Crime

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition To US (krebsonsecurity.com) 42

A 36-year-old Russian man recently identified by KrebsOnSecurity as the likely proprietor of the massive RSOCKS botnet has been arrested in Bulgaria at the request of U.S. authorities. At a court hearing in Bulgaria this month, the accused hacker requested and was granted extradition to the United States, reportedly telling the judge, "America is looking for me because I have enormous information and they need it." From the report: On June 22, KrebsOnSecurity published Meet the Administrators of the RSOCKS Proxy Botnet, which identified Denis Kloster, a.k.a. Denis Emelyantsev, as the apparent owner of RSOCKS, a collection of millions of hacked devices that were sold as "proxies" to cybercriminals looking for ways to route their malicious traffic through someone else's computer. A native of Omsk, Russia, Kloster came into focus after KrebsOnSecurity followed clues from the RSOCKS botnet master's identity on the cybercrime forums to Kloster's personal blog, which featured musings on the challenges of running a company that sells "security and anonymity services to customers around the world." Kloster's blog even included a group photo of RSOCKS employees.

The Bulgarian news outlet 24Chasa.bg reports that Kloster was arrested in June at a co-working space in the southwestern ski resort town of Bansko, and that the accused asked to be handed over to the American authorities. "I have hired a lawyer there and I want you to send me as quickly as possible to clear these baseless charges," Kloster reportedly told the Bulgarian court this week. "I am not a criminal and I will prove it in an American court." 24Chasa said the defendant's surname is Emelyantsev and that he only recently adopted the last name Kloster, which is his mother's maiden name. As KrebsOnSecurity reported in June, Kloster also appears to be a major player in the Russian email spam industry. [...] Kloster turned 36 while awaiting his extradition hearing, and may soon be facing charges that carry punishments of up to 20 years in prison.

Mozilla

Mozilla: YouTube's Dislike Button Largely Fails To Stop Unwanted Recommendations (mozilla.org) 75

AmiMoJo shares a report from the Mozilla Foundation: YouTube's user controls -- buttons like "Dislike " and "Not interested" -- largely fail to help users avoid unwanted recommendations like misinformation and violent content, according to new research by Mozilla. An accompanying survey also found that YouTube's controls routinely frustrate and confuse users. Indeed, Mozilla's research found that people who are experiencing unwanted recommendations and turn to the platform's user controls for assistance prevent less than half of unwanted recommendations.

This is especially troubling because Mozilla's past research shows that YouTube recommends videos that violate its very own community guidelines, like misinformation, violent content, hate speech, and spam. For example, one user in this most recent research asked YouTube to stop recommending war footage from Ukraine -- but shortly after was recommended even more grisly content from the region. The study, titled "Does This Button Work? Investigating YouTube's ineffective user controls" is the culmination of months of rigorous qualitative and quantitative research. The study was made possible by the data of more than 20,000 participants who used Mozilla's RegretsReporter browser extension, and by data about more than 500 million YouTube videos.
These are the top findings, as highlighted in the report: People don't trust YouTube's user controls. More than a third (39.3%) of people surveyed felt YouTube's user controls did not impact their recommendations at all, and 23% felt the controls had a mixed response. Said one interviewee: "Nothing changed. Sometimes I would report things as misleading and spam and the next day it was back in [...] Even when you block certain sources they eventually return."

People take matters into their own hands. Our study found that people did not always understand how YouTube's controls affect their recommendations, and so took a jury rigged approach instead. People will log out, create new accounts, or use privacy tools just to manage their YouTube recommendations. Said one user: "When the Superbowl came around ... if someone recommended a particular commercial, I used to log out of YouTube, watch the commercial, and then log back in."

The data confirms people are right. The most "effective" user control was "Don't recommend channel," but compared to users who do not make use of YouTube's user controls, only 43% of unwanted recommendations are prevented -- and recommendations from the unwanted channel sometimes persist. Other controls were even less effective: The "Not Interested" tool prevented only 11% of unwanted recommendations.

