Source: Schneier on Security
https://www.schneier.com/blog/archives/2026/04/hiding-bluetooth-trackers-in-mail.html
It was used to track a Dutch naval ship:
Dutch journalist Just Vervaart, working for regional media network Omroep Gelderland, followed the directions posted on the Dutch government website and mailed a postcard with a hidden tracker inside. Because of this, they were able to track the ship for about a day, watching it sail from Heraklion, Crete, before it turned towards Cyprus. While it only showed the location of that one vessel, knowing that it was part of a carrier strike group sailing in the Mediterranean could potentially put the entire fleet at risk.
[…]
Navy officials reported that the tracker was discovered within 24 hours of the ship’s arrival, during mail sorting, and was eventually disabled. Because of this incident, the Dutch authorities now ban electronic greeting cards, which, unlike packages, weren’t x-rayed before being brought on the ship.
Subject: A new Oregon law regulates police use of license plate readers. Here’s how it works
Source: Oregon Capital Chronicle via Route Fifty
https://www.route-fifty.com/digital-government/2026/04/new-oregon-law-regulates-police-use-license-plate-readers-heres-how-it-works/413091/
The legislation empowers Oregonians to sue technology vendors who violate the law’s privacy protections.
Oregonians will soon be able to sue private companies that sell or otherwise improperly use data captured by license plate-reading cameras under a new state law.
Senate Bill 1516, signed into law by Gov. Tina Kotek on March 31, went into effect immediately due to an emergency clause lawmakers tucked into the legislation. The 16-page law was part of a public safety omnibus package that received bipartisan support, but it stood out for its restrictions placed on the use of automated license plate reading software and the street cameras it employs. Law enforcement agencies have used that technology to dismantle criminal networks, but their use has drawn increased scrutiny amid increased federal immigration enforcement.
The technology tracks more than license plates, including features such as car color, make or physical condition, and some researchers have found that its use can lead to misread plates or arrests of innocent individuals.
…
Topics:
Source: Wired via Newser
https://www.newser.com/story/387572/big-brother-has-apparently-infiltrated-madison-square-garden.html
Wired lays out secrets behind surveillance system at Dolan-owned sports/concert venue in NYC.
Fans headed to Madison Square Garden may be walking into more than a basketball arena, according to a detailed Wired investigation into owner James Dolan’s growing surveillance apparatus. The story, based on a whistleblower lawsuit and interviews with seven current and former security staffers, describes an operation that uses facial-recognition technology and other tools not just for safety, but to track critics, bar perceived enemies, and monitor people even beyond Dolan’s venues. At the center of the report is the case of “Nina Richards,” a transgender Knicks fan whose every move at the Garden was logged over a two-year span—what time she scanned her ticket, who she hugged, when she used the bathroom—allegedly because Dolan’s security chief, John Eversole, wanted her kept away from players.
Source: BleepingComputer
https://www.bleepingcomputer.com/news/security/american-utility-firm-itron-discloses-breach-of-internal-it-network/
Utility technology company Itron, Inc. has disclosed that an unauthorized third party accessed some of its internal systems during a cyberattack.
The company states that it activated its cybersecurity response plan when detecting the activity last month, notified law enforcement authorities, and engaged external advisors to support the investigation and incident containment.
“On April 13, 2026, Itron, Inc. was notified that an unauthorized third party had gained access to certain of its systems,” the company says says in an 8-K filing with the U.S. Securities and Exchange Commission (SEC).
Itron is a Washington-based public company that provides utility technology products and services for energy and water resources management.
Itron’s business is interwoven with critical infrastructure such as electricity grids, water distribution, and gas networks.
However, the company noted that in this case, business operations recorded no material disruption, and it does not currently expect any subsequent impact. Also, it expects a significant portion of incident-related costs to be covered by insurance.
