"GitHub has announced a partnership with the Stanford Law School to support developers facing takedown requests related to the Digital Millennium Copyright Act (DMCA)," reports VentureBeat: While the DMCA may be better known as a law for protecting copyrighted works such as movies and music, it also has provisions (17 U.S.C. 1201) that criminalize attempts to circumvent copyright-protection controls — this includes any software that might help anyone infringe DMCA regulations. However, as with the countless spurious takedown notices delivered to online content creators, open source coders too have often found themselves in the DMCA firing line with little option but to comply with the request even if they have done nothing wrong. The problem, ultimately, is that freelance coders or small developer teams often don't have the resources to fight DMCA requests, which puts the balance of power in the hands of deep-pocketed corporations that may wish to use DMCA to stifle innovation or competition. Thus, GitHub's new Developer Rights Fellowship — in conjunction with Stanford Law School's Juelsgaard Intellectual Property and Innovation Clinic — seeks to help developers put in such a position by offering them free legal support. The initiative follows some eight months after GitHub announced it was overhauling its Section 1201 claim review process in the wake of a takedown request made by the Recording Industry Association of America (RIAA), which had been widely criticized as an abuse of DMCA... [M]oving forward, whenever GitHub notifies a developer of a "valid takedown claim," it will present them with an option to request free independent legal counsel. The fellowship will also be charged with "researching, educating, and advocating on DMCA and other legal issues important for software innovation," GitHub's head of developer policy Mike Linksvayer said in a blog post, along with other related programs. Explaining their rationale, GitHub's blog post argues that currently "When developers looking to learn, tinker, or make beneficial tools face a takedown claim under Section 1201, it is often simpler and safer to just fold, removing code from public view and out of the common good. "At GitHub, we want to fix this."

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: In iOS 14, Apple added a "privacy" section to the app store, requiring app developers to list the data they collect and how they use it. Google -- which was one of the biggest targets of Apple's privacy nutrition labels and delayed app updates for months to avoid complying with the policy -- is now aping the feature for Google Play. Google posted a demo of what the Google Play "Data privacy & security" section will look like, and it contains everything you'd expect if you've looked at the App Store lately. There's information on what data apps collect, whether or not the apps share the data with third parties, and how the data is stored. Developers can also explain what the data is used for and if data collection is required to use the app. The section also lists whether or not the collected data is encrypted, if the user can delete the data, and if the app follows Google's "Families" policy (meaning all the usual COPPA stuff). Google Play's privacy section will be mandatory for all developers in April 2022, and starting in October, Google says developers can start populating information in the Google Play Console "for review." Google also says that in April, all apps will need to supply a privacy policy, even if they don't collect any data. Apps that don't have an "approved" privacy section by April may have their app updates rejected or their app removed. Google says, "Developers are responsible for providing accurate and complete information in their safety section." All of this information is basically just running on the honor system, and on iOS, developers have already been caught faking their privacy labels.

Read more of this story at Slashdot.

Developer Harrison Allen has developed a playable clone of Pokemon for the Pebble smartwatch, which was officially discontinued in late 2016 after the company was sold to Fitbit. Gizmodo reports: According to the game's developer, Harrison Allen, Pebblemon uses a graphics library they created that replicates Pokémon Yellow, which was the first version of the popular game series to take advantage of the Game Boy Color's limited color palette. As a result, while Pebblemon appears to be playable using the Pebble smartwatch's buttons (the wearable lacked a touchscreen), it's a smaller version of the original game featuring "various areas within the Johto region" but players will still "Encounter all 251 Pokemon from the Game Boy Color games" and will still be able to find items to help them out during gameplay. Pebblemon is currently available through the Rebble.io repository, which was created shortly after the company died as a place to continue to allow users to maintain their smart wearables, and to give developers a way to distribute new apps. If you don't already use it, you'll have to jump through a few hoops to get it to play nice with your Pebble watch, but it doesn't appear terribly difficult. Alternately, Allen has provided all of his source code through GitHub, if you're in the mood to compile or adapt it into something else yourself. There are two things to keep in mind if you want to try Pebblemon out: it's only compatible with the Pebble Time, Pebble Time Round, and Pebble 2 models -- not the original version of the wearable -- and you're going to want to jump on this as soon as possible because there's a very good chance Nintendo's eager lawyers are already aware of the game, and are already working to wipe it off the face of the Earth.

