Slashdot

The Wall Street Journal: To keep customers happy, which Mr. Bezos has long said is Amazon's fixation and growth strategy, executives behind the scenes have methodically waged targeted campaigns against rivals and partners alike -- an approach that has changed little through the years, from diapers to footwear. No competitor is too small to draw Amazon's sights. It cloned a line of camera tripods that a small outside company sold on Amazon's site, hurting the vendor's sales so badly it is now a fraction of its original size, the little firm's owner said. Amazon said it didn't violate the company's intellectual-property rights. When Amazon decided to compete with furniture retailer Wayfair, Mr. Bezos's deputies created what they called the Wayfair Parity Team, which studied how Wayfair procured, sold and delivered bulky furniture, eventually replicating a majority of its offerings, said people who worked on the team. Amazon and Wayfair declined to comment on the matter. Amazon set its sights on Allbirds, the maker of popular shoes using natural and recycled materials, and last year launched a shoe called Galen that looks nearly identical to Allbirds' bestseller -- without the environmentally friendly materials and selling for less than half the price. "You can't help but look at a trillion-dollar company putting their muscle and their pockets and their machinations of their algorithms and reviewers and private-label machine all behind something that you've put your career against," said Allbirds Co-CEO Joey Zwillinger. "You have this giant machine creating all these headwinds for us." This year, Amazon has zeroed in on Shopify, a fast-growing Canadian company that helps small merchants create online shops. Amazon has established a secret team, "Project Santos," to replicate parts of Shopify's business model, said people familiar with the project. Amazon executives often initiated efforts like these on their own, though in some cases examined by The Wall Street Journal, Mr. Bezos himself was involved, according to former Amazon executives and internal emails. From its start as an online bookstore 26 years ago, Amazon has expanded into an online retailer with a presence in nearly every major category. It is also the leading provider of cloud-computing services, a gadget maker, a major entertainment player and a rival to United Parcel Service and FedEx. Mr. Bezos is the world's richest man, with a net worth Forbes estimates at $187 billion. He still exhorts employees to consider Amazon a startup. "It is always day one," he likes to say. Day two is "stasis, followed by irrelevance, followed by excruciating, painful decline, followed by death." Mr. Bezos originally considered calling his company Relentless, and www.relentless.com still redirects to Amazon's site.Read more of this story at Slashdot.

Gov. Andrew M. Cuomo signed a bill Tuesday suspending the use of facial recognition and other kinds of biometric technology in schools in New York, also directing a study of whether its use is appropriate in schools. The legislation places a moratorium on schools purchasing and using biometric identifying technology until at least July 1, 2022 or until the report is completed and the state Education Department commissioner authorizes its use. The rule applies to both public and private schools in New York. In a statement, ACLU said. "This is a victory for student privacy and students of color, who are disproportionately harmed by this flawed and biased technology. New York has led the way, and now other states should follow."Read more of this story at Slashdot.

Law enforcement agencies from the US, Germany, France, Switzerland, and the Netherlands have seized this week the web domains and server infrastructure of three VPN services that provided a safe haven for cybercriminals to attack their victims. From a report: The three services were active at insorg.org, safe-inet.com, and safe-inet.net before the domains were seized and replaced with law enforcement banners on Monday. The services have been active for more than a decade, are believed to be operated by the same individual/group, and have been heavily advertised on both Russian and English-speaking underground cybercrime forums, where they were sold for prices ranging from $1.3/day to $190/year. According to the US Department of Justice and Europol, the three companies' servers were often used to mask the real identities of ransomware gangs, web skimmer (Magecart) groups, online phishers, and hackers involved in account takeovers, allowing them to operate from behind a proxy network up to five layers deep.Read more of this story at Slashdot.

Digital rights group Fight for the Future has unveiled an open letter signed by 2,000 parents calling on McGraw-Hill Publishing to end its relationship with Proctorio, one of many proctoring apps that offers services that digital rights groups have called "indistinguishable from spyware." From a report: As the pandemic has pushed schooling into virtual classrooms, a host of software vendors have stepped up to offer their latest surveillance tools. Some, like Proctorio, offer technologies that claim to fight cheating by tracking head and eye movements, without any evidence that their algorithms do anything but make students anxious (and thus perform worse). Others rely on facial recognition technology, which is itself rife with racial bias, and have regularly failed to verify the identities of students of color at various points while taking state bar exams, forcing the test to end. Proctorio is one of a few companies that has come under scrutiny from privacy groups not only for invasive surveillance, but exhaustive data extraction that collects sensitive student data including biometrics. The company is perhaps unique in its attempts to silence critics of its surveillance programs. Proctorio has deployed lawsuits to silence critics, forcing one University of British Columbia learning technology specialist to exhaust his personal and emergency savings due to a lawsuit meant to silence his online criticisms of the company. Proctorio has also targeted students and abused Twitter's DMCA takedown process to further suppress valid criticisms of its proctoring software. Further reading: Proctoring Software Company Used DMCA To Take Down a Student's Critical Tweets; and Cheating-Detection Software Provokes 'School-Surveillance Revolt'.Read more of this story at Slashdot.

Small advertisers that rely on Facebook to spread marketing messages are up in arms over the social network's automated ad systems, complaining that inflexible account blocking tools and a lack of customer assistance are hurting business. From a report: One digital marketer, Chris Raines, was setting up an advertising campaign on Facebook last week when his account abruptly stopped working. Raines uses his account to manage ads for clients' Facebook Pages. Without it, he couldn't do his job. The lockout was a nuisance, but then Raines noticed something more concerning: A $3,000-per-day ad campaign that he'd set up for a client before his account was locked continued to run even though he could no longer manage it. Raines was spending his client's money without any way to control how. Raines tried to confirm his identity using Facebook's automated systems, but received an error message. Eventually, he called the advertiser and asked if they would make his wife an administrator to the company-owned Facebook Page. Using her account, he was finally able to log in and manage the Facebook ads, which includes adjusting details like who sees the ad and how much to spend. "The actual injury, especially for advertisers and marketers, is immense," said Raines, who runs a digital media company called Bullhorn Media. "Had I not had that workaround, my business would have went away."Read more of this story at Slashdot.

Seventy-three suspected cheaters, one critical mistake. Dozens of cadets at the U.S. Military Academy at West Point were caught cheating on a calculus final exam in May after they all made the same errors on the test, according to officials. From a report: Instructors at the Army's premier training ground for officers revealed the academic scandal on Monday, saying it's the worst they've seen since the 1970s. So far, 59 cadets out of a suspected 73 have admitted to taking part in the scam in which the students "shared answers and made the same mistakes," Lt. Col. Chris Ophardt, a West Point spokesman told NPR. The test was administered remotely due to the coronavirus pandemic. Four cadets have resigned and another eight, who say they're innocent of any wrongdoing, will face a full hearing led by seniors at the academy. The cases against two others initially implicated in the scheme have been dismissed for lack of evidence..Read more of this story at Slashdot.

A group made up of 19 security firms, tech companies, and non-profits, headlined by big names such as Microsoft and McAfee, have announced on Monday plans to form a new coalition to deal with the rising threat of ransomware. From a report: Named the Ransomware Task Force (RTF), the new group will focus on assessing existing technical solutions that provide protections during a ransomware attack. The RTF will commission expert papers on the topic, engage stakeholders across industries, identify gaps in current solutions, and then work on a common roadmap to have issues addressed among all members. The end result should be a standardized framework for dealing with ransomware attacks across verticals, one based on an industry consensus rather than individual advice received from lone contractors.Read more of this story at Slashdot.

