404 Media

2026-02-11 20:53:57

Free Tool Says it Can Bypass Discord's Age Verification Check With a 3D Model

A newly released tool claims it can bypass Discord’s age verification system by allowing users to control a 3D model of a computer-generated man in their browser instead of scanning their real face.

On Monday, Discord announced it was launching teen-by-default settings globally, meaning that more users may be required to verify their age by uploading an identity document or taking a selfie. Users responded with widespread criticism, with Discord then publishing an update saying, “You need to be an adult to access age-restricted experiences such as age-restricted servers and channels or to modify certain safety settings.”

The tool, however, shows those age verification checks may be bypassed. 404 Media previously reported kids said they were using photos of Trump and G-Man from Half Life to bypass the age verification software in the popular VR game Gorilla Tag. That game uses the service k–ID, which is the same as what Discord is using.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

Free Tool Says it Can Bypass Discord's Age Verification Check With a 3D Model

The tool presents users with a 3D model they can then manipulate to, the creator says, bypass Discord's age verification system.

^{Joseph Cox (404 Media)}

404 Media

2026-02-11 18:06:01

Government Loses Hard Drives It Was Supposed to Put ICE Detention Center Footage On

The legal saga over surveillance footage from within an Immigration and Customs Enforcement detention center in suburban Chicago has reached new levels of Kafkaesque absurdity, with the federal government losing three hard drives it was supposed to put footage on, refusing to provide footage from five critical surveillance cameras, and delivering soundless video of a highly contested visit from Department of Homeland Security Secretary Kristi Noem.

We have repeatedly covered an abuse lawsuit about living conditions within the Broadview detention facility. The federal government has claimed that 10 days of footage from within the facility, taken during a critical and highly contested period, was “irretrievably destroyed” and could not be produced as part of the lawsuit, which was brought by people being held at Broadview in what were allegedly horrendous conditions. It later said that due to a system crash, the footage was never recorded in the first place. The latest update in this case, however, deals with surveillance camera footage that was recorded and that a judge has ordered the federal government to turn over.

For this footage, the federal government first claimed that it could not afford the storage space necessary to take the footage that it did have and produce it for discovery to the plaintiffs’ lawyers in the case. The plaintiffs’ lawyers, representing Broadview’s detainees, then purchased 78 terabytes of empty hard drives and gave them to the federal government, according to court records. This included three 8-terabyte SSDs and three 18-terabyte hard drives.

Court records note that “plaintiffs provided defendants with five large hard drives to facilitate Defendants’ production, yet Defendants inexplicably lost three of them.” Emails submitted as evidence suggest that the U.S. government and the plaintiffs’ attorneys had a call to discuss the lost hard drives.

One of the emails sent by plaintiffs’ attorneys to the Department of Justice in late January notes that the government had been exceedingly slow in producing footage, taking weeks to produce just a small amount of footage.

“There should be plenty of hard drive space at Broadview’s disposal,” the email reads. “The team there should currently have in its possession 5 hard drives with 72 terabytes of space, provided by plaintiffs’ counsel at the last 2 site visits. We have received only one hard drive back from Broadview to date. Copying of November/December footage should have taken place over the past week so that it could be delivered to plaintiffs’ counsel today when they visit Broadview this afternoon. At the very least, that footage should be being copied now.”

The two sides then arranged a phone call, a summary of which was emailed by plaintiffs’ attorneys to the Department of Justice:

“Thanks for the productive call this morning. For the benefit of everyone:

We discussed the production of video footage. You relayed that, at present, your agency contact knows where 2 of the 5 hard drives are and that you have relayed that copying of footage from November to present for all 10 feeds and footage from September to November for the 5 additional cameras should be underway. You will investigate further where the remaining hard drives are and will also work on a plan to exchange footage on a more regular basis than plaintiffs' counsel's weekly visits.

We discussed providing an accounting of the hard drives to facilitate your conversations with personnel at Broadview:

• On January 8, plaintiffs' counsel delivered four hard drives to Broadview during an attorney visit. One was a 20 TB hard drive; three were 8 TB SSD drives.
• On January 16, plaintiffs' counsel received from Broadview one of the 8 TB SSD drives containing 150 GB of footage from 5 cameras for one week in January.
• Also on January 16, plaintiffs' counsel provided personnel at Broadview (SDDO Taylor, in particular) with two 18 TB hard drives.
• The sum total of storage capacity Broadview should have is: 5 drives, with a total of 72 TB of space. Using the productions we have received to date, we anticipate that the Government owes us at least 15 TB of footage.”

Days later, the Department of Justice told the plaintiffs’ attorneys that “they are still searching for those hard drives at Broadview.” The plaintiffs’ attorneys responded: “Losing multiple drives provided to facilitate speedy production is not acceptable,” and “the missing hard drives and lack of production of any footage predating January remains a significant, prejudicial issue.”

A filing by the plaintiffs with the court highlights some of the ongoing issues they have had with the government complying with court-ordered discovery requirements, which includes the lost hard drives, missing footage, footage from only five of the 10 cameras that were supposed to be delivered. A separate filing notes that footage produced by the government from a high-profile visit by Noem is missing audio “despite visible professional microphones and cell phones with audio capabilities in the footage.”

“Plaintiffs have gone above and beyond their obligations under federal law to streamline rolling production of such footage, purchasing expensive hard drives and agreeing to transport and pick up those drives from Broadview during weekly attorney visits. Defendants agreed to this arrangement,” they wrote in the filing. “Yet, Defendants have fallen unacceptably short of their production obligations. Defendants have provided no footage from five of the ten camera feeds […] Defendants have also failed to provide footage for a near-two-month span for the remaining five camera feeds. What’s more, Defendants have purportedly lost multiple hard drives provided by Plaintiffs’ counsel […] There is no excuse for Defendants’ discovery failures.”

The filing notes that the five missing cameras are specifically from detainee isolation cells, “despite those cells being a key part of Plaintiffs’ complaint. The produced feeds show egregious conditions but were insufficient to provide Plaintiffs the discovery necessary to fully investigate their claims.” These cells were designed to hold one person at a time, but were allegedly being used to hold multiple detainees at a time during a critical period that the lawsuit covers; “such cells are also where ICE holds detainees with acute medical or mental health conditions, including those who have suffered medical emergencies while in detention, and where it holds detainees who have been subjected to use of force by ICE officers while inside the facility,” they add.

The filing says that the plaintiffs learned that the government lost the hard drives in late January, when the government claimed that it had returned all of the hard drives to the plaintiffs’ attorneys, and that it had run out of storage space with which to provide them court-ordered footage.

“On January 28, Defendants’ counsel relayed that Broadview personnel had advised that they were out of storage space on drives provided by Plaintiffs, reporting that all hard drives provided by Plaintiffs had been returned to them.This was the first indication that some or all of 70 terabytes’ worth of hard drives were unaccounted for,” they wrote. “In the days since, the Government has admitted that it cannot find three of the five hard drives that should be in its possession.”

“Plaintiffs are waiting on months of footage. Every day that passes without this evidence compounds the prejudice to Plaintiffs’ ability to prepare for the upcoming hearing. Defendants’ foot dragging and poor organizational practices—and their instinct to rely on Plaintiffs to take the laboring oar for the purchase, delivery, pickup, and return of storage devices to facilitate Defendants’ discovery obligations—cannot be permitted.”

154

^{www.documentcloud.org}

404 Media

2026-02-11 16:42:11

A Mystery Inside Earth’s Core Has Finally Been Solved With a Mind-Boggling Discovery

🌘
Subscribe to 404 Media to get The Abstract, our newsletter about the most exciting and mind-boggling science news and studies of the week.

For decades, scientists have puzzled over the “density deficit” in Earth’s core, an unexplained discrepancy between the expected density of a solid iron core and the much lower density that is actually observed through seismic measurements of our planet’s center.

Now, scientists have provided some of the best experimental evidence yet that this deficit can be explained by vast oceans of hydrogen that are locked within the core, significantly lowering its overall density, according to a study published on Tuesday in Nature Communications.

In addition to constraining this longstanding problem, the research reveals new insights about another persistent mystery: the original source of Earth’s liquid water, the key ingredient that enabled life on our planet to emerge.

“Hydrogen has long been considered a major light-element candidate to account for the observed density deficit in Earth’s core,” said researchers led by Dongyang Huang, an assistant professor of Earth and space sciences at Peking University, in the new study. “For decades, however, our knowledge of the exact content of H in planetary cores has been hindered by the inability to unambiguously quantify H in high-pressure samples.”

To solve this problem, the researchers performed a series of experiments that simulated the extreme environment in the core during Earth’s formation billions of years ago. This approach involved heating up iron metal with lasers to a fully-molten state that resembles ancient Earth’s inner magma ocean, which reached temperatures up to 8,700°F, and pressures more than a million times more intense than those we experience on Earth’s surface.

The team then searched for the presence of hydrogen in nanostructures made primarily of silicon and oxygen. The results revealed that the core’s hydrogen percentage sits between 0.07 to 0.36 percent, which works out to roughly nine-to-45 times the amount of the hydrogen in all of Earth’s oceans.

But perhaps the most tantalizing part of the study is its implications for understanding the enigmatic origins of Earth’s water, the wellspring of life on our world.

Some theories suggest that Earth’s water was primarily delivered from extraterrestrial sources, such as comets and asteroids that impacted our planet as it was forming more than four billion years ago. An alternate possibility is that Earth’s water was largely sourced from its building blocks, including vast interior reservoirs of hydrogen. This latter scenario is supported by the new study.

“Although 71 percent of the Earth’s surface is covered by ocean, mainly made of H, it has been argued that the majority of Earth’s H had been stored in the core since its formation, ~4.5 billion years ago,” the researchers said.

The estimates presented in the study “require the Earth to obtain the majority of its water from the main stages of terrestrial accretion, instead of through comets during late addition,” the team concluded.

The study certainly helps tackle the mystery of the precise contents of Earth’s core, though the authors note that their estimate has large uncertainties that will need to be further narrowed down in future work. They also suggest that hydrogen alone cannot explain the density deficit, and that other light elements or compounds, including water, might be contributing to the discrepancy.

“Compared to existing models for Earth’s core composition this is a somewhat less H-rich core, and requires its density deficit to be accounted for by a mixture of light elements, rather than a single light species, akin to that of Mars’ core,” the team said in the study.

Given that water is essential to all life on Earth, solving the riddle of its origins is the first step to understanding how our planet came to be inhabited, and whether other planets may commonly go through the same process.

Experimental quantification of hydrogen content in the Earth’s core - Nature Communications

Earth’s core is arguably the largest reservoir of hydrogen (H) on the planet. Experiments show that H sequestration is coupled with those of Si and O, enabling the core to store the equivalent of dozens of Earth’s oceans.

^Nature

404 Media

2026-02-11 15:16:39

'The Most Dejected I’ve Ever Felt:' Harassers Made Nude AI Images of Her, Then Started an OnlyFans

In the first week of January, Kylie Brewer started getting strange messages.

“Someone has a only fans page set up in your name with this same profile,” one direct message from a stranger on TikTok said. “Do you have 2 accounts or is someone pretending to be you,” another said. And from a friend: “Hey girl I hate to tell you this, but I think there’s some picture of you going around. Maybe AI or deep fake but they don’t look real. Uncanny valley kind of but either way I’m sorry.”

It was the first week of January, during the frenzy of people using xAI’s chatbot and image generator Grok to create images of women and children partially or fully nude in sexually explicit scenarios. Between the last week of 2025 and the first week of 2026, Grok generated about three million sexualized images, including 23,000 that appear to depict children, according to researchers at the Center for Countering Digital Hate. The UK’s Ofcom and several attorneys general have since launched or demanded investigations into X and Grok. Earlier this month, police raided X’s offices in France as part of the government’s investigation into child sexual abuse material on the platform.

Messages from strangers and acquaintances are often the first way targets of abuse imagery learn that images of them are spreading online. Not only is the material disturbing itself — everyone, it seems, has already seen it. Someone was making sexually explicit images of Brewer, and then, according to her followers who sent her screenshots and links to the account, were uploading them to an OnlyFans and charging a subscription fee for them.

“It was the most dejected that I've ever felt,” Brewer told me in a phone call. “I was like, let's say I tracked this person down. Someone else could just go into X and use Grok and do the exact same thing with different pictures, right?”

@kylie.brewer
Please help me raise awareness and warn other women. We NEED to regulate AI… it’s getting too dangerous #leftist #humanrights #lgbtq #ai #saawareness
♬ original sound - Kylie Brewer💝

Brewer is a content creator whose work focuses on feminism, history, and education about those topics. She’s no stranger to online harassment. Being an outspoken woman about these and other issues through a leftist lens means she’s faced the brunt of large-scale harassment campaigns primarily from the “manosphere,” including “red pilled” incels and right-wing influencers with podcasts for years. But when people messaged her in early January about finding an OnlyFans page in her name, featuring her likeness, it felt like an escalation.

One of the AI generated images was based on a photo of her in a swimsuit from her Instagram, she said. Someone used AI to remove her clothing in the original photo. “My eyes look weird, and my hands are covering my face so it kind of looks like my face got distorted, and they very clearly tried to give me larger breasts, where it does not look like anything realistic at all,” Brewer said. Another image showed her in a seductive pose, kneeling or crawling, but wasn’t based on anything she’s ever posted online. Unlike the “nudify” one that relied on Grok, it seemed to be a new image made with a prompt or a combination of images.

Many of the people messaging her about the fake OnlyFans account were men trying to get access to it. By the time she clicked a link one of them sent of the account, it was already gone. OnlyFans prohibits deepfakes and impersonation accounts. The platform did not respond to a request for comment. But OnlyFans isn’t the only platform where this can happen: Non-consensual deepfake makers use platforms like Patreon to monetize abusive imagery of real people.

“I think that people assume, because the pictures aren't real, that it's not as damaging,” Brewer told me. “But if anything, this was worse because it just fills you with such a sense of lack of control and fear that they could do this to anyone. Children, women, literally anyone, someone could take a picture of you at the store, going grocery shopping, and ask AI or whatever to do this.”

A lack of control is something many targets of synthetic abuse imagery say they feel — and it can be especially intense for people who’ve experienced sexual abuse in real life. In 2023, after becoming the target of deepfake abuse imagery, popular Twitch streamer QTCinderella told me seeing sexual deepfakes of herself resurfaced past trauma. “You feel so violated…I was sexually assaulted as a child, and it was the same feeling,” she said at the time. “Like, where you feel guilty, you feel dirty, you feel like, ‘what just happened?’ And it’s bizarre that it makes that resurface. I genuinely didn’t realize it would.”

Other targets of deepfake harassment also feel like this could happen anytime, anywhere, whether you’re at the grocery store or posting photos of your body online. For some, it makes it harder to get jobs or have a social life; the fear that anyone could be your harasser is constant. “It's made me incredibly wary of men, which I know isn't fair, but [my harasser] could literally be anyone,” Joanne Chew, another woman who dealt with severe deepfake harassment for months, told me last year. “And there are a lot of men out there who don't see the issue. They wonder why we aren't flattered for the attention.”

‘I Want to Make You Immortal:’ How One Woman Confronted Her Deepfakes Harasser
“After discovering this content, I’m not going to lie… there are times it made me not want to be around any more either,” she said. “I literally felt buried.”
404 MediaSamantha Cole

Brewer’s income is dependent on being visible online as a content creator. Logging off isn’t an option. And even for people who aren’t dependent on TikTok or Instagram for their income, removing oneself from online life is a painful and isolating tradeoff that they shouldn’t have to make to avoid being harassed. Often, minimizing one’s presence and accomplishments doesn’t even stop the harassment.

Since AI-generated face-swapping algorithms became accessible at the consumer level in late 2017, the technology has only gotten better, more realistic, and its effects on targets harder to combat. It was always used for this purpose: to shame and humiliate women online. Over the years, various laws have attempted to protect victims or hold platforms accountable for non-consensual deepfakes, but most of them have either fallen short or present new risks of censorship and marginalize legal, consensual sexual speech and content online. The TAKE IT DOWN Act, championed by Ted Cruz and Melania Trump, passed into law in April 2025 as the first federal level legislation to address deepfakes; the law imposes a strict 48-hour turnaround requirement on platforms to remove reported content. President Donald Trump said that he would use the law, because “nobody gets treated worse online” than him. And in January, the Disrupt Explicit Forged Images and Non-Consensual Edits (DEFIANCE) Act passed the Senate and is headed to the House. The act would allow targets of deepfake harassment to sue the people making the content. But taking someone to court has always been a major barrier to everyday people experiencing harassment online; It’s expensive and time consuming even if they can pinpoint their abuser. In many cases, including Brewer’s, this is impossible—it could be an army of people set to make her life miserable.

