An anonymous reader quotes a report from The New York Times: Palantir, a Silicon Valley company with strong links to the defense and intelligence communities, is poised to be the latest in a string of tech companies to offer shares on Wall Street well before turning a profit. The company sent financial documents to its investors on Thursday night, ahead of its planned debut on the public markets this year. The documents, obtained by The New York Times, offer the first full look into the company's financials and operations and show growing operating expenses as well as deep losses.

Palantir's revenue in 2019 was $742.5 million, nearly 25 percent more than the year before. Its net loss of $580 million was about the same as 2018. And expenses were up 2 percent in 2019 to a little more than $1 billion. The company, which has raised more than $3 billion in funding and is valued by private market investors at $20 billion, has not turned a profit since it was founded in 2003. As early as 2014, Palantir hadfanned expectations that it would soon hit $1 billion in revenue. Six years later, it appears to be closing in on that goal. In the first six months of this year, Palantir's revenue was $481 million. According to the documents, first reported by TechCrunch, Palantir plans to go public via a direct listing, "in which no new shares are issued and no new funds are raised," the report says. "In most direct listings, shareholders are not bound by a traditional lockup period before they can sell their stock. But Palantir has imposed a 180-day lockup period. It will allow shareholders to sell 20 percent of their common stock immediately, but they must wait for the lockup to expire to sell more."

"Palantir has arranged a structure to ensure that its founders retain power. They have a special class of shares, Class F, that will have a variable number of votes to ensure the founders control 49.999999 percent of the company's voting power, even if they sell some of their shares. The company argued to its investors that this structure would allow it to stay 'Founder-led' after it went public."

A lesser-known technology known as "mailto" links can be abused to launch attacks on the users of email desktop clients. From a report: The new attacks can be used to secretly steal local files and have them emailed as attachments to attackers, according to a research paper published last week by academics from two German universities. The "vulnerability" at the heart of these attacks is how email clients implemented RFC6068 -- the technical standard that describes the 'mailto' URI scheme. Mailto refer to special types of links, usually supported by web browsers or email clients. These are links that, when clicked, they open a new email compose/reply window rather than a new web page (website). RFC6068 says that mailto links can support various parameters. When used with mailto links, these parameters will pre-fill the new email window with predefined content.

Some leaked speedtests from beta users of SpaceX's Starlink satellite-broadband service "aren't showing the gigabit speeds SpaceX teased," writes Ars Technica, "but it's early." Long-time Slashdot reader AmiMoJo shared their report: Beta users of SpaceX's Starlink satellite-broadband service are getting download speeds ranging from 11Mbps to 60Mbps, according to tests conducted using Ookla's speedtest.net tool. Speed tests showed upload speeds ranging from 5Mbps to 18Mbps. The same tests, conducted over the past two weeks, showed latencies or ping rates ranging from 31ms to 94ms. This isn't a comprehensive study of Starlink speeds and latency, so it's not clear whether this is what Internet users should expect once Starlink satellites are fully deployed and the service reaches commercial availability....

Links to 11 anonymized speed tests by Starlink users were posted by a Reddit user yesterday... A new Reddit post listing more speed tests shows some Starlink users getting even lower latency of 21ms and 20ms.

Beta testers must sign non-disclosure agreements, so these speed tests might be one of the only glimpses we get of real-world performance during the trials. SpaceX has told the Federal Communications Commission that Starlink would eventually hit gigabit speeds, saying in its 2016 application to the FCC that "once fully optimized through the Final Deployment, the system will be able to provide high bandwidth (up to 1Gbps per user), low latency broadband services for consumers and businesses in the US and globally." SpaceX has launched about 600 satellites so far and has FCC permission to launch nearly 12,000.

While 60Mbps isn't a gigabit, it's on par with some of the lower cable speed tiers and is much higher than speeds offered by many DSL services in the rural areas where SpaceX is likely to see plenty of interest.