Tech giants, including Microsoft and Google, have joined Facebook's legal battle against hacking company NSO, filing an amicus brief in federal court that warned the Israeli firm's tools were "powerful, and dangerous." From a report: The brief, filed before the U.S. Court of Appeals for the Ninth Circuit, opens up a new front in Facebook's lawsuit against NSO, which it filed last year after it was revealed that the cyber surveillance firm had exploited a bug in Facebook-owned instant messaging program WhatsApp to help surveil more than 1,400 people worldwide. NSO has argued that because it sells digital break-in tools to police and spy agencies, it should benefit from "sovereign immunity" -- a legal doctrine that generally insulates foreign governments from lawsuits. NSO lost that argument in the Northern District of California in July and has since appealed to the Ninth Circuit to have the ruling overturned. Microsoft, Alphabet-owned Google, Cisco, Dell Technologies-owned VMWare, and the Washington-based Internet Association joined forces with Facebook to argue against that, saying that awarding sovereign immunity to NSO would lead to a proliferation of hacking technology and "more foreign governments with powerful and dangerous cyber surveillance tools."Read more of this story at Slashdot.

Facebook and Google agreed to "cooperate and assist one another" if they ever faced an investigation into their pact to work together in online advertising, according to an unredacted version of a lawsuit filed by 10 states against Google last week. From a report: The suit, as filed, cites internal company documents that were heavily redacted. The Wall Street Journal reviewed part of a recent draft version of the suit without redactions, which elaborated on findings and allegations in the court documents. Ten Republican attorneys general, led by Texas, are alleging that the two companies cut a deal in September 2018 in which Facebook agreed not to compete with Google's online advertising tools in return for special treatment when it used them. Google used language from "Star Wars" as a code name for the deal, according to the lawsuit, which redacted the actual name. The draft version of the suit says it was known as "Jedi Blue." The lawsuit itself said Google and Facebook were aware that their agreement could trigger antitrust investigations and discussed how to deal with them, in a passage that is followed by significant redactions. The draft version spells out some of the contract's provisions, which state that the companies will "cooperate and assist each other in responding to any Antitrust Action" and "promptly and fully inform the Other Party of any Governmental Communication Related to the Agreement." In the companies' contract, "the word [REDACTED] is mentioned no fewer than 20 times," the lawsuit says. The unredacted draft fills in the word: Antitrust.Read more of this story at Slashdot.

An anonymous reader quotes a report from NBC News: Several European countries have banned flights from the U.K. over fears about a new coronavirus variant that has forced millions of people in Britain to cancel their Christmas plans. Germany, the Netherlands, Belgium, Austria and Italy all announced restrictions on U.K. travel. Others will likely follow suit as scientists warned that the new strain spreads more quickly than its predecessor. [...] U.K. health officials first identified the new variant, which British scientists have called "VUI -- 202012/01," in mid-September, Maria Van Kerkhove, the Covid-19 technical lead for the World Health Organization, told the BBC on Sunday. Chris Whitty, the chief medical officer for England, warned in a statement Saturday that it the virus considered to be spreading more quickly. But he said there was no evidence so far to suggest that the new strain is more potent in terms of severe illness or death. "Our working assumption from all the scientists is that the vaccine response should be adequate for this virus," Patrick Vallance, the U.K. government's chief scientific adviser, said at a news briefing Saturday. But Ravindra Gupta, a professor of clinical microbiology at the University of Cambridge, said he was concerned that the virus is on a pathway to become resistant to vaccines. "Whilst it may not be actually resistant, it may not take so many changes after this for it to get there," he said. However, Clarke said that different versions of flu vaccines are required every year and that he did not see why it could not be the same for the coronavirus. The report notes that the new variant "has so far been identified in Denmark, the Netherlands and Australia," adding that more sequencing that can be done will be helpful to determine if this variant is circulating elsewhere. Gupta said the new strain should be cause for concern in the U.S. and other countries. Warning that the virus could mutate again, he said, "people need to step up their surveillance."Read more of this story at Slashdot.

A team of astronomers has discovered evidence in over 150 galaxies for a long-standing alternative model of "modified gravity." New Atlas reports: [R]esearchers on the new study say they've observed the [external field effect] (EFE) in action in 153 different galaxies. The team was studying the rotation curve of the galaxies, which plots the orbital speed of stars and gas against their distance from the center of the galaxy. The researchers discovered that galaxies in strong external fields slowed down much more frequently than galaxies in weaker external fields did. That's a prediction made only by [Modified Newtonian dynamics] MOND, and the discovery surprised even the astronomers themselves. "The external field effect on rotation curves is expected to be very tiny," says Federico Lelli, co-author of the study. "We spent months checking various systematics. In the end, it became clear we had a real, solid detection." It's an intriguing result, and it may lend some weight to the MOND hypothesis for further study. But it's important to keep in mind that so far the bulk of the evidence still points towards dark matter, and it'll take much more work to topple that hypothesis entirely. The research was published in the Astrophysical Journal.Read more of this story at Slashdot.

Jupiter and Saturn will appear as a double planet in the night sky Monday evening thanks to a rare planetary alignment known as a "great conjunction." Axios explains how to see it: In order to see the two planets, step outside under clear skies not long after sundown and look to the southwest. Jupiter will look brighter than Saturn and will appear just above the ringed planet. If you hold out your hand to the sky, the tip of your pinky will be able to cover both planets at once, according to NASA. The two planets will be bright enough to see from most cities. For those interested, NASA has a dedicated article on how to photograph the conjunction.Read more of this story at Slashdot.

An anonymous reader quotes a report from ZDNet: Firefox 85, scheduled to be released next month, in January 2021, will ship with a feature named Network Partitioning as a new form of anti-tracking protection. The feature is based on "Client-Side Storage Partitioning," a new standard currently being developed by the World Wide Web Consortium's Privacy Community Group. "Network Partitioning is highly technical, but to simplify it somewhat; your browser has many ways it can save data from websites, not just via cookies," privacy researcher Zach Edwards told ZDNet in an interview this week. "These other storage mechanisms include the HTTP cache, image cache, favicon cache, font cache, CORS-preflight cache, and a variety of other caches and storage mechanisms that can be used to track people across websites." Edwards says all these data storage systems are shared among websites. The difference is that Network Partitioning will allow Firefox to save resources like the cache, favicons, CSS files, images, and more, on a per-website basis, rather than together, in the same pool. This makes it harder for websites and third-parties like ad and web analytics companies to track users since they can't probe for the presence of other sites' data in this shared pool. The Mozilla team expects [...] performance issues for sites loaded in Firefox, but it's willing to take the hit just to improve the privacy of its users.Read more of this story at Slashdot.

Former Department of Health data manager Rebekah Jones has filed a lawsuit (PDF) against the Florida Department of Law Enforcement, saying the Dec. 7 morning raid on her house was a "sham" to retaliate against her for not altering COVID-19 data. Tallahassee.com reports: Jones was fired in May for failing to change COVID-19 data, and soon launched her own online data dashboard. Gov. Ron DeSantis said her firing was because she disobeyed superiors; she said it was because she wouldn't alter data to cast Florida in a more favorable light to justify the governor's plans to reopen the state's economy. In the lawsuit filed Sunday night against FDLE Commissioner Rick Swearingen, the department and several agents in Leon County Circuit Civil Court, Jones claims her constitutional rights were violated, including against unlawful search and seizure. She is seeking in excess of $100,000, according to the lawsuit's cover sheet. She also claims she was unnecessarily roughed up. "We are trying to achieve some kind of redress," said Rick Johnson, the lead attorney in both the civil suit and a separate whistleblower case. "This is still America. This is the kind of thing that happens in tinhorn dictatorships in third world countries." Swearingen has defended the actions of the agents he said were "vilified" by the media. He blamed Jones for any risk of danger to herself or her family. He reiterated those comments in a statement released later Monday. "As I have said before, I am proud of the professionalism shown by our FDLE agents as they served a legal search warrant on the residence of Rebekah Jones. Our criminal investigation continues, and while I have not seen this lawsuit, I believe the facts will come out in court," Swearingen said.Read more of this story at Slashdot.

