404 Media

Welcome back to the Abstract!

This week, we’re moving in next to anacondas, so watch your back and lock the henhouse. Then, parenthood tips from wild baboons, the “cognitive debt” of ChatGPT, a spaceflight symphony, and a bizarre galaxy that is finally coming into view.

When your neighbor is an anaconda

Cosendey, Beatriz Nunes and Pezzuti, Juarez Carlos Brito. 'The myth of the serpent: from the Great Snake to the henhouse.” Frontiers in Amphibian and Reptile Science.

Anacondas are one of the most spectacular animals in South America, inspiring countless  myths and legends. But these iconic boas, which can grow to lengths of 30 feet, are also a pest to local populations in the Amazon basin, where they prey on livestock.

To better understand these nuanced perceptions of anacondas, researchers interviewed more than 200 residents of communities in the várzea regions of the lower Amazon River about their experiences with the animals. The resulting study is packed with amazing stories and insights about the snakes, which are widely reviled as thieves and feared for their predatory prowess.

“Fear of the anaconda (identified in 44.5% of the reports) is related to the belief that it is a treacherous and sly animal,” said co-authors led by Beatriz Nunes Cosendey of the Mamirauá Sustainable Development Reserve and Juarez Carlos Brito Pezzuti of the Federal University of Pará.

“The interviewees convey that the anaconda is a silent creature that arrives without making any noise, causing them to feel uneasy and always vigilant during fishing…with the fear of having their canoe flooded in case of an attack,” the team added. “Some dwellers even reported being more afraid of an anaconda than of a crocodile because the latter warns when it is about to attack.”

One of the Amazonian riverine communities where the research was conducted. Image: Beatriz Cosendey.

But while anacondas are eerily stealthy, they also have their derpy moments. The snakes often break into chicken coops to feast on the poultry, but then get trapped because their engorged bodies are too big to escape through the same gaps they used to enter.

“Dwellers expressed frustration at having to invest time and money in raising chickens, and then lose part of their flock overnight,” the team said. “One interviewee even mentioned retrieving a chicken from inside an anaconda’s belly, as it had just been swallowed and was still fresh.”

Overall, the new study presents a captivating portrait of anaconda-human relations, and concludes that “the anaconda has lost its traditional role in folklore as a spiritual and mythological entity, now being perceived in a pragmatic way, primarily as an obstacle to free-range poultry farming.”

Monkeying around with Dad

Jansen, David et al. “Early-life paternal relationships predict adult female survival in wild baboons.” Proceedings of the Royal Society B.

Coming off of Father’s Day, here is a story about the positive role that dads can play for their daughters—for baboons, as well as humans. A team tracked the lifespans of 216 wild female baboons in Amboseli, Kenya, and found that subjects who received more paternal care had significantly better outcomes than their peers.

Male baboon with infant in the Amboseli ecosystem, Kenya. Image: Elizabeth Archie, professor at Notre Dame.

“We found that juvenile female baboons who had stronger paternal relationships, or who resided longer with their fathers, led adult lives that were 2–4 years longer than females with weak or short paternal relationships,” said researchers led by David Jansen of the Midwest Center of Excellence for Vector-Borne Disease. “Because survival predicts female fitness, fathers and their daughters may experience selection to engage socially and stay close in daughters’ early lives.”

This all reminds me of that old episode of The Simpsons where Lisa calls Homer a baboon. While Homer was clearly hurt, it turns out that baboons might not be the worst animal-based insult for a daughter to throw at her dad.

A case for staying ChatGPT-Free

Nataliya, Kosmyna et al. “Your Brain on ChatGPT: Accumulation of Cognitive Debt when Using an AI Assistant for Essay Writing Task.” arXiv preprint.

ChatGPT may hinder creativity and learning skills in students who use it to write essays, relative to those who didn’t, according to an exhaustive new preprint study posted on arXiv. This research has yet not been peer-reviewed, and has a relatively small sample size of 54 subjects, but it still contributes to rising concerns about the cognitive toll of AI assistants.

Researchers led by Nataliya Kosmya of the Massachusetts Institute of Technology divided the subjects — all between 18 and 39 years old — into three groups wrote SAT essays using OpenAI’s ChatGPT (LLM group), Google’s search engine, or with no assistance (dubbed “Brain-only”).

“As demonstrated over the course of 4 months, the LLM group's participants performed worse than their counterparts in the Brain-only group at all levels: neural, linguistic, scoring,” the team said. “The LLM group also fell behind in their ability to quote from the essays they wrote just minutes prior.”

When I asked ChatGPT for its thoughts on the study, it commented that “these results are both interesting and plausible, though they should be interpreted cautiously given the early stage of the research and its limitations.” It later suggested that “cognitive offloading is not always bad.”

This study is a bop

Berthet, Maximilien et al. “History of the space industry in Asia: A concert in three movements.” Acta Astronautica.

Even scientists can’t resist evocative language now and then—we’re all only human. Case in point: A new study likens the history of Asia’s space industry to “a musical concert” and then really runs with the metaphor.

“The region comprises a diverse patchwork of nations, each contributing different instruments to the regional space development orchestra,” said researchers led by Maximilien Berthet of the University of Tokyo. “Its history consists of three successive movements” starting with “the US and former USSR setting the tone for the global space exploration symphony” and culminating with modern Asian spaceflight as “a fast crescendo in multiple areas of the region driven in part by private initiative.”

Talk about a space opera. The rest of the study provides a comprehensive review of Asian space history, but I cannot wait for the musical adaptation.

Peekaboo! I galax-see you

Kniazev, Alexei and Pustilnik, Simon. “The Peekaboo galaxy: New SALT spectroscopy and implications of archive HST data.” Astronomy & Astrophysics.

In 2001, astronomer Bärbel Koribalski spotted a tiny galaxy peeking out from behind a bright foreground star that had obscured it for decades, earning it the nickname the “Peekaboo Galaxy.” Situated about 22 million light-years from the Milky Way, this strange galaxy is extremely young and metal-poor, resembling the universe’s earliest galaxies.

The Peekaboo galaxy to the right of the star TYC 7215-199-1. Image: NASA, ESA, Igor Karachentsev (SAO RAS); Image Processing: Alyssa Pagan (STScI)

A new study confirms Peekaboo as “the lowest-metallicity dwarf in the Local Volume,” a group of roughly 500 galaxies within 36 million light-years of Earth.

“This makes the Peekaboo dwarf one of the most intriguing galaxies in the Local Volume,” said co-authors Alexei Kniazev of the South African Astronomical Observatory and Simon Pustilnik of the Special Astrophysical Observatory of the Russian Academy of the Sciences. “It deserves intensive, multi-method study and is expected to significantly advance our understanding of the early universe’s first building blocks.”

Thanks for reading! See you next week.

Update: The original headline for this piece was "Is ChatGPT Rotting Our Brains? New Study Suggests It Does." We've updated the headline to "ChatGPT May Create 'Cognitive Debt,' New Study Finds" to match the terminology used by the researchers.

From 404 Media via this RSS feed

This article was produced in collaboration with Court Watch, an independent outlet that unearths overlooked court records. Subscribe to them here.

The FBI has accused a Texas man, James Wesley Burger, of planning an Islamic State-style terrorist attack on a Christian music festival and talking about it on Roblox. The feds caught Burger after another Roblox user overheard his conversations about martyrdom and murder and tipped them off. The feds said that when they searched Burger’s phone they found a list of searches that included “ginger isis member” and “are suicide attacks haram in islam.”

According to charging documents, a Roblox player contacted federal authorities after seeing another player called “Crazz3pain” talking about killing people. Screenshots from the server and included in the charging documents show Roblox avatars with beards dressed in Keffiyehs talking about dealing a “greivoius [sic] wound upon followers of the cross.”

“The witness observed the user of Crazz3pain state they were willing, as reported by the Witness, to ‘kill Shia Musilms at their mosque,” court records said. “Crazz3pain and another Roblox user[…]continued to make violent statements so the witness left the game.”

The witness stayed off of Roblox for two days and when they returned they saw Crazz3pain say something else that worried them, according to the court filing. “The Witness observed Crazz3pain tell Roblox User 1 to check their message on Discord,” the charging document said. “Roblox User 1 replied on Roblox to Crazz3pain, they should delete the photograph of firearms within the unknown Discord chat, ‘in case it was flagged as suspicious…the firearms should be kept hidden.”

According to the witness, Crazz3pain kept talking about their desire to commit “martyrdom” at a Christian event and that he wanted to “bring humiliation to worshippers of the cross.” The Witness allegedly asked Crazz3pain if the attack would happen at a church service and Crazz3pain told them it would happen at a concert.

Someone asked Crazz3pain when it would happen. “‘It will be months…Shawwal…April,’” Crazz3pain said. Shawwal is the month after Ramadan in the Islamic calendar. The conversations the witness shared with the FBI happened on January 21 and 23, 2025.

Roblox gave authorities Crazz3pain’s email address, name, physical address, and IP address and it all pointed back to James Wesley Burger. The FBI searched Burger’s home on February 28 and discovered that someone in his family had put on a keylogger on the laptop he used to play Roblox and that they’d captured a lot of what he’d been typing while playing the game. They turned over the records to the feds.

“The safety of our community is among our highest priorities. In this case, we moved swiftly to assist law enforcement’s investigation before any real-world harm could occur and investigated and took action in accordance with our policies. We have a robust set of proactive and preventative safety measures designed to help swiftly detect and remove content that violates our policies," a spokesperson for Roblox told 404 Media. "Our Community Standards explicitly prohibit any content or behavior that depicts, supports, glorifies, or promotes terrorist or extremist organizations in any way. We have dedicated teams focused on proactively identifying and swiftly removing such content, as well as supporting requests from and providing assistance to law enforcement. We also work closely with other platforms and in close collaboration with safety organizations to keep content that violates our policies off our platform, and will continue to diligently enforce our policies.”

Burger’s plan to kill Christians was allegedly captured by the keylogger. “I’ve come to conclude it will befall the 12 of Shawwal aa/And it will be a music festival /Attracting bounties of Christians s/In’shaa’allah we will attain martyrdom /And deal a grevious [sic] wound upon the followers of the Cross /Pray for me and enjoin yourself to martyrdom,” he allegedly typed in Roblox, according to court records.

The FBI then interviewed Burger in his living room and he admitted he used the Crazz3pain account to play Roblox. The feds asked him about his alleged plan to kill Christians at a concert. Burger said it was, at the time, “mostly a heightened emotional response,” according to the court records.

Burger also said that the details “became exaggerated” but that the goal “hasn’t shifted a bit,” according to the court records. He said he wanted to “[G]et the hell out of the U.S.” And if he can’t, “then, martyrdom or bust.”

He said that his intention with the attack “is something that is meant to or will cause terror,” according to the charging document. When the FBI agent asked if he was a terrorist, Burger said, “I mean, yeah, yeah. By, by the sense and … by my very own definition, yes, I guess, you know, I would be a terrorist.”

When authorities searched his iPhone, they discovered two notes on the phone that described how to avoid leaving behind DNA and fingerprints at a crime scene. A third note appeared to be a note explaining the attack, meant to be read after it occured.

The list of previous searches on his iPhone included “Which month is april in islam,” “Festivals happening near me,” “are suicide attacks haram in islam,” “ginger isis member,” “lone wolf terrorists isis,” and “can tou kill a woman who foesnt[sic] wear hijab.”

Burger has been charged with making violent threats online and may spend time in a federal prison if convicted. This is not the first time something like this has happened on Roblox. The popular children’s game has been a popular spot for extremist behavior, including Nazis and religious terrorists, for years now. Last year, the DOJ accused a Syrian man living in Albanian of using Roblox to coordinate a group of American teenagers to disrupt public city council Zoom meetings.

From 404 Media via this RSS feed

This is Behind the Blog, where we share our behind-the-scenes thoughts about how a few of our top stories of the week came together. This week, we discuss Deadheads and doxxing sites.

SAM: Anyone reading the site closely this week likely noticed a new name entering the chat. We’re thrilled to welcome Rosie Thomas to the gang for the summer as an editorial intern!

