Here's something that hasn't happened to a major American entertainment company in a very long time: a jury looked at the evidence, deliberated for several days, and came back with a verdict that could literally break the company apart.
A Manhattan jury found Live Nation-Ticketmaster liable on three separate counts of antitrust violations — illegally monopolizing live event ticketing, dominating the amphitheater market, and improperly tying its concert promotion business to venue usage. That last one is particularly damning, because it gets at the core of what critics have argued for years: that the company used its stranglehold on venues as a weapon to force artists and promoters into using its ticketing services whether they wanted to or not.
The verdict caps a six-week trial that was, frankly, a legal soap opera. The Biden-era Department of Justice originally filed the lawsuit with breakup as the explicit goal. Then the Trump DOJ settled its portion of the case just one week into proceedings, accepting an agreement that required Live Nation to drop exclusive booking deals at 13 amphitheaters and put a cap on certain Ticketmaster fees. Modest stuff, compared to what the states were after.
Thirty-four of the original 40 state attorneys general decided that wasn't enough and kept going. They won. New York AG Letitia James, who led the coalition, called it a landmark victory, and the acting DOJ antitrust chief — despite his agency having already settled — described the outcome as a fantastic result for American consumers. That's a bit of a stretch given the DOJ left the table early, but the point stands.
The trial featured testimony from a genuinely eclectic cast. Ben Lovett of Mumford and Sons showed up. So did Drake's manager. Former Barclays Center executives testified about venue dynamics. SeatGeek, one of Ticketmaster's few meaningful competitors, had its say. The states' argument boiled down to this: Live Nation's control over outdoor amphitheaters is so complete that any artist wanting to tour major outdoor venues across the US has no realistic alternative to going through Live Nation. The company argued it just offers a better product and competes hard for every deal. The jury wasn't convinced.
Now comes the part that actually determines what changes in practice. Judge Arun Subramanian will oversee a remedies trial to figure out what happens next — and a full structural breakup of Live Nation and Ticketmaster is still on the table, though it's far from guaranteed. The judge could impose less dramatic fixes, and Live Nation will almost certainly appeal whatever comes down. Damages are also still being calculated, with the jury finding the company overcharged consumers by $1.72 per ticket.
For concertgoers who have watched ticket fees balloon into something resembling a second mortgage, this verdict won't immediately change anything. But it is the first time a court has looked at this company's behavior and said, clearly and officially, that something is wrong here. That matters, even if the road to actual reform is still very long.
SECURITY
Security Tool Exposes a Side Door Into Windows 11 Recall Database
Microsoft spent nearly a year rebuilding Windows Recall from the ground up after security researchers tore apart its original design. The company added encryption, required biometric authentication, and turned the feature off by default. By most measures, that overhaul worked. But one of the researchers who exposed the original problems just released a new tool that found a different way in — and it doesn't require admin privileges to use.
Recall, if you haven't been following this saga, is Microsoft's AI-powered feature that continuously screenshots your PC activity so you can search through your own history later. The pitch is genuinely useful — imagine being able to find that article you half-read three weeks ago. The problem, in its first version, was that all those screenshots and the database holding months of your activity were sitting completely unencrypted on your hard drive. Anyone who touched your machine, physically or remotely, could grab everything.
Microsoft's fixes were real. The data is now encrypted, unlockable only through Windows Hello facial or fingerprint authentication. The rebuilt system is, by most accounts, substantially more secure. But security researcher Alexander Hagenah — the same person who built the original "TotalRecall" tool to demonstrate the original flaws — has published a new version called TotalRecall Reloaded, and it exploits a different weak point entirely.
Hagenah is clear that the Recall database itself is well-protected. His words: "The vault is solid." The vulnerability he identified isn't in the vault — it's in how the data travels after authentication. Once a user unlocks Recall with Windows Hello, the system passes that data to a separate process called AIXHost.exe. That process handles the AI processing side of things, and it doesn't carry the same security protections as the main Recall system.
The new tool injects code into AIXHost.exe — something that can be done without any administrator access — and then simply waits. When the user opens Recall and authenticates normally, the tool quietly intercepts the screenshots, text data, and metadata flowing through that process. It can keep running even after the user closes Recall. Hagenah describes it plainly: the tool doesn't break the authentication. It just waits for the user to do it themselves, then rides along.
The practical implications here are significant. An attacker who gets any level of access to a target machine — through malware, a malicious app, or a compromised installer — could plant this tool and let it run silently in the background, collecting Recall data every time the legitimate user opens the feature. No brute force, no privilege escalation required.
Microsoft hasn't publicly responded to the specific findings in TotalRecall Reloaded. The broader lesson, though, is one that keeps coming up in security conversations about AI features built on top of existing operating system architecture: a secure front door doesn't mean much if the data has to travel somewhere less protected to actually do its job. Recall's vault may be solid. The delivery truck still needs work.
Source: Ars Technica
Recall, if you haven't been following this saga, is Microsoft's AI-powered feature that continuously screenshots your PC activity so you can search through your own history later. The pitch is genuinely useful — imagine being able to find that article you half-read three weeks ago. The problem, in its first version, was that all those screenshots and the database holding months of your activity were sitting completely unencrypted on your hard drive. Anyone who touched your machine, physically or remotely, could grab everything.
Microsoft's fixes were real. The data is now encrypted, unlockable only through Windows Hello facial or fingerprint authentication. The rebuilt system is, by most accounts, substantially more secure. But security researcher Alexander Hagenah — the same person who built the original "TotalRecall" tool to demonstrate the original flaws — has published a new version called TotalRecall Reloaded, and it exploits a different weak point entirely.
Hagenah is clear that the Recall database itself is well-protected. His words: "The vault is solid." The vulnerability he identified isn't in the vault — it's in how the data travels after authentication. Once a user unlocks Recall with Windows Hello, the system passes that data to a separate process called AIXHost.exe. That process handles the AI processing side of things, and it doesn't carry the same security protections as the main Recall system.
The new tool injects code into AIXHost.exe — something that can be done without any administrator access — and then simply waits. When the user opens Recall and authenticates normally, the tool quietly intercepts the screenshots, text data, and metadata flowing through that process. It can keep running even after the user closes Recall. Hagenah describes it plainly: the tool doesn't break the authentication. It just waits for the user to do it themselves, then rides along.
The practical implications here are significant. An attacker who gets any level of access to a target machine — through malware, a malicious app, or a compromised installer — could plant this tool and let it run silently in the background, collecting Recall data every time the legitimate user opens the feature. No brute force, no privilege escalation required.
Microsoft hasn't publicly responded to the specific findings in TotalRecall Reloaded. The broader lesson, though, is one that keeps coming up in security conversations about AI features built on top of existing operating system architecture: a secure front door doesn't mean much if the data has to travel somewhere less protected to actually do its job. Recall's vault may be solid. The delivery truck still needs work.
Enjoyed this?
Get stories like this delivered every Tuesday — free.