Daily Archives: February 9, 2021

I checked Apple’s new privacy ‘nutrition labels.’ Many were false.

Posted on by

[…]

Apple only lets you access iPhone apps through its own App Store, which it says keeps everything safe. It appeared to bolster that idea when it announced in 2020 that it would ask app makers to fill out what are essentially privacy nutrition labels. Just like packaged food has to disclose how much sugar it contains, apps would have to disclose in clear terms how they gobble your data. The labels appear in boxes toward the bottom of app listings. (Click here for my guide on how to read privacy nutrition labels.)

But after I studied the labels, the App Store is now a product I trust less to protect us. In some ways, Apple uses a narrow definition of privacy that benefits Apple — which has its own profit motivations — more than it benefits us.

Apple’s big privacy product is built on a shaky foundation: the honor system. In tiny print on the detail page of each app label, Apple says, “This information has not been verified by Apple.”

The first time I read that, I did a double take. Apple, which says caring for our privacy is a “core responsibility,” surely knows devil-may-care data harvesters can’t be counted on to act honorably. Apple, which made an estimated $64 billion off its App Store last year, shares in the responsibility for what it publishes.

It’s true that just by asking apps to highlight data practices, Apple goes beyond Google’s rival Play Store for Android phones. It has also promised to soon make apps seek permission to track us, which Facebook has called an abuse of Apple’s monopoly over the App Store.

In an email, Apple spokeswoman Katie Clark-AlSadder said: “Apple conducts routine and ongoing audits of the information provided and we work with developers to correct any inaccuracies. Apps that fail to disclose privacy information accurately may have future app updates rejected, or in some cases, be removed from the App Store entirely if they don’t come into compliance.”

My spot checks suggest Apple isn’t being very effective.

And even when they are filled out correctly, what are Apple’s privacy labels allowing apps to get away with not telling us?

Trust but verify

A tip from a tech-savvy Washington Post reader helped me realize something smelled fishy. He was using a journaling app that claimed not to collect any data but, using some technical tools, he spotted it talking an awful lot to Google.

[…]

To be clear, I don’t know exactly how widespread the falsehoods are on Apple’s privacy labels. My sample wasn’t necessarily representative: There are about 2 million apps, and some big companies, like Google, have yet to even post labels. (They’re only required to do so with new updates.) About 1 in 3 of the apps I checked that claimed they took no data appeared to be inaccurate. “Apple is the only one in a position to do this on all the apps,” says Jackson.

But if a journalist and a talented geek could find so many problems just by kicking over a few stones, why isn’t Apple?

Even after I sent it a list of dubious apps, Apple wouldn’t answer my specific questions, including: How many bad apps has it caught? If being inaccurate means you get the boot, why are some of the ones I flagged still available?

[…]

We need help to fend off the surveillance economy. Apple’s App Store isn’t doing enough, but we also have no alternative. Apple insists on having a monopoly in running app stores for iPhones and iPads. In testimony to Congress about antitrust concerns last summer, Apple CEO Tim Cook argued that Apple alone can protect our security.

Other industries that make products that could harm consumers don’t necessarily get to write the rules for themselves. The Food and Drug Administration sets the standards for nutrition labels. We can debate whether it’s good at enforcement, but at least when everyone has to work with the same labels, consumers can get smart about reading them — and companies face the penalty of law if they don’t tell the truth.

Apple’s privacy labels are not only an unsatisfying product. They should also send a message to lawmakers weighing whether the tech industry can be trusted to protect our privacy on its own.

Source: I checked Apple’s new privacy ‘nutrition labels.’ Many were false.

A Bug in Lenovo System Update Service is Driving Up CPU Usage and Prompting Fan Noise in Laptops and Desktops, Customers Say

Posted on by

Since late January, most users running a pre-installed Lenovo image of Windows 10 has been bitten by a bug in Lenovo’s System Update Service (SUService.exe) causing it to constantly occupy a CPU thread. This was noticed by many ThinkPad and IdeaPad users as an unexpected increase in fan noise, but many desktop users might not notice the problem. I’m submitting this story to Slashdot because Lenovo does not provide an official support venue for their software, and the problem has persisted for several weeks with no indication of a patch forthcoming. While this bug continues to persist, anyone with a preinstalled Lenovo image of Windows 10 will have greatly reduced battery life on a laptop, and greatly increased power consumption in any case. As a thought experiment, if this causes 1 million systems to increase their idle power consumption by 40 watts, this software bug is currently wasting 40 megawatts, or about 1/20th the output of a typical commercial power station. On my ThinkPad P15, this bug actually wastes 80 watts of power, so the indication is that 40 watts per system is a very conservative number.