Yesterday, Elon Musk told Twitter followers that Tesla's Full Self-Driving subscription rollout will arrive "early next year." Engadget reports: In theory, you could add the autonomous (currently semi-autonomous) features without a steep up-front cost in a matter of months. You might not want to plan your schedule around that timetable. Tesla previously hoped to offer a Full Self-Driving subscription by the end of 2020, and that's clearly not happening. Whenever the monthly plan arrives, it could be key to boosting adoption. If you lease your Tesla, you might not have to pay as much to use Full Self-Driving for the useful life of your EV. It could also give you an opportunity to try the features as long as you like without committing to a full purchase. It's safe to say the usual $10,000 price (as of this writing) is daunting if you're not completely sold on the technology.Read more of this story at Slashdot.

A threat actor has leaked the stolen email and mailing addresses for Ledger cryptocurrency wallet users on a hacker forum for free. BleepingComputer reports: Ledger is a hardware cryptocurrency wallet that is used to store, manage, and sell cryptocurrency. The funds held in these wallets are secured using a 24-word recovery phrase and an optional secret passphrase that only the owner knows. In June 2020, Ledger suffered a data breach after a website vulnerability allowed threat actors to access customers' contact details. Today, a threat actor has shared an archive containing two files named 'All Emails (Subscription).txt' and 'Ledger Orders (Buyers) only.txt' that contain data stolen during the data breach. The 'All Emails (Subscription).txt' text file contains the email addresses of 1,075,382 people who subscribed to the Ledger newsletter. The 'Ledger Orders (Buyers) only.txt' is more sensitive as it contains the names, mailing addresses, and phone numbers for 272,853 people who purchased a Ledger device. The release of this data on a hacker forum poses a significant risk as it provides numerous threat actors data that can be used in phishing attacks against Ledger owners.Read more of this story at Slashdot.

An anonymous reader quotes a report from TorrentFreak: YouTube says it has found a "smoking gun" to prove that a class-action lawsuit filed by Grammy award-winning musician Maria Schneider and Pirate Monitor Ltd was filed in bad faith. According to the Google-owned platform, the same IP address used to upload 'pirate' movies to the platform also sent DMCA notices targeting the same batch of content. In a motion to dismiss filed in November, Pirate Monitor said YouTube had provided no "hard evidence" to back up these damaging claims, demanding that the court disregard the allegations and reject calls for the right to an injunction to prevent Pirate Monitor from submitting wrongful DMCA notices in the future. YouTube now provides a taster of some of the supporting evidence it has on file. "Pirate Monitor devised an elaborate scheme to prove itself sufficiently trustworthy to use YouTube's advanced copyright management tools," YouTube begins. "Through agents using pseudonyms to hide their identities, Pirate Monitor uploaded some two thousand videos to YouTube, each time representing that the content did not infringe anyone's copyright. Shortly thereafter, Pirate Monitor invoked the notice-and-takedown provisions of the Digital Millennium Copyright Act to demand that YouTube remove the same videos its agents had just uploaded." In all, YouTube processed nearly 2,000 DMCA notices it received by Pirate Monitor in the fall of 2019. All of the targeted videos had a uniform length, around 30 seconds each, generated from "obscure Hungarian movies". They had been uploaded in bulk from users with IP addresses allocated to Pakistan. [...] While the nature of the uploads is indeed suspicious, YouTube says that it also found what it describes as a "smoking gun", i.e evidence that the uploads and DMCA notices were being sent by the same entity. "After considerable digging, YouTube found a smoking gun. In November 2019, amidst a raft of takedown notices from Pirate Monitor, one of the 'RansomNova' users that had been uploading clips via IP addresses in Pakistan logged into their YouTube account from a computer connected to the Internet via an IP address in Hungary," YouTube explains. The opposition to Pirate Monitor's motion to dismiss can be found here.Read more of this story at Slashdot.

An algorithm determining which Stanford Medicine employees would receive its 5,000 initial doses of the COVID-19 vaccine included just seven medical residents / fellows on the list, according to a December 17th letter sent from Stanford Medicine's chief resident council. The Verge reports: Stanford Medicine leadership has since apologized and promised to re-evaluate the plan. "We take complete responsibility for the errors in the execution of our vaccine distribution plan," a Stanford Medicine spokesperson said in a statement to The Verge. "Our intent was to develop an ethical and equitable process for distribution of the vaccine. We apologize to our entire community, including our residents, fellows, and other frontline care providers, who have performed heroically during our pandemic response. We are immediately revising our plan to better sequence the distribution of the vaccine." The residents' letter also alleges that the error in the algorithm was found on Tuesday but that leadership opted not to make changes to the plan ahead of its December 17th release. The initial plan led to demonstrations from medical staff in addition to the letter sent by the chief resident council. Here's how the algorithm reportedly worked, according to NPR: "According to an email sent by a chief resident to other residents, Stanford's leaders explained that an algorithm was used to assign its first allotment of the vaccine. The algorithm was said to have prioritized those health care workers at highest risk for COVID infections, along with factors like age and the location or unit where they work in the hospital. Residents apparently did not have an assigned location, and along with their typically young age, they were dropped low on the priority list."Read more of this story at Slashdot.

According to Reuters, Apple is moving forward with self-driving car technology and is targeting 2024 to produce a passenger vehicle that could include its own breakthrough battery technology. From the report: The iPhone maker's automotive efforts, known as Project Titan, have proceeded unevenly since 2014 when it first started to design its own vehicle from scratch. At one point, Apple drew back the effort to focus on software and reassessed its goals. Doug Field, an Apple veteran who had worked at Tesla Inc, returned to oversee the project in 2018 and laid off 190 people from the team in 2019. Since then, Apple has progressed enough that it now aims to build a vehicle for consumers, two people familiar with the effort said, asking not to be named because Apple's plans are not public. Apple's goal of building a personal vehicle for the mass market contrasts with rivals such as Alphabet Inc's Waymo, which has built robo-taxis to carry passengers for a driverless ride-hailing service. Central to Apple's strategy is a new battery design that could "radically" reduce the cost of batteries and increase the vehicle's range, according to a third person who has seen Apple's battery design. [...] As for the car's battery, Apple plans to use a unique "monocell" design that bulks up the individual cells in the battery and frees up space inside the battery pack by eliminating pouches and modules that hold battery materials, one of the people said. Apple's design means that more active material can be packed inside the battery, giving the car a potentially longer range. Apple is also examining a chemistry for the battery called LFP, or lithium iron phosphate, the person said, which is inherently less likely to overheat and is thus safer than other types of lithium-ion batteries. [...] Two people with knowledge of Apple's plans warned pandemic-related delays could push the start of production into 2025 or beyond. Apple has decided to tap outside partners for elements of the system, including lidar sensors, which help self-driving cars get a three-dimensional view of the road, two people familiar with the company's plans said. Apple's car might feature multiple lidar sensors for scanning different distances, another person said. Some sensors could be derived from Apple's internally developed lidar units, that person said. Apple's iPhone 12 Pro and iPad Pro models released this year both feature lidar sensors.Read more of this story at Slashdot.