Tagged:
Source: Phone Scoop
https://www.phonescoop.com/articles/article.php?a=23705
The US Supreme Court is hearing arguments today on whether “geofence warrants” violate the Fourth Amendment’s ban on unreasonable searches. Geofence warrants request info on all persons whose phones can be placed within a certain area at a certain time, without naming a specific person of interest. In this case, the warrant was served to Google, and used to find someone who robbed a bank in Virginia. The Supreme Court previously weighed in on phone location data in 2018 when it ruled that getting location data for a specific person required a warrant.
Subject: Facebook’s AI Spam Isn’t the ‘Dead Internet’: It’s the Zombie Internet
Source: 404 Media via Archive.Today
https://archive.ph/2JNKK
Facebook is the zombie internet, where a mix of bots, humans, and accounts that were once humans but aren’t anymore interact to form a disastrous website where there is little social connection at all.Over the last few months, many have proposed that the AI spam taking over Facebook is a great example of the “Dead Internet Theory,” which posits that large portions of the internet are made up of bots talking to bots, filtered through the lens of recommendation and engagement algorithms. Facebook is undeniably cooked, a decaying, depressing hall of horrors full of viral AI-generated content that seemingly gets worse every day.
But I do not think Facebook is the dead internet. Instead, I think it is something worse.
Facebook is the zombie internet, where a mix of bots, humans, and accounts that were once humans but aren’t anymore mix together to form a disastrous website where there is little social connection at all.
…
Facebook’s Recommendation Algorithm is Injecting AI Into People’s Feeds
Subject: Canada Uncovers First ‘SMS Blaster’ Scam
Source: Newser
https://www.newser.com/story/388099/canada-uncovers-first-sms-blaster-scam.html
Device allegedly spoofed cell towers, disrupted phone service for thousands.
[see pic] Canadian police say they’ve busted a roaming text-message scam that essentially involved driving a fake cell tower around Toronto. Authorities on Thursday announced the arrest of three men accused of operating “SMS blasters,” devices that imitate legitimate towers and quietly pull in nearby phones, per Gizmodo. Once connected, the devices pushed out phishing texts that looked like they came from banks, parking authorities, and other institutions and steered people to sham sites to harvest logins and financial data, per Toronto police. Investigators say the mobile setup—run out of vehicles—could hit thousands of phones at once. Tens of thousands of devices were allegedly connected over several months, with millions of service disruptions, per the National Post.
Subject: An AI agent deleted a company’s entire database in 9 seconds – then wrote an apology
Source: Euronews
https://www.euronews.com/next/2026/04/28/an-ai-agent-deleted-a-companys-entire-database-in-9-seconds-then-wrote-an-apology
[thx, Don …]
The AI system, powered by Anthropic’s Claude Opus model, had been handling a routine task when it independently chose to “fix” an issue by wiping the data – without any human approval. Whoopsy!
An artificial intelligence agent designed to streamline coding tasks instead managed to wipe out an entire company database in just a matter of seconds.
PocketOS, which makes software for car rental businesses, experienced a major 30-plus-hour outage over the weekend after the autonomous tool erased its database.
The digital culprit was Cursor, a popular AI coding agent powered by Anthropic’s Claude Opus 4.6 model, widely regarded as one of the most capable AI systems for programming tasks.
PocketOS founder Jer Crane blamed “systemic failures” in the current AI infrastructure, arguing they made the incident “not only possible but inevitable”.
‘The most destructive, irreversible action possible..’
…
The incident comes as AI models become more sophisticated, especially since the announcement of Anthropic’s latest model, Mythos, and bankers and governments sound the alarm over potential cybersecurity incidents.
Tagged:
Source: The Verge
https://www.bespacific.com/how-the-experts-figure-out-whats-real-in-the-age-of-deepfakes/
The Verge – no paywall: “In the days that followed the US and Israel’s joint military strike on Iran on Saturday, floods of images and videos that supposedly document the war have appeared online. Some are old or depict unrelated conflicts, are made or manipulated with AI, and in some cases, are actually taken from military-themed video games like War Thunder. With misinformation spreading like wildfire, many people have placed their trust in reputable digital investigators. Organizations like The New York Times, Indicator, and Bellingcat have extensive verification procedures to avoid publishing synthetic or misleading content. “Audiences can turn to trusted, independent news organizations that take the time and effort to authenticate visuals and clearly explain sourcing,” Charlie Stadtlander, executive director for media relations and communications at The Times, told The Verge. Media authentication methods are rarely foolproof, but standards are…
—
Abstracted from beSpacific
Copyright © 2025 beSpacific, All rights reserved.