Rosie was previously a software engineer in the personal finance space. Currently halfway through her master’s degree in journalism, Rosie is interested in social movements, how people change their behaviors in the face of new technologies, and “the infinite factors that influence sentiment and opinions,” in her words. In her program, she’s expanding her skills in investigations, audio production, and field recording. She published her first blog with us on day two, a really interesting (and in 404 style, informatively disturbing) breakdown of a new report that found tens of thousands of camera feeds exposed to the dark web. We’re so excited to see what she does with us this summer!

From 404 Media via this RSS feed

A report from a cybersecurity company last week found that over 40,000 unsecured cameras—including CCTV and security cameras on public transportation, in hospitals, on internet-connected bird feeders and on ATMs—are exposed online worldwide.

Cybersecurity risk intelligence company BitSight was able to access and download content from thousands of internet-connected systems, including domestic and commercial webcams, baby monitors, office security, and pet cams. They also found content from these cameras on locations on the dark web where people share and sell access to their live feeds. “The most concerning examples found were cameras in hospitals or clinics monitoring patients, posing a significant privacy risk due to the highly sensitive nature of the footage,” said João Cruz, Principal Security Research Scientist for the team that produced the report.

The company wrote in a press release that it “doesn’t take elite hacking to access these cameras; in most cases, a regular web browser and a curious mind are all it takes, meaning that 40,000 figure is probably just the tip of the iceberg.”

Depending on the type of login protocol that the cameras were using, the researchers were able to access footage or individual real-time screenshots. Against a background of increasing surveillance by law enforcement and ICE, there is clear potential for abuse of unknowingly open cameras.

Traffic Camera ‘Selfie’ Creator Holds Cease and Desist Letter in Front of Traffic CamTraffic Cam Photobooth lets you take a capture from NYC surveillance camera. The city’s Department of Transportation does not like that.404 MediaSamantha Cole

“Knowing the real number is practically impossible due to the insanely high number of camera brands and models existent in the market,” said Cruz, “each of them with different ways to check if it’s exposed and if it’s possible to get access to the live footage.”

The report outlines more obvious risks, from tracking the behavioral patterns and real-time status of when people are in their homes in order to plan a burglary, to “shoulder surfing,” or stealing data by observing someone logging in to a computer in offices. The report also found cameras in stores, gyms, laundromats, and construction sites, meaning that exposed cameras are monitoring people in their daily lives. The geographic data provided by the camera’s IP addresses, combined with commercially available facial-recognition systems, could prove dangerous for individuals working in or using those businesses.

You can find out if your camera has been exposed using a site like Shodan.io, a search engine which scans for devices connected to the internet, or by trying to access your camera from a device logged in to a different network. Users should also check the documentation provided by the manufacturer, rather than just plugging in a camera right away, to minimize vulnerabilities, and make sure that they set their own password on any IoT-connected device.

This is because many brands use default logins for their products, and these logins are easily findable online. The BitSight report didn’t try to hack into these kinds of cameras, or try to brute-force any passwords, but, “if we did so, we firmly believe that the number would be higher,” said Cruz. Older camera systems with deprecated and unmaintained software are more susceptible to being hacked in this way; one somewhat brighter spot is that these “digital ghost ships” seem to be decreasing in number as the oldest and least secure among them are replaced or fail completely.

Unsecured cameras attract hackers and malicious actors, and the risks can go beyond the embarrassing, personal, or even individual. In March this year, the hacking group Akira successfully compromised an organisation using an unsecured webcam, after a first attack attempt was effectively prevented by cybersecurity protocols. In 2024, the Ukrainian government asked citizens to turn off all broadcasting cameras, after Russian agents hacked into webcams at a condo association and a car park. They altered the direction of the cameras to point toward nearby infrastructure and used the footage in planning strikes. Ukraine blocked the operation of 10,000 internet-connected digital security cameras in order to prevent further information leaks, and a May 2025 report from the Joint Cybersecurity Advisory described continued attacks from Russian espionage units on private and municipal cameras to track materials entering Ukraine.

From 404 Media via this RSS feed

This week we start with Joseph’s article about the U.S’s major airlines selling customers’ flight information to Customs and Border Protection and then telling the agency to not reveal where the data came from. After the break, Emanuel tells us how AI scraping bots are breaking open libraries, archives, and museums. In the subscribers-only section, Jason explains the casual surveillance relationship between ICE and local cops, according to emails he got.

Listen to the weekly podcast on Apple Podcasts,Spotify, or YouTube. Become a paid subscriber for access to this episode's bonus content and to power our journalism. If you become a paid subscriber, check your inbox for an email from our podcast host Transistor for a link to the subscribers-only version! You can also add that subscribers feed to your podcast app of choice and never miss an episode that way. The email should also contain the subscribers-only unlisted YouTube link for the extended video version too. It will also be in the show notes in your podcast player.

Airlines Don't Want You to Know They Sold Your Flight Data to DHSAI Scraping Bots Are Breaking Open Libraries, Archives, and MuseumsEmails Reveal the Casual Surveillance Alliance Between ICE and Local Police

From 404 Media via this RSS feed

As Israel and Iran trade blows in a quickly escalating conflict that risks engulfing the rest of the region as well as a more direct confrontation between Iran and the U.S., social media is being flooded with AI-generated media that claims to show the devastation, but is fake.

The fake videos and images show how generative AI has already become a staple of modern conflict. On one end, AI-generated content of unknown origin is filling the void created by state-sanctioned media blackouts with misinformation, and on the other end, the leaders of these countries are sharing AI-generated slop to spread the oldest forms of xenophobia and propaganda.

If you want to follow a war as it’s happening, it’s easier than ever. Telegram channels post live streams of bombing raids as they happen and much of the footage trickles up to X, TikTok, and other social media platforms. There’s more footage of conflict than there’s ever been, but a lot of it is fake.

A few days ago, Iranian news outlets reported that Iran’s military had shot down three F-35s. Israel denied it happened. As the claim spread so did supposed images of the downed jet. In one, a massive version of the jet smolders on the ground next to a town. The cockpit dwarfs the nearby buildings and tiny people mill around the downed jet like Lilliputians surrounding Gulliver.

It’s a fake, an obvious one, but thousands of people shared it online. Another image of the supposedly downed jet showed it crashed in a field somewhere in the middle of the night. Its wings were gone and its afterburner still glowed hot. This was also a fake.

Image via X.com.Image via X.com.

AI slop is not the sole domain of anonymous amateur and professional propagandists. The leaders of both Iran and Israel are doing it too. The Supreme Leader of Iran is posting AI-generated missile launches on his X account, a match for similar grotesques on the account of Israel’s Minister of Defense.

New tools like Google’s Veo 3 make AI-generated videos more realistic than ever. Iranian news outlet Tehran Times shared a video to X that it said captured “the moment an Iranian missile hit a building in Bat Yam, southern Tel Aviv.” The video was fake. In another that appeared to come from a TV news spot, a massive missile moved down a long concrete hallway. It’s also clearly AI-generated, and still shows the watermark in the bottom right corner for Veo.

#BREAKING Doomsday in Tel Aviv pic.twitter.com/5CDSUDcTY0

— Tehran Times (@TehranTimes79) June 14, 2025

After Iran launched a strike on Israel, Tehran Times shared footage of what it claimed was “Doomsday in Tel Aviv.” A drone shot rotated through scenes of destroyed buildings and piles of rubble. Like the other videos, it was an AI generated fake that appeared on both a Telegram account and TikTok channel named “3amelyonn.”

In Arabic, 3amelyonn’s TikTok channel calls itself “Artificial Intelligence Resistance” but has no such label on Telegram. It’s been posting on Telegram since 2023 and its first TikTok video appeared in April of 2025, of an AI-generated tour through Lebanon, showing its various cities as smoking ruins. It’s full of the quivering lines and other hallucinations typical of early AI video.

But 3amelyonn’s videos a month later are more convincing. A video posted on June 5, labeled as Ben Gurion Airport, shows bombed out buildings and destroyed airplanes. It’s been viewed more than 2 million times. The video of a destroyed Tel Aviv, the one that made it on to Tehran Times, has been viewed more than 11 million times and was posted on May 27, weeks before the current conflict.

Hany Farid, a UC Berkeley professor and founder of GetReal, a synthetic media detection company, has been collecting these fake videos and debunking them.

“In just the last 12 hours, we at GetReal have been seeing a slew of fake videos surrounding the recent conflict between Israel and Iran. We have been able to link each of these visually compelling videos to Veo 3,” he said in a post on LinkedIn. “It is no surprise that as generative-AI tools continue to improve in photo-realism, they are being misused to spread misinformation and sow confusion.”

The spread of AI-generated media about this conflict appears to be particularly bad because both Iran and Israel are asking their citizens not to share media of destruction, which may help the other side with its targeting for future attacks. On Saturday, for example, the Israel Defense Force asked people not to “publish and share the location or documentation of strikes. The enemy follows these documentations in order to improve its targeting abilities. Be responsible—do not share locations on the web!” Users on social media then fill this vacuum with AI-generated media.

“The casualty in this AI war [is] the truth,” Farid told 404 Media. “By muddying the waters with AI slop, any side can now claim that any other videos showing, for example, a successful strike or human rights violations are fake. Finding the truth at times of conflict has always been difficult, and now in the age of AI and social media, it is even more difficult.”

“We're committed to developing AI responsibly and we have clear policies to protect users from harm and governing the use of our AI tools,” a Google spokesperson told 404 Media. “Any content generated with Google AI has a SynthID watermark embedded and we add a visible watermark to Veo videos too.”

Farid and his team used SynthID to identify the fake videos “alongside other forensic techniques that we have developed over at GetReal,” he said. But checking a video for a SynthID watermark, which is visually imperceptible, requires someone to take the time to download the video and upload it to a separate website. Casual social media scrollers are not taking the time to verify a video they’re seeing by sending it to the SynthID website.

One distinguishing feature of 3amelyonn and others’ videos of viral AI slop about the conflict is that the destruction is confined to buildings. There are no humans and no blood in 3amelyonn’s  aerial shots of destruction, which are more likely to get blocked both by AI image and video generators as well as the social media platforms where these creations are shared. If a human does appear, they’re as observers like in the F-35 picture or milling soldiers like the tunnel video. Seeing a soldier in active combat or a wounded person is rare.

There’s no shortage of real, horrifying footage from Gaza and other conflicts around the world. AI war spam, however, is almost always bloodless. A year ago, the AI-generated image “All Eyes on Raffah” garnered tens of millions of views. It was created by a Facebook group with the goal of “Making AI prosper.”

From 404 Media via this RSS feed

Subscribe

Join the newsletter to get the latest updates.

SuccessGreat! Check your inbox and click the link.ErrorPlease enter a valid email address.

I was sick last week, so I did not have time to write about the Discover Tab in Meta’s AI app, which, as Katie Notopoulos of Business Insider has pointed out, is the “saddest place on the internet.” Many very good articles have already been written about it, and yet, I cannot allow its existence to go unremarked upon in the pages of 404 Media.

If you somehow missed this while millions of people were protesting in the streets, state politicians were being assassinated, war was breaking out between Israel and Iran, the military was deployed to the streets of Los Angeles, and a Coinbase-sponsored military parade rolled past dozens of passersby in Washington, D.C., here is what the “Discover” tab is: The Meta AI app, which is the company’s competitor to the ChatGPT app, is posting users’ conversations on a public “Discover” page where anyone can see the things that users are asking Meta’s chatbot to make for them.

This includes various innocuous image and video generations that have become completely inescapable on all of Meta’s platforms (things like “egg with one eye made of black and gold,” “adorable Maltese dog becomes a heroic lifeguard,” “one second for God to step into your mind”), but it also includes entire chatbot conversations where users are seemingly unknowingly leaking a mix of embarrassing, personal, and sensitive details about their lives onto a public platform owned by Mark Zuckerberg. In almost all cases, I was able to trivially tie these chats to actual, real people because the app uses your Instagram or Facebook account as your login.

From 404 Media via this RSS feed

🌘Subscribe to 404 Media to get The Abstract, our newsletter about the most exciting and mind-boggling science news and studies of the week.

Scientists have directly confirmed the location of the universe's “missing” matter for the first time, reports a study published on Monday in Nature Astronomy.

The idea that the universe must contain normal, or “baryonic,” matter that we can’t seem to find goes back to the birth of modern cosmological models. Now, a team has revealed that about 76 percent of all baryons—the ordinary particles that make up planets and stars—exist as gas hidden in the dark expanses between galaxies, known as the intergalactic medium. Fast radio bursts (FRBs), transient signals with elusive origins, illuminated the missing baryons, according to the researchers. As a bonus, they also identified the most distant FRB ever recorded, at 9.1 billion light years away, in the study.