An anonymous reader quotes a report from The Hollywood Reporter: Providing relief via direct assistance and loans to struggling individuals and businesses hit hard by COVID-19 has been a priority for federal lawmakers this past month. But a gigantic spending bill has also become the opportunity to smuggle in some other line items including those of special interest to the entertainment community. Perhaps most surprising, according to the text of the bill being circulated, illegal streaming for commercial profit could become a felony. It's been less than two weeks since Sen. Thom Tillis (R-NC) released his proposal to increase the penalties for those who would dare stream unlicensed works. In doing so, the North Carolina senator flirted with danger. About a decade ago, Minnesota Sen. Amy Klobuchar made a similar proposal before it ended up dying as people worried about sending Justin Bieber to jail. This time, Tillis' attempt was winning better reviews for more narrowly tailoring the provisions toward commercial operators rather than users. That said, it's had very little time to circulate before evidently becoming part of the spending package. If passed, illegal streaming of works including movies and musical works could carry up to 10 years in jail. That's not the only copyright change either. The spending bill also appears to adopt a long-discussed plan to create a small claims adjudication system within the U.S. Copyright Office. [...] Among the other parts of the omnibus bill of interest to Hollywood is an extension of Section 181, a tax provision that allows for immediate deduction of television and film production costs up to $15 million. That incentive was scheduled to expire at the end of the year, but would now get an additional five years.Read more of this story at Slashdot.

A coalition of civil rights groups led by the American Civil Liberties Union have filed an objection to the proposed expansion of Customs and Border Protections facial recognition at land and sea ports. The National Immigration Law Center, Fight for the Future, and the Electronic Frontier Foundation are also participating in the motion, alongside twelve others. From a report: Filed in November, CBP's proposed rule would expand the biometric exit system, authorizing the collection of facial images from any non-citizen entering the country. But in a filing on Monday, the final day of the comment period, the coalition argued that those measures are too extreme. "CBP's proposed use of face surveillance at airports, sea ports, and the land border would put the United States on an extraordinarily dangerous path toward the normalization of this surveillance," said Ashley Gorski, senior staff attorney with the ACLU's National Security Project, in a statement to reporters. "The deployment of this society-changing technology is unnecessary and unjustified." The filing raises a variety of legal objections to the expansion, in particular arguing that Congress did not intend to authorize long-term facial recognition when it mandated biometric exit tracking in 1996. At the time, Congress left the specific method open to interpretation, but the technology for algorithmic facial recognition from a video feed was not yet developed enough to be considered.Read more of this story at Slashdot.

T-Mobile has been asked to stop advertising its 5G network as more reliable than the competition by the National Advertising Review Board (NARB), which investigated T-Mobile's claims made primarily in an ad featuring celebrity scientist Bill Nye after complaints from Verizon earlier this year. From a report: But the NARB also says T-Mobile shouldn't have to mention the speed of its network when broadly discussing coverage superiority in future ads. T-Mobile has said it will comply with the recommendation. But it cast the recommendations as a partial win in a statement saying it "appreciates that the panel agreed that T-Mobile can continue to advertise its superior 5G coverage without qualification." T-Mobile's compliance is notable because telecom giants don't have to follow the recommendations offered by the NARB, which, as a self-regulatory body under the umbrella of a nonprofit organization, has no governmental regulatory power. For instance, AT&T flatly ignored a request it stop using its misleading "5G E" logo to reference a superior form of 4G.Read more of this story at Slashdot.

Browser makers Apple, Google, Microsoft, and Mozilla, have banned a root certificate that was being used by the Kazakhstan government to intercept and decrypt HTTPS traffic for residents in the country's capital, the city of Nur-Sultan (formerly Astana). From a report: The certificate had been in use since December 6, 2020, when Kazakh officials forced local internet service providers to block Nur-Sultan residents from accessing foreign sites unless they had a specific digital certificate issued by the government installed on their devices. While users were able to access most foreign-hosted sites, access was blocked to sites like Google, Twitter, YouTube, Facebook, Instagram, and Netflix, unless they had the certificate installed. Kazakh officials justified their actions claiming they were carrying out a cybersecurity training exercise for government agencies, telecoms, and private companies. Officials cited that cyberattacks targeting "Kazakhstan's segment of the internet" grew 2.7 times during the current COVID-19 pandemic as the primary reason for launching the exercise. The government's explanation did, however, make zero technical sense, as certificates can't prevent mass cyber-attacks and are usually used only for encrypting and safeguarding traffic from third-party observers. After today's ban, even if users have the certificate installed, browsers like Chrome, Edge, Mozilla, and Safari, will refuse to use them, preventing Kazakh officials from intercepting user data.Read more of this story at Slashdot.

Astronomers behind the most extensive search yet for alien life are investigating an intriguing radio wave emission that appears to have come from the direction of Proxima Centauri, the nearest star to the sun. From a report: The narrow beam of radio waves was picked up during 30 hours of observations by the Parkes telescope in Australia in April and May last year, the Guardian understands. Analysis of the beam has been under way for some time and scientists have yet to identify a terrestrial culprit such as ground-based equipment or a passing satellite. It is usual for astronomers on the $100m Breakthrough Listen project to spot strange blasts of radio waves with the Parkes telescope or the Green Bank Observatory in West Virginia, but all so far have been attributed to human-made interference or natural sources. The latest "signal" is likely to have a mundane explanation too, but the direction of the narrow beam, around 980MHz, and an apparent shift in its frequency said to be consistent with the movement of a planet have added to the tantalising nature of the finding. Scientists are now preparing a paper on the beam, named BLC1, for Breakthrough Listen, the project to search for evidence of life in space, the Guardian understands. The beam that appears to have come from the direction of Proxima Centauri, a red dwarf star 4.2 light years from Earth, has not been spotted since the initial observation, according to an individual in the astronomy community who requested anonymity because the work is ongoing. "It is the first serious candidate since the 'Wow! signal'," they said.Read more of this story at Slashdot.

With their savvy interfaces, smart features and oodles of VC money, digital banks have become the poster-child for fintech. There are now almost 300 so-called "neobanks" live worldwide, with nearly half concentrated in Europe. From a report: Meanwhile, new players are continuing to join the ranks, particularly in Latin America, Africa and the Middle East. This boom is being fuelled by ongoing investor enthusiasm for the sector, with neobanks raising over $2bn in venture capital globally this year alone. Customers are also riding the neobank wave. PitchBook estimates that by 2024, 145m of us will be using these apps across North America and Europe alone. To help keep track of the global neobank landscape, we have broken down the key data and trends. For clarity, 'neobank' is defined here as an app that i) offers its own retail banking services (i.e. prepaid, debit, credit cards), ii) launched after 2010, and iii) is mobile-centric. This definition does not distinguish between regulatory status, but it's worth noting that only a handful have official bank licences. Here is the story of the world's neobanks, as told in numbers. The neobank boom: At its peak? The number of neobanks worldwide has tripled since 2017, climbing from 100 to nearly 300 worldwide. That means, over the last three years, a neobank launched every five days somewhere in the world (!), according to Exton, a consultancy firm which manages a global database of consumer banking apps. In 2019 alone, more than 70 neobanks went live globally. But Cristoph Stegmeier, a partner at Exton, says we may finally have reached a peak, with 2020 seeing a slowdown. "I expect we will see less from now," he told Sifted. He explained this year's launch decline went beyond simply the 'Covid effect' and stems from the growing saturation of neobanks. Indeed, 30 neobanks have been wound down since 2015, according to Stegmeier. Still, the neobank boom hasn't totally stalled. Over 30 neobanks launched in the face of the pandemic, including Zelf, Daylight (a US bank for LGBT+ members) and Tenpo in Chile. Meanwhile, dozens of new players are still planning to go live in 2021 -- including Greece's Woli and France's Vybe.Read more of this story at Slashdot.