YouTube can fix this problem. YouTube has the power to confront this issue and do a better job at enabling people to control their recommendations. Our research outlines several concrete suggestions to put people back into the driver's seat, like making YouTube's controls more proactive, allowing users to shape their own experience; and giving researchers increased access to YouTube's API and other tools.
Further reading: YouTube Targets TikTok With Revenue Sharing For Shorts, Partner Program Expansion
Politics

Gmail Launches Pilot To Keep Campaign Emails Out of Spam (axios.com) 138

Google is launching a pilot program to keep emails from political campaigns from going to users' spam folders this week, the company told Axios. From the report: Google asked the Federal Election Commission in June if a program that would let campaigns emails bypass spam filters, instead giving users the option to move them to spam first, would be legal under campaign finance laws. Despite hundreds of negative comments submitted to the FEC arguing against it, the FEC approved the program in August. Eligible committees, abiding by security requirements and best practices as outlined by Google, can now register to participate.

Google has come under fire that its algorithms unfairly target conservative content across its services, and that its Gmail service filters more Republican fundraising and campaign emails to spam. This is partly based on a study from North Carolina State University, though its authors say it has been misconstrued. "We expect to begin the pilot with a small number of campaigns from both parties and will test whether these changes improve the user experience, and provide more certainty for senders during this election period," Jose Castaneda, a Google spokesperson, told Axios. "We will continue to listen and respond to feedback as the pilot progresses." He added: "During the pilot, users will be in control through a more prominent unsubscribe button."

Twitter

Judge Orders Twitter to Provide More Spam Account Data to Elon Musk's Lawyers (cbsnews.com) 85

From the Washington Post earlier this week: On Tuesday, The Washington Post reported that Twitter's former head of security, Peiter Zatko, had filed a whistleblower complaint with federal regulators, including the Securities and Exchange Commission, accusing Twitter of "Lying about Bots to Elon Musk...."

"Twitter executives have little or no personal incentive to accurately 'detect' or measure the prevalence of spam bots," the complaint alleges, adding "deliberate ignorance was the norm" among its executive team.

The same article notes that three people familiar with Twitter's spam-detection, processes said Twitter's "internal bot prevalence numbers" were almost always less than 5%. (And the article reminds readers that Musk himself had waived his right to perform "due diligence" prior to striking the deal.)

But here's that Tuesday article's most prescient sentence. "The judge has rejected Musk's requests for information from more than 20 company leaders — including Zatko — but the whistleblower claims could open the door for them to make further requests, legal experts said."

Sure enough, Friday night CBS News reported that the judge "ordered both Twitter and Tesla CEO Elon Musk to turn over more information to opposing lawyers..." Chancellor Kathaleen St. Jude McCormick on Thursday ordered Twitter to provide Musk's attorneys more data regarding the company's estimates that less than 5% of the accounts on its platform are fake.

The judge also rejected Musk's attempts to shield details about analyses he used in his attempt to terminate the deal. That work was done by data scientists who examined live-feed information from Twitter about public user accounts to test the company's daily-user counts....

The judge rejected more comprehensive data requests from Musk's attorneys as "absurdly broad," noting that a literal reading of the request would require Twitter to produce "trillions upon trillions of data points" reflecting all data collected on roughly 200 million accounts over three years. But McCormick did order Twitter to produce information on 9,000 accounts that were reviewed in connection with company's fourth-quarter audit, a data subset that has been described as a "historical snapshot."

McCormick also ordered Twitter to turn over documents regarding other metrics, regardless of whether they expressly address "monetizable daily active users," or mDAU. Musk's attorneys have suggested that a comparison of Twitter's mDAU with other metrics, such as "User Active Minutes," could support their theory that the company has fraudulently misled investors and securities regulators about the scope of activity on its platform.

Advertising

Privacy Complaint Targets Google Over Unsolicited Ad Emails (reuters.com) 20

An anonymous reader quotes a report from Reuters: Google has breached a European Union court ruling by sending unsolicited advertising emails directly to the inbox of Gmail users, Austrian advocacy group noyb.eu said on Wednesday in a complaint filed with France's data protection watchdog. The Alphabet unit, whose revenues mainly come from online advertising, should ask Gmail users for their prior consent before sending them any direct marketing emails, noyb.eu said, citing a 2021 decision by the Court of Justice of the European Union (CJUE).

While Google's ad emails may look like normal ones, they include the word "Ad" in green letters on the left-hand side, below the subject of the email, noyb.eu said in its complaint. Also, they do not include a date, the advocacy group added. "It's as if the postman was paid to remove the ads from your mailbox and put his own instead," said Romain Robert, program director at noyb.eu, with reference to Gmail's anti-spam filters that put most unsolicited emails in a separate folder. While any CNIL decision would be only applicable in France, it could compel Google to review its practices in the region.