At the Black Hat security conference, researchers from the Taiwanese cybersecurity firm CyCraft revealed at least seven Taiwanese chip firms have been breached over the past two years, reports Wired: The series of deep intrusions — called Operation Skeleton Key due to the attackers' use of a "skeleton key injector" technique — appeared aimed at stealing as much intellectual property as possible, including source code, software development kits, and chip designs. And while CyCraft has previously given this group of hackers the name Chimera, the company's new findings include evidence that ties them to mainland China and loosely links them to the notorious Chinese state-sponsored hacker group Winnti, also sometimes known as Barium, or Axiom. "This is very much a state-based attack trying to manipulate Taiwan's standing and power," says Chad Duffy, one of the CyCraft researchers who worked on the company's long-running investigation...

The researchers found that, in at least some cases, the hackers appeared to gain initial access to victim networks by compromising virtual private networks, though it wasn't clear if they obtained credentials for that VPN access or if they directly exploited vulnerabilities in the VPN servers. The hackers then typically used a customized version of the penetration testing tool Cobalt Strike, disguising the malware they planted by giving it the same name as a Google Chrome update file. They also used a command-and-control server hosted on Google's or Microsoft's cloud services, making its communications harder to detect as anomalous....

Perhaps the most remarkable of those new clues came from essentially hacking the hackers. CyCraft researchers observed the Chimera group exfiltrating data from a victim's network and were able to intercept an authentication token from their communications to a command-and-control server. Using that same token, CyCraft's analysts were able browse the contents of the cloud server, which included what they describe as a "cheat sheet" for the hackers, outlining their standard operating procedure for typical intrusions. That document was notably written in simplified Chinese characters, used in mainland China but not Taiwan...
"It's possible that what they're seeing is just a small fragment of a larger picture," says the director of Kaspersky's Global Research & Analysis Team, who tells Wired the group has also attacked telecoms, tech firms, and a broad range of other Taiwanese companies.

But in the same article one of CyCraft's researchers argues the group could be looking for even more exploits. "If you have a really deep understanding of these chips at a schematic level, you can run all sorts of simulated attacks on them and find vulnerabilities before they even get released."

A consumer advocacy group is suing Zoom and seeking millions of dollars in damages, accusing the company of misleading its users about the strength of its encryption protections. From a report: The nonprofit group Consumer Watchdog is also accusing the videoconferencing company of deceiving users about the extent of its links with China and the fact that some calls between people in North America were routed through servers in China. That raises the danger Beijing could steal or demand access to the contents of those calls, according to a copy of the lawsuit, which was shared exclusively with The Cybersecurity 202.

Those phony claims "lull[ed] consumers and businesses into a false sense of security" and helped Zoom to soar in popularity during the early months of the pandemic, according the lawsuit, which was filed late yesterday in Washington D.C. Superior Court. The consumer group fears that if Zoom isn't punished, other companies will be incentivized to make false claims about their security and privacy protections to attract users and stand out against competitors.

It will finally be slightly easier to share files, images, links, and other content between Android devices. Google is launching a new Android feature called "Nearby Share" that enables direct sharing between any device running Android 6 and up. Nearby Share is already available on some Pixel and Samsung phones, and Google says it'll arrive on other devices "over the next few weeks." From a report: Nearby Share works very much like Apple's AirDrop feature for the iPhone: you simply select the Nearby Share button on the share menu and then wait for a nearby phone to appear. Then whatever thing you're sharing is sent directly over your transfer method of choice to the other phone. As with AirDrop, you can set your preferred visibility for Nearby Share to different levels of contacts: all, some, or stay hidden. Google says it's even possible to "send and receive files anonymously." (Welcome to AirSlothing, Android users.) Nearby Share also shares files directly via whatever method your two phones deem is fastest: "Bluetooth, Bluetooth Low Energy, WebRTC or peer-to-peer Wi-Fi," which Google says should allow it to work offline.

For 25 years, until 2010, Larry King had a live interview show on CNN. But now ProPublica reports "In the twilight of a remarkable radio and television career spanning more than six decades, battling health problems but determined to stay in the public eye, King was ensnared in an international disinformation scheme."

It involved filming Larry King asking questions, and then later splicing in responses from Anastasia Dolgova (an employee of a Russia state-owned broadcaster) — and then widely promoting the footage on social media: Posted on YouTube under the title "Larry King US China Special Conference 2019," and quickly spread by social media accounts linked to Chinese government influence operations, the fake interview went viral across Chinese-language social media, likely reaching hundreds of thousands of users on Twitter, Facebook and YouTube... By conveying Chinese disinformation through a journalist for Russian media, it may exemplify the increasing media cooperation between the two countries...