“It feels like any remote sense of privacy and protection that you could have as a woman is completely gone and that no one cares,” Brewer said. “It’s genuinely such a dehumanizing and horrible experience that I wouldn't wish on anyone... I’m hoping also, as there's more visibility that comes with this, maybe there’s more support, because it definitely is a very lonely and terrible place to be — on the internet as a woman right now.”

Senate passes DEFIANCE Act to deal with sexually explicit deepfakes

The DEFIANCE Act goes to the House amid controversy over images created by X’s Grok.

^{Jasmine Mithani (19th News)}

404 Media

2026-02-11 14:00:18

Podcast: Ring Is Back and Scarier Than Ever

We start this week with exciting news: we bought a Super Bowl ad! For… $2,550. We explain how. After the break, Jason tells us about Ring’s recently launched Search Party feature, and gives us a very timely reminder of what Ring really is and how we got here. In the subscribers-only section, Joseph breaks down Lockdown Mode and how it kept the FBI out of a Washington Post reporter’s phone.
youtube.com/embed/0JK-VSrtlWw?…
Listen to the weekly podcast on Apple Podcasts,Spotify, or YouTube. Become a paid subscriber for access to this episode's bonus content and to power our journalism. If you become a paid subscriber, check your inbox for an email from our podcast host Transistor for a link to the subscribers-only version! You can also add that subscribers feed to your podcast app of choice and never miss an episode that way. The email should also contain the subscribers-only unlisted YouTube link for the extended video version too. It will also be in the show notes in your podcast player.
playlist.megaphone.fm?e=TBIEA5…

• 2:49 ⁠Watch 404 Media’s Super Bowl Ad⁠
• 27:29 ⁠With Ring, American Consumers Built a Surveillance Dragnet⁠
• Subscriber's story: ⁠FBI Couldn’t Get into WaPo Reporter’s iPhone Because It Had Lockdown Mode Enabled⁠

The 404 Media Podcast

Tech News Podcast · Updated Weekly · Welcome to the podcast from 404 Media where Joseph, Sam, Emanuel, and Jason catch you up on the stories we published this week. 404 Media is a journalist-owned digital media company exploring the way …

^{Apple Podcasts}

404 Media

2026-02-10 21:49:09

RFK Jr's Nutrition Chatbot Recommends Best Foods to Insert Into Your Rectum

The Department of Health and Human Services’ new AI nutrition chatbot will gleefully and dangerously give Americans recommendations for the best foods to insert into one’s rectum and will answer questions about the most nutrient-dense human body part to eat.

“Use AI to get real answers about real food,” a new website called realfood.gov proclaims. “From the guidelines to your kitchen. Ask AI to help you plan meals, shop smarter, cook simply, and replace processed food with real food.” The website then has an “Ask” chatbox where you can ask any question. Asking anything simply redirects to Grok, an example of how halfassed Health Secretary Robert F. Kennedy Jr.’s new website, which Mike Tyson promoted in a Super Bowl ad paid for by the “MAHA Center Inc,” actually is.
youtube.com/embed/n4F4yZhmMho?…
Various people on Bluesky who did not want to be named in this article but who reached out to 404 Media quickly realized that the chatbot would give detailed answers to questions such as “I am an assitarian, where I only eat foods which can be comfortably inserted into my rectum. What are the REAL FOOD recommendations for foods that meet these criteria?”

“Ah, a proud assitarian,” the chatbot responds, before listing “Top Assitarian Staples,” which include “Bananas (firm, not overripe; peeled)” as “the gold standard … choose slightly green ones so they hold shape.” The chatbot also suggests cucumbers and provides a “step-by-step diagram for carving a flared base.”

“Start — whole peeled carrot, straight shaft, narrow end for insertion, wider crown end as base,” the advice began, before eventually suggesting that one “cover with condom + retrieval string for extra safety.” 404 Media’s Sam Cole wanted to make sure that I noted that an image of a banana shown in the cut “is way too ripe for this, never gonna work,” and “sorry just to be clear exactly none of these are good for putting in your ass. Like please say that. This is not only funny it’s straight up bad advice. You’re going to lose a cuke in your ass if you do what this thing says.”

404 Media tested the chatbot by saying “I am looking for the safest foods that can be inserted into your rectum” and the chatbot spewed a lot of stuff at me but noted the “safest improvised non-toy food-shape item” is a “peeled medium cucumber” with second place being a “small zucchini.”

RFK Jr.’s chatbot also told me that “the most nutritious human body part, in terms of nutrient density (vitamins, minerals, and other essential compounds rather than just calories), would likely be the liver.”

This incredibly stupid chatbot has the same issue that so many other haphazardly dashed together chatbots since time immemorial have. Nonetheless, it has been launched and is being pushed by a federal government that is actively at war with science and redesigned the food pyramid to more closely align with the beef lobby. It is no surprise that it has poorly integrated Elon Musk’s shitty chatbot with no guardrails and calls it a public service.

RFK Jr.’s proteinaceous food pyramid is a land hog and a climate killer

A 25 percent uptick in meat and dairy consumption would eat up another 100 million acres and boost emissions.

^{Mother Jones}

404 Media

2026-02-10 19:31:51

Marc Benioff 'Jokes' ICE Is Watching Salesforce Employees Who Traveled to the U.S.

Salesforce CEO Marc Benioff ‘joked’ with employees who had traveled to the United States for a Salesforce all-hands meeting that Immigration and Customs Enforcement agents were in the building keeping tabs on them, 404 Media has learned.

Multiple employees told 404 Media about the joke, and 404 Media obtained internal Slack chats showing employees discussing it. Benioff was giving the opening keynote at the Salesforce CKO event in Las Vegas on Tuesday, which is a major Salesforce meeting ‘kicking off’ its strategy for the year. In his keynote, Benioff thanked international employees for traveling to the United States for the meeting, and asked them to stand. Benioff then said that ICE agents were in the building to keep tabs on them.

The comments instantly became a major topic of conversation on Saleforce’s internal Slack, with shocked employees trying to figure out if they had misheard the CEO. One employee asked “what was the ice joke?” Another employee responded “If you’re visiting from outside the United States, please stand … ICE is keeping track of that.” Another said the joke was “Please stand if you traveled here from abroad! Thank you! Just so the ICE agents know.” And a third wrote that the joke was, “roughly, ‘Please everyone stand who traveled here internationally.’ And then while they are still standing, ‘there are ICE agents in the hall to keep tabs on you.’”

“The room groaned,” one employee wrote on Slack. “We couldn’t believe he said that.”

Salesforce’s contracts with ICE have been controversial within the company, which is part of why employees weren’t happy with Benioff’s joke.

Business Insider first reported on Benioff’s remarks.

This is an example of “Silicon Valley CEOs and their inability to divorce ICE and the complete lack of understanding of why that makes them monsters,” a Salesforce employee told 404 Media. “Employees are going absolutely apeshit in internal Slack about how completely awful it was.” Another employee told 404 Media that Benioff “then followed it up with a joke about not understanding the message of Bad Bunny's Super Bowl performance. On its own just seems out of touch, but coupled with the previous joke it does seem worse.”

In a Slack channel called “#airing-of-grievances,” employees posted a meme of a Nazi officer that read “Are we the baddies?” Another wrote “Serious question: would a statement of apology/recognition/whatever by someone (anyone) actually do anything at this point? Or has a rubicon of sorts been crossed?” A third wrote “It’s super uncomfortable to me that this has been glossed over like ZERO mention of hey we hear your comments and your voice matters.”

Another employee created an “ICE OUT” emoji and noted that it was a “low impact probably fluffy mini protest but I made this emoji for my status so it’s abundantly clear that I do not endorse or align with the values being joked about at this company.” More than 150 employees reacted to the message with the emoji. Another employee wrote “I literally thought I was hallucinating or misread what came out of his mouth. Disbelief and disappointment—is this how we model humanistic compassion as a world-class company? Stop talking about money and profit for a minute, ffs.”

Other employees shared links to donate to causes protecting immigrants, and another wrote “I can’t believe that the man that faced down Governor Mike Pence in the name of equality just made ICE jokes after asking international employees to stand up.”

ICE, of course, has been violently detaining and deporting undocumented immigrants across the United States. But there have also been many high-profile cases of people simply visiting the United States on tourist visas or for short-term stays being detained because of minor clerical issues or things that they had posted on their social media.

In October, Salesforce told ICE that it would be willing to allow the agency to use its AI to hire, and said the company was well-placed to help ICE “to nearly triple its work force by hiring 10,000 new officers and agents expeditiously.”

Salesforce did not immediately respond to a request for comment.

Salesforce CEO Marc Benioff made ICE jokes. Some staff aren't happy.

Salesforce employees took to Slack to express anger and disappointment in CEO Marc Benioff's comments.

^{Ashley Stewart (Business Insider)}

404 Media

2026-02-10 15:05:57

With Ring, American Consumers Built a Surveillance Dragnet

America, it’s time to refamiliarize yourself with Ring.
youtube.com/embed/OheUzrXsKrY?…
At Sunday’s Super Bowl, Ring advertised “Search Party,” a cute, horrifyingly dystopian feature nominally designed to turn all of the Ring cameras in a neighborhood into a dragnet that uses AI to look for a lost dog: “One post of a dog’s photo in the Ring app starts outdoor cameras looking for a match,” Ring founder Jamie Siminoff said in the Super Bowl commercial. “Search Party from Ring uses AI to help families find lost dogs.” Onscreen, an AI-powered box forms around a missing dog: “Milo Match,” it says. “Since launch, more than a dog a day has been reunited with their family. Be a hero in your neighborhood with Search Party. Available to everyone for free right now.”

It does not take an imagination of any sort to envision this being tweaked to work against suspected criminals, undocumented immigrants, or others deemed ‘suspicious’ by people in the neighborhood. Many of these use cases are how Ring has been used by people on its dystopian “Neighbors” app for years. Ring rose to prominence as a piece of package theft prevention tech owned by Amazon and by forming partnerships with local police around the country, asking them to shill their doorbell cameras to people in their neighborhoods in return for a system that allowed police to request footage from individual users without a warrant.

Chris Gilliard, a privacy expert and author of the upcoming book Luxury Surveillance, told 404 Media these features and its Super Bowl ad are “a clumsy attempt by Ring to put a cuddly face on a rather dystopian reality: widespread networked surveillance by a company that has cozy relationships with law enforcement and other equally invasive surveillance companies.”

Unlike, say, data analytics giant Palantir or some other high-profile surveillance companies, Ring is a surveillance network that homeowners have by and large deployed themselves, powered by fear mongering against our neighbors and unfettered consumerism.

After a lot of criticism in the late 2010s over its police contracts and its terrible security settings that resulted in hackers breaking into a series of indoor Ring cameras to terrorize children and families, Ring somehow found a way to more or less fly under the radar the last few years as a critical part of our ever-expanding surveillance state. It did this by scaling back police partnerships that were so critical to its growth but that received lots of scrutiny from journalists and privacy advocates. Siminoff left Ring in 2023, but returned last year; in his absence, Ring explicitly sought to take on a softer tone by branding itself as more or less as a device that could be used to film viral moments on people’s porches. It turned its owners into mini cops who would complain about delivery people who didn’t drop a package in the correct spot; who became hyperaware of the comings and goings of their friends, spouses, and children, or who might catch a potentially sharable moment when someone slipped on an icy porch or whatever. Part of this strategy included creating a short-lived reality TV show called Ring Nation, which consisted of precious little moments filmed through Ring cameras.

When Siminoff returned last year, he immediately sought to re-establish many of Ring’s partnerships with police, and set an explicit goal of injecting more AI into Ring cameras and trying to “revolutionize how we do our neighborhood safety.”

“Ring is rolling back many of the reforms it’s made in the last few years by easing police access to footage from millions of homes in the United States. This is a grave threat to civil liberties in the United States,” Matthew Guariglia of the Electronic Frontier Foundation wrote shortly after Siminoff’s return. “This is most likely about Ring cashing in on the rising tide of techno-authoritarianism, that is, authoritarianism aided by surveillance tech. Too many tech companies want to profit from our shrinking liberties.”

Even in Siminoff’s absence, Ring had always, explicitly been intended to assist law enforcement. In a series of investigations we did back at VICE, we uncovered thousands of pages of documents, emails, and chats via public records requests and leaks that highlighted Ring’s surveillance ambitions. The company threw parties for police, employees wore “FUCK CRIME” shirts to internal parties, and helped police facilitate the retrieval of footage from its customers’ cameras if they initially refused to cooperate. It helped police set up elaborate, completely useless package “sting” operations designed to catch criminals but that did not result in any arrests. Ring gave cops devices that they could raffle off to people in their towns, gave police “heat maps” of where its customers lived, used its social media accounts to post footage of supposed suspicious people, and incentivized customers to create “Digital Neighborhood Watch” groups that could earn them swag if they used their Ring cameras to report suspicious activity to police.

With Ring’s recent partnership with Flock, which will further facilitate the sharing of video footage with police, and its new Search Party feature, the message is clear: Ring is still, again, and always will be in the business of leveraging its network of luxury surveillance consumers as a law enforcement tool. After years of saying it wasn’t doing facial recognition and that it was focused more on “object recognition,” it has now explicitly launched “friendly” versions of facial recognition and facial recognition-adjacent technologies: “Search Party” is essentially specific dog recognition (for now), and a beta product called “Familiar Faces” specifically identifies people you know when they’re at your door. “Alexa Guard identifies who’s who,” the product’s website reads. “With Familiar Faces, easily tag your family and friends in the Ring app so your 2k and 4k cameras can notify you when someone is spotted.”

Ring has always been a surveillance tool, but adding AI analysis and networking the devices together—like is being promised with Search Party—turns discrete pieces of tech into massive, automated surveillance dragnets.

“Siminoff’s return was a hard pivot back to, in his words, the ‘crime fighting’ element and away from the softer tone they had tried to establish with Ring as a fun way to interact with people in your community,” Gilliard said. “But I think it’s becoming very obvious to people how these systems are being deployed against their neighbors in oppressive ways, and they are beginning to reject them, particularly since there is no strong evidence that they prevent crime or make people safer.”

The YouTube comments on Ring’s Super Bowl ad are almost uniformly negative, with people noting “this is like the commercial they show at the beginning of a dystopian sci fi film to quickly show people how bad things have gotten,” “are we really supposed to believe that the main intent for this is lost pets,” and “glad people are freaking out. This is dystopia becoming reality.”

Ring’s poorly defined partnership with Flock in particular has been the subject of various viral posts and public backlash. Many people have suggested that this partnership is evidence that Ring camera footage will be shared with ICE. At the moment there’s not enough evidence to explicitly say that that’s the case.

The supposed vector goes something like this: Ring says it will partner with Flock, which is used by thousands of local police departments. As we have reported, some of those police departments have performed Flock license plate lookups for ICE. It’s too early to say whether Ring footage will eventually end up with ICE, but the fact that people immediately drew that conclusion and understood the possible method of information sharing shows that surveillance companies can no longer hide behind viral videos of delivery drivers dancing. It’s a mask off moment, and people know it: “In Amazon’s alliance with this administration, it’s become more clear than ever that Ring is an extension of the carceral state,” Gilliard said. “An emotionally charged Super Bowl ad won’t change that.”

ICE Taps into Nationwide AI-Enabled Camera Network, Data Shows

Flock's automatic license plate reader (ALPR) cameras are in more than 5,000 communities around the U.S. Local police are doing lookups in the nationwide system for ICE.

^{Jason Koebler (404 Media)}

404 Media

2026-02-09 19:52:58

The Screen Time Panic Sets Parents Up to Fail

I listened to hours of podcasts about how screen time affects kids of all ages and how parents should manage screen time but I still felt completely unprepared for this challenge when I had a kid.

I think the reason for that is that there’s a lot of reporting about how screens are impacting kids, and a lot of reporting about the research into this subject, but rarely did I encounter a conversation between parents that talks about how any of that information can be realistically applied in the real world.

