Thailand cut power supply, fuel and internet to some border areas with Myanmar on Wednesday. It's an attempt to choke scam syndicates operating out of there that have become a growing security concern. Reuters: Scam compounds in Southeast Asia are suspected to have entrapped hundreds of thousands of people in illegal online and telecom operations, generating billions of dollars annually, according to a 2023 U.N. report. Thai Interior Minister Anutin Charnvirakul visited the Provincial Electricity Authority headquarters in Bangkok on Wednesday to oversee the effort to fight the crime rings. "They may turn to other sources of power supply or generate their own electricity. In the Thai Security Council orders, it also includes the halt in supplying oil and internet to them, which means that from now on any damage that occurs will have no connection to any resources in Thailand."

Senator Josh Hawley has introduced a bill that would criminalize the import, export, and collaboration on AI technology with China. What this means is that "someone who knowingly downloads a Chinese developed AI model like the now immensely popular DeepSeek could face up to 20 years in jail, a million dollar fine, or both, should such a law pass," reports 404 Media. From the report: Hawley introduced the legislation, titled the Decoupling America's Artificial Intelligence Capabilities from China Act, on Wednesday of last year. "Every dollar and gig of data that flows into Chinese AI are dollars and data that will ultimately be used against the United States," Senator Hawley said in a statement. "America cannot afford to empower our greatest adversary at the expense of our own strength. Ensuring American economic superiority means cutting China off from American ingenuity and halting the subsidization of CCP innovation."

Hawley's statement explicitly says that he introduced the legislation because of the release of DeepSeek, an advanced AI model that's competitive with its American counterparts, and which its developers claimed was made for a fraction of the cost and without access to as many and as advanced of chips, though these claims are unverified. Hawley's statement called DeepSeek "a data-harvesting, low-cost AI model that sparked international concern and sent American technology stocks plummeting." Hawley's statement says the goal of the bill is to "prohibit the import from or export to China of artificial intelligence technology, "prohibit American companies from conducting AI research in China or in cooperation with Chinese companies," and "Prohibit U.S. companies from investing money in Chinese AI development."

"A jury may never see the gun that authorities say was used to kill Blake Story last year," reports Cleveland.com.

"That's because Cleveland police used a facial recognition program — one that explicitly says its results are not admissible in court — to obtain a search warrant, according to court documents." The search turned up what police say is the murder weapon in the suspect's home. But a Cuyahoga County judge tossed that evidence after siding with defense attorneys who argued that the search warrant affidavit was misleading and relied on inadmissible evidence. If an appeals court upholds the judge's ruling to suppress the evidence, prosecutors acknowledge their case is likely lost...

The company that produced the facial recognition report, Clearview AI, has been used in hundreds of law enforcement investigations throughout Ohio and has faced lawsuits over privacy violations.

Not only does Cleveland lack a policy governing the use of artificial intelligence, Ohio lawmakers also have failed to set standards for how police use the tool to investigate crimes. "It's the wild, wild west in Ohio," said Gary Daniels, a lobbyist for the American Civil Liberties Union. The lack of state regulation of how law enforcement uses advanced technologies — no laws similarly govern the use of drones or license plate readers — means it is essentially up to agencies how they use the tools.
The affidavit for the search warrant was signed by a 28-year police force veteran, according to the article — but it didn't disclose the use of Clearview's technology.

Clearview's report acknowledged their results were not admissible in court — but then provided the suspect's name, arrest record, Social Security number, according to the article, and "noted he was the most likely match for the person in the convenience store."

Thanks to tlhIngan (Slashdot reader #30,335) for sharing the news.

Earlier this month, a civilian drone collided with a Canadian CL-415 firefighting plane combating the Palisades Fire, causing damage that grounded the aircraft and temporarily halted all aerial firefighting operations. Federal and state officials have since identified the operator of that drone as Peter Tripp Akemann of Culver City, who has agreed to plead guilty to a misdemeanor, pay a fine and complete community service. Prosecutors said he could still face up to a year in federal prison. The Los Angeles Times reports: The drone, which authorities say was flying in restricted airspace on Jan. 9, put a fist-sized hole in the left wing of a Super Scooper -- a massive fixed-wing plane that can drop large amounts of water onto a fire. The collision knocked the plane out of commission for about five days and destroyed the drone.

