An anonymous reader quotes a report from Ars Technica: Silicon Valley's AI talent war just reached a compensation milestone that makes even the most legendary scientific achievements of the past look financially modest. When Meta recently offered AI researcher Matt Deitke $250 million over four years (an average of $62.5 million per year)—with potentially $100 million in the first year alone -- it shattered every historical precedent for scientific and technical compensation we can find on record. [Meta CEO Mark Zuckerberg reportedly also offered an unnamed AI engineer $1 billion in compensation to be paid out over several years.] That includes salaries during the development of major scientific milestones of the 20th century. [...]

To put these salaries in a historical perspective: J. Robert Oppenheimer, who led the Manhattan Project that ended World War II, earned approximately $10,000 per year in 1943. Adjusted for inflation using the US Government's CPI Inflation Calculator, that's about $190,865 in today's dollars -- roughly what a senior software engineer makes today. The 24-year-old Deitke, who recently dropped out of a PhD program, will earn approximately 327 times what Oppenheimer made while developing the atomic bomb. [...] The Apollo program offers another striking comparison. Neil Armstrong, the first human to walk on the moon, earned about $27,000 annually -- roughly $244,639 in today's money. His crewmates Buzz Aldrin and Michael Collins made even less, earning the equivalent of $168,737 and $155,373, respectively, in today's dollars. Current NASA astronauts earn between $104,898 and $161,141 per year. Meta's AI researcher will make more in three days than Armstrong made in a year for taking "one giant leap for mankind." The report notes that the sums being offered to some of these AI researchers top even the most popular sports athletes. "The New York Times noted that Steph Curry's most recent four-year contract with the Golden State Warriors was $35 million less than Deitke's Meta deal (although soccer superstar Cristiano Ronaldo will make $275 million this year as the highest-paid professional athlete in the world)," reports Ars.

An anonymous reader quotes a report from TorrentFreak: Efforts to introduce pirate site blocking to the United States continue with the introduction of the "Block BEARD" bill (PDF) in the Senate. The bipartisan proposal, backed by Senators Tillis, Coons, Blackburn, and Schiff, aims to create a new legal mechanism to combat foreign piracy websites. Block BEARD is similar to the previously introduced House bill "FADPA", but doesn't directly mention DNS resolvers. [...] The site-blocking proposal seeks to amend U.S. copyright law, enabling rightsholders to request federal courts to designate online locations as a "foreign digital piracy site". If that succeeds, courts can subsequently order U.S. service providers to block access to these sites.

Pirate site designation would be dependent on rightsholders showing that they are harmed by a site's activities, that reasonable efforts had been made to notify the site's operator, and that a reasonable investigation confirms the operator is not located within the United States. Additionally, rightsholders must show that the site is primarily designed for piracy, has limited commercial purpose, or is intentionally marketed by its operator to promote copyright-infringing activities. If the court classifies a website as a foreign pirate site, rightsholders can go back to court to request a blocking order. At this stage, the court will determine whether it is technically and practically feasible for ISPs to block the site, and consider any potential harm to the public interest. The granted orders would stay in place for a year with the option to extend if necessary. If blocked sites switch to new locations, the court can also amend blocking orders to include new IP addresses and domain names.

The Block BEARD bill broadly applies to service providers as defined in section 512(k)(1)(A) of the DMCA. This is a broad definition that applies to residential ISPs, but also to search engines, social media platforms, and DNS resolvers. Service providers with fewer than 50,000 subscribers are explicitly excluded, and the same applies to venues such as coffee shops, libraries, and universities that offer internet access to visitors. Unlike the FADPA bill introduced by Representative Lofgren earlier this year, the Senate bill does not specifically mention DNS resolvers. Block BEARD does not mention VPNs, but its broad definition of "service provider" could be interpreted to include them. The proposal states that providers have the option to contest their inclusion in a blocking order. Once an order is issued, they would have the freedom to choose their own blocking techniques. There are no transparency requirements mentioned in the bill, so if and how the public is informed is unclear.