ProPublica found that the Chinese government was involved in distributing the video. Our analysis of data released by Twitter showed that nearly 250 fake accounts linked to China's government shared nearly 40 different links to the video a total of more than 500 times. Around half of those fake accounts had more than 10,000 followers... In September 2018, six months before King taped the Dolgova video, Putin and Chinese President Xi Jinping attended a ceremony in Vladivostok, Russia. There, the Russian state-controlled Rossiya Segodnya news agency and Chinese state-controlled China Media Group signed an agreement to cooperate in news exchange, joint reporting and distribution, and promotion of each other's reports, especially on social media...

The Russia-China partnership reflects the alignment of the two countries' political messaging, as both promote alternatives to liberal democracy in a post-Cold War world. To achieve that goal, the Kremlin is building a "global media conglomerate," said Nataliya Bugayova, a research fellow at the Institute for the Study of War, a Washington, D.C.-based think tank. Russian media outlets have signed more than 50 cooperation agreements with foreign media since 2015, she said...

In a telephone interview, King expressed remorse and bewilderment.

Germany's top court handed down its first ruling since the EU's GDPR laws went into effect in mid-2018. The court "sided with Google and rejected requests to wipe entries from search results," reports German public broadcaster DW (in an article shared by long-time Slashdot reader AmiMoJo): The cases hinged on whether the right to be forgotten outweighed the public's right to know...

In the first case, a former managing director of a charity had demanded Google remove links to certain news articles that appeared in searches of his name. The articles from 2011 reported that the charity was in financial trouble and that the manager had called in sick. He later argued in court that information on his personal health issues should not be divulged to the public years later. The court ruled that whether links to critical articles have to be removed from the search list always depends on a comprehensive consideration of fundamental rights in the individual case.

A second case was referred to the European Court of Justice. It concerned two leaders of a financial services company that sought to have links to negative reports about their investment model removed. The couple had argued that the US-based websites, which came up in the searches for their names, were full of fake news and sought to market other financial services providers.

This is the first ruling by Germany's top court since the EU's general data protection regulation came into effect in 2018. It gives EU citizens extensive rights to demand corporations immediately delete personal data.

Twitter said Thursday night that it has "significantly limited" access to its internal tools after it learned that the high-profile hack earlier this month affecting dozens of major accounts was the result of a phishing attack targeting the phones of a "small number of employees." From a report: "This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems," Twitter said in a tweet. A phishing attack is a type of cyberattack in which hackers try to trick victims into opening malicious emails or links disguised as legitimate web content. In addition to clamping down on access to administrative systems, Twitter said it was also accelerating the rollout of "security work streams" that had already been in progress.

A disinfo operation broke into the content management systems of Eastern European media outlets in a campaign to spread misinformation about NATO. Wired reports: On Wednesday, security firm FireEye released a report on a disinformation-focused group it's calling Ghostwriter. The propagandists have created and disseminated disinformation since at least March 2017, with a focus on undermining NATO and the US troops in Poland and the Baltics; they've posted fake content on everything from social media to pro-Russian news websites. In some cases, FireEye says, Ghostwriter has deployed a bolder tactic: hacking the content management systems of news websites to post their own stories. They then disseminate their literal fake news with spoofed emails, social media, and even op-eds the propagandists write on other sites that accept user-generated content. That hacking campaign, targeting media sites from Poland to Lithuania, has spread false stories about US military aggression, NATO soldiers spreading coronavirus, NATO planning a full-on invasion of Belarus, and more.

"They're spreading these stories that NATO is a danger, that they resent the locals, that they're infected, that they're car thieves," says John Hultquist, director of intelligence at FireEye. "And they're pushing these stories out with a variety of means, the most interesting of which is hacking local media websites and planting them. These fictional stories are suddenly bona fide by the sites that they're on, and then they go in and spread the link to the story."

