A LibreOffice developer has shared his experience of having his Microsoft account banned, and how the company has been uncooperative in helping him recover it. Read more...

A second, major security issue with women’s dating safety app Tea has exposed much more user data than the first breach we first reported last week, with an independent security researcher now finding it was possible for hackers to access messages between users discussing abortions, cheating partners, and phone numbers they sent to one another. Despite Tea’s initial statement that “the incident involved a legacy data storage system containing information from over two years ago,” the second issue impacting a separate database is much more recent, affecting messages up until last week, according to the researcher’s findings that 404 Media verified. The researcher said they also found the ability to send a push notification to all of Tea’s users.

It’s hard to overstate how sensitive this data is and how it could put Tea’s users at risk if it fell into the wrong hands. When signing up, Tea encourages users to choose an anonymous screenname, but it was trivial for 404 Media to find the real world identities of some users given the nature of their messages, which Tea has led them to believe were private. Users could be easily found via their social media handles, phone numbers, and real names that they shared in these chats. These conversations also frequently make damning accusations against people who are also named in the private messages and in some cases are easy to identify. 

It is unclear who else may have discovered the security issue and downloaded any data from the more recent database. Members of 4chan found the first exposed database last week and made tens of thousands of images of Tea users available for download. Tea told 404 Media it has contacted law enforcement.

Kasra Rahjerdi, the researcher who flagged the issue to 404 Media, sent a database of more than 1.1 million messages they said stretched from early 2023 to last week. Some of the private messages viewed by 404 Media include: 

• One user tells another they just discovered their husband on the app being discussed. “I am his wife,” many of the messages say.
• Another appears to show a woman contacting others about a man she is engaged to. 
• Multiple messages which appear to show women discussing their abortions.
• Chat logs between women discovering they are dating the same man, exchanging information such as what car he drives for verification.

To verify the data, 404 Media took usernames from the dump of messages and tried to create accounts on Tea with them. This was not possible because the usernames were already in use, indicating that the messages do belong to real Tea users.

Tea, which claims to have more than 1.6 million users, reached the top of the App Store charts last week and has tens of thousands of reviews there. The app aims to provide a space for women to exchange information about men in order to stay safe, and verifies that new users are women by asking them to upload a selfie. The now multiple breaches have obviously put the safety and privacy of those women at risk.

This new data exposure is due to any Tea user being able to use their own API key to access a more recent database of user data, Rahjerdi said. The researcher says that this issue existed until late last week.

That exposure included a mass of Tea users’ private messages. In some cases, the women exchange phone numbers so they can continue the conversation off platform.

The first breach was due to an exposed instance of app development platform Firebase, and impacted tens of thousands of selfie and driver license images. At the time, Tea said in a statement “there is no evidence to suggest that current or additional user data was affected.” The second database includes a data field called “sent_at,” with many of those messages being marked as recent as last week. 

The Tea breach has taken on a life of its own since it was shared on 4chan. In addition to archiving the selfie and driver license photos and making them available for download, people have been using the data to ridicule images of users included in the breach. Tea asks users to verify they are women by uploading a selfie, and those images, including images of their real IDs, have been turned into a “Facemash” type site where users are presented with two Tea selfies and asked to pick which is more attractive. The site includes a public ranking of the “top” and “bottom” 50. Some of those photos have been “ranked” tens of thousands of times, according to figures on the website itself.

Regarding this latest breach, a Tea spokesperson told 404 Media in an email “We are continuing to work expeditiously to contain the incident and have launched a full investigation with assistance from external cybersecurity firms. We have also reached out to law enforcement and are assisting in their investigation. Since our investigation is in its early stages, we do not have more information we can share at this time.”

Jason Koebler contributed reporting.

Porn sites may have blown up Meta's key defense in a copyright fight with book authors who earlier this year said that Meta torrented "at least 81.7 terabytes of data across multiple shadow libraries" to train its AI models.