Apple began selling iPad repair parts to the public in late May following new right-to-repair legislation, but independent repair professionals say the pricing makes most repairs economically unviable. A charge port for an iPad Pro 11 costs $250 from Apple compared to less than $20 for aftermarket parts, Brian Clark of iGuys Tech Shop told 404 Media.

An iPad A16 digitizer costs $200 from Apple versus $50 from third-party suppliers, while the entire iPad A16 retails for $349. The iPad Pro 13 screen assembly costs $749. Jonathan Strange of XiRepair analyzed the parts catalog and found more than one-third of components cost too much for repair shops to use profitably, 404 Media reported Thursday. Strange calculates repair viability by adding $85 labor costs and 10% profit margin to parts prices, then comparing the total to half the device's retail cost.

An anonymous reader quotes a report from Reuters: Australia said on Wednesday it will add YouTube to sites covered by its world-first ban on social media for teenagers, reversing an earlier decision to exempt the Alphabet-owned video-sharing site and potentially setting up a legal challenge. The decision came after the internet regulator urged the government last month to overturn the YouTube carve-out, citing a survey that found 37% of minors reported harmful content on the site, the worst showing for a social media platform.

"I'm calling time on it," Prime Minister Anthony Albanese said in a statement highlighting that Australian children were being negatively affected by online platforms, and reminding social media of their social responsibility. "I want Australian parents to know that we have their backs." The decision broadens the ban set to take effect in December. YouTube says it is used by nearly three-quarters of Australians aged 13 to 15, and should not be classified as social media because its main activity is hosting videos. "Our position remains clear: YouTube is a video sharing platform with a library of free, high-quality content, increasingly viewed on TV screens. It's not social media," a YouTube spokesperson said by email.

Brian Krebs writes via KrebsOnSecurity: Fraudsters are flooding Discord and other social media platforms with ads for hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited by players. Here's a closer look at the social engineering tactics and remarkable traits of this sprawling network of more than 1,200 scam sites. The scam begins with deceptive ads posted on social media that claim the wagering sites are working in partnership with popular social media personalities, such as Mr. Beast, who recently launched a gaming business called Beast Games. The ads invariably state that by using a supplied "promo code," interested players can claim a $2,500 credit on the advertised gaming website.

The gaming sites all require users to create a free account to claim their $2,500 credit, which they can use to play any number of extremely polished video games that ask users to bet on each action. At the scam website gamblerbeast[.]com, for example, visitors can pick from dozens of games like B-Ball Blitz, in which you play a basketball pro who is taking shots from the free throw line against a single opponent, and you bet on your ability to sink each shot. The financial part of this scam begins when users try to cash out any "winnings." At that point, the gaming site will reject the request and prompt the user to make a "verification deposit" of cryptocurrency -- typically around $100 -- before any money can be distributed. Those who deposit cryptocurrency funds are soon asked for additional payments. However, any "winnings" displayed by these gaming sites are a complete fantasy, and players who deposit cryptocurrency funds will never see that money again. Compounding the problem, victims likely will soon be peppered with come-ons from "recovery experts" who peddle dubious claims on social media networks about being able to retrieve funds lost to such scams. [...]

[T]hreat hunting platform Silent Push reveals at least 1,270 recently-registered and active domains whose names all invoke some type of gaming or wagering theme. Here is a list of all domains that Silent Push found were using the scambling network's chat API.

A software developer who built his own home server in response to Amazon's removal of Kindle book downloads now argues that self-hosting "is NOT the future we should be fighting for." Drew Lyton constructed a home server running open-source alternatives to Google Drive, Google Photos, Audible, Kindle, and Netflix after Amazon announced that "Kindle users would no longer be able to download and back up their book libraries to their computers."

The change prompted Amazon to update Kindle store language to say "users are purchasing licenses -- not books." Lyton's setup involved a Lenovo P520 with 128GB RAM, multiple hard drives, and Docker containers running applications like Immich for photo storage and Jellyfin for media streaming. The technical complexity required "138 words to describe but took me the better part of two weeks to actually do."

