Monthly Archives: November 2023

EU Commission’s nameless experts behind its “spy on all EU citizens” *cough* “child sexual abuse” law

Posted on by

The EU Ombudsman has found a case of maladministration in the European Commission’s refusal to provide the list of experts, which it first denied existing, with whom they worked together in drafting the regulation to detect and remove online child sexual abuse material.

Last December, the Irish Council for Civil Liberties (ICCL) filed complaints to the European Ombudsman against the European Commission for refusing to provide the list of external experts involved in drafting the regulation to detect and remove online child sexual abuse material (CSAM).

Consequently, the Ombudsman concluded that “the Commission’s failure to identify the list of experts as falling within the scope of the complainant’s public access request constitutes maladministration”.

The EU watchdog also slammed the Commission for not respecting the deadlines for handling access to document requests, delays that have become somewhat systematic.

The Commission told the Ombudsman inquiry team during a meeting that the requests by the ICCL “seemed to be requests to justify a political decision rather than requests for public access to a specific set of documents”.

The request was about getting access to the list of experts the Commission was in consultations with and who also participated in meetings with the EU Internet Forum, which took place in 2020, according to an impact assessment report dated 11 May 2022.

The main political groups of the EU Parliament reached an agreement on the draft law to prevent the dissemination of online child sexual abuse material (CSAM) on Tuesday (24 October).

The list of experts was of public interest because independent experts have stated on several occasions that detecting CSAM in private communications without violating encryption would be impossible.

The Commission, however, suggested otherwise in their previous texts, which has sparked controversy ever since the introduction of the file last year.

During the meetings, “academics, experts and companies were invited to share their perspectives on the matter as well as any documents that could be valuable for the discussion.”

Based on these discussions, and both oral and written inputs, an “outcome document” was produced, the Commission said.

According to a report about the meeting between the Commission and the Ombudsman, this “was the only document that was produced in relation to these workshops.”

The phantom list

While a list of participants does exist, it was not disclosed “for data protection and public security reasons, given the nature of the issues discussed”, the Commission said, according to the EU Ombudsman.

Besides security reasons, participants were also concerned about their public image, the Commission told the EU Ombudsman, adding that “disclosure could be exploited by malicious actors to circumvent detection mechanisms and moderation efforts by companies”.

Moreover, “revealing some of the strategies and tactics of companies, or specific technical approaches also carries a risk of informing offenders on ways to avoid detection”.

However, the existence of this list was at first denied by the Commission.

Kris Shrishak, senior fellow at the Irish Council for Civil Liberties, told Euractiv that the Commission had told him that no such list exists. However, later on, he was told by the EU Ombudsman that that was not correct since they found a list of experts.

The only reason the ICCL learned that there is a list is because of the Ombudsman, Shrishak emphasised.

Previously, the Commission said there were email exchanges about the meetings, which contained only the links to the online meetings.

“Following the meeting with the Ombudsman inquiry team, the Commission tried to retrieve these emails” but since they were more than two years old at the time, “they had already been deleted in line with the Commission’s retention policy” and were “not kept on file”.

Euractiv reached out to the European Commission for a comment but did not get a response by the time of publication.

Source: EU Commission’s nameless experts behind its child sexual abuse law – EURACTIV.com

This law is an absolute travesty – it’s talking about the poor children (how can we not protect them!) whilst being a wholesale surveillance law being put in by nameless faces and unelected officials.

See also: EU Trys to Implement Client-Side Scanning, death to encryption By Personalised Targeting of EU Residents With Misleading Ads

They basically want to spy on all electronic signals. All of them. Without a judge.

Researchers posed as foreign actors, and data brokers sold them information on military servicemembers anyway – for pennies

Posted on by

[…]

Researchers at Duke University released a study on Monday tracking what measures data brokers have in place to prevent unidentified or potentially malign actors from buying personal data on members of the military. As it turns out, the answer is often few to none — even when the purchaser is actively posing as a foreign agent.

A 2021 Duke study by the same lead researcher revealed that data brokers advertised that they had access to — and were more than happy to sell —information on US military personnel. In this more recent study researchers used wiped computers, VPNs, burner phones bought with cash and other means of identity obfuscation to go undercover. They scraped the websites of data brokers to see which were likely to have available data on servicemembers. Then they attempted to make those purchases, posing as two entities: datamarketresearch.org and dataanalytics.asia. With little-or-no vetting, several of the brokers transferred the requested data not only to the presumptively Chicago-based datamarketresearch, but also to the server of the .asia domain which was located in Singapore. The records only cost between 12 to 32 cents a piece.

The sensitive information included health records and financial information. Location data was also available, although the team at Duke decided not to purchase that — though it’s not clear if this was for financial or ethical reasons. “Access to this data could be used by foreign and malicious actors to target active-duty military personnel, veterans, and their families and acquaintances for profiling, blackmail, targeting with information campaigns, and more,” the report cautions. At an individual level, this could also include identity theft or fraud.

This gaping hole in our national security apparatus is due in large part to the absence of comprehensive federal regulations governing either individual data privacy, or much of the business practices engaged in by data brokers. Senators Elizabeth Warren, Bill Cassidy and Marco Rubio introduced the Protecting Military Service Members’ Data Act in 2022 to give power to the Federal Trade Commission to prevent data brokers from selling military personnel information to adversarial nations. They reintroduced the bill in March 2023 after it stalled out. Despite bipartisan support, it still hasn’t made it past the introduction phase.

Source: Researchers posed as foreign actors, and data brokers sold them information on military servicemembers anyway

YouTube cares less for your privacy than its revenues

Posted on by

YouTube wants its pound of flesh. Disable your ad blocker or pay for Premium, warns a new message being shown to an unsuspecting test audience, with the barely hidden subtext of “you freeloading scum.” Trouble is, its ad blocker detecting mechanism doesn’t exactly comply with EU law, say privacy activists. Ask for user permission or taste regulatory boot. All good clean fun.

Privacy advocate challenges YouTube’s ad blocking detection scripts under EU law

READ MORE

Only it isn’t. It’s profoundly depressing. The battleground between ad tech and ad blockers has been around so long that in the internet’s time span it’s practically medieval. In 2010, Ars Technica started blocking ad blockers; in under a day, the ad blocker blocker was itself blocked by the ad blockers. The editor then wrote an impassioned plea saying that ad blockers were killing online journalism. As the editor ruefully notes, people weren’t using blockers because they didn’t care about the good sites, it was because so much else of the internet was filled with ad tech horrors.