Lenovo’s official forums and unofficial reddit pages have seen several threads pop up since late January with confused users noticing the issue, but so far Lenovo is yet to issue an official statement. Users have recommended uninstalling the Lenovo System Update Service as a workaround, but that won’t stop this power virus from eating up megawatts of power around the world for those who don’t notice this power virus’s impact on system performance.

Source: A Bug in Lenovo System Update Service is Driving Up CPU Usage and Prompting Fan Noise in Laptops and Desktops, Customers Say – Slashdot

Researchers Say Favicons Can Track You Across the Web

Posted on by

German software designer Jonas Strehle has published a proof of concept on GitHub that he says demonstrates a method in which the favicon’s cache can be used to store a unique identifier for a user that is readable “in the browser’s incognito mode and is not cleared by flushing the cache, closing the browser or restarting the system, using a VPN or installing AdBlockers.”As Motherboard points out, Strehle started building the project after reading a research paper from the University of Illinois at Chicago that describes the technique. The basic gist of the method starts with the fact that favicon’s get cached in your browser the first time you visit a website. When you return to the site, the browser checks to see if the favicon has been stored in its own special home on your machine that’s called the F-Cache. If the data is out of date or missing, the browser requests data from the website’s servers. Strehle explained what happens next in a write up on his website: A web server can draw conclusions about whether a browser has already loaded a favicon or not: So when the browser requests a web page, if the favicon is not in the local F-cache, another request for the favicon is made. If the icon already exists in the F-Cache, no further request is sent. By combining the state of delivered and not delivered favicons for specific URL paths for a browser, a unique pattern (identification number) can be assigned to the client. When the website is reloaded, the web server can reconstruct the identification number with the network requests sent by the client for the missing favicons and thus identify the browser.

Source: Researchers Say Favicons Can Track You Across the Web

Metalenz Wants to Jump-Start Phone Cameras Again With Better Lenses

Posted on by

A new company called Metalenz, which emerges from stealth mode today, is looking to disrupt smartphone cameras with a single, flat lens system that utilizes a technology called optical metasurfaces. A camera built around this new lens tech can produce an image of the same if not better quality as traditional lenses, collect more light for brighter photos, and can even enable new forms of sensing in phones, all while taking up less space.

[…]

“The optics usually in smartphones nowadays consists of between four and seven lens elements,” says Oliver Schindelbeck, innovation manager at the optics manufacturer Zeiss, which is known for its high-quality lenses. “If you have a single lens element, just by physics you will have aberrations like distortion or dispersion in the image.”

More lenses allow manufacturers to compensate for irregularities like chromatic aberration (when colors appear on the fringes of an image) and lens distortion (when straight lines appear curved in a photo). However, stacking multiple lens elements on top of each other requires more vertical space inside the camera module.

[…]

Phone makers like Apple have increased the number of lens elements over time, and while some, like Samsung, are now folding optics to create “periscope” lenses for greater zoom capabilities, companies have generally stuck with the tried-and-true stacked lens element system.

[…]

Instead of using plastic and glass lens elements stacked over an image sensor, Metalenz’s design uses a single lens built on a glass wafer that is between 1×1 to 3×3 millimeter in size. Look very closely under a microscope and you’ll see nanostructures measuring one-thousandth the width of a human hair. Those nanostructures bend light rays in a way that corrects for many of the shortcomings of single-lens camera systems.

[…]

Light passes through these patterned nanostructures, which look like millions of circles with differing diameters at the microscopic level. “Much in the way that a curved lens speeds up and slows down light to bend it, each one of these allows us to do the same thing, so we can bend and shape light just by changing the diameters of these circles,” Devlin says.

[…]

nd the design doesn’t just conserve space. Devlin says a Metalenz camera can deliver more light back to the image sensor, allowing for brighter and sharper images than what you’d get with traditional lens elements.

Another benefit? The company has formed partnerships with two semiconductor leaders (that can currently produce a million Metalenz “chips” a day), meaning the optics are made in the same foundries that manufacture consumer and industrial devices—an important step in simplifying the supply chain.

New Forms of Sensing

Metalenz will go into mass production toward the end of the year. Its first application will be to serve as the lens system of a 3D sensor in a smartphone. (The company did not give the name of the phone maker.)