The implementation was successful but Lyton concluded that self-hosting "assumes isolated, independent systems are virtuous. But in reality, this simply makes them hugely inconvenient." He proposes "publicly funded, accessible, at cost cloud-services" as an alternative, suggesting libraries could provide "100GB of encrypted file storage, photo-sharing and document collaboration tools, and media streaming services -- all for free."

Smartphone maker Nothing's $799 Phone 3 has been "mired in controversy among the same customers who rallied behind the company's past products" since its July launch, Bloomberg reported on Wednesday. Tech enthusiasts have "lambasted the company for the phone's peculiar industrial design and what they perceive to be an unreasonable price."

The Android device lacks the most performant Qualcomm processor chip found in premium Android phones and the camera performance "falls short of other handsets in this price bracket," the publication wrote in a scathing review. The phone costs $200 more than its predecessor and matches pricing with Apple's iPhone 16, Samsung's Galaxy S25, and Google's Pixel 9.

Critics across Reddit and social media have attacked Nothing for removing the signature Glyph Lights from previous models. Comments on Nothing's YouTube channel have been "bruising," focusing on the phone's oddly positioned camera array. "At its current price, the handset is too expensive for what it offers," the review concludes.

Journalist Jack Poulson accidentally discovered that Google had completely removed two of his articles from search results after someone exploited a vulnerability in the company's Refresh Outdated Content tool.

The security flaw allowed malicious actors to de-list specific web pages by submitting URLs with altered capitalization to Google's recrawling system. When Google attempted to index these modified URLs, the system received 404 errors and subsequently removed all variations of the page from search results, including the original legitimate articles.

The affected stories concerned tech CEO Delwin Maurice Blackman's 2021 arrest on felony domestic violence charges. In a statement to 404 Media, Google confirmed the vulnerability and said it had deployed a fix for the issue.

An anonymous reader quotes a report from Polygon: In the wake of storefronts like Steam and itch.io curbing the sale of adult games, irate fans have started an organized campaign against the payment processors that they believe are responsible for the crackdown. While the movement is still in its early stages, people are mobilizing with an eye toward overwhelming communication lines at companies like Visa and Mastercard in a way that will make the concern impossible to ignore. On social media sites like Reddit and Bluesky, people are urging one another to get into contact with Visa and Mastercard through emails and phone calls. Visa and Mastercard have become the targets of interest because the affected storefronts both say that their decisions around adult games were motivated by the danger of losing the ability to use major payment processors while selling games. These payment processors have their own rules regarding usage, but they are vaguely defined. But losing infrastructure like this could impact audiences well beyond those who care about sex games, spokespeople for Valve and itch.io said.

In a now-deleted post on the Steam subreddit with over 17,000 upvotes, commenters say that customer service representatives for both payment processors seem to already be aware of the problem. Sometimes, the representatives will say that they've gotten multiple calls on the subject of adult game censorship, but that they can't really do anything about it. The folks applying pressure know that someone at a call center has limited power in a scenario like this one; typically, agents are equipped to handle standard customer issues like payment fraud or credit card loss. But the point isn't to enact change through a specific phone call: It's to cause enough disruption that the ruckus theoretically starts costing payment processors money.

"Emails can be ignored, but a very very long queue making it near impossible for other clients to get in will help a lot as well," reads the top comment on the Reddit thread. In that same thread, people say that they're hanging onto the call even if the operator says that they'll experience multi-hour wait times presumably caused by similar calls gunking up the lines. Beyond the stubbornness factor, the tactic is motivated by the knowledge that most customer service systems will put people who opt for call-backs in a lower priority queue, as anyone who opts in likely doesn't have an emergency going on. "Do both," one commenter suggests. "Get the call back, to gum up the call back queue. Then call in again and wait to gum up the live queue." People are also using email to voice their concerns directly to the executives at both Visa and Mastercard, payment processors that activist group Collective Shout called out by name in their open letter requesting that adult games get pulled. Emails are also getting sent to customer service.