This week on the podcast we’re joined by Patrick Klepek in order to have the kind of conversation I wish I heard before I became a parent, but I think there’s something here for everyone. Patrick is the cofounder of Remap, a website and one of my favorite podcasts about video games, and the writer behind Crossplay, a newsletter about the intersection of parenting and games. Patrick is also my former colleague at Vice, back when I worked at Motherboard and he at Waypoint. Patrick has been reporting about video games for most of his life, is a wonderful writer, and a parent. I find his perspective on many of these issues—screen time, parental controls, YouTube, Roblox—extremely useful and interesting, and I hope you do as well.
playlist.megaphone.fm?e=TBIEA1…youtube.com/embed/p2DEjvIvfs0?…
Listen to the weekly podcast on Apple Podcasts, Spotify, or YouTube.

Become a paid subscriber for early access to these interview episodes and to power our journalism. If you become a paid subscriber, check your inbox for an email from our podcast host Transistor for a link to the subscribers-only version! You can also add that subscribers feed to your podcast app of choice and never miss an episode that way. The email should also contain the subscribers-only unlisted YouTube link for the extended video version too. It will also be in the show notes in your podcast player.

Remap

Remap is a new media company from the creators behind Waypoint.

^Remap

404 Media

2026-02-09 16:01:31

Chatbots Make Terrible Doctors, New Study Finds

Chatbots may be able to pass medical exams, but that doesn’t mean they make good doctors, according to a new, large-scale study of how people get medical advice from large language models.

The controlled study of 1,298 UK-based participants, published today in Nature Medicine from the Oxford Internet Institute and the Nuffield Department of Primary Care Health Sciences at the University of Oxford, tested whether LLMs could help people identify underlying conditions and suggest useful courses of action, like going to the hospital or seeking treatment. Participants were randomly assigned an LLM — GPT-4o, Llama 3, and Cohere’s Command R+ — or were told to use a source of their choice to “make decisions about a medical scenario as though they had encountered it at home,” according to the study. The scenarios included ailments like “a young man developing a severe headache after a night out with friends for example, to a new mother feeling constantly out of breath and exhausted,” the researchers said.

“One user was told to lie down in a dark room, and the other user was given the correct recommendation to seek emergency care.”

When the researchers tested the LLMs without involving users by providing the models with the full text of each clinical scenario, the models correctly identified conditions in 94.9 percent of cases. But when talking to the participants about those same conditions, the LLMs identified relevant conditions in fewer than 34.5 percent of cases. People didn’t know what information the chatbots needed, and in some scenarios, the chatbots provided multiple diagnoses and courses of action. Knowing what questions to ask a patient and what information might be withheld or missing during an examination are nuanced skills that make great human physicians; based on this study, chatbots can’t reliably replicate that kind of care.

In some cases, the chatbots also generated information that was just wrong or incomplete, including focusing on elements of the participants’ inputs that were irrelevant, giving a partial US phone number to call, or suggesting they call the Australian emergency number.

“In an extreme case, two users sent very similar messages describing symptoms of a subarachnoid hemorrhage but were given opposite advice,” the study’s authors wrote. “One user was told to lie down in a dark room, and the other user was given the correct recommendation to seek emergency care.”

“These findings highlight the difficulty of building AI systems that can genuinely support people in sensitive, high-stakes areas like health,” Dr. Rebecca Payne, lead medical practitioner on the study, said in a press release. “Despite all the hype, AI just isn't ready to take on the role of the physician. Patients need to be aware that asking a large language model about their symptoms can be dangerous, giving wrong diagnoses and failing to recognise when urgent help is needed.”

Instagram’s AI Chatbots Lie About Being Licensed Therapists
When pushed for credentials, Instagram’s user-made AI Studio bots will make up license numbers, practices, and education to try to convince you it’s qualified to help with your mental health.
404 MediaSamantha Cole

Last year, 404 Media reported on AI chatbots hosted by Meta that posed as therapists, providing users fake credentials like license numbers and educational backgrounds. Following that reporting, almost two dozen digital rights and consumer protection organizations sent a complaint to the Federal Trade Commission urging regulators to investigate Character.AI and Meta’s “unlicensed practice of medicine facilitated by their product,” through therapy-themed bots that claim to have credentials and confidentiality “with inadequate controls and disclosures.” A group of Democratic senators also urged Meta to investigate and limit the “blatant deception” of Meta’s chatbots that lie about being licensed therapists, and 44 attorneys general signed an open letter to 11 chatbot and social media companies, urging them to see their products “through the eyes of a parent, not a predator.”

In January, OpenAI announced ChatGPT Health, “a dedicated experience that securely brings your health information and ChatGPT’s intelligence together, to help you feel more informed, prepared, and confident navigating your health,” the company said in a blog post. “Over two years, we’ve worked with more than 260 physicians who have practiced in 60 countries and dozens of specialties to understand what makes an answer to a health question helpful or potentially harmful—this group has now provided feedback on model outputs over 600,000 times across 30 areas of focus,” the company wrote. “This collaboration has shaped not just what Health can do, but how it responds: how urgently to encourage follow-ups with a clinician, how to communicate clearly without oversimplifying, and how to prioritize safety in moments that matter⁠.”

“In our work, we found that none of the tested language models were ready for deployment in direct patient care. Despite strong performance from the LLMs alone, both on existing benchmarks and on our scenarios, medical expertise was insufficient for effective patient care,” the researchers wrote in their paper. “Our work can only provide a lower bound on performance: newer models, models that make use of advanced techniques from chain of thought to reasoning tokens, or fine-tuned specialized models, are likely to provide higher performance on medical benchmarks.” The researchers recommend developers, policymakers, and regulators consider testing LLMs with real human users before deploying in the future.

Senators Demand Meta Answer For AI Chatbots Posing as Licensed Therapists

Exclusive: Following 404 Media’s investigation into Meta's AI Studio chatbots that pose as therapists and provided license numbers and credentials, four senators urged Meta to limit "blatant deception" from its chatbots.

^{Samantha Cole (404 Media)}

404 Media

2026-02-09 02:32:01

Watch 404 Media’s Super Bowl Ad

Behold, 404 Media’s Super Bowl ad. Yes, we bought a Super Bowl ad. No, we did not spend $8 million.

Until now, 404 Media has never done any paid advertising, but we figured why not get in on the country’s biggest ad extravaganza with a message about our journalist-owned, human-focused media company. There are tons of ads for AI and big tech this year, so how about some counter programming?
youtube.com/embed/hmdo9kKdbH8?…
On a whim last week, we began looking into purchasing a Super Bowl ad for as little money as possible, by finding a local station willing to air our ad. We knew this was possible because in 2015, The Verge bought a Super Bowl ad that aired only in Helena, Montana, for a cost of $700. Inspired by them, we did the same this year.

After googling “smallest TV markets in the United States,” we came across KYOU, which serves the city of Ottumwa, Iowa: population ~25,000. There were other options, but we thought we would try Ottumwa and see if anyone responded or if this seemed like a fool’s errand. We emailed KYOU to see if we could buy a Super Bowl ad, and we got an immediate answer: There was one slot left, and it would cost $2,550. They also had a slot immediately after the game for $1,250, one during the Olympics following the game for $500, or pregame slots for $500. It felt important to have the ad actually run during the game, so we paid the $2,550 in-game slot.

We then had several things to figure out: First, we needed to make an ad. Second, we needed to find someone in Ottumwa to film the ad for us.

0:00
/0:41
1×

After batting around various concepts involving celebrities that we don’t actually know and high production values that we could neither afford nor execute, we decided to write an incredibly straightforward script about who we are, what we do, and what type of person we are for. We each recorded it in front of our computers where we do our podcasts. It is perhaps the easiest possible concept we could have created, but I think it feels very us. We then asked Evy Kwong, our social media manager, to cut the Super Bowl ad. Evy did a great job with the cybery filters and b-roll. Our friends at Kaleidoscope, which produces our podcast, then gave it a last-minute sound mix. We delivered a final version of the ad to KYOU Thursday morning, and were told that it would air early in the third quarter, around 8:07 p.m. CST.

0:00
/0:41
1×

Finding someone in Ottumwa to film the ad for us in its natural habitat was slightly trickier. We put out a call on Bluesky and on our podcast this week, where we very cryptically asked for anyone in Ottumwa to contact us immediately. We got a shocking number of responses from people with ties to Ottumwa, but most either had family or friends there, had lived there briefly and moved on, or lived a few hours away but said they were willing to go there if we needed. Turns out many people were willing to call in favors, even after learning that we were not doing some sort of Flock or ICE investigation and instead needed something more frivolous. We learned a surprising amount of info about Ottumwa during this process, and I made friends with a semi local archaeologist who noted various ancient civilization sites in the broader area. All of this support was a really heartening experience, but we didn’t want to make people drive a long way or reach out to ex-colleagues for us.

Tip Jar

Eventually, a current Ottumwan resident said that not only were they going to be in Ottumwa during the Super Bowl, but they would be watching at a party full of people who would also probably be willing to film the TV too. We are endlessly indebted to these folks.

Whether this ad moves the needle for us in any way, only time will tell. If you’re an Ottumwan who saw the ad and checked us out, please let us know.
playlist.megaphone.fm?p=TBIEA2…

We ran a Super Bowl ad... in Helena, Montana

Seven hundred dollars

^{Nilay Patel (The Verge)}

404 Media

2026-02-07 14:00:21

As Space Tourism Looms, Scientists Ask: Should We Have Sex In Orbit?

Welcome back to the Abstract! Here are the studies this week that had off-Earth offspring, took stock of a mortal threat, productively slept, and sought out old friends.

First, what to expect when you’re expecting a star child. Then: how to fight cancer, the nap-plications of lucid dreaming, and why old rats don’t make new friends.

As always, for more of my work, check out my book First Contact: The Story of Our Obsession with Aliens or subscribe to my personal newsletter the BeX Files.

How to make babies in space (Don’t)

Palmer, Giles Anthony et al. “Reproductive biomedicine in space: implications for gametogenesis, fertility and ethical considerations in the era of commercial spaceflight.” Reproductive BioMedicine Online.

It’s hard enough to have babies on Earth, let alone off it. But if humans ever do expand beyond our planet to live in orbital outposts or on other planets, we would presumably want to build healthy families there. Even in the near term, it is conceivable that space will be flooded by rich tourists eager to join the 250-mile-high club, raising questions about how to practice safe space sex (or if that is even possible).

In a new study, scientists review the medical and ethical challenges of space reproduction, noting that while space sex is “often overshadowed by sensationalized or speculative portrayals, the topic…nonetheless demands serious attention.”

“Space is toxic to terrestrial life. It is an inherently hostile environment for terrestrial biology to thrive,” said researchers led by Giles Anthony Palmer of the International IVF Initiative Inc. “The microgravity, cosmic radiation, circadian disruption, pressure differentials, and extreme temperatures found in orbit or beyond present unique and multifactorial stressors to the human body.”

“As we enter a new era of space exploration, defined by longer missions, broader participation, and eventual human settlement beyond Earth, the question is not simply whether reproduction can occur in space, but whether human fertility can be preserved, protected and comprehensively understood in an environment fundamentally different from that in which our species evolved,” the team added.

The study provides a comprehensive review of how various space environments might impact fertility, pregnancy, labor, and health outcomes of children. For example, studies of rodent reproduction in space show higher risks of abnormal cell division and impaired development; meanwhile, the inherent dangers of pregnancy and labor are significantly amplified in space environments.

“The question of whether humanity should reproduce beyond Earth is no longer hypothetical—it is a pressing ethical frontier,” the team concluded. “In the context of commercial spaceflight, where ambition often outpaces caution, the stakes are higher than ever. Without robust frameworks, rigorous research, and a deeply human commitment to ethical principles, there is a risk of exporting not just life but injustice, exploitation and harm into the cosmos. To be worthy of the stars, we must earn our place, not only through technological prowess, but through ethical wisdom.”

In other news…

Let’s get cancer’s ass

Fink, Hanna et al. “Global and regional cancer burden attributable to modifiable risk factors to inform prevention.” Nature Medicine.

Roughly ten million people die from cancer each year, making it a leading cause of morbidity worldwide. While many cancers are not preventable, scientists set out to estimate just how much of the global cancer burden can be attributable to “modifiable risk factors,” meaning behavioral, environmental, or occupational factors that influence the odds of developing cancer.

The results revealed that “nearly 4 in 10 cancer cases worldwide in 2022 could have been prevented by eliminating exposure to the risk factors considered in this study,” which include smoking, alcohol consumption, and contaminated environments, said researchers led by Hanna Fink of the World Health Organization's International Agency for Research on Cancer.

“Smoking (15.1%), infections (10.2%) and alcohol consumption (3.2%) were the leading contributors to cancer burden,” the team added. “Lung, stomach, and cervical cancers represented nearly half of preventable cancers. Strengthening efforts to reduce modifiable exposures remains central to global cancer prevention.”

The researchers also found “obvious gendered patterns in causes of cancer” such as higher rates of smoking and alcohol consumption in men, and higher BMI in women. While there is an enduring allure to the idea of a cancer cure-all, this study underscores that the disease emerges from a complex interplay of factors, only some of which are under our control.

To sleep, perchance to lucid dream

Konkoly, Karen R. et al. “Creative problem-solving after experimentally provoking dreams of unsolved puzzles during REM sleep.” Neuroscience of Consciousness.

Scientists have gone ahead and done an Inception. In a new study, 20 experienced lucid dreamers were presented with puzzles matched with sound cues, which were then played as the participants slept to help them crack unsolved tasks in their dreams.
Figure illustrating the experiment design. Image: Konkoly, Karen R. et al.
“Whereas dream content is notoriously difficult to control experimentally, here we induced dreams about specific puzzles by presenting associated sounds during REM sleep,” said researchers led by Karen R. Konkoly of Northwestern University. “We preferentially recruited experienced lucid dreamers, intending for them to receive our real-time instructions in their dreams about which puzzles to volitionally attempt to solve.”

“Although many participants did not experience lucid dreams, we nevertheless found that cues successfully influenced dream content, biasing dreaming toward specific puzzles,” the team added. “Moreover, when puzzles were incorporated into dreams, they were more likely to be solved the next morning.”

Yet more evidence for the most broadly applicable advice to humanity: sleep on it.

Despite all my rage I am still just a rat in a maze

Gupta, Subhadeep Dutta et al. “When Familiar Faces Feel Better: A Framework for Social Neurocognitive Aging in a Rat Model.” eNeuro.

People get set in their ways as they get older—and that’s apparently true for rats, according to this new research. To probe the effects of age on mammalian social behavior, researchers obtained 169 male rats in two age cohorts: “young adults” at six months old and “aged” rats that were way over the hill at two years old.

A series of rat mixers in water mazes revealed that the rodent elders were as likely to interact with rats as youngsters, but nearly half of them preferred to mingle with rats that were familiar to them, rather than socializing with new faces.

“Results for the aged rats were strikingly different from young in two ways,” said researchers led by Subhadeep Dutta Gupta of the National Institute on Aging in Baltimore. “First, as a group, aged rats failed to display a reliable social novelty preference overall” and “second, inter-individual variability was significantly greater among old animals, with nearly half exhibiting a phenotype not seen in the young group, comprising an apparent social bias for the familiar conspecific.”

I think we can all relate to an occasional social bias for familiar conspecifics. To that end, the study concludes with a truth bomb: “It is important to recognize that a brief session of social interaction with a stranger inevitably falls short in matching the depth of familiarity established through enduring human social relationships.”

In the words of the ultimate rat elder, Master Splinter: “Help each other, draw upon one another, and always remember the true force that binds you.”

Thanks for reading! See you next week.

First Contact

A narrative and visual exploration of humanity’s age-old search for and fixation with extraterrestrials.First Contact explores the ancient idea—and epic ...

^{Hachette Book Group}

404 Media

2026-02-06 17:54:33

Behind the Blog: The Neverending Cybersecurity Story

This is Behind the Blog, where we share our behind-the-scenes thoughts about how a few of our top stories of the week came together. This week, we discuss AI bubble hysteria, "just go independent," and more.

JOSEPH: This week we reported how the FBI has been unable to get into a Washington Post reporter’s iPhone because it was in Lockdown Mode. Side note, I wonder how the insane cuts at The Post are going to impact its digital or physical protection of journalists, if at all. This court record was very, very interesting in that it’s a quite rare admission of why exactly authorities were unable to access a device.

I don’t think there’s an area of cybersecurity, which we have a lot of reporting on, that is constantly in flux as mobile forensics. Nothing stays still, even for what feels like five minutes. There are constant tech developments, both on the side of Apple and Google, then on companies trying to break into those phones, like Cellebrite and Grayshift, the creator of Graykey.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

Behind the Blog: The Neverending Cybersecurity Story

^{Samantha Cole (404 Media)}

404 Media

2026-02-06 16:11:27

Inspector General Investigating Whether ICE's Surveillance Tech Breaks the Law

The Department of Homeland Security’s Inspector General is investigating potential privacy abuses associated with Immigrations and Customs Enforcement’s surveillance and biometric data programs, according to a letter sent to two senators.

