Daily Archives: March 1, 2025

Mozilla updates updated TOS for Firefox and is now more confusing but does not look private

Posted on by

On Wednesday we shared that we’re introducing a new Terms of Use (TOU) and Privacy Notice for Firefox. Since then, we’ve been listening to some of our community’s concerns with parts of the TOU, specifically about licensing. Our intent was just to be as clear as possible about how we make Firefox work, but in doing so we also created some confusion and concern. With that in mind, we’re updating the language to more clearly reflect the limited scope of how Mozilla interacts with user data.

Here’s what the new language will say:

You give Mozilla the rights necessary to operate Firefox. This includes processing your data as we describe in the Firefox Privacy Notice. It also includes a nonexclusive, royalty-free, worldwide license for the purpose of doing as you request with the content you input in Firefox. This does not give Mozilla any ownership in that content. 

In addition, we’ve removed the reference to the Acceptable Use Policy because it seems to be causing more confusion than clarity.

Privacy FAQ

We also updated our Privacy FAQ to better address legal minutia around terms like “sells.” While we’re not reverting the FAQ, we want to provide more detail about why we made the change in the first place.

TL;DR Mozilla doesn’t sell data about you (in the way that most people think about “selling data”), and we don’t buy data about you. We changed our language because some jurisdictions define “sell” more broadly than most people would usually understand that word. Firefox has built-in privacy and security features, plus options that let you fine-tune your data settings.

 

 

The reason we’ve stepped away from making blanket claims that “We never sell your data” is because, in some places, the LEGAL definition of “sale of data” is broad and evolving. As an example, the California Consumer Privacy Act (CCPA) defines “sale” as the “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by [a] business to another business or a third party” in exchange for “monetary” or “other valuable consideration.”

[…]

Source: An update on our Terms of Use

So this legal definition rhymes with what I would expect “sell” to mean. Don’t transfer my data to a third party – even better, don’t collect my data at all.

It’s a shame, as Firefox is my preferred browser, it’s not based on Google’s browser. So I am looking at the Zen browser and the Floorp browser now.

Microsoft begins turning off uBlock Origin and other extensions in Edge

Posted on by

If you use the uBlock Origin extension in Google Chrome or Edge, you should probably start looking for alternative browsers or extensions—either way. A few days ago, users noticed that Google had begun disabling uBlock Origin and other Manifest V2-based extensions as part of the migration to Manifest V3. Now, Microsoft Edge appears to be following suit.

The latest Edge Canary version started disabling Manifest V2-based extensions with the following message: “This extension is no longer supported. Microsoft Edge recommends that you remove it.” Although the browser turns off old extensions without asking, you can still make them work by clicking “Manage extension” and toggling it back (you will have to acknowledge another prompt).

uBlock Origin was turned off message in Edge

At this point, it is not entirely clear what is going on. Google started phasing out Manifest V2 extensions in June 2024, and it has a clear roadmap for the process. Microsoft’s documentation, however, still says “TBD,” so the exact dates are not known yet. This leads to some speculating about the situation being one of “unexpected changes” coming from Chromium. Either way, sooner or later, Microsoft will ditch MV2-based extensions, so get ready as we wait for Microsoft to shine some light on its plans.

Another thing worth noting is that the change does not appear to be affecting Edge’s stable release or Beta/Dev