A second, far more recent data breach at women's dating safety app Tea has exposed over a million sensitive user messages -- including discussions about abortions, infidelity, and shared contact info. This vulnerability not only compromised private conversations but also made it easy to unmask anonymous users. 404 Media reports: Despite Tea's initial statement that "the incident involved a legacy data storage system containing information from over two years ago," the second issue impacting a separate database is much more recent, affecting messages up until last week, according to the researcher's findings that 404 Media verified. The researcher said they also found the ability to send a push notification to all of Tea's users.

It's hard to overstate how sensitive this data is and how it could put Tea's users at risk if it fell into the wrong hands. When signing up, Tea encourages users to choose an anonymous screenname, but it was trivial for 404 Media to find the real world identities of some users given the nature of their messages, which Tea has led them to believe were private. Users could be easily found via their social media handles, phone numbers, and real names that they shared in these chats. These conversations also frequently make damning accusations against people who are also named in the private messages and in some cases are easy to identify. It is unclear who else may have discovered the security issue and downloaded any data from the more recent database. Members of 4chan found the first exposed database last week and made tens of thousands of images of Tea users available for download. Tea told 404 Media it has contacted law enforcement. [...]

This new data exposure is due to any Tea user being able to use their own API key to access a more recent database of user data, Rahjerdi said. The researcher says that this issue existed until late last week. That exposure included a mass of Tea users' private messages. In some cases, the women exchange phone numbers so they can continue the conversation off platform. The first breach was due to an exposed instance of app development platform Firebase, and impacted tens of thousands of selfie and driver license images. At the time, Tea said in a statement "there is no evidence to suggest that current or additional user data was affected." The second database includes a data field called "sent_at," with many of those messages being marked as recent as last week.

New submitter Pravetz-82 shares a report from Politico: A cyberattack on Russian state-owned flagship carrier Aeroflot caused a mass outage to the company's computer systems on Monday, Russia's prosecutor's office said, forcing the airline to cancel more than 100 flights and delay others. Ukrainian hacker group Silent Crow and Belarusian hacker activist group the Belarus Cyber-Partisans, which opposes the rule of Belarusian President Alexander Lukashenko, claimed responsibility for the cyberattack. Images shared on social media showed hundreds of delayed passengers crowding Moscow's Sheremetyevo airport, where Aeroflot is based. The outage also disrupted flights operated by Aeroflot's subsidiaries, Rossiya and Pobeda. While most of the flights affected were domestic, the disruption also led to cancellations for some international flights to Belarus, Armenia and Uzbekistan.

Silent Crow claimed it had accessed Aeroflot's corporate network for a year, copying customer and internal data, including audio recordings of phone calls, data from the company's own surveillance on employees and other intercepted communications. "All of these resources are now inaccessible or destroyed and restoring them will possibly require tens of millions of dollars. The damage is strategic," the channel purporting to be the Silent Crow group wrote on Telegram. There was no way to independently verify its claims. The same channel also shared screenshots that appeared to show Aeroflot's internal IT systems, and insinuated that Silent Crow could begin sharing the data it had seized in the coming days. "The personal data of all Russians who have ever flown with Aeroflot have now also gone on a trip -- albeit without luggage and to the same destination," it said. The Belarus Cyber-Partisans told The Associated Press that they had hoped to "deliver a crushing blow." Russia's Prosecutor's Office said it had opened a criminal investigation. Meanwhile, Kremlin spokesperson Dmitry Peskov called reports of the cyberattack "quite alarming," adding that "the hacker threat is a threat that remains for all large companies providing services to the general public."

An anonymous reader quotes a report from CNBC: Samsung Electronics has entered into a $16.5 billion contract for supplying semiconductors to Tesla, based on a regulatory filing by the South Korean firm and Tesla CEO Elon Musk's posts on X. The memory chipmaker, which had not named the counterparty, mentioned in its filing that the effective start date of the contract was July 26, 2025 -- receipt of orders -- and its end date was Dec. 31, 2033. However, Musk later confirmed in a reply to a post on social media platform X that Tesla was the counterparty.