Android

Google Releases Android 13, Rolling Out First To Pixel Phones (theverge.com) 23

This year's major Android update, Android 13, is officially releasing today for Google's Pixel phones, the search giant has announced. From a report: The annual update is getting an official release a little earlier than usual, following Android 12's release last October and Android 11's release in September 2020. The list of updates arriving with this year's version of Android is likely to be familiar if you've been keeping up with Android 13's beta releases. There's the ability to customize non-Google app icons to match your homescreen wallpaper that we saw in Android 13's first developer preview, a new permission to cut down on notification spam, and a new option to limit which of your photos and videos an app can access.

Back in January, we wrote that Google planned to spend this year catching up with Apple's ecosystem integrations, and there's more evidence of this in Android 13's official release. The update includes support for spatial audio with head tracking, which is designed to make sounds appear as though they're coming from a fixed point in space when you move your head while wearing compatible headphones, similar to a feature Apple offers for its AirPods. Today's post doesn't say exactly which headphones this will work with, but Google previously announced it would be updating its Pixel Buds Pro to offer support for spatial audio. Secondly, there's the ability to stream messages from apps including Google Messages directly to a Chromebook, similar to iMessage on the Mac.

Google

US Approves Google Plan To Let Political Emails Bypass Gmail Spam Filter (arstechnica.com) 94

The US Federal Election Commission approved a Google plan to let campaign emails bypass Gmail spam filters. From a report: The FEC's advisory opinion adopted in a 4-1 vote said Gmail's pilot program is permissible under the Federal Election Campaign Act and FEC regulations "and would not result in the making of a prohibited in-kind contribution." The FEC said Google's approved plan is for "a pilot program to test new Gmail design features at no cost on a nonpartisan basis to authorized candidate committees, political party committees, and leadership PACs." On July 1, Google asked the FEC for the green light to implement the pilot after Republicans accused the company of giving Democrats an advantage in its algorithms. Republicans reportedly could have avoided some of their Gmail spam problems by using the proper email configuration. At a May 2022 meeting between Senate Republicans and Google's chief legal officer, "the most forceful rebuke" was said to come "from Sen. Marco Rubio (R-Fla.), who claimed that not a single email from one of his addresses was reaching inboxes," The Washington Post reported in late July. "The reason, it was later determined, was that a vendor had not enabled an authentication tool that keeps messages from being marked as spam, according to people briefed on the discussions."
Facebook

In 2003, Mark Zuckerberg Took a Vow of User Privacy On Slashdot (slashdot.org) 68

If it weren't for Slashdot, Mark Zuckerberg wouldn't be facing a six-hour deposition over alleged involvement in the Cambridge Analytica Scandal, argues long-time Slashdot reader theodp: In 2003, Harvard's student newspaper the Harvard Crimson reported that Zuck's programming skills attracted attention from the likes of Microsoft and others following a 2003 Slashdot post. That post — titled Machine Learning and MP3s — described how "Students at Caltech [freshman Adam D'Angelo, Quora CEO and co-founder] and Harvard [freshman Zuck] developed a system that analyzes playlists and learns people's listening patterns." The playlist-making software, Synapse AI, was Zuck's high school senior project at Phillips Exeter Academy.

Interestingly, in a modded-up comment ("Informative") on the post, Slashdot user Mark Zuckerberg vowed to protect user privacy. "And a note about privacy," promised Zuck. "None of your musical listening data will be available to anyone other than you. We hope to use massive amounts of data to aid in analysis, but your individual data will never be seen by anyone else."

Hey, things change. And Slashdot user SkyIce (apparently D'Angelo) added, "I'm not going to spam people. I promise." .