FireEye itself did not conduct incident response analyses on these incidents and concedes that it doesn't know exactly how the hackers are stealing credentials that give them access to the content management systems that allow posting and altering news stories. Nor does it know who is behind the string of website compromises, or for that matter the larger disinformation campaign that the fake stories are a part of. But the company's analysts have found that the news site compromises and the online accounts used to spread links to those fabricated stories, as well as the more traditional creation of fake news on social media, blogs, and websites with an anti-US and anti-NATO bent, all tie back to a distinct set of personas, indicating one unified disinformation effort. FireEye's Hultquist points out that the campaign doesn't seem financially motivated, indicating a political or state backer, and notes that the focus on driving a wedge between NATO and citizens of Eastern Europe hints at possible Russian involvement.

An anonymous reader quotes a report from The New York Times: In a video posted Monday online, a group of people calling themselves "America's Frontline Doctors" and wearing white medical coats spoke against the backdrop of the Supreme Court in Washington, sharing misleading claims about the virus, including that hydroxychloroquine was an effective coronavirus treatment and that masks did not slow the spread of the virus. [...] The members of the group behind Monday's video say they are physicians treating patients infected with the coronavirus. But it was unclear where many of them practice medicine or how many patients they had actually seen. As early as May, anti-Obamacare conservative activists called the Tea Party Patriots Action reportedly worked with some of them to advocate loosening states' restrictions on elective surgeries and nonemergency care. On July 15, the group registered a website called "America's Frontline Doctors," domain registration records show. One of the first copies of the video that appeared on Monday was posted to the Tea Party Patriots' YouTube channel, alongside other videos featuring the members of "America's Frontline Doctors."

The video did not appear to be anything special. But within six hours, President Trump and his son Donald Trump Jr. had tweeted versions of it, and the right-wing news site Breitbart had shared it. It went viral, shared largely through Facebook groups dedicated to anti-vaccination movements and conspiracy theories such as QAnon, racking up tens of millions of views. Multiple versions of the video were uploaded to YouTube, and links were shared through Twitter. Facebook, YouTube and Twitter worked feverishly to remove it, but by the time they had, the video had already become the latest example of misinformation about the virus that has spread widely. That was because the video had been designed specifically to appeal to internet conspiracists and conservatives eager to see the economy reopen, with a setting and characters to lend authenticity. It showed that even as social media companies have sped up response time to remove dangerous virus misinformation within hours of its posting, people have continued to find new ways around the platforms' safeguards. [...] At least one version of the video, viewed by The Times on Facebook, was watched over 16 million times.

Rite Aid installed facial recognition technology across 200 stores in the U.S. "In the hearts of New York and metro Los Angeles, Rite Aid deployed the technology in largely lower-income, non-white neighborhoods," reports Reuters. "Among the technology the U.S. retailer used: a state-of-the-art system from a company with links to China and its authoritarian government." From the report: Over about eight years, the American drugstore chain Rite Aid Corp quietly added facial recognition systems to 200 stores across the United States, in one of the largest rollouts of such technology among retailers in the country, a Reuters investigation found. In the hearts of New York and metro Los Angeles, Rite Aid deployed the technology in largely lower-income, non-white neighborhoods, according to a Reuters analysis. And for more than a year, the retailer used state-of-the-art facial recognition technology from a company with links to China and its authoritarian government.

In telephone and email exchanges with Reuters since February, Rite Aid confirmed the existence and breadth of its facial recognition program. The retailer defended the technology's use, saying it had nothing to do with race and was intended to deter theft and protect staff and customers from violence. Reuters found no evidence that Rite Aid's data was sent to China. Last week, however, after Reuters sent its findings to the retailer, Rite Aid said it had quit using its facial recognition software. It later said all the cameras had been turned off. "This decision was in part based on a larger industry conversation," the company told Reuters in a statement, adding that "other large technology companies seem to be scaling back or rethinking their efforts around facial recognition given increasing uncertainty around the technology's utility."

Reuters pieced together how the company's initiative evolved, how the software has been used and how a recent vendor was linked to China, drawing on thousands of pages of internal documents from Rite Aid and its suppliers, as well as direct observations during store visits by Reuters journalists and interviews with more than 40 people familiar with the systems' deployment. Most current and former employees spoke on condition of anonymity, saying they feared jeopardizing their careers.

