The man identified as Bitcoin creator Satoshi Nakamoto in a new HBO documentary has something to say: Wrong again, world. From a report: In the just-released HBO film on the history of the world's biggest digital currency -- Money Electric: The Bitcoin Mystery -- documentary filmmaker Cullen Hoback comes to the conclusion that the anonymous creator of Bitcoin was none other than a long-time member of the community and early Bitcoin developer Peter Todd. Todd dismissed the claim in the documentary, released yesterday, and denied it again when asked by The Register.

"[Hoback's] evidence for me being Satoshi is the same kind of coincidence-based, circumstantial thinking that fuels conspiracies like QAnon," Todd told us in an email. "Which is ironic, given that [Hoback's] previous big project was a documentary on QAnon. He clearly didn't try to debunk his theories either." Hoback's previous project -- Q: Into the Storm -- aimed to unmask the person behind QAnon, perhaps giving him an interest in uncovering the identity of Satoshi Nakamoto. Todd, however, thinks Hoback was just trying to drum up interest in his new film.

"I think [Hoback] only included the Satoshi claim as a marketing ploy: he was really creating a documentary about Bitcoin, and needed a hook to get media attention," Todd said. "He picked me to accuse mainly because I was an unlikely candidate, which helped drum up even more attention. I don't think he had any interest in finding the real truth."

A new HBO documentary claims Canadian developer Peter Todd is Satoshi Nakamoto, the pseudonymous founder of bitcoin. The documentary's director, Emmy-nominated filmmaker Cullen Hoback, "comes to the conclusion by stitching together old clues and new ones," reports Politico. In the film's finale, Hoback confronted Todd and said: "It seems like you had these deep insights into bitcoin at the time?" Todd replies: "Well, yeah, I'm Satoshi Nakamoto." From the report: The admission, however, is not necessarily a smoking gun. Todd, who is a vocal backer of Ukraine and Israel on his X feed, is known to invoke the claim "I am Satoshi" as an expression of solidarity with the creator's bid for privacy. In an email to CoinDesk prior to the documentary's release, Todd reportedly denied he was the bitcoin creator: "Of course I'm not Satoshi," he said. If Todd is widely accepted as bitcoin's creator, the revelation would end more than a decade of speculation over the identity of a person whose work spawned a global, multibillion-dollar craze for digital currencies: a mania that has pushed back the frontiers of finance but also enabled widespread fraud and other illicit activities.

Todd is not unknown to enthusiasts of the stateless money system. As a longstanding bitcoin core developer known for communicating publicly with "Satoshi" before his disappearance from crypto forums in 2010, his name has always carried weight in the community. But he was rarely considered a prime suspect. A 39-year-old graduate of Ontario College of Art and Design in Toronto, Todd would have been 23 when the famous bitcoin white paper that first laid out the vision for the decentralized money system was being completed. Todd previously told a podcast he was about 15 years old when he first started communicating with key crypto influencers, known as the cypherpunks. "In investigations like these, digital forensics can only take you so far; they're like a compass," Hoback told POLITICO before the documentary aired. "Real answers can only be found offline."

An anonymous reader quotes a report from TechCrunch: U.S. money transfer giant MoneyGram has confirmed that hackers stole its customers' personal information and transaction data during a cyberattack last month. The company said in a statement Monday that an unauthorized third party "accessed and acquired" customer data during the cyberattack on September 20. The cyberattack -- the nature of which remains unknown -- sparked a week-long outage that resulted in the company's website and app falling offline. MoneyGram says it serves over 50 million people in more than 200 countries and territories each year.

The stolen customer data includes names, phone numbers, postal and email addresses, dates of birth, and national identification numbers. The data also includes a "limited number" of Social Security numbers and government identification documents, such as driver's licenses and other documents that contain personal information, like utility bills and bank account numbers. MoneyGram said the types of stolen data will vary by individual. MoneyGram said that the stolen data also included transaction information, such as dates and amounts of transactions, and, "for a limited number of consumers, criminal investigation information (such as fraud)."