Zuckerberg was just 18 years old — and Steven Levy's 2020 book Facebook: The Inside Story recounts how all "the Slashdot attention was a boon." Zuckerberg heard from multiple companies interested in the student project, including Microsoft and AOL. Zuckerberg and D'Angelo got an offer approaching a million dollars from one of those suitors. But the payout would be contingent on Zuckerberg and D'Angelo committing to work for that company for three years. They turned it down.
That summer, back in Cambridge, young Mark Zuckerberg "thought it was interesting that I was so excited about Friendster," D'Angelo remembered in the book. Friendster was an earlier social network founded in 2002 (which eventually closed in 2018). D'Angelo remembered that Zuckerberg "wasn't into it as a user, but it was clear to him that there was something there...."
Security

Anonymous Hacktivists Breach Russian Databases, Leak 'Massive' Amounts of Data (cnbc.com) 80

"The Anonymous declaration of cyberwar was a top news story despite no evidence," writes cybersecurity specialist Jeremiah Fowler (an American who worked in Kyiv for the last 10 years — until fleeing in February to Poland). To investigate, Fowler performed a random sampling of 100 exposed Russian databases — and discovered that 92 of them had indeed been compromised. "Anti-Russian hackers used a similar script to the infamous 'MeowBot' that changed the name of folders and deleted the contents of the files. " (For example, renaming the folders to "putin_stop_this_war".)

And that was just the beginning, reports CNBC: Anonymous has claimed to have hacked over 2,500 Russian and Belarusian sites, said Fowler. In some instances, stolen data was leaked online, he said, in amounts so large it will take years to review. "The biggest development would be the overall massive number of records taken, encrypted or dumped online," said Fowler. Shmuel Gihon, a security researcher at the threat intelligence company Cyberint, agreed that amount of leaked data is "massive."

"We currently don't even know what to do with all this information, because it's something that we haven't expected to have in such a short period of time," he said....

The more immediate outcome of the hacks, Fowler and Gihon agreed, is that Russia's cybersecurity defenses have been revealed as being far weaker than previously thought.

Fowler's report argues that Anonymous has "rewritten the rules of how a crowdsourced modern cyberwar is conducted" — with the group also offering penetration testing to Ukraine, "finding vulnerabilities before Russia could exploit them." But in addition, Fowler writes, Anonymous's efforts have also "transformed into a larger operation that spread far beyond the Russian government, companies, or organizations, and included an information campaign aimed at Russian citizens."

Some examples: Hacking Printers — Russian censorship has blocked many inside the country from knowing the true scale of the war and Russian losses. Anonymous hacked printers across Russia and printed uncensored facts or anti-propaganda and pro-ukrainian messages. The group claims to have printed over 100,000 documents. This also includes barcode printers at grocery stores where prices were changed and product names were changed to anti-war or pro-Ukrainian slogans....

RoboDial, SMS, and Email Spam — Almost everyone on earth has received some form of spam in the form of a phone call, text, or email message. These usually try to sell a service or scam victims out of money. Now this same technology has been used to bypass Russian censorship and inform citizens of news and messages they are forbidden to learn on state sponsored propaganda channels. Anonymous affiliated Squad303 claimed to have sent over 100 million messages to Russian devices.

Spam

Gmail Users 'Hard Pass' On Plan To Let Political Emails Bypass Spam Filters (arstechnica.com) 62

An anonymous reader quotes a report from Ars Technica: Earlier this month, Google sent a request (PDF) to the Federal Election Commission seeking an advisory opinion on the potential launch of a pilot program that would allow political committees to bypass spam filters and instead deliver political emails to the primary inboxes of Gmail users. During a public commenting period that's still ongoing, most people commenting have expressed staunch opposition for various reasons that they're hoping the FEC will consider. "Hard pass," wrote a commenter called Katie H. "Please do not allow Google to open up Pandora's Box on the people by allowing campaign/political emails to bypass spam filters."

Out of 48 comments submitted (PDF) as of July 11, only two commenters voiced support for Google's pilot program, which seeks to deliver more unsolicited political emails to Gmail users instead of marking them as spam. The rest of the commenters opposed the program, raising a range of concerns, including the potential for the policy to degrade user experience, introduce security risks, and even possibly unfairly influence future elections. Business Insider reported that the period for public commenting ends on Saturday, July 16, which is longer than what was shared in conflicting reports that said the initial deadline to comment was July 11. That means there's still time for more Gmail users and interested parties to chime in.
"For some opposing commenters, it's about rejecting unnecessary strains on the Gmail user experience," adds Ars. "In short: People don't want emails coming to their inbox that they did not sign up for."