Nothing much has changed. If your search hit ends up with an “ERROR: Ad blocker detected. Disable it to access this content” then it’s browser back button and next hit down, all day, every day. It’s like running an app that asks you to disable your firewall; that app is never run again. Please disable my ad blocker? Sure, if you stop pushing turds through my digital letterbox.

The reason YouTube has been dabbling with its own “Unblock Or Eff Off” strategy instead of bringing down the universal banhammer is that it knows how much it will upset the balance of the ecosystem. That it’s had to pry deep enough into viewers’ browsers to trigger privacy laws shows just how delicate that balance is. It’s unstable because it’s built on bad ideas.

In that ecosystem of advertisers, content consumers, ad networks, and content distributors, ad blockers aren’t the disease, they’re the symptom. Trying to neutralize a symptom alone leaves the disease thriving while the host just gets sicker. In this case, the disease isn’t cynical freeloading by users, it’s the basic dishonesty of online advertising. It promises things to advertisers that it cannot deliver, while blocking better ways of working. It promises revenue to content providers while keeping them teetering on the brink of unviability, while maximizing its own returns. Google has revenues in the hundreds of billions of dollars, while publishers struggle to survive, and users have to wear a metaphorical hazmat suit to stay sane. None of this is healthy.

Content providers have to be paid. We get that. Advertising is a valid way of doing that. We get that too. Advertisers need to reach audiences. Of course they do. But like this? YouTube needs its free, ad-supported model, or it would just force Premium on everyone, but forcing people to watch adverts will not force them to pony up for what’s being advertised.

The pre-internet days saw advertising directly support publishers who knew how to attract the right audiences who would respond well to the right adverts. Buy a computer magazine and it would be full of adverts for computer stuff – much of which you’d actually want to look at. The publisher didn’t demand you have to see ads for butter or cars or some dodgy crypto. That model has gone away, which is why we need ad blockers.

YouTube’s business model is a microcosm of the bigger ad tech world, where it basically needs to spam millions to generate enough results for its advertisers. It cannot stomach ad blockers, but it can’t neutralize them technically or legally. So it should treat them like the cognitive firewalls they are. If YouTube developed ways to control what and how adverts appeared back into the hands of its content providers and viewers, perhaps we’d tell our ad blockers to leave YouTube alone – punch that hole through the firewall for the service you trust. We’d get to keep blocking things that needed to be blocked, content makers could build their revenues by making better content, and advertisers would get a much better return on their ad spend.

Of course, this wouldn’t provide the revenues to YouTube or the ad tech business obtainable by being spammy counterfeits of responsible companies with a lock on the market. That a harmful business model makes a shipload of money does not make it good, in fact quite the reverse.

So, to YouTube we say: you appear to be using a bad lock-in. Disable it, or pay the price

Source: YouTube cares less for your privacy than its revenues • The Register

In a surprising finding, light can make water evaporate without heat

Posted on by

[…]

In recent years, some researchers have been puzzled upon finding that water in their experiments, which was held in a sponge-like material known as a hydrogel, was evaporating at a higher rate than could be explained by the amount of heat, or thermal energy, that the water was receiving. And the excess has been significant — a doubling, or even a tripling or more, of the theoretical maximum rate.

After carrying out a series of new experiments and simulations, and reexamining some of the results from various groups that claimed to have exceeded the thermal limit, a team of researchers at MIT has reached a startling conclusion: Under certain conditions, at the interface where water meets air, light can directly bring about evaporation without the need for heat, and it actually does so even more efficiently than heat. In these experiments, the water was held in a hydrogel material, but the researchers suggest that the phenomenon may occur under other conditions as well.

The findings are published this week in a paper in PNAS, by MIT postdoc Yaodong Tu, professor of mechanical engineering Gang Chen, and four others.

[…]

The new findings come as a surprise because water itself does not absorb light to any significant degree. That’s why you can see clearly through many feet of clean water to the surface below. So, when the team initially began exploring the process of solar evaporation for desalination, they first put particles of a black, light-absorbing material in a container of water to help convert the sunlight to heat.

Then, the team came across the work of another group that had achieved an evaporation rate double the thermal limit — which is the highest possible amount of evaporation that can take place for a given input of heat, based on basic physical principles such as the conservation of energy. It was in these experiments that the water was bound up in a hydrogel. Although they were initially skeptical, Chen and Tu starting their own experiments with hydrogels, including a piece of the material from the other group. “We tested it under our solar simulator, and it worked,” confirming the unusually high evaporation rate, Chen says. “So, we believed them now.” Chen and Tu then began making and testing their own hydrogels.

[…]

The researchers subjected the water surface to different colors of light in sequence and measured the evaporation rate. They did this by placing a container of water-laden hydrogel on a scale and directly measuring the amount of mass lost to evaporation, as well as monitoring the temperature above the hydrogel surface. The lights were shielded to prevent them from introducing extra heat. The researchers found that the effect varied with color and peaked at a particular wavelength of green light. Such a color dependence has no relation to heat, and so supports the idea that it is the light itself that is causing at least some of the evaporation.

 

Animation shows evaporating by white condensation on glass under green light.
The puffs of white condensation on glass is water being evaporated from a hydrogel using green light, without heat.

Image: Courtesy of the researchers

 

The researchers tried to duplicate the observed evaporation rate with the same setup but using electricity to heat the material, and no light. Even though the thermal input was the same as in the other test, the amount of water that evaporated never exceeded the thermal limit. However, it did so when the simulated sunlight was on, confirming that light was the cause of the extra evaporation.

Though water itself does not absorb much light, and neither does the hydrogel material itself, when the two combine they become strong absorbers, Chen says. That allows the material to harness the energy of the solar photons efficiently and exceed the thermal limit, without the need for any dark dyes for absorption.

Having discovered this effect, which they have dubbed the photomolecular effect, the researchers are now working on how to apply it to real-world needs.

[…]

 

Source: In a surprising finding, light can make water evaporate without heat | MIT News | Massachusetts Institute of Technology

Amazon and Meta to stop using rivals marketplace data to undercut their products.