In Google's early years, users would type in a query and get back a page of 10 "blue links" that led to different websites. "We want to get you out of Google and to the right place as fast as possible," co-founder Larry Page said in 2004. Today, Google often considers that "right place" to be Google, an investigation by The Markup has found. From the report: We examined more than 15,000 recent popular queries and found that Google devoted 41 percent of the first page of search results on mobile devices to its own properties and what it calls "direct answers," which are populated with information copied from other sources, sometimes without their knowledge or consent. When we examined the top 15 percent of the page, the equivalent of the first screen on an iPhone X, that figure jumped to 63 percent. For one in five searches in our sample, links to external websites did not appear on the first screen at all. A trending search in our data for "myocardial infarction" shows how Google has piled up its products at the top. It returned:
Google's dictionary definition.
A "people also ask" box that expanded to answer related questions without leaving the search results page.
A "knowledge panel," which is an abridged encyclopedia entry with various links.
And a "related conditions" carousel leading to various new Google searches for other diseases.
All of these appeared before search results by WebMD, Harvard University, and Medscape. In fact, a user would have to scroll nearly halfway down the page -- about 42 percent -- before reaching the first "organic" result in that search.

Dreamwidth is an online journal service based on the LiveJournal codebase, according to Wikipedia — "a code fork of the original service, set up by ex-LiveJournal staff Denise Paolucci and Mark Smith, born out of a desire for a new community based on open access, transparency, freedom and respect."

"I discovered, about an hour ago, that all of my posts on Facebook which were links to Dreamwidth had vanished. Suddenly gone as if they'd never existed," complained Dreamwidth user Andrew Ducker on Sunday morning.

Though that afternoon he posted "All working fine now," thousands had already seen his original post (quoted below): I checked with Denise (one of the owners of Dreamwidth) to find out if she knew about it, and discovered that Facebook have stuck Dreamwidth on a block list...

This is unbelievably frustrating. And the kind of centralised, autocratic, opaque decision making which I loathe. Tens of thousands of active users, unable to share blog posts with Facebook (which, let's face it, is where most of my friends go for their socialising)...
"This may be an overzealous spam filter at work," Slashdot reader JoshuaZ had argued. But even before Facebook adjusted their filtering, Dreamwidth co-owner Mark Smith was calling it "definitely a bit of a /shrug moment... 'Facebook gonna Facebook' I think is approximately how we feel about this...

"We do not have any goals around growth, we don't advertise, and we ultimately don't care that much what the other platforms do. Our goal is to give people a stable home where they don't have to worry about their data being sold, their writing being monetized..."

An anonymous reader quotes a report from Motherboard: The fugitive executive of the embattled payment startup Wirecard was mentioned in a brazen and bizarre attempt to purchase hacking tools and surveillance technology from an Italian company in 2013, an investigation by Motherboard and the German weekly Der Spiegel found. Jan Marsalek, a 40-year-old Austrian who until recently was the chief operating officer of the rising fintech company Wirecard, seems to have taken a meeting with the infamous Italian surveillance technology provider Hacking Team in 2013. At the time, Marsalek is described as an official representative of the government of Grenada, a small Caribbean island of around 100,000 people, in a letter that bears the letterhead of the Grenada government. The documents were included in a cache published after Hacking Team was hacked in 2015. In recent days, Marsalek has been described as the 'world's most wanted man.'

It is unclear from the documents alone whether Marsalek played any role in the attempt to procure hacking tools, or whether his name was simply used. However, months before Marsalek appears to have contacted with Hacking Team, several websites with official sounding names such as StateOfGrenada.org were registered under the name of Jan Marsalek, as Der Spiegel reported last week. Some of the sites were registered with Marsalek's phone number and his Munich address at the time, and the servers were apparently operated from Germany. Wirecard provided digital payment services and was considered one of the most important companies in the financial tech industry. Wirecard offered a mobile payment app called Boon, which was essentially a virtual MasterCard card, it also offered a prepaid debit card called mycard2go, and worked with companies such as KLM, Rakuten, and Qatar Airways to manage their online transactions. The company suddenly collapsed in June after German regulators raided its headquarters as part of an investigation into fraudulent stock price manipulation and 1.9 billion euros that are missing from the company's books. Marsalek is now a fugitive and a key suspect in the German investigation. He reportedly fled to Belarus, and is now hiding in Russia under the protection of the FSB, according to German news reports. In the past, he was involved in other strange dealings: he bragged about an attempt to recruit 15,000 Libyan militiamen, and about a trip to Syria along with Russian military, according to the Financial Times.