“Measuring the ‘missing baryons’ with Fast Radio Bursts has been a major long-sought milestone for radio astronomers,” said Liam Connor, an astronomer at the Center for Astrophysics | Harvard & Smithsonian who led the study, in an email. “Until recently, we didn’t have a large-enough sample of bursts to make strong statements about where this ordinary matter was hiding.”

Under the leadership of Caltech professor Vikram Ravi, the researchers constructed the DSA-110 radio telescope—an array of over 100 dishes in the California desert—to achieve this longstanding milestone. “We built up the largest and most distant collection of localized FRBs (meaning we know their exact host galaxy and distance),” Connor explained. “This data sample, plus new algorithms, allowed us to finally make a complete baryon pie chart. There are no longer any missing wedges.”

Baryons are the building blocks of the familiar matter that makes up our bodies, stars, and galaxies, in contrast to dark matter, a mysterious substance that accounts for the vast majority of the universe’s mass. Cosmological models predict that there is much more baryonic matter than we can see in stars and galaxies, which has spurred astronomers into a decades-long search for the “missing baryons” in space.

Scientists have long assumed that most of this missing matter exists in the form of ionized gas in the IGM, but FRBs have opened a new window into these dark reaches, which can be difficult to explore with conventional observatories.

“FRBs complement and improve on past methods by their sensitivity to all the ionized gas in the Universe,” Connor said. “Past methods, which were highly informative but somewhat incomplete, could only measure hot gas near galaxies or clusters of galaxies. There was no probe that could measure the lion’s share of ordinary matter in the Universe, which it turns out is in the intergalactic medium.”

Since the first FRB was detected in 2007, thousands of similar events have been discovered, though astronomers still aren't sure what causes them. Characterized by extremely energetic radio waves that last for mere milliseconds, the bursts typically originate millions or billions of light years from our galaxy. Some repeat, and some do not. Scientists think these pyrotechnic events are fueled by massive compact objects, like neutron stars, but their exact nature and origins remain unclear.

Connor and his colleagues studied a sample of 60 FRB observations that spanned from about 12 million light years away from Earth all the way to a new record holder for distance: FRB 20230521B, located 9.1 billion light years away. With the help of these cosmic searchlights, the team was able to make a new precise measurement of the density of baryonic matter across the cosmic web, which is a network of large-scale structures that spans the universe. The results matched up with cosmological predictions that most of the missing baryons would be blown out into the IGM by “feedback” generated within galaxies. About 15 percent is present in structures that surround galaxies, called halos, and a small remainder makes up stars and other celestial bodies.

“It really felt like I was going in blind without a strong prior either way,” Connor said. “If all of the missing baryons were hiding in galaxy halos and the IGM were gas-poor, that would be surprising in its own way. If, as we discovered, the baryons had mostly been blown into the space between galaxies, that would also be remarkable because that would require strong astrophysical feedback and violent processes during galaxy formation.”

“Now, looking back on the result, it’s kind of satisfying that our data agrees with modern cosmological simulations with strong ‘feedback’ and agrees with the early Universe values of the total abundance of normal matter,” he continued. “Sometimes it’s nice to have some concordance.”

The new measurement might alleviate the so-called sigma-8 tension, which is a discrepancy between the overall “clumpiness” of matter in the universe when measured using the cosmic microwave background, which is the oldest light in the cosmos, compared with using modern maps of galaxies and clusters.

“One explanation for this disagreement is that our standard model of cosmology is broken, and we need exotic new physics,” Connor said. “Another explanation is that today’s Universe appears smooth because the baryons have been sloshed around by feedback.”

“Our FRB measurement suggests the baryon cosmic web is relatively smooth, homogenized by astrophysical processes in galaxies (feedback),” he continued. “This would explain the S8 tension without exotic new physics. If that’s the case, then I think the broader lesson is that we really need to pin down these pesky baryons, which have previously been very difficult to measure directly.”

To that end, Connor is optimistic that more answers to these cosmic riddles are coming down the pike.

“The future is looking bright for the field of FRB cosmology,” he said. “We are in the process of building enormous radio telescope arrays that could find tens of thousands of localized FRBs each year,” including the upcoming DSA-2000.

“My colleagues and I think of our work as baby steps towards the bigger goal of fully mapping the ordinary, baryonic matter throughout the whole Universe,” he concluded.

🌘Subscribe to 404 Media to get The Abstract, our newsletter about the most exciting and mind-boggling science news and studies of the week.

From 404 Media via this RSS feed

AI bots that scrape the internet for training data are hammering the servers of libraries, archives, museums, and galleries, and are in some cases knocking their collections offline, according to a new survey published today. While the impact of AI bots on open collections has been reported anecdotally, the survey is the first attempt at measuring the problem, which in the worst cases can make valuable, public resources unavailable to humans because the servers they’re hosted on are being swamped by bots scraping the internet for AI training data.

“I'm confident in saying that this problem is widespread, and there are a lot of people and institutions who are worried about it and trying to think about what it means for the sustainability of these resources,” the author of the report, Michael Weinberg, told me. “A lot of people have invested a lot of time not only in making these resources available online, but building the community around institutions that do it. And this is a moment where that community feels collectively under threat and isn't sure what the process is for solving the problem.”

The report, titled “Are AI Bots Knocking Cultural Heritage Offline?” was written by Weinberg of the GLAM-E Lab, a joint initiative between the Centre for Science, Culture and the Law at the University of Exeter and the Engelberg Center on Innovation Law & Policy at NYU Law, which works with smaller cultural institutions and community organizations to build open access capacity and expertise. GLAM is an acronym for galleries, libraries, archives, and museums. The report is based on a survey of 43 institutions with open online resources and collections in Europe, North America, and Oceania. Respondents also shared data and analytics, and some followed up with individual interviews. The data is anonymized so institutions could share information more freely, and to prevent AI bot operators from undermining their countermeasures.

💡Do you know anything else about AI scrapers? I would love to hear from you. Using a non-work device, you can message me securely on Signal at ‪@emanuel.404‬. Otherwise, send me an email at [email protected].

Of the 43 respondents, 39 said they had experienced a recent increase in traffic. Twenty-seven of those 39 attributed the increase in traffic to AI training data bots, with an additional seven saying the AI bots could be contributing to the increase.

“Multiple respondents compared the behavior of the swarming bots to more traditional online behavior such as Distributed Denial of Service (DDoS) attacks designed to maliciously drive unsustainable levels of traffic to a server, effectively taking it offline,” the report said. “Like a DDoS incident, the swarms quickly overwhelm the collections, knocking servers offline and forcing administrators to scramble to implement countermeasures. As one respondent noted, ‘If they wanted us dead, we’d be dead.’”

One respondent estimated that their collection experienced one DDoS-style incident every day that lasted about three minutes, saying this was highly disruptive but not fatal for the collection.

“The impact of bots on the collections can also be uneven. Sometimes, bot traffic knocks entire collections offline,” the report said. “Other times, it impacts smaller portions of the collection. For example, one respondent’s online collection included a semi-private archive that normally received a handful of visitors per day. That archive was discovered by bots and immediately overwhelmed by the traffic, even though other parts of the system were able to handle similar volumes of traffic.”

Thirty-two respondents said they are taking active measures to prevent bots. Seven indicated that they are not taking measures at this time, and four were either unsure or currently reviewing potential options.

The report makes clear that it can’t provide a comprehensive picture of the AI scraping bot issue, the problem is clearly widespread though not universal. The report notes that one inherent issue in measuring the problem is that organizations are unaware bots are scraping their collections until they are flooded with enough traffic to degrade the performance of their site.

“In practice, this meant that many respondents woke up one morning to an unexpected stream of emails from users that the collection was suddenly, fully offline, or alerts that their servers had been overloaded,” the report said. “For many respondents, especially those that started experiencing bot traffic earlier, this system failure was their first indication that something had changed about the online environment.”

Just last week, the University of North Carolina at Chapel Hill (UNC) published a blog that described how it handled this exact scenario, which it attributed to AI bot scrapers. On December 2, 2024, the University Libraries’ online catalog “was receiving so much traffic that it was periodically shutting out students, faculty and staff, including the head of User Experience,” according to the school. “It took a team of seven people and more working almost a full week to figure out how to stop this stuff in the first instance,” Tim Shearer, an associate University librarian for Digital Strategies & Information Technology, said. “There are lots of institutions that do not have the dedicated and brilliant staff that we have, and a lot of them are much more vulnerable.”

According to the report, one major problem is that AI scraping bots ignore robots.txt, a voluntary compliance protocol which sites can use to tell automated tools, like these bots, to not scrape the site.

“The protocol has not proven to be as effective in the context of bots building AI training datasets,” the report said. “Respondents reported that robots.txt is being ignored by many (although not necessarily all) AI scraping bots. This was widely viewed as breaking the norms of the internet, and not playing fair online.”

We’ve previously reported that robots.txt is not a perfect method for stopping bots, despite more sites than ever using the tool because of AI scraping. UNC, for example, said it deployed a new, “AI-based” firewall to handle the scrapers.

Making this problem worse is that many of the organizations that are being swamped by bot traffic are reluctant to require users to log in, or complete CAPTCHA tests to prove they’re human before accessing resources, because that added friction will make people less likely to access the materials. In other cases, even if institutions did want to implement some kind of friction, it might not have the resources to do so.

“I don't think that people appreciate how few people are working to keep these collections online, even at huge institutions,” Weinberg told me. “It's usually an incredibly small team, one person, half a person, half a person, plus, like their web person who is sympathetic to what's going on. GLAM-E Lab's mission is to work with small and medium sized institutions to get this stuff online, but as people start raising concerns about scraping on the infrastructure, it's another reason that an institution can say no to this.”

From 404 Media via this RSS feed

On Monday, federal and state authorities charged Vance Boelter with the murders of Minnesota Rep. Melissa Hortman and her husband. An affidavit written by an FBI Special Agent, published here by MSNBC, includes photos of a notepad found in Boelter’s SUV which included a long list of people search sites, some of which make it very easy for essentially anyone to find the address and other personal information of someone else in the U.S. The SUV contained other notebooks and some pages included the names of more than 45 Minnesota state and federal public officials, including Hortman, the affidavit says. Hortman’s home address was listed next to her name, it adds.

People search sites can present a risk to citizen’s privacy, and, depending on the context, physical safety. They aggregate data from property records, social media, marriage licenses, and other places and make it accessible to even those with no tech savvy. Some are free, some are paid, and some require a user to tick a box confirming they’re only using the data for certain permitted use cases.

Congress has known about the risk of data for decades. In 1994 lawmakers created the Driver’s Privacy Protection Act (DPPA) after a stalker hired a private investigator who then obtained the address of actress Rebecca Schaeffer from a DMV. The stalker then murdered Schaeffer. With people search sites, though, lawmakers have been largely motionless, despite them existing for years, on the open web, accessible by a Google search and sometimes even promoted with Google advertisements.

Senator Ron Wyden said in a statement “The accused Minneapolis assassin allegedly used data brokers as a key part of his plot to track down and murder Democratic lawmakers. Congress doesn't need any more proof that people are being killed based on data for sale to anyone with a credit card. Every single American's safety is at risk until Congress cracks down on this sleazy industry.”

This notepad does not necessarily mean that Boelter used these specific sites to find Hortman’s or other officials’ addresses. As the New York Times noted, Hortman’s address was on her campaign website, and Minnesota State Senator John Hoffman, who Boelter allegedly shot along with Hoffman’s wife, listed his address on his official legislative webpage.

The sites’ inclusion shows they are of high interest to a person who allegedly murdered and targeted multiple officials and their families in an act of political violence. Next to some of the people search site names, Boelter appears to have put a star or tick.