Posted on by

Amazon and Meta have agreed to not use data collected from their marketplaces to unfairly benefit themselves, the UK’s Competition and Markets Authority announced on Friday.

The monopoly watchdog launched separate investigations into both internet giants’ business practices, and accused the Big Tech duo of not only gathering up information about sellers using their respective online souks, they also – surprise, surprise – exploited that info to get a commercial advantage.

In Amazon’s case, the e-commerce giant used vendors’ sales figures to decide which items it should sell, and how much to price products to get an edge over everyone else. The internet behemoth also promoted its own products with its Buy Box feature and it further cut into retailers’ margins by charging extra costs if they wanted to use Amazon’s Prime delivery services, the CMA said.

Now Amazon has committed to doing less of that. The CMA said the online souk will be prevented from using third-party seller data that gives it an unfair commercial advantage, and will allow rivals to negotiate rates with independent delivery contractors working on behalf of Amazon.

[…]

Source: Amazon and Meta to stop using third-party data from rivals • The Register

Who would have thought that if the owner and cashier of the marketplace is allowed to sell on there they would use their information dominance to choose which products to sell and then undercut the  other vendors on the marketplace?!

Unredacted documents in the FTC’s Amazon lawsuit shed light on the company’s secret price-gouging algorithm

Posted on by

It looks like Amazon is hellbent on keeping its spot as the biggest online retailer — even if that means hurting both sellers and customers. In September, the FTC filed a long-expected antitrust lawsuit against Amazon over its alleged use of illegal strategies to stay on top. Details of the suit were previously withheld from the public, but today a mostly unredacted version was released, including details about Amazon’s secret pricing tool, known as Project Nessie. These algorithms helped Amazon increase prices by over $1 billion over two years, the FTC alleges.

[…]

According to the The Wall Street Journal, the internal documents cited in the original complaint show that Amazon executives were well aware of the effects of the company’s policies. In the documents, Amazon executives acknowledged that these policies, which included requiring Amazon sellers to have the lowest prices online or risk consequences, had a “punitive aspect.” One executive pointed out that many sellers “live in constant fear” of being penalized by Amazon for not following the ever-changing pricing policy.

The FTC also alleges that the company had been monitoring its sellers and punishing them if they offered lower prices on other platforms, which the agency says is a violation of antitrust laws. The unredacted documents indicate that Amazon has increased prices by over $1 billion between 2016 to 2018 with the use of secret price gouging algorithms known as Project Nessie. It was also revealed that the “take rate” — aka the amount Amazon makes from sellers who use the Fulfillment By Amazon logistics program — increased from 27.6 percent in 2014 to 39.5 percent in 2018. It’s unclear if that has changed in more recent years since those numbers remained redacted.

And Amazon isn’t just ruining its sellers’ experience. The complaint also revealed Amazon’s increased use of ads in search results. Several ad executives at the company acknowledged that these sponsored ads were often irrelevant to the initial search and caused “harm to consumers” and the overall experience on the site.

The FTC alleges that these policies were the brainchild of Jeff Bezos, Amazon’s founder and former chief executive, to increase the company’s profit margins.

“Mr. Bezos directly ordered his advertising team to continue to increase the number of advertisements on Amazon by allowing more irrelevant advertisements, because the revenue generated by advertisements eclipsed the revenue lost by degrading consumers’ shopping experience,” the FTC complaint alleges.

Source: Unredacted documents in the FTC’s Amazon lawsuit shed light on the company’s secret price-gouging algorithm

Library of Babel Online – all books ever written or ever to be written, all images ever created or ever to be created can be found here

Posted on by

The Library of Babel is a place for scholars to do research, for artists and writers to seek inspiration, for anyone with curiosity or a sense of humor to reflect on the weirdness of existence – in short, it’s just like any other library. If completed, it would contain every possible combination of 1,312,000 characters, including lower case letters, space, comma, and period. Thus, it would contain every book that ever has been written, and every book that ever could be – including every play, every song, every scientific paper, every legal decision, every constitution, every piece of scripture, and so on. At present it contains all possible pages of 3200 characters, about 104677 books.

Since I imagine the question will present itself in some visitors’ minds (a certain amount of distrust of the virtual is inevitable) I’ll head off any doubts: any text you find in any location of the library will be in the same place in perpetuity. We do not simply generate and store books as they are requested – in fact, the storage demands would make that impossible. Every possible permutation of letters is accessible at this very moment in one of the library’s books, only awaiting its discovery. We encourage those who find strange concatenations among the variations of letters to write about their discoveries in the forum, so future generations may benefit from their research.

Source: About the Library

Audi Will Make You Pay A Subscription For More Features You Already Bought Starting Next Year

Posted on by

Over the summer, BMW finally backed down on its heated seat subscription program from sheer public outrage and bad press. This response apparently hasn’t deterred its rival Audi, however, as the German car company plans to make more new software features paid options on its next generation of vehicles.

Pioneered on the E-Tron and E-Tron Sportback, Audi offers over-the-air features through its myAudi app, adding functions like automated parking or lock-unlock light animations. To borrow a term from the gaming world, they’re microtransactions writ large to milk more money from customers. It’s like horse armor but for your car. Audi’s board rep for technical development Oliver Hoffmann has told Autocar that more “on demand” features like these are on their way.

2024 Audi Q8 E-Tron

2024 Audi Q8 E-Tron. Audi

“With our next generation of electronic architecture, we will bring more offers to ‘function on demand’ and you will see year by year we will bring new functions in the cars,” Hoffman told the outlet, claiming it’s a response to customer demand. “This is a [big] step. I think there is a demand from the customer to bring new functions in the car, and this is a profit pool for us—but we don’t see these revenue pools with this kind of functionality.”

Hoffmann reportedly wouldn’t say which features are coming, but was adamant that paid, downloadable features will be “quite normal in the future.” Which features exactly may be previewed by Audi itself, which already paywalls some climate control functions in some markets.

[…]

However, owners themselves are pushing back, and in some cases have unlocked features for free by jailbreaking their cars.

Carmakers are clear that they won’t back down on paywalling new features, even though the vast majority of customers don’t want to pay for subscription services in their cars. But it’s hard to get blood from a stone, and when prices seem to leap with every passing month, something’s gonna give—and it might not be customers’ wallets.