Is your internet service provider charging you every month for the cable modem or router that you purchased with your own money? Or, perhaps, have you never bothered to buy those items because you couldn't escape the fee? That fee is illegal as of yesterday. From a report: Last year, Congress passed a law that should have fixed this ridiculous loophole as of June 20th, 2020 -- and though the FCC managed to extend the deadline six months by spinning up some bullshit about how cable companies didn't have the resources to stop charging you money, the law should take full effect Monday. Do note that the actual text of the law still allows some BS to occur. If your ISP sends you a router, you'll need to return it to avoid charges. Frontier in particular has been notorious for charging customers $10 a month for their equipment "whether you use it or not" -- the company's words, not mine -- but Frontier is clearly aware it won't be able to do that anymore. Starting this month, the company's equipment page has changed to remove the part where it talks about the mandatory fee.Read more of this story at Slashdot.

An anonymous reader shares a report: The Japanese website Asahi reports that Nikon is ending the production of cameras in Japan and moving all production to Thailand. This is simply Nikon's attempt to cut costs as much as it gets. Don't think this is enough to make them stay in the business.Read more of this story at Slashdot.

The discovery of U.S. spy networks in China fueled a decadelong global war over data between Beijing and Washington. From a report: Around 2013, U.S. intelligence began noticing an alarming pattern: Undercover CIA personnel, flying into countries in Africa and Europe for sensitive work, were being rapidly and successfully identified by Chinese intelligence, according to three former U.S. officials. The surveillance by Chinese operatives began in some cases as soon as the CIA officers had cleared passport control. Sometimes, the surveillance was so overt that U.S. intelligence officials speculated that the Chinese wanted the U.S. side to know they had identified the CIA operatives, disrupting their missions; other times, however, it was much more subtle and only detected through U.S. spy agencies' own sophisticated technical countersurveillance capabilities. The CIA had been taking advantage of China's own growing presence overseas to meet or recruit sources, according to one of these former officials. "We can't get to them in Beijing, but can in Djibouti. Heat map Belt and Road" -- China's trillion-dollar infrastructure and influence initiative -- "and you'd see our activity happening. It's where the targets are." The CIA recruits "Russians and Chinese hard in Africa," said a former agency official. "And they know that." China's new aggressive moves to track U.S. operatives were likely a response to these U.S. efforts. This series, based on interviews with over three dozen current and former U.S. intelligence and national security officials, tells the story of China's assault on U.S. personal data over the last decade -- and its consequences. But instead, CIA officials believed the answer was likely data-driven -- and related to a Chinese cyberespionage campaign devoted to stealing vast troves of sensitive personal private information, like travel and health data, as well as U.S. government personnel records. U.S. officials believed Chinese intelligence operatives had likely combed through and synthesized information from these massive, stolen caches to identify the undercover U.S. intelligence officials. It was very likely a "suave and professional utilization" of these datasets, said the same former intelligence official. This "was not random or generic," this source said. "It's a big-data problem." The battle over data -- who controls it, who secures it, who can steal it, and how it can be used for economic and security objectives -- is defining the global conflict between Washington and Beijing. Data has already critically shaped the course of Chinese politics, and it is altering the course of U.S. foreign policy and intelligence gathering around the globe. Just as China has sought to wield data as a sword and shield against the United States, America's spy agencies have tried to penetrate Chinese data streams and to use their own big-data capabilities to try to pinpoint exactly what China knows about U.S. personnel and operations.Read more of this story at Slashdot.

Lockheed Martin has agreed to buy Aerojet Rocketdyne for $4.4 billion in cash (including assumed debt). From a report: This reflects how legacy defense companies are racing to keep up with Elon Musk and Jeff Bezos in space, a dynamic that also helped drive Raytheon's merger effort with United Technologies. Plus, this is the exact type of company that will be seeking Space Force bids, maybe getting cool branding logos on the Guardian outfits. Aerojet in 2015 offered to pay $2 billion to buy a rocket launch joint venture between Boeing and Lockheed, but was rebuffed by Boeing.Read more of this story at Slashdot.

After months of deliberation, congressional leaders reached a $900 billion coronavirus relief deal on Sunday, including billions in funding for broadband internet access. From a report: Congress' latest relief measure provides $7 billion in funding for broadband connectivity and infrastructure. That figure includes $3.2 billion for a $50-per-month emergency broadband benefit for people who are laid off or furloughed during the pandemic, according to a press release from Sen. Ron Wyden's (D-OR) office on Sunday. "Broadband connections are essential for Americans seeking to get new jobs, and to access school, health care and other government services," Wyden said in a statement Sunday night. "Ensuring working families can stay online will pay massive dividends for kids' education, helping people find jobs and jump starting the economic recovery next year."Read more of this story at Slashdot.

Citizen Lab researchers say they have found evidence that dozens of journalists had their iPhones silently compromised with spyware known to be used by nation states. From a report: For more than the past year, London-based reporter Rania Dridi and at least 36 journalists, producers and executives working for the Al Jazeera news agency were targeted with a so-called "zero-click" attack that exploited a now-fixed vulnerability in Apple's iMessage. The attack invisibly compromised the devices without having to trick the victims into opening a malicious link. Citizen Lab, the internet watchdog at the University of Toronto, was asked to investigate earlier this year after one of the victims, Al Jazeera investigative journalist Tamer Almisshal, suspected that his phone may have been hacked. In a technical report out Sunday and shared with TechCrunch, the researchers say they believe the journalists' iPhones were infected with the Pegasus spyware, developed by Israel-based NSO Group. The researchers analyzed Almisshal's iPhone and found it had between July and August connected to servers known to be used by NSO for delivering the Pegasus spyware. The device revealed a burst of network activity that suggests that the spyware may have been delivered silently over iMessage. Logs from the phone show that the spyware was likely able to secretly record the microphone and phone calls, take photos using the phone's camera, access the victim's passwords, and track the phone's location.Read more of this story at Slashdot.

Pfizer and BioNTech SE's Covid-19 vaccine won the backing of a key European review panel, clearing the way for inoculations to start before the end of the year as the continent struggles with rising death rates and tighter lockdowns. From a report: The endorsement was announced in a news briefing by the European Medicines Agency on Monday. The final step in approval is a sign-off from the European Commission. European Union leaders pushed the regulator to speed up its review amid complaints that residents across the continent were still waiting to get a vaccine -- pioneered in Germany -- that is already being used in the U.K. and U.S. The goal is to start a European immunization campaign on Dec. 27, commission President Ursula von der Leyen said last week. Monday's recommendation puts the EU in position to meet that timeline. The commission last week signaled it would give the official go-ahead for distribution to start no later than two days after the agency's sign-off.Read more of this story at Slashdot.

A recent article at Politico argues that the U.S. government "doesn't do much to verify the security of software from private contractors. And that's how suspected Russian hackers got in."The federal government conducts only cursory security inspections of the software it buys from private companies for a wide range of activities, from managing databases to operating internal chat applications. That created the blind spot that suspected Russian hackers exploited to breach the Treasury Department, the Department of Homeland Security, the National Institutes of Health and other agencies... Attacks on vendors in the software supply chain represent a known issue that needs to be prioritized, said Rep. Jim Langevin (D-R.I.), the co-founder of the Congressional Cybersecurity Caucus. "The SolarWinds incident... underscores that supply chain security is a topic that needs to be front and center," Langevin said.... He said Congress needs to "incentivize" the companies to make their software more secure, which could require expensive changes. Some others are calling for regulation. Private companies regularly deploy software with undiscovered bugs because developers lack the time, skill or incentive to fully inspect them. Long-time open source advocate Steven J. Vaughan-Nichols argues another issue is the closed-source nature of SolarWinds' software:Proprietary software — a black box where you can never know what's really going on — is now, always has been, and always will be more of a security problem. I would no more trust anything mission critical to proprietary software than I would drive a car at night without lights or a fastened seat belt... A fundamental open source principle is that by bringing many eyeballs to programs more errors will be caught. That doesn't mean all errors are caught, just a lot more than those by a single proprietary company... Just consider the sheer number of serious Windows bugs — does a month go by without one? — compared to those of Linux... In short, proprietary software companies, like SolarWinds, are still making huge security blunders, which are hidden from users until the damage is done.Read more of this story at Slashdot.

