A Seattle jury has found Paige Thompson, a former Amazon software engineer accused of stealing data from Capital One in 2019, guilty of wire fraud and five counts of unauthorized access to a protected computer. The Capital One hack was one of the biggest security breaches in the US and compromised the data of 100 million people in the country, along with 6 million people in Canada. Thompson was arrested in July that year after a GitHub user saw her post on the website sharing information about stealing data from servers storing Capital One information.
According to the Department of Justice, Thompson used a tool she built herself to scan Amazon Web Services for misconfigured accounts. She then allegedly used those accounts to infiltrate Capital One's servers and download over 100 million people's data. The jury has decided that Thompson violated the Computer Fraud and Abuse Act by doing so, but her lawyers argued that she used the same tools and method also used by ethical hackers.
The Justice Department recently amended the Computer Fraud and Abuse Act to protect ethical or white hat hackers. As long as researchers are investigating or fixing vulnerabilities in "good faith" and aren't using the security holes they discover for extortion or other malicious purposes, they can no longer be charged under the law.
US authorities, however, disagreed with the assertion that she was only trying to expose Capital One's vulnerabilities. The Justice Department said she planted cryptocurrency mining software onto the bank's servers and sent the earnings straight to her digital wallet. She also allegedly bragged about the hack on online forums.
"Far from being an ethical hacker trying to help companies with their computer security, she exploited mistakes to steal valuable data and sought to enrich herself," US Attorney Nick Brown said. Thompson could be sentenced with up to 20 years of prison time for wire fraud and up to five years for each charge of illegally accessing a protected computer. Her sentencing hearing is scheduled for September 15th.
A group of Democratic lawmakers led by Sen. Mark Warner (D-Va.) and Rep. Elissa Slotkin is urging Google to "crack down on manipulative search results" that lead people seeking abortions to anti-abortion clinics. In a letter addressed to Alphabet CEO Sundar Pichai, the lawmakers reference a study conducted by US nonprofit group Center for Countering Digital Hate (CCDH). The organization found that 1 in 10 Google search results for queries such as "abortion clinics near me" and "abortion pill" — specifically in states with trigger laws that would ban the procedure the moment Roe v. Wade is overturned — points to crisis pregnancy centers that oppose abortion instead.
"Directing women towards fake clinics that traffic in misinformation and don't provide comprehensive health services is dangerous to women's health and undermines the integrity of Google's search results," the lawmakers wrote. CCDH also found that 37 percent of results on Google Maps for the same search terms lead people to anti-abortion clinics. The lawmakers argue in the letter that Google should not be displaying those results for users searching for abortion and that if the company's search results must continue showing them, they should at least be properly labeled.
In addition, CCDH found that 28 percent of ads displayed at the top of Google search results are for crisis pregnancy centers. Google added a disclaimer for those ads, "albeit one that appears in small font and is easily missed," the lawmakers note, after getting flak for them a few years ago. "The prevalence of these misleading ads marks what appears to be a concerning reversal from Google’s pledge in 2014 to take down ads from crisis pregnancy centers that engage in overt deception of women seeking out abortion information online," the letter reads.
Warner, Slotkin and the letter's other signees are asking Google what it plans to do to limit the appearance of anti-abortion clinics when users are explicitly searching for abortion services. And, if Google chooses not to take action to prevent them from appearing in results, the group is asking whether Google would add user-friendly disclaimers clarifying whether the clinic is or isn't providing abortion services. You can read the whole letter below:
NEW: @RepSlotkin and I are leading a group of lawmakers to push on the Google CEO to crack down on manipulative search results that lead to scammy “crisis pregnancy centers.”
It’s time for them to limit or label results and ads that lead to fake abortion clinics. pic.twitter.com/LlkTueI2QP
A Supreme Court draft obtained by Politico in May showed that SCOTUS justices have voted to reverse Roe v. Wade, the landmark case that protected the federal rights to abortion across the country. Senator Ron Wyden and 41 other Democratic lawmakers also previously asked Google to stop collecting and keeping users' location data. They said the information could be used against people who've had or are seeking abortions in states with trigger laws.
Amazon is likely to run out of prospective workers for its US warehouses by the year 2024, according to an internal memo that was leaked to Recode. The memo contained internal research from 2021 that predicted a looming labor crisis for the e-commerce giant that would hit some areas faster than others. For example, it estimated that Amazon would exhaust its labor supply in Phoenix, Arizona by the end of 2021 and in California’s Inland Empire by the end of 2022. It calculated the available pool of workers using factors like income levels and proximity to current or planned Amazon facilities.