Source: Audi Will Paywall More Software Features Starting Next Year

‘Super Melanin’ Speeds Healing, Stops Sunburn, and More

Posted on by

A team of scientists at Northwestern University has developed a synthetic version of melanin that could have a million and one uses. In new research, they showed that their melanin can prevent blistering and accelerate the healing process in tissue samples of freshly injured human skin. The team now plans to further develop their “super melanin” as both a medical treatment for certain skin injuries and as a potential sunscreen and anti-aging skincare product.

[…] Most people might recognize melanin as the main driver of our skin color, or as the reason why some people will tan when exposed to the sun’s harmful UV rays. But it’s a substance with many different functions across the animal kingdom. It’s the primary ingredient in the ink produced by squids; it’s used by certain microbes to evade a host’s immune system; and it helps create the iridescence of some butterflies. A version of melanin produced by our brain cells might even protect us from neurodegenerative conditions like Parkinson’s.

[…]

Their latest work was published Thursday in the Nature Journal npj Regenerative Medicine. In the study, they tested the melanin on both mice and donated human skin tissue samples that had been exposed to potentially harmful things (the skin samples were exposed to toxic chemicals, while the mice were exposed to chemicals and UV radiation). In both scenarios, the melanin reduced or even entirely prevented the damage to the top and underlying layers of skin that would have been expected. It seemed to do this mainly by vacuuming up the damaging free radicals generated in the skin by these exposures, which in turn reduced inflammation and generally sped up the healing process.

The team’s creation very closely resembles natural melanin, to the extent that it seems to be just as biodegradable and nontoxic to the skin as the latter (in experiments so far, it doesn’t appear to be absorbed into the body when applied topically, further reducing any potential safety risks). But the ability to apply as much of their melanin as needed means that it could help repair skin damage that might otherwise overwhelm our body’s natural supply. And their version has been tweaked to be more effective at its job than usual.

[…]

It could have military applications—one line of research is testing whether the melanin can be used as a protective dye in clothing that would absorb nerve gas and other environmental toxins.

[…]

On the clinical side, they’re planning to develop the synthetic melanin as a treatment for radiation burns and other skin injuries. And on the cosmetic side, they’d like to develop it as an ingredient for sunscreens and anti-aging skincare products.

[…]

all of those important mechanisms we’re seeing [from the clinical research] are the same things that you look for in an ideal profile of an anti-aging cream, if you will, or a cream that tries to repair the skin.”

[…]

Source: ‘Super Melanin’ Speeds Healing, Stops Sunburn, and More

World’s First Commercial Spaceplane Faces Crucial Test at NASA

Posted on by

Dream Chaser, built by Sierra Space, is being prepped for transport to a NASA facility in Ohio, where it will undergo a series of tests to make sure the spaceplane can survive its heated reentry through Earth’s atmosphere. Starting these tests is crucial, demonstrating Dream Chaser’s readiness for flights and potentially transforming commercial space travel.

Sierra Space is hoping to see its spaceplane fly to the International Space Station (ISS) in 2024 as part of a contract with NASA. The first commercial spaceplane is currently at the company’s facility in Louisville, Colorado, and will soon make the roughly 60 mile (96 kilometer) journey to the Neil Armstrong Test Facility in Sandusky, Ohio, local media outlet Denver 7 reported.

The Colorado-based company was awarded a NASA Commercial Resupply Services 2 (CRS-2) contract in 2016, under which it will provide at least seven uncrewed missions to deliver cargo to and from the ISS. Sierra Space is targeting 2024 for the inaugural flight of the first model of the Dream Chaser fleet spacecraft, named Tenacity, from the Kennedy Space Center in Florida.

[…]

Dream Chaser is designed to fly to low Earth orbit, carrying cargo and passengers on a smooth ride to pitstops such as the ISS. The spaceplane will launch from Earth atop a rocket, and is designed to survive atmospheric reentry and perform runway landings on the surface upon its return. Sierra Space’s Dream Chaser is designed with foldable wings that fully unfurl once the spaceplane is in flight, generating power through solar arrays. The spaceplane is also equipped with heat shield tiles to protect it from the high temperatures of atmospheric reentry.

Unlike Virgin Galactic’s suborbital spaceplane, Sierra Space designed Dream Chaser to reach orbit and stay there for six months. The U.S. Space Force has its own spaceplane, which wrapped up a mysterious two-and-a-half-year mission in low Earth orbit in November 2022.

[…]

For its debut flight, Tenacity will ride atop United Launch Alliance’s Vulcan Centaur rocket. The spaceplane is scheduled for the rocket’s second mission, although Vulcan is yet to fly for the first time due to several delays. The spaceplane is tentatively slated for an April launch, but that still depends on the rocket’s first test flight.

In the future, Sierra Space also wants to launch crewed Dream Chaser missions to its own space station, as opposed to the Orbital Reef space station, which it is designing in collaboration with Jeff Bezos’ Blue Origin—a relationship that appears to be in doubt.

Source: World’s First Commercial Spaceplane Faces Crucial Test at NASA

Brave rivals Bing and ChatGPT with new privacy-focused AI chatbot

Posted on by

Brave, the privacy-focused browser that automatically blocks unwanted ads and trackers, is rolling out Leo — a native AI assistant that the company claims provides “unparalleled privacy” compared to some other AI chatbot services. Following several months of testing, Leo is now available to use for free by all Brave desktop users running version 1.60 of the web browser. Leo is rolling out “in phases over the next few days” and will be available on Android and iOS “in the coming months.”

The core features of Leo aren’t too dissimilar from other AI chatbots like Bing Chat and Google Bard: it can translate, answer questions, summarize webpages, and generate new content. Brave says the benefits of Leo over those offerings are that it aligns with the company’s focus on privacy — conversations with the chatbot are not recorded or used to train AI models, and no login information is required to use it. As with other AI chatbots, however, Brave claims Leo’s outputs should be “treated with care for potential inaccuracies or errors.”

[…]

Source: Brave rivals Bing and ChatGPT with new privacy-focused AI chatbot – The Verge

Latest Baldur’s Gate 3 Patch Nerfs Sex Speedruns because… Americans?