[…]

Source: Metalenz Wants to Jump-Start Phone Cameras Again With Better Lenses | WIRED

Quest for Hollywood Fame Splits Redditors at Heart of Market Frenzy

Posted on by

Late on Wednesday, a moderator of the popular Reddit message board WallStreetBets posted several screenshots on the chat app Discord. They showed that other moderators had quietly started talking among themselves about landing a movie deal.

“What’s our cut?” one of the moderators had asked in a Discord chat, according to the screenshots.

By Thursday morning, that quest for Hollywood riches had exploded into an ugly battle, giving a glimpse into the unruly nature of a suddenly famous Reddit community.

That was when the WallStreetBets moderators who were considering the film deal began booting out other moderators who had questioned them for secretly trying to profit from the forum’s success. Eventually, employees at Reddit weighed in to try to quell the unrest.

“Can you all discuss with me what is going on?” a Reddit employee with the screen name sodypop asked, according to screenshots of the conversation shared with The New York Times.

The WallStreetBets fight is the latest twist in the saga of an online army of investors who have roiled Wall Street over the past 10 days.

[…]

Over the last week, several top moderators, who have administrative control of the message board, met in a private chat room on Discord to discuss the business opportunities arising from their sudden fame.

One moderator said he was in touch with Ben Mezrich, an author of the book that became the movie “The Social Network,” who last week secured deals to write a book and help with a movie about the GameStop saga, according to screenshots from the forum shared with The Times.

“Oof we gotta go fast i think,” another moderator wrote back. “While the studios are competing.”

None of the six moderators The Times interviewed were willing to give their real names, but The Times verified the people were in control of the board’s moderator accounts.

The conversation heated up after Mr. Rogozinski announced that he had sold the rights to his own story to a movie studio this week. Mr. Rogozinski did not respond to requests for comment.

One longtime moderator of the group, known as zjz, saw the conversation and took issue. He posted images of the conversation in a broader chat room for all the moderators.

“We suddenly find out these formerly inactive moderators are trying to *literally* sell the story of how they built the subreddit and undermine us,” zjz wrote in an email to The Times.

In a post to WallStreetBets on Wednesday night, which was quickly removed, zjz also wrote: “We’ve been taken hostage by the top mods. They left for years and came back when they smelled money.”

That led to escalating recriminations and insults that soon went beyond a movie deal. Some began criticizing the top moderators for moves they had made to raise their profile, like creating a Twitter account and hiring a public relations representative. Some also made death threats.

Late Wednesday and early Thursday, the top moderators began removing lower-ranking moderators who were asking questions.

[…]

On Thursday afternoon, Reddit stepped in to remove the top WallStreetBets moderators. They put the moderators who had sided with zjz back in control, though zjz himself was not restored.

Mr. Cormier, who has been unemployed since March when he lost his job in a shop specializing in the game Magic the Gathering, said he was dismayed by the fighting on WallStreetBets.

[…]

Source: Quest for Hollywood Fame Splits Redditors at Heart of Market Frenzy – The New York Times

Scientists develop transparent wood that is stronger and lighter than glass

Posted on by

Researchers at the University of Maryland have turned ordinary sheets of wood into transparent material that is nearly as clear as glass, but stronger and with better insulating properties. It could become an energy efficient building material in the future.

Wood is made of two basic ingredients: cellulose, which are tiny fibres, and lignin, which bonds those fibres together to give it strength.

Tear a paper towel in half and look closely along the edge. You will see the little cellulose fibres sticking up. Lignin is a glue-like material that bonds the fibres together, a little like the plastic resin in fibreglass or carbon fibre. The lignin also contains molecules called chromophores, which give the wood its brown colour and prevent light from passing through.

Early attempts to make transparent wood involved removing the lignin, but this involved hazardous chemicals, high temperatures and a lot of time, making the product expensive and somewhat brittle. The new technique is so cheap and easy it could literally be done in a backyard.

Starting with planks of wood a metre long and one millimetre thick, the scientists simply brushed on a solution of hydrogen peroxide using an ordinary paint brush. When left in the sun, or under a UV lamp for an hour or so, the peroxide bleached out the brown chromophores but left the lignin intact, so the wood turned white.

Researchers demonstrated after brushing a coat of hydrogen peroxide on the opaque wood material, and exposing it to one hour of sunlight, it turns transparent. (Qinqin Xia, University of Maryland/Science Advances)

Next, they infused the wood with a tough transparent epoxy designed for marine use, which filled in the spaces and pores in the wood and then hardened. This made the white wood transparent.