"Like a lot of individuals, he was curious about what was happening in that area," acting U.S. Atty. Joseph T. McNally said on Friday. "The problem with that... is with the amount of firefighting planes you have in that area dropping so they can get water in the Pacific Ocean it interferes with those operations. It's not the time to fly drones anytime that we have these emergencies in Southern California."

As part of the plea agreement, Akemann agreed to pay full restitution to the government of Quebec, Canada, which supplied the plane, and the company that repaired the plane. It cost at least $65,169 to fix the aircraft, prosecutors said. Akemann also agreed to complete 150 hours of community service in support of wildfire relief efforts.

Slashdot readers jkister and databasecowgirl share the news of President Donald Trump issuing a pardon to Silk Road creator Ross Ulbricht. An anonymous reader shares a report from the BBC: US President Donald Trump says he has signed a full and unconditional pardon for Ross Ulbricht, who operated Silk Road, the dark web marketplace where illegal drugs were sold. Ulbricht was convicted in 2015 in New York in a narcotics and money laundering conspiracy and sentenced to life in prison. Trump posted on his Truth Social platform that he had called Ulbricht's mother to inform her that he had granted a pardon to her son. Silk Road, which was shut down in 2013 after police arrested Ulbricht, sold illegal drugs using Bitcoin, as well as hacking equipment and stolen passports.

"The scum that worked to convict him were some of the same lunatics who were involved in the modern day weaponization of government against me," Trump said in his post online on Tuesday evening. "He was given two life sentences, plus 40 years. Ridiculous!" Ulbricht was found guilty of charges including conspiracy to commit drug trafficking, money laundering and computer hacking. During his trial, prosecutors said Ulbricht's website, hosted on the hidden "dark web", sold more than $200 million worth of drugs anonymously.

An anonymous reader quotes a report from TorrentFreak: Meta is among a long list of companies being sued for allegedly using pirated material to train its AI models. Meta has never denied using copyrighted works but stressed that it would rely on a fair use defense. However, with rightsholders in one case asking for torrent client data and 'seeding lists' for millions of books allegedly shared in public, the case now takes a geeky turn. [...] A few weeks ago, the plaintiffs asked for permission to submit a third amended complaint (PDF). After uncovering Meta's use of BitTorrent to source copyright-infringing training data from pirate shadow library, LibGen, the request was justified, they argued. Specifically, the authors say that Meta willingly used BitTorrent to download pirated books from LibGen, knowing that was legally problematic. As a result, Meta allegedly shared copies of these books with other people, as is common with the use of BitTorrent.

"By downloading through the bit torrent protocol, Meta knew it was facilitating further copyright infringement by acting as a distribution point for other users of pirated books," the amended complaint notes. "Put another way, by opting to use a bit torrent system to download LibGen's voluminous collection of pirated books, Meta 'seeded' pirated books to other users worldwide." Meta believed that the allegations weren't sufficiently new to warrant an update to the complaint. The company argued that it was already a well-known fact that it used books from these third-party sources, including LibGen. However, the authors maintained that the 'torrent' angle is novel and important enough to warrant an update. Last week, United States District Judge Vince Chhabria agreed, allowing the introduction of these new allegations. In addition to greenlighting the amended complaint, the Judge also allowed the authors to conduct further testimony on the "seeding" angle. "[E]vidence about seeding is relevant to the existing claim because it is potentially relevant to the plaintiffs' assertion of willful infringement or to Meta's fair use defense," Judge Chhabria wrote last week.

With the court recognizing the relevance of Meta's torrenting activity, the plaintiffs requested reconsideration of an earlier order, where discovery on BitTorrent-related matters was denied. Through a filing submitted last Wednesday, the plaintiffs hope to compel Meta to produce its BitTorrent logs and settings, including peer lists and seeding data. "The Order denied Plaintiffs' motion to compel production of torrenting data, including Meta's BitTorrent client, application logs, and peer lists. This data will evidence how much content Meta torrented from shadow libraries and how much it seeded to third parties as a host of this stolen IP," they write. While archiving lists of seeders is not a typical feature for a torrent client, the authors are requesting Meta to disclose any relevant data. In addition, they also want the court to reconsider its ruling regarding the crime-fraud exception. That's important, they suggest, as Meta's legal counsel was allegedly involved in matters related to torrenting. "Meta, with the involvement of in-house counsel, decided to obtain copyrighted works without permission from online databases of copyrighted works that 'we know to be pirated, such as LibGen," they write. The authors allege that this involved "seeding" files and that Meta attempted to "conceal its actions" by limiting the amount of data shared with the public. One Meta employee also asked for guidance, as "torrenting from a corporate laptop doesn't feel right."