Tech columnist Chris Matyszczyk describes what happened after Microsoft's senior cloud advocate tweeted "Hire folks with non-traditional paths to tech."Thomas Zeman, whose Twitter bio declared he's "scaling pods at daytime, working on a docker based raspberry pi router at nighttime," mused in reply: "Depends a bit what tech you are talking about. When doing machine learning for cancer recognition on medical images I am sorry but dont believe baristas will crack it...." Oddly, Zeman's comment received what might be termed a reaction.... In wandered David Brunelle... "Hi Thomas!" he said. "I'm a vp of engineering at Starbucks. I started my career as a Starbucks barista. I have no college degree. Most of my early-in-career training came from the Navy. All non-traditional. And I lead one of the biggest digital payments platforms in the world...." Here's Twitterer Ew, Ryan: "I've worked as a delivery driver, tuxedo salesman, sandwich maker, gas station attendant, server, a few summers as a plumbing apprentice, and I could go on and on... but now I've worked at Google, Twitter and TikTok. Don't confuse past work histories with future capabilities." Or this from someone with the adorable Twitter handle @SecuritySphynx: "Gatekeeping is a bad look. 4y ago I was stamping envelopes/answering phones for $12/hour. Now I'm engineering security solutions with some of the worlds largest orgs Almost no one started in tech and never did anything else before. Check your classism at the door, please...." The article ultimately asks how many tech companies (and their HR departments) "persist in seeking those with a particular qualification and a particular past history? How many think there's a tech type?" But at least the Twitter thread provoked this clarifying correction from the pod-scaling, router-builder who'd started all the reactions. "I totally believe anyone can learn and master anything (including Baristas of course) without any doubt. The point is that mastering things will take a lot of time..."Read more of this story at Slashdot.

The military news site Task and Purpose reports:The U.S. military's youngest branch, the Space Force, just trounced its sibling services, as well the United Kingdom's military, in the second annual Call of Duty Endowment Bowl. The transatlantic Call of Duty: Black Ops Cold War tournament pit eight teams from the U.S. Army, Navy, Air Force, Space Force, and Marine Corps, along with the British Army, Royal Navy, and Royal Air Force, against each other. Each team was captained by a civilian gamer and popular streamer who offered guidance and tips to players in real-time as they vied for the top spot... The tournament was put on by the Call of Duty Endowment, which has placed more than 77,000 veterans into full-time jobs since its inception in 2009. This year alone, the endowment placed 11,000 veterans in jobs amidst the novel coronavirus (COVID-19) pandemic. "Space Force isn't even a year old so this may have been their very first win in anything competitive against any of the other services," Dan Goldenberg, the endowment's executive director said during the event, according to Business Insider. "So it's a heck of a great way to start off their history."Read more of this story at Slashdot.

"Bitcoin is almost as bs as fiat money," Elon Musk tweeted on Sunday, and then followed it up with another tweet. "One Word: Doge." "The tweet sent shares of Dogecoin up nearly 20% and landed it on the list of trending Twitter topics," reports CNN. (Later that day Musk tweeted "i love all u crazy ppl out there.")The tech billionaire even went as far as updating his Twitter bio with the title "Former CEO of Dogecoin..." This isn't the first time Musk has tweeted about Dogecoin, the bitcoin descendant. The SpaceX CEO mentioned the digital coin in July when he tweeted "It's inevitable" with an image depicting the dogecoin standard engulfing the global financial system. The tweet sent shares up 14% at the time. Dogecoin was created in 2014 as a parody to a popular internet meme "doge", which involved a picture of a Shiba Inu dog. Although the virtual coin started off as a joke, it currently has a market value of nearly $570 million.Read more of this story at Slashdot.

In a long article titled "Gates versus the Pandemic," Fast Company looks at the many mitigation efforts launched by the Bill & Melinda Gates Foundation. - It's one of the largest funders of the World Health Organization. - It's partnered with the governments of Norway and India, the World Economic Forum, and the research-charity Wellcome Trust to launch an important group called the Coalition for Epidemic Preparedness Innovations (CEPI). And then Fast Company breaks down the specifics:- The Gates Foundation invested $52 million in a German mRNA startup named CureVac in 2015; a year later, it gave Massachusetts-based Moderna a $20 million grant to support its development of mRNA-based HIV therapeutics, which helped the company further its underlying platform that can also be used to make vaccines. - The foundation made an initial equity investment of $55 million in BioNTech, another German startup working on mRNA technology, in 2019. (While the foundation typically makes grants, it sometimes invests in companies to negotiate terms that require a funded product be globally accessible and affordable.) The goal of all of this spending, in part, was to encourage these companies to focus on mRNA vaccines for communicable illnesses. "If you're looking at where the money is," in medical funding, "it's in oncology and cancer immunotherapy," says Lynda Stuart, deputy director of vaccines and host-pathogen biology at the Gates Foundation. Without a push, companies working in the space "wouldn't necessarily gravitate to infectious disease vaccines." As the virus was beginning to spread, the Gates Foundation encouraged its other vaccine development partners to turn to COVID-19. - Researchers at Oxford University started work on a coronavirus vaccine made from a weakened, altered form of a chimpanzee cold virus, a platform that CEPI had supported for other vaccines such as MERS. - Novavax, a biotech startup the foundation had previously funded, also entered the race to create a vaccine. By October, more than 200 COVID-19 vaccines were in development, but only 11 had reached Phase III clinical trials (human efficacy tests, the last step before regulatory approval). Of those, four vaccine platforms — from Moderna, BioNTech, Novavax, and the University of Oxford — had received early backing from CEPI or the Gates Foundation. In November, BioNTech-Pfizer, Moderna, and Oxford-AstraZeneca all announced that their respective vaccines had proved highly effective in preliminary study results. On December 11, the FDA approved the BioNTech-Pfizer vaccine, which represents a huge victory for the Gates Foundation. (In addition, the foundation is funding contenders that are at an earlier stage of development, such as Icosavax's nanoparticle vaccine construct.) "Without the efforts of the Bill & Melinda Gates Foundation, the Covid-19 crisis would almost certainly be worse," writes Fast Company. "But its extensive role raises questions about how much we rely on philanthropy." Their article includes this quote from a Northeastern University law professor focused on intellectual property rights and universal access to treatments for HIV/AIDS and COVID-19. "A fundamental question is, Well, because you have the money, should you be able to control the architecture of global health?" A former director of vaccine delivery at the Gates Foundation counters that "they add value in helping to design very effective programs."Read more of this story at Slashdot.

This week Google "quietly acquired a company called Neverware Inc. that sells software to transform old personal computers and Macs into Chromebook devices," reports SiliconANGLE:The acquisition was announced by Neverware on Twitter, and Google later confirmed the news in a statement. Google had taken part in the company's Series B funding round three years ago. Neverware's software is called CloudReady OS, and though it's primarily aimed at schools and enterprises that want to transform fleets of machines into Chromebooks, there's also a free Home edition that anyone can use... Google's plan is to make CloudReady an official product. "We can confirm that the Neverware team is joining the Google Chrome OS team," Google said in a statement.Read more of this story at Slashdot.