TechCrunch's Paul Sawers reports: Fledgling fintech startup OpenBB is revealing the next step in its plans to take on the heavyweights of the investment research world. The company is launching a new, free version of a product that will open its arsenal of data and financial tooling to more users. OpenBB is the handiwork of software engineer Didier Lopes, who launched the Python-based platform back in 2021 as a way for amateur investors and enthusiasts to do investment research using different datasets for free, via a command line interface (CLI). The company went on to raise $8.5 million in seed funding from OSS Capital and angel investors such as Ram Shriram, an early backer of Google. While the community-based, open source project has amassed some 50,000 users, OpenBB has also been building an enterprise incarnation called Terminal Pro. This paid version gives teams access to an interface, pre-built database integrations, an Excel add-in, and various security and support bolt-ons that would appeal to larger businesses. [...]

The all-new OpenBB Terminal -- not to be confused with the previous CLI-based OpenBB Terminal that the startup sunsetted in March -- is a full-fledged web app, though it strips out many of the premium features of Terminal Pro. It's fully customizable, can run on any operating system or platform, and provides access to an AI-enabled OpenBB copilot. Like the previous OpenBB Terminal, the all-new web app is also free to use. OpenBB Terminal is perhaps something of a middle ground between the CLI centricity of the open source project and the bells-and-whistles feature set of the enterprise product.

The OpenBB Terminal serves as a single end point for accessing financial information from some 100 data sources, spanning equity, options, forex, the macro economy, and more. Users can also throw all their new data into the mix -- the community has previously contributed financial datasets such as historical currency exchange rates and crypto pricing data. There are also a slew of extensions and toolkits to bring more functionality to OpenBB -- such as an AI stock analysis agent. Users are free to incorporate their own AI systems and large language models (LLMs), which might be particularly important for security and compliance use cases. But with the OpenBB Copilot, categorized as a "compound AI system," users can run natural-language queries about their data out of the box. While OpenBB has been likened to an "open-source Bloomberg," TechCrunch notes that it's not a direct competitor due to Bloomberg's massive data resources and built-in chat functionality. OpenBB, however, offers flexibility with its open-source platform and customization options.

OpenBB filed for a trademark, but Bloomberg has requested an extension to potentially oppose it, despite the company asserting there's no link between OpenBB and Bloomberg's abbreviation "BBG". Lopes says the name originates from BlackBerry stock, where the founders had lost money during the meme stock craze.

U.S. exchanges' four-character limit for ETF tickers is creating fierce competition in the $10 trillion industry, particularly for single-stock funds. With 456,976 possible combinations, options narrow drastically when built around existing company tickers. MicroStrategy-inspired ETFs, for instance, leave issuers with just 52 choices using 'MST'. Memorable tickers are crucial for differentiation and can improve stock liquidity.

Long-time Slashdot reader Bismillah writes: Python New Zealand has gone through some rough times lately, with its then-treasurer stealing money from the society.. Things were looking really serious for a while, with Python NZ looking at being liquidated due to the theft of funds.

However, there is a silver lining to the story, as the free and open source movement rallied behind Python NZ and got them out of a serious pickle.
"Our friends at Linux Australia and at the Python Software Foundation went well above and beyond to support us, and save us," says Tom Eastman president of Python New Zealand, in an article from interest.co.nz.

He also says he hopes the treasure is ordered by the court to pay restitution. (In the article the treasurer confirms that he's pleaded guilty to the theft, which took place between February 2019 and October 2023 — leaving Python NZ owing conference supplies around $55,000.) "We had $26 in the bank accounts," Eastman tells the site.

The group now has new transparency and accountability measures...

"Pig Butchering Alert: Fraudulent Trading App targeted iOS and Android users."