Technology giants must do more to co-operate with law enforcement on encryption or they risk threatening European democracy, according to the head of Europol, as the agency gears up to renew pressure on companies at the World Economic Forum in Davos this week. From a report: Catherine De Bolle told the Financial Times she will meet Big Tech groups in the Swiss mountain resort to discuss the matter, claiming that companies had a "social responsibility" to give the police access to encrypted messages that are used by criminals to remain anonymous. "Anonymity is not a fundamental right," said the EU law enforcement agency's executive director.

"When we have a search warrant and we are in front of a house and the door is locked, and you know that the criminal is inside of the house, the population will not accept that you cannot enter." In a digital environment, the police needed to be able to decode these messages to fight crime, she added. "You will not be able to enforce democracy [without it]."

The Los Angeles Times calls it "a guns-blazingly funny documentary about two out-of-work British actors who spent a chunk of their COVID-19 lockdown staging Shakespeare's masterpiece on the mean streets of Grand Theft Auto V."

Grand Theft Hamlet won SXSW's Jury Award for best documentary, and has now opened in U.S. theatres this weekend (and begun streaming on Mubi), after opening in the U.K. and Ireland. But nearly the entire film is set in Grand Theft Auto's crime-infested version of Los Angeles, the Times reports, "where even the good guys have weapons and a nihilistic streak — the vengeful Prince of Denmark fits right in." Yet when Sam Crane, a.k.a. @Hamlet_thedane, launches into one of the Bard's monologues, he's often murdered by a fellow player within minutes. Everyone's a critic.

Crane co-directed the movie with his wife, Pinny Grylls, a first-time gamer who functions as the film's camera of sorts. What her character sees, where she chooses to stand and look, makes up much of the film, although the editing team does phenomenal work splicing in other characters' points of view. (We're never outside of the game until the last 30 seconds; only then do we see anyone's real face....) The Bard's story is only half the point. Really, this is a classic let's-put-on-a-pixilated-show tale about the need to create beauty in the world — even this violent world — especially when stage productions in England have shuttered, forcing Crane, a husband and father, and Mark Oosterveen, single and lonely, to kill time speeding around the digital desert...

To our surprise (and theirs), the play's tussles with depression and anguish and inertia become increasingly resonant as the production and the pandemic limps toward their conclusions. When Crane and Oosterveen's "Grand Theft Auto" avatars hop into a van with an anonymous gamer and ask this online stranger for his thoughts on Hamlet's suicidal soliloquy, the man, a real-life delivery driver stuck at home with a broken leg, admits, "I don't think I'm in the right place to be replying to this right now...."
In 2014 Hamlet was also staged in Guild Wars 2, the article points out. "This is, however, the first attempt I'm aware of that attempts to do the whole thing live in one go, no matter if one of the virtual actors falls to their doom from a blimp.

"As Grylls says, 'You can't stop production just because somebody dies.'"

A county transit police detective fed a poor-quality image to an AI-powered facial recognition program, remembers the Washington Post, leading to the arrest of "Christopher Gatlin, a 29-year-old father of four who had no apparent ties to the crime scene nor a history of violent offenses." He was unable to post the $75,000 cash bond required, and "jailed for a crime he says he didn't commit, it would take Gatlin more than two years to clear his name." A Washington Post investigation into police use of facial recognition software found that law enforcement agencies across the nation are using the artificial intelligence tools in a way they were never intended to be used: as a shortcut to finding and arresting suspects without other evidence... The Post reviewed documents from 23 police departments where detailed records about facial recognition use are available and found that 15 departments spanning 12 states arrested suspects identified through AI matches without any independent evidence connecting them to the crime — in most cases contradicting their own internal policies requiring officers to corroborate all leads found through AI. Some law enforcement officers using the technology appeared to abandon traditional policing standards and treat software suggestions as facts, The Post found. One police report referred to an uncorroborated AI result as a "100% match." Another said police used the software to "immediately and unquestionably" identify a suspected thief.

