Daily Archives: January 11, 2022

White House invites tech firms to discuss open-source software security in January

Posted on by

White House National Security Advisor Jake Sullivan has invited major tech firms to discuss ways that the cybersecurity of open-source software can be improved, Bloomberg reported on Thursday.

According to Bloomberg, the tech firms include “major software companies and developers.” Cloud providers are also reportedly among the invited companies.

Anne Neuberger, deputy national security advisor for cyber and emerging technology, will reportedly host a one-day discussion in January with representatives of the invited tech companies. The discussion will involve “company officials responsible for open-source projects and security,” according to Reuters.

The White House’s invitation to tech companies comes a few weeks after the discovery of a critical vulnerability in Log4j, a widely used open-source tool. In a letter to the invited tech firms, Sullivan reportedly stated that the popularity of open-source software projects and the fact that they’re maintained by volunteers is a “combination that is a key national security concern, as we are experiencing with the Log4j vulnerability.”

[…]

Source: White House invites tech firms to discuss open-source software security in January – SiliconANGLE

A real problem is that due to rabid insistence by hard core FOSS advocates who are usually tenured at a university and thus have a good salary, Open source maintainers are not really allowed to make any money, whilst uptake and complexity of their software has grown massively, making it an uphill slog maintaining the software for no renumeration whatsoever.

Google and Facebook Fined Big in Russia for Failing to Remove Banned Content – imprisonment threats follow forcing local data storage

Posted on by

A Russian court fined Alphabet Inc.’s Google 7.2 billion rubles ($98 million) and Meta Platforms Inc. 2 billion rubles Friday for failing to remove banned content, the largest such penalties yet, as the authorities escalate a crackdown on foreign technology companies.

The fines were due to the companies’ repeated failure to comply with orders to take down content and based on a percentage of their annual earnings in Russia, the federal communications watchdog said in a statement. Google and Meta could face more fines if they don’t remove the material, it said.

[…]

The government is also pushing tech companies to comply with its increasingly strict laws on localizing data storage. This year, Google and Apple Inc. removed a protest-voting app from their Russian stores during parliamentary elections after the authorities threatened to imprison their local staff.

Until the latest rulings, however, fines for failure to remove content were generally insignificant. In September, Russia’s federal communications watchdog said companies that did not delete content could face fines of 5% to 20% of their annual local revenue.

Google earned revenues in Russia of about 85 billion rubles in 2020, according to the Spark-Interfax database.

“For some reason, the company fulfills decisions of American and European courts unquestioningly,” Anton Gorelkin, a ruling party deputy in the lower house of parliament who sits on the Information Policy committee, wrote on Telegram after the Google ruling was announced Friday. “If the turnover fine doesn’t bring Google to its senses, I’m afraid that some very unpleasant measures will be taken.”

[…]

Source: Google in Russia Fined $98 Million for Failing to Remove Banned Content – Bloomberg

EXCLUSIVE Dutch watchdog finds Apple app store payment rules anti-competitive – sources

Posted on by

The Dutch antitrust authority has found that Apple’s rules requiring software developers to use its in-app payment system are anti-competitive and ordered it to make changes, four people familiar with the matter said, in the latest regulatory setback for the iPhone maker.

Apple’s app-store payment policies, in particular its requirement that app developers exclusively use its payment system where commissions range between 15% and 30%, have long drawn complaints from developers.

[…]

The Netherlands’ Authority for Consumers and Markets (ACM) last month informed the U.S. technology giant of its decision, making it the first antitrust regulator to make a finding the company has abused market power in the app store, though Apple is facing challenges in multiple countries.

ACM has not levied a fine against Apple, but demanded changes to the in-app payment system, the people said. The decision has not been seen by Reuters.

An ACM spokesperson declined to comment, saying that the matter is currently under legal review. The regulator has previously said it expects to publish its decision this year.

[…]

Source: EXCLUSIVE Dutch watchdog finds Apple app store payment rules anti-competitive – sources | Reuters

LG’s Next-Gen OLED EX Tech Promises Major Improvements

Posted on by

[…]

OLED EX (the EX stands for Evolution and eXperience, unfortunately) promises to boost maximum brightness, enhance picture quality, and allow for smaller display bezels. The underlying technology—millions of individual self-lit pixels—hasn’t changed, but the use of an isotope called deuterium combined with algorithmic image processing can increase brightness by up to 30% over conventional OLED displays, LG claims.

As boring as that may sound, the science behind it is actually pretty fascinating. LG found a way to extract deuterium, a rather scarce isotope (there is one deuterium atom in 6,000 hydrogen atoms) that’s twice as heavy as hydrogen from water, then applied it to its TV’s OLED elements. LG says stabilized deuterium compounds let the display emit brighter light while improving efficiency over time.

Moving to the second change, LG is using a “personalized” machine learning algorithm that predicts the usage of each light-emitting diode (on up to 8K TVs) based on your viewing habits, then “precisely controls the display’s energy input to more accurately express the details and colors of the video content being played.”