Meta has defeated most of the authors' claims and claimed there is no proof that Meta ever uploaded pirated data through seeding or leeching on the BitTorrent network used to download training data. But authors still have a chance to prove that Meta may have profited off its massive piracy, and a new lawsuit filed by adult sites last week appears to contain evidence that could help authors win their fight, TorrentFreak reported.

The new lawsuit was filed last Friday in a US district court in California by Strike 3 Holdings—which says it attracts "over 25 million monthly visitors" to sites that serve as "ethical sources" for adult videos that "are famous for redefining adult content with Hollywood style and quality."

After authors revealed Meta's torrenting, Strike 3 Holdings checked its proprietary BitTorrent-tracking tools designed to detect infringement of its videos and alleged that the company found evidence that Meta has been torrenting and seeding its copyrighted content for years—since at least 2018. Some of the IP addresses were clearly registered to Meta, while others appeared to be "hidden," and at least one was linked to a Meta employee, the filing said.

Meta’s AI training tactics may have harmed minors

According to Strike 3 Holdings, Meta "willfully and intentionally" infringed "at least 2,396 movies" as part of a strategy to download terabytes of data as fast as possible by seeding popular high-quality porn. Supposedly, Meta continued seeding the content "sometimes for days, weeks, or even months" after downloading them, and these movies may also have been secretly used to train Meta's AI models, Strike 3 Holdings alleged.

The porn site operator explained to the court that BitTorrent's protocol establishes a "tit-for-tat" mechanism that "rewards users who distribute the most desired content." It alleged that Meta took advantage of this system by "often" pirating adult videos that are "often within the most infringed files on BitTorrent websites" on "the very same day the motion pictures are released."

These tactics allegedly gave Meta several advantages, making it harder for Strike 3 Holdings' sites to compete, including potentially distributing the videos to minors for free without age checks in states that now require them.

"Meta specifically targeted Plaintiffs’ content for distribution in order to accelerate its downloads of vast amounts of other content," the lawsuit said. And while Meta claimed that it "wrote a script to intentionally limit distributing popular books on BitTorrent," Strike 3 Holdings believes "discovery will likely show" Meta "continuously" distributed its adult videos specifically as a strategy to get around the BitTorrent protocol.

So far, Strike 3 Holdings says it has documented at least five episodes in which Meta "hand-picked" adult videos from a specific site for "intense periods of distribution" to avoid seeding other content it was sourcing through BitTorrent.

"The only reason to incur the server and bandwidth expense of remaining in a swarm for these long durations is to leverage the extended distribution as tit-for-tat currency in order to efficiently download millions of other files from BitTorrent," Strike 3 Holdings alleged.

Strike 3 Holdings is seeking extensive damages and an injunction to permanently stop Meta from pirating its videos.

The company also wants Meta to delete any stolen videos from its AI training data and existing AI models. The company alleged that Meta could use its high-quality copyrighted works—which provide rare long cuts of "natural, human-centric imagery" showing "parts of the body not found in regular videos" and "unique" forms "of human interactions and facial expressions"—to create a rival adult video generator that could "eventually create identical content for little to no cost."

"Plaintiffs cannot compete against Meta when it ignores federal and state laws and offers Plaintiffs’ works for free," Strike 3 Holdings alleged. "This will effectively eliminate Plaintiffs’ future ability to compete in the marketplace" as well as its brands' "hard-earned reputations as respected and ethical sources for high-quality adult motion pictures by potentially allowing minors unfettered access to Plaintiffs’ content against Plaintiffs’ consent."

Ars could not immediately reach Meta, Strike 3 Holdings' in-house lawyer, or book authors' lawyers for comment.

Evidence may prove Meta seeded more content

Seeking evidence to back its own copyright infringement claims, Strike 3 Holdings searched "its archive of recorded infringement captured by its VXN Scan and Cross Reference tools" and found 47 "IP addresses identified as owned by Facebook infringing its copyright protected Works."