You can see a similar effect by taking that same piece of paper towel, dip half of it in water and place it on a patterned surface. The white paper towel will become translucent with light passing through the water and cellulose fibres without being scattered by refraction.

The epoxy in the wood does an even better job, allowing 90 per cent of visible light to pass through. The result is a long piece of what looks like glass, with the strength and flexibility of wood.

A researcher holds up a square of transparent wood material against a green leaf. (USDA Forest Service)

As window material, it would be much more resistant to accidental breakage. The clear wood is lighter than glass, with better insulating properties, which is important because windows are a major source of heat loss in buildings. It also might take less energy to manufacture clear wood because there are no high temperatures involved.

Transparent wood could become an alternative to glass in energy efficient buildings, or perhaps coverings for solar panels in harsh environments. There could be no end of uses.

[…]

Source: Scientists develop transparent wood that is stronger and lighter than glass | CBC Radio

Terraria dev cancels Stadia port after Google disabled his email account for three weeks – Kafka has nothing on this

Posted on by

What do you do if Google disables your cloud life? Andrew Spinks, co-author of the Terraria game and president of Re-Logic Games, does not know either, but has declared Google “a liability” and cancelled the port of Terraria to its Stadia platform.Terraria, co-designed by Spinks, was first released for Windows in 2011 and has sold over 30 million copies across PC, consoles, and mobile devices, states a post on the official forums last year.The problems started, according to the official Twitter account, when Re-Logic Games received an email concerning its YouTube channel “saying there was a TOS [Terms of Service] violation but that it was likely accidental and as such, the account would receive no strikes.”Three days later, the entire Google account (YT, Gmail, all Google apps, even every purchase made over 15 years on Google Play Store) was disabled with no warning or recourse. This account links into many business functions and as such the impact to us is quite substantial,” said Re-Logic.The YouTube channel itself was not disabled, only the access to it.The complaint was spotted on Twitter by YouTube support, which provided a link to the standard Google Account Recovery process. “We have attempted this process twice and received an automated response declining our request,” said Re-Logic.That was late last month. Now it seems the problem is still not fixed. “My account has now been disabled for over 3 weeks. I still have no idea why, and after using every resource I have to get this resolved you have done nothing but given me the runaround,” said Spinks. “My phone has lost access to thousands of dollars of apps on Google Play. I had just bought LOTR 4K and can’t finish it. My Google Drive data is completely gone. I can’t access my YouTube channel. The worst of all is losing access to my gmail address of over 15 years.”I absolutely have not done anything to violate your terms of service, so I can take this no other way than you deciding to burn this bridge. Consider it burned. Terraria for Google Stadia is canceled. My company will no longer support any of your platforms moving forward. I will not be involved with a corporation that values their customers and partners so little. Doing business with you is a liability.”The incident would be unremarkable except that Spinks is not the first to complain of shoddy treatment in the one-sided relationship users have with tech giants and Google in particular. Users complain that it is challenging getting past automated responses, or equally uninformative responses from support, and that discovering and correcting the real reason for bans and blocks is challenging.

Source: Terraria dev cancels Stadia port after Google disabled his email account for three weeks • The Register

The Future Of Hydrogen Power… Is Paste?

Posted on by

We’ve been promised hydrogen-powered engines for some time now. One downside though is the need for hydrogen vehicles to have heavy high-pressure tanks. While a 700 bar tank and the accompanying fuel cell is acceptable for a city bus or a truck, it becomes problematic with smaller vehicles, especially ones such as scooters or even full-sized motorcycles. The Fraunhofer Institute wants to run smaller vehicles on magnesium hydride in a paste form that they call POWERPASTE.The idea is that the paste effectively stores hydrogen at normal temperature and pressure. At 250C, the paste decomposes and releases its hydrogen. While your motorcycle may seem hot when parked in the sun, it isn’t getting quite to 250C.Interestingly, the paste only provides half the available hydrogen. The rest is from water added start a reaction to release the hydrogen. Fraunhofer claims the energy density available is greater than that of a 700 bar tank in a conventional hydrogen system and ten times more than current battery technology.One thing that’s attractive is that the paste is easy to store and pump. A gas station, for example, could invest $20-30,000 and dispense the paste from a metal drum to meet low demand and then scale up as needed. A hydrogen pumping setup starts at about $1.2 million. Fraunhofer is building a pilot production plant that will produce about four tons of the material a year.

Source: The Future Of Hydrogen Power… Is Paste? | Hackaday