He also posted: "Samsung's giant new Texas fab will be dedicated to making Tesla's next-generation AI6 chip. The strategic importance of this is hard to overstate. Samsung currently makes AI4.TSMC will make AI5, which just finished design, initially in Taiwan and then Arizona. Samsung agreed to allow Tesla to assist in maximizing manufacturing efficiency. This is a critical point, as I will walk the line personally to accelerate the pace of progress," Musk said on X, and suggested that the deal with Samsung could likely be even larger than the announced $16.5 billion.

Samsung earlier said that details of the deal, including the name of the counterparty, will not be disclosed until the end of 2033, citing a request from the second party "to protect trade secrets," according to a Google translation of the filing in Korean on Monday. "Since the main contents of the contract have not been disclosed due to the need to maintain business confidentiality, investors are advised to invest carefully considering the possibility of changes or termination of the contract," the company said.

Proton VPN reported a 1,400 percent hourly increase in signups over its baseline Friday — the day the UK's age verification law went into effect. For UK users, "apps with explicit content must now verify visitors' ages via methods such as facial recognition and banking info," notes Mashable: Proton VPN previously documented a 1,000 percent surge in new subscribers in June after Pornhub left France, its second-biggest market, amid the enactment of an age verification law there... A Proton VPN spokesperson told Mashable that it saw an increase in new subscribers right away at midnight Friday, then again at 9 a.m. BST. The company anticipates further surges over the weekend, they added. "This clearly shows that adults are concerned about the impact universal age verification laws will have on their privacy," the spokesperson said... Search interest for the term "Proton VPN" also saw a seven-day spike in the UK around 2 a.m. BST Friday, according to a Google Trends chart.
The Financial Times notes that VPN apps "made up half of the top 10 most popular free apps on the UK's App Store for iOS this weekend, according to Apple's rankings." Proton VPN leapfrogged ChatGPT to become the top free app in the UK, according to Apple's daily App Store charts, with similar services from developers Super Unlimited and Nord Security also rising over the weekend... Data from Google Trends also shows a significant increase in search queries for VPNs in the UK this weekend, with up to 10 times more people looking for VPNs at peak times...

"This is what happens when people who haven't got a clue about technology pass legislation," Anthony Rose, a UK-based tech entrepreneur who helped to create BBC iPlayer, the corporation's streaming service, said in a social media post. Rose said it took "less than five minutes to install a VPN" and that British people had become familiar with using them to access the iPlayer outside the UK. "That's the beauty of VPNs. You can be anywhere you like, and anytime a government comes up with stupid legislation like this, you just turn on your VPN and outwit them," he added...

Online platforms found in breach of the new UK rules face penalties of up to £18mn or 10 percent of global turnover, whichever is greater... However, opposition to the new rules has grown in recent days. A petition submitted through the UK parliament website demanding that the Online Safety Act be repealed has attracted more than 270,000 signatures, with the vast majority submitted in the past week. Ministers must respond to a petition, and parliament has to consider its topic for a debate, if signatures surpass 100,000.
X, Reddit and TikTok have also "introduced new 'age assurance' systems and controls for UK users," according to the article. But Mashable summarizes the situation succinctly.

"Initial research shows that VPNs make age verification laws in the U.S. and abroad tricky to enforce in practice."

An anonymous reader quotes a report from 404 Media: Users from 4chan claim to have discovered an exposed database hosted on Google's mobile app development platform, Firebase, belonging to the newly popular women's dating safety app Tea. Users say they are rifling through peoples' personal data and selfies uploaded to the app, and then posting that data online, according to screenshots, 4chan posts, and code reviewed by 404 Media. In a statement to 404 Media, Tea confirmed the breach also impacted some direct messages but said that the data is from two years ago. Tea, which claims to have more than 1.6 million users, reached the top of the App Store charts this week and has tens of thousands of reviews there. The app aims to provide a space for women to exchange information about men in order to stay safe, and verifies that new users are women by asking them to upload a selfie.