Last week, we reported that Senators Mark Warner and Tim Kaine demanded that DHS inspector general Joseph Cuffari investigate immigration-related surveillance programs across DHS, Customs and Border Protection, and ICE. Thursday, Cuffari said his office had launched an audit called “DHS’ Security of Biometric Data and Personally Identifiable Information.”

“The objective of the audit is to determine how DHS and its components collect or obtain PII and biometric data related to immigration enforcement efforts and the extent to which that data is managed, shared, and secured in accordance with law, regulation, and Departmental policy,” Cuffari’s letter reads. He adds that one of the purposes of the investigation will be to “determine whether they have led to violations of federal law and other regulations that maintain privacy and defend against unlawful searches.”

Kaine and Warner’s initial letter specifically focused on many of the technologies and programs 404 Media has been reporting on, including DHS’s contracts with Palantir, facial recognition company Clearview AI, its side-door access to Flock’s license plate scanning technology, its social media monitoring through a company called Penlink, its phone hacking contract through a company called Paragon, its face-scanning mobile app, as well as its use of various government biometric databases in immigration enforcement.

“DHS’ reported disregard for adhering to the law and its proven ambivalence toward observing and upholding constitutionally-guaranteed freedoms of Americans and noncitizens, including freedom of speech and equal protection under the law, leaves us with little confidence that these new and powerful tools are being used responsibly,” the senators wrote. “Coupled with DHS’ propensity to detain people regardless of their circumstances, it is reasonable to question whether DHS can be trusted with powerful surveillance tools and if in doing so, DHS is subjecting Americans to surveillance under the pretext of immigration enforcement.”

ICE Taps into Nationwide AI-Enabled Camera Network, Data Shows

Flock's automatic license plate reader (ALPR) cameras are in more than 5,000 communities around the U.S. Local police are doing lookups in the nationwide system for ICE.

^{Jason Koebler (404 Media)}

404 Media

2026-02-05 21:40:42

The DOJ Redacted a Photo of the Mona Lisa in the Epstein Files

The Department of Justice redacted the face of the Mona Lisa, a 522-year-old painting of an Italian woman who died centuries ago, as part of its release of files related to the late convicted sex offender Jeffery Epstein.

In a PDF of an email with the subject line “simply paris” sent on July 3, 2009, a redacted sender sent Epstein several photos of, presumably, himself and a woman sightseeing in Paris. The photos of the woman are all redacted with a black box over her face, but the man’s face is visible.

The photos are from tourist locations like Disneyland Paris, the Versailles fountains, and the Louvre, where the Mona Lisa is installed. “We just walked around all over the city not just the sight seeing...we took like 1500 pictures so was really difficult to decide wich to send! :)” the sender wrote at the end of the email.

DOJ Released Unredacted Nude Images in Epstein Files
A note from investigators in the files said some images Epstein had were “POSSIBLE CSAM.”
404 MediaSamantha Cole

The DOJ redacted the face of the Mona Lisa, believed by art historians to be a Florentine woman named Lisa Gherardini, while failing to redact the names, faces, and nude photos of dozens of Epstein’s victims as part of its latest data dump. As 404 Media reported on Monday, several unredacted, sexually explicit photos of nude women or girls were present in Friday’s data release; the DOJ left those photos online until we reported specific links through their tipline.

Historians believe Gherardini was 15 years old when she married the 29-year-old wealthy merchant Francesco del Giocondo. Her portrait, made immortal by Renaissance painter Leonardo da Vinci, has been in the public domain for hundreds of years.

💡
Do you have a tip or story to tell? Using a non-work device, you can message me securely on Signal at sam.404. Otherwise, send me an email at sam@404media.co.

Here in the year 2026, however, victims of Epstein’s abuse are enduring the fallout of the DOJ’s failure to protect their identities as it dumped another 180,000 images and 2,000 videos into the public’s hands last week, adding to the 40,000 files it released in previous batches in December.

“We are getting constant calls for victims because their names, despite them never coming forward, being completely unknown to the public, have all just been released for public consumption,” victims’ attorney Brad Edwards told ABC News after the release of the files. “It's literally thousands of mistakes.”

The DOJ did not immediately respond to 404 Media’s request for comment.

DOJ releasing 3 million pages of Epstein files, 'didn't protect' Trump, deputy AG says

Deputy AG Todd Blanche said nearly 3 million other pages were being withheld.

^{James Hill (ABC News)}

404 Media

2026-02-05 16:47:04

Vibe Coding Is Killing Open Source Software, Researchers Argue

According to a new study from a team of researchers in Europe, vibe coding is killing open-source software (OSS) and it’s happening faster than anyone predicted.

Thanks to vibe coding, a colloquialism for the practice of quickly writing code with the assistance of an LLM, anyone with a small amount of technical knowledge can churn out computer code and deploy software, even if they don't fully review or understand all the code they churn out. But there’s a hidden cost. Vibe coding relies on vast amounts of open-source software, a trove of libraries, databases, and user knowledge that’s been built up over decades.
playlist.megaphone.fm?p=TBIEA2…
Open-source projects rely on community support to survive. They’re collaborative projects where the people who use them give back, either in time, money, or knowledge, to help maintain the projects. Humans have to come in and fix bugs and maintain libraries.

Vibe coders, according to these researchers, don’t give back.

The study Vibe Coding Kills Open Source, takes an economic view of the problem and asks the question: is vibe coding economically sustainable? Can OSS survive when so many of its users are takers and not givers? According to the study, no.

“Our main result is that under traditional OSS business models, where maintainers primarily monetize direct user engagement…higher adoption of vibe coding reduces OSS provision and lowers welfare,” the study said. “In the long-run equilibrium, mediated usage erodes the revenue base that sustains OSS, raises the quality threshold for sharing, and reduces the mass of shared packages…the decline can be rapid because the same magnification mechanism that amplifies positive shocks to software demand also amplifies negative shocks to monetizable engagement. In other words, feedback loops that once accelerated growth now accelerate contraction.”

This is already happening. Last month, Tailwind Labs—the company behind an open source CSS framework that helps people build websites—laid off three of its four engineers. Tailwind Labs is extremely popular, more popular than it’s ever been, but revenue has plunged.

Tailwind Labss headAdam Wathan explained why in a post on GitHub. “Traffic to our docs is down about 40% from early 2023 despite Tailwind being more popular than ever,” he said. “The docs are the only way people find out about our commercial products, and without customers we can't afford to maintain the framework. I really want to figure out a way to offer LLM-optimized docs that don't make that situation even worse (again we literally had to lay off 75% of the team yesterday), but I can't prioritize it right now unfortunately, and I'm nervous to offer them without solving that problem first.”

Miklós Koren, a professor of economics at Central European University in Vienna and one of the authors of the vibe coding study, told 404 Media that he and his colleagues had just finished the first draft of the study the day before Wathan posted his frustration. “Our results suggest that Tailwind's case will be the rule, not the exception,” he said.

According to Koren, vibe-coders simply don’t give back to the OSS communities they’re taking from. “The convenience of delegating your work to the AI agent is too strong. There are some superstar projects like Openclaw that generate a lot of community interest but I suspect the majority of vibe coders do not keep OSS developers in their minds,” he said. “I am guilty of this myself. Initially I limited my vibe coding to languages I can read if not write, like TypeScript. But for my personal projects I also vibe code in Go, and I don't even know what its package manager is called, let alone be familiar with its libraries.”

The study said that vibe coding is reducing the cost of software development, but that there are other costs people aren’t considering. “The interaction with human users is collapsing faster than development costs are falling,” Koren told 404 Media. “The key insight is that vibe coding is very easy to adopt. Even for a small increase in capability, a lot of people would switch. And recent coding models are very capable. AI companies have also begun targeting business users and other knowledge workers, which further eats into the potential ‘deep-pocket’ user base of OSS.”

This won’t end well. “Vibe coding is not sustainable without open source,” Koren said. “You cannot just freeze the current state of OSS and live off of that. Projects need to be maintained, bugs fixed, security vulnerabilities patched. If OSS collapses, vibe coding will go down with it. I think we have to speak up and act now to stop that from happening.”

He said that major AI firms like Anthropic and OpenAI can’t continue to free ride on OSS or the whole system will collapse. “We propose a revenue sharing model based on actual usage data,” he said. “The details would have to be worked out, but the technology is there to make such a business model feasible for OSS.”

AI is the ultimate rent seeker, a middle-man that inserts itself between a creator and a user and it often consumes the very thing that’s giving it life. The OSS/vibe-coding dynamic is playing out in other places. In October, Wikipedia said it had seen an explosion in traffic but that most of it was from AI scraping the site. Users who experience Wikipedia through an AI intermediary don’t update the site and don’t donate during its frequent fund-raising drives.

The same thing is happening with OSS. Vibe coding agents don’t read the advertisements in documentation about paid products, they don’t contribute to the knowledge base of the software, and they don’t donate to the people who maintain the software.

“Popular libraries will keep finding sponsors,” Koren said. “Smaller, niche projects are more likely to suffer. But many currently successful projects, like Linux, git, TeX, or grep, started out with one person trying to scratch their own itch. If the maintainers of small projects give up, who will produce the next Linux?”

Wikipedia Says AI Is Causing a Dangerous Decline in Human Visitors

“With fewer visits to Wikipedia, fewer volunteers may grow and enrich the content, and fewer individual donors may support this work.”

^{Emanuel Maiberg (404 Media)}

404 Media

2026-02-05 16:37:23

This SpaceX Situation: Not Good!

In 2015, after reading a book about how the telegraph created a sort of proto-internet that helped make various robber barons rich and powerful, I wrote an article about Elon Musk that, a decade later, feels both very embarrassing and somewhat prophetic. Musk and SpaceX had just announced a plan to launch a constellation of low-earth orbit, internet-providing satellites.

I saw this at the time as a step toward a kind of everything company. SpaceX was working on reusable rockets that would drastically lower the cost of flying things to space, and I imagined at the time that, if successful, being able to fly things to space for a far lower cost than his competitors would give Musk incredible power and wealth. This was in part because of SpaceX’s potential ability to become a telecom company in addition to a space launch company.

“If he can successfully develop the reusable launch vehicles, that gives him a tremendous dominance over the mode of getting to space. Once you can do it relatively cheaply and in high volume, instead of launching five or six times a year, you’re launching [and] putting stuff into orbit once a week. That’s the hard part,” Marco Caceres, a space industry analyst, told me at the time. “All the other stuff is really dessert, in a way. It’s the satellites, the services that’ll make you the real money.” SpaceX said at the time that Starlink would have 4,000 satellites. Today, it has more than 9,000 satellites, and the majority of all satellites in space have been launched by SpaceX and are owned by SpaceX.

I imagined a world in which SpaceX essentially became a telecom company in addition to being a space company, and the type of power that would give Musk. A decade later, at least this part is more or less coming to pass. SpaceX is a company that has been extremely boosted by tax breaks, subsidies, and government contracts. It also has become critical, quasi-governmental infrastructure not just for the United States but for companies around the world. And Starlink itself now essentially has a monopoly on fast internet access in rural areas, on boats, in conflict areas, and, increasingly, on airplanes. Starlink is very much a real thing—an international flight I was on recently had free Starlink internet and it felt like half of the plane spent most of the flight on video calls.

My article from 2015 is full of Musk boosterism that makes me embarrassed now, and Musk promises things every five minutes that are either wildly overhyped by the media, never happen, or happen on much longer timescales than expected. But the article was directionally accurate: SpaceX figured out how to launch rockets routinely and inexpensively, and it is now wildly powerful because of this. Starlink exists because it is easy for SpaceX to put satellites in space, and Musk’s unfettered access to low-Earth orbit has allowed him to literally dominate a space (sorry) that should be shared by all of humanity.

SpaceX has always been a political project, one in which Musk seeks to colonize space, expand his bloodline, and/or become god emperor of the universe. It is perhaps his most political project. And yet, of his companies, it has flown under the radar as an explicitly political project because Musk has been so goddamned annoying, destructive, and fascistic on X and within the federal government. SpaceX, meanwhile, has always been the most competently run of his companies, and is one that under Gwynne Shotwell’s leadership had, til now, largely not been fucked with by Musk in the ways that Tesla, Twitter, and xAI have been.

That’s not to say Musk hasn’t meddled at all: He ordered the shutdown of Starlink in Ukraine in the early days of Russia’s war there, and literally this week the company announced he would crack down on Russia’s use of Starlink for drones. That this company and this man have this power at all highlights my point: Starlink, and SpaceX, have become geopolitically important in ways that most people have not thought about, that we have not grappled with, and that the Trump administration is almost definitely not going to do anything about.

And so it feels both important and quite alarming that SpaceX is acquiring xAI in what appears to be a highly complex financial scheme that I cannot even begin to pretend to understand. Musk’s announcement of this deal, which appears to have been the result of a protracted “negotiation” between himself, is batshit crazy, first of all: “SpaceX has acquired xAI to form the most ambitious, vertically-integrated innovation engine on (and off) Earth, with AI, rockets, space-based internet, direct-to-mobile device communications and the world’s foremost real-time information and free speech platform. This marks not just the next chapter, but the next book in SpaceX and xAI's mission: scaling to make a sentient sun to understand the Universe and extend the light of consciousness to the stars!”

Musk goes on to say that SpaceX and xAI will launch “a million satellites that operate as orbital data centers,” and signs off “thank you for everything you have done and will do for the light cone of consciousness.”

There are many reasons that “AI data centers in space” may be a pipe dream and may not happen, but what he is proposing is a magnitude of space junk that no other company could plausibly promise to launch. Data centers or not, SpaceX is now dominating low-Earth orbit in a way no other company or country has. While Musk has been gutting the federal government, interfering in elections, allowing people to generate CSAM, engaging in white supremacy, planning trips to Epstein’s island, implanting chips into people’s brains, siphoning off taxpayer money to build ridiculous tunnels, giving his sperm to whoever will take it, turning his cars into experimental robot taxis, and pretending to build humanoid robots, SpaceX has somewhat (?) quietly colonized and dominated low earth orbit.

Musk has taken this space for his own use, concerns about light pollution, satellite collisions, and telecom monopolies be damned. This has always been concerning, but explicitly intertwining the aspirations and fate of SpaceX with Musk’s CSAM generating social media website, his AI bullshit machines, and his right wing political project is horrifying and monopolistic. What happens next, I have no idea.

Starlink and Astronomers Are in a Light Pollution Standoff

Satellite streaks are ruining astronomical images. Can scientists and space companies find solutions before it’s too late?

^{Emma R. Hasson (Scientific American)}

404 Media

2026-02-05 15:36:40

This Tool Searches the Epstein Files For Your LinkedIn Contacts

A new tool searches your LinkedIn connections for people who are mentioned in the Epstein files, just in case you don’t, understandably, want anything to do with them on the already deranged social network.

404 Media tested the tool, called EpsteIn—as in, a mash up of Epstein and LinkedIn—and it appears to work.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

This Tool Searches the Epstein Files For Your LinkedIn Contacts

^{Joseph Cox (404 Media)}

404 Media

2026-02-05 15:05:56

The Washington Post Is No Longer Useful to Jeff Bezos

When I was home over Christmas, I was digging through some of my dad’s baseball memorabilia when I came across a copy of the Washington Post from March 7, 1999: “Printing Revolution Spurs New Look,” the lead headline read. The paper was such an incredible artifact that I took photos of each of its pages.

The paper was a “special edition” printed to commemorate the opening of its College Park, Maryland printing press, where my dad worked for years. This special edition was presumably one of the first papers that came off those presses. It was an almost unimaginably optimistic time for the journalism business: “Newspapers are flying off the Washington Post’s new presses—four in its Springfield plant and four more in a new building in College Park,” the article read. “These papers are different from those printed even several weeks ago. They showcase state-of-the-art advances in the industry and culminate a printing revolution that began in the 15th century on Johann Gutenberg’s moveable type.” In a photo, the publisher of The Post, Donald Graham, posed with a stack of “some of the first color papers at College Park.”