Those people search sites are:

Intelius [this entry has a tick next to it]BeenVerified.comOwnerly.com [the note “address needed” is added next to this site on the list]USSearch.com [this entry has a tick next to it]NeighborWho [the note “address needed” is added next to this site on the list]PeopleFinders.com [this entry has a star next to it]PeopleLooker [this entry has a tick next to it]Spokeo [this entry has a tick next to it; another entry notes “not free”]TruePeopleSearch.comTruthFinder.comInformation.comPipl [a note says “not free” next to this entry]Addresses.comYellowpages.com

A spokesperson for Atlas, a company that is suing a variety of people search sites, said “Tragedies like this might be prevented if data brokers simply complied with state and federal privacy laws. Our company has been in court for more than 15 months litigating against each of the eleven data brokers identified in the alleged shooter’s writings, seeking to hold them accountable for refusing to comply with New Jersey’s Daniel’s Law which seeks to protect the home addresses of judges, prosecutors, law enforcement and their families. This industry’s purposeful refusal to comply with privacy laws has and continues to endanger thousands of public servants and their families.”

404 Media has repeatedly reported on how data can be weaponized against people. We found violent criminals and hackers were able to dox nearly anyone in the U.S. for $15, using bots that were based on data people had given as part of opening credit cards. In 2023 Verizon gave sensitive information, including an address on file, of one of its customers to her stalker, who then drove to the address armed with a knife.

404 Media was able to contact most of the people search sites for comment. None responded.

Update: this piece has been updated to include a statement from Atlas. An earlier version of this piece accidentally published a version with a different structure; this correct version includes more information about the DPPA.

From 404 Media via this RSS feed

A survey of 7,000 Facebook, Instagram, and Threads users found that most people feel less safe on Meta’s platforms since CEO Mark Zuckerberg abandoned fact-checking in January.

The report, written by Jenna Sherman at UltraViolet, Ana Clara-Toledo at All Out, and Leanna Garfield at GLAAD, surveyed people who belong to what Meta refers to as “protected characteristic groups,” which include “people targeted based on their race, ethnicity, national origin, disability, religious affiliation, caste, sexual orientation, sex, gender identity, or serious disease,” the report says. The average age of respondents was 50 years, and the survey asked them to respond to questions including “How well do you feel Meta’s new policy changes protect you and all users from being exposed to or targeted by harmful content?” and “Have you been the target of any form of harmful content on any Meta platform since January 2025?”

One in six of respondents reported being targeted with gender-based or sexual violence on Meta platforms, and 66 percent of respondents said they’ve witnessed harmful content on Meta platforms. The survey defined harmful content as “content that involves direct attacks against people based on a protected characteristic.”

Almost all of the users surveyed—more than 90 percent—said they’re concerned about increasing harmful content, and feel less protected from being exposed to or targeted by harmful content on Meta’s platforms.

“I have seen an extremely large influx of hate speech directed towards many different marginalized groups since Jan. 2025,” one user wrote in the comments section of the survey. “I have also noted a large increase in ‘fake pages’ generating false stories to invoke an emotional response from people who are clearly against many marginalized groups since Jan. 2025.”

“I rarely see friends’ posts [now], I am exposed to obscene faked sexual images in the opening boxes, I am battered with commercial ads for products that are crap,” another wrote, adding that they were moving to Bluesky and Substack for “less gross posts.”

404 Media has extensively reported on the kinds of gruesome slop these users are referring to. Meta’s platforms allow AI-generated spam schemes to run rampant, at the expense of human-made, quality content.

In January, employees at Meta told 404 Media in interviews and demonstrated with leaked internal conversations that people working there were furious about the changes. A member of the public policy team said in Meta’s internal workspace that the changes to the Hateful Conduct policy—to allow users to call gay people “mentally ill” and immigrants “trash,” for example—was simply an effort to “undo mission creep.” “Reaffirming our core value of free expression means that we might see content on our platforms that people find offensive … yesterday’s changes not only open up conversation about these subjects, but allow for counterspeech on what matters to users,” the policy person said in a thread addressing angry Meta employees.

Zuckerberg has increasingly chosen to pander to the Trump administration through public support and moderation slackening on his platforms. In the January announcement, he promised to “get rid of a bunch of restrictions on topics like immigration and gender that are just out of touch with mainstream discourse.” In practice, according to leaked internal documents, that meant allowing violent hate speech on his platforms, including sexism, racism, and bigotry.

Several respondents to the survey wrote that the changes have resulted in a hostile social media environment. “I was told that as a woman I should be ‘properly fucked by a real man’ to ‘fix my head’ regarding gender equality and LGBT+ rights,” one said.“I’ve been told women should know their place if we want to support America. I’ve been sent DMs requesting contact based on my appearance. I’ve been primarily stalked due to my political orientation,” another wrote. Studies show that rampant hate speech online can predict real-world violence.

The authors of the report wrote that they want to see Meta hire an independent third-party to “formally analyze changes in harmful content facilitated by the policy changes” made in January, and for the social media giant to bring back the moderation standards that were in place before then. But all signs point to Zuckerberg not just liking the content on his site that makes it worse, but ignoring the issue completely to build more harmful chatbots and spend billions of dollars on a “superintelligence” project.

From 404 Media via this RSS feed

📄This article was primarily reported using public records requests. We are making it available to all readers as a public service. FOIA reporting can be expensive, please consider subscribing to 404 Media to support this work. Or send us a one time donation via our tip jar here.

A California police department searched AI-enabled, automatic license plate reader (ALPR) cameras in relation to an “immigration protest,” according to internal police data obtained by 404 Media. The data also shows that police departments and sheriff offices around the country have repeatedly tapped into the cameras inside California, made by a company called Flock, on behalf of Immigration and Customs Enforcement (ICE), digitally reaching into the sanctuary state in a data sharing practice that experts say is illegal.

Flock allows participating agencies to search not only cameras in their jurisdiction or state, but nationwide, meaning that local police that may work directly with ICE on immigration enforcement are able to search cameras inside California or other states. But this data sharing is only possible because California agencies have opted-in to sharing it with agencies in other states, making them legally responsible for the data sharing.

The news raises questions about whether California agencies are enforcing the law on their own data sharing practices, threatens to undermine the state’s perception as a sanctuary state, and highlights the sort of surveillance or investigative tools law enforcement may deploy at immigration related protests. Over the weekend, millions of people attended No Kings protests across the U.S. 404 Media’s findings come after we revealed police were searching cameras in Illinois on behalf of ICE, and then Cal Matters found local law enforcement agencies in California were searching cameras for ICE too.

“I think especially in this current political climate where the government is taking extreme measures to crack down on civil liberties, especially immigrants’ rights being one of those, you can easily see how ALPRs, which is an extremely invasive technology, could be weaponized against that community,” Jennifer Pinsof, a senior staff attorney at activist organization the Electronic Frontier Foundation (EFF), told 404 Media.

💡Do you know anything else about Flock? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at [email protected].

404 Media obtained the data through a public records request with Redlands Police Department in California. The collection of spreadsheets comprises the agency’s “Network Audit” of what other agencies have searched using its Flock systems since June 1, 2024 and the reason the agency provided for doing so.

The data shows that on February 3, the Escondido Police Department in California searched Flock cameras for an “immigration protest.” Days earlier the police department said it impounded 11 cars that blocked traffic and endangered the public. “The Escondido Police Department and our law enforcement partners are committed to protecting the rights of individuals to express their views peacefully,” Erik Witholt, the interim Escondido police chief, said, the San Diego Union-Tribune reported. “However, when drivers choose to block roadways, occupy intersections and commit other acts that pose a clear and present danger to attendees and the public, we will act to restore order and safety,” Witholt said.

“As a First Amendment lawyer I find that to be particularly concerning because ALPRs can obviously be used to identify who's driving towards, away from, parking near, and therefore being a part of attending a protest,” Pinsof said. “You can see how just the presence of such dragnet surveillance can chill people's willingness to speak out publicly or attend protests in causes that we believe in. And I think it's especially wrong in moments like now where the government is taking extreme measures to crack down on civil liberties of protesters specifically.”

Other examples in the data include:

On February 7, the Raleigh Police Department in North Carolina searched Redlands’ and other agencies’ cameras, looking for hits over a one month period. The reason given was “ICE.” That search was across 75,819 cameras and 6,264 networks according to the data, indicating it was likely a national search not limited to just Redlands.On January 29, Nolensville Police Department in Tennessee performed a search of Redlands’ cameras for “ICE.”Lowndes County Sheriff's Office in Georgia repeatedly searched Redlands’ Flock cameras, with the reason given as “ICE,” according to the data.

Those searches took place alongside the Trump administration’s ongoing mass deportation efforts, with ICE tasked with arresting a quota of at least 3,000 people a day. But searches of Flock cameras in California by other agencies repeatedly occurred during the Biden administration too, the data shows, including others from Lowndes County Sheriff’s Office.

Flock is a popular ALPR system with a presence in thousands of communities around the U.S. These cameras constantly record the license plates, color, and model of vehicles driving by, creating a timestamped record of a vehicle’s, and by extension a person’s, movements. Law enforcement typically conducts searches of Flock to see where a vehicle travelled without a warrant, something that an ongoing lawsuit argues is unconstitutional.

A screenshot from the data. 404 Media redacted the license plate column.

A Flock user guide explains that its national lookups feature allows “all law enforcement agencies across the country” who are also opted into the setting to search a user's cameras. After 404 Media first revealed local law enforcement agencies were performing lookups for ICE, and that a cop in Texas searched Flock cameras nationwide for a woman who had a self-administered abortion, Flock made radical changes to its data sharing system, including cutting off agencies that were searching cameras in Illinois that didn’t comply with state law.

A search reason being listed as ICE does not necessarily mean it was related to immigration enforcement. ICE and its Homeland Security Investigations (HSI) division has a wide mandate to investigate crimes such as child abuse or money launderering.

But the data sharing is still illegal, according to Pinsof. Specifically, it violates SB 34, a law California passed ten years ago. “The language of SB 34 is that a public agency shall not sell, share, or transfer ALPR information,” she said. “And so it's illegal for Georgia just to have access to that information full stop. It doesn't matter what the reason is.” The EFF previously found dozens of California agencies were sharing ALPR data with other states.

404 Media’s original May investigation into ICE tapping into Flock’s system was based on data obtained through public records requests by researchers who asked to remain anonymous. 404 Media provided links to the underlying dataset. 404 Media then filed dozens of its own public records requests with agencies inside California. In the wake of that article, many other locally-focused media outlets across the U.S. have used the data for their own stories, filed their own requests, or published articles based on similar data provided to them.

Last week Cal Matters reported that California police were illegally sharing license plate data with ICE and Border Patrol. That article was based on data provided by anti-surveillance group Oakland Privacy and found agencies such as the LAPD and sheriff’s departments in San Diego and Orange counties searched Flock systems on behalf of ICE. It differs slightly in that it was focused on Californian agencies sharing data with ICE more directly, whereas 404 Media’s data shows local police in other parts of the country reaching into California on behalf of ICE.

The Redlands Police Department, Lowndes County Sheriff's Office, and the City of Escondido did not respond to a request for comment. Flock declined to comment.

From 404 Media via this RSS feed

This article was produced in collaboration with Court Watch, an independent outlet that unearths overlooked court records. Subscribe to them here.

A family in Utah is suing the Republican National Convention for sending unhinged text messages soliciting donations to Donald Trump’s campaign and continuing to text even after they tried to unsubscribe.

“From Trump: ALL HELL JUST BROKE LOOSE! I WAS CONVICTED IN A RIGGED TRIAL!” one example text message in the complaint says. “I need you to read this NOW” followed by a link to a donation page.

The complaint, seeking to become a class-action lawsuit and brought by Utah residents Samantha and Cari Johnson, claims that the RNC, through the affiliated small-donations platform WinRed, violates the Utah Telephone and Facsimile Solicitation Act because the law states “[a] telephone solicitor may not make or cause to be made a telephone solicitation to a person who has informed the telephone solicitor, either in writing or orally, that the person does not wish to receive a telephone call from the telephone solicitor.”

The Johnsons claim that the RNC sent Samantha 17 messages from 16 different phone numbers, nine of the messages after she demanded the messages stop 12 times. Cari received 27 messages from 25 numbers, they claim, and she sent 20 stop requests. The National Republican Senatorial Committee, National Republican Congressional Committee, and Congressional Leadership Fund also sent a slew of texts and similarly didn’t stop after multiple requests, the complaint says.

On its website, WinRed says it’s an “online fundraising platform supported by a united front of the Trump campaign, RNC, NRSC, and NRCC.”

A chart from the complaint showing the numbers of times the RNC and others have texted the plaintiffs.