Aleksander Kubica is a postdoctoral fellow at Canada's Perimeter Institute for Theoretical Physics and Institute for Quantum Computing. And he's also the winner of the world's first quantum chess tournament. (It's now available for streaming on Twitch, and begins with a clip of the late Stephen Hawking playing a 2016 game against Ant-Man star Paul Rudd.) "It's a complicated version of regular chess that incorporates the quantum concepts of superposition, entanglement, and interference," explains Ars Technica (in an article shared by John Trumpian):In quantum chess, there are multiple boards on which the pieces exist, and their number is not fixed. Players can perform "quantum moves" as well as regular chess moves; players just need to indicate which type of move they're performing. Any quantum move will create a superposition of boards (doubling the number of possible boards in the superposition with each quantum move), although the player will see a single board representing all boards at the same time. And any individual move acts on all boards at the same time. Pawns move the same as in regular chess, but other pieces can make either standard moves or quantum moves, such that they can occupy more than one square simultaneously. In a 2016 blog post, Chris Cantwell of Quantum Realm Games offered the example of a white queen performing a quantum move from D1 to D3. "We get two possible boards. On one board the queen did not move at all. On the other, the queen did move. Each board has a 50 percent chance of 'existence'..." In 2016 Stephen Hawking had played a game of quantum chess against Paul Rudd in a video which also featured both Keanu Reeves and Alex Winter, stars of the "Bill and Ted" movies.Read more of this story at Slashdot.

"A mobile security expert has accused China of exploiting cellphone networks in the Caribbean to conduct 'mass surveillance' on Americans," reports Newsweek:Gary Miller, a former vice president of network security at California-based analytics company Mobileum, told The Guardian he had amassed evidence of espionage conducted via "decades-old vulnerabilities" in the global telecommunications system. While not explicitly mentioned in the report, the claims appear to be centered around Signaling System 7 (SS7), a communications protocol that routes calls and data around the world and has long been known to have inherent security weaknesses. According to Miller, his analysis of "signals data" from the Caribbean has shown China was using a state-controlled mobile operator to "target, track, and intercept phone communications of U.S. phone subscribers," The Guardian reported. Miller claimed China appeared to exploit Caribbean operators to conduct surveillance on Americans as they were traveling, alleging that attacks on cell phones between 2018 to 2020 likely affected "tens of thousands" of U.S. mobile users in the region. "Once you get into the tens of thousands, the attacks qualify as mass surveillance," the mobile researcher said, noting the tactic is "primarily for intelligence collection and not necessarily targeting high-profile targets." Interesting quote from the Guardian's original story:"We have an illusion of security when we talk on our mobile phones," said James Lewis, the director of the Strategic Technologies Program at the Center for Strategic and International Studies (CSIS). "People don't realise that we are under a sustained espionage attack on anything that connects to a network, and that this is just another example of a really aggressive and pretty sophisticated campaign." Thanks to chill (Slashdot reader #34,294) for the story!Read more of this story at Slashdot.

Software developer/sys-admin Hawke Robinson is the CEO of RPG Research, a 501(c)3 non-profit, volunteer-run, charitable organization founded in 1977. He's also long-time Slashdot reader kmleon, and shares this story from the gaming-news site The Gamer:RPG Research recently sent out an urgent call requesting more volunteers, more warehouse space, and more donations to help meet the overwhelming demand it is currently facing. In a truly good news/bad news situation, the organization has seen donations increase by 600% from previous years, while 2020 has increased demand for the organization's programs by more than 1,000%. The increased demand is simply more than RPG Research is currently staffed and equipped to handle, resulting in the call for aid. Along with the need for more volunteers, RPGR is also seeking a sizeable warehouse to house office space, events, the RPG Museum, as well as to hold the RPG bus and trailers. The ideal warehouse being sought is "a 2,000 (minimum) to 4,000+ square foot warehouse" somewhere "in the greater Spokane Washington or Post Falls Idaho region...." The international (six continents) organization began studying roleplaying games and their effects in 1983, and since then have presented their findings through various programs in educational settings, prison systems, and therapeutic medical settings.Read more of this story at Slashdot.

The MacRumors site writes:Facebook's recent criticism directed at Apple over an upcoming tracking-related privacy measure is "laughable," according to the Electronic Frontier Foundation (EFF), a non-profit organization that defends civil liberties in the digital world. Facebook has claimed that Apple's new opt-in tracking policy will hurt small businesses who benefit from personalized advertising, but the EFF believes that Facebook's campaign against Apple is really about "what Facebook stands to lose if its users learn more about exactly what it and other data brokers are up to behind the scenes," noting that Facebook has "built a massive empire around the concept of tracking everything you do...." According to the EFF, a number of studies have shown that most of the money made from targeted advertising does not reach app developers, and instead goes to third-party data brokers like Facebook, Google, and lesser-known firms. "Facebook touts itself in this case as protecting small businesses, and that couldn't be further from the truth," the EFF said. "Facebook has locked them into a situation in which they are forced to be sneaky and adverse to their own customers. The answer cannot be to defend that broken system at the cost of their own users' privacy and control." "This is really about who benefits from the normalization of surveillance-powered advertising..." argues the EFF. And they ultimately come down in support of Apple's new privacy changes. "Here, Apple is right and Facebook is wrong."Read more of this story at Slashdot.

"New COVID-19 restrictions and worsening outbreaks have compelled Apple to temporarily close nearly one fifth of its retail stores during one of the busiest shopping weeks of the holiday season," reports 9to5Mac.401 of Apple's 509 locations worldwide remain open as of publication. Most open locations in the US are limited to Express storefront pickup of online orders and Genius Support. Walk-in shopping and customers without an appointment are not accepted at Express locations. The site also notes that Apple recently re-closed all 18 of its stores across Germany and the Netherlands. And the Verge confirms more store closings in the U.S. and around the world:Every California store, all four in Tennessee, all three in Utah, all four in Minnesota, two in Oklahoma, and the stores in Portland, Oregon; Anchorage, Alaska; Omaha, Nebraska; and Albuquerque, New Mexico are all closed this upcoming week — as well as the 16 additional stores in the U.K., Mexico and Brazil starting tomorrow, December 20th.It's not hard to guess why the stores are reclosing, particularly in California where COVID-19 saw its four deadliest days yet in a row last week as part of an ongoing surge, and in London where Prime Minister Boris Johnson has just put the city in emergency lockdown starting midnight.Read more of this story at Slashdot.

An anonymous reader writes:The U.S. military's Space Force branch celebrated its one-year anniversary Friday by announcing that its members would now be known as "guardians". But the name was not universally greeted with respect and appreciation. Gizmodo announced the news with a headline which read "Space Force Personnel Will Be Called 'Guardians' Because Sure, Whatever," in an article which jokingly asks how this will affect the other ranks of this branch of the military. "Does someone get promoted from Guardian to Sentinel to Space Paladin to Tython, The Secessionist King Of Mars or something?" (Their article also suggests other names the U.S. military could have considered — like "moon buddies" or "rocketeers" — even at one point proposing "starship troopers".) Forbes wrote that "The mockery arrived instantly and in great rivers..." But there was an interesting observation from a British newspaper (which is in fact, named The Guardian). "As the Associated Press put it, delicately: 'President-elect Joe Biden has yet to reveal his plans for the space force in the next administration.'" In fact, New York magazine called the new name for members of Space Force the "strongest case yet for its demise," in an article headlined "Abolish the Space Force." ("Maybe 'stormtrooper' was too obvious...") In an apparent bid to be taken more seriously, on Friday the Space Force also shared an official anniversary greeting they'd received from Lee Majors, the actor who'd played a cybernetically-enhanced Air Force colonel in the 1970s action series The Six Million Dollar Man (who, in later seasons, befriended Bigfoot and the alien community who'd brought him to earth). But Mashable added sympathetically that "It's been a long year, though. If people want to draw some nerdy joy from a U.S. military branch inadvertently referencing comic books and video games, let them have their fun."Read more of this story at Slashdot.