That's the title of a new report released this week by cybersecurity company Group-IB revealing the official Apple App Store and Google Play store offered apps that were actually one part of a larger fraud campaign. "To complete the scam, the victim is asked to fund their account... After a few seemingly successful trades, the victim is persuaded to invest more and more money. The account balance appears to grow rapidly. However, when the victim attempts to withdraw funds, they are unable to do so."

Forbes reports: Group-IB determined that the frauds would begin with a period of social engineering reconnaissance and entrapment, during which the trust of the potential victim was gained through either a dating app, social media app or even a cold call. The attackers spent weeks on each target. Only when this "fattening up" process had reached a certain point would the fraudsters make their next move: recommending they download the trading app from the official App Store concerned.

When it comes to the iOS app, which is the one that the report focussed on, Group-IB researchers said that the app remained on the App Store for several weeks before being removed, at which point the fraudsters switched to phishing websites to distribute both iOS and Android apps. The use of official app stores, albeit only fleetingly as Apple and Google removed the fake apps in due course, bestowed a sense of authenticity to the operation as people put trust in both the Apple and Google ecosystems to protect them from potentially dangerous apps.
"The use of web-based applications further conceals the malicious activity," according to the researchers, "and makes detection more difficult." [A]fter the download is complete, the application cannot be launched immediately. The victim is then instructed by the cybercriminals to manually trust the Enterprise developer profile. Once this step is completed, the fraudulent application becomes operational... Once a user registers with the fraudulent application, they are tricked into completing several steps. First, they are asked to upload identification documents, such as an ID card or passport. Next, the user is asked to provide personal information, followed by job-related details...

The first discovered application, distributed through the Apple App Store, functions as a downloader, merely retrieving and displaying a web-app URL. In contrast, the second application, downloaded from phishing websites, already contains the web-app within its assets. We believe this approach was deliberate, since the first app was available in the official store, and the cybercriminals likely sought to minimise the risk of detection. As previously noted, the app posed as a tool for mathematical formulas, and including personal trading accounts within an iOS app would have raised immediate suspicion.
The app (which only runs on mobile phones) first launches a fake activity with formulas and graphics, according to the researchers. "We assume that this condition must bypass Apple's checks before being published to the store. As we can see, this simple trick allows cybercriminals to upload their fraudulent application to the Apple Store." They argue their research "reinforces the need for continued review of app store submissions to prevent such scams from reaching unsuspecting victims". But it also highlights "the importance of vigilance and end-user education, even when dealing with seemingly trustworthy apps..."

"Our investigation began with an analysis of Android applications at the request of our client. The client reported that a user had been tricked into installing the application as part of a stock investment scam. During our research, we uncovered a list of similar fraudulent applications, one of which was available on the Google Play Store. These apps were designed to display stock-related news and articles, giving them a false sense of legitimacy."

Wired reports on "AI-powered cameras mounted on cars and trucks, initially designed to capture license plates, but which are now photographing political lawn signs outside private homes, individuals wearing T-shirts with text, and vehicles displaying pro-abortion bumper stickers — all while recordi00ng the precise locations of these observations..."

The detailed photographs all surfaced in search results produced by the systems of DRN Data, a license-plate-recognition (LPR) company owned by Motorola Solutions. The LPR system can be used by private investigators, repossession agents, and insurance companies; a related Motorola business, called Vigilant, gives cops access to the same LPR data. However, files shared with WIRED by artist Julia Weist, who is documenting restricted datasets as part of her work, show how those with access to the LPR system can search for common phrases or names, such as those of politicians, and be served with photographs where the search term is present, even if it is not displayed on license plates... Beyond highlighting the far-reaching nature of LPR technology, which has collected billions of images of license plates, the research also shows how people's personal political views and their homes can be recorded into vast databases that can be queried.

"It really reveals the extent to which surveillance is happening on a mass scale in the quiet streets of America," says Jay Stanley, a senior policy analyst at the American Civil Liberties Union. "That surveillance is not limited just to license plates, but also to a lot of other potentially very revealing information about people."