“Defendants’ conduct is not accidental. They knowingly disregard stop requests and purposefully use different phone numbers to make it impossible to block new messages,” the complaint says.

The complaint also cites posts other people have made on X.com complaining about WinRed’s texts. A quick search for WinRed on X today shows many more people complaining about the same issues.

“I’m seriously considering filing a class action lawsuit against @WINRED. The sheer amount of campaign txts I receive is astounding,” one person wrote on X. “I’ve unsubscribed from probably thousands of campaign texts to no avail. The scam is, if you call Winred, they say it’s campaign initiated. Call campaign, they say it’s Winred initiated. I can’t be the only one!”

Last month, Democrats on the House Judiciary, Oversight and Administration Committees asked the Treasury Department to provide evidence of “suspicious transactions connected to a wide range of Republican and President Donald Trump-aligned fundraising platforms” including WinRed, Politico reported.

In June 2024, a day after an assassination attempt on Trump during a rally in Pennsylvania, WinRed changed its landing page to all-black with the Trump campaign logo and a black-and-white photograph of Trump raising his fist with blood on his face. “I am Donald J. Trump,” text on the page said. “FEAR NOT! I will always love you for supporting me.”

CNN investigated campaign donation text messaging schemes including WinRed in 2024, and found that the elderly were especially vulnerable to the inflammatory, constant messaging from politicians through text messages begging for donations. And Al Jazeera uncovered FEC records showing people were repeatedly overcharged by WinRed, with one person the outlet spoke to claiming he was charged almost $90,000 across six different credit cards despite thinking he’d only donated small amounts occasionally. “Every single text link goes to WinRed, has the option to ‘repeat your donation’ automatically selected, and uses shady tactics and lies to trick you into clicking on the link,” another donor told Al Jazeera in 2024. “Let’s just say I’m very upset with WinRed. In my view, they are deceitful money-grabbing liars.”

And in 2020, a class action lawsuit against WinRed made similar claims, but was later dismissed.

From 404 Media via this RSS feed

📄This article was primarily reported using public records requests. We are making it available to all readers as a public service. FOIA reporting can be expensive, please consider subscribing to 404 Media to support this work. Or send us a one time donation via our tip jar here.

Local police in Oregon casually offered various surveillance services to federal law enforcement officials from the FBI and ICE, and to other state and local police departments, as part of an informal email and meetup group of crime analysts, internal emails shared with 404 Media show.

In the email thread, crime analysts from several local police departments and the FBI introduced themselves to each other and made lists of surveillance tools and tactics they have access to and felt comfortable using, and in some cases offered to perform surveillance for their colleagues in other departments. The thread also includes a member of ICE’s Homeland Security Investigations (HSI) and members of Oregon’s State Police. In the thread, called the “Southern Oregon Analyst Group,” some members talked about making fake social media profiles to surveil people, and others discussed being excited to learn and try new surveillance techniques. The emails show both the wide array of surveillance tools that are available to even small police departments in the United States and also shows informal collaboration between local police departments and federal agencies, when ordinarily agencies like ICE are expected to follow their own legal processes for carrying out the surveillance.

In one case, a police analyst for the city of Medford, Oregon, performed Flock automated license plate reader (ALPR) lookups for a member of ICE’s HSI; later, that same police analyst asked the HSI agent to search for specific license plates in DHS’s own border crossing license plate database. The emails show the extremely casual and informal nature of what partnerships between police departments and federal law enforcement can look like, which may help explain the mechanics of how local police around the country are performing Flock automated license plate reader lookups for ICE and HSI even though neither group has a contract to use the technology, which 404 Media reported last month.

An email showing HSI asking for a license plate lookup from police in Medford, Oregon

Kelly Simon, the legal director for the American Civil Liberties Union of Oregon, told 404 Media “I think it’s a really concerning thread to see, in such a black-and-white way. I have certainly never seen such informal, free-flowing of information that seems to be suggested in these emails.”

In that case, in 2021, a crime analyst with HSI emailed an analyst at the Medford Police Department with the subject line “LPR Check.” The email from the HSI analyst, who is also based in Medford, said they were told to “contact you and request a LPR check on (2) vehicles,” and then listed the license plates of two vehicles. “Here you go,” the Medford Police Department analyst responded with details of the license plate reader lookup. “I only went back to 1/1/19, let me know if you want me to check further back.” In 2024, the Medford police analyst emailed the same HSI agent and told him that she was assisting another police department with a suspected sex crime and asked him to “run plates through the border crossing system,” meaning the federal ALPR system at the Canada-US border. “Yes, I can do that. Let me know what you need and I’ll take a look,” the HSI agent said.

More broadly, the emails, obtained using a public records request by Information for Public Use, an anonymous group of researchers in Oregon who have repeatedly uncovered documents about government surveillance, reveal the existence of the “Southern Oregon Analyst Group.” The emails span between 2021 and 2024 and show local police eagerly offering various surveillance services to each other as part of their own professional development.

In a 2023 email thread where different police analysts introduced themselves, they explained to each other what types of surveillance software they had access to, which ones they use the most often, and at times expressed an eagerness to try new techniques.

“This is my first role in Law Enforcement, and I've been with the Josephine County Sheriff's Office for 6 months, so I'm new to the game,” an email from a former Pinkerton security contractor to officials at 10 different police departments, the FBI, and ICE, reads. “Some tools I use are Flock, TLO, Leads online, WSIN, Carfax for police, VIN Decoding, LEDS, and sock puppet social media accounts. In my role I build pre-raid intelligence packages, find information on suspects and vehicles, and build link charts showing connections within crime syndicates. My role with [Josephine Marijuana Enforcement Team] is very intelligence and research heavy, but I will do the occasional product with stats. I would love to be able to meet everyone at a Southern Oregon analyst meet-up in the near future. If there is anything I can ever provide anyone from Josephine County, please do not hesitate to reach out!” The surveillance tools listed here include automatic license plate reading technology, social media monitoring tools, people search databases, and car ownership history tools.

An investigations specialist with the Ashland Police Department messaged the group, said she was relatively new to performing online investigations, and said she was seeking additional experience. “I love being in a support role but worry patrol doesn't have confidence in me. I feel confident with searching through our local cad portal, RMS, Evidence.com, LeadsOnline, carfax and TLO. Even though we don't have cameras in our city, I love any opportunity to search for something through Flock,” she said. “I have much to learn with sneaking around in social media, and collecting accurate reports from what is inputted by our department.”

A crime analyst with the Medford Police Department introduced themselves to the group by saying “The Medford Police Department utilizes the license plate reader systems, Vigilant and Flock. In the next couple months, we will be starting our transition to the Axon Fleet 3 cameras. These cameras will have LPR as well. If you need any LPR searches done, please reach out to me or one of the other analysts here at MPD. Some other tools/programs that we have here at MPD are: ESRI, Penlink PLX, CellHawk, TLO, LeadsOnline, CyberCheck, Vector Scheduling/CrewSense & Guardian Tracking, Milestone XProtect city cameras, AXON fleet and body cams, Lexipol, HeadSpace, and our RMS is Central Square (in case your agency is looking into purchasing any of these or want more information on them).”

A fourth analyst said “my agency uses Tulip, GeoShield, Flock LPR, LeadsOnline, TLO, Axon fleet and body cams, Lexipol, LEEP, ODMap, DMV2U, RISS/WSIN, Crystal Reports, SSRS Report Builder, Central Square Enterprise RMS, Laserfiche for fillable forms and archiving, and occasionally Hawk Toolbox.” Several of these tools are enterprise software solutions for police departments, which include things like police report management software, report creation software, and stress management and wellbeing software, but many of them are surveillance tools.

At one point in the 2023 thread, an FBI intelligence analyst for the FBI’s Portland office chimes in, introduces himself, and said “I think I've been in contact with most folks on this email at some point in the past […] I look forward to further collaboration with you all.”

The email thread also planned in-person meetups and a “mini-conference” last year that featured a demo from a company called CrimeiX, a police information sharing tool.

A member of Information for Public Use told 404 Media “it’s concerning to me to see them building a network of mass surveillance.”

“Automated license plate recognition software technology is something that in and of itself, communities are really concerned about,” the member of Information for Public Use said. “So I think when we combine this very obvious mass surveillance technology with a network of interagency crime analysts that includes local police who are using sock puppet accounts to spy on anyone and their mother and then that information is being pretty freely shared with federal agents, you know, including Homeland Security Investigations, and we see the FBI in the emails as well. It's pretty disturbing.” They added, as we have reported before, that many of these technologies were deployed under previous administrations but have become even more alarming when combined with the fact that the Trump administration has changed the priorities of ICE and Homeland Security Investigations.

“The whims of the federal administration change, and this technology can be pointed in any direction,” they said. “Local law enforcement might be justifying this under the auspices of we're fighting some form of organized crime, but one of the crimes HSI investigates is work site enforcement investigations, which sound exactly like the kind of raids on workplaces that like the country is so upset about right now.”

Simon, of ACLU Oregon, said that such informal collaboration is not supposed to be happening in Oregon.

“We have, in Oregon, a lot of really strong protections that ensure that our state resources, including at the local level, are not going to support things that Oregonians disagree with or have different values around,” she said. “Oregon has really strong firewalls between local resources, and federal resources or other state resources when it comes to things like reproductive justice or immigrant justice. We have really strong shield laws, we have really strong sanctuary laws, and when I see exchanges like this, I’m very concerned that our firewalls are more like sieves because of this kind of behind-the-scenes, lax approach to protecting the data and privacy of Oregonians.”

Simon said that collaboration between federal and local cops on surveillance should happen “with the oversight of the court. Getting a warrant to request data from a local agency seems appropriate to me, and it ensures there’s probable cause, that the person whose information is being sought is sufficiently suspected of a crime, and that there are limits to the scope, about of information that's being sought and specifics about what information is being sought. That's the whole purpose of a warrant.”

Over the last several weeks, our reporting has led multiple municipalities to reconsider how the license plate reading technology Flock is used, and it has spurred an investigation by the Illinois Secretary of State office into the legality of using Flock cameras in the state for immigration-related searches, because Illinois specifically forbids local police from assisting federal police on immigration matters.

404 Media contacted all of the police departments on the Southern Oregon Analyst Group for comment and to ask them about any guardrails they have for the sharing of surveillance tools across departments or with the federal government. Geoffrey Kirkpatrick, a lieutenant with the Medford Police Department, said the group is “for professional networking and sharing professional expertise with each other as they serve their respective agencies.”

“The Medford Police Department’s stance on resource-sharing with ICE is consistent with both state law and federal law,” Kirkpatrick said. “The emails retrieved for that 2025 public records request showed one single instance of running LPR information for a Department of Homeland Security analyst in November 2021. Retrieving those files from that single 2021 matter to determine whether it was an DHS case unrelated to immigration, whether a criminal warrant existed, etc would take more time than your publication deadline would allow, and the specifics of that one case may not be appropriate for public disclosure regardless.” (404 Media reached out to Medford Police Department a week before this article was published).

A spokesperson for the Central Point Police Department said it “utilizes technology as part of investigations, we follow all federal, state, and local law regarding use of such technology and sharing of any such information. Typically we do not use our tools on behalf of other agencies.”

A spokesperson for Oregon’s Department of Justice said it did not have comment and does not participate in the group. The other police departments in the group did not respond to our request for comment.

From 404 Media via this RSS feed

On Monday the Trump Organization announced its own mobile service plan and the “​​T1 Phone,” a customized all-gold mobile phone that its creators say will be made in America.

I tried to pre-order the phone and pay the $100 downpayment, hoping to test the phone to see what apps come pre-installed, how secure it really is, and what components it includes when it comes out. The website failed, went to an error page, and then charged my credit card the wrong amount of $64.70. I received a confirmation email saying I’ll receive a confirmation when my order has been shipped, but I haven’t provided a shipping address or paid the full $499 price tag. It is the worst experience I’ve ever faced buying a consumer electronic product and I have no idea whether or how I’ll receive the phone.

“Trump Mobile is going to change the game, we’re building on the movement to put America first, and we will deliver the highest levels of quality and service. Our company is based right here in the United States because we know it’s what our customers want and deserve,” Donald Trump Jr., EVP of the Trump Organization, and obviously one of President Trump’s sons, said in a press release announcing Trump Mobile.

From 404 Media via this RSS feed

Welcome back to the Abstract!