Source: WIRED
https://www.wired.com/story/why-sharing-a-screenshot-can-get-you-jailed-in-the-uae/
When a Screenshot Stops Being Harmless
Screenshots have become a language of their own. They document conversations, settle arguments, provide evidence in disputes, and occasionally serve no purpose beyond making a group chat briefly more interesting. But once a private exchange is copied and shared, it may no longer be treated as private—and intent is not always the only factor considered under the law.
Elnaggar puts it plainly: “The law does not distinguish between formal publication and informal sharing when the outcome is the same.”
A screenshot becomes legally problematic, Elnaggar says, when it exposes private communications without consent, distorts the context of what was said, or contributes to reputational harm. “The law assumes responsibility at the point of disclosure,” Elnaggar says. “Even if content was originally shared in confidence between two parties, redistributing it can transform a private exchange into a regulated media act with legal consequences.”
Many users assume intent is the deciding factor. The law, broadly speaking, does not.
…
This story originally appeared on WIRED Middle East.
Topics:
- Iran
- censorship
- Crime
- laws
- war
- cybersecurity
- privacy
- memes
- Internet
Source: Android Headlines
https://www.androidheadlines.com/2026/05/1100-ai-trainers-were-fired-after-blowing-the-whistle-on-metas-ray-ban-privacy-problem.html
Meta cut ties with AI training contractor Sama after 1,100 employees were terminated, some of whom had flagged concerns about sensitive footage they were asked to review. That footage, captured through Meta’s Ray-Ban smart glasses, reportedly included people in private moments without their knowledge. The timing couldn’t be worse, with Samsung, Google, and Apple all preparing to launch smart glasses of their own.
Meta has now ended its relationship with a vendor that was helping to train its generative AI systems, using footage captured through its Ray-Ban smart glasses. Sama, the contractor in question, announced the termination of 1,108 employees; some say they were fired after coming forward about the sensitive nature of the footage they were asked to review.
This stems from a story that broke back in February. Two employees at the Nairobi division of Sama told two Swedish newspapers that their assignments involved labeling footage from smart glasses that appeared to show subjects who had no idea they were being recorded.
Basically, what happens is that Meta AI requires recording audio and video, some of which is then used for AI training data. Human contractors then scan and label material that AI struggles with to help train it and make it better.
Meta does explain this in detail in its terms of service – you know that long document that you have to agree to, that none of us have ever read. However, Sama employees reported that the glasses were recording banking information, private conversations, people naked in bathrooms, and intimate encounters.
…
Related Topics
Source: Homeland Preparedness News
https://homelandprepnews.com/stories/84233-investigation-launched-into-national-security-risk-posed-by-ai-models-from-chinese-companies/
U.S. Reps. Andrew Garbarino (R-NY) and John Moolenaar (R-MI) announced the launch of a joint investigation into the national security risks posed by artificial intelligence models developed by Chinese companies.
Garbarino, chair of the House Committee on Homeland Security, said his committee and the House Select Committee on China, of which Moolenaar is chair, will look into national security and cybersecurity risks adoption of AI models like DeepSeek, Alibaba, Moonshot AI, and MiniMax, pose to the United States. The investigation comes amid growing concern that Chinese companies may be using the AI models to extract capabilities from leading American frontier models, and then repackaging those capabilities into lower-cost models without the same safeguards as American ones.
As part of their investigation, the law makers sent letters to Anysphere and Airbnb asking for their concerns about the companies’ use of or exposure to the risks through PRC-developed AI.