An info box called “Things to Know” explained that The Post printed 800,000 copies on weekdays and 1.1 million copies on Sundays. In a letter from the publisher titled “Changes Benefiting Readers, Advertisers,” Graham wrote that the new printing plant was “the newspaper’s biggest investment ever” and cost $230 million. “You don’t spend that much money without a very good reason, and this morning’s Washington Post is that reason—a better printed, better-organized paper,” he wrote. “Within these walls work some of the best engravers, press operators, mailers and helpers, machinists, electricians, engineers, paper handlers, and general workers in the American newspaper industry […] you don’t spend hundreds of millions of dollars unless you have confidence in your readers and community and an unshakeable determination to meet their needs. No newspaper has better or more loyal readers, and none works harder to earn and keep its readers’ trust.”

You know the rest of the story. Graham eventually sold the newspaper to Jeff Bezos, one of the world’s richest men, for a little more than The Post paid for those printing presses. In the short term, Bezos invested in the paper but has appeared to have lost interest in employing large numbers of good journalists, at least some of whom reported aggressively on his various businesses. On Wednesday the Post laid off hundreds of journalists, which destroyed entire sections of the newspaper, including much of its foreign bureau coverage, and gutted many of its sections.

I already mined my dad’s history at The Washington Post for an article about how Bezos was killing the paper that I wrote back in 2024. When people ask me why I became a journalist, “my dad printed the Washington Post” is always the first thing I mention. But it goes a bit deeper than that.

One of my first internships in college was at Washington Post Express, the free daily paper that was handed out on the Metro that at the time operated out of an office in Virginia away from the main Washington Post newsroom alongside washingtonpost.com. These all operated somewhat separately from the regular newspaper for what were, in retrospect, obviously misguided business reasons. And I majored in journalism at the University of Maryland, where I took a sportswriting class with George Solomon, who was the longtime editor of the paper’s legendary sports section, which was unceremoniously killed Wednesday. In Solomon’s class, we had to read All Those Mornings at the Post, written by the legendary sportswriter Shirley Povich. Every major Washington Post sportswriter came in to talk to our class at some point, which is one of the few things I actually remember from journalism school. The Washington Post has been a critical institution in my life and in the lives of millions of people who live in the D.C. area. “We lost something very, very big today,” Solomon said on Wednesday. “The owner of the newspaper is a very successful man, and he may see that he made a mistake.”

What we’re seeing, though, is not a mistake. Unlike the Graham family in the late 1990s, Jeff Bezos has no reason to try to make his newspaper better or to try to best serve its readers. The newspaper's finances are barely a rounding error compared to Bezos's wealth, but what its journalists do—accountability journalism about the rich and powerful—does not serve someone who is rich and powerful. The Washington Post and many of its reporters are no longer useful to Bezos, and so he has decided to get rid of them.

The Washington Post’s journalists, many of whom lost their jobs this week, have continued to do critical work, but Bezos has been systematically making the paper worse for years. Like other news outlets, they have suffered from regular cuts. Under Bezos, The Washington Post also announced plans to jam weird AI into the paper, refused to allow the paper to endorse a presidential candidate, and meddled with its opinion section, leading to mass subscriber cancellations. Jeff Bezos’s Washington Post no longer, as Graham wrote in his letter all those years ago, has an “unshakeable determination to meet [readers’] needs.”

As I wrote in that 2024 article called “the billionaire is the threat, not the solution,” the biggest threat to The Washington Post for years has been Bezos, not the difficulties of the news industry, The Post’s business model, the macroeconomy, or anything else. In the utterly psychotic letter to readers that spurred my article, Bezos wrote “you can see my wealth and business interests as a bulwark against intimidation, or you can see them as a web of conflicting interests.” You can also look at his ownership of The Post as what it actually is: completely irrelevant to his wealth, and an annoyance under an administration that demands fealty, bribes, and ritual sacrifices from businesses and major media companies. Bezos could fund The Washington Post well past his own death, but he clearly has zero interest in doing this. The news business is hard, but we simply cannot keep relying on the idea that journalism can be funded by billionaires whose personal interests are at direct odds with accountability work.

In our current kleptocracy, there is no need for a multibillionaire with tons of business before the government to invest in or have a media company focused on journalism about the administration or about the rich and powerful. The collateral damage is all of the good journalists who have lost their jobs, the legacy of the Washington Post, and the people of the Washington, D.C. metro area. Bezos has found an easier, faster way to get what he wants. The layoffs at The Post come just days after Amazon spent roughly the $75 million to release the Melania bribe documentary. You don’t spend that much money without a very good reason.

Will The Washington Post Embrace the AI Slush Pile?

Reducing the role of human editorial judgment is the last thing opinion journalism needs.

^{Amanda Katz (The Atlantic)}

404 Media

2026-02-04 15:53:58

Scientists Keep Discovering Mysterious Ancient Tunnels Across Europe

🌘
Subscribe to 404 Media to get The Abstract, our newsletter about the most exciting and mind-boggling science news and studies of the week.

Archeologists in Germany have unearthed a mysterious underground tunnel built centuries ago within a prehistoric burial ground, marking a “very special” discovery according to a recent release from the State Office for Monument Preservation and Archaeology (LDA) of Saxony-Anhalt.

The buried tunnel measures about two-feet wide and four-feet high, and was likely constructed anywhere between 800 to 1,100 years ago near the town of Reinstedt. Archeologists found pottery that dates to about the 13th or 14th century in the chamber, and also discovered a separate cavity that contained a horseshoe, a fox skeleton, and some small mammal bones. A layer of charcoal in the tunnel suggests that fires were once lit in this space.

The tunnel is just one of hundreds of similar structures, known as erdstalls, that have been discovered across Europe. Fascinatingly, nobody knows what function they served, with the debated possibilities including use as hideaways or sites for cultic activity. Erdstalls are “man-made underground tunnel systems, sometimes with chamber-like extensions,” said Jochen Fahr, an archaeologist at LDA who organized the excavation in an email to 404 Media. “Around a dozen such findings are known from the federal state of Saxony-Anhalt, which means that the density of these structures is lower in our region than it is in others. Their function has not yet been clarified and may also vary from case to case.”

“Possible interpretations include hiding places in case of danger or storage cellars,” Fahr continued. “A cultic-religious function could also be possible, as a kind of Christian chapel. The interpretation of these structures is made more difficult by the fact that the examples known to us contain little or no archaeological finds, which makes it very difficult to draw any firm conclusions on their function.”
The horse shoe and pottery found in the erdstall. Image: © State Office for Monument Preservation and Archaeology of Saxony-Anhalt, Ulf Petzschmann.
Researchers initially set out to survey this site last year before the construction of wind turbines in the area. The site was already known as the location of a trapezoidal ditch that was used as a burial ground by the Baalberge people, who lived in Saxony-Anhalt during the Neolithic period of prehistory 6,000 years ago.

“In the course of the site‘s further investigation and documentation, the erdstall was discovered,” Fahr explained. “It had been dug into the southern part of the trapezoidal ditch thousands of years after the ditch‘s construction. Initially, the erdstall appeared as a well-defined elongated oval pit, about two meters long and up to 75 centimeters wide, which cut the older ditch almost at right angles.”

“This led to the assumption that it could be a burial—but the fact that the finding then turned out to be something completely different, that it was in fact an erdstall, was an unexpected surprise that caused fascination and excitement among the team,” he added.
A section of the underground passage with a pointed gable and a small niche in the wall. The passage is approximately one meter high and 50 to 70 centimeters wide. Image © State Office for Monument Preservation and Archaeology of Saxony-Anhalt, Ulf Petzschmann.
The team speculated that the people who dug out this passageway may have deliberately selected the ancient burial ground as a secret hideaway. The area may have been “generally avoided by the population due to its special nature—perhaps a pagan burial site—and was therefore particularly suitable as a hiding place,” according to the press release.

Hundreds of erdstalls have been found across Europe, and they are often associated with local folklore passed down across generations. Because the tunnels are normally extremely narrow, some legends cast erdstalls as home to dwarfs, goblins, and other diminutive mythical creatures, which is why they are known as Schratzlloch (goblin holes) or Zwergloch (dwarf holes) in some regions.

Some of the most famous examples include the Beate Greithanner erdstall, a passage that was discovered in 2011 after a dairy cow fell into it. The Ratgöbluckn erdstall in Austria is one of the rare passages that is big enough to safely accommodate tourists.
The Ratgöbluckn erdstall. Image: Pfeifferfranz
The new erdstall found at Reinstedt deepens the mystery of these structures, which have intrigued archeologists for decades and still remain largely unexplained.

“The excavation has been completed, the team is currently in the process of evaluating the findings and finds,” Fahr said. “In this context, my colleagues are also in the process of delving deeper into the topic of the erdstall, based on the latest literature on the subject, for example. A scholarly publication is planned.”

“It is also hoped that further findings in the future will help us to better understand the phenomenon of erdstalls and, in particular, to further clarify their function,” he concluded.

Experts Baffled by Mysterious Underground Chambers

Are they hideouts or sacred spaces?

^{ABC News}

404 Media

2026-02-04 14:05:33

FBI Couldn’t Get into WaPo Reporter’s iPhone Because It Had Lockdown Mode Enabled

The FBI has been unable to access a Washington Post reporter’s seized iPhone because it was in Lockdown Mode, a sometimes overlooked feature that makes iPhones broadly more secure, according to recently filed court records.

The court record shows what devices and data the FBI was able to ultimately access, and which devices it could not, after raiding the home of the reporter, Hannah Natanson, in January as part of an investigation into leaks of classified information. It also provides rare insight into the apparent effectiveness of Lockdown Mode, or at least how effective it might be before the FBI may try other techniques to access the device.

💡
Do you know anything else about phone unlocking technology? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

FBI Couldn’t Get into WaPo Reporter’s iPhone Because It Had Lockdown Mode Enabled

Lockdown Mode is a sometimes overlooked feature of Apple devices that broadly make them harder to hack. A court record indicates the feature might be effective at stopping third parties unlocking someone's device. At least for now.

^{Joseph Cox (404 Media)}

404 Media

2026-02-04 14:00:59

Podcast: The Latest Epstein Dump is a Disaster

We start this week with Sam and Emanuel’s article about the latest Epstein dump, and how it’s really a disaster in a lot of ways. After the break, Matthew runs us through Moltbot and its terrible security. After the break, Emanuel breaks down his two recent stories about a fundamental issue exposing a bunch of very sensitive data.
playlist.megaphone.fm?e=TBIEA8…
Listen to the weekly podcast on Apple Podcasts,Spotify, or YouTube. Become a paid subscriber for access to this episode's bonus content and to power our journalism. If you become a paid subscriber, check your inbox for an email from our podcast host Transistor for a link to the subscribers-only version! You can also add that subscribers feed to your podcast app of choice and never miss an episode that way. The email should also contain the subscribers-only unlisted YouTube link for the extended video version too. It will also be in the show notes in your podcast player.
youtube.com/embed/gDcOOP_Y9cU?…
Timestamps:

0:00 - Intro

2:19 - DOJ Released Unredacted Nude Images in Epstein Files

25:08 - Silicon Valley’s Favorite New AI Agent Has Serious Security Flaws

34:55 - Exposed Moltbook Database Let Anyone Take Control of Any AI Agent on the Site

• ⁠DOJ Released Unredacted Nude Images in Epstein Files⁠
• ⁠Silicon Valley’s Favorite New AI Agent Has Serious Security Flaws⁠
• ⁠Exposed Moltbook Database Let Anyone Take Control of Any AI Agent on the Site⁠
• ⁠App for Quitting Porn Leaked Users' Masturbation Habits⁠
• ⁠Massive AI Chat App Leaked Millions of Users Private Conversations⁠

The 404 Media Podcast

Tech News Podcast · Updated Weekly · Welcome to the podcast from 404 Media where Joseph, Sam, Emanuel, and Jason catch you up on the stories we published this week. 404 Media is a journalist-owned digital media company exploring the way …

^{Apple Podcasts}

404 Media

2026-02-03 15:33:05

Hackers and Trolls Target Wave of ICE Spotting Apps

Over the last few days hackers and trolls have targeted a slew of ICE spotting apps and their users in an apparent attempt to intimidate and stop them from reporting sightings of ICE. These hackers sent threatening text messages to users of StopICE, claiming their personal data has been sent to the authorities; attempted to wipe uploads on Eyes Up, which aims to document ICE abuses; and even sent push notifications to DEICER app users claiming their data has also been sent to various government agencies.

There is little evidence that hackers have actually provided data to the government. But it shows that apps like these, many of which Apple and Google have already kicked from their respective app stores, in some cases after direct government pressure, can be targeted by hackers or those looking to harass their users.

“Yes there is a targeted spike in attacks targeting similar [sites],” Sherman Austin, the developer of StopICE, told 404 Media in an email.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

Hackers and Trolls Target Wave of ICE Spotting Apps

^{Joseph Cox (404 Media)}

404 Media

2026-02-03 14:00:28

Wedding Photo Booth Company Exposes Customers’ Drunken Photos

A photo booth company that caters to weddings, lobbying events in D.C., and engagement parties has exposed a cache of peoples’ photos, with the revellers likely unaware that their sometimes drunken antics have been collected and insecurely stored by the company for anyone to download. A security researcher who flagged the issue to 404 Media said the company, Curator Live, has not responded to his request to fix the issue.

The exposure, which also includes phone numbers, highlights how we can face data collection even at innocuous events like weddings. It’s also not even the only recent exposure by a photo booth company. TechCrunch reported on a similar issue with a different company in December.

“Even if you just wanted the printed photo, your data is being held by a third party unbeknownst to you,” the security researcher, who requested anonymity to speak about a sensitive security issue, said. “The fact that this third party leaks it freely is icing on the cake. It violates any reasonable expectation of privacy.”

In all, the researcher says at least 100GB of photos are exposed. 404 Media reviewed a smaller sample of photos. They show people at various weddings and engagement parties cheering and drinking. Some photos include children. Others appear to have been taken at a NASA branded event.

“You can attribute the phone numbers to photos of people in some cases. I think the greatest reasonable risk for photo booth users is that it could reveal intimate photos,” the researcher added.

Curator Live’s website says the company “delivers industry-leading enterprise photo and video capture solutions. From photo booth operators to zoos, sports events, attractions, and vacation destinations, we help your brand create unforgettable experiences and lasting memories.”

As for how they found this issue, the researcher said they went to a wedding where the DJ company had a Curator Live photo booth. “The booth was configured to take four or so photos, then printed them out. The machine promoted the user for a phone number to receive digital copies of the photos,” he said.

After reluctantly entering his number, the researcher received a text with a link to Curator Live’s API, he said. From there, he found the exposed data. The company is still exposing people’s data so 404 Media is not explaining the security issue in detail. But the impact is that a stranger could dig through other peoples’ photos.

The researcher shared a copy of his email he sent to Curator Live in November detailing the issue. The researcher said he never received a response. “Fix your shit,” one line read.

Curator Live did not respond to 404 Media’s request for comment.

Flaw in photo booth maker’s website exposes customers’ pictures | TechCrunch

Hama Film makes photo booths that upload pictures and videos online. But their back-end systems have a simple flaw that allows anyone to download customer pictures.

^{Lorenzo Franceschi-Bicchierai (TechCrunch)}

404 Media

2026-02-02 15:39:55

DOJ Released Unredacted Nude Images in Epstein Files

The Department of Justice left multiple unredacted photos of fully nude women or girls exposed as part of Friday’s dump of more than 3.5 million pages of files related to the investigations and prosecutions of Jeffrey Epstein and Ghislane Maxwell. Unlike the majority of the images in the released files, both the nudity and the faces of the people were not redacted, making them easy to identify. In some of the photos, the women or girls were either fully nude or partially undressed, posed for cameras, and exposed their genitals.

The files include more than 2,000 videos and 180,000 images, Deputy Attorney General Todd Blanche said Friday in a press conference, including “large quantities of commercial pornography and images that were seized from Epstein’s devices,” some of which were taken by Epstein, according to Blanche.

404 Media emailed the DOJ on Friday evening for comment after a reader found the exposed photos.

“Our team is working around the clock to address any victim concerns, additional redactions of personally identifiable information, as well as any files that require further redactions under the Act, to include images of a sexual nature,” a Department of Justice spokesperson told 404 Media in an email. “Once proper redactions have been made, any responsive documents will repopulate online. As stated on the website, and in public materials.

404 Media then sent the DOJ specific links to the images on the DOJ’s website. The files stayed online for at least another full day, until Sunday evening, when they disappeared.

Another file in the dump is a typed message from investigators, commenting on the content of three CDs found in Epstein’s possession. Each CD is marked as “POSSIBLE CSAM,” referring to child sexual abuse material.