"Yes, if you sent Tea App your face and drivers license, they doxxed you publicly! No authentication, no nothing. It's a public bucket," a post on 4chan providing details of the vulnerability reads. "DRIVERS LICENSES AND FACE PICS! GET THE FUCK IN HERE BEFORE THEY SHUT IT DOWN!" The thread says the issue was an exposed database that allowed anyone to access the material. [...] "The images in the bucket are raw and uncensored," the user wrote. Multiple users have created scripts to automate the process of collecting peoples' personal information from the exposed database, according to other posts in the thread and copies of the scripts. In its terms of use, Tea says "When you first create a Tea account, we ask that you register by creating a username and including your location, birth date, photo and ID photo."

After publication of this article, Tea confirmed the breach in an email to 404 Media. The company said on Friday it "identified unauthorized access to one of our systems and immediately launched a full investigation to assess the scope and impact." The company says the breach impacted data from more than two years ago, and included 72,000 images (13,000 selfies and photo IDs, and 59,000 images from app posts and direct messages). "This data was originally stored in compliance with law enforcement requirements related to cyber-bullying prevention," the email continued. "We have engaged third-party cybersecurity experts and are working around the clock to secure our systems. At this time, there is no evidence to suggest that current or additional user data was affected. Protecting our users' privacy and data is our highest priority. We are taking every necessary step to ensure the security of our platform and prevent further exposure."

An Argentine captured naked in his yard by a Google Street View camera has been awarded compensation by a court after his bare behind was splashed over the internet for all to see. From a report: The policeman had sought payment from the internet giant for harm to his dignity, arguing he was behind a 6 1/2-foot wall when a Google camera captured him in the buff, from behind, in small-town Argentina in 2017. His house number and street name were also laid bare, broadcast on Argentine TV covering the story, and shared widely on social media.

The man claimed the invasion exposed him to ridicule at work and among his neighbors. Another court last year dismissed the man's claim for damages, ruling he only had himself to blame for "walking around in inappropriate conditions in the garden of his home." Google, for its part, claimed the perimeter wall was not high enough.

Massive mobile device tracking data has exposed the interconnected network of Myanmar's expanding scam centers, revealing how trafficked workers circulate between compounds despite February crackdowns. Analysis of 4.9 million location records from 11,930 mobile devices between January 2024 and May 2025 showed five devices visited all three major compounds -- Yatai New City, Apolo Park, and Yulong Bay Park -- plus the raided KK Park and Huanya Park facilities.

Workers are forced into romance scams, deceiving victims into believing they're in romantic relationships before extracting money. A South Asian man held six months at KK Park worked 16 hours daily conducting these online deceptions while enduring beatings and electric shocks for poor performance. Nikkei's investigation combined satellite imagery analysis, social media posts from Chinese platform Douyin, and open-source intelligence techniques to document continued construction at eight of 16 suspected sites. Myanmar authorities deported over 66,000 foreign nationals involved in these online fraud operations between October 2023 and June 2025.

Spotify was found publishing AI-generated songs on the official pages of deceased artists like Blaze Foley and Guy Clark -- without permission from their estates or labels. The tracks, flagged for deceptive content and now removed, were uploaded via TikTok's SoundOn distribution platform. "We've flagged the issue to SoundOn, the distributor of the content in question, and it has been removed for violating our Deceptive Content policy," a Spotify spokesperson told 404 Media. From the report: McDonald, who decided to originally upload Foley's music to Spotify in order to share it with more people, told me he never thought that an AI-generated track could appear on Foley's page without his permission. "It's harmful to Blaze's standing that this happened," he said. "It's kind of surprising that Spotify doesn't have a security fix for this type of action, and I think the responsibility is all on Spotify. They could fix this problem. One of their talented software engineers could stop this fraudulent practice in its tracks, if they had the will to do so. And I think they should take that responsibility and do something quickly."

McDonald's suggested fix is not allowing any track to appear on an artist's official Spotify page without allowing the page owner to sign off on it first. "Any real Blaze fan would know, I think, pretty instantly, that this is not Blaze or a Blaze recording," he said. "Then the harm is that the people who don't know Blaze go to the site thinking, maybe this is part of Blaze, when clearly it's not. So again, I think Spotify could easily change some practices. I'm not an engineer, but I think it's pretty easy to stop this from happening in the future."