Read more of this story at Slashdot.

The U.S. Government Accountability Office on Friday denied protests from companies affiliated with Jeff Bezos that NASA wrongly awarded a lucrative astronaut lunar lander contract solely to Elon Musk's SpaceX. CNBC reports: "NASA did not violate procurement law or regulation when it decided to make only one award ... the evaluation of all three proposals was reasonable, and consistent with applicable procurement law, regulation, and the announcement's terms," GAO managing associate general counsel Kenneth Patton wrote in a statement. The GAO ruling backs the space agency's surprise announcement in April that NASA awarded SpaceX with a contract worth about $2.9 billion. SpaceX was competing with Blue Origin and Dynetics for what was expected to be two contracts, before NASA only awarded a single contract due to a lower-than-expected allocation for the program from Congress. NASA, in a statement, said that the GAO decision will allow the agency "to establish a timeline for the first crewed landing on the Moon in more than 50 years." "As soon as possible, NASA will provide an update on the way ahead for Artemis, the human landing system, and humanity's return to the Moon. We will continue to work with the Biden Administration and Congress to ensure funding for a robust and sustainable approach for the nation's return to the Moon in a collaborative effort with U.S. commercial partners," the U.S. space agency said. A Blue Origin spokesperson told CNBC that the company still believes "there were fundamental issues with NASA's decision, but the GAO wasn't able to address them due to their limited jurisdiction." "We'll continue to advocate for two immediate providers as we believe it is the right solution," Blue Origin said. "The Human Landing System program needs to have competition now instead of later -- that's the best solution for NASA and the best solution for our country."

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Guardian: Virtual contact during the pandemic made many over-60s feel lonelier and more depressed than no contact at all, new research has found. Many older people stayed in touch with family and friends during lockdown using the phone, video calls, and other forms of virtual contact. Zoom choirs, online book clubs and virtual bedtime stories with grandchildren helped many stave off isolation. But the study, among the first to comparatively assess social interactions across households and mental wellbeing during the pandemic, found many older people experienced a greater increase in loneliness and long-term mental health disorders as a result of the switch to online socializing than those who spent the pandemic on their own. The problem [said Dr Yang Hu of Lancaster University, who co-wrote the report, published on Monday in Frontiers in Sociology] was that older people unfamiliar with technology found it stressful to learn how to use it. But even those who were familiar with technology often found the extensive use of the medium over lockdown so stressful that it was more damaging to their mental health than simply coping with isolation and loneliness. "Extensive exposure to digital means of communication can also cause burnout. The results are very consistent," said Hu, who collected data from 5,148 people aged 60 or over in the UK and 1,391 in the US -- both before and during the pandemic. "It's not only loneliness that was made worse by virtual contact, but general mental health: these people were more depressed, more isolated and felt more unhappy as a direct result of their use of virtual contact," he said. "We need to have disaster preparedness," he said. "We need to equip older people with the digital capacity to be able to use technology for the next time a disaster like this comes around." Hu added: "Policymakers and practitioners need to take measures to pre-empt and mitigate the potential unintended implications of household-centerd pandemic responses for mental wellbeing."

Read more of this story at Slashdot.