The data allegedly demonstrates a "continued unauthorized distribution" over "several years." And Meta allegedly did not stop its seeding after Strike 3 Holdings confronted the tech giant with this evidence—despite the IP data supposedly being verified through an industry-leading provider called Maxmind.

Strike 3 Holdings shared a screenshot of MaxMind's findings. Credit: via Strike 3 Holdings' complaint

Meta also allegedly attempted to "conceal its BitTorrent activities" through "six Virtual Private Clouds" that formed a "stealth network" of "hidden IP addresses," the lawsuit alleged, which seemingly implicated a "major third-party data center provider" as a partner in Meta's piracy.

An analysis of these IP addresses allegedly found "data patterns that matched infringement patterns seen on Meta’s corporate IP Addresses" and included "evidence of other activity on the BitTorrent network including ebooks, movies, television shows, music, and software." The seemingly non-human patterns documented on both sets of IP addresses suggest the data was for AI training and not for personal use, Strike 3 Holdings alleged.

Perhaps most shockingly, considering that a Meta employee joked "torrenting from a corporate laptop doesn’t feel right," Strike 3 Holdings further alleged that it found "at least one residential IP address of a Meta employee" infringing its copyrighted works. That suggests Meta may have directed an employee to torrent pirated data outside the office to obscure the data trail.

The adult site operator did not identify the employee or the major data center discussed in its complaint, noting in a subsequent filing that it recognized the risks to Meta's business and its employees' privacy of sharing sensitive information.

In total, the company alleged that evidence shows "well over 100,000 unauthorized distribution transactions" linked to Meta's corporate IPs. Strike 3 Holdings is hoping the evidence will lead a jury to find Meta liable for direct copyright infringement or charge Meta with secondary and vicarious copyright infringement if the jury finds that Meta successfully distanced itself by using the third-party data center or an employee's home IP address.

"Meta has the right and ability to supervise and/or control its own corporate IP addresses, as well as the IP addresses hosted in off-infra data centers, and the acts of its employees and agents infringing Plaintiffs’ Works through their residential IPs by using Meta’s AI script to obtain content through BitTorrent," the complaint said.

Read full article

Comments

The National Air and Space Museum welcomed the public into five more of its renovated galleries on Monday, including two showcasing spaceflight artifacts. The new exhibitions shine modern light on returning displays and restore the museum's almost 50-year-old legacy of adding objects that made history but have yet to become historical.

Visitors can again enter through the "Boeing Milestones of Flight Hall," which has been closed for the past three years and has on display some of the museum's most iconic items, including John Glenn's Friendship 7 Mercury capsule and an Apollo lunar module.

From there, visitors can tour through the adjacent "Futures in Space," a new gallery focused on the different approaches and technology that spaceflight will take in the years to come. Here, the Smithsonian is displaying for the first time objects that were recently donated by commercial spaceflight companies, including items used in space tourism and in growing the low-Earth orbit economy.

The artifacts are iconic, but the newly reopened Boeing Milestones of Flight Hall at the National Air and Space Museum is all new. Credit: Smithsonian National Air and Space Museum

"We are thrilled to open this next phase of exhibitions to the public," said Chris Browne, the John and Adrienne Mars Director of the National Air and Space Museum, in a statement. "Reopening our main hall with so many iconic aerospace artifacts, as well as completely new exhibitions, will give visitors much more to see and enjoy."

The other three galleries newly open to the public are devoted to aviation history, including the "Barron Hilton Pioneers of Flight," "World War I: The Birth of Military Aviation," and the "Allan and Shelley Holt Innovations Gallery."

What’s new is not yet old

Among the artifacts debuting in "Futures in Space" are a Merlin engine and grid fin that flew on a SpaceX Falcon 9 rocket, Sian Proctor's pressure suit that she wore on the private Inspiration4 mission in 2021, and a mockup of a New Shepard crew module that Blue Origin has pledged to replace with its first flown capsule when it is retired from flying.