DRN, in a statement issued to WIRED, said it complies with "all applicable laws and regulations...." Over more than a decade, DRN has amassed more than 15 billion "vehicle sightings" across the United States, and it claims in its marketing materials that it amasses more than 250 million sightings per month. Images in DRN's commercial database are shared with police using its Vigilant system, but images captured by law enforcement are not shared back into the wider database. The system is partly fueled by DRN "affiliates" who install cameras in their vehicles, such as repossession trucks, and capture license plates as they drive around. Each vehicle can have up to four cameras attached to it, capturing images in all angles. These affiliates earn monthly bonuses and can also receive free cameras and search credits...

"License plate recognition (LPR) technology supports public safety and community services, from helping to find abducted children and stolen vehicles to automating toll collection and lowering insurance premiums by mitigating insurance fraud," Jeremiah Wheeler, the president of DRN, says in a statement... Wheeler did not respond to WIRED's questions about whether there are limits on what can be searched in license plate databases, why images of homes with lawn signs but no vehicles in sight appeared in search results, or if filters are used to reduce such images.
Privacy experts shared their reactions with Wired

• "Perhaps [people] want to express themselves in their communities, to their neighbors, but they don't necessarily want to be logged into a nationwide database that's accessible to police authorities." — Jay Stanley, a senior policy analyst at the American Civil Liberties Union

• "When government or private companies promote license plate readers, they make it sound like the technology is only looking for lawbreakers or people suspected of stealing a car or involved in an amber alert, but that's just not how the technology works. The technology collects everyone's data and stores that data often for immense periods of time." — Dave Maass, an EFF director of investigations

• "The way that the country is set up was to protect citizens from government overreach, but there's not a lot put in place to protect us from private actors who are engaged in business meant to make money." — Nicole McConlogue, associate law professor at Mitchell Hamline School of Law (who has researched license-plate-surveillance systems)

Thanks to long-time Slashdot reader schwit1 for sharing the article.

Cybersecurity firm IronNet, founded by former NSA director Keith Alexander, has collapsed after failing to deliver on its promise to revolutionize cyber defense. The company, which went public in 2021 with a $3 billion valuation, shut down in September 2023 after running out of money.

IronNet's downfall has left investors and former employees bitter, with some accusing the company of misleading them about its financial health. "I'm honestly ashamed that I was ever an executive at that company," said Mark Berly, a former IronNet vice president. He said the company's top leaders cultivated a culture of deceit "just like Theranos." Critics point to questionable business practices, subpar products, and associations that potentially exposed the firm to Russian influence. The company's board included high-profile national security figures, which helped attract investments and contracts. However, IronNet struggled to secure major deals and meet revenue projections.

Microsoft gives its Edge web browser an unfair advantage and EU antitrust regulators should subject it to tough EU tech rules, three rival browsers and a group of web developers said in a letter to the European Commission. From a report: The move by Vivaldi, Waterfox, Wavebox and the Open Web Advocacy could boost Norwegian browser company Opera which in July took the European Commission to court for exempting Edge from the Digital Markets Act (DMA). [...] "Unfair practices are currently allowed to persist on the Windows' ecosystem with respect to Edge, unmitigated by the choice screens that exist on mobile," they said, pointing to Edge set as the default browser on all Windows computers. "No platform independent browser can aspire to match Edge's unparalleled distribution advantage on Windows. Edge is, moreover, the most important gateway for consumers to download an independent browser on Windows PCs."

OpenAI has a $4 billion revolving line of credit, bringing its total liquidity to more than $10 billion, CNBC reported Thursday. From the report: It follows news on Wednesday that OpenAI closed its recent funding round at a valuation of $157 billion, including the $6.6 billion the company raised from an extensive roster of investment firms and big tech companies. JPMorgan Chase, Citi, Goldman Sachs, Morgan Stanley, Santander, Wells Fargo, SMBC, UBS, and HSBC all participated. The base credit line is $4 billion, with an option to increase it by an additional $2 billion. The loan is unsecured and can be tapped over the course of three years. OpenAI's interest rate is equal to the Secured Overnight Financing Rate (SOFR) plus 100 basis points. SOFR, a measure of the cost of borrowing cash overnight, sat at just over 5% as of early this week, meaning OpenAI would be paying roughly 6% on money that it borrows right away.