A previously undocumented Android-based remote access trojan (RAT) has been found to use screen recording features to steal sensitive information on the device, including banking credentials, and open the door for on-device fraud. The Hacker News reports: Dubbed "Vultur" due to its use of Virtual Network Computing (VNC)'s remote screen-sharing technology to gain full visibility on targeted users, the mobile malware was distributed via the official Google Play Store and masqueraded as an app named "Protection Guard," attracting over 5,000 installations. Banking and crypto-wallet apps from entities located in Italy, Australia, and Spain were the primary targets. "For the first time we are seeing an Android banking trojan that has screen recording and keylogging as the main strategy to harvest login credentials in an automated and scalable way," researchers from ThreatFabric said in a write-up shared with The Hacker News. "The actors chose to steer away from the common HTML overlay development we usually see in other Android banking Trojans: this approach usually requires a larger time and effort investment from the actors to create multiple overlays capable of tricking the user. Instead, they chose to simply record what is shown on the screen, effectively obtaining the same end result." Vultur [...] takes advantage of accessibility permissions to capture keystrokes and leverages VNC's screen recording feature to stealthily log all activities on the phone, thus obviating the need to register a new device and making it difficult for banks to detect fraud. What's more, the malware employs ngrok, a cross-platform utility used to expose local servers behind NATs and firewalls to the public internet over secure tunnels, to provide remote access to the VNC server running locally on the phone. Additionally, it also establishes connections with a command-and-control (C2) server to receive commands over Firebase Cloud Messaging (FCM), the results of which, including extracted data and screen captures, are then transmitted back to the server. ThreatFabric's investigation also connected Vultur with another well-known piece of malicious software named Brunhilda, a dropper that utilizes the Play Store to distribute different kinds of malware in what's called a "dropper-as-a-service" (DaaS) operation, citing overlaps in the source code and C2 infrastructure used to facilitate attacks. These ties, the Amsterdam-based cybersecurity services company said, indicate Brunhilda to be a privately operating threat actor that has its own dropper and proprietary RAT Vultur.

Read more of this story at Slashdot.

Amazon delivery companies around the U.S. are instructing workers to bypass daily inspections intended to make sure vans are safe to drive. From a report: Amazon requires contracted delivery drivers to inspect their vehicles at the beginning and end of their shift as a safety precaution. But some drivers say they're pressured to ignore damage and complete the inspections as quickly as possible, so that delivery companies can avoid taking vans off the road. If delivery companies take a van off the road, they risk forfeiting valuable package routes and drivers may lose a shift. These inconsistent inspection practices undermine the company's public messaging around worker safety. They also highlight the tension that delivery partners face between ensuring drivers' safety and keeping up with Amazon's aggressive delivery quotas, which can stretch into hundreds of packages per day per driver. CNBC spoke to 10 current and former Amazon delivery drivers in Georgia, Ohio, Indiana, Illinois, Kentucky and Texas who discovered their vans had issues ranging from jammed doors and tires with little to no tread to busted backup cameras and broken mirrors. They say managers told them to ignore these problems and complete their deliveries as usual.

Read more of this story at Slashdot.

Open source packages downloaded an estimated 30,000 times from the PyPI open source repository contained malicious code that surreptitiously stole credit card data and login credentials and injected malicious code on infected machines, researchers said on Thursday. Ars Technica reports: In a post, researchers Andrey Polkovnichenko, Omer Kaspi, and Shachar Menashe of devops software vendor JFrog said they recently found eight packages in PyPI that carried out a range of malicious activity. Based on searches on https://pepy.tech, a site that provides download stats for Python packages, the researchers estimate the malicious packages were downloaded about 30,000 times. [...] Different packages from Thursday's haul carried out different kinds of nefarious activities. Six of them had three payloads, one for harvesting authentication cookies for Discord accounts, a second for extracting any passwords or payment card data stored by browsers, and the third for gathering information about the infected PC, such as IP addresses, computer name, and user name. The remaining two packages had malware that tries to connect to an attacker-designated IP address on TCP port 9009, and to then execute whatever Python code is available from the socket. It's not now known what the IP address was or if there was malware hosted on it. Like most novice Python malware, the packages used only a simple obfuscation such as from Base64 encoders. Karas told me that the first six packages had the ability to infect the developer computer but couldn't taint the code developers wrote with malware. "For both the pytagora and pytagora2 packages, which allows code execution on the machine they were installed, this would be possible." he said in a direct message. "After infecting the development machine, they would allow code execution and then a payload could be downloaded by the attacker that would modify the software projects under development. However, we don't have evidence that this was actually done."

Read more of this story at Slashdot.