"When the museum first opened back in 1976 and people came here and saw things like the Apollo command module and Neil Armstrong's spacesuit, or really anything related to human spaceflight, at that point it was all still very recent," said Matt Shindell, one of the curators behind "Futures in Space," in an interview with collectSPACE.com. "So when you would come into the museum, it wasn't so much a history of space but what's happening now and what could happen next. We wanted to have a gallery that would recapture that feeling."

Instead of being themed around a single program or period in history, the new gallery invites visitors to consider a series of questions, including: Who decides who goes to space? Why do we go? And what will we do when we get there?

Curatores designed "Futures in Space" around a list of questions, including "Why go to space?" On display is a pressure suit worn by Sian Proctor on the Inspiration4 mission and a 1978 NASA astronaut "TFNG" T-shirt. Credit: Smithsonian National Air and Space Museum

"We really wanted the gallery to be one that engaged visitors in these questions and that centered the experience around what they thought should be happening in the future and what that would mean for them," said Shindell. "We also have visions of the future presented throughout the gallery, including from popular culture—television shows, movies and comic books—that have explored what the future might look like and what it would mean for the people living through it."

That is why the gallery also includes R2-D2, or rather a reproduction of the "Star Wars" droid as built by Adam Savage of Tested. In George Lucas' vision of the future ("a long, long time ago"), Astromech droids serve as spacecraft navigators, mechanics, and companion aides.

Beyond the artifacts and exhibits (which also include an immersive 3D-printed Mars habitat and Yuri Gagarin's training pressure suit), there is a stage and seating area at the center of "Futures."

"I think of it as a TED Talk-style stage," said Shindell. "We're hoping to bring in people from industry, stakeholders, people who have flown, people who are getting ready to fly, and people who have ideas about what should be happening to come and talk to visitors from that stage about the same questions that we're asking in the gallery."

Modernized “Milestones”

The artifacts presented in the "Boeing Milestones of Flight" are mostly the same as they were before the hall was closed in 2022. The hall underwent a renovation in 2014 ahead of the museum's 40th anniversary, so its displays did not need another redesign.

Still, the gallery looks new due to the work done surrounding the objects.

"What is new for the 'Boeing Milestones of Flight Hall' is, at some level, most noticeably the floor and media elements," said Margaret Weitekamp, curator and division chair at the National Air and Space Museum, in an interview.

"We have a wonderful 123-foot (37-meter) media band that goes across the front of the mezzanine, and we have 20 different slide shows that work as a digest of what you'll find in the new galleries throughout the building," said Weitekamp. "So as people come into the Boeing Milestones of Flight Hall, they'll be greeted by that and get a taste of what they're going to see inside."

And then there is the new flooring. In the past, the hall had been lined in maroon or dark gray carpet. It is now a much lighter color terrazzo.

"It really brightens up the room," Weitekamp told collectsPACE.

"Also, you'll notice that as you are going up and down the hallways, there are medallions embedded in the floor that display quotes from significant aviation and spaceflight figures. So we've been able to put some quotes from Carl Sagan, Sally Ride, and Chuck Yeager into the floor," she said.

The pattern on the floor of the Boeing Milesones of Flight Hall is the pulsar-based map to Earth's solar system that was mounted to the Pioneer and Voyager probes, now updated for 2026. Credit: Smithsonian National Air and Space Museum

Visitors should also pay attention to what look like lines of dashes converging at the hall's center. The design is an update to a NASA graphic.

"We have a revised version of the pulsar map from Pioneer 10 and 11 and the Voyager interstellar record," said Weitekamp, referring to the representation of the location of Earth for any extraterrestrial species that might discover the probes in the future. "The map located Earth's solar system with relationship to 14 pulsars."