This week, it’s time for a walk in the woods. These particular woods have been dead and buried for centuries, mind you, but they still have a lot to say about the tumultuous events they experienced across thousands of years.

Then: exposure to climate change starts in the womb; CYBORG TADPOLES; get swole with this new dinosaur diet; the long march of an ancestral reptile; and, finally, pregaming for science.

The saga of the sunken cypress

Napora, Katharine et al. “Subfossil bald cypress trees suggest localized, enduring effects of major climatic episodes on the Southeast Atlantic Coast of the United States.” Proceedings of the National Academy of Sciences.

For thousands of years, a forest filled with bald cypress trees thrived in coastal Georgia. But climate shifts caused by volcanic eruptions and a possible comet impact wreaked havoc on this environment, eventually leading to the death of these ancient woods by the year 1600.

Now scientists have exhumed dozens of the magnificent trees, which were buried at the mouth of the Altamaha River for centuries. The dead trees are well-preserved as subfossils, meaning they are only partially fossilized, allowing researchers to count tree rings, conduct radiocarbon dating, and reconstruct the epic tale of this long-lived grove.

“This is the largest intact deposit of subfossil Holocene cypress trees ever analyzed in the literature from the Southeast United States…with specimens spanning almost six millennia,” said researchers led by Katharine Napora of Florida Atlantic University in their study.

In ideal conditions, bald cypress trees can live for millennia; for instance, one tree known as the Senator in Longwood, Florida was about 3,500-years-old when it died in a 2012 fire. But Napora’s team found that their subfossil trees experienced a collapse in life expectancy during the Vandal Minimum (VM) environmental downturn, which began around 500 CE. Trees that sprouted after this event only lived about half as long as those born before, typically under 200 years.

Study authors Katharine Napora and Craig Jacobs with an ancient cypress tree near the Georgia coast. Image: Florida Atlantic University

The reasons for this downturn are potentially numerous, including volcanic eruptions and a possible comet strike. The researchers say that tree-ring evidence shows “a reduction in solar radiation in 536 and 541 to 544 CE, likely the consequence of a volcanic dust veil…Greenlandic ice cores also contain particles rich in elements suggesting dust originating from a comet, dating to 533 to 540 CE.”

The possibility that a comet struck Earth at this time has been debated for decades, but many scientists think that volcanic eruptions can account for the extreme cooling without invoking space rocks. In any case, the world was rocked by a series of unfortunate events that produced a variety of localized impacts.This Georgian tree cemetery presents a new record of those tumultuous times which “speaks to the long-term impacts of major climatic episodes in antiquity” and “underscores the vulnerability of 21st-century coastal ecosystems to the destabilizing effects of large-scale climatic downturns,” according to the study.

In other news…

PSA: climate risks begin before you’re born

DeIngeniis, Donato et al. “Prenatal exposure to extreme ambient heat may amplify the adverse impact of Superstorm Sandy on basal ganglia volume among school-aged children.” PLOS One.

In addition to disrupting long-lived trees, climate change poses a threat to people—starting in the womb. A new study tracked the brain development of children whose mothers endured Superstorm Sandy while pregnant, revealing that prenatal exposure to extreme weather events affect neural and emotional health.

“Prenatal exposure to Superstorm Sandy impacted child brain development,” said researchers led by Donato DeIngeniis of the City University of New York. The team found that a group of 8-year-old children whose mothers experienced the 2012 disaster while pregnant had noticeable differences in their basal ganglia, a brain region involved in motor skills and emotional regulation.

Exposure to both the hurricane and associated extreme heat (defined as temperatures above 95°F) was linked to both a larger pallidum and smaller nucleus accumbens, both subregions of the basal ganglia, compared to unexposed peers. The findings hint at a higher risk of emotional and behavioral disruption, or other impairments, as a consequence of exposure in the womb, but the study said more research is necessary to confirm those associations.

“Extreme weather events and natural disasters are projected to increase in frequency and magnitude. In addition to promoting initiatives to combat climate change, it is imperative to alert pregnant individuals to the ongoing danger of exposure to extreme climate events,” the team said.

Here come the cyborg tadpoles

Sheng, Hao, Liu, Ren, Li, Qiang et al. “Brain implantation of soft bioelectronics via embryonic development.” Nature.

Scientists have a long tradition of slapping sensors onto brains to monitor whatever the heck is going on in there. The latest edition: Cyborg tadpoles.

By implanting a microelectrode array into embryonic frogs and axolotls, a team of researchers was able to track neural development and record brain activity with no detectable adverse effects on the tadpoles.

The cyborg tadpoles in question. Image: Liu Lab / Harvard SEAS

“Cyborg tadpoles showed normal development through later stages, showing comparable morphology, survival rates and developmental timing to control tadpoles,” said researchers co-led by Hao Sheng, Ren Liu, and Qiang Li of Harvard University. “Future combination of this system with virtual-reality platforms could provide a powerful tool for investigating behaviour- and sensory-specific brain activity during development.”

The future didn’t deliver personal jetpacks, but we may get virtual-reality tours of amphibian cyborg brains, so there’s that.

We finally know for certain what sauropods ate

Poropat, Stephen F. et al. “Fossilized gut contents elucidate the feeding habits of sauropod dinosaurs.” Current Biology.

Once upon a time, a long-necked sauropod dinosaur from the Diamantinasaurus family was chowing down on a variety of plants. Shortly afterward, it died (RIP). 100 million years later, this leafy last meal has now provided the first direct evidence that sauropods—the largest animals ever to walk on land—were herbivores.

Fossilized ferns, conifers, and other plants were found in the Australian Diamantinasaurus cololite. Image: Stephen Poropat

“Gut contents for sauropod dinosaurs—perhaps the most ecologically impactful terrestrial herbivores worldwide throughout much of the Jurassic and Cretaceous, given their gigantic sizes—have remained elusive,” said researchers led by Stephen Poropat of Curtin University. “The Diamantinasaurus cololite (fossilized gut contents) described herein provides the first direct, empirical support for the long-standing hypothesis of sauropod herbivory.”

Scientists have long assumed that sauropods were veggie-saurs based on their anatomy, but it’s cool to finally have confirmation by looking in the belly of this beast.

Life finds a way through the “dead zone”

Flannery-Sutherland, Joseph et al. “Landscape-explicit phylogeography illuminates the ecographic radiation of early archosauromorph reptiles.” Nature Ecology & Evolution.

Birds, crocodiles, and dinosaurs are all descended from an ancestral lineage of reptiles called archosauromorphs. These troopers managed to survive Earth’s most devastating extinction event, called the end-Permian or “Great Dying,” a global warming catastrophe that wiped out more than half of all land animals and 81 percent of marine life some 250 million years ago.

Children of the archosaurs, chillin’. Image: Timothy A. Gonsalves

Now, paleontologists have found clues indicating how they succeeded by reconstructing archosauromorph dispersal patterns with models of ancient landscapes and evolutionary trees. The results suggest that these animals endured 10,000-mile marches through “tropical dead zones.”

These archosauromorph “dispersals through the Pangaean tropical dead zone…contradict its perception as a hard barrier to vertebrate movement,” said researchers led by Joseph Flannery-Sutherland of the University of Birmingham. “This remarkable tolerance of climatic adversity was probably integral to their later evolutionary success.”

The science of spectator sports

Xygalatas, Dimitris et al “Route of fire: Pregame rituals and emotional synchrony among Brazilian football fans.” Proceedings of the National Academy of Sciences.

In Brazil, football fans participate in a pregame ritual known as the Rua de Fogo, or Street of Fire. As buses carrying teams arrive at the stadium, fans greet the players with flares, smoke bombs, fireworks, flags, cheers, and chants.

Now, scientists have offered a glimpse into the ecstatic emotions of these crowds by enlisting  17 fans, including a team bus driver, to wear heart rate monitors in advance of a state championship final  between local teams. The results showed that fans’ heart rates synced up during periods of “emotional synchrony.”

“We found that the Rua de Fogo ritual preceding the football match exhibited particularly high levels of emotional synchrony—surpassing even those observed during the game itself, which was among the season’s most important,” said researchers led by Dimitris Xygalatas of the University of Connecticut. “These findings suggest that fan rituals play important roles in fostering shared emotional experiences, reinforcing the broader appeal of sports as a site of social connection and identity formation.”

Wishing everyone an emotionally synchronous weekend! Thanks for reading and see you next week.

From 404 Media via this RSS feed

This is Behind the Blog, where we share our behind-the-scenes thoughts about how a few of our top stories of the week came together. This week, we discuss advertising, protests, and aircraft.

EMANUEL: On Thursday Meta announced that it has filed a lawsuit in Hong Kong against Joy Timeline HK Limited, the company that operates a popular nudify app called Crush that we have covered previously.

Meta’s position is that it hasn’t been able to prevent Crush from advertising its nudify app on its platform despite it violating its policies because Crush is “highly adversarial” and “constantly evolving their tactics to avoid enforcement.” We’ve seen Crush and other nudify apps create hundreds of Meta advertising accounts and different domain names that all link back to the same service in order to avoid detection. If Meta bans an advertising account or URL, Crush simply creates another. In theory, Meta always has ways of detecting if an ad contains nudity, but nudify apps can easily circumvent those measures as well. As I say in my post about the lawsuit, Meta still hasn’t explained why it appears to have different standards for content in ads versus regular posts on its platform, but there’s no doubt that it does take action against nudify ads when it’s easy for it do so, and that these nudify ads are actively trying to avoid Meta’s moderation when it does attempt to get rid of them.

From 404 Media via this RSS feed

🌘Subscribe to 404 Media to get The Abstract, our newsletter about the most exciting and mind-boggling science news and studies of the week.

Scientists have captured an unprecedented glimpse of cosmic dawn, an era more than 13 billion years ago, using telescopes on the surface of the Earth. This marks the first time humans have seen signatures of the first stars interacting with the early universe from our planet, rather than space.

This ancient epoch when the first stars lit up the universe has been probed by space-based observatories, but observations captured from telescopes in Chile are the first to measure key microwave signatures from the ground, reports a study published on Wednesday in The Astrophysical Journal. The advancement means it could now be much cheaper to probe this enigmatic era, when the universe we are familiar with today, alight with stars and galaxies, was born.

“This is the first breakthrough measurement,” said Tobias Marriage, a professor of physics and astronomy at Johns Hopkins University who co-authored the study. “It was very exciting to get this signal rising just above the noise.”

Many ground and space telescopes have probed the cosmic microwave background (CMB), the oldest light in the universe, which is the background radiation produced by the Big Bang. But it is much trickier to capture polarized microwave signatures—which were sparked by the interactions of the first stars with the CMB—from Earth.

This polarized microwave light is a million times fainter than the CMB, which is itself quite dim. Space-based telescopes like the WMAP and Planck missions have spotted it, but Earth’s atmosphere blocks out much of the universe’s light, putting ground-based measurements of this signature out of reach—until now.

Marriage and his colleagues set out to capture these elusive signals from Earth for the first time with the U.S. National Science Foundation’s Cosmology Large Angular Scale Surveyor (CLASS), a group of four telescopes that sits at high elevation in the Andes Mountains. A detection of this light would prove that ground-based telescopes, which are far more affordable than their space-based counterparts, could contribute to research into this mysterious era.

In particular, the team searched for a particular polarization pattern ignited by the birth of the first stars in the universe, which condensed from hydrogen gas starting a few hundred million years after the Big Bang. This inaugural starlight was so intense that it stripped electrons off of hydrogen gas atoms surrounding the stars, leading to what’s known as the epoch of reionization.

Marriage’s team aimed to capture encounters between CMB photons and the liberated electrons, which produce polarized microwave light. By measuring that polarization, scientists can estimate the abundance of freed electrons, which in turn provides a rough birthdate for the first stars.

“The first stars create this electron gas in the universe, and light scatters off the electron gas creating a polarization,” Marriage explained. “We measure the polarization, and therefore we can say how deep this gas of electrons is to the first stars, and say that's when the first stars formed.”

The researchers were confident that CLASS could eventually pinpoint the target, but they were delighted when it showed up early on in their analysis of a key frequency channel at the observatory.

“That the cosmic signal rose up in the first look was a great surprise,” Marriage said. “It was really unclear whether we were going to get this [measurement] from this particular set of data. Now that we have more in the can, we're excited to move ahead.”