"Other commenters were more concerned over a perceived government overreach." There were also commenters that said the move could introduce security risks, influence elections, and make Gmail more vulnerable to "emotionally charged" messaging that they never signed up for.
Youtube

YouTube Ends Lofi Girl's Two-Year-Long Music Stream Over Bogus DMCA Warning (techcrunch.com) 74

An anonymous reader writes: There are three constants in life: death, taxes and the "lofi hip hop radio -- beats to relax/study to" YouTube stream. That is, until YouTube falsely hit the Lofi Girl channel with a DMCA takedown, bringing the beloved streams offline for the first time in over 2 years. With over 668 million views, the stream was one of YouTube's most popular places for people to go when they wanted to listen to calming, yet engaging music while studying or working. Listeners sometimes used the stream's live chat like an anonymized, distant study group, reminding each other to take breaks and drink water. So when the stream suddenly stopped, fans were worried.

[...] Yesterday, Lofi Girl addressed the sudden takedown in a tweet, stating that "the lofi radios have been taken down because of false copyright strikes." In response, fans of Lofi Girl circulated the tag #BringBackLofiGirl to get YouTube's attention. Some even went as far as to spam and troll FMC Music, the Malaysian label that allegedly issued the false copyright complaint, while others created fan art. Lofi Girl told TechCrunch that all of the channel's music is released through its record label, Lofi Records, so they have the necessary rights to share it. Because Lofi Girl has the proper rights to the music, YouTube determined that the account is not in violation of copyright laws. The platform responded to Lofi Girl on Twitter Monday, saying that the missing livestream videos should be reinstated in 24 to 48 hours.

If past precedent holds true, Lofi Girl's next stream will have to start again from the beginning, rather than as a continuation of the existing 2-year-long stream. In 2020, the channel faced a similar problem when an accidental suspension ended its 13,000-hour stream. In that case, YouTube also owned up to its mistakes and reinstated the account, but the same issues have apparently returned. [...] Today, in YouTube's reply to Lofi Girl, the company said that the takedown requests were "abusive," meaning that they were leveraged as an attack against the channel, rather than out of actual concern for copyright violations. This behavior is incredibly common, but platforms have struggled to determine when these reports are legitimate and when they're unsubstantiated.
"This event has shone a light on an underlying problem on the platform: It's 2022, and there are countless smaller creators out there, many of which engaged in this discussion, that continue to be hit daily by these false claims on both videos and livestreams," Lofi Girl wrote in a tweet.

"We're shocked and disappointed to see that there's still not any kind of protection or manual review of these false claims," Lofi Girl wrote on Twitter. "At the end of the day, it was entirely out of our control, and the sad part is that there was no way to appeal beforehand/prevent it from happening."
The Courts

The Three Reasons Why Elon Musk Called Off His Acquisition of Twitter (theregister.com) 359

Elon Musk just tweeted a picture of himself laughing — along with a caption he'd apparently added himself.

"They said I couldn't buy Twitter. Then they wouldn't disclose bot info. Now they want to force me to buy Twitter in court. Now they have to disclose bot info in court."

In fact, tonight The Register cited one of the documents Twitter filed in court after Musk's lawyer argued Twitter had "failed or refused" to provide info on spam accounts. But so far it's just a letter Musk's lawyer wrote to the court on Friday, explaining in more detail why Musk wants to call off the acquisition: One segment of the document claims that Musk and his team sought "a variety of board materials, including a working, bottom-up financial model for 2022, a budget for 2022, an updated draft plan or budget, and a working copy of Goldman Sachs' valuation model underlying its fairness opinion."

"Twitter has provided only a pdf copy of Goldman Sachs' final Board presentation."

Other disclosures, the document states, "come with strings attached, use limitations or other artificial formatting features, which has rendered some of the information minimally useful to Mr. Musk and his advisors.

"For example, when Twitter finally provided access to the eight developer 'APIs' first explicitly requested by Mr. Musk in the May 25 Letter, those APIs contained a rate limit lower than what Twitter provides to its largest enterprise customers. Twitter only offered to provide Mr. Musk with the same level of access as some of its customers after we explained that throttling the rate limit prevented Mr. Musk and his advisors from performing the analysis that he wished to conduct in any reasonable period of time.

"Additionally, those APIs contained an artificial 'cap' on the number of queries that Mr. Musk and his team can run regardless of the rate limit — an issue that initially prevented Mr. Musk and his advisors from completing an analysis of the data in any reasonable period of time," the document states.