When the Pioneer and Voyager spacecraft were launched, astronomers didn't know that pulsars (or rotating neutron stars) slow down over time.

"So we worked with a colleague of ours to make it a map to our solar system as would be accurate for 2026, which will mark the 50th anniversary of the museum's building and the 250th birthday of the nation," Weitekamp said.

Thirteen open, eight to go

Monday's opening followed an earlier debut of eight reimagined galleries in 2022. Also open is the renovated Lockheed Martin IMAX Theater, which joins the planetarium, the museum store, and the Mars Café that were reopened earlier.

The redesigned north entrance to the Smithsonian National Air and Space Museum opened to the public on Monday, July 28, 2025. Credit: Smithsonian National Air and Space Museum

"We are nearing the end of this multi-year renovation project," said Browne. "We look forward to welcoming many more people into these modernized and inspiring new spaces,"

Eight more exhibitions are scheduled to open next year in time for the 50th anniversary of the National Air and Space Museum. Among those galleries are three that are focused on space: "At Home in Space," "National Science Foundation Discovering Our Universe," and "RTX Living in the Space Age Hall."

Admission to the National Air and Space Museum and the new galleries is free, but timed-entry passes, available from the Smithsonian's website, are required.

Read full article

Comments

I just got back from Salt Lake, where I took my kids to Wheeler Farm in Murray, Utah. Originally homesteaded in the late 1800’s, the 75-acre property was preserved and turned over to Salt Lake County in the 1970’s.

It was jarring, in the best way, to see a public space so well-run. Admission is free. Kids walk right up to cows, goats, sheep, and chickens. They climb on old tractors, go on wagon rides, race through open fields.

After a busy morning, we bought $2 Uncrustables and $1.50 popsicles from the gift shop and sat for lunch. At one point, my 3-year-old wandered over to a chicken coop that had been converted into a playhouse. He was inside when a mom rushed over—her son was bleeding. He’d been nicked by a loose plank that had come down in the coop.

The mostly college-aged staff ushered the kids out and surveyed the damage. Coming from Los Angeles, I expected some level of generalized freaking out: yellow tape, an incident report, something. Instead, what happened was even stranger: one of the employees wandered out to find a nail gun and returned to fix the problem plank on the spot.

Sometimes, you can just do things.

A week later, back in LA., I took my kids to the city-owned L.A. Zoo. The contrast was immediate and depressing.

The zoo, to put it gently, is a boulevard of broken dreams. Admission for a family of four costs $98. Exhibits that are supposed to be open are inexplicably closed. Every fifty feet there’s another kiosk that’s boarded up, another sign for something that’s been “coming soon” for years.

The petting goats have been off-limits since COVID. “Our flock of goats and sheep have interacted with more than 2 million guests in their twelve years at Muriel’s Ranch,” a long-winded sign informs you, in both English and Spanish. “To ensure their comfort as they enter their golden years, we have made the decision to change the experience at the Ranch to viewing only” (translation: “we no longer feel like it”).

A few confused tourists wandered outside the elephant enclosure, wondering where the animals had gone (back in May, following protests by a small but determined group of activists, Mayor Karen Bass and the City Council deported the elephants to Tulsa). It would have taken a single employee less than an hour to update the signage, but why bother when no one’s in charge?

And there’s no one in charge.

The Zoo is managed by GLAZA, a nonprofit, which has subcontracted concessions to SSA Group. The city gets a percentage of concession revenue, GLAZA gets a management fee for overseeing the contract, and SSA gets to charge visitors $16 for a burger.

At least there are adequate vegan options. Back in 2020, the City Council commissioned a detailed report to ensure the zoo’s concession stands catered to those with plant-based diets. A functional management structure, however, was beyond the scope of that or any other report—the city and GLAZA are currently suing each other while two different out-of-state conglomerates handle day-to-day operations.