Posted on by

For being a role-playing game based on 5e Dungeons & Dragons, Baldur’s Gate 3 is notoriously horny. Regardless of mythical race, gender, or social station, many of the game’s alluring party members are willing to at least spank you, and because of this, BG3 has a thriving and official sex speedrun category. For a time, there was little stopping you from watching a reality-bending interspecies cutscene within minutes of creating your custom character. But after developer Larian Studios issued its massive Patch #4 on November 2, Sex% speedruns are in jeopardy.

Githyanki warrior Lae’zel has so far been the premier choice for Sex%. Up until now, her requirements for getting naked were pretty low—speedrunners, like Mae, who currently holds the world record at one minute and 58 seconds to fuck, just needed to jack up her approval rating and seal the deal. But Patch #4 makes Lae’zel more selective with her partners.

“For Lae’zel to decide to romance you, you no longer only need to gain high enough approval from her,” Larian’s patch notes say. “You must also have proven yourself worthy through your actions.”

“Whereas bullying a tiefling used to be enough to get Lae’zel down horrendously for us,” Mae told me over email, “she now has new criteria that’s seemingly based on quest progression. We’re not entirely sure what all of the different ways we can fulfill that criteria are yet, but we’ve so far confirmed that resolving the druid grove questline in addition to the previous relationship requirements seems to do it.”

[…]

Source: Latest Baldur’s Gate 3 Patch Nerfs Sex Speedruns

YouTube’s Crackdown Spurs Record Uninstalls And Reinstalls in new Browser of Ad Blockers… Time to Change Video Site?

Posted on by

[…] Previously unreported figures from ad blocking companies indicate that YouTube’s crackdown is working, with hundreds of thousands of people uninstalling ad blockers in October. The available data suggests that last month saw a record number of ad blockers uninstalled—and also a record for new ad blocker installs as people sought alternatives that wouldn’t trigger YouTube’s dreaded pop-up.

[…]

Munich-based Ghostery experienced three to five times the typical daily number of both uninstalls and installs throughout much of October, Modras says, leaving usage about flat. Over 90 percent of users who completed a survey about their reason for uninstalling cited the tool failing on YouTube. So intent were users on finding a workable blocker that many appear to have tried Microsoft’s Edge, a web browser whose market share pales beside Chrome’s. Ghostery installations on Edge surged 30 percent last month compared to September. Microsoft declined to comment.

Screenshot of ad blocker notice on YouTube

YouTube uses escalating pop-up messages to demand that users stop using an ad blocker, eventually threatening to cut off access to videos.

Google via WIRED Staff

AdGuard, which says it has about 75 million users of its ad blocking tools including 4.5 million people who pay for them, normally sees around 6,000 uninstallations per day for its Chrome extension. From October 9 until the end of the month, those topped 11,000 per day, spiking to about 52,000 on October 18, says CTO Andrey Meshkov.

User complaints started flooding in at the 120-person, Cyprus-based company, about four every hour, at least half of them about YouTube. But as at Ghostery, installations also surged as others looked for relief, reaching about 60,000 installations on Chrome on October 18 and 27. Subscribers grew as people realized AdGuard’s paid tools remained unaffected by YouTube’s clampdown.

Another extension, AdLock, recorded about 30 percent more daily installations and uninstallations in October than in previous months, according to its product head.

[…]

Ad blocking executives say that user reports suggest YouTube’s attack on ad blockers has coincided with tests to increase the number of ads it shows. YouTube sold over $22 billion in ads through the first nine months of this year, up about 5 percent from the same period last year, accounting for about 10 percent of Google’s overall sales.

[…]

YouTube’s test has affected users accessing the website through Chrome on laptops and desktops, according to ad block developers. It doesn’t affect people using YouTube’s mobile or TV apps, using YouTube’s mobile site, or watching YouTube videos embedded on other sites. YouTube’s Lawton says warnings appear regardless of whether users are logged in to the service or using Incognito mode.

Further, the warnings seem to be triggered when YouTube detects certain open source filtering rules that many ad blockers use to identify ads, rather than by targeting any specific extensions, Ghostery’s Modras says. The technology deployed by YouTube mirrors code Google developed in 2017 for a program it calls Funding Choices that enables news and other websites to detect ad blockers, he adds.

The ad sleuths who figure out ways to detect ads and engineers skilled at blocking them are working hard to figure out how to evade YouTube’s blocker blockade, in private Slack groups and discussion on GitHub projects. But progress has been hampered because YouTube isn’t ensnaring every user in its dragnet. Relatively few of the developers have been able to trigger the warning themselves—perhaps the world’s only ad block users who cheer when YouTube finally catches them.

[…]

Some ad blockers are already adapting. Hankuper, the Slovakian company behind lesser known blocker AdLock, released a new version for Windows this week that it believes goes unnoticed by YouTube. If users find that to be true, it will push the fix to versions for macOS, Android, and iOS, says Kostiantyn Shebanov, Hankuper’s product head and business development manager.

Ghostery’s Modras worries about the consequences of Google escalating the war on blockers. Users losing anti-tracking features as they disable the tools could fall prey to online hazards, and the more complex blocking tactics companies like his are being forced to introduce could lead to unintended security holes. “The more powerful they have to become to deal with challenges, the more risk is involved,” he says.

There could also be legal repercussions. Modras says that when a publisher takes steps to thwart an adblocker, it’s illegal for developers to try to circumvent those measures in Europe. But he believes it is permissible to block ads if a blocker does so before triggering a warning.

[…]

Source: YouTube’s Crackdown Spurs Record Uninstalls of Ad Blockers | WIRED

It doesn’t help much that Google is essentially deploying spyware to figure out which browsers to block. And it’s apparently very very targetted spyware too.

Source: Privacy advocate challenges YouTube’s ad blocking detection (which isn’t spyware)

Note: uBlock Origin extension works to block ads. It’s a browser extension you should be using anyway. You can also install a browser like Brave or Firefox (whichever one you are not using at the moment) and use that to only watch YouTube on. Brave will help block a lot of ads.

EU Parliament Fails To Understand That The Right To Read Is The Right To Train. Understands the copyright lobby has money though.