Twitch has intervened to stop the US Army using fake prize giveaways on its esports channel to redirect viewers to army recruitment pages. From a report: The practice was brought to light by a report from The Nation on the use of esports as a recruitment tool by the American military. The US Army, Navy, and Air Force all field esports teams comprised of active and reserve personnel who stream on Twitch and chat with young viewers about life, video games, and the opportunities afforded by military service. "Esports is just an avenue to start a conversation," Major-General Frank Muth, head of the army's recruiting command, told ThinkTech Hawaii recently. "We go out there and we have a shared passion for esports ... and it naturally devolves into a conversation, 'What do you do?', 'I'm in the army.'"

This outreach included automated links dropped into the army's stream chat that told viewers they could win an Xbox Elite Series 2 controller in a "giveaway." But when anyone clicked the link, says The Nation, they were directed to "a recruiting form with no additional mention of a contest, odds, total number of winners, or when a drawing will occur." Viewers, streamers, and game developers reacted with anger to the news, saying that any other channel would face repercussions for such behavior. Twitch itself has now apparently forced the army to stop these giveaways, according to a report from Kotaku.

Brian Krebs has written a blog post with clues about who may have been behind yesterday's Twitter hack, which had some of the world's most recognizable public figures tweeting out links to bitcoin scams. An anonymous reader shares an excerpt from the report (though we strongly recommend you read the full analysis here): There are strong indications that this attack was perpetrated by individuals who've traditionally specialized in hijacking social media accounts via "SIM swapping," an increasingly rampant form of crime that involves bribing, hacking or coercing employees at mobile phone and social media companies into providing access to a target's account. In the days leading up to Wednesday's attack on Twitter, there were signs that some actors in the SIM swapping community were selling the ability to change an email address tied to any Twitter account. In a post on OGusers -- a forum dedicated to account hijacking -- a user named "Chaewon" advertised they could change email address tied to any Twitter account for $250, and provide direct access to accounts for between $2,000 and $3,000 apiece. "This is NOT a method, you will be given a full refund if for any reason you aren't given the email/@, however if it is revered/suspended I will not be held accountable," Chaewon wrote in their sales thread, which was titled "Pulling email for any Twitter/Taking Requests."

Hours before any of the Twitter accounts for cryptocurrency platforms or public figures began blasting out bitcoin scams on Wednesday, the attackers appear to have focused their attention on hijacking a handful of OG accounts, including "@6." That Twitter account was formerly owned by Adrian Lamo -- the now-deceased "homeless hacker" perhaps best known for breaking into the New York Times's network and for reporting Chelsea Manning's theft of classified documents. @6 is now controlled by Lamo's longtime friend, a security researcher and phone phreaker who asked to be identified in this story only by his Twitter nickname, "Lucky225."[...] But around the same time @6 was hijacked, another OG account -- @B -- was swiped. Someone then began tweeting out pictures of Twitter's internal tools panel showing the @B account. Another Twitter account -- @shinji -- also was tweeting out screenshots of Twitter's internal tools. Minutes before Twitter terminated the @shinji account, it was seen publishing a tweet saying "follow @6," referring to the account hijacked from Lucky225.

Cached copies of @Shinji's tweets prior to Wednesday's attack on Twitter are available here and here from the Internet Archive. Those caches show Shinji claims ownership of two OG accounts on Instagram -- "j0e" and "dead." KrebsOnSecurity heard from a source who works in security at one of the largest U.S.-based mobile carriers, who said the "j0e" and "dead" Instagram accounts are tied to a notorious SIM swapper who goes by the nickname "PlugWalkJoe." Investigators have been tracking PlugWalkJoe because he is thought to have been involved in multiple SIM swapping attacks over the years that preceded high-dollar bitcoin heists. Now look at the profile image in the other Archive.org index of the @shinji Twitter account (pictured below). It is the same image as the one included in the @Shinji screenshot above from Wednesday in which Joseph/@Shinji was tweeting out pictures of Twitter's internal tools.