Reuters reports:A second hacking group, different from the suspected Russian team now associated with the major SolarWinds data breach, also targeted the company's products earlier this year, according to a security research blog by Microsoft. "The investigation of the whole SolarWinds compromise led to the discovery of an additional malware that also affects the SolarWinds Orion product but has been determined to be likely unrelated to this compromise and used by a different threat actor," the blog said... It is unclear whether SUPERNOVA has been deployed against any targets, such as customers of SolarWinds. The malware appears to have been created in late March, based on a review of the file's compile times. Microsoft's detailed blog post notes that the code "provides an attacker the ability to send and execute any arbitrary C# program on the victim's device."Read more of this story at Slashdot.

More than three million internet users are believed to have installed 15 Chrome, and 13 Edge extensions that contain malicious code, reports ZDNet, citing an announcement from cybersecurity company Avast:Avast researchers said they believe the primary objective of this campaign was to hijack user traffic for monetary gains. "For every redirection to a third party domain, the cybercriminals would receive a payment," the company said. Avast said it discovered the extensions last month and found evidence that some had been active since at least December 2018, when some users first started reporting issues with being redirected to other sites. Jan Rubín, Malware Researcher at Avast, said they couldn't identify if the extensions had been created with malicious code from the beginning or if the code was added via an update when each extension passed a level of popularity. And many extensions did become very popular, with tens of thousands of installs. Most did so by posing as add-ons meant to help users download multimedia content from various social networks, such as Facebook, Instagram, Vimeo, or Spotify. Avast said it reported its findings to both Google and Microsoft and that both companies are still investigating the extensions. ZDNet's article includes Avast's lists of the 28 extensions which they're recommending be uninstalled by users. ZDNet also notes that "A day after Avast published its findings, only three of the 15 Chrome extensions were removed, while all the Edge add-ons were still available for download. A source familiar with the investigation told ZDNet that Microsoft has not been able to confirm the Avast report."Read more of this story at Slashdot.

Long-time Slashdot reader AmiMoJo shares this report from Ars Technica:Amazon's competitor to SpaceX Starlink is moving through the prototype-development phase, with the company announcing yesterday that it has "completed initial development on the antenna for our low-cost customer terminal." Amazon said its "Ka-band phased-array antenna is based on a new architecture capable of delivering high-speed, low-latency broadband in a form factor that is smaller and lighter than legacy antenna designs" and the "prototype is already delivering speeds up to 400Mbps." Performance will get better in future versions, Amazon said. Amazon in July received Federal Communications Commission approval to launch 3,236 low-Earth orbit satellites. The company says it plans to invest over $10 billion in its satellite-broadband division, which it calls Project Kuiper... Amazon didn't provide any updates on when Kuiper will be ready for customers. FCC rules give Amazon six years to launch and operate 50 percent of its licensed satellites, with a deadline date of July 30, 2026. Amazon would have to launch the rest of the licensed satellites by July 30, 2029. Amazon previously said it plans to offer broadband to customers "once the first 578 satellites are launched." "Custom-built antenna architecture will allow Amazon to deliver a small, affordable customer terminal to connect unserved and underserved communities around the world," explains Amazon's announcement.Read more of this story at Slashdot.

The Verge reports:Firefox's latest update brings native support for Macs that run on Apple's Arm-based silicon, Mozilla announced on Tuesday. Mozilla claims that native Apple silicon support brings significant performance improvements: the browser apparently launches 2.5 times faster and web apps are twice as responsive than they were on the previous version of Firefox, which wasn't native to Apple's chips... Firefox's support of Apple's Arm-based processors follows Chrome, which added support for Apple's new chips shortly after the M1-equipped MacBook Pro, MacBook Air, and Mac mini were released in November. Firefox 84 will also be the very last release to support Adobe Flash, notes ZDNet, calling both developments "a reminder of the influence Apple co-founder Steve Jobs has had and continues to exert on software and hardware nine years after his death."Jobs wrote off Flash in 2010 as successful Adobe software but one that was a 'closed' product "created during the PC era — for PCs and mice" and not suitable for the then-brand-new iPad, nor any of its prior iPhones. Instead, Jobs said the future of the web was HTML5, JavaScript and CSS. At the end of this year Google Chrome, Microsoft Edge and Apple Safari also drop support for Flash. Senior Apple execs recently reflected in an interview with Om Malik what the M1 would have meant to Jobs had been alive today. "Steve used to say that we make the whole widget," Greg Joswiak, Apple's senior vice president of Worldwide Marketing told Malik. "We've been making the whole widget for all our products, from the iPhone, to the iPads, to the watch. This was the final element to making the whole widget on the Mac." ZDNet also notes that Firefox 84 offers WebRender, "Mozilla's faster GPU-based 2D rendering engine" for MacOS Big Sur, Windows devices with Intel Gen 6 GPUs, and Intel laptops running Windows 7 and 8. "Mozilla promises it will ship an accelerated rendering pipeline for Linux/GNOME/X11 users for the first time." Firefox now also uses "more modern techniques for allocating shared memory on Linux," writes Mozilla, "improving performance and increasing compatibility with Docker." And Firefox 85 will include a new network partitioning feature to make it harder for companies to track your web surfing.Read more of this story at Slashdot.

Application-security company Veracode "has released the 11th volume of its annual State of Software Security report, and its findings reveal that flawed applications are the norm, open-source libraries are increasingly untrustworthy, and it's taking a long time to patch problems," reports TechRepublic. The top three security flaws — like last year — are still information leakage, cryptographic issues, and CRLF injection:The report found a full 76% of apps contained flaws, and 24% of apps have flaws considered highly severe. Some 70% of apps are inheriting security flaws from their open-source libraries, but it's important to note that only 30% of apps have more security bugs in their open-source libraries than in code written in-house, suggesting that it isn't solely open-source projects that are to blame... In terms of how bugs are being resolved, Veracode found that 73% of the bugs it found as part of the report were patched, which is a big improvement over previous years, when that number was in the mid-50% range. Despite that good sign, it's still taking an average of six months to close half of discovered flaws... Veracode also released a heatmap of the worst bugs in the most popular languages. Interestingly enough, the language with the least use of open-source libraries is also the one with the most bugs: PHP. Looking at the heatmap, it's easy to spot which of the five popular languages included has the worst security. Following PHP is C++, then Java, .Net, JavaScript, and Python. The latter two are, doing considerably better than the competition, with the worst flaws in each only being found in roughly 30% of apps. Compared to PHP with 74.6% of its apps vulnerable to cross-site scripting, JavaScript and Python are security powerhouses.Read more of this story at Slashdot.

Forbes reports:Nuclear advocates see a vast market for reactors in carbon capture and carbon-based products, not only for the next generation of reactors in development, but also for the aging dinosaurs they evolved from... The Diablo Canyon Nuclear Power Plant in San Luis Obispo, California, for example, is slated to shut down in 2024 and 2025. "If the waste heat from that plant was being combined with electricity production you could be removing 20 million tons per year of carbon from the atmosphere," said Kirsty Gogan, co-founder of Energy for Humanity, at an EarthX panel on Wednesday. "Right now what's happening is these big gigawatt-scale depreciating assets — they're making baseload, clean, emissions-free power, but we're just throwing away the heat, right? Those nuclear plants could be more useful, making a big contribution toward that responsibility we all have to go negative. "We all try to be neutral, but it ain't good enough. We have to take responsibility for the carbon that's already in the atmosphere and go negative." That's just one possibility. For example, the article also suggests nuclear energy could be used to generate sustainable aviation fuel (currently made mostly from biomass) from smokestack carbon. Slashdot reader ogcricket notes the article is based on an hour-long EarthX panel that's now available on YouTube.Read more of this story at Slashdot.