Gatlin is one of at least eight people wrongfully arrested in the United States after being identified through facial recognition... All of the cases were eventually dismissed. Police probably could have eliminated most of the people as suspects before their arrest through basic police work, such as checking alibis, comparing tattoos, or, in one case, following DNA and fingerprint evidence left at the scene.
Some statistics from the article about the eight wrongfully-arrested people:

• In six cases police failed to check alibis

• In two cases police ignored evidence that contradicted their theory

• In five cases police failed to collect key pieces of evidence

• In three cases police ignored suspects' physical characteristics

• In six cases police relied on problematic witness statements

The article provides two examples of police departments forced to pay $300,000 settlements after wrongful arrests caused by AI mismatches. But "In interviews with The Post, all eight people known to have been wrongly arrested said the experience had left permanent scars: lost jobs, damaged relationships, missed payments on car and home loans. Some said they had to send their children to counseling to work through the trauma of watching their mother or father get arrested on the front lawn.

"Most said they also developed a fear of police."

A pastor in Pasco, Washington, has been indicted on 26 counts of fraud for orchestrating a cryptocurrency scam that defrauded over 1,500 investors of nearly $5.9 million between 2021 and 2023. Many of the investors were members of his congregation. BleepingComputer reports: The US Department of Justice says the pastor, Francier Obando Pinillo, 51, used his position to recruit investors into a fraudulent cryptocurrency venture called "Solano Fi," which he told them "came to him in a dream" and was a guaranteed investment. "Pinillo used his position as pastor to induce members of his congregation and others to invest their money in a cryptocurrency investment business known as Solano Fi," reads the US Department of Justice announcement. "Pinillo claimed the idea for Solano Fi had come to him in a dream and that it was a safe and guaranteed investment."

The pastor also set up a Facebook page for Solano Fi to attract more investors outside his direct sphere of influence, as well as a Telegram group named 'Multimillionarios SolanoFi,' which had 1,500 members. The indictment alleged that Pinillo promised investors they would receive guaranteed monthly investment returns of 34.9% at no risk whatsoever. The indictment further claims he directed the victims to make cryptocurrency transfers to wallets under his control, and instead of investing the funds, he diverted them for personal use. Investors were provided access to a Solano Fi web app where they could manage their funds; however, the app showed fake balances and investment returns. Those convinced by the fraud were encouraged to recruit more investors for additional returns, expanding the victims' circle. As in similar scams, when the victims attempted to withdraw money from the Solano Fi app, the transaction failed.

As an ecological disaster devastated two coastal California cities, more than 7,500 firefighters pushed back against the wildfires. 900 of them are inmates, reports NPR. That's about 12%: California is one of more than a dozen states that operates conservation camps, commonly known as fire camps, for incarcerated people to train to fight fires and respond to other disasters... There are now 35 such camps in California, all of which are minimum-security facilities... When they are not fighting fires, they also respond to floods and other disasters and emergencies. Otherwise, the crews do community service work in areas close to their camp, according to the state corrections department...

A 2018 Time investigation found that incarcerated firefighters are at a higher risk for serious injuries. They also are more than four times as likely to get cuts, bruises or broken bones compared to professional firefighters working the same fires, the report found. They were also more than eight times as likely to face injuries after inhaling smoke, ash and other debris compared with other firefighters, the report said.
"Two of the camps are for incarcerated women," reports the BBC. One of them — since released — remembers that "It felt like you were doing something that mattered instead of rotting away in a cell," according to the nonprofit new site CalMatters. They can also earn credits that help reduce their prison sentences, the BBC learned from the California Department of Corrections and Rehabilitation.

Friday one local California news report shared the perspective of formerly incarcerated Californian, Matthew Hahn (from a 2021 Washington Post column). "Yes, the decision to take part is largely made under duress, given the alternative. Yes, incarcerated firefighters are paid pennies for an invaluable task. And yes, it is difficult though not impossible for participants to become firefighters after leaving prison," Hahn said. "Despite this, fire camps remain the most humane places to do time in the California prison system."
From that 2021 Washington Post column: California prisons have, on average, three times the murder rate of the country overall and twice the rate of all American prisons. These figures don't take into account the sheer number of physical assaults that occur behind prison walls. Prison feels like a dangerous place because it is. Whether it's individual assaults or large-scale riots, the potential for violence is ever-present. Fire camp represents a reprieve from that risk. Sure, people can die in fire camp as well — at least three convict-firefighters have died working to contain fires in California since 2017 — but the threat doesn't weigh on the mind like the prospect of being murdered by a fellow prisoner. I will never forget the relief I felt the day I set foot in a fire camp in Los Angeles County, like an enormous burden had been lifted...