The devastating heatwave that struck the Northwest US and southwest Canada in June was "the most extreme summer heatwave" ever recorded in North America, according to a new analysis from nonprofit research group Berkeley Earth. The Verge reports: Record temperatures in the region reached roughly 20 degrees Celsius (or 36 ÂF) hotter than average in June. Canada recorded its hottest temperature ever on June 29th when the village of Lytton in British Columbia reached an astonishing 49.6 degrees Celsius (121 degrees Fahrenheit). Typical temperatures there in June are closer to 20 to 30 degrees Celsius (68 to 86 degrees Fahrenheit). The consequences of that heat are staggering. Scorching temperatures fed wildfires, which burned down 90 percent of Lytton. There were at least 570 heat-related deaths in Canada and at least 194 in the US. Thousands more people wound up in emergency departments. For the entire Northern Hemisphere, it was the warmest June on record averaged across all land areas. Nearly 4 percent of the surface of the Earth hit record high average temperatures during the first half of 2021, according to the Berkeley Earth analysis. That's despite the cooling effect of a La Nina event. Looking at the first six months of the year, "Nowhere has been record cold," tweeted Berkeley Earth lead scientist Robert Rohde. Globally, the odds of more "record-shattering" heatwaves like the one that took such a huge toll in the US and Canada in June are likely on the rise.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Kotaku: A cybersecurity company whose security researcher had once been harassed by Blizzard employees at a hacking conference charged the game developer a 50 percent "misogyny tax" when it sought a quote for security services, according to a new report from Waypoint. The researcher, Emily Mitchell, told Waypoint that she approached the Blizzard booth during the annual Black Hat USA cybersecurity conference in 2015 to see if the major video game company had any open positions. Her shirt, which referenced [to] a security process known as "penetration testing," prompted two unnamed Blizzard employees to ask her questions laced with misogyny and sexual double entendre. "One of them asked me when was the last time I was personally penetrated, if I liked being penetrated, and how often I got penetrated," Mitchell said. "I was furious and felt humiliated, so I took the free swag and left." Two years later, Blizzard approached cybersecurity firm Sagitta HPC (now known as Terahash) to request a quote on one of Sagitta HPC's password-cracking boxes. Mitchell, who was Sagitta HPC's chief operating officer at the time, saw Blizzard's request and immediately remembered what occurred at Black Hat USA 2015. After learning of the incident from Mitchell, Sagitta HPC founder and chief executive officer Jeremi M. Gosney responded to Blizzard's inquiry with a lengthy message decrying her treatment at the hands of Blizzard's employees. "[R]ather than dismiss you and tell you that we will not do business with you, we'd like to give Blizzard the opportunity to redeem themselves," Gosney wrote. (He eventually shared the email on Twitter with Blizzard's name redacted.) "We are committed to combating inequality, and I am calling on Blizzard to do the same. As you may or may not know, today is International Women's Day. And in honor of this day, we are attaching a few conditions if Blizzard wishes to do business with us." These conditions included a 50 percent "misogyny tax" on any business Sagitta HPC did with Blizzard (to be used as a donation to three different organizations devoted to support girls and women in the tech industry), Blizzard becoming a Gold-level sponsor of the Grace Hopper Celebration of Women in Computing conference, and a formal letter of apology from Blizzard executives to Mitchell in which they'd further dedicate themselves to supporting equality for women and sexual harassment training. [...] In 2017, the organizers of Black Hat USA, the Las Vegas hacking conference at which Mitchell was originally accosted, promised her that they would not allow Blizzard back as a sponsor for future events. As far as Kotaku can tell from historical information, neither Blizzard nor Activision have had a presence at the cybersecurity event since the year Blizzard staff harassed Mitchell. "Once this incident was reported to us, the Company began an investigation, promptly removed all unauthorized cameras, and notified the authorities," Activision Blizzard told Waypoint. "The authorities conducted a thorough investigation, with the full cooperation of the Company. As soon as the authorities and Company identified the perpetrator, he was terminated for his abhorrent conduct. The Company provided crisis counselors to employees, onsite and virtually, and increased security."

Read more of this story at Slashdot.