Alaska Airlines and Horizon Air grounded all flights Sunday night due to a major IT outage, prompting a system-wide FAA ground stop that lasted until early Monday. Although operations have since resumed, passengers are still facing delays and residual disruptions. Gizmodo reports: The airline requested a system-wide ground stop from federal aviation authorities at about 11 p.m. ET on Sunday night. That stop remained in effect until around 2 a.m. ET Monday, when the Federal Aviation Administration confirmed it had been lifted. But disruptions didn't end there. Alaska warned passengers to brace for likely delays throughout the day. [...] The FAA's website listed the stop as applying to all Alaska Airlines aircraft. Gizmodo notes that the incident comes nearly a year after the massive 2024 CrowdStrike crash, which has become known as the largest IT outage in history. "The July 2024 outage brought down an estimated 8.5 million Microsoft Windows systems running CrowdStrike's Falcon Sensor software, disrupting everything from hospitals and airports to broadcast networks."

"There's no word yet from Alaska on whether the outage ties into a broader software problem, but the timing, almost exactly a year after the CrowdStrike crash, isn't going unnoticed on social media, with users wondering if the events are related."

AI coding service Replit deleted a user's production database and fabricated data to cover up bugs, according to SaaStr founder Jason Lemkin. Lemkin documented his experience on social media after Replit ignored his explicit instructions not to make code changes without permission.

The database deletion eliminated 1,206 executive records representing months of authentic SaaStr data curation. Replit initially told Lemkin the database could not be restored, claiming it had "destroyed all database versions," but later discovered rollback functionality did work. Replit said it made "a catastrophic error of judgement" and rated the severity of its actions as 95 out of 100. The service also created a 4,000-record database filled with fictional people and repeatedly violated code freeze requests.

Lemkin had initially praised Replit after building a prototype in hours, spending $607.70 in additional charges beyond his $25 monthly plan. He concluded the service isn't ready for commercial use by non-technical users.

Twitter co-founder/Block CEO Jack Dorsey isn't just vibe coding new apps like Bitchat and Sun Day. He's also "invested $10 million in an effort to fund experimental open source projects and other tools that could ultimately transform the social media landscape," reports TechCrunch," funding the projects through an online collective formed in May called "andOtherStuff: [T]he team at "andOtherStuff" is determined not to build a company but is instead operating like a "community of hackers," explains Evan Henshaw-Plath [who handles UX/onboarding and was also Twitter's first employee]. Together, they're working to create technologies that could include new consumer social apps as well as various experiments, like developer tools or libraries, that would allow others to build apps for themselves.

For instance, the team is behind an app called Shakespeare, which is like the app-building platform Lovable, but specifically for building Nostr-based social apps with AI assistance. The group is also behind heynow, a voice note app built on Nostr; Cashu wallet; private messenger White Noise; and the Nostr-based social community +chorus, in addition to the apps Dorsey has already released. Developments in AI-based coding have made this type of experimentation possible, Henshaw-Plath points out, in the same way that technologies like Ruby on Rails, Django, and JSON helped to fuel an earlier version of the web, dubbed Web 2.0.

Related to these efforts, Henshaw-Plath sat down with Dorsey for the debut episode of his new podcast, revolution.social with @rabble... Dorsey believes Bluesky faces the same challenges as traditional social media because of its structure — it's funded by VCs, like other startups. Already, it has had to bow to government requests and faced moderation challenges, he points out. "I think [Bluesky CEO] Jay [Graber] is great. I think the team is great," Dorsey told Henshaw-Plath, "but the structure is what I disagree with ... I want to push the energy in a different direction, which is more like Bitcoin, which is completely open and not owned by anyone from a protocol layer...."

Dorsey's initial investment has gotten the new nonprofit up and running, and he worked on some of its initial iOS apps. Meanwhile, others are contributing their time to build Android versions, developer tools, and different social media experiments. More is still in the works, says Henshaw-Plath.

"There are things that we're not ready to talk about yet that'll be very exciting," he teases.