The report urged the company to take steps to address the future labor gap, such as raising wages to retain its existing workforce and attract more new hires. It also suggested increasing automation in the warehouses. “If we continue business as usual, Amazon will deplete the available labor supply in the US network by 2024,” wrote the authors of the report.
In a statement to Engadget, an Amazon spokesperson said that the leaked document isn't an accurate assessment of its hiring situation. “There are many draft documents written on many subjects across the company that are used to test assumptions and look at different possible scenarios, but aren’t then escalated or used to make decisions. This was one of them. It doesn’t represent the actual situation, and we are continuing to hire well in Phoenix, the Inland Empire, and across the country," wrote Rena Lunak, Amazon's director of global operations and field communications.
Automation is something that Amazon has invested heavily in already by acquiring Kiva Systems in 2012. But according to a Wired investigation from last year, Amazon’s warehouse robots aren’t capable of handling advanced fulfillment tasks that can only be performed by a human worker.
Human workers were once an ample resource the company. The tech giant is the second-largest private employer in the US, and is the largest private employer in a number of US states and cities. The company announced plans to hire 125,000 workers last fall, which is roughly equivalent to the population of Savannah, Georgia. But the new hires largely appear to be replacing workers who have been terminated or resigned. Amazon’s turnover rate is roughly 150 percent a year, or twice the amount of the retail and logistics industries at large, a New York Timesinvestigation revealed last year.
As Recode notes, Amazon’s attrition rate is even worse in Phoenix and the Inland Empire. It also has to compete with big-box stores like Walmart and Target, which are now offering competitive wages to those with warehouse experience. “We are hearing a lot of [Amazon] workers say, ‘I can just go across the street to Target or Walmart,’” Sheheryar Kaoosji, co-executive director of Inland Empire’s Warehouse Worker Resource Center told Recode.
The metaverse may not really exist yet, but Mark Zuckerberg already has a plan to sell users on designer fashion for their metaverse avatars. Meta announced that it’s opening an Avatars Store where users can purchase outfits for their avatars on Facebook, Instagram and Messenger.
The new looks include designer duds from Balenciaga, Prada and Thom Browne and the company expects to add more designers over time. Zuckerberg and Eva Chen, Meta’s VP of Fashion Partnerships, announced the new store on an Instagram Live they described as the “first live avatar fashion show.” The “fashion show” portion consisted of Chen holding up paper drawings of Zuckerberg’s avatar wearing increasingly questionable, if metaverse-ready, outfits.
“I think the only question is am I cool enough to wear that,” Zuckerberg asked at one point after seeing a Balenciaga-clad Zuck-atar. “I’m not sure if I’m quite up to that.” Chen also showed a Zuckerberg a Thom Browne look she described as a "classic English schoolboy kind of vibe" that only vaguely resembled Danny from The Shining.
Screenshot / Instagram
As to just why Facebook users would pay actual money for metaverse clothes, Chen pointed out that it will be much easier to get your hands on, say, an oversized Balenciaga hoodie in the metaverse than IRL. It will also be cheaper, with prices in the Avatars Store will ranging from $2.99 to $8.99 "to start," according to a company spokesperson.
Of course, selling digital items in the metaverse is also an important part of Meta’s strategy to keep making billions of dollars even as it pivots away from advertising. The company previously confirmed it plans to keep 48 percent of the profit from creators’ selling digital assets in Horizon Worlds’ VR experience. A Meta spokesperson declined to share what Meta’s cut would be on its new avatar fashion.
TikTok says it’s achieved a “significant milestone” toward its promises to beef up the security of its US users’ data. In a new update, the company says it has “changed the default storage location of US user data.”
As the company notes, it had already stored much of its user data in the United States, at a Virginia-based data center. But under a new partnership with Oracle, the company has migrated US user traffic to a new Oracle Cloud Infrastructure.
“Today, 100% of US user traffic is being routed to Oracle Cloud Infrastructure,” the company wrote in a blog post. “We still use our US and Singapore data centers for backup, but as we continue our work we expect to delete US users' private data from our own data centers and fully pivot to Oracle cloud servers located in the US.” Additionally, TikTok says it has made “operational changes,” including a new department “with US-based leadership, to solely manage US user data for TikTok.”
The moves are part of a longstanding effort by TikTok to address US officials’ concerns over how user data is handled by TikTok and parent company ByteDance. The company has been working to separate US user data so that it’s not accessible to China-based ByteDance as US lawmakers eye legislation to curb the influence of Chinese tech companies.