On Wednesday, language learning app Duolingo reached a valuation of $6.5 billion after its shares surged nearly 40% in the company's Nasdaq debut. Reuters reports: Duolingo's stock opened at $141.4 per share, blowing past the initial public offering price (IPO) of $102 per share, which crossed the top end of its target range. The stock later pared some gains to trade at $130.92 in the afternoon. The company's flotation comes at a time of increased investor interest in the edtech space, after pandemic restrictions sent students and teachers from the classroom to the web. "Being a public company will allow us to operate at a higher level, and get going from the minor leagues to the major leagues," said Luis von Ahn, co-founder and chief executive officer of Duolingo. Following the IPO, the company will focus on improving its flagship app and getting more active users to switch to paying subscribers, von Ahn said. Duolingo offers courses in 40 languages to about 40 million monthly active users. The company also plans to expand more in Asia, its fastest growing region. Currently, Duolingo's largest market is the United States, home to 20% of its users and bringing in 45% of the company's revenue, von Ahn said.

Read more of this story at Slashdot.

Forget the home office -- 45% of American teleworkers regularly work from a couch, 38% regularly work from bed and 20% often work outside, according to a study by the home improvement marketing firm CraftJack. Axios reports: People have spent an average of $268 trying to improve their remote work setups, but a whopping 50% still say the pain and discomfort of working from home is enough to send them back to the office. It's not enough for companies to provide stipends for teleworkers to buy ergonomic chairs or desks, Axios' Kia Kokalitcheva notes. Many people simply do not have the space allocated inside their homes for an office setup, and it can be too expensive to move to a bigger place.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Phys.Org: Today, the LHCb experiment at CERN is presenting a new discovery at the European Physical Society Conference on High Energy Physics (EPS-HEP). The new particle discovered by LHCb, labeled as Tcc+, is a tetraquark -- an exotic hadron containing two quarks and two antiquarks. It is the longest-lived exotic matter particle ever discovered, and the first to contain two heavy quarks and two light antiquarks. Quarks are the fundamental building blocks from which matter is constructed. They combine to form hadrons, namely baryons, such as the proton and the neutron, which consist of three quarks, and mesons, which are formed as quark-antiquark pairs. In recent years a number of so-called exotic hadrons -- particles with four or five quarks, instead of the conventional two or three -- have been found. Today's discovery is of a particularly unique exotic hadron, an exotic exotic hadron if you like. The new particle contains two charm quarks and an up and a down antiquark. Several tetraquarks have been discovered in recent years (including one with two charm quarks and two charm antiquarks), but this is the first one that contains two charm quarks, without charm antiquarks to balance them. Physicists call this "open charm" (in this case, "double open charm"). Particles containing a charm quark and a charm antiquark have "hidden charm" -- the charm quantum number for the whole particle adds up to zero, just like a positive and a negative electrical charge would do. Here the charm quantum number adds up to two, so it has twice the charm! The quark content of Tcc+, has other interesting features besides being open charm. It is the first particle to be found that belongs to a class of tetraquarks with two heavy quarks and two light antiquarks. Such particles decay by transforming into a pair of mesons, each formed by one of the heavy quarks and one of the light antiquarks. According to some theoretical predictions, the mass of tetraquarks of this type should be very close to the sum of masses of the two mesons. Such proximity in mass makes the decay "difficult," resulting in a longer lifetime of the particle, and indeed Tcc+, is the longest-lived exotic hadron found to date.

Read more of this story at Slashdot.

The lifestyles of around three average Americans will create enough planet-heating emissions to kill one person, and the emissions from a single coal-fired power plant are likely to result in more than 900 deaths, according to the first analysis to calculate the mortal cost of carbon emissions. From a report: The new research builds upon what is known as the "social cost of carbon," a monetary figure placed upon the damage caused by each ton of carbon dioxide emissions, by assigning an expected death toll from the emissions that cause the climate crisis. The analysis draws upon several public health studies to conclude that for every 4,434 metric tons of CO2 pumped into the atmosphere beyond the 2020 rate of emissions, one person globally will die prematurely from the increased temperature. This additional CO2 is equivalent to the current lifetime emissions of 3.5 Americans. Adding a further 4m metric tons above last year's level, produced by the average US coal plant, will cost 904 lives worldwide by the end of the century, the research found. On a grander scale, eliminating planet-heating emissions by 2050 would save an expected 74 million lives around the world this century. The figures for expected deaths from the release of emissions aren't definitive and may well be "a vast underestimate" as they only account for heat-related mortality rather than deaths from flooding, storms, crop failures and other impacts that flow from the climate crisis, according to Daniel Bressler of Columbia University's Earth Institute, who wrote the paper.