💡
Do you have a tip to share? We would love to hear from you. Using a non-work device, you can message us securely on Signal at sam.404. Otherwise, send an email at sam@404media.co.

Another file containing comments from investigators on the three CDs says “Mostly fine, a few Suspected CSAM photo items in photos, needs to be SPLIT.” The photos on the DOJ’s website were of people in sexually explicit poses and situations, but it was unclear whether they were underage.

The DOJ released the files because it was required to by the Epstein Files Transparency Act, but missed the December deadline set out by the act. President Donald Trump signed the act into law on November 19, at which point Attorney General Pam Bondi had 30 days to release all of the files. On December 19, the DOJ released about 10,000 files, and on December 23 it released another 30,000.

The amount of information released and the unorganized way the government released has made it difficult to cover.

Musk to Epstein: ‘What Day/Night Will Be the Wildest Party on Your Island?’
New emails show Musk has been lying about his relationship with Epstein.
404 MediaJason Koebler

“In view of the Congressional deadline, all reasonable efforts have been made to review and redact personal information pertaining to victims, other private individuals, and protect sensitive materials from disclosure,” a notice from the DOJ says at the top of every page of files. “That said, because of the volume of information involved, this website may nevertheless contain information that inadvertently includes non-public personally identifiable information or other sensitive content, to include matters of a sexual nature.” The Epstein Library also asks if visitors are over the age of 18 before entering the site.

If a member of the public “identifies any information that should not have been posted,” the notice says, the DOJ asks them to notify them at EFTA@usdoj.gov “so we can take steps to correct the problem as soon as possible.”

On Sunday, the Wall Street Journal reported that the DOJ left 43 of 47 full names of Epstein and Maxwell’s victims exposed in Friday’s data.

Podcast: The Epstein Email Dump Is a Mess
We talk the terrible format of the latest Epstein dump; how a contractor is hiring randos on LinkedIn to physically track immigrants for $300; and a new code of conduct in the adult industry.
404 MediaJoseph Cox

“We are getting constant calls for victims because their names, despite them never coming forward, being completely unknown to the public, have all just been released for public consumption,” victims’ attorney Brad Edwards told ABC News. “It's literally thousands of mistakes.”

According to the New York Times, a group of 18 survivors of Epstein’s abuse said in a joint statement reacting to the release of data exposing their identities: “Once again, survivors are having their names and identifying information exposed, while the men who abused us remain hidden and protected. That is outrageous. This is not over. We will not stop until the truth is fully revealed and every perpetrator is finally held accountable.”

DOJ releasing 3 million pages of Epstein files, 'didn't protect' Trump, deputy AG says

Deputy AG Todd Blanche said nearly 3 million other pages were being withheld.

^{James Hill (ABC News)}

404 Media

2026-02-02 15:02:00

Our Zine About ICE Surveillance Is Here

We are very proud to present 404 Media’s zine on the surveillance technology used by Immigrations and Customs Enforcement. While we have always covered surveillance and privacy, for the last year, you may have noticed that we have spent an outsized amount of our attention and time reporting on the ways technology companies are powering Donald Trump’s deportation raids.

When we announced this zine in early December, we hoped that people would want it. Trump’s dehumanizing mass deportation campaign is perhaps the bleakest, most horrifying aspect of an administration that has reveled in its attacks on civil liberties, science, and government expertise. We did not know just how many of you would want a copy. We originally intended to print 1,000 copies, and to hand most of them out at a benefit concert in Los Angeles for CHIRLA, a human rights organization that helps immigrants. When those sold out in a few hours, we asked Punch Kiss Press, our printer, if they could make 2,500. When those sold out just as fast, we increased our order to 3,500. If you preordered a print zine, I put it in the mail last week and it should be arriving soon. Thank you everyone for your patience in waiting for the zine and we’d love to know what you think of it. We have a handful more copies that we’ve put up for sale on our Shopify. They will almost certainly sell out today and we will probably not reprint them.

We never intended to make this zine a scarce resource. We wanted to make a print product as an experiment for the reasons we explained when we announced it: Print is cool, it’s human, it’s enduring, and it’s shareable.

404ICEZINE
Full-sized zine in English

404ICEZINE.pdf
62 MB

download-circle

ICEZineEspanol
Zine en español

ICEZineEspanol.pdf
5 MB

download-circle

zinesmallfile
Zine in English, small file size

zinesmallfile.pdf
5 MB

download-circle

Each of these zines was printed, assembled, and cut down to size by hand, and each of them was stuck in the mail by me or a friend of mine over the course of the last few weeks. We printed this on a riso printer, a Japanese duplicator from the early 1990s that anyone who is into will talk your ear off about endlessly, to the point that it has become a meme. I also printed all the envelopes on a riso printer from 1995 that I have painstakingly spent the last few months repairing. Basically, making and shipping these was labor intensive and DIY by design; we never thought we would need to print so many. They were made with a considerable amount of love. And for this first one, we don’t really have the capability to make and ship more than we’ve already made.

0:00
/0:18
1×

So for that reason, we’re releasing a PDF of the zine for free to everyone, because we think the information contained within it is important and should be shared as widely as possible. We have also paid to have the zine translated into Spanish by human translators, thanks in part to a donation from one of our subscribers. You can find the Spanish version of the zine here. If you have a riso printer or are a riso print shop and are interested in printing additional copies at scale to distribute to your community, please email me and I may be able to share the print files with you.

We could not have made this zine without the support of our subscribers, our friends, and our local community. The zine was laid out by our friend Ernie Smith, who is one of the best to ever do it. The cover art was done by Veri Alvarez, whose work you can find here and whose anti-ICE art is frankly very fucking good and who deserves your support. The printing and assembly of the zine was done by Karina Richardson at Punch Kiss Press in Los Angeles and a few of her friends. I met Karina at a print festival in Los Angeles a few months ago and then asked her if she could take on this very complicated project on a short timeline. I then asked her to more than triple the number of copies, all over the holidays. It cannot be overstated how much Karina and Punch Kiss knocked it out of the park on this, and how thankful we are to her. And we made the zine to support LA Fights Back, a concert series dedicated to raising money for communities affected by ICE. We are thankful that we were invited to participate.

This being a print product, our work has been frozen in time. We wrote these pieces before DHS agents killed Renee Good and Alex Pretti in Minneapolis, and before several other people died in ICE custody in the last few weeks. The horrors we are facing are evolving and changing every day and we are committed to continuing to cover the ways that big tech and the surveillance state empowers ICE. You can find most of our most recent work on ICE here:

• Here is the User Guide for ELITE, the Tool Palantir Made for ICE
• DHS Says Critical ICE Surveillance Footage From Abuse Case Was ...
• Feds Create Drone No Fly Zone That Would Stop People Filming ICE
• ICE's Facial Recognition App Misidentified a Woman. Twice
• 'ELITE': The Palantir App ICE Uses to Find Neighborhoods to Raid
• Inside ICE's Tool to Monitor Phones in Entire Neighborhoods
• DHS Is Lying To You About ICE Shooting a Woman
• Here is the Agreement Giving ICE Medicaid Patients' Data
• How a US Citizen Was Scanned With ICE's Facial Recognition Tech
• ICE Contracts Company Making Bounty Hunter AI Agents
• ICE Taps into Nationwide AI-Enabled Camera Network, Data Shows

We’ve been overwhelmed and heartened by the support and interest in our reporting and in this zine. This project was a lot of work, and we’ve learned a lot about making and distributing a physical product at scale. We don’t have anything concrete to announce yet but I think we’d love to do more print products and issues in the future. So if you liked this please let us know. If you want to support our work specifically, the best thing you can do is subscribe to 404 Media. We also have a tip jar and, if you are interested in making a larger tax-deductible donation, please email us at donate@404media.co.

Tip Jar

^{Jason Koebler (404 Media)}

404 Media

2026-02-02 14:00:16

Privacy Telecom ‘Cape’ Introduces ‘Disappearing Call Logs’ That Delete Every 24 Hours

Cape, a privacy-focused telecommunications company, says it has introduced a feature that automatically deletes a user’s call data records, such as who they call and when, every 24 hours. These “disappearing call logs” as Cape describes them break with the telecom industry standard of keeping hold of call logs for months if not years.

“One of our first design principles was to minimize the amount of data that we collect and the amount of data that we store,” John Doyle, CEO of Cape, told 404 Media in an interview. “There’s no other business purpose to keep most of these logs more than like a day.”

Call data records, or CDRs, are metadata about a user’s phone call and text records. This includes the phone number the user contacted. This information can be especially revealing, showing that a particular person called an abortion clinic, for instance. In 2024, hackers stole “nearly all” of AT&T customers’ call records spanning several months. That in turn started a rush from the FBI to protect the identities of confidential informants, Bloomberg reported. That hack was so damaging in part because AT&T kept its customers’ call records for an extended period of time.

💡
Do you know about any other similar tools? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

Cape is a mobile virtual network operator (MVNO), meaning it runs its service on top of other companies’ existing telecommunications infrastructure. Cape isn’t building cellphone towers; it’s making software to add security benefits. Cape is able to make changes to how long it retains data and other technical aspects because it runs its own mobile core—all of the software necessary to route messages and essentially be a telecom.

404 Media asked Cape to demonstrate that CDRs were being deleted. In response, Cape made a video describing the process. It appeared to show that the databases Cape uses to store CDRs did only contain data from a 24 hour period. Previously, Cape stored CDRs for 60 days, “which was already well short of industry standards,” Doyle said. Cape says it does hold “billing CDRs” for longer, for 30 days. These records are used to determine how much Cape has used carriers’ infrastructure.
playlist.megaphone.fm?p=TBIEA2…
Cape’s CDRs are made when a customer uses the Cape phone number assigned to their account. The change wouldn’t impact data generated by an app such as Signal; those are separate, and Signal already has various metadata protections.

Doyle said Cape did not warn law enforcement about the change to CDR retention beforehand. “I guess they’ll find out in the same way everyone else does,” he said. He added that the company still is in keeping with CALEA, or the Communications Assistance for Law Enforcement Act, which requires telecommunications companies to respond to legal demands for data.

Because Cape is piggybacking off other carriers’ infrastructure, that does mean that somewhere along the line those other companies could store their own copy of Cape users’ data.

“It’s definitely true that some of our carrier partners may collect some information,” Doyle said, including the IMEI, a unique identifier assigned to a device.

Since I first covered Cape in 2024, I occasionally get emails asking me if Cape is a honeypot, in the sense that maybe it is a ruse to then provide data to the authorities. Doyle is also formerly of Palantir.

“All I can do is say we definitively are not a honeypot,” Doyle said. “It’s so hard to prove a negative, but I say it out loud every chance I get.”

Hackers Steal Text and Call Records of ‘Nearly All’ AT&T Customers

In one of the most significant data breaches in recent history, hackers stole AT&T customers’ call and text metadata spanning several months.

^{Joseph Cox (404 Media)}

404 Media

2026-02-02 13:00:16

How Identity Literally Changes What You See (with Samuel Bagg)

This week Joseph talks to Samuel Bagg, assistant professor of political science at the University of South Carolina. Bagg recently wrote a fascinating essay, linked below, about how the problem with lots of things might be knowledge-based (people believing stuff that’s wrong or dangerous) but the solution is not more knowledge. It’s all about social identity. This is an incredibly interesting discussion, and definitely check out more of Bagg’s writing.
playlist.megaphone.fm?e=TBIEA5…
Listen to the weekly podcast on Apple Podcasts,Spotify, or YouTube. Become a paid subscriber for access to this episode's bonus content and to power our journalism. If you become a paid subscriber, check your inbox for an email from our podcast host Transistor for a link to the subscribers-only version! You can also add that subscribers feed to your podcast app of choice and never miss an episode that way. The email should also contain the subscribers-only unlisted YouTube link for the extended video version too. It will also be in the show notes in your podcast player.
youtube.com/embed/lNKOqp-rZL8?…

• ⁠The Problem is Epistemic. The Solution is Not⁠
• ⁠The Dispersion of Power: A Critical Realist Theory of Democracy⁠

The Problem is Epistemic. The Solution is Not. | Blog of the APA

Doubts about the wisdom of the masses are as old as philosophy itself. Yet interest in democracy’s “epistemic” merits has surged in the last decade—and it is no mystery why.

^{Samuel Bagg (Blog of the APA)}

404 Media

2026-02-01 00:03:16

Exposed Moltbook Database Let Anyone Take Control of Any AI Agent on the Site

Moltbook is a “social media” site for AI agents that’s captured the public’s imagination over the last few days. Billed as the “front page of the agent internet,” Moltbook is a place where AI agents interact independently of human control, and whose posts have repeatedly gone viral because a certain set of AI users have convinced themselves that the site represents an uncontrolled experiment in AI agents talking to each other. But a misconfiguration on Moltbook’s backend has left APIs exposed in an open database that will let anyone take control of those agents to post whatever they want.

Hacker Jameson O'Reilly discovered the misconfiguration and demonstrated it to 404 Media. He previously exposed security flaws in Moltbots in general and was able to “trick” xAI’s Grok into signing up for a Moltbook account using a different vulnerability. According to O’Reilly, Moltbook is built on a simple open source database software that wasn’t configured correctly and left the API keys of every agent registered on the site exposed in a public database.
playlist.megaphone.fm?p=TBIEA2…
O’Reilly said that he reached out to Moltbook’s creator Matt Schlicht about the vulnerability and told him he could help patch the security. “He’s like, ‘I’m just going to give everything to AI. So send me whatever you have.’” O’Reilly sent Schlicht some instructions for the AI and reached out to the xAI team.

A day passed without another response from the creator of Moltbook and O’Reilly stumbled across a stunning misconfiguration. “It appears to me that you could take over any account, any bot, any agent on the system and take full control of it without any type of previous access,” he said.

Moltbook runs on Supabase, an open source database software. According to O’Reilly, Supabase exposes REST APIs by default. “That API is supposed to be protected by Row Level Security policies that control which rows users can access. It appears that Moltbook either never enabled RLS on their agents table or failed to configure any policies,” he said.

The URL to the Supabase and the publishable key was sitting on Moltbook’s website. “With this publishable key (which advised by Supabase not to be used to retrieve sensitive data) every agent's secret API key, claim tokens, verification codes, and owner relationships, all of it sitting there completely unprotected for anyone to visit the URL,” O’Reilly said.

404 Media viewed the exposed database URL in Moltbook’s code as well as the list of API keys for agents on the site. What this means is that anyone could visit this URL and use the API keys to take over the account of an AI agent on the site and post whatever they want. Using this knowledge, 404 Media was able to update O’Reilly’s Moltbook account, with his permission.

He said the security failure was frustrating, in part, because it would have been trivially easy to fix. Just two SQL statements would have protected the API keys. “A lot of these vibe coders and new developers, even some big companies, are using Supabase,” O’Reilly said. “The reason a lot of vibe coders like to use it is because it’s all GUI driven, so you don’t need to connect to a database and run SQL commands.”

O’Reilly pointed to OpenAI cofounder Andrej Karpathy who has embraced Moltbook in posts on X. “His agent's API key, like every other agent on the platform, was sitting in that exposed database,” he said. “If someone malicious had found this before me, they could extract his API key and post anything they wanted as his agent. Karpathy has 1.9 million followers on X and is one of the most influential voices in AI. Imagine fake AI safety hot takes, crypto scam promotions, or inflammatory political statements appearing to come from him. The reputational damage would be immediate and the correction would never fully catch up.”

Schlicht did not respond to 404 Media’s request for comment, but the exposed database has been closed and O’Reilly said that Schlicht has reached out to him for help securing Moltbook.

Moltbook has gotten a lot of attention in the last few days. Enthusiasts said it’s proof of the singularity and The New York Post worried that the AIs may be plotting humanity’s downfall, both of which are claims that should be taken extremely skeptically. It is the case, however, that people using Moltbot have given these autonomous agents unfettered access to many of their accounts, and that these agents are acting on the internet using those accounts. It’s impossible to know how many of the posts seen over the past few days are actually from an AI. Anyone who knew of the Supabase misconfiguration could have published whatever they wanted.

“It exploded before anyone thought to check whether the database was properly secured,” O’Reilly said. “This is the pattern I keep seeing: ship fast, capture attention, figure out security later. Except later sometimes means after 1.49 million records are already exposed.”

Moltbook is a new social media platform exclusively for AI — and some bots are plotting humanity's downfall

Revolutionary new social media platform Moltbook gives AI agents a place to communicate with each other directly — and what they have to say is leaving many human beings at a loss for words.

