According to Japan's Financial Services Agency (FSA), the country has at least 3.5 million individuals that are trading with cryptocurrencies as actual assets. "Among them, crypto investors in their 20s, 30s and 40s make up a major share, accounting for 28, 34, and 22 percent, respectively, of the total crypto trader population in Japan," reports CoinDesk. From the report: Announced at the first meeting of a cryptocurrency exchange study group established by the FSA in early March, the data release marks the latest effort by the financial watchdog in bringing greater transparency to the industry following a recent hack of one of the domestic exchange Coincheck. According to the FSA, the study and disclosure of the domestic trading statistics is a first step towards a more comprehensive examination over institutional issues in the cryptocurrency trading space in Japan. In comparison, the financial regulator also disclosed in the latest report that the number of traders investing in cryptocurrency margins and futures is about 142,842 as of the end of March. What's perhaps notable is the major contrast in the growth of yearly trading volume drawn to these two different types of investments. According to the FSA's data, for example, yearly trading volume of the actual bitcoin cryptocurrency has grown from $22 million as of Mar. 31 in 2014 to $97 billion in 2017. Yet at the same time, trading on margins, credit and futures of bitcoin as an underlying asset has surged from only $2 million in 2014 to a whopping $543 billion just in 2017 alone, the agency said.

A federal court in Texas today has ordered Apple to pay $502.6 million to a patent troll called VirnetX, the latest twist in a dispute now in its eighth year. "VirnetX claimed that Apple's FaceTime, VPN on Demand and iMessage features infringe four patents related to secure communications, claims that Apple denied," reports Bloomberg. From the report: The dispute has bounced between the district court, patent office and Federal Circuit since 2010. There have been multiple trials, most recently one involving earlier versions of the Apple devices. A jury in that case awarded $302 million that a judge later increased to $439.7 million. Kendall Larsen, CEO of VirnetX, said the damages, which were based on sales of more than 400 million Apple devices, were "fair." "The evidence was clear," Larsen said after the verdict was announced. "Tell the truth and you don't have to worry about anything." For VirnetX, the jury verdict in its favor could be a short-lived victory. The Patent Trial and Appeal Board has said the patents are invalid, in cases that are currently before the U.S. Court of Appeals for the Federal Circuit in Washington. The Federal Circuit, which handles all patent appeals, declined to put this trial on hold, saying it was so far along that a verdict would come before a final validity decision.

A few months ago, Theranos laid off almost half of its workforce as it struggled to recover from the backlash generated when the company failed to provide accurate results to patients using its proprietary blood test technology. Now, according to people familiar with the matter, the company is laying off most of its remaining workforce in a last-ditch effort to preserve cash and avert or at least delay bankruptcy for a few more months. MarketWatch reports: Tuesday's layoffs take the company's head count from about 125 employees to two dozen or fewer, according to people familiar with the matter. As recently as late 2015, Theranos had about 800 employees. Elizabeth Holmes, the Silicon Valley firm's founder and chief executive officer, announced the layoffs at an all-employee meeting at Theranos's offices in Newark, Calif. on Tuesday, less than a month after settling civil fraud charges with the U.S. Securities and Exchange Commission. Under the SEC settlement, Holmes was forced to relinquish her voting control over the company she founded 15 years ago as a 19-year-old Stanford dropout, give back a big chunk of her stock, and pay a $500,000 penalty. She also agreed to be barred from being an officer or director in a public company for 10 years.

Democratic Senators Edward J. Markey (D-Mass.) and Richard Blumenthal (D-Conn.) today proposed a "privacy bill of rights" that would prevent Facebook and other websites from sharing or selling sensitive information without a customer's opt-in consent. The proposed law would protect customers' web browsing and application usage history, private messages, and any sensitive personal data such as financial and health information. Ars Technica reports: Markey teamed with Sen. Richard Blumenthal (D-Conn.) to propose the Customer Online Notification for Stopping Edge-provider Network Transgressions (CONSENT) Act. You can read the full legislation here. "Edge providers" refers to websites and other online services that distribute content over consumer broadband networks. Facebook and Google are the dominant edge providers when it comes to advertising and the use of customer data to serve targeted ads. No current law requires edge providers to seek customers' permission before using their browsing histories to serve personalized ads. The online advertising industry uses self-regulatory mechanisms in which websites let visitors opt out of personalized advertising based on browsing history, and websites can be punished by the Federal Trade Commission (FTC) if they break their privacy promises.