Read more of this story at Slashdot.

China's breathtaking economic growth created cities ill-equipped to face extreme weather. Last week's dramatic floods showed that much will have to change. From a report: China's breakneck growth over the last four decades erected soaring cities where there had been hamlets and farmland. The cities lured factories, and the factories lured workers. The boom lifted hundreds of millions of people out of the poverty and rural hardship they once faced. Now those cities face the daunting new challenge of adapting to extreme weather caused by climate change, a possibility that few gave much thought to when the country began its extraordinary economic transformation. China's pell-mell, brisk urbanization has in some ways made the challenge harder to face. No one weather event can be immediately linked to climate change, but the storm that flooded Zhengzhou and other cities in central China last week, killing at least 69 as of Monday, reflects a global trend of extreme weather that has seen deadly flooding recently in Germany and Belgium, and severe heat and wildfires in Siberia. The flooding in China, which engulfed subway lines, washed away roads and cut off villages, also highlights the environmental vulnerabilities that accompanied the country's economic boom and could yet undermine it. China has always had floods, but as Kong Feng, then a public policy professor at Tsinghua University in Beijing, wrote in 2019, the flooding of cities across China in recent years is "a general manifestation of urban problems" in the country. The vast expansion of roads, subways and railways in cities that swelled almost overnight meant there were fewer places where rain could safely be absorbed -- disrupting what scientists call the natural hydrological cycle. Faith Chan, a professor of geology with the University of Nottingham in Ningbo in eastern China, said the country's cities -- and there are 93 with populations of more than a million -- modernized at a time when Chinese leaders made climate resiliency less of a priority than economic growth. "If they had a chance to build a city again, or to plan one, I think they would agree to make it more balanced," said Mr. Chan, who is also a visiting fellow at the Water@Leeds Research Institute of the University of Leeds.

Read more of this story at Slashdot.

The U.S. agency leading the fight against Covid-19 gave up a crucial surveillance tool tracking the effectiveness of vaccines just as a troublesome new variant of the virus was emerging. From a report: While the Centers for Disease Control and Prevention stopped comprehensively tracking what are known as vaccine breakthrough cases in May, the consequences of that choice are only now beginning to show. At the time, the agency had identified only 10,262 cases across the U.S. where a fully vaccinated person had tested positive for Covid. Most people who got infected after vaccination showed few symptoms, and appeared to be at low risk of infecting others. But in the months since, the number of vaccine breakthrough cases has grown, as has the risk that they present. Further reading: 'The War Has Changed': Internal CDC Document Urges New Messaging, Warns Delta Infections Likely More Severe.

Read more of this story at Slashdot.

In a preprint posted online Thursday night, researchers at Google in collaboration with physicists at Stanford, Princeton and other universities say that they have used Google's quantum computer to demonstrate a genuine "time crystal" for the first time. From a report: A novel phase of matter that physicists have strived to realize for many years, a time crystal is an object whose parts move in a regular, repeating cycle, sustaining this constant change without burning any energy. "The consequence is amazing: You evade the second law of thermodynamics," said co-author Roderich Moessner, director of the Max Planck Institute for the Physics of Complex Systems in Dresden, Germany. That's the law that says disorder always increases. Time crystals are also the first objects to spontaneously break "time-translation symmetry," the usual rule that a stable object will remain the same throughout time. A time crystal is both stable and ever-changing, with special moments that come at periodic intervals in time. The time crystal is a new category of phases of matter, expanding the definition of what a phase is. All other known phases, like water or ice, are in thermal equilibrium: Their constituent atoms have settled into the state with the lowest energy permitted by the ambient temperature, and their properties don't change with time. The time crystal is the first "out-of-equilibrium" phase: It has order and perfect stability despite being in an excited and evolving state. "This is just this completely new and exciting space that we're working in now," said Vedika Khemani, a condensed matter physicist now at Stanford who co-discovered the novel phase while she was a graduate student and co-authored the new paper.

