Discord isn’t exactly known for generous file-sharing limits, still, the messaging app offered a 25MB limit to free users. The company has now updated its support page to reflect the upload limit for free users has been lowered to 10MB.

A judge in Ohio has issued a temporary restraining order against a security researcher who presented evidence that a recent ransomware attack on the city of Columbus scooped up reams of sensitive personal information, contradicting claims made by city officials.

The order, issued by a judge in Ohio's Franklin County, came after the city of Columbus fell victim to a ransomware attack on July 18 that siphoned 6.5 terabytes of the city’s data. A ransomware group known as Rhysida took credit for the attack and offered to auction off the data with a starting bid of about $1.7 million in bitcoin. On August 8, after the auction failed to find a bidder, Rhysida released what it said was about 45 percent of the stolen data on the group’s dark web site, which is accessible to anyone with a TOR browser.

Columbus Mayor Andrew Ginther said on August 13 that a “breakthrough” in the city’s forensic investigation of the breach found that the sensitive files Rhysida obtained were either encrypted or corrupted, making them “unusable” to the thieves. Ginther went on to say the data’s lack of integrity was likely the reason the ransomware group had been unable to auction off the data.

Shortly after Ginther made his remarks, security researcher David Leroy Ross contacted local news outlets and presented evidence that showed the data Rhysida published was fully intact and contained highly sensitive information regarding city employees and residents. Ross, who uses the alias Connor Goodwolf, presented screenshots and other data that showed the files Rhysida had posted included names from domestic violence cases and Social Security numbers for police officers and crime victims. Some of the data spanned years.

On Thursday, the city of Columbus sued Ross for alleged damages for criminal acts, invasion of privacy, negligence, and civil conversion. The lawsuit claimed that downloading documents from a dark web site run by ransomware attackers amounted to him “interacting” with them and required special expertise and tools.

For Android users seeking a privacy-focused browser, Privacy Guides recommends Mull:

Mull is a privacy oriented and deblobbed Android browser based on Firefox. Compared to Firefox, it offers much greater fingerprinting protection out of the box, and disables JavaScript Just-in-Time (JIT) compilation for enhanced security. It also removes all proprietary elements from Firefox, such as replacing Google Play Services references.

Mull enables many features upstreamed by the Tor uplift project using preferences from Arkenfox. Proprietary blobs are removed from Mozilla's code using the scripts developed for Fennec F-Droid.

X briefly discouraged users from viewing a link to an NPR story about Donald Trump's recent visit to Arlington National Cemetery, raising questions about whether the Elon Musk-owned platform is putting its thumb on the scale for the former president.

On Thursday, NPR reporter Stephen Fowler posted a link to a story in which he quoted an Army official who said that an employee at Arlington National Cemetery was “abruptly pushed aside” during an event attended by Trump and members of his campaign earlier this week. The outlet had previously reported that there was a “physical altercation” at the event with campaign staff over federal laws barring campaign activities at the cemetery.

Some users on X who attempted to click a link to the story were greeted with a warning message saying that X deemed that “this link may be unsafe.” It stated that it could be malicious, violent, spammy or otherwise violate the platform’s rules, but didn't explain why the link was flagged. Fowler posted a thread on X, each tweet of which contained a link to his story — the warning appeared to affect the first two instances of the link but not others, for reasons unknown. It’s highly unusual for such a warning to appear before a link to a mainstream website. Other links to NPR, as well as other coverage of Trump’s visit to Arlington, don’t appear to have such a label.

In a statement to an NPR reporter, an X spokesperson claimed the warning appeared due to a "false positive" and that it had been corrected. The company didn't explain further.

Notably, Musk has been a vocal supporter of Trump this election, and recently held a lengthy live streamed conversation with him on X. Musk has also publicly feuded with NPR in the past, adding a “state affiliated media” label to its account for several months last year. NPR hasn’t posted from its main account on X since the label was added last April.

Last week, Microsoft mentioned in a support document that it was formally deprecating Windows' 39-year-old Control Panel applets. But following widespread reporting of the change, Microsoft has either backtracked or clarified its language to remove the note about Control Panel being deprecated in favor of the Settings app. Here's what the original post said, as also preserved by the Internet Wayback Machine (emphasis ours):

"The Control Panel is a feature that's been part of Windows for a long time. It provides a centralized location to view and manipulate system settings and controls," the support page explains. "Through a series of applets, you can adjust various options ranging from system time and date to hardware settings, network configurations, and more. The Control Panel is in the process of being deprecated in favor of the Settings app, which offers a more modern and streamlined experience."