[When his 12-man crew was called to fight the Jesusita Fire], the fire had ignited one home's deck and was slowly burning its way to the structure. We cut the deck off the house, saving the home. I often fantasize about the owners returning to see it still standing, unaware and probably unconcerned that an incarcerated fire crew had saved it. There was satisfaction in knowing that our work was as valuable as that of any other firefighter working the blaze and that the gratitude expressed toward first responders included us.

There are other reasons for prisoners to choose fire camp if given the opportunity. They are often located in secluded natural settings, giving inmates the chance to live in an environment that doesn't remotely resemble a prison. There are no walls, and sometimes there aren't even fences. Gun towers are conspicuously absent, and the guards aren't even armed.... [C]onsider the guy pushing a broom in his cell block making the equivalent of one Top Ramen noodle packet per day, just so he can have the privilege of making a collect call to his mother. Or think of the man scrubbing the streaks out of the guards' toilets, making seven cents an hour, half of which goes to pay court fees and restitution, just so he can have those couple of hours outside his cage for the day...

So, while we may have faced the heat of a wildfire for a few bucks a day, and we may have saved a few homes and been happy doing so, understand that we were rational actors. We wanted to be there, where some of our dignity was returned to us.

Former MoviePass CEO Theodore Farnsworth has pleaded guilty to securities fraud and conspiracy charges for misleading investors about the movie subscription service's "unlimited plan" and its parent company's capabilities, U.S. prosecutors said.

Farnsworth falsely claimed the $9.95 monthly unlimited movie plan was sustainable and that Helios & Matheson Analytics could monetize subscriber data through artificial intelligence, knowing both statements were untrue. He faces up to 20 years in prison for MoviePass-related fraud and five years for a separate conspiracy charge involving Vinco Ventures.

According to police, the man killed in the January 1st Las Vegas Cybertruck blast used ChatGPT to plan the explosion. The Hill reports: In a press conference, Tuesday, Las Vegas police released more details of the intentions of 37-year-old Matthew Livelsberger, who died of a gunshot wound prior to the car exploding. Las Vegas Sheriff Kevin McMahill said it was concerning that Livelsberger used ChatGPT, a popular artificial intelligence model created by OpenAI, to carry out the explosion. According to police, Livelsberger asked ChatGPT various questions, including where the largest gun stores in Denver were, information about the explosive targets Tannerite and pistols. "We knew that AI was going to change the game at some point or another in really all of our lives and certainly, I think this is the first incidence that I'm aware of on U.S. soil where ChatGPT is utilized to help an individual build a particular device, to learn information all across the country as they're moving forward," McMahill said.

"And so, absolutely, it's a concerning moment for us," he continued.

Bruce66423 writes: A few hours before the ball dropped on New Year's Eve, the computer dispatch system for the Los Angeles County Sheriff's Department crashed, rendering all patrol car computers nearly useless and forcing deputies to handle all calls by radio, according to officials and sources in the department. Department leaders first learned of the problem around 8 p.m., when deputies at several sheriff's stations began having trouble logging onto their patrol car computers, officials told The Times in a statement.

The department said it eventually determined its computer-aided dispatch program -- known as CAD -- was "not allowing personnel to log on with the new year, making the CAD inoperable." It's not clear how long it will take to fix the problem, but in the meantime deputies and dispatchers are handling everything old-school -- using their radios instead of patrol car computers.

"It's our own little Y2K," a deputy who was working Wednesday morning told The Times. The deputy, along with three other department sources who spoke to The Times about the problem, asked not to be named because they were not authorized to speak on the record and feared retaliation.

An anonymous reader quotes a report from KrebsOnSecurity: Federal authorities have arrested and indicted a 20-year-old U.S. Army soldier on suspicion of being Kiberphant0m, a cybercriminal who has been selling and leaking sensitive customer call records stolen earlier this year from AT&T and Verizon. As first reported by KrebsOnSecurity last month, the accused is a communications specialist who was recently stationed in South Korea. Cameron John Wagenius was arrested near the Army base in Fort Hood, Texas on Dec. 20, after being indicted on two criminal counts of unlawful transfer of confidential phone records. The sparse, two-page indictment (PDF) doesn't reference specific victims or hacking activity, nor does it include any personal details about the accused. But a conversation with Wagenius' mother -- Minnesota native Alicia Roen -- filled in the gaps.