Still, the new safeguards are unlikely to fully sway critics of TikTok, who say the company still hasn’t addressed all potential concerns about how US user data is handled. In fact, just after TikTok published its blog post, BuzzFeed Newspublished a report that raises new questions about how the company handles the data of its US users.
The report, which was based on hours of internal meetings leaked to BuzzFeed, says that “China-based employees of ByteDance have repeatedly accessed nonpublic data about US TikTok users.” The recordings, which cover a time period between last September and January 2022, offer new details about the complex effort to cut off Bytedance's access to US user data.
The report quotes an outside consultant hired by TikTok to oversee some of the work saying that they believed there was “backdoor to access user data in almost all” of the company’s internal tools. It also quotes statements from several employees who say “that engineers in China had access to US data between September 2021 and January 2022, at the very least.”
It also notes that while data deemed “sensitive,” like users’ birth dates and phone numbers, will be stored in the Oracle servers, other information about US-based users could remain accessible to ByteDance. “ByteDance’s China-based employees could continue to have access to insights about what American TikTok users are interested in, from cat videos to political beliefs,” the report says.
That may not seem as serious as more personal information like birthdays and phone numbers, but it’s exactly the kind of details that some lawmakers in the US have raised concerns about. US officials have questioned whether the app’s “For You” algorithm could be used as a means of foreign influence.
“We know we're among the most scrutinized platforms from a security standpoint, and we aim to remove any doubt about the security of US user data,” TikTok said in a statement to BuzzFeed News.
If you have a tendency to talk to people you don't know on LinkedIn, you may want to take extra care. According to a CNBC report, the company has acknowledged a "recent uptick of fraud on its platform," and this time the scams involve persuading users to make investments in cryptocurrency. It's been deemed as a "significant threat" by Sean Ragan, the FBI's special agent in charge of the San Francisco and Sacramento field offices in California, who spoke to the outlet.
CNBC said the schemes typically began with someone pretending to be a professional and reaching out to LinkedIn users. They would engage in small talk, offering to help users make money through crypto investments. First, they would tell their targets to go to an actual crypto investment platform, but "after gaining their trust over several months, tells them to move the investment to a site controlled by the fraudster." Thereafter, the money is "drained from the account."
According to victims interviewed by CNBC, the fact that they trusted LinkedIn as a platform for networking lent credibility to the investment offers.
Ragan told CNBC that "the FBI has seen an increase in this particular investment fraud," which the outlet said "is different from a long-running scam in which the criminal pretends to show a romantic interest in the subject to persuade them to part with their money."
Linkedin
In a statement published yesterday, LinkedIn encouraged users to report suspicious profiles. The company's director of trust, privacy and equity Oscar Rodriguez told CNBC that "trying to identify what is fake and what is not fake is incredibly difficult."
LinkedIn's article urges users to "only connect with people you know and trust" and to "be wary of... people asking you for money who you don't know in person." The company added "This can include people asking you to send them money, cryptocurrency, or gift cards to receive a loan, prize, or other winnings."
It also lists "job postings that sound too good to be true or that ask you to pay anything upfront" and "romantic messages or gestures, which are not appropriate on our platform" as signs of potential fraud attempts.
The company isn't fully relying on its users reporting suspicious accounts as its only defense against scammers on its platform. "While our defenses catch the vast majority of abusive activity, our members can also help keep LinkedIn safe, trusted, and professional," Rodriguez wrote in the statement. LinkedIn also reported that "96% of detected fake accounts and 99.1% of spam and scams are caught and removed by our automated defenses."
Are you more interested in playing the original Pokémon Snap than the modern version? You won't have to pull your Nintendo 64 out of the closet to do it. Nintendo is releasing the N64 game on June 24th for gamers subscribed to Switch Online with the Expansion Pack. It's still the on-rails (sometimes literally) creature photo safari you remember, complete with tossing fruit to either attract or stun Pokémon in the name of a perfect snapshot.
Capture wild Pokémon on Pokémon Island… with a camera!
— Nintendo of America (@NintendoAmerica) June 17, 2022
There's no mention of any Switch-specific enhancements. The Virtual Console version for the Wii let you post critter pictures on a message board, but that's not strictly necessary when the Switch lets you capture screenshots to post on Facebook or Twitter.
Pokémon Snap probably won't persuade you to get the Expansion Pack by itself. Along with classics like Paper Mario and Kirby 64, though, the pattern is clear. Nintendo is still busy fleshing out Switch Online's extended library with some of the better-known games from the N64 era, and it doesn't mind adding titles that have present-day counterparts.