The current version of the page has changed that last sentence considerably. It now says that "many of the settings in Control Panel are in the process of being migrated to the Settings app, which offers a more modern and streamlined experience."

It's not clear whether this reflects a policy change or just a clarification of language. We've asked Microsoft whether it has changed plans to deprecate the Control Pane or if the original version of the support page was just incorrect in the first place, and we'll update if we receive a response.

Peloton is in something of a financial rut lately, and we all know what companies do when that happens. They take it out on consumers. To that end, the exercise machine maker just announced it will be charging a $95 “used equipment activation fee” to anyone who buys one of its machines on the secondhand market, according to a report by CNBC.

The company made this announcement in its Q4 2024 shareholder letter. The fairly exorbitant fee will apply to any machine bought directly from a previous owner, meaning anything purchased via Craigslist, Facebook Marketplace or, heck, even a neighbor down the street. Without tithing $95 to the church of Peloton, the machine won’t have access to any of the classes or features the company has become known for.

The company says this activation fee is just to ensure that new members “receive the same high-quality onboarding experience Peloton is known for.” In a recent earnings call, however, a company representative was more transparent, calling the fee a “source of incremental revenue and gross profit,” according to The Verge.

The standard Bike, for instance, sells new for nearly $1,500, but you can pick up a used one online for $300 to $500. Now, that price goes up to $400 to $600. Peloton also requires a monthly membership fee to access content, which is around $44.

Microsoft will begin sending a revised version of its controversial Recall feature to Windows Insider PCs beginning in October, according to an update published today to the company's original blog post about the Recall controversy. The company didn't elaborate further on specific changes it's making to Recall beyond what it already announced in June.

For those unfamiliar, Recall is a Windows service that runs in the background on compatible PCs, continuously taking screenshots of user activity, scanning those screenshots with optical character recognition (OCR), and saving the OCR text and the screenshots to a giant searchable database on your PC. The goal, according to Microsoft, is to help users retrace their steps and dig up information about things they had used their PCs to find or do in the past.

The problem was that other users on the same PC, or attackers with physical or remote access to your PC, could easily access, view, and export those screenshots and the OCR database since none of the information was encrypted at rest or protected in any substantive way.

Among the changes Microsoft has said it will make: The database will be encrypted at rest and will require authentication (and periodic reauthentication) with Windows Hello before users will be allowed to access it. The feature will also be off by default, whereas the original plan was to turn it on by default and make users go into Settings to turn it off.

Mozilla has a close relationship with Google, as most of Firefox's revenue comes from the agreement keeping Google as the browser's default search engine. However, the search giant is now officially a monopoly, and a future court decision could have an unprecedented impact on Mozilla's ability to keep things "business as usual."

United States District Judge Amit Mehta found Google guilty of building a monopolistic position in web search. The Mountain View corporation spent billions of dollars becoming the leading search provider for computing platforms and web browsers on PC and mobile devices.

Most of the $21 billion spent went to Apple in exchange for setting Google as the default search engine on iPhone, iPad, and Mac systems. The judge will now need to decide on a penalty for the company's actions, including the potential of forcing Google to stop payments to its search "partners completely," which could have dire consequences for smaller companies like Mozilla.

Its most recent financials show Mozilla gets $510 million out of its $593 million in total revenue from its Google partnership. This precarious financial position is a side effect of its deal with Alphabet, which made Google the search engine default for newer Firefox installations.

The open-source web browser has experienced a steady market share decline over the past few years. Meanwhile, Mozilla management was paid millions to develop a new "vision" of a theoretical future with AI chatbots. Mozilla Corporation, the wholly owned subsidiary of Mozilla Foundation managing Firefox development, could find itself in a severe struggle for revenue if Google's money suddenly dried up.

Reddit CEO Steve Huffman has hinted that in future some subreddits could be paywalled, as the company seeks to devise new sources of income.

He suggested that the company might experiment with paywalled subreddits as it looks to monetize new features. “I think the existing, altruistic, free version of Reddit will continue to exist and grow and thrive just the way it has,” Huffman said. “But now we will unlock the door for new use cases, new types of subreddits that can be built that may have exclusive content or private areas, things of that nature.”

This is another move likely to anger Redditors. While the platform is a commercial enterprise, its value derives almost entirely from freely offered user content. That means Redditors feel at least some sense of ownership in a community endeavour, so the company needs to tread carefully when it comes to monetization at user expense.