Roen said that prior to her son's arrest he'd acknowledged being associated with Connor Riley Moucka, a.k.a. "Judische," a prolific cybercriminal from Canada who was arrested in late October for stealing data from and extorting dozens of companies that stored data at the cloud service Snowflake. In an interview with KrebsOnSecurity, Judische said he had no interest in selling the data he'd stolen from Snowflake customers and telecom providers, and that he preferred to outsource that to Kiberphant0m and others. Meanwhile, Kiberphant0m claimed in posts on Telegram that he was responsible for hacking into at least 15 telecommunications firms, including AT&T and Verizon. On November 26, KrebsOnSecurity published a story that followed a trail of clues left behind by Kiberphantom indicating he was a U.S. Army soldier stationed in South Korea.

[...] Immediately after news broke of Moucka's arrest, Kiberphant0m posted on the hacker community BreachForums what they claimed were the AT&T call logs for President-elect Donald J. Trump and for Vice President Kamala Harris. [...] On that same day, Kiberphant0m posted what they claimed was the "data schema" from the U.S. National Security Agency. On Nov. 5, Kiberphant0m offered call logs stolen from Verizon's push-to-talk (PTT) customers -- mainly U.S. government agencies and emergency first responders. On Nov. 9, Kiberphant0m posted a sales thread on BreachForums offering a "SIM-swapping" service targeting Verizon PTT customers. In a SIM-swap, fraudsters use credentials that are phished or stolen from mobile phone company employees to divert a target's phone calls and text messages to a device they control.

An anonymous reader quotes a report from the Boston Globe: Every weekday morning at 8:30, Preston Thorpe makes himself a cup of instant coffee and opens his laptop to find the coding tasks awaiting his seven-person team at Unlocked Labs. Like many remote workers, Thorpe, the nonprofit's principal engineer, works out in the middle of the day and often stays at his computer late into the night. But outside Thorpe's window, there's a soaring chain-link fence topped with coiled barbed wire. And at noon and 4 p.m. every day, a prison guard peers into his room to make sure he's where he's supposed to be at the Mountain View Correctional Facility in Charleston, Maine, where he's serving his 12th year for two drug-related convictions in New Hampshire, including intent to distribute synthetic opioids.

Remote work has spread far and wide since the pandemic spurred a work-from-home revolution of sorts, but perhaps no place more unexpectedly than behind prison walls. Thorpe is one of more than 40 people incarcerated in Maine's state prison system who have landed internships and jobs with outside companies over the past two years -- some of whom work full time from their cells and earn more than the correctional officers who guard them. A handful of other states have also started allowing remote work in recent years, but none have gone as far as Maine, according to the Alliance for Higher Education in Prison, the nonprofit leading the effort.

Unlike incarcerated residents with jobs in the kitchen or woodshop who earn just a few hundred dollars a month, remote workers make fair-market wages, allowing them to pay victim restitution fees and legal costs, provide child support, and contribute to Social Security and other retirement funds. Like inmates in work-release programs who have jobs out in the community, 10 percent of remote workers' wages go to the state to offset the cost of room and board. All Maine DOC residents get re-entry support for housing and job searches before they're released, and remote workers leave with even more: up-to-date resumes, a nest egg -- and the hope that they're less likely to need food or housing assistance, or resort to crime to get by.

"More than a decade after the advent of the 3D-printed gun as an icon of libertarianism and a gun control nightmare, police say one of those homemade plastic weapons has now been found in the hands of perhaps the world's most high-profile alleged killer," Wired wrote this month: For the community of DIY gunsmiths who have spent years honing those printable firearm models, in fact, the handgun police claim Luigi Mangione used to fatally shoot UnitedHealthcare CEO Brian Thompson is as recognizable as the now-famous alleged shooter himself — and shows just how practical and lethal those weapons have become. In the 24 hours since police released a photo of what they say is Mangione's gun following the 26-year-old's arrest Monday, the online community devoted to 3D-printed firearms has been quick to identify the suspected murder weapon as a particular model of printable "ghost gun" — a homemade weapon with no serial number, created by assembling a mix of commercial and DIY parts. The gun appears to be a Chairmanwon V1, a tweak of a popular partially 3D-printed Glock-style design known as the FMDA 19.2 — an acronym that stands for the libertarian slogan "Free Men Don't Ask."