PayPal completed its first business payment using its proprietary stablecoin as a way to demonstrate how digital currencies can be used to improve often-clunky commercial transactions. From a report: PayPal paid an invoice to Ernst & Young LLP on Sept. 23 using PYUSD, the stablecoin the firm launched last year, relying on an SAP SE platform to complete the transaction. SAP's platform, known as the digital currency hub, allows enterprises to send and receive digital payments instantly, around the clock. The invoice amount wasn't disclosed.

Stablecoins are cryptocurrencies usually designed to track traditional currencies one-to-one. PYUSD, which has a current market capitalization of almost $700 million, tracks the US dollar. While the consumer-facing benefits of stablecoins often dominate conversations, this payment demonstrates other use cases for the digital currency, according to Jose Fernandez da Ponte, PayPal's senior vice president of its blockchain, cryptocurrency and digital currency group.

Private equity firms are using US public sector workers' retirement savings to fund fossil fuel projects pumping more than a billion tonnes of greenhouse gas emissions into the atmosphere every year, according to an analysis. From a report: They have ploughed more than $1tn into the energy sector since 2010, often buying into old and new fossil fuel projects and, thanks to exemptions from many financial disclosures, operating them outside the public eye, the researchers say. In many cases they are mortgaging workers' futures by taking the money they have put away for old age and investing it in assets that risk serious damage to the climate, the report claims.

"Public sector workers' money, through national, state, and retirement pensions, provides much of the capital for private equity firms' energy investments, but there is limited disclosure to the pension fund managers that the deferred earnings of their beneficiaries have potential climate impacts," it says. Researchers at Americans for Financial Reform Education Fund, Global Energy Monitor and Private Equity Stakeholder Project assessed the holdings of 21 private equity firms, overseeing a combined $6tn in assets under management. Together, the analysis found that the 21 firms were funding projects responsible for releasing more than 1.17bn tons of CO2 equivalent (tCO2e) a year.

Law enforcement from 12 countries arrested four individuals linked to the LockBit ransomware gang, including a developer and a bulletproof hosting administrator. The operation also resulted in the seizure of LockBit infrastructure and involved sanctions targeting affiliates of both LockBit and Evil Corp. BleepingComputer reports: According to Europol, a suspected LockBit ransomware developer was arrested in August 2024 at the request of French authorities while on holiday outside of Russia. The same month, the U.K.'s National Crime Agency (NCA) arrested two more individuals linked to LockBit activity: one believed to be associated with a LockBit affiliate, while the second was apprehended on suspicion of money laundering. In a separate action, at Madrid airport, Spain's Guardia Civil arrested the administrator of a bulletproof hosting service used to shield LockBit's infrastructure. Today, Australia, the United Kingdom, and the United States also revealed sanctions against an individual the UK NCA believes is a prolific LockBit ransomware affiliate linked to Evil Corp.

The United Kingdom sanctioned 15 more Russian nationals involved in Evil Corp's criminal activities, while the United States sanctioned six individuals and Australia targeted two. "These actions follow the massive disruption of LockBit infrastructure in February 2024, as well as the large series of sanctions and operational actions that took place against LockBit administrators in May and subsequent months," Europol said.

schwit1 shares a report from The Independent: Thousands of Bank of America customers reported trouble accessing their bank accounts Wednesday afternoon as the financial institution faced a widespread outage. On social media, customers said they could not view their account balances. Those who could view their accounts said they were met with an alarming $0 balance. For many, a "Connection Error" message popped up while trying to log into the banking app. The message said it was "unable to complete your request" and asked the user to "try again later."

