Court Upholds New York Law That Says ISPs Must Offer $15 Broadband

The U.S. Court of Appeals for the 2nd Circuit overturned a prior district court decision, lifting the injunction that blocked New York’s law mandating that ISPs offer $15 broadband plans to low-income families. Ars Technica reports: The ruling (PDF) is a loss for six trade groups that represent ISPs, although it isn’t clear right now whether the law will be enforced. For consumers who qualify for means-tested government benefits, the state law requires ISPs to offer “broadband at no more than $15 per month for service of 25Mbps, or $20 per month for high-speed service of 200Mbps,” the ruling noted. The law allows for price increases every few years and makes exemptions available to ISPs with fewer than 20,000 customers.

“First, the ABA is not field-preempted by the Communications Act of 1934 (as amended by the Telecommunications Act of 1996), because the Act does not establish a framework of rate regulation that is sufficiently comprehensive to imply that Congress intended to exclude the states from entering the field,” a panel of appeals court judges stated in a 2-1 opinion. Trade groups claimed the state law is preempted by former Federal Communications Commission Chairman Ajit Pai’s repeal of net neutrality rules. Pai’s repeal placed ISPs under the more forgiving Title I regulatory framework instead of the common-carrier framework in Title II of the Communications Act.

2nd Circuit judges did not find this argument convincing: “Second, the ABA is not conflict-preempted by the Federal Communications Commission’s 2018 order classifying broadband as an information service. That order stripped the agency of its authority to regulate the rates charged for broadband Internet, and a federal agency cannot exclude states from regulating in an area where the agency itself lacks regulatory authority. Accordingly, we REVERSE the judgment of the district court and VACATE the permanent injunction.”

Read more of this story at Slashdot.

Xbox Console Sales Are Tanking As Microsoft Brings Games To PS5

In its third-quarter earnings call on Thursday, Microsoft reported a 30% drop in Xbox console sales, after reporting a 30% drop last April. “It blamed the nosedive on a ‘lower volume of consoles sold’ during the start of 2024,” reports Kotaku. From the report: In February, Grand Theft Auto VI parent company Take-Two claimed in a presentation to investors that there were roughly 77 million “gen 9” consoles in people’s homes. It didn’t take fans long to do the math and speculate that Microsoft had only sold around 25 million Xbox Series X/S consoles to-date. That puts it ahead of the GameCube but behind the Nintendo 64, at least for now. Given the results this quarter as well, it doesn’t seem like Game Pass and Starfield have moved the needle much. Maybe that will change once Call of Duty, which Microsoft acquired last fall along with the rest of Activision Blizzard, finally makes its way to Game Pass. Diablo IV only just arrived on the Netflix-like subscription platform this month. But given the fact that the fate of Xbox Series X/S appears to be locked in at this point, it’s easy to see why Microsoft is looking at other places it can put its games.

Sea of Thieves, the last of four games in this initial volley to come to PS5, dominated the PlayStation Store’s top sellers list last week on pre-orders alone. CEO Satya Nadella specifically called this out during a call with investors, noting that Microsoft had more games in the top 25 best sellers on PS5 than any other publisher. “We are committed to meeting players where they are by bringing great games to more people on more devices,” he said. If players there continue to flock to the live-service pirate sim, it’s not hard to imagine Microsoft bringing another batch of its first-party exclusives to the rival platform. Whether that means more recent blockbusters like Starfield or the upcoming Indiana Jones game will someday make the journey remains to be seen.

Read more of this story at Slashdot.

Ring Customers Get $5.6 Million In Refunds In Privacy Settlement

The FTC is issuing more than $5.6 million in refunds to Ring customers as part of a privacy settlement. The Associated Press reports: In a 2023 complaint, the FTC accused the doorbell camera and home security provider of allowing its employees and contractors to access customers’ private videos. Ring allegedly used such footage to train algorithms without consent, among other purposes. Ring was also charged with failing to implement key security protections, which enabled hackers to take control of customers’ accounts, cameras and videos. This led to “egregious violations of users’ privacy,” the FTC noted.

The resulting settlement required Ring to delete content that was found to be unlawfully obtained, establish stronger security protections and pay a hefty fine. The FTC says that it’s now using much of that money to refund eligible Ring customers. According to a Tuesday notice, the FTC is sending 117,044 PayPal payments to impacted consumers who had certain types of Ring devices — including indoor cameras — during the timeframes that the regulators allege unauthorized access took place. Eligible customers will need to redeem these payments within 30 days, according to the FTC — which added that consumers can contact this case’s refund administrator, Rust Consulting, or visit the FTC’s FAQ page on refunds for more information about the process.

Read more of this story at Slashdot.

Seagate Joins the HDD Price Hike Party, Blames AI for Spike in Demand

Seagate has joined Western Digital in increasing the prices of hard drives, with rising demand due to the huge data requirements of AI taking the blame. AI is also behind a rapid growth in orders for Enterprise solid state drives. From a report: One of the big three makers of traditional rotating hard disk drives, Seagate informed customers that it is increasing prices effective immediately for new orders, but also for any changes to orders that are “over and above” previously committed volumes. This was disclosed in a letter from the company seen by analyst Trendforce, and comes just a couple of weeks after rival manufacturer Western Digital sent out a similar letter to customers informing them of price hikes.

According to Trendforce, the cause of the issue is two-fold: rising demand for high-capacity HDD products driven by the current craze for all things AI, and reduced production by hard drive manufacturers that means they are unable to meet the demand, leading to soaring prices. The rising demand comes from AI training requiring huge volumes of data: OpenAI’s GPT-3 model is said to have been trained using 45TB of data, which may have been surpassed for newer models. And while flash-based SSDs boast high-speed and low-latency, storing everything in flash would still be costly. Seagate launched a 30TB hard drive line last year. Hard drive production was cut by as much as 20 percent over the last two years or so because of falling orders during the pandemic, and now manufacturers are unprepared for a sudden uptick in demand.