The FMDA 19.2, released in 2021, is a relatively old model by 3D-printed-gun standards, says one gunsmith who goes by the first name John and the online handle Mr. Snow Makes... Despite its simple description by law enforcement and others as a "3D-printed pistol," the FMDA 19.2 is only partially 3D printed. That makes it fundamentally different from fully 3D-printed guns like the "Liberator," the original one-shot, 3D-printed pistol Wilson debuted in 2013. Instead, firearms built from designs like the FMDA 19.2 are assembled from a combination of commercially produced parts like barrels, slides, and magazines — sometimes sold in kits — and a homemade frame. Because that frame, often referred to as a "lower receiver" or "lower," is the regulated body of the gun, 3D-printing that piece or otherwise creating it at home allows DIY gunmakers to skirt gun-control laws and build ghost guns with no serial number, obtained with no background check or waiting period.
Chairmanwon "instantly recognized the gun seized from the suspect..." reported USA Today. As a photo circulated online the fake New Jersey driver's license and 3D-printed gun police found on Luigi Mangione, he spotted the tell-tale stippling pattern on the firearm's grip. "It's mine lol," the man, known as "Chairmanwon" quipped on X Dec. 9. Then he quickly deleted the post...

No federal laws ban 3D-printed or privately made firearms. But as police agencies have increasingly recovered untraceable homemade guns at crime scenes, some state legislatures have passed stricter rules... If authorities can prove Mangione downloaded and printed his firearm in Pennsylvania or New York, he could face additional gun charges. Fifteen states now require serial numbers on homemade parts or ban 3D printing them. Some even ban the distribution of 3D printing instructions.

President Biden and the Bureau of Alcohol, Tobacco, Firearms and Explosives added regulations in 2022 that say the ghost gun parts kits themselves qualify as "firearms" that should be regulated by the Gun Control Act. ["Commercial manufacturers of the kits will have to be licensed and must add serial numbers on the kits' frame or receiver," USA Today reported earlier. ] Gunmakers challenged those rules at the Supreme Court. In October, the court heard oral arguments, but justices signaled they were leaning toward upholding the rules.
Rolling Stone tries to assess the results: In recent years, crimes involving ghost guns seem to have abated across much of the United States. Ghost gun recoveries by police in New York City, Los Angeles, Philadelphia, Baltimore, and other major cities dropped by as much as 25 percent between 2022 and 2023, and the most prolific maker of the kits used to build the untraceable weapons closed its doors this year. The likely cause is a federal rule change requiring the kits to be serialized — a stipulation that forces sellers to conduct background checks on their customers.
Monday Luigi Mangione will appear in court for arraignment on state murder charges, reports USA Today: Mangione had been expected to face arraignment on the state charges Thursday, but the proceedings were postponed after federal authorities announced they were also bringing charges, and he was whisked to a federal courthouse instead in a move that appeared to shock Mangione's defense team... Federal authorities unsealed a criminal complaint against Mangione that included four separate charges: murder using a firearm, two counts of interstate stalking and a firearms count. The death penalty was abolished in New York state, but the federal charges could bring a death sentence if Mangione is convicted. The charge of murder using a firearm carries a maximum possible sentence of death or life in prison. The other federal charges have maximum sentences of life in prison, and the firearms charge has a mandatory minimum sentence of 30 years.

The U.S. Department of Justice has charged Russian-Israeli national, Rostislav Panev, for his alleged role as a developer in the LockBit ransomware group, accused of designing malware and maintaining infrastructure for attacks that extorted over $500 million and caused billions in global damages. CyberScoop reports: The arrest is part of a broader campaign by international law enforcement agencies to dismantle LockBit. In February, a coordinated operation led by the U.K.'s National Crime Agency in cooperation with the FBI and the U.S. Justice Department disrupted LockBit's infrastructure, seizing websites and servers critical to its operations. These efforts significantly curtailed the group's ability to launch further attacks and extort victims.

Panev is one of several individuals charged in connection with LockBit. Alongside him, other key figures have been indicted, including Dmitry Khoroshev, alleged to be "LockBitSupp," the group's primary creator and administrator. Khoroshev, still at large, is accused of developing the ransomware and coordinating attacks on an international scale. The State Department has offered a reward of up to $10 million for his capture.