AT&T and Verizon have given the Federal Aviation Administration another year to fix altimeter issues as they look to roll out C-band 5G services around airports. “We believe we have identified a path that will continue to enable aviation and 5G C-band wireless to safely co-exist,” acting FAA administrator Billy Nolen said in a statement.
Under a phased plan, operators of regional aircraft with radio altimeters that are most susceptible to interference are required to fit them with radio frequency filters by the end of this year. That work is underway and the FAA says it will continue on an expedited basis.
The agency also says it worked with AT&T and Verizon to identify airports where they can bolster service with minimal risk of upending flight schedules. The FAA plans to monitor the pace of RF filter retrofits on altimeters too.
Altimeters have been at the heart of the tussle over the rollout of C-band 5G around airports. Airlines have been worried that, because C-Band frequencies are close to ones used by some altimeters, they could create interference. That could cause a plane's landing system to misinterpret the distance to the ground with potentially disastrous consequences.
In January, AT&T and Verizon agreed to delay activating C-band 5G towers around airports until July 5. They made the pledge just hours before switching on C-band 5G in other areas for the first time. The pair also agreed to create buffer zones around 50 airports.
Now, the carriers will continue with "some level of voluntary mitigations" for another year, until July 5th, 2023. "After that time, the wireless companies expect to operate their networks in urban areas with minimal restrictions," the FAA said.
"Through close coordination with the FAA over the last several months, we have developed a more tailored approach to controlling signal strength around runways that allows us to activate more towers and increase signal strength," an AT&T spokesperson said. "Though our FCC licenses allow us to fully deploy much-needed C-Band spectrum right now, we have chosen in good faith to implement these more tailored precautionary measures so that airlines have additional time to retrofit equipment. We appreciate the FAA’s support of this approach, and we will continue to work with the aviation community as we move toward the expiration of all such voluntary measures by next summer.”
“Today’s announcement identifies a path forward that will enable Verizon to make full use of our C-Band spectrum for 5G around airports on an accelerated and defined schedule," Verizon executive vice-president and chief administrative officer Craig Silliman said. "Under this agreement reached with the FAA, we will lift the voluntary limitations on our 5G network deployment around airports in a staged approach over the coming months meaning even more consumers and businesses will benefit from the tremendous capabilities of 5G technology. This progress is the result of months of close collaboration with the FAA, FCC and aviation industry, and sets the stage for continued, robust 5G deployment.”
A great smartphone doesn’t have to cost a fortune. Years of commoditization have brought features once exclusive to high-end devices – including big batteries, multi-camera arrays and high refresh rate displays – down to their more affordable siblings. As one of Engadget’s resident mobile geeks, I’ve reviewed dozens of midrange devices. So I’m here to help you figure out what features to prioritize when trying to find a phone for less than $600.
What is a midrange phone, anyway?
While the term shows up frequently in articles and videos, there isn’t an agreed-upon definition for “midrange” beyond a phone that isn’t a flagship or an entry-level option. For this guide, our recommendations cost between $400 and $600. Any less and you should expect significant compromises. If your budget is higher, though, you should consider flagships like the iPhone 13 and Galaxy S22.
What factors should you consider when buying a midrange smartphone?
Buying a new device can be intimidating, but a few questions can help guide you through the process. First: what platform do you want to use? If the answer is iOS, that narrows your options down to exactly one phone. (Thankfully, it’s great.) And if you’re an Android fan, there’s no shortage of compelling options. Both platforms have their strengths, so you shouldn’t rule either out.
Obviously, also consider how much you’re comfortable spending. Even spending $100 more can get you a dramatically better product. And manufacturers tend to support their more expensive devices for longer. It’s definitely worth buying something toward the top limit of what you can afford.
Having an idea of your priorities will help inform your budget. Do you want a long-lasting battery? Do you value speedy performance above all else? Or would you like the best possible cameras? While they continue to improve every year, midrange phones still involve some compromises, and knowing what’s important to you will make choosing one easier.
Lastly, pay attention to wireless bands and network compatibility. If you don’t want to worry about that, your best bet is to buy directly from your carrier. To make things easier, all the phones we recommend are compatible with every major US wireless provider and can be purchased unlocked.
What won’t you get from a midrange smartphone?
Every year, the line between midrange and flagship phones gets blurrier as more upmarket features trickle down. When we first published this guide in 2020, it was difficult to find $500 devices with waterproofing or 5G. Now, the biggest thing you might miss out on is wireless charging. Just remember to budget for a power adapter too – many companies have stopped including them. Performance has improved in recent years, but can still be hit or miss as most midrange phones use slower processors that can struggle with multitasking. Thankfully, their cameras have improved dramatically, and you can typically expect at least a dual-lens system on most handsets below $600.