Posted on by

Walled Culture recently wrote about an unrealistic French legislative proposal that would require the listing of all the authors of material used for training generative AI systems. Unfortunately, the European Parliament has inserted a similarly impossible idea in its text for the upcoming Artificial Intelligence (AI) Act. The DisCo blog explains that MEPs added new copyright requirements to the Commission’s original proposal:

These requirements would oblige AI developers to disclose a summary of all copyrighted material used to train their AI systems. Burdensome and impractical are the right words to describe the proposed rules.

In some cases it would basically come down to providing a summary of half the internet.

Leaving aside the impossibly large volume of material that might need to be summarized, another issue is that it is by no means clear when something is under copyright, making compliance even more infeasible. In any case, as the DisCo post rightly points out, the EU Copyright Directive already provides a legal framework that addresses the issue of training AI systems:

The existing European copyright rules are very simple: developers can copy and analyse vast quantities of data from the internet, as long as the data is publicly available and rights holders do not object to this kind of use. So, rights holders already have the power to decide whether AI developers can use their content or not.

This is a classic case of the copyright industry always wanting more, no matter how much it gets. When the EU Copyright Directive was under discussion, many argued that an EU-wide copyright exception for text and data mining (TDM) and AI in the form of machine learning would be hugely beneficial for the economy and society. But as usual, the copyright world insisted on its right to double dip, and to be paid again if copyright materials were used for mining or machine learning, even if a license had already been obtained to access the material.

As I wrote in a column five years ago, that’s ridiculous, because the right to read is the right to mine. Updated for our AI world, that can be rephrased as “the right to read is the right to train”. By failing to recognize that, the European Parliament has sabotaged its own AI Act. Its amendment to the text will make it far harder for AI companies to thrive in the EU, which will inevitably encourage them to set up shop elsewhere.

If the final text of the AI Act still has this requirement to provide a summary of all copyright material that is used for training, I predict that the EU will become a backwater for AI. That would be a huge loss for the region, because generative AI is widely expected to be one of the most dynamic and important new tech sectors. If that happens, backward-looking copyright dogma will once again have throttled a promising digital future, just as it has done so often in the recent past.

Source: EU Parliament Fails To Understand That The Right To Read Is The Right To Train | Techdirt

EU Trys to Implement Client-Side Scanning, death to encryption By Personalised Targeting of EU Residents With Misleading Ads

Posted on by

The EU Commission has been pushing client-side scanning for well over a year. This new intrusion into private communications has been pitched as perhaps the only way to prevent the sharing of child sexual abuse material (CSAM).

Mandates proposed by the EU government would have forced communication services to engage in client-side scanning of content. This would apply to every communication or service provider. But it would only negatively affect providers incapable of snooping on private communications because their services are encrypted.

Encryption — especially end-to-end encryption — protects the privacy and security of users. The EU’s pitch said protecting more than the children was paramount, even if it meant sacrificing the privacy and security of millions of EU residents.

Encrypted services would have been unable to comply with the mandate without stripping the client-side end from their end-to-end encryption. So, while it may have been referred to with the legislative euphemism “chat control” by EU lawmakers, the reality of the situation was that this bill — if passed intact — basically would have outlawed E2EE.

Fortunately, there was a lot of pushback. Some of it came from service providers who informed the EU they would no longer offer their services in EU member countries if they were required to undermine the security they provided for their users.

The more unexpected resistance came from EU member countries who similarly saw the gaping security hole this law would create and wanted nothing to do with it. On top of that, the EU government’s own lawyers told the Commission passing this law would mean violating other laws passed by this same governing body.

This pushback was greeted by increasingly nonsensical assertions by the bill’s supporters. In op-eds and public statements, backers insisted everyone else was wrong and/or didn’t care enough about the well-being of children to subject every user of any communication service to additional government surveillance.

That’s what happened on the front end of this push to create a client-side scanning mandate. On the back end, however, the EU government was trying to dupe people into supporting their own surveillance with misleading ads that targeted people most likely to believe any sacrifice of their own was worth making when children were on the (proverbial) line.

That’s the unsettling news being delivered to us by Vas Panagiotopoulos for Wired. A security researcher based in Amsterdam took a long look at apparently misleading ads that began appearing on Twitter as the EU government amped up its push to outlaw encryption.

Danny Mekić was digging into the EU’s “chat control” law when he began seeing disturbing ads on Twitter. These ads featured young women being (apparently) menaced by sinister men, backed by a similarly dark background and soundtrack. The ads displayed some supposed “facts” about the sexual abuse of children and ended with the notice that the ads had been paid for by the EU Commission.

The ads also cited survey results that supposedly said most European citizens supported client-side scanning of content and communications, apparently willing to sacrifice their own privacy and security for the common good.

But Mekić dug deeper and discovered the cited survey wasn’t on the level.

Following closer inspection, he discovered that these findings appeared biased and otherwise flawed. The survey results were gathered by misleading the participants, he claims, which in turn may have misled the recipients of the ads; the conclusion that EU citizens were fine with greater surveillance couldn’t be drawn from the survey, and the findings clashed with those of independent polls.

This discovery prompted Mekić to dig even deeper. What Mekić found was that the ads were very tightly targeted — so tightly targeted, in fact, that they could not have been deployed in this manner without violating European laws that are aimed to prevent exactly this sort of targeting, i.e. by using “sensitive data” like religious beliefs and political affiliations.

The ads were extremely targeted, meant to find people most likely to be swayed towards the EU Commission’s side, either because the targets never appeared to distrust their respective governments or because their governments had yet to tell the EU Commission to drop its proposed anti-encryption proposal.

Mekić found that the ads were meant to be seen by select targets, such as top ministry officials, while they were concealed from people interested in Julian Assange, Brexit, EU corruption, Eurosceptic politicians (Marine Le Pen, Nigel Farage, Viktor Orban, Giorgia Meloni), the German right-wing populist party AfD, and “anti-Christians.”

Mekić then found out that the ads, which have garnered at least 4 million views, were only displayed in seven EU countries: the Netherlands, Sweden, Belgium, Finland, Slovenia, Portugal, and the Czech Republic.

A document leaked earlier this year exposed which EU members were in favor of client-side scanning and its attendant encryption backdoors, as well as those who thought the proposed mandate was completely untenable.