By 1:15 p.m. Eastern Time, nearly 20,000 customers said they were having trouble, according to Downdetector, which reports web outages. That number dropped before rising again around 2:45 p.m. ET. It is unclear what caused the outage

The Federal Communications Commission is making up to $200 million available to help schools and libraries make their computer systems more secure. From a report: The Schools and Libraries Cybersecurity Pilot Program will be used to evaluate whether to fund this kind of program on a more permanent basis. The funding will come through a pool of money called the Universal Service Fund (USF), which is made up of contributions from telecommunications companies. Schools and libraries participating in the program will be able to reimburse things like advanced firewalls, identity protection and authentication services, malware protection, and VPNs.

Amazon is set to roll out a greater number of ads [non-paywalled link] across its blockbuster television shows and movies on Prime Video next year as the US tech giant steps up its push into ad-funded streaming services. Financial Times: The company said it had not seen a sharp drop in subscribers since it introduced advertising to its Prime Video platform eight months ago, allaying fears among top executives of a customer backlash, as it attempts to win over more brands to its streaming service.

Kelly Day, vice-president of Prime Video International, who oversees the streaming video business in global markets, told the Financial Times there would be an increasing number of ad slots for brands to target in 2025. Talking ahead of its first London "up front" on Wednesday evening -- when television companies present their plans to advertisers to attract money over the next year -- Day said its advertising "load" would "ramp up a little bit more into 2025."

Financial Times has more details on the new fundraise closed by OpenAI. From the report: OpenAI has asked investors to avoid backing rival start-ups such as Anthropic and Elon Musk's xAI, as it secures $6.6bn in new funding and seeks to shut out challengers to its early lead in generative artificial intelligence. [...] During the negotiations, the company made clear that it expected an exclusive funding arrangement, according to three people with knowledge of the discussions. Seeking exclusive relationships with investors restricts rivals' access to capital and strategic partnerships. The move by the maker of ChatGPT risks inflaming existing tensions with competitors, especially Musk, who is suing OpenAI. Venture firms are party to sensitive information about the companies they invest in, and close relationships with one company can make it difficult or contentious to also back a rival. But exclusivity is rarely insisted on, according to VCs, and many leading firms have spread their bets in certain sectors. Sequoia Capital and Andreessen Horowitz, for instance, have backed multiple AI start-ups, including both OpenAI and Musk's xAI.

An anonymous reader quotes a report from Reuters: A federal judge dismissed a U.S. Department of Justice lawsuit accusing eBay of violating environmental laws by allowing the sale of hundreds of thousands of harmful products on its platform, including pesticides and devices to evade motor vehicle pollution controls. U.S. District Judge Orelia Merchant in Brooklyn ruled on Monday that Section 230 of the federal Communications Decency Act, which protects online platforms from liability over user content, shielded eBay from liability in the civil lawsuit.

The judge said eBay's administrative and technical support to sellers "does not materially contribute to the products' alleged unlawfulness" and does not make the San Jose, California, company a "publisher or speaker" on sellers' behalf. Merchant also said eBay was not a "seller" of some of the challenged products, because it did not physically possess them or hold title. She rejected the government's argument that eBay was a seller because it exchanged the products for money. The U.S. government argued eBay violated the Clean Air Act by allowing the sale of harmful products, including more than 343,000 aftermarket "defeat" devices that help vehicles generate more power and get better fuel economy by evading emissions controls. The company also was accused of allowing sales of 23,000 unregistered, misbranded or restricted-use pesticides, as well as distributing more than 5,600 paint and coating removal products that contained methylene chloride, a chemical linked to brain and liver cancer and non-Hodgkin lymphoma.

More American workers are seeing their compensation tied to performance metrics, a shift from traditional fixed salaries. A 2024 survey by Alexander Group found 28% of over 300 companies are incorporating incentive pay into new roles, extending a practice once limited to sales and executive positions. Employers argue this model boosts productivity, while some workers report earning less than expected, WSJ reported Monday.