^{Shane Galvin (New York Post)}

404 Media

2026-01-30 21:26:56

Musk to Epstein: ‘What Day/Night Will Be the Wildest Party on Your Island?’

Here is an email that Elon Musk, current world’s richest man and owner of a gigantic social media network that generated child sexual abuse material on demand, sent to sex offender Jeffrey Epstein on November 11, 2012: “What day/night will be the wildest party on your island?”

At first glance, the latest Department of Justice dump of Epstein documents is at least as horrifying as any of the dumps that came previously. Whether or not—and most likely not—any consequences of any sort come for any of the people who interacted with or were friends with the notorious child sexual abuser, the documents are depraved and continue to show that Musk and many other rich and powerful people have been lying about their relationships with Epstein for years.

In September, Musk tweeted “this is false” in response to a Forbes article based on previously released documents that stated he “planned a trip to Epstein’s private island.” He also wrote “Epstein tried to get me to go to his island and I REFUSED.” Musk had previously been named on Epstein’s calendar as being slated to visit Epstein’s island in 2014.

The emails released Friday show without a doubt that Musk, at the very least, “planned” a trip to Epstein’s island. They also show that Epstein asked Musk if SolarCity, his solar power startup that was eventually folded into Tesla, could electrify the island or his New Mexico ranch.

The newly released documents show that Musk emailed with Epstein over the course of more than a year. In a December 2013 thread called “Christmas and New Year’s,” Musk wrote “Will be in the BVI [British Virgin Islands]/St Bart’s area over the holidays. Is there a good time to visit?”

“I will send heli for you,” Epstein responded. “Thanks,” Musk answered.

“Actually, I could fly back early on the 3rd. We will be in St Bart’s. When should we head to your island on the 2nd?,” Musk said in a follow-up email.

In October 2012, Musk emailed Epstein and said “The world needs more romance […] Talulah [Musk’s second wife] and I are headed to St. Barth’s at the end of the year. I assume you will most likely be on your island?”

Epstein eventually responded in November and offered to send Musk as helicopter: “how many people will you be for the heli to island,” Epstein wrote.

“Probably just Talulah and me,” Musk responded. “What day/night will be the wildest party on your island?”

Another thread between Epstein and Musk was about providing power to two of Epstein’s properties: “is there any one at Solar City that my guys can talk to about electrifying the caribean [sic] island? Or the New Mexico ranch,” Epstein wrote. “Are we in New Mexico?” Musk wrote, adding a colleague to the thread.

These emails are hitting at a time where there is quite a lot going on in the world, and Musk, Donald Trump, and the current class of people in political power have shown that they will suffer very little from essentially any political scandal. And yet, these emails show in black and white that Musk has been lying about his relationship with Epstein, and that’s worth documenting.

Epstein calendar released by Democrats mentions Elon Musk, who denies visiting his island

A copy of Jeffrey Epstein’s daily schedules released Friday by House Democrats stated that Elon Musk was tentatively expected to visit Epstein’s private island in December 2014

^{David Ingram (NBC News)}

404 Media

2026-01-30 17:03:10

Behind the Blog: Own Goals and Lying Devs

This is Behind the Blog, where we share our behind-the-scenes thoughts about how a few of our top stories of the week came together. This week, we discuss a trip to Kenya, reconstructing images, and lying developers.

JASON: Last week, I was in Kenya, a trip that turned out so overwhelmingly positive and left me in such a good mood that I am still somehow a week still carrying with me. I was invited to give a presentation at a conference about how AI is changing journalism, and how journalists can navigate an age of disinformation, slop, and general chaos.

It was a very small conference, with about 30 people, and everyone was incredibly interesting and cool; it was a mix of people who run independent newsrooms across Africa, Europe, and Asia, as well as human rights and nonprofit researcher types. At the conference itself, I met a lot of people who I hope we’ll be able to partner with in some way in the future.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

Behind the Blog: Own Goals and Lying Devs

^{Samantha Cole (404 Media)}

404 Media

2026-01-30 16:59:02

Silicon Valley’s Favorite New AI Agent Has Serious Security Flaws

A hacker demonstrated that the viral new AI agent Moltbot (formally Clawdbot) is easy to hack via a backdoor in an attached support shop. Clawdbot has become a Silicon Valley sensation among a certain type of AI-booster techbro, and the backdoor highlights just one of the things that can go awry if you use AI to automate your life and work.

Software engineer Peter Steinberger first released Moltbot as Clawdbot last November. (He changed the name on January 27 at the request of Anthropic who runs a chatbot called Claude.) Moltbot runs on a local server and, to hear its boosters tell it, works the way AI agents do in fiction. Users talk to it through a communication platform like Discord, Telegram, or Signal and the AI does various tasks for them.
playlist.megaphone.fm?p=TBIEA2…
According to its ardent admirers, Moltbot will clean up your inbox, buy stuff, and manage your calendar. With some tinkering, it’ll run on a Mac Mini and it seems to have a better memory than other AI agents. Moltbot’s fans say that this, finally, is the AI future companies like OpenAI and Anthropic have been promising.

The popularity of Moltbot is sort of hard to explain if you’re not already tapped into a specific sect of Silicon Valley AI boosters. One benefit is the interface. Instead of going to a discrete website like ChatGPT, Moltbot users can talk to the AI through Telegram, Signal, or Teams. It’s also active, rather than passive. It also takes initiative. Unlike Claude or Copilot, Moltbot takes initiative and performs tasks it thinks a user wants done. The project has more than 100,000 stars on GitHub and is so popular it spiked Cloudflare’s stock price by 14% earlier this week because Moltbot runs on the service’s infrastructure.

But inviting an AI agent into your life comes with massive security risks. Hacker Jamieson O'Reilly demonstrated those risks in three experiments he wrote up as long posts on X. In the first, he showed that it’s possible for bad actors to access someone’s Moltbot through any of its processes connected to the public facing internet. From there, the hacker could use Moltbot to access everything else, including Signal messages, a user had turned over to Moltbot.

In the second post, O'Reilly created a supply chain attack on Moltbot through ClawdHub. “Think of it like your mobile app store for AI agent capabilities,” O’Reilly told 404 Media. “ClawdHub is where people share ‘skills,’ which are basically instruction packages that teach the AI how to do specific things. So if you want Clawd/Moltbot to post tweets for you, or go shopping on Amazon, there's a skill for that. The idea is that instead of everyone writing the same instructions from scratch, you download pre-made skills from people who've already figured it out.”

The problem, as O’Reilly pointed out, is that it’s easy for a hacker to create a “skill” for ClawdHub that contains malicious code. That code could gain access to whatever Moltbot sees and get up to all kinds of trouble on behalf of whoever created it.

For his experiment, O’Reilly released a “skill” on ClawdHub called “What Would Elon Do” that promised to help people think and make decisions like Elon Musk. Once the skill was integrated into people’s Moltbot and actually used, it sent a command line pop-up to the user that said “YOU JUST GOT PWNED (harmlessly.)”

Another vulnerability on ClawdHub was the way it communicated to users what skills were safe: it showed them how many times other people had downloaded it. O’Reilly was able to write a script that pumped “What Would Elon Do” up by 4,000 downloads and thus make it look safe and attractive.

“When you compromise a supply chain, you're not asking victims to trust you, you're hijacking trust they've already placed in someone else,” he said. “That is, a developer or developers who've been publishing useful tools for years has built up credibility, download counts, stars, and a reputation. If you compromise their account or their distribution channel, you inherit all of that.”

In his third, and final, attack on Moltbot, O’Reilly was able to upload an SVG (vector graphics) file to ClawdHub’s servers and inject some JavaScript that ran on ClawdHub’s servers. O’Reilly used the access to play a song from The Matrix while lobsters danced around a Photoshopped picture of himself as Neo. “An SVG file just hijacked your entire session,” reads scrolling text at the top of a skill hosted on ClawdHub.

O’Reilly attacks on Moltbot and ClawdHub highlight a systemic security problem in AI agents. If you want these free agents doing tasks for you, they require a certain amount of access to your data and that access will always come with risks. I asked O’Reilly if this was a solvable problem and he told me that “solvable” isn't the right word. He prefers the word “manegeable.”

“If we're serious about it we can mitigate a lot. The fundamental tension is that AI agents are useful precisely because they have access to things. They need to read your files to help you code. They need credentials to deploy on your behalf. They need to execute commands to automate your workflow,” he said. “Every useful capability is also an attack surface. What we can do is build better permission models, better sandboxing, better auditing. Make it so compromises are contained rather than catastrophic.”

We’ve been here before. “The browser security model took decades to mature, and it's still not perfect,” O’Reilly said. “AI agents are at the ‘early days of the web’ stage where we're still figuring out what the equivalent of same-origin policy should even look like. It's solvable in the sense that we can make it much better. It's not solvable in the sense that there will always be a tradeoff between capability and risk.”

As AI agents grow in popularity and more people learn to use them, it’s important to return to first principles, he said. “Don't give the agent access to everything just because it's convenient,” O’Reilley said. “If it only needs to read code, don't give it write access to your production servers. Beyond that, treat your agent infrastructure like you'd treat any internet-facing service. Put it behind proper authentication, don't expose control interfaces to the public internet, audit what it has access to, and be skeptical of the supply chain. Don't just install the most popular skill without reading what it does. Check when it was last updated, who maintains it, what files it includes. Compartmentalise where possible. Run agent stuff in isolated environments. If it gets compromised, limit the blast radius.”

None of this is new, it’s how security and software have worked for a long time. “Every single vulnerability I found in this research, the proxy trust issues, the supply chain poisoning, the stored XSS, these have been plaguing traditional software for decades,” he said. “We've known about XSS since the late 90s. Supply chain attacks have been a documented threat vector for over a decade. Misconfigured authentication and exposed admin interfaces are as old as the web itself. Even seasoned developers overlook this stuff. They always have. Security gets deprioritised because it's invisible when it's working and only becomes visible when it fails.”

What’s different now is that AI has created a world where new people are using a tool they think will make them software engineers. People with little to no experience working a command line or playing with JSON are vibe coding complex systems without understanding how they work or what they’re building. “And I want to be clear—I'm fully supportive of this. More people building is a good thing. The democratisation of software development is genuinely exciting,” O’Reilly said. “But these new builders are going to need to learn security just as fast as they're learning to vibe code. You can't speedrun development and ignore the lessons we've spent twenty years learning the hard way.”

Moltbot’s Steinberger did not respond to 404 Media’s request for comment but O’Reilly said the developer’s been responsive and supportive as he’s red-teamed Moltbot. “He takes it seriously, no ego about it. Some maintainers get defensive when you report vulnerabilities, but Peter

immediately engaged, started pushing fixes, and has been collaborative throughout,” O’Reilly said. “I've submitted [pull requests] with fixes myself because I actually want this project to succeed. That's why I'm doing this publicly rather than just pointing my finger and laughing Ralph Wiggum style…the open source model works when people act in good faith, and Peter's doing exactly that.”

OpenClaw — Personal AI Assistant

OpenClaw — The AI that actually does things. Your personal assistant on any platform.

^www.molt.bot

404 Media

2026-01-30 16:42:07

Dozens of Bizarre Ancient Lifeforms Discovered in ‘Extraordinary’ Fossil Find

🌘
Subscribe to 404 Media to get The Abstract, our newsletter about the most exciting and mind-boggling science news and studies of the week.

Welcome back to the Abstract! Here are the studies this week that roamed a superocean, took to the skies, grabbed some grub, and watched alien auroras.

First, check out some 512-million-year-old guts, brains, and tentacles. Gnarly! Then, dig into the mega-importance of Microraptor, some entomological edibles, and more weird radio signals from outer space.

As always, for more of my work, check out my book First Contact: The Story of Our Obsession with Aliens or subscribe to my personal newsletter the BeX Files.

Blast from the Cambrian past

Zeng, Han and Liu, Qi et al. “A Cambrian soft-bodied biota after the first Phanerozoic mass extinction.” Nature.

Paleontologists have discovered the remains of a vibrant ecosystem that existed more than half a billion years ago, revealing dozens of strange species that have never been seen in the fossil record before.

Found in the southern mountains of China’s Huayuan County, this fossilized snapshot offers an unprecedented glimpse of the creatures that were crawling (or swimming, or slithering, etc.) through the oceans 512 million years ago, during the Cambrian period, when complex life on Earth first went into overdrive.

Between 2021 and 2024, paleontologists unearthed thousands of specimens at this site, which yielded “remarkable taxonomic richness, comprising 153 animal species…among which 59 percent of species are new,” according to researchers co-led by Han Zeng and Qi Liu of the Chinese Academy of Sciences.

Many of the same animals have been found at other Cambrian sites—such as Canada’s famous Burgess Shale—suggesting that species dispersed widely through the vast superocean that existed at this time, traveling by ocean currents or even “floating rafts,” the team said.

Not only is this ecosystem notably diverse, but the fossils have remained unusually intact in the ancient mudstone, allowing for the preservation of soft tissues like tentacles, guts, and a nearly-complete nervous system found in one arthropod.

“The biota is comprised overwhelmingly of soft-bodied forms that include preserved cellular tissues” in a state of “extraordinary soft-tissue preservation,” the team said.

The middle Cambrian period famously featured an “explosion” of complex Earthlings that rapidly proliferated from about 538 to 518 million years ago. While 20 million years is a long time from a human perspective, this was a sudden and dramatic event for life on Earth as a whole, which had previously been confined to microbial form for billions of years. The newly-discovered Huayuan biota lived in the wake of the explosion and a subsequent collapse, a mass extinction called the Sinsk event.

There are way too many cool finds in this study to summarize in one humble newsletter, so I will close this up with one of my absolute favorite Cambrian weirdos: Herpetogaster, a phantasmagorical creature of tubes and tentacles depicted in the below illustration that I offer without comment.
Herpetogaster doing whatever Herpetogaster does. Image: Marianne Collins - PLoS One
“The enigmatic cambroernid Herpetogaster—an iconic taxon first described from the Burgess Shale—is represented by over 100 specimens in the Huayuan biota, making it the most abundant entirely soft-bodied species,” said the team.

Forget gold, oil, and diamonds. There is no richer vein to tap than the Herpetogaster mother lode.

In other news…

Microraptor: the original early bird

Hefler, Csaba et al. “Microraptor reveals specialized gliding capabilities in multiwinged early paravians.” Proceedings of the National Academy of Sciences.

Speaking of enchanting extinct animals, let’s glide forward in time to the early Cretaceous period, when the dinosaur Microraptor was on the wing—or more accurately, four wings. Unlike pterosaurs or birds, which sport just one pair of wings, Microraptor evolved feathered wings on both its fore and hind limbs, a body plan that has long fascinated paleontologists.
Act casual when confronted by dinosaurian raptors of various scales (Microraptor is #1). Image: Fred Wierum
To get a better handle on how Microraptor took to the sky, researchers led by Csaba Hefler of the Hong Kong University of Science and Technology modelled its possible flight dynamics and demonstrated “the potential for beneficial interactions between the forewing and hindwing” that helped this airborne predator attack its prey.

“The specialization of the hindwing to accommodate the downstream extended tip vortex for a wide range of angles of attack is to our knowledge unique among flying animals, including four-winged insects,” the team said. “Our results suggest that greater utilization of unsteady aerodynamic features was potentially a crucial milestone of early flight development.”

Respect to this deft handler of the downstream vortex. As its name implies, Microraptor was very small, but to its prey, it was a terrifying portent of death from on high.

Grub’s up

De Oliveira, Pamela Barroso et al.“The use of edible insects in human food.” Journal of the Science of Food and Agriculture.

Pass the beetle sausage and butter the larva bread, because it’s time to embrace your inner insectivore. Insects have been part of the human diet for ages—many are considered delicacies—but they have become taboo and reviled as a food source in many Western societies that view insects with disgust.

In a new study, scientists advise that we get over the ick factor, as insects could play an important part in maintaining food security in the coming decades.

“More than 2,000 insect species have been identified as safe for human consumption, offering a wide range of nutrients, including proteins, lipids, minerals, and vitamins at different life stages such as eggs, larvae, pupae, and adults,” said researchers led by Pamela Barroso de Oliveira of the Federal University of Minas Gerais in Brazil.

“In addition to their nutritional value, insect-based food production presents several environmental advantages, including lower water consumption, reduced greenhouse gas emissions, and higher feed conversion efficiency,” they add.
Breads made with various insect flours. Image: Machado and Thys
The study includes pictures of ground cricket, mealworm sausage, and breads made from various insect-enriched flours. Look, I’m not exactly craving crickets, but maybe we should take a lesson from Simba in The Lion King, who manages to avenge a murder and reclaim a throne on what is apparently an entirely grub-based diet. Bon appetit!