The countries targeted by the EU Commission ad campaign are, for the most part, supportive of/indifferent to broken encryption, client-side scanning, and expanded surveillance powers. Slovenia (along with Spain, Cyprus, Lithuania, Croatia, and Hungary) were all firmly in favor of bringing an end to end-to-end encryption.

[…]

While we’re accustomed to politicians airing misleading ads during election runs, this is something different. This is the representative government of several nations deliberately targeting countries and residents it apparently thinks might be receptive to its skewed version of the facts, which comes in the form of the presentation of misleading survey results against a backdrop of heavily-implied menace. And that’s on top of seeming violations of privacy laws regarding targeted ads that this same government body created and ratified.

It’s a tacit admission EU proposal backers think they can’t win this thing on its merits. And they can’t. The EU Commission has finally ditched its anti-encryption mandates after months of backlash. For the moment, E2EE survives in Europe. But it’s definitely still under fire. The next exploitable tragedy will bring with it calls to reinstate this part of the “chat control” proposal. It will never go away because far too many governments believe their citizens are obligated to let these governments shoulder-surf whenever they deem it necessary. And about the only thing standing between citizens and that unceasing government desire is end-to-end encryption.

Source: EU Pitched Client-Side Scanning By Targeting Certain EU Residents With Misleading Ads | Techdirt

As soon as you read that legislation is ‘for the kids’ be very very wary – as it’s usually for something completely beyond that remit. And this kind of legislation is the installation of Big Brother on every single communications line you use.

YouTube is cracking down on ad blockers globally. Time to go to the next video site. Vimeo, are you listening?

Posted on by

YouTube is no longer preventing just a small subset of its userbase from accessing its videos if they have an ad blocker. The platform has gone all out in its fight against the use of add-ons, extensions and programs that prevent it from serving ads to viewers around the world, it confirmed to Engadget. “The use of ad blockers violate YouTube’s Terms of Service,” a spokesperson told us. “We’ve launched a global effort to urge viewers with ad blockers enabled to allow ads on YouTube or try YouTube Premium for an ad free experience. Ads support a diverse ecosystem of creators globally and allow billions to access their favorite content on YouTube.”

YouTube started cracking down on the use of ad blockers earlier this year. It initially showed pop-ups to users telling them that it’s against the website’s TOS, and then it put a timer on those notifications to make sure people read it. By June, it took on a more aggressive approach and warned viewers that they wouldn’t be able to play more than three videos unless they disable their ad blockers. That was a “small experiment” meant to urge users to enable ads or to try YouTube Premium, which the website has now expanded to its entire userbase. Some people can’t even play videos on Microsoft Edge and Firefox browsers even if they don’t have ad blockers, according to Android Police, but we weren’t able to replicate that behavior. [Note –  I was!]

People are unsurprisingly unhappy about the development and have taken to social networks like Reddit to air their grievances. If they don’t want to enable ads, after all, the only way they can watch videos with no interruptions is to pay for a YouTube Premium subscription. Indeed, the notification viewers get heavily promotes the subscription service. “Ads allow YouTube to stay free for billions of users worldwide,” it says. But with YouTube Premium, viewers can go ad-free, and “creators can still get paid from [their] subscription.”

[…]

Source: YouTube is cracking down on ad blockers globally

It doesn’t help YouTube much that the method they have of detecting your ad blocker basically comes down to using spyware. Source: Privacy advocate challenges YouTube’s ad blocking detection (which isn’t spyware)

Mass lawsuit against Apple over throttled and broken iPhone batteries can go ahead, London tribunal rules

Posted on by

Apple Inc (AAPL.O) on Wednesday lost a bid to block a mass London lawsuit worth up to $2 billion which accuses the tech giant of hiding defective batteries in millions of iPhones.

The lawsuit was brought by British consumer champion Justin Gutmann on behalf of around 24 million iPhone users in the United Kingdom.

Gutmann is seeking damages from Apple on their behalf of up to 1.6 billion pounds ($1.9 billion) plus interest, with the claim’s midpoint range being 853 million pounds.

His lawyers argued Apple concealed issues with batteries in certain phone models by “throttling” them with software updates and installed a power management tool which limited performance.

Apple, however, said the lawsuit was “baseless” and strongly denied batteries in iPhones were defective, apart from in a small number of iPhone 6s models for which it offered free battery replacements.

[…]

Source: Mass lawsuit against Apple over iPhone batteries can go ahead, London tribunal rules | Reuters

Black 4.0 Is The New Ultrablack paint

Posted on by

Vantablack is a special coating material, moreso than a paint. It’s well-known as one of the blackest possible coatings around, capable of absorbing almost all visible light in its nanotube complex structure. However, it’s complicated to apply, delicate, and not readily available, especially to those in the art world.

It was these drawbacks that led Stuart Semple to create his own incredibly black paint. Over the years, he’s refined the formula and improved its performance, steadily building a greater product available to all. His latest effort is Black 4.0, and it’s promising to be the black paint to dominate all others.

 

Back in Black

This journey began in a wonderfully spiteful fashion. Upon hearing that one Anish Kapoor had secured exclusive rights to be the sole artistic user of Vantablack, he determined that something had to be done. Seven years ago, he set out to create his own ultra black paint that would far outperform conventional black paints on the market. Since his first release, he’s been delivering black paints that suck in more light and just simply look blacker than anything else out there.

Black 4.0 has upped the ante to a new level. Speaking to Hackaday, Semple explained the performance of the new paint, being sold through his Culture Hustle website. “Black 4.0 absorbs an astonishing 99.95% of visible light which is about as close to full light absorption as you’ll ever get in a paint,” said Semple. He notes this outperforms Vantablack’s S-Vis spray on product which only achieves 99.8%, as did his previous Black 3.0 paint. Those numbers are impressive, and we’d dearly love to see the new paint put to the test against other options in the ultra black market.

It might sound like mere fractional percentages, but it makes a difference. In sample tests, the new paint is more capable of fun visual effects since it absorbs yet more light. Under indoor lighting conditions, an item coated in Black 4.0 can appear to have no surface texture at all, looking to be a near-featureless black hole. Place an object covered in Black 4.0 on a surface coated in the same, and it virtually disappears. All the usual reflections and shadows that help us understand 3D geometry simply get sucked into the overwhelming blackness.

