. In many cases, all it takes is opening a web browser and navigating to the exposed camera's interface."

HTTP-based cameras accounted for 78.5 percent of the total 40,000 sample, while RTSP feeds were comparatively less open, accounting for only 21.5 percent.

To protect yourself or your company, Bitsight says you should secure your surveillance cameras by changing default passwords, disabling unnecessary remote access, updating firmware, and restricting access with VPNs or firewalls. Regularly monitoring for unusual activity also helps to prevent your footage from being exposed online.

A NASA-backed project using observations from the James Webb Space Telescope (JWST) has released more than 1.5 TB of data for open science, offering the largest view deep into the universe available to date. From a report: The Cosmic Evolution Survey (COSMOS), a joint project from the University of California, Santa Barbara and Rochester Institute of Technology, has launched a searchable dataset for budding astrophysics enthusiasts worldwide.

As well as a catalog of galaxies, the dataset includes an interactive viewer that users can search for images of specific objects or click them to view their properties, covering approximately 0.54 square degrees of sky with the Near Infrared Camera (NIRCam) and a 0.2 square degree area with the Mid Infrared Instrument (MIRI). Although the raw data was already publicly available to the science community, the aim of the COSMOS-Web project was to make it more usable for other scientists.

Cisco is updating its networking and security products to make AI networks speedier and more secure, part of a broader push to capitalize on the AI spending boom. From a report: A new generation of switches -- networking equipment that links computer systems -- will offer a 10-fold improvement in performance, the company said on Tuesday. That will help prevent AI applications from suffering bottlenecks when transferring data, Cisco said. Networking speed has become a bigger issue as data center operators try to manage a flood of AI information -- both in the cloud and within the companies' own facilities. Slowdowns can hinder AI models, Cisco President and Chief Product Officer Jeetu Patel said in an interview. That applies to the development phase -- known as training -- and the operation of the models, a stage called inference. A massive build-out of data centers has made Cisco more relevant, he said. "AI is going to be network-bound, both on training and inference," Patel said. Having computer processors sit idle during training because of slow networks is "just throwing away money."