This individual, the source said, was a key participant in a group of SIM swappers that adopted the nickname "ChucklingSquad," and was thought to be behind the hijacking of Twitter CEO Jack Dorsey's Twitter account last year. The mobile industry security source told KrebsOnSecurity that PlugWalkJoe in real life is a 21-year-old from Liverpool, U.K. named Joseph James Connor. The source said PlugWalkJoe is in Spain where he was attending a university until earlier this year. He added that PlugWalkJoe has been unable to return home on account of travel restrictions due to the COVID-19 pandemic. [...] If PlugWalkJoe was in fact pivotal to this Twitter compromise, it's perhaps fitting that he was identified in part via social engineering.

Microsoft is testing a number of Windows 10 upgrades to a small number of testers, including changes to the Alt-Tab function and a new Start menu design. The Verge reports: "We are freshening up the Start menu with a more streamlined design that removes the solid color backplates behind the logos in the apps list and applies a uniform, partially transparent background to the tiles," explains Microsoft in a blog post. Essentially, the reduction in the color of the blocky tiled interface on the Start menu will simplify it slightly and make it easier to scan for the apps you use on a daily basis. It's a subtle change, but it certainly makes the Start menu look a little less chaotic and avoids many tiles sharing a similar blue color.

Alongside an updated Start menu, the latest Windows 10 build includes some big changes to Alt-Tab. "Beginning with today's build, all tabs open in Microsoft Edge will start appearing in Alt-Tab, not just the active one in each browser window," explains Microsoft. This seems like a change that might be a little confusing for veteran Windows users, but Microsoft is thankfully allowing you to switch back to the classic Alt-Tab experience.

Microsoft is also making some smaller changes with this new Windows 10 build. The default taskbar appearance will also now be more personalized with the Xbox app pinned for Xbox Live users or Your Phone pinned for Android users. This will be limited to new account creation on a PC or first login, so existing taskbar layouts will remain unchanged. Notifications now include an X in the top right corner to allow you to quickly dismiss them, and Microsoft is also improving its Settings app in Windows 10. Links that would typically push you toward the system part of the legacy Control Panel system page will now direct you to the About page in Settings. This will now house the more advanced controls typically found in that system section of the Control Panel, and Microsoft is promising "there will be more improvements coming that will further bring Settings closer to Control Panel."

"Invisible outbreaks sprang up everywhere. The United States ignored the warning signs," writes the New York Times, in a detailed interactive data visualization.

"We analyzed travel patterns, hidden infections and genetic data to show how the epidemic spun out of control." By mid-February, there were only 15 known coronavirus cases in the United States, all with direct links to China... The patients were isolated. Their contacts were monitored. Travel from China was restricted.

None of that worked. Only a small part of the picture was visible. Some 2,000 hidden infections were already spreading through major cities...

Genetic samples linked to the Seattle outbreak appeared in at least 14 states, said Trevor Bedford, a professor at Fred Hutchinson Cancer Research Center... In New York City, where officials had found only a single case by March 1, roughly 10,000 infections had spread undetected... More than 5,000 contagious travelers left New York City in the first two weeks of March, estimates suggest... People [from New York City] also made more than 25,000 trips to New Orleans, where genetic data suggests that a large early outbreak stemmed from infections from New York...

Travel from the city helped to spread that variant across the country. "New York has acted as a Grand Central Station for this virus," said David Engelthaler of the Translational Genomics Research Institute. By the time President Trump blocked travel from Europe on March 13, the restrictions were essentially pointless. The outbreak had already been spreading widely in most states for weeks... The New Orleans outbreak helped seed infection across Louisiana and the South...

Even now, America remains in the dark. Most infected people are never tested. There is little capacity to trace and isolate the contacts to those who do test positive.

After the lockdowns expired, new cases spiked once again.