After spending $75 on a couple of hot dogs and hamburgers, I was pretty sure someone was benefiting from the Los Angeles Zoo. It’s just not the zoo, or the animals, or the citizens of Los Angeles.

According to Reddit, this is how you fix a broken playground slide in Los Angeles:

Go to Valley Region Headquarters, which is to the Northeast from this picture. Ask to speak with the Valley Region District Manager/Superintendent. They will speak with the General Rec & Parks Superintendent. As one redditor mentioned, Rec&Parks (RAP) is severely underfunded as they are a non-proprietary department within the City, so money is always an issue. Get your councilmember in the conversation and voice this out with both of them.

You’ll have to insist to meet with the councilman, but try and do a bait and switch to get in the meeting. Start off sweet and polite (say whatever you want, you’re a big fan, you want to get involved, whatever) to get in the door then hit them with all the shit you want fixed.

Of course, no one would accuse L.A., ancestral home of the wholly-useless La Sombrita, of good governance. This is a city that spends $28 million to renovate a pool house but can’t keep public pools open during the hottest months of the year, where the biggest budget decision is figuring out which of hundreds of nonprofit organizations dedicated to the homeless will be the biggest beneficiaries of the city’s largesse.

But L.A.’s dysfunction reveals something deeper about how we’ve come to think about government. The way we talk about public goods is fake: it’s a debate between Republicans, who believe nearly everything should be privatized, and Democrats, who also believe nearly everything should be privatized—except routed through nonprofits, quasi-public agencies, and for-profit subsidiaries of nonprofits. A city that once boldly built a 230-mile-long aqueduct to steal a river now asks itself: should zoo concessions go to SSA or Aramark?

But L.A. isn’t alone. Even nominally “public” solutions get laundered through the nonprofit/industrial complex—because nobody, not even socialists, want to actually run things. Zohran Mamdani’s much-derided proposal for city-owned grocery stores in New York City in all likelihood wouldn’t involve the city owning grocery stores. His single-paragraph “plan” links to a New York Times article summarizing similar efforts: In Chicago, Mayor Brandon Johnson paid a nonprofit which in turn paid a consultancy to study the feasibility of city-run groceries, only to conclude absolutely nothing at all. A failing Kansas City store is operated by a for-profit subsidiary of a nonprofit that relies on constant cash infusions from the city government.

Even at their best, Blue cities only achieve competence by admitting they can’t govern. The most effective public-private partnerships—Bryant Park, the High Line, LACMA, the Hollywood Bowl—effectively cede control of the public good to private organizations.

So what’s different about places that still work? Why can Salt Lake County run a gem of a community farm? Why does Boise have a well-regarded county-run tubing operation when L.A. can’t even subcontract out a zoo?

Partly it’s the unions, it’s the Groups, it’s our degraded political culture, in some cases the sheer size of these states or metros—all the standard Abundance stuff. But I’d push back against Ezra Klein and Derek Thompson. The belief that good governance can be engineered—that there’s a correct way to govern, some set of magical processes that, if followed, will achieve optimal results—is what led cities to outsource core functions to consultants and nonprofits in the first place. And replacing one bloated public-private technocracy with a slightly more efficient public-private technocracy doesn’t solve this fundamental problem.

The red tape isn’t the cause; it’s the excuse.

What’s missing is the basic expectation that public employees are directly responsible for solving public problems, and the role we as citizens play in creating a culture that makes good governance possible. Wheeler Farm works because the community expects it to work. And until Blue State governance takes joy in providing things for its citizens—until every opportunity to demonstrate competence isn’t understood primarily as something to be triaged, or outsourced—regulatory reform will be just another band-aid.

Sometimes, you just need someone with a nail gun.

Jacob Savage writes from Los Angeles.

Follow Persuasion on Twitter, LinkedIn, and YouTube to keep up with our latest articles, podcasts, and events, as well as updates from excellent writers across our network.

And, to receive pieces like this in your inbox and support our work, subscribe below:

Subscribe now