Telescopes on Earth face specific challenges beyond the blurring effects of the atmosphere; Marriage is concerned that megaconstellations like Starlink will interfere with microwave research more in the coming years, as they already have with optical and radio observations. But ground telescopes also offer valuable data that can complement space-based missions like the James Webb Space Telescope (JWST) or the European Euclid observatory for a fraction of the price.

“Essentially, our measurement of reionization is a bit earlier than when one would predict with some analyzes of the JWST observations,” Marriage said. “We're putting together this puzzle to understand the full picture of when the first stars formed.”

🌘Subscribe to 404 Media to get The Abstract, our newsletter about the most exciting and mind-boggling science news and studies of the week.

From 404 Media via this RSS feed

Almost two dozen digital rights and consumer protection organizations sent a complaint to the Federal Trade Commission on Thursday urging regulators to investigate Character.AI and Meta’s “unlicensed practice of medicine facilitated by their product,” through therapy-themed bots that claim to have credentials and confidentiality “with inadequate controls and disclosures.”

The complaint and request for investigation is led by the Consumer Federation of America (CFA), a non-profit consumer rights organization. Co-signatories include the AI Now Institute, Tech Justice Law Project, the Center for Digital Democracy, the American Association of People with Disabilities, Common Sense, and 15 other consumer rights and privacy organizations.

"These companies have made a habit out of releasing products with inadequate safeguards that blindly maximizes engagement without care for the health or well-being of users for far too long,” Ben Winters, CFA Director of AI and Privacy said in a press release on Thursday. “Enforcement agencies at all levels must make it clear that companies facilitating and promoting illegal behavior need to be held accountable. These characters have already caused both physical and emotional damage that could have been avoided, and they still haven’t acted to address it.”

The complaint, sent to attorneys general in 50 states and Washington, D.C., as well as the FTC, details how user-generated chatbots work on both platforms. It cites several massively popular chatbots on Character AI, including “Therapist: I’m a licensed CBT therapist” with 46 million messages exchanged, “Trauma therapist: licensed trauma therapist” with over 800,000 interactions, “Zoey: Zoey is a licensed trauma therapist” with over 33,000 messages, and “around sixty additional therapy-related ‘characters’ that you can chat with at any time.” As for Meta’s therapy chatbots, it cites listings for “therapy: your trusted ear, always here” with 2 million interactions, “therapist: I will help” with 1.3 million messages, “Therapist bestie: your trusted guide for all things cool,” with 133,000 messages, and “Your virtual therapist: talk away your worries” with 952,000 messages. It also cites the chatbots and interactions I had with Meta’s other chatbots for our April investigation.

In April, 404 Media published an investigation into Meta’s AI Studio user-created chatbots that asserted they were licensed therapists and would rattle off credentials, training, education and practices to try to earn the users’ trust and keep them talking. Meta recently changed the guardrails for these conversations to direct chatbots to respond to “licensed therapist” prompts with a script about not being licensed, and random non-therapy chatbots will respond with the canned script when “licensed therapist” is mentioned in chats, too.

Instagram’s AI Chatbots Lie About Being Licensed TherapistsWhen pushed for credentials, Instagram’s user-made AI Studio bots will make up license numbers, practices, and education to try to convince you it’s qualified to help with your mental health.404 MediaSamantha Cole

In its complaint to the FTC, the CFA found that even when it made a custom chatbot on Meta’s platform and specifically designed it to not be licensed to practice therapy, the chatbot still asserted that it was. “I'm licenced (sic) in NC and I'm working on being licensed in FL. It's my first year licensure so I'm still working on building up my caseload. I'm glad to hear that you could benefit from speaking to a therapist. What is it that you're going through?” a chatbot CFA tested said, despite being instructed in the creation stage to not say it was licensed. It also provided a fake license number when asked.

The CFA also points out in the complaint that Character.AI and Meta are breaking their own terms of service. “Both platforms claim to prohibit the use of Characters that purport to give advice in medical, legal, or otherwise regulated industries. They are aware that these Characters are popular on their product and they allow, promote, and fail to restrict the output of Characters that violate those terms explicitly,” the complaint says. “Meta AI’s Terms of Service in the United States states that ‘you may not access, use, or allow others to access or use AIs in any matter that would…solicit professional advice (including but not limited to medical, financial, or legal advice) or content to be used for the purpose of engaging in other regulated activities.’ Character.AI includes ‘seeks to provide medical, legal, financial or tax advice’ on a list of prohibited user conduct, and ‘disallows’ impersonation of any individual or an entity in a ‘misleading or deceptive manner.’ Both platforms allow and promote popular services that plainly violate these Terms, leading to a plainly deceptive practice.”

The complaint also takes issue with confidentiality promised by the chatbots that isn’t backed up in the platforms’ terms of use. “Confidentiality is asserted repeatedly directly to the user, despite explicit terms to the contrary in the Privacy Policy and Terms of Service,” the complaint says. “The Terms of Use and Privacy Policies very specifically make it clear that anything you put into the bots is not confidential – they can use it to train AI systems, target users for advertisements, sell the data to other companies, and pretty much anything else.”

Senators Demand Meta Answer For AI Chatbots Posing as Licensed TherapistsExclusive: Following 404 Media’s investigation into Meta’s AI Studio chatbots that pose as therapists and provided license numbers and credentials, four senators urged Meta to limit “blatant deception” from its chatbots.404 MediaSamantha Cole

In December 2024, two families sued Character.AI, claiming it “poses a clear and present danger to American youth causing serious harms to thousands of kids, including suicide, self-mutilation, sexual solicitation, isolation, depression, anxiety, and harm towards others.” One of the complaints against Character.AI specifically calls out “trained psychotherapist” chatbots as being damaging.

Earlier this week, a group of four senators sent a letter to Meta executives and its Oversight Board, writing that they were concerned by reports that Meta is “deceiving users who seek mental health support from its AI-generated chatbots,” citing 404 Media’s reporting. “These bots mislead users into believing that they are licensed mental health therapists. Our staff have independently replicated many of these journalists’ results,” they wrote. “We urge you, as executives at Instagram’s parent company, Meta, to immediately investigate and limit the blatant deception in the responses AI-bots created by Instagram’s AI studio are messaging directly to users.”

From 404 Media via this RSS feed

Meta said it is suing a nudify app that 404 Media reported bought thousands of ads on Instagram and Facebook, repeatedly violating its policies.

Meta is suing Joy Timeline HK Limited, the entity behind the CrushAI nudify app that allows users to take an image of anyone and AI-generate a nude image of them without their consent. Meta said it has filed the lawsuit in Hong Kong, where Joy Timeline HK Limited is based, “to prevent them from advertising CrushAI apps on Meta platforms,” Meta said.

In January, 404 Media reported that CrushAI, also known as Crushmate and other names, had run more than 5,000 ads on Meta’s platform, and that 90 percent of Crush’s traffic came from Meta’s platform, a clear sign that the ads were effective in leading people to tools that create nonconsensual media. Alexios Mantzarlis, now of Indicator, was first to report about Crush’s traffic coming from Meta. At the time, Meta told us that “This is a highly adversarial space and bad actors are constantly evolving their tactics to avoid enforcement, which is why we continue to invest in the best tools and technology to help identify and remove violating content.”

“This legal action underscores both the seriousness with which we take this abuse and our commitment to doing all we can to protect our community from it,” Meta said in a post on its site announcing the lawsuit. “We’ll continue to take the necessary steps—which could include legal action—against those who abuse our platforms like this.”

However, CrushAI is far from the only nudify app to buy ads on Meta’s platforms. Last year I reported that these ads were common, and despite our reporting leading to the ads being removed and Apple and Google removing the apps from their app stores, new apps and ads continue to crop up.

To that end, Meta said that now when it removes ads for nudify apps it will share URLs for those apps and sites with other tech companies through the Tech Coalition’s Lantern program so those companies can investigate and take action against those apps as well. Members of that group include Google, Discord, Roblox, Snap, and Twitch. Additionally, Meta said that it’s “strengthening” its enforcement against these “adversarial advertisers.”

“Like other types of online harm, this is an adversarial space in which the people behind it—who are primarily financially motivated—continue to evolve their tactics to avoid detection. For example, some use benign imagery in their ads to avoid being caught by our nudity detection technology, while others quickly create new domain names to replace the websites we block,” Meta said. “That’s why we’re also evolving our enforcement methods. For example, we’ve developed new technology specifically designed to identify these types of ads—even when the ads themselves don’t include nudity—and use matching technology to help us find and remove copycat ads more quickly. We’ve worked with external experts and our own specialist teams to expand the list of safety-related terms, phrases and emojis that our systems are trained to detect within these ads.”

From what we’ve reported, and according to testing by AI Forensics, a European non-profit that investigates influential and opaque algorithms, in general it seems that content in Meta ads is not moderated as effectively as regular content users post to Meta’s platforms. Specifically, AI Forensics found that the exact same image containing nudity was removed as a normal post on Facebook but allowed when it was part of a paid ad.

404 Media’s reporting has led to some pressure from Congress, and Meta’s press release did mention the passage of the federal Take It Down Act last month, which holds platforms liable for hosting this type of content, but said it was not the reason for taking these actions now.

From 404 Media via this RSS feed

Customs and Border Protection (CBP) has confirmed it is flying Predator drones above the Los Angeles protests, and specifically in support of Immigration and Customs Enforcement (ICE), according to a CBP statement sent to 404 Media. The statement follows 404 Media’s reporting that the Department of Homeland Security (DHS) has flown two Predator drones above Los Angeles, according to flight data and air traffic control (ATC) audio.

The statement is the first time CBP has acknowledged the existence of these drone flights, which over the weekend were done without a callsign, making it more difficult, but not impossible, to determine what model of aircraft was used and by which agency. It is also the first time CBP has said it is using the drones to help ICE during the protests.

“Air and Marine Operations’ [AMO] MQ-9 Predators are supporting our federal law enforcement partners in the Greater Los Angeles area, including Immigration and Customs Enforcement, with aerial support of their operations,” the statement from CBP to 404 Media says. The statement added that “they are providing officer safety surveillance when requested by officers. AMO is not engaged in the surveillance of first amendment activities.” According to flight data reviewed by 404 Media, the drones flew repeatedly above Paramount, where the weekend’s anti-ICE protests started, and downtown Los Angeles, where much of the protest activity moved to.

CBP’s AMO has a fleet of at least 10 MQ-9 drones, according to a CBP presentation available online. Five of these are the Predator B, used for land missions, according to the presentation. These sorts of drones are often equipped with high-powered surveillance equipment, but the statement did not specify what surveillance technology was used during the Los Angeles flights.

The Los Angeles protests started after ICE raided a Home Depot on Friday. Tensions escalated when President Trump called up 4,000 members of the National Guard, and on Monday ordered more than 700 active duty Marines to deploy to the city too.

💡Do you know anything else about these or other drone flights? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at [email protected].

Over the weekend 404 Media reviewed flight data published by ADS-B Exchange, a site where a volunteer community of feeders provide real-time information on the location of flights, to monitor which aircraft were flying over the protests. That included DHS Black Hawk helicopters, small aircraft from the California Highway Patrol, and aircraft flying at a higher altitude with the data displaying a distinctive hexagonal flight pattern. This strongly resembled that of a Predator drone, and CBP previously flew such a drone above George Floyd protests in Minneapolis in 2020.

An aviation tracking enthusiast then unearthed ATC audio and found these aircraft were using TROY callsigns; TROY is a callsign used by the DHS. The enthusiast, who goes by the handle Aeroscout, then found more audio that described the aircraft as “Q-9,” which is sometimes used as shorthand for the MQ-9. 404 Media verified that audio at the time.

CBP has repeatedly flown its Predator drones on behalf of or at the request of other law enforcement agencies, including local and state agencies.

From 404 Media via this RSS feed

The Wikimedia Foundation, the nonprofit organization which hosts and develops Wikipedia, has paused an experiment that showed users AI-generated summaries at the top of articles after an overwhelmingly negative reaction from the Wikipedia editors community.