Read more of this story at Slashdot.

Several readers shared this story: Tesla CEO Elon Musk reportedly demanded to become Apple's CEO in a 2016 phone call with current Apple CEO Tim Cook, according to an upcoming book about Tesla. The story, shared by the Los Angeles Times, comes from Power Play: Tesla, Elon Musk, and the Bet of the Century by The Wall Street Journal reporter Tim Higgins. As the book tells it, Cook suggested to Musk that Apple acquire Tesla, and Musk said he wanted to be CEO. Cook reportedly agreed, but Musk clarified that he wanted to be the CEO of Apple. "According to a former aide who heard (Musk's) retelling of the exchange," Cook said "Fuck you" before hanging up the phone. But Musk and Apple have both suggested that the conversation couldn't have happened because Musk and Cook have never spoken. Musk, in a tweet on Friday, flat out said that "Cook & I have never spoken or written to each other ever." He also said that he attempted to meet with Cook about Apple acquiring Tesla, a meeting that Cook refused. When asked for comment about the reported conversation, Apple pointed to remarks Cook made during an interview with The New York Times' Kara Swisher where he denied having ever spoken to Elon. "You know, I've never spoken to Elon, although I have great admiration and respect for the company he's built," Cook said.

Read more of this story at Slashdot.

Epic, which sued Apple last year and has expressed concerns about the exorbitant fees the iPhone-maker charges on App Store (30% on each transaction on year 1 for apps that are not games and 15% on year 2 and beyond), has found a new backer in the court of public opinion: Elon Musk. In a tweet Friday, Musk likened Apple's App Store charges to "a de facto global tax on the Internet." He added, "Epic is right." Epic CEO Tim Sweeney added today: The Apple Tax is far more pernicious than many realize. "It only applies to digital goods accessible on iOS," they say -- but in the future all physical goods will have a digital presence, and Apple will tax and gatekeep world commerce. Apple must be stopped. Friday's remarks follows Musk sniping at Apple during an earnings call earlier this week. From that story: Apple's walled garden is facing scrutiny from lawmakers and other companies, including in an antitrust trial that took place earlier this year after it was sued by Epic Games over App Store fees and policies. "I think we do want to emphasize that our goal is to support the advent of sustainable energy," Musk said in response to a question about letting competitors use its charger network. "It is not to create a walled garden and use that to bludgeon our competitors which is used by some companies." Musk then faked a cough and said, "Apple."

Read more of this story at Slashdot.

Security researchers say they have uncovered an ongoing hacking campaign carried out by suspected Russian spies who are continuing to stage attacks amid U.S. pressure on the Kremlin to curtail its alleged cyber-intrusions. From a report: The California-based cybersecurity firm RiskIQ Inc. said in a report released on Friday that it had uncovered more than 30 command and control servers -- used by cybercriminals to send orders to compromised networks or receive stolen data -- associated with the state-sponsored hacking group, which is known as APT29 or Cozy Bear. The group is using the servers to deploy malicious software named WellMess, according to RiskIQ. APT stands for "advanced persistent threat," and is a term often used to describe state-sponsored hacking groups. In July last year, government agencies from the U.S., U.K., and Canada, said that APT29 was "almost certainly" part of the Russian intelligence services and accused it of hacking organizations involved in the development of the Covid-19 vaccine and stealing intellectual property. The same group was also allegedly involved in the 2016 hack on the Democratic National Committee and the breach of SolarWinds, which was disclosed last year, according to U.S. officials. The Russian embassy in Washington referred to an earlier statement, in which it urged journalists to stop "sweeping accusations" and said it was confident that discussions with the U.S. related to cyberspace would "improve the security of the information infrastructure of our countries."

Read more of this story at Slashdot.