Meanwhile, numerous members linked to LockBit remain fugitives, such as Russian nationals Artur Sungatov and Ivan Kondratyev, each facing charges for deploying ransomware against multiple industries globally. Mikhail Matveev, another alleged LockBit affiliate, is also at large, with a $10 million reward for his capture. Matveev was recently charged with computer crimes in Russia. You can read the full criminal complaint against Panev here (PDF).

The Washington Post details a vision of home security "pitched by Sauron, a Silicon Valley start-up boasting a waiting list of tech CEOs and venture capitalists." In the future, your home will feel as safe from intruders as a state-of-the-art military base. Cameras and sensors surveil the perimeter, scanning bystanders' faces for potential threats. Drones from a "deterrence pod" scare off trespassers by projecting a searchlight over any suspicious movements. A virtual view of the home is rendered in 3D and updated in real time, just like a Tesla's digital display. And private security agents monitor alerts from a central hub.... By incorporating technology developed for autonomous vehicles, robotics and border security, Sauron has built a supercharged burglar alarm [argued Sauron co-founder Kevin Hartz, a tech entrepreneur and former partner at Peter Thiel's venture firm Founders Fund]...

For many tech elites, security is both a national priority and a growing concern in their personal lives... After the presidential election last month, the start-up incubator Y Combinator put out a request for "public safety technology" companies, such as those that produce tools that facilitate a neighborhood watch or technology that uses computer vision to identify "suspicious activities or people in distress from video feeds...." Sauron has raised $18 million in funding from executives behind Flock Safety and Palantir, the data analytics firm, [and] defense tech investors such as 8VC, a venture firm started by Palantir co-founder Joe Lonsdale... Sauron is targeting homeowners at the high end of the real estate market, beginning with a private event at Abraham's home on Thursday, during Art Basel Miami Beach, the annual art exhibition that attracts collectors from around the world. The company plans to launch in San Francisco early next year, before expanding to Los Angeles and Miami...

Big Tech companies haven't deployed tools such as facial recognition as aggressively as Hartz would like. "If somebody comes onto my property, I feel like I should know who that is," Hartz said... In recent years massive investments have driven down the cost of drones, high-resolution cameras and lidar sensors, which use light detection to create 3D maps. Sauron uses lower-cost hardware and tools like facial recognition, combined with custom-built software adapted for residential use. For facial recognition, it will use a third-party service called Paravision... Sauron is still figuring out how to incorporate drones, but it is already imagining more aggressive countermeasures, Hartz said. "Is it a machine that could take out a bad actor with a bullet or something?"

The Solana JavaScript SDK "was temporarily compromised yesterday in a supply chain attack," reports BleepingComputer, "with the library backdoored with malicious code to steal cryptocurrency private keys and drain wallets." Solana offers an SDK called "@solana/web3.js" used by decentralized applications (dApps) to connect and interact with the Solana blockchain. Supply chain security firm Socket reports that Solana's Web3.js library was hijacked to push out two malicious versions to steal private and secret cryptography keys to secure wallets and sign transactions... Solana confirmed the breach, stating that one of their publish-access accounts was compromised, allowing the attackers to publish two malicious versions of the library... Solana is warning developers who suspect they were compromised to immediately upgrade to the latest v1.95.8 release and to rotate any keys, including multisigs, program authorities, and server keypairs...

Once the threat actors gain access to these keys, they can load them into their own wallets and remotely drain all stored cryptocurrency and NFTs... Socket says the attack has been traced to the FnvLGtucz4E1ppJHRTev6Qv4X7g8Pw6WPStHCcbAKbfx Solana address, which currently contains 674.86 Solana and varying amounts of the Irish Pepe , Star Atlas, Jupiter, USD Coin, Santa Hat, Pepe on Fire, Bonk, catwifhat, and Genopets Ki tokens. Solscan shows that the estimated value of the stolen cryptocurrency is $184,000 at the time of this writing.

For anyone whose wallets were compromised in this supply chain attack, you should immediately transfer any remaining funds to a new wallet and discontinue the use of the old one as the private keys are now compromised.
Ars Technica adds that "In social media posts, one person claimed to have lost $20,000 in the hack."

The compromised library "receives more than ~350,000 weekly downloads on npm," Socket posted. (Although Solana's statement says the compromised versions "were caught within hours and have since been unpublished."