“Just because Google has rolled out its AI summaries doesn't mean we need to one-up them, I sincerely beg you not to test this, on mobile or anywhere else,” one editor said in response to Wikimedia Foundation’s announcement that it will launch a two-week trial of the summaries on the mobile version of Wikipedia. “This would do immediate and irreversible harm to our readers and to our reputation as a decently trustworthy and serious source. Wikipedia has in some ways become a byword for sober boringness, which is excellent. Let's not insult our readers' intelligence and join the stampede to roll out flashy AI summaries. Which is what these are, although here the word ‘machine-generated’ is used instead.”

Two other editors simply commented, “Yuck.”

For years, Wikipedia has been one of the most valuable repositories of information in the world, and a laudable model for community-based, democratic internet platform governance. Its importance has only grown in the last couple of years during the generative AI boom as it’s one of the only internet platforms that has not been significantly degraded by the flood of AI-generated slop and misinformation. As opposed to Google, which since embracing generative AI has instructed its users to eat glue, Wikipedia’s community has kept its articles relatively high quality. As I recently reported last year, editors are actively working to filter out bad, AI-generated content from Wikipedia.

A page detailing the the AI-generated summaries project, called “Simple Article Summaries,” explains that it was proposed after a discussion at Wikimedia’s 2024 conference, Wikimania, where “Wikimedians discussed ways that AI/machine-generated remixing of the already created content can be used to make Wikipedia more accessible and easier to learn from.” Editors who participated in the discussion thought that these summaries could improve the learning experience on Wikipedia, where some article summaries can be quite dense and filled with technical jargon, but that AI features needed to be cleared labeled as such and that users needed an easy to way to flag issues with “machine-generated/remixed content once it was published or generated automatically.”

In one experiment where summaries were enabled for users who have the Wikipedia browser extension installed, the generated summary showed up at the top of the article, which users had to click to expand and read. That summary was also flagged with a yellow “unverified” label.

An example of what the AI-generated summary looked like.

Wikimedia announced that it was going to run the generated summaries experiment on June 2, and was immediately met with dozens of replies from editors who said “very bad idea,” “strongest possible oppose,” Absolutely not,” etc.

“Yes, human editors can introduce reliability and NPOV [neutral point-of-view] issues. But as a collective mass, it evens out into a beautiful corpus,” one editor said. “With Simple Article Summaries, you propose giving one singular editor with known reliability and NPOV issues a platform at the very top of any given article, whilst giving zero editorial control to others. It reinforces the idea that Wikipedia cannot be relied on, destroying a decade of policy work. It reinforces the belief that unsourced, charged content can be added, because this platforms it. I don't think I would feel comfortable contributing to an encyclopedia like this. No other community has mastered collaboration to such a wondrous extent, and this would throw that away.”

A day later, Wikimedia announced that it would pause the launch of the experiment, but indicated that it’s still interested in AI-generated summaries.

“The Wikimedia Foundation has been exploring ways to make Wikipedia and other Wikimedia projects more accessible to readers globally,” a Wikimedia Foundation spokesperson told me in an email. “This two-week, opt-in experiment was focused on making complex Wikipedia articles more accessible to people with different reading levels. For the purposes of this experiment, the summaries were generated by an open-weight Aya model by Cohere. It was meant to gauge interest in a feature like this, and to help us think about the right kind of community moderation systems to ensure humans remain central to deciding what information is shown on Wikipedia.”

“It is common to receive a variety of feedback from volunteers, and we incorporate it in our decisions, and sometimes change course,” the Wikimedia Foundation spokesperson added. “We welcome such thoughtful feedback — this is what continues to make Wikipedia a truly collaborative platform of human knowledge.”

“Reading through the comments, it’s clear we could have done a better job introducing this idea and opening up the conversation here on VPT back in March,” a Wikimedia Foundation project manager said. VPT, or “village pump technical,” is where The Wikimedia Foundation and the community discuss technical aspects of the platform. “As internet usage changes over time, we are trying to discover new ways to help new generations learn from Wikipedia to sustain our movement into the future. In consequence, we need to figure out how we can experiment in safe ways that are appropriate for readers and the Wikimedia community. Looking back, we realize the next step with this message should have been to provide more of that context for you all and to make the space for folks to engage further.”

The project manager also said that “Bringing generative AI into the Wikipedia reading experience is a serious set of decisions, with important implications, and we intend to treat it as such, and that “We do not have any plans for bringing a summary feature to the wikis without editor involvement. An editor moderation workflow is required under any circumstances, both for this idea, as well as any future idea around AI summarized or adapted content.”

From 404 Media via this RSS feed

It’s that time again! We’re planning our latest FOIA Forum, a live, hour-long or more interactive session where Joseph and Jason (and this time Emanuel too maybe) will teach you how to pry records from government agencies through public records requests. We’re planning this for Wednesday, 18th at 1 PM Eastern. That's in just one week today! Add it to your calendar!

So, what’s the FOIA Forum? We'll share our screen and show you specifically how we file FOIA requests. We take questions from the chat and incorporate those into our FOIAs in real-time. We’ll also check on some requests we filed last time. This time we're particularly focused on Jason's and Emanuel's article about Massive Blue, a company that helps cops deploy AI-powered fake personas. The article, called This ‘College Protester’ Isn’t Real. It’s an AI-Powered Undercover Bot for Cops, is here. This was heavily based on public records requests. We'll show you how we did them!

If this will be your first FOIA Forum, don’t worry, we will do a quick primer on how to file requests (although if you do want to watch our previous FOIA Forums, the video archive is here). We really love talking directly to our community about something we are obsessed with (getting documents from governments) and showing other people how to do it too.

Paid subscribers can already find the link to join the livestream below. We'll also send out a reminder a day or so before. Not a subscriber yet? Sign up now here in time to join.

We've got a bunch of FOIAs that we need to file and are keen to hear from you all on what you want to see more of. Most of all, we want to teach you how to make your own too. Please consider coming along!

From 404 Media via this RSS feed

A judge ruled that John Deere must face a lawsuit from the Federal Trade Commission and five states over its tractor and agricultural equipment repair monopoly, and rejected the company’s argument that the case should be thrown out. This means Deere is now facing both a class action lawsuit and a federal antitrust lawsuit over its repair practices.

The FTC’s lawsuit against Deere was filed under former FTC chair Lina Khan in the final days of Joe Biden’s presidency, but the Trump administration’s FTC has decided to continue to pursue the lawsuit, indicating that right to repair remains a bipartisan issue in a politically divided nation in which so few issues are agreed on across the aisle. Deere argued that both the federal government and state governments joining in the case did not have standing to sue it and argued that claims of its monopolization of the repair market and unfair labor practices were not sufficient; Illinois District Court judge Iain D. Johnston did not agree, and said the lawsuit can and should move forward.

Johnston is also the judge in the class action lawsuit against Deere, which he also ruled must proceed. In his pretty sassy ruling, Johnston said that Deere repeated many of its same arguments that also were not persuasive in the class action suit.

“Sequels so rarely beat their originals that even the acclaimed Steve Martin couldn’t do it on three tries. See Cheaper by the Dozen II, Pink Panther II, Father of the Bride II,” Johnston wrote. “Rebooting its earlier production, Deere sought to defy the odds. To be sure, like nearly all sequels, Deere edited the dialogue and cast some new characters, giving cameos to veteran stars like Humphrey’s Executor [a court decision]. But ultimately the plot felt predictable, the script derivative. Deere I received a thumbs-down, and Deere II fares no better. The Court denies the Motion for judgment on the pleadings.”

Johnston highlighted, as we have repeatedly shown with our reporting, that in order to repair a newer John Deere tractor, farmers need access to a piece of software called Service Advisor, which is used by John Deere dealerships. Parts are also difficult to come by.

“Even if some farmers knew about the restrictions (a fact question), they might not be aware of or appreciate at the purchase time how those restrictions will affect them,” Johnston wrote. “For example: How often will repairs require Deere’s ADVISOR tool? How far will they need to travel to find an Authorized Dealer? How much extra will they need to pay for Deere parts?”

You can read more about the FTC’s lawsuit against Deere here and more about the class action lawsuit in our earlier coverage here.

From 404 Media via this RSS feed

Web domains owned by Nvidia, Stanford, NPR, and the U.S. government are hosting pages full of AI slop articles that redirect to a spam marketing site.

On a site seemingly abandoned by Nvidia for events, called events.nsv.nvidia.com, a spam marketing operation moved in and posted more than 62,000 AI-generated articles, many of them full of incorrect or incomplete information on popularly-searched topics, like salon or restaurant recommendations and video game roundups.

Few topics seem to be off-limits for this spam operation. On Nvidia’s site, before the company took it down, there were dozens of posts about sex and porn, such as “5 Anal Vore Games,” “Brazilian Facesitting Fart Games,” and “Simpsons Porn Games.” There’s a ton of gaming content in general, NSFW or not; Nvidia is leading the industry in chips for gaming.

“Brazil, known for its vibrant culture and Carnival celebrations, is a country where music, dance, and playfulness are deeply ingrained,” the AI spam post about “facesitting fart games” says. “However, when it comes to facesitting and fart games, these activities are not uniquely Brazilian but rather part of a broader, global spectrum of adult games and humor.”

Less than two hours after I contacted Nvidia to ask about this site, it went offline. “This site is totally unaffiliated with NVIDIA,” a spokesperson for Nvidia told me.

On the vaccines.gov domain, topics for spam blogs include “Gay Impregnation,” “Gay Firry[sic] Porn,” and “Planes in Top Gun.”

The same AI spam farm operation has also targeted the American Council on Education’s site, Stanford, NPR, and a subdomain of vaccines.gov. Each of the sites have slightly different names—on Stanford’s site it’s called “AceNet Hub”; on NPR.org “Form Generation Hub” took over a domain that seems to be abandoned by the station’s “Generation Listen” project from 2014. On the vaccines.gov site it’s “Seymore Insights.” All of these sites are in varying states of useability. They all contain spam articles with the byline “Ashley,” with the same black and white headshot.

Screenshot of the "Vaccine Hub" homepage on the es.vaccines.gov domain.

NPR acknowledged but did not comment when reached for this story; Stanford, the American Council on Education, and the CDC did not respond. This isn’t an exhaustive list of domains with spam blogs living on them, however. Every site has the same Disclaimer, DMCA, Privacy Policy and Terms of Use pages, with the same text. So, searching for a portion of text from one of those sites in quotes reveals many more domains that have been targeted by the same spam operation.

Clicking through the links from a search engine redirects to stocks.wowlazy.com, which is itself a nonsense SEO spam page. WowLazy’s homepage claims the company provides “ready-to-use templates and practical tips” for writing letters and emails. An email I sent to the addresses listed on the site bounced.

Technologist and writer Andy Baio brought this bizarre spam operation to our attention. He said his friend Dan Wineman was searching for “best portland cat cafes” on DuckDuckGo (which pulls its results from Bing) and one of the top results led to a site on the events.nsv.nvidia domain about cat cafes.

💡Do you know anything else about WowLazy or this spam scheme? I would love to hear from you. Send me an email at [email protected].

In the case of the cat cafes, other sites targeted by the WowLazy spam operation show the same results. Searching for “Thumpers Cat Cafe portland” returns a result for a dead link on the University of California, Riverside site with a dead link, but Google’s AI Overview already ingested the contents and serves it to searchers as fact that this nonexistent cafe is “a popular destination for cat lovers, offering a relaxed atmosphere where visitors can interact with adoptable cats while enjoying drinks and snacks.” It also weirdly pulls a detail about a completely different (real) cat cafe in Buffalo, New York reopening that announced its closing on a local news segment that the station uploaded to YouTube, but adds that it’s reopening on June 1, 2025 (which isn’t true).

Screenshot of Google with the AI Overview result showing wrong information about cat cafes, taken from the AI spam blogs.

A lot of it is also entirely mundane, like the posts about solving simple math problems or recommending eyelash extension salons in Kansas City, Missouri. Some of the businesses listed in the recommendations for articles like the one about lash extension actually exist, while others are close names (“Lashes by Lexi” doesn’t exist in Missouri, but there is a “Lexi’s Lashes” in St. Louis, for example).

All of the posts on “Event Nexis” are gamified for SEO, and probably generated from lists of what people search for online, to get the posts in front of more people, like “Find Indian Threading Services Near Me Today.”

AI continues to eat the internet, with spam schemes like this one gobbling up old, seemingly unmonitored sites on huge domains for search clicks. And functions like AI Overview, or even just the top results on mainstream search engines, float the slop to the surface.

Tip Jar

From 404 Media via this RSS feed