The Markey/Blumenthal bill's stricter opt-in standard would require edge providers to "obtain opt-in consent from a customer to use, share, or sell the sensitive customer proprietary information of the customer." Edge providers would not be allowed to impose "take-it-or-leave-it" offers that require customers to consent in order to use the service. The FTC and state attorneys general would be empowered to enforce the new opt-in requirements. The bill would require edge providers to notify users about all collection, use, and sharing of their information. The bill also requires edge providers "to develop reasonable data security practices" and to notify customers about data breaches that affect them.

An anonymous reader quotes a report from The Verge: Twitter today pledged to support a proposed Senate bill that would require technology platforms that sell advertising space to disclose the source of and amount of money paid for political ads. Called the Honest Ads Act, the bipartisan bill was first introduced back in October by Sen. Amy Klobuchar (D-MN), Sen. Mark Warner (D-VA), and Sen. John McCain (R-AZ). As part of its transparency efforts, Twitter says it's launched a new platform called the Ads Transparency Center, or ATC, that will "go beyond the requirements of the Honest Ads Act and eventually provide increased transparency to all advertisements on Twitter." Twitter says the platform will increase transparency for political and so-called issue ads, which target specific topics like immigration and gun control, by providing even more information on the origin of an ad that is required by the Honest Ads Act. "We have a dedicated team that is fully resourced to implementing the ATC and are committed to launching it this summer," the company states. "Twitter is moving forward on our commitment to providing transparency for online ads. We believe the Honest Ads Act provides an appropriate framework for such ads and look forward to working with bill sponsors and others to continue to refine and advance this important proposal."

A vulnerability affecting emergency alert systems supplied by ATI Systems, one of the leading suppliers of warning sirens in the USA, could be exploited remotely via radio frequencies to activate all the sirens and trigger false alarms. From a report: "We first found the vulnerability in San Francisco, and confirmed it in two other US locations including Sedgwick County, Wichita, Kansas," Balint Seeber, Director of Threat Research at Bastille, told Help Net Security. "Although we have not visited other locations to confirm the presence of the vulnerability, ATI Systems has customers in the US and overseas from the military, local government, educational and energy sectors.

"ATI features customers on its website around the US including One World Trade Center, WestPoint Military Academy and Entergy Nuclear Indian Point which are all in New York State, UMASS Amherst in Massachusetts, Eastern Arizona College, University of South Carolina and Eglin Air Force Base in Florida, amongst others." The vulnerability stems from the fact that the radio protocol used to control the sirens is not secure: activation commands are sent "in the clear," i.e. no encryption is used.

Mozilla says it will follow in the steps of Google Chrome and start blocking the loading of FTP subresources inside HTTP and HTTPS pages. From a report: By FTP subresources, we refer to files loaded via the FTP protocol inside img, script, or iframe tags that have a src="ftp://". FTP links placed inside normal angle bracket links or typed directly in the browser's address bar will continue to work. The reasoning is that FTP is an insecure protocol that doesn't support modern encryption techniques and will inherently break many other built-in browser security and privacy features, such as HSTS, CSP, XSA, or others. Furthermore, many malware distribution campaigns often rely on compromising FTP servers and redirecting or downloading malware on users' computers via FTP subresources. Mozilla engineers say FTP subresource blocking will ship with Firefox 61, currently scheduled for release on June 26.

Some dissatisfied Facebook engineers are reportedly attempting to switch divisions to work on Instagram or WhatsApp, rather than continue work on the platform responsible for the Cambridge Analytica scandal, according to a recent report from the New York Times. An anonymous reader writes: Many believe Facebook should have done more to handle the data responsibly, and the events that followed increased scrutiny against Facebook, reportedly taking a toll on employees working on the platform. Since the news came out, CEO Mark Zuckerberg and COO Sheryl Sandberg have spoken to the media on a few occasions, but it was days before the company commented on the scandal, which it now estimates around 87 million total users affected. Then, a leaked memo from Facebook executive Andrew Bosworth written in 2016 revealed a "growth at all costs" mentality that put Facebook in a position to be held responsible for the situation it's found itself in. As it became evident that Facebook's core product might be to blame, engineers working on it reportedly found it increasingly difficult to stand by what it built.