Engadget picks
The best midrange Android phone: Pixel 5a with 5G
Terrence O'Brien / Engadget
It may look dull, but there’s a lot to like about Google’s $450 Pixel 5a. For one, it features the best cameras at this price. It may not have as many lenses as some of the other options on this list, but thanks to Google’s expertise in computational photography, the 5a delivers pictures that are on par with phones that cost hundreds more.
The Pixel 5a has a few other things going for it. Thanks to its large 4,680mAh battery and efficient chipset, you won’t have to worry about running out of juice. In fact, Engadget managing editor Terrence O’Brien found he could easily get a full day of use. The 5a also supports 5G and is certified IP67 for water and dust-proofing. Plus, as a Pixel phone, the 5a will receive the latest updates and security fixes from Google weeks and months before other Android phones.
Of course, no $450 phone is perfect. The Pixel 5a has an aging Snapdragon 765G chipset, and you can find plenty of midrange phones with more responsive displays.
One thing to note: The Pixel 6a is right around the corner and will go on sale on July 28th for $449. I suggest waiting until Engadget gets a review unit so you have details on things like battery life and performance before you make a decision.
If you can get past its dated design and small 5.4-inch display, the iPhone SE is the fastest phone you can buy for less than $600. No other device on this list has a processor that comes close to the SE’s A15 Bionic. What’s more, you can expect Apple to support the 2022 model for years to come. The company is only just ending support for the first-generation SE after six years. The company hasn’t said how long it intends to furnish the latest SE with new software, but it’s likely to support the device for a similar length of time.
For all its strengths, the iPhone SE is held back by a dated display. Not only is the SE’s screen small and slow, but it also uses an IPS panel instead of an OLED, meaning it can’t deliver deep blacks. Additionally, that screen is surrounded by some of the largest bezels you’ll find on a modern phone. That’s not surprising. The SE uses the design of the iPhone 6, which will be a decade old in two years. And if the SE looks dated now, it will only feel more tired in a few years.
The midrange phone with the best screen: Samsung Galaxy A53 5G
Igor Bonifacic / Engadget
For the best possible display at this price, look no further than Samsung’s $450 Galaxy A53 5G. It features a 6.5-inch Super AMOLED display that is ideal for watching TV shows and movies. Plus the 120Hz panel is the fastest on this list. Other standout features include a 5,000mAh battery and versatile camera system. The A53’s three cameras may not deliver photos with the same detail and natural colors as the Pixel 5a, but it can capture bigger scenes with its two wide-angle lenses.
Like the other Android phones on this list, the A53 isn’t the fastest performer. At best, Samsung’s Exynos 1280 is a lateral move from the Snapdragon 750G found in the Galaxy A52 5G. And though the A53 is $50 cheaper than its predecessor, it no longer comes with a power adapter and headphone jack, so the difference may not end up being much.
If you only have around $200 to spend on your next phone, you could do a lot worse than the OnePlus Nord N200 To start, it features a big 5,000mAh battery that will easily last you a full day. The N200 also has a 90Hz display and 5G connectivity, which are tricky to find at this price. Best of all, it doesn’t look like a budget product.
But the N200 is also a good illustration of why you should spend more if you can. I the slowest device on this list, due to its Snapdragon 480 chipset and paltry 4GB of RAM. Its triple main camera system is serviceable during the day but struggles in low light and doesn’t offer much versatility beyond a disappointing macro lens. OnePlus also doesn’t plan to update the phone beyond the soon-to-be-outdated Android 12. In short, the N200 is unlikely to last you as long as any of the other recommendations on this list.
After more than a year, Peacock is finally close to bringing Bill Nye back to TV screens. The NBCUniversal service has revealed that The End is Nye will premiere on August 25th. The six-episode series will have Nye explore disasters (natural and otherwise) while showing how science can help prevent and survive these calamities.
Nye serves as an executive producer in addition to hosting. The production team will seem very familiar if you're a fan of science documentaries or sci-fi. Brannon Braga (of Cosmos, The Orville and Star Trek fame) serves as director and showrunner, while Seth MacFarlane (also from Cosmos and The Orville) is both making cameo appearances and producing through his Fuzzy Door outfit.
The series comes roughly five years after Netflix's Bill Nye Saves the World, and follows a similar template. It's an effort to restore optimism about science, not to mention counter myths and otherwise push for a society where evidence and objectivity matter. This might not recapture the vibe of Bill's Science Guy days, but it might not have to if it gets the message across.