Musk and his team raised the issue of query limits on June 29, but Twitter did not change the limit until July 6 — after Musk asked for its removal a second time.... Musk felt Twitter was in breach of the merger agreement. So he pulled the plug, leaving open the questions of why Twitter might have provided only limited access to its APIs, or why it could not offer more access given it operates at significant scale.

In fact, it's one of three reasons for ending the acquisition that Musk's lawyer makes in the letter. Materially-relevant figures on spam accounts were reason number one. ("Twitter has not provided information that Mr. Musk has requested for nearly two months notwithstanding his repeated, detailed clarifications intended to simplify Twitter's identification, collection, and disclosure of the most relevant information sought in Mr. Musk's original requests.")

But there's more... Musk's lawyer also argues Twitter is in breach of the merger agreement because of "materially inaccurate representations" — specifically their figures on monetizable daily active users. While Musk's analysis "remains ongoing, all indications suggest that several of Twitter's public disclosures...are either false or materially misleading." While Twitter has claimed they have a reasoned process for calculating monetizable daily active users (and the percentage of spam accounts), Musk's lawyer argues that instead the process "appears to be arbitrary and ad hoc," rendering Twitter's statements "false and misleading." And thus, "Mr. Musk has the right to seek rescission of the Merger Agreement in the event these material representations are determined to be false."

But finally Musk's lawyer provides a third reason for ending the acquisition. Twitter was required to "seek and obtain consent before deviating from its obligation to conduct its business in the ordinary course and 'preserve substantially intact the material components of its current business organization.'" The lawyer's letter argues that didn't happen: Twitter's conduct in firing two key, high-ranking employees, its Revenue Product Lead and the General Manager of Consumer, as well as announcing on July 7 that it was laying off a third of its talent acquisition team, implicates the ordinary course provision. Twitter has also instituted a general hiring freeze which extends even to reconsideration of outstanding job offers. Moreover, three executives have resigned from Twitter since the Merger Agreement was signed: the Head of Data Science, the Vice President of Twitter Service, and a Vice President of Product Management for Health, Conversation, and Growth.
But Twitter hadn't received "consent for changes in the conduct of its business, including for the specific changes listed above," according to Musk's lawyer, which "therefore constitute a material breach of Section 6.1 of the Merger Agreement."
Spam

FCC Cracks Down On Spam 'Auto Warranty' Robocalls (axios.com) 111

An anonymous reader quotes a report from Axios: The Federal Communications Commission on Thursday told carriers to stop delivering those annoying auto warranty robocalls and said it has launched a formal investigation. The scam has resulted in more than 8 billion unwanted and possibly illegal phone calls. It has been the top consumer robocall complaint for the past two years.

The FCC said it is working with a number of other agencies, including the Ohio attorney general, which is suing Roy Cox, Jr., Aaron Michael Jones, their Sumco Panama companies and other international associates said to be a part of the scam. The agency's enforcement bureau said it sent cease-and-desist letters to Call Pipe, Fugle Telecom, Geist Telecom, Global Lynks, Mobi Telecom, South Dakota Telecom, SipKonnect and Virtual Telecom to warn them to stop carrying this suspicious robocall traffic within 48 hours. The FCC said that its inquiry shows that the operation is still generating millions of apparently unlawful calls to consumers on a daily basis.

Twitter

Elon Musk Notifies Twitter He Is Terminating Deal (cnbc.com) 214

Elon Musk wants to end his deal to buy Twitter, reports CNBC citing a letter sent by a lawyer on his behalf. From the report: In the letter, disclosed in a Securities and Exchange Commission filing, Skadden Arps attorney Mike Ringler charged that "Twitter has not complied with its contractual obligations." Ringler claimed that Twitter did not provide Musk with relevant business information he requested, as Ringler said the contract would require. Musk has previously said he wanted to assess Twitter's claims that about 5% of its monetizable daily active users (mDAUs) are spam accounts.

"Twitter has failed or refused to provide this information," Ringler claimed. "Sometimes Twitter has ignored Mr. Musk's requests, sometimes it has rejected them for reasons that appear to be unjustified, and sometimes it has claimed to comply while giving Mr. Musk incomplete or unusable information." Ringler also charged in the letter that Twitter breached the merger agreement because it allegedly contains "materially inaccurate representations." This accusation is based on Musk's own preliminary review of spam accounts on Twitter's platform. Twitter has said it's not possible to calculate spam accounts from solely public information and that a team of experts conducts a review to reach the 5% figure.