An anonymous reader shares a report: Linux computer manufacturer System76 made its mark in part because of its commitment to open source principles and doing what it believes is right. Last year it released its homegrown Linux, Pop!_OS. In early March, System76 founder Carl Richell tweeted about the company's plans to locate its computer manufacturing factory in Denver, Colorado. By moving its manufacturing from China to the United States, System76 is offering more proof that it's not afraid to buck prevailing tech norms to do things "the System76 way." Carl Richell, founder and CEO of System76, says in a Twitter exchange that they anticipate shipping products from the factory by the end of the year.

Soon, it will be much easier to log into more websites using a hardware key plugged into your laptop, a dedicated app, or even the fingerprint scanner on your phone. Motherboard: On Tuesday, a spread of organizations and businesses, including top browser vendors such as Microsoft and Google, announced a new standards milestone that will streamline the process for web developers to add extra login methods to their sites, potentially keeping consumers' accounts and data more secure. "For users, this will be a natural transition. People everywhere are already using their fingers and faces to 'unlock' their mobile phones and PCs, so this will be natural to them -- and more convenient," Brett McDowell, executive director at the FIDO Alliance, one of the organizations involved in setting up the standard, told Motherboard in an email.

"What they use today to 'unlock' will soon allow them to 'login' to all their favorite websites and a growing number of native apps that already includes Bank of America, PayPal, eBay and Aetna," he added. Passwords continue to be one of the weaker points in online security. A hacker may phish a target's password and log into their account, or take passwords from one data breach and use them to break into accounts on another site. The login standard, called Web Authentication (WebAuthn), will let potentially any website or online service use apps, security keys, or biometrics as a login method instead of a password, or use those alternative approaches as a second method of verification. The key here is making it easy and open for developers to use, and for it to work across all different brands of browsers. The functionality is already available in Mozilla's Firefox, and will be rolled out to Microsoft's Edge and Google Chrome in the new few months. Opera has committed to supporting WebAuthn as well.

Several high-profile music videos on YouTube were mysteriously deleted early Tuesday, in what appears like the result of a security compromise. Some of the videos that have been pulled from Google's video platform include Luis Fonsi and Daddy Yankee's "Despacito" -- which is also the most popular video on the platform. Users reported Tuesday that the thumbnail of the video was replaced by a masked gang holding guns, who identify themselves as "Prosox and Kuroi'sh." Several songs from DJ Snake, Drake, Katy Perry, Selena Gomez, Shakira, and Taylor Swift have also been either deleted or altered with. On Twitter, a person who claims to be one of the hackers, said, "@YouTube Its just for fun i just use script "youtube-change-title-video" and i write "hacked" don t judge me i love youtube." Google has yet to acknowledge the incident. Further reading: BBC.

An anonymous reader quotes a report from KATU: Oregon Gov. Kate Brown signed a bill Monday withholding state business from internet providers who throttle traffic, making the state the second to finalize a proposal aimed at thwarting moves by federal regulators to relax net neutrality requirements. The bill stops short of actually putting new requirements on internet service providers in the state, but blocks the state from doing business with providers that offer preferential treatment to some internet content or apps, starting in 2019. The move follows a December vote by the Federal Communications Commission repealing Obama-era rules that prohibited such preferential treatment, referred to generally as throttling, by providers like AT&T, Comcast, and Verizon. Brown's signature makes the state the second to enact such legislation, according to the National Conference of State Legislatures. It also stakes out the state's claim to a moderate approach, compared to others: Five weeks to the day before Brown, Washington State Gov. Jay Inslee signed a bill in his state to directly regulate providers there. The prohibition, which restricts with whom the state may contract for internet services, applies to cities and counties, but exempts areas with only a single provider.

The mobile apps for four popular news apps in China, including the most popular aggregator, Jinri Toutiao, were removed from a number of Chinese smartphone app stores following reports of a crackdown by the country's media watchdog, local media reported on Monday. From the report: Toutiao, with about 120 million daily active users, was not available on the app stores of smartphone manufacturers Xiaomi and Meizu on Monday afternoon. The apps for Tiantian Kuaibao, Netease News and Ifeng News were also not found on Xiaomi. China's authorities have asked several of the country's smartphone app stores to remove the four apps by 3pm on Monday as part of efforts to "regulate order in the broadcasting environment," according to Chinese news portal Sohu.com. The apps will be removed for between three days to three weeks, with Toutiao being offline for the longest period, according to the Sohu report. [...] China has shut down more than 13,000 websites in the last three years as Beijing sought to tighten its grip on the internet.