Source: LG’s Next-Gen OLED Tech Promises Major Improvements

T-Mobile Has Suffered Yet Another Data Breach

Posted on by

The news comes via internal documents shared with The T-Mo Report, embedded below. They state that there was “unauthorized activity” on some customer accounts. That activity was either the viewing of customer proprietary network information (CPNI), an active SIM swap by a malicious actor, or both.

This comes just on the heels of a previous breach back in August. This time around, though, the damage appears to be much less severe. It seems only a small subset of customers are affected. There is no further detail about what exactly happened, with the documents simply saying that some info was leaked.

Affected customers fall into one of three categories. First, a customer may have only been affected by a leak of their CPNI. This information may include the billing account name, phone numbers, number of lines on the account, account numbers, and rate plan info. That’s not great, but it’s much less of an impact than the breach back in August had, which leaked customer social security numbers.

The second category an affected customer might fall into is having their SIM swapped. This is where a malicious actor will change the physical SIM card associated with a phone number in order to obtain control of said number. This can, and often does, lead to the victim’s other online accounts being accessed via two-factor authentication codes sent to their phone number. The document says that customers affected by a SIM swap have now had that action reversed.

The final category is simply both of the other two. Affected customers could have had both their private CPNI viewed as well as their SIM card swapped.

[…]

Source: [Update: T-Mobile Statement] Exclusive: T-Mobile Has Suffered Yet Another Data Breach

Airbnb Hides Guest First Names in Oregon to Stop Discrimination

Posted on by

[…] Beginning on Jan. 31, hosts will only see the initials of guests’ first names until they confirm a booking request, Airbnb announced in a December news announcement spotted by the Verge. After a host confirms the booking, the guest’s full name will appear. The change to how names are displaced will be in place for at least two years.

“While we have made progress, we have much more to do and continue working with our Hosts and guests, and with civil rights leaders to make our community more inclusive,” Airbnb said.

In its announcement, the company said the update is consistent with the voluntary settlement agreement it reached with individuals in Oregon in 2019 “who raised concerns regarding the way guests’ names are displayed when they seek to book a listing.”

According to the Oregonian, in 2017 Portland resident Patricia Harrington filed a lawsuit against Airbnb. She claimed that because Airbnb requires guests to disclose their full name and include a photo, which hosts’ review before they accept a booking, the company was allowing hosts to discriminate against Black guests. This constituted a violation of Oregon’s public accommodation laws, she alleged.

Airbnb settled the lawsuit, which included two more Black women in Oregon, in 2019. By that time, Harrington had died.

The lawsuit’s claims weren’t wrong. Black guests have been sounding the alarm about discrimination on the platform for years and even created a hashtag: #AirbnbWhileBlack. In 2016, a Harvard Business School study even found that requests from guests with African American names were roughly 16% less likely to be accepted by hosts than identical guests with distinctively white names.

[…]

“Given that the impact of this change is unknown, the implementation will be limited,” Airbnb spokesperson Liz DeBold Fusco said in an email. “We will evaluate the impact of this change to understand if there are learnings from this work that can inform future efforts to fight bias.”

[…]

Source: Airbnb Hides Guest First Names in Oregon to Stop Discrimination

Roblox and many other huge tech businesses Save Millions Taking Advantage Of A Massive Tax Dodge

Posted on by

Game-making platform and fledgling metaverse Roblox made the news yesterday as the focus of a New York Times report about a ‘90s era tax cut that’s spun out of control. Originally created to foster investment in small businesses, the Qualified Small Business Stock, or Q.S.B.S., exemption has transformed into a way for ultra-wealthy businesses to avoid paying taxes on huge amounts of profits.

I’d say it seemed like a good idea at the time, but it really wasn’t. Launched in 1993, the Qualified Small Business Stock exemption was presented as a means to get more people investing in start-ups by shielding some of a company’s profits from taxation. Originally the exemption meant an investor would be shielded from paying taxes on half of profits up to 10 million dollars, but that was eventually changed to exempt the entire 10 million

[…]

the U.S. tax system for voting into being a loophole-laden exemption that would eventually be so abused that participating in it would be considered a right-of-passage for Silicon Valley’s ultra-wealthy. The problem with the Q.S.B.S. exemption is that it can be cloned. All it takes is gifting stock to friends and family. Though they haven’t invested in the company, they nevertheless still qualify for the exemption, so you can ensure that large chunks of money stay within close orbit of your control without needing to pay taxes on said cash.

According to financial reports and the New York Times’ sources, Roblox founder David Baszucki has been able to multiply the exemption 12 times over, gifting stock to his wife, his four children, and various other relatives. In the fall of 2020, months before Roblox went public, Baszucki’s mother-in-law started giving away shares to relatives. Since they were gifted, those shares also qualified for the exemption. In March of 2021, Roblox went public, valued at 45 billion.

While this all sounds horrible and super-cheaty, there’s nothing at all illegal about this practice. It has a name, stacking, but is also known as peanut-buttering

[…]

 

Source: Roblox Saves Millions Taking Advantage Of A Shocking Tax Dodge