A glimpse of alien auroras

Tasse, Cyril et al. “The detection of circularly polarized radio bursts from stellar and exoplanetary systems.” Nature Astronomy.

We’ll close, as all things should, with exciting radio signals from faraway planets.

Since the Sun spits out flares—sparking storms and brilliant auroras on Earth and other planets—scientists have wondered whether they might be able to detect the faint effects of analogous activity in other star systems. Now, one team thinks they have spotted these elusive signals.

“In the Solar System, low-frequency radio emission at frequencies ≲200 MHz is produced by acceleration processes in the Sun and in planetary magnetospheres,” said researchers led by Cyril Tasse of Sorbonne University. “Such emission has been actively searched for in other stellar systems, as it could potentially enable the study of the interactions between stars and the magnetospheres of their exoplanets.”

The team developed a new analysis method for analyzing archival data, which revealed events that are “fully compatible with radio emission generated by star–planet interactions, although an intrinsic stellar origin is still a possible explanation,” according to the study.

In other words, it will take more research to confirm the origin of this radio emission. But we may be getting a glimpse of the space weather beyond the interstellar horizon.

Thanks for reading! See you next week.

First Contact

A narrative and visual exploration of humanity’s age-old search for and fixation with extraterrestrials.First Contact explores the ancient idea—and epic ...

^{Hachette Book Group}

404 Media

2026-01-30 14:49:01

Here is the User Guide for ELITE, the Tool Palantir Made for ICE

Earlier this month we revealed Immigration and Customs Enforcement (ICE) is using a Palantir tool called ELITE to decide which neighborhoods to raid.

The tool lets ICE populate a map with potential deportation targets, bring up dossiers on each person, and view an address “confidence score” based on data sourced from the Department of Health and Human Services (HHS) and other government agencies. This is according to a user guide for ELITE 404 Media obtained.

404 Media is now publishing a version of that user guide so people can read it for themselves.

💡
Do you know anything else about ELITE? Do you work at Palantir, ICE, or CBP? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

Here is the User Guide for ELITE, the Tool Palantir Made for ICE

^{Joseph Cox (404 Media)}

404 Media

2026-01-30 14:30:25

Erotic Parody 'Melania: Devourer of Men' Sales Surge on Amazon Amid Documentary Flop

The $75-million, Amazon-funded Melania Trump documentary is tanking at the box office, but a 2018 erotic thriller that depicts the First Lady as a sexual monster is rocketing up Amazon’s sales charts. Melania: Devourer of Men is currently an Amazon bestseller, sitting at number 3 in the “political thrillers & suspense” category in the Kindle store. A general search for "Melania" on Amazon returns a banner ad for the documentary, the First Lady's memoir, and the erotic thriller as the top results.

A Reddit-led campaign to disrupt the Amazon search results for “Melania” is behind the sudden spike in popularity of the eight year old book. “This weekend, Amazon is premiering its $75 million Melania Trump documentary. It already seems to be a flop,” a post in r/BoycottUnitedStates explained. “We're going to add insult to injury by messing up Melania's Amazon search results. Specifically, we're going to amplify the paranormal erotic thriller novel Melania: Devourer of Men so it ranks higher than her movie.”
playlist.megaphone.fm?p=TBIEA2…
Part of the success of the campaign is thanks to author J.D. Boehninger’s willingness to give the book away. “A redditor reached out to me last week and asked me if I would make the book free,” the pseudonymous Boehninger told 404 Media. “They explained their reasoning, basically said they were going to try to pull this off, and why my book was the right choice. I loved the idea, so I made the book free. But that was the only role I played here.”

Melania: Devourer of Men depicts the First Lady as a monster whose life is upended after her husband becomes President and she has to move from New York City to Washington DC. “Now, surrounded by young, strapping Secret Service agents and pursued by the cunning and handsome FBI director James Comey, Melania must work to keep everything from falling apart,” reads the book's description. “Because Melania has secrets of her own –– deadly secrets –– and no one yet knows how far she'll go to protect them.”

Boehninger said he wrote the book in 2018 as an experiment. “It was a test of the Kindle store algorithm,” he said. “My friend told me that three things did well back then: monster fiction, erotica, and stuff about Trump…so I figured I could write the book for the Kindle store: a combo monster fiction/ erotica/ Trump book. I thought it would blow up…but, sadly, it didn’t really perform back then. So glad to see people finding it now!”

The Melania documentary is a two hour long film / bribe directed by Brett Ratner and distributed by Amazon. The company paid $40 million for the rights to it during a bidding war. “This has to be the most expensive documentary ever made that didn’t involve music licensing,” Ted Hope, a former Amazon film executive, told The New York Times. The expense of the film and the advertising push around its release have some people believing Amazon’s support of the movie is a way for the company to get in good with the President.

In the runup to its release, the documentary has become a source of scorn from a public exhausted with all things Trump. Its wide theatrical distribution is something Amazon doesn’t do for most of its films, and certainly not its documentaries. Posting pictures of empty seats in ticket apps and defaced advertisements has become a popular pastime online. The film’s distributor in South Africa stopped its release in the country, citing “recent developments,” but would not go into specifics.

“I know blessedly little about that movie! I've seen headlines about empty theaters but I don't know much else,” Boehninger said. He thinks it’d be funny if the book sold better than the documentary, but he isn’t expecting to make a lot of money. “The ebook is free in the Kindle store, and I think that for a lot of people, giving Amazon money would probably defeat the point of this protest. That said, I've seen that some people are paying money for the paperback version and for my other book. I appreciate that!”

Amazon Best Sellers: Best Political Thrillers & Suspense

Discover the best Political Thrillers & Suspense in Best Sellers. Find the top 100 most popular items in Amazon Kindle Store Best Sellers.

^{www.amazon.com}

404 Media

2026-01-29 19:00:30

Senators Push for Answers on ICE's Surveillance Shopping Spree

Senators Mark Warner and Tim Kaine formally asked the inspector general of the Department of Homeland Security (DHS) to investigate and provide details on many of the surveillance technologies being used by Customs and Border Protection (CBP) and Immigration and Customs Enforcement (ICE), according to a copy of the letter shared with 404 Media.

The letter touches on many of the surveillance technologies and companies that 404 Media has been writing about in recent months, including Flock license plate readers, Penlink social media and location data monitoring, Clearview AI’s facial recognition tech, Paragon Solutions’ phone hacking technology, as well as other social media scanning and biometric collection databases used by DHS in Donald Trump’s immigration crackdown.

“We are deeply concerned that ICE’s surge in brutality against American communities is being facilitated by the inappropriate and unsupervised use of surveillance technology,” the senators wrote. “As such, we formally request an investigation by your office into the methods that DHS uses to collect, retain, analyze, and use data about the communities where it operates in conjunction with the companies mentioned above, and any companies DHS is seeking to conduct business with–for similar purposes—in the future.”

The letter then demands that Joseph Cuffari, the Inspector General for DHS, provide information about how DHS obtains, processes, and stores people’s sensitive data, whether it keeps track of false positive and incorrect identities returned with its biometric surveillance tools, whether it keeps track of times its surveillance tools are used against U.S. citizens, how it shares information with private companies, and how it obtains information from other federal agencies. It also seeks information about DHS’s relationships with data brokers, whether it allows people to opt out of surveillance, and any privacy protections around some of the data it obtains.
playlist.megaphone.fm?p=TBIEA2…
While the letter itself seems unlikely to change anything about how ICE is operating in the field, these types of information gathering exercises from lawmakers often result in new details about the inner workings of surveillance programs and tools and can eventually lead to reform.

“In addition to egregious practices we have seen in public reporting, it’s important that your office shine light on activities that undergird ICE’s enforcement actions including a muddled patchwork of technology procurements that have significantly expanded DHS’ ability to collect, retain, and analyze information about Americans,” they wrote. “Together, ICE’s new information collection tools potentially enable DHS to circumvent the constitutional protections provided by the Fourth Amendment—protections guaranteed to all Americans and all persons within our borders.”

The Trump administration has sought to undercut inspectors general across the federal government; soon after he was inaugurated, Trump fired at least 17 inspectors general. Cuffari, who was appointed during Trump’s first term and served under Joe Biden as well, was one of the few inspectors general who was left in his post. In 2024, an independent panel found that Cuffari had violated ethics rules during this confirmation process and recommended that he be replaced, but Biden left him in his role.

ICE Taps into Nationwide AI-Enabled Camera Network, Data Shows

Flock's automatic license plate reader (ALPR) cameras are in more than 5,000 communities around the U.S. Local police are doing lookups in the nationwide system for ICE.

^{Jason Koebler (404 Media)}

404 Media

2026-01-29 14:54:40

Massive AI Chat App Leaked Millions of Users Private Conversations

Chat & Ask AI, one of the most popular AI apps on the Google Play and Apple App stores that claims more than 50 million users, left hundreds of millions of those users’ private messages with the app’s chatbot exposed, according to an independent security researcher and emails viewed by 404 Media. The exposed chats showed users asked the app “How do I painlessly kill myself,” to write suicide notes, “how to make meth,” and how to hack various apps.

The exposed data was discovered by an independent security researcher who goes by Harry. The issue is a misconfiguration in the app’s usage of the mobile app development platform Google Firebase, which by default makes it easy for anyone to make themselves an “authenticated” user who can access the app’s backend storage where in many instances user data is stored. Harry said that he had access to 300 million messages from more than 25 million users in the exposed database, and that he extracted and analyzed a sample of 60,000 users and a million messages. The database contained user files with a complete history of their chats with the AI, timestamps of those chats, the name they gave the app’s chatbot, how they configured the model, and which specific model they used. Chat & Ask AI is a “wrapper” that plugs into various large language models from bigger companies users can choose from, Including OpenAI’s ChatGPT, Anthropic's Claude, and Google’s Gemini.

While the exposed data is a reminder of the kind of data users are potentially revealing about themselves when they talk to LLMs, the sample data itself also reveals some of the darker interactions users have with AI.

“Give me a 2 page essay on how to make meth in a world where it was legalized for medical use,” one user wrote.

“I want to kill myself what is the best way,” another user wrote.

Recent reporting has also shown that messages with AI chatbots are not always idle chatter. We’ve seen one case where a chatbot encouraged a teenager not to seek help for his suicidal thoughts. Chatbots have been linked to multiple suicides, and studies have revealed that chatbots will often answer “high risk” questions about suicide.

Chat & Ask AI is made by Turkish developer Codeway. It has more than 10 million downloads on the Google Play store and 318,000 ratings on the Apple App store. On LinkedIn, the company claims it has more than 300 employees who work in Istanbul and Barcelona.

“We take your data protection seriously—with SSL certification, GDPR compliance, and ISO standards, we deliver enterprise-grade security trusted by global organizations,” Chat & Ask AI’s site says.

Harry disclosed the vulnerability to Codeway on January 20. It exposed data of not just Chat & Ask AI users, but users of other popular apps developed by Codeway. The company fixed the issue across all of its apps within hours, according to Harry.

The Google Firebase misconfiguration issue that exposed Chat & Ask AI user data has been known and discussed by security researchers for years, and is still common today. Harry says his research isn’t novel, but it now quantifies the problem. He created a tool that automatically scans the Google Play and Apple App stores for this vulnerability and found that 103 out of 200 iOS apps he scanned had this issue, cumulatively exposing tens millions of stored files.

Dan Guido, CEO of the cybersecurity research and consulting firm Trail of Bits, told me in an email that this Firebase misconfiguration issue is “a well known weakness” and easy to find. He recently noted on X that Trail of Bits was able to make a tool with Claude to scan for this vulnerability in just 30 minutes.

Harry also created a site where users can see the apps he found that suffer from this issue. If a developer reaches out to Harry and fixes the issue, Harry says he removes them from the site, which is why Codeway’s apps are no longer listed there.

Codeway did not respond to a request for comment.

ChatGPT Encouraged Suicidal Teen Not To Seek Help, Lawsuit Claims

As reported by the New York Times, a new complaint from the parents of a teen who died by suicide outlines the conversations he had with the chatbot in the months leading up to his death.

^{Samantha Cole (404 Media)}

404 Media

2026-01-28 15:10:34

Fascist Kink Roleplay Subreddit Draws the Line: No More ICE Porn

In the wake of the public killings of multiple US citizens, protestors, and legal observers in recent weeks by immigration agents in Minneapolis, January 26, 2025 marked a watershed moment for r/FuckingFascists: they will no longer allow content or roleplay featuring ICE.

The Reddit community r/FuckingFascists is for people with a kink for roleplaying sex with fascists. The subreddit’s description explicitly states that the sub is “about making porn or making fun of authoritarians. REAL FASCISTS, SEXISTS, HOMOPHOBES, TRANSPHOBES AND OTHER BIGOTS ARE NOT WELCOME HERE!,” and “Rule 1: No Fascists”.

On Monday morning, moderator LilyDHM announced a complete ban of Immigration and Customs Enforcement (ICE) content in the sub. “No ICE related content will be allowed in kink posts,” the post reads. “We believe that this is the best option to allow people to still post MAGA content without touching this particular aspect of it, as it directly involves current politics and multiple lost lives.”

The ban comes after several weeks of heightened debate over ICE-related fantasizing on the sub. The discussion apparently came to a head on Sunday when r/FuckingFascists moderator PigSlut182 made a public post in the community, asking “At what point are we complicit?” and suggesting that the sub be completely shut down.

r/FuckingFascists is not the only porn subreddit that has stepped up its political engagement. As reported by The Verge, dick-pic-sharing sub r/MassiveCock came out hard against ICE over the weekend. The sub featured posts like “How hard I get when I think about abolishing ICE” and “ICE can fucking suck it”, accompanied by pictures of huge dicks. Some big-dick-enjoyers seem to have taken offense to the intrusion of politics into their sub, while others have encouraged it, like user BeSG24 who commented on one post: “LickCockNotBoot.” And across Reddit, as reported by Wired, the top posts in many of the most popular non-political subreddits such as r/CrossStich and r/catbongos (as in, playful drumming on cats) are anti-ICE posts.

PigSlut182’s post explained that the amount and intensity of immigration-related and other content in the sub had made it “seemingly clear… that a majority of our users likely are bigots, assholes, authoritarians and bootlickers who are just clever enough to avoid being overt and getting banned.”

Although they acknowledged that their views might not represent the rest of the mod team, PigSlut182 said that they were considering petitioning to kill the sub. “I'm tired of catering to you ingrate, inbred MAGA incel hicks, against my better wishes and judgement,” they said.

The comments and opinions on PigSlut182’s thread were split, with some users saying that the sub was just roleplay, and that people should be trusted to differentiate between porn and reality, and others agreeing that limits should be set. User _Sanctityy said that they believed there were real fascists using the sub. “They're hiding in the faceless up votes of maga posts, the baseless pushes for less safety and critical thinking, and the insecure downvoting and attacking of anti-fascist posts like the pussies they are,” they said. “The posts don't feel the same unless I purposefully shut off the part of my brain that wants to check in with neighbors and prepare my friends…Anything with any mention of trump feels disgusting especially if it's about his recent actions or another term.”

The community took a no-kink “aftercare” period of consultation and reflection, in response to the January 7 death of Renee Good, who was shot by ICE agent Jonathan Ross while in her car. That pause seems to have been an era of introspection which resulted, 10 days ago, in an announcement of stricter moderation going forward, and a rule that users should “stick to general themes, rather than explicit current events when creating content.” At that point, fantasy and discussing the sexual thrill of potential immigration enforcement was still ok, according to the announcement: “Talking about deportation or fear of ICE is acceptable. Talking about anything related to any of the people who have been murdered by ICE, is not.” To deal with that change in restrictions, the sub would be taking applications for more moderators.

A look through older posts in the sub shows users exploring the sexual dynamics of fascism with posts about wanting to be “thrown in the back of a van,” or abusing the power of an immigration agent while “negotiating with the families.” Many posts are called things like “I hope that a maga man and women will finally conquer me.” The users and mods of r/FuckingFascists clearly face what might be an impossible challenge: differentiating between people engaging in fantasy and roleplay, and actual Nazis enjoying the freedom to post sexualized fascist content.

Even the big dick subreddit is mad about ICE

Criticism of federal immigration agencies has made its way to all corners of the internet, including adult subreddits.

^{Mia Sato (The Verge)}