Read more of this story at Slashdot.

Manga Site Blocks Adult Content, But Only For US and UK Users

Samantha Cole reports via 404 Media: A Japan-based online art platform is banning kink content for users based in the US and UK, as laws in these countries continue to tighten around sites that allow erotic content. Pixiv is an image gallery site where artists primarily share illustrations, manga, and novels. The site announced on April 22 that starting April 25, users whose account region is set to the US or UK will be subject to Pixiv’s new terms of use, “Restrictions for Healthy Expression in Specific Countries and Regions.”

The restrictions include several kinds of content that are illegal in the US, including sexualized depictions of minors and bestiality, as well as non-consensual depictions and deepfakes. But it also includes “content that appeals to the prurient interest, is patently offensive in light of community standards where you are located or where such content may be accessed or distributed, lacks serious literary, artistic, political, or scientific value, or otherwise violates any applicable obscenity laws, rules or regulations.” This is an invocation of the Miller test, which determines non-constitutionally protected obscenity. “I’d never say this a few years ago, but it’s my personal fear that the next step is most major internet hosting services implementing these policies on an infrastructure level,” said an artist who goes by kradeelav. “My colleagues are certainly planning for it by specifically looking for kink-friendly hosts, to actually making homebrew servers themselves in worst-case scenarios.”

Read more of this story at Slashdot.

Google Delays Third-Party Cookie Demise Yet Again

Google is delaying the end of third-party cookies in Chrome — again. This marks the third time Google pushed back its original deadline set in January 2020, when the company said it would phase out third-party cookies “within two years” to improve internet security. Digiday reports: The announcement was made on Tuesday ahead of quarterly reports from Google and the ever-watchful U.K. Competition and Markets Authority (CMA), keeping tabs on how this whole situation unfolds.

“We recognize that there are ongoing challenges related to reconciling divergent feedback from the industry, regulators and developers, and will continue to engage closely with the entire ecosystem,” according to a statement Google posted on its website for the Privacy Sandbox. “It’s also critical that the CMA has sufficient time to review all evidence including results from industry tests, which the CMA has asked market participants to provide by the end of June. Given both of these significant considerations, we will not complete third-party cookie deprecation during the second half of Q4.”

Google did not outline a more specific timetable beyond hoping for 2025. […] “We remain committed to engaging closely with the CMA and ICO and we hope to conclude that process this year,” Google’s statement read. “Assuming we can reach an agreement, we envision proceeding with third-party cookie deprecation starting early next year.” “We welcome Google’s announcement clarifying the timing of third-party cookie deprecation. This will allow time to assess the results of industry tests and resolve remaining issues,” said a spokesperson from the CMA. “Under the commitments, Google has agreed to resolve our remaining competition concerns before going ahead with third-party cookie deprecation. Working closely with the ICO we expect to conclude this process by the end of 2024.”

At the start of the year, Google started purging third-party cookies for one percent of browser traffic.

Read more of this story at Slashdot.

Change Healthcare Finally Admits It Paid Ransomware Hackers

Andy Greenberg reports via Wired: More than two months after the start of a ransomware debacle whose impact ranks among the worst in the history of cybersecurity, the medical firm Change Healthcare finally confirmed what cybercriminals, security researchers, and Bitcoin’s blockchain had already made all too clear: that it did indeed pay a ransom to the hackers who targeted the company in February. And yet, it still faces the risk of losing vast amounts of customers’ sensitive medical data. In a statement sent to WIRED and other news outlets on Monday evening, Change Healthcare wrote that it paid a ransom to a cybercriminal group extorting the company, a hacker gang known as AlphV or BlackCat. “A ransom was paid as part of the company’s commitment to do all it could to protect patient data from disclosure,” the statement reads. The company’s belated admission of that payment accompanied a new post on its website where it warns that the hackers may have stolen health-related data that would “cover a substantial proportion of people in America.”

Cybersecurity and cryptocurrency researchers told WIRED last month that Change Healthcare appeared to have paid that ransom on March 1, pointing to a transaction of 350 bitcoins or roughly $22 million sent into a crypto wallet associated with the AlphV hackers. That transaction was first highlighted in a message on a Russian cybercriminal forum known as RAMP, where one of AlphV’s allegedly jilted partners complained that they hadn’t received their cut of Change Healthcare’s payment. However, for weeks following that transaction, which was publicly visible on Bitcoin’s blockchain and which both security firm Recorded Future and blockchain analysis firm TRM Labs told WIRED had been received by AlphV, Change Healthcare repeatedly declined to confirm that it had paid the ransom.

Change Healthcare’s confirmation of that extortion payment puts new weight behind the cybersecurity industry’s fears that the attack — and the profit AlphV extracted from it — will lead ransomware gangs to further target health care companies. “It 100 percent encourages other actors to target health care organizations,” Jon DiMaggio, a researcher with cybersecurity firm Analyst1 who focuses on ransomware, told WIRED at the time the transaction was first spotted in March. “And it’s one of the industries we don’t want ransomware actors to target — especially when it affects hospitals.” Compounding the situation, a conflict between hackers in the ransomware ecosystem has led to a second ransomware group claiming to possess Change Healthcare’s stolen data and threatening to sell it to the highest bidder on the dark web. Earlier this month that second group, known as RansomHub, sent WIRED alleged samples of the stolen data that appeared to come from Change Healthcare’s network, including patient records and a contract with another health care company.

Read more of this story at Slashdot.