Black 4.0 compared to a typical black acrylic art paint. Credit: Stuart Semple

Beyond its greater light absorption, the paint has also seen a usability upgrade over Semple’s past releases. For many use cases, a single coat is all that’s needed. “It feels much nicer to use, it’s much more stable, more durable, and obviously much blacker,” he says, adding “The 3.0 would occasionally separate and on rare occasions collect little salt crystals at the surface, that’s all gone now.”

The added performance comes down to a new formulation of the paint’s “super-base” resin, which carries the pigment and mattifying compounds that give the paint its rich, dreamy darkness. It’s seen a few ingredient substitutions compared to previous versions, but a process change also went a long way to creating an improved product. “The interesting thing is that although all that helped, it was the process we used to make the paint that gave us the breakthrough, the order we add things, the way we mix them, and the temperature,” Semple told Hackaday.

The ultra black paint has a way of making geometry disappear. Credit: Stuart Semple

Black 4.0 is more robust than previous iterations, but it’s still probably not up to a full-time life out in the elements, says Semple. You could certainly coat a car in it, for example, but it probably wouldn’t hold up in the long term. He’s particularly excited for applications in astronomy and photography, where the extremely black paint can help catch light leaks and improve the performance of telescopes and cameras. It’s also perfect for creating an ultra black photographic backdrop, too.

No special application methods are required; Black 4.0 can be brush painted just like its predecessors. Indeed, it absorbs so much light that you probably don’t need to worry as much about brush marks as you usually would. Other methods, like using rollers or airbrushes, are perfectly fine, too.

Creating such a high-performance black paint didn’t come without challenges, either. Along the way, Semple contended with canisters of paint exploding, legal threats from others in the market, and one of the main scientists leaving the project. Wrangling supplies of weird and wonderful ingredients was understandably difficult, too.  Nonetheless, he persevered, and has now managed to bring the first batches to market.

The first batches ship in November, so if you’re eager to get some of the dark stuff, you’d better move quick. It doesn’t come cheap, but you’re always going to pay more for something claiming to be the world’s best. If you’ve got big plans, fear not—this time out, Semple will sell the paint in huge bulk 1 liter and 6 liter containers if you really need a job lot. Have fun out there, and if you do something radical, you know who to tell about it.

Source: Black 4.0 Is The New Ultrablack | Hackaday

Posted in Art

Researchers devise method using mirrors to monitor nuclear stockpiles offsite

Posted on by

Researchers say they have developed a method to remotely track the movement of objects in a room using mirrors and radio waves, in the hope it could one day help monitor nuclear weapons stockpiles.

According to the non-profit org International Campaign to Abolish Nuclear Weapons, nine countries, including Russia, the United States, China, France, the United Kingdom, Pakistan, India, Israel and North Korea collectively own about 12,700 nuclear warheads.

Meanwhile, over 100 nations have signed the United Nations’ Treaty on the Prohibition of Nuclear Weapons, promising to not “develop, test, produce, acquire, possess, stockpile, use or threaten to use” the tools of mass destruction. Tracking signs of secret nuclear weapons development, or changes in existing warhead caches, can help governments identify entities breaking the rules.

A new technique devised by a team of researchers led by the Max Planck Institute for Security and Privacy (MPI-SP) aims to remotely monitor the removal of warheads stored in military bunkers. The scientists installed 20 adjustable mirrors and two antennae to monitor the movement of a blue barrel stored in a shipping container. One antenna emits radio waves that bounce off each mirror to create a unique reflection pattern detected by the other antenna.

The signals provide information on the location of objects in the room. Moving the objects or mirrors will produce a different reflection pattern. Experiments showed that the system was sensitive enough to detect whether the blue barrel had shifted by just a few millimetres. Now, the team reckons that it could be applied to monitor whether nuclear warheads have been removed from stockpiles.

At this point, readers may wonder why this tech is proposed for the job when CCTV, or Wi-Fi location, or any number of other observation techniques could do the same job.

The paper explains that the antenna-and-mirror technique doesn’t require secure communication channels or tamper-resistant sensor hardware. The paper’s authors argue it is also “robust against major physical and computational attacks.”

“Seventy percent of the world’s nuclear weapons are kept in storage for military reserve or awaiting dismantlement,” Sebastien Philippe, co-author of a research paper published in Nature Communications. Philippe is an associate research scholar at the School of Public and International Affairs at Princeton University, explained.

“The presence and number of such weapons at any given site cannot be verified easily via satellite imagery or other means that are unable to see into the storage vaults. Because of the difficulties to monitor them, these 9,000 nuclear weapons are not accounted for under existing nuclear arms control agreements. This new verification technology addresses this long-standing challenge and contributes to future diplomatic efforts that would seek to limit all nuclear weapon types,” he said in a statement.

In practice, officials from and organisation such as UN-led International Atomic Energy Agency, which promotes peaceful uses of nuclear energy, could install the system in a nuclear bunker and measure the radio waves reflecting off its mirrors. The unique fingerprint signal can then be stored in a database.

They could later ask the government controlling the nuclear stockpile to measure the radio wave signal recorded by its detector antenna and compare it to the initial result to check whether any warheads have been moved.

If both measurements are the same, the nuclear weapon stockpile has not been tampered with. But if they’re different, it shows something is afoot. The method is only effective if the initial radio fingerprint detailing the original configuration of the warheads is kept secret, however.

Unfortunately, it’s not quite foolproof, considering adversaries could technically use machine learning algorithms to predict how the positions of the mirrors generate the corresponding radio wave signal detected by the antenna.

“With 20 mirrors, it would take eight weeks for an attacker to decode the underlying mathematical function,” said Johannes Tobisch, co-author of the study and a researcher at the MPI-SP. “Because of the scalability of the system, it’s possible to increase the security factor even more.”

To prevent this, the researchers said that the verifier and prover should agree to send back a radio wave measurement within a short time frame, such as within a minute or so. “Beyond nuclear arms control verification, our inspection system could find application in the financial, information technology, energy, and art sectors,” they concluded in their paper.

“The ability to remotely and securely monitor activities and assets is likely to become more important in a world that is increasingly networked and where physical travel and on-site access may be unnecessary or even discouraged.”

Source: Researchers devise new method to monitor nuclear stockpiles • The Register