"While this analysis remains ongoing, all indications suggest that several of Twitter's public disclosures regarding its mDAUs are either false or materially misleading," Ringer alleged. He also claimed Twitter breached its obligations under the agreement to get Musk's consent before changing its ordinary course of business, pointing to recent layoffs at the company. Twitter shares were down about 5% after hours on Friday.
The $44 billion deal was first announced by Twitter on April 25th but was placed "on hold" two weeks later after the social network reported that false or spam accounts comprised less than 5 percent of its 226 million monetizable daily active users, a figure that Musk says the company was not able to prove.

"Twitter deal temporarily on hold pending details supporting calculation that spam/fake accounts do indeed represent less than 5% of users," Musk tweeted at the time. However, in a follow-up tweet, he added that he was "still committed to [the] acquisition."

Yesterday, Twitter executives told reporters in a briefing that the social network removes more than 1 million spam accounts each day. This raises the question... how many new real accounts does it get each day?

UPDATE: Twitter says it's going to sue Musk for trying to back out of the deal. "The Twitter Board is committed to closing the transaction on the price and terms agreed upon with Mr. Musk and plans to pursue legal action to enforce the merger agreement," tweeted Twitter's chairman, Bret Taylor, less than an hour after Musk's legal team said he wanted out of the deal in a filing with the Securities and Exchange Commission. "We are confident we will prevail in the Delaware Court of Chancery."
Spam

Twitter Says It Removes Over 1 Million Spam Accounts Each Day (reuters.com) 35

Twitter removes more than 1 million spam accounts each day, executives told reporters in a briefing on Thursday, providing new insight into efforts to reduce harmful automated bots as billionaire Elon Musk has demanded more details from the social media company. Reuters reports: The briefing comes after Musk threatened to halt a $44 billion deal to purchase Twitter unless the company showed proof that spam and bot accounts were fewer than 5% of users who see advertising on the social media service. Musk previously tweeted that one of his biggest priorities after acquiring Twitter is to "defeat the spam bots or die trying."

On a conference call, the company reiterated that spam accounts were well under 5% of users who are served advertising, a figure that has been unchanged in its public filings since 2013. Human reviewers manually examine thousands of Twitter accounts at random and use a combination of public and private data in order to calculate and report to shareholders the proportion of spam and bot accounts on the service, Twitter said. The company said it does not believe a calculation of such accounts could be performed externally because it would require private information, but declined to comment on the type of data it would provide to Musk.

Google

Google Moves To Keep Campaign Messages Out of Spam (axios.com) 138

Google has asked the Federal Election Commission to green light a program that could keep campaign emails from ending up in spam folders, according to a filing obtained by Axios. From a report: Google has come under fire that its algorithms unfairly target conservative content across its services, and that its Gmail service filters more Republican fundraising and campaign emails to spam. Republican leadership introduced a bill this month that would require platforms to share how their filtering techniques work and make it illegal to put campaign emails into spam unless a user asks. Google's pilot program, per the June 21 filing, would be for "authorized candidate committees, political party committees and leadership political action committees registered with the FEC." It would make campaign emails from such groups exempt from spam detection as long as they don't violate Gmail's policies around phishing, malware or illegal content. Instead, when users would receive an email from a campaign for the first time, they would get a âoeprominentâ notification asking if they want to keep receiving them, and would still have the ability to opt out of subsequent emails.
Social Networks

Texas AG Opens Investigation of Twitter Over Bots (texastribune.org) 119

Texas Attorney General Ken Paxton said Monday he is investigating Twitter over its reporting of how many accounts on the platform are from bots and fake users, saying the company may be misrepresenting the number to inflate its value and raise its revenue. The Texas Tribune reports: Twitter has claimed in its financial regulatory filings that less than 5% of its daily active users are spam accounts. But Paxton on Monday alleged that spam accounts could make up as much as 20% of users or more. "Bot accounts can not only reduce the quality of users' experience on the platform but may also inflate the value of the company and the costs of doing business with it, thus directly harming Texas consumers and businesses," Paxton said.

False reporting of fake users could be considered "false, misleading, or deceptive" under the Texas Deceptive Trade Practices Act, he said. Paxton sent Twitter a civil investigative demand, requiring the social media company to turn over documents related to how it calculates and manages its user data.

Google

Google Disables RCS Ads in India Following Rampant Spam by Businesses (techcrunch.com) 19

Google has halted businesses from using RCS for promotion in India, the company's biggest market by users, following reports of rampant spam by some firms in a setback for the standard that the company is hoping to help become the future of SMS messaging. From a report: Rich Communication Services, or RCS, is the collective effort of a number of industry players to supercharge the traditional SMS with modern features such as richer texts and end-to-end encryption. Google, Samsung and a number of other firms including telecom operators have rolled out support for RCS to hundreds of millions of users worldwide in recent years. Google said last month that RCS messaging in the Messages app for Android had amassed over 500 million monthly active users. The problem, however, is that scores of businesses in India including top banks and other lending firms have been abusing the feature to send unsolicited promotional materials to any individual's phone number they can find in the country.
Google

Google Messages RCS Is Being Abused For Ads In India (9to5google.com) 11

Over the past few weeks, Google Messages users in India have been reporting more and more ads showing up through RCS messaging. 9to5Google reports: While many brands -- even in the US and other countries -- have used messaging apps and SMS texts to advertise new products to former customers, these ads going on in India are not necessarily the result of a user's buying activity. Business messaging on RCS, as Google's Jibe website points out, is supposed to be used for things such as sending copies of your travel tickets or sending links for buying additional products based on a past purchase based on a user's request. [...] That is very much not what is happening in India right now.

Brought to our attention by Ishan Argwal on Twitter, RCS ads in Google Messages appear to be coming from "Verified Business" accounts. Google first announced that functionality back in 2020, for the purposes of allowing customers to talk to businesses. Advertising was surely part of the functionality, but it's clearly being abused in India. Android Police says these ads have been going out for almost a year now, citing examples of ads sent by Kotak Mahindra Bank, Bajaj Finserv, Buddy Loan, and PolicyBazaar. From what we can tell from user reports, it appears the frequency of these ads has been picking up over the past few months especially.

These ads are not harmless, either, with many of the examples we've seen being for personal loans, a category that tends to be full of predatory practices. One user reports that they were sent one of these ads on a phone that didn't even have an active SIM card in it. Currently, it seems as though this practice is primarily happening in the Indian market, at least in this quantity. What can be done about these ads in Google Messages? The solutions are all not quite ideal, unfortunately. You can report these businesses and block them from sending future messages [...]. Alternatively, you can turn off RCS features entirely within the Google Messages app.

Twitter

Elon Musk Warns Twitter Users, 'You Are Being Manipulated by the Algorithm' (twitter.com) 281

Twitter's potential new owner just made this announcement to his 93.1 million followers. "Very important to fix your Twitter feed," the annoncement began: 1. Tap home button.
2. Tap stars on upper right of screen.
3. Select "Latest tweets".

You are being manipulated by the algorithm in ways you don't realize.

Easy to switch back & forth to see the difference.

Currently it's been pinned to the top of Elon Musk's Twitter feed. And minutes later, he added this reply to his own tweet. "This message brought to you by the Illuminaughty."

Hours later Musk posted some clarification. "I'm not suggesting malice in the algorithm, but rather that it's trying to guess what you might want to read and, in doing so, inadvertently manipulate/amplify your viewpoints without you realizing this is happening.

"Not to mention potential bugs in the code. Open source is the way to go to solve both trust and efficacy."

Musk's motivation isn't clear — but just minutes earlier he'd tweeted a reply to own tweet from Friday that had suggested Twitter users check a sample of 100 Twitter accounts for the percentage of fake/spam/duplicate accounts. "I picked 100 as the sample size number," Musk had added as a reply Friday, "because that is what Twitter uses to calculate less than 5% fake/spam/duplicate." Musk's follow-up tweet today?

"Twitter legal just called to complain that I violated their NDA by revealing the bot check sample size is 100! This actually happened."

The tweets follow three more from the last 24 hours which all apparently comment wryly on Musk's planned acquisition of Twitter. "Whoever thought owning the libs would be cheap never tried to acquire a social media company!" Musk tweeted earlier this afternoon. "At least, that's what the lib hivemind thinks haha."

And an earlier tweet appeared to allude to his recently-expressed interest in the number of fake/spam accounts on Twitter. Friday night, Elon Musk tweeted:

"The bots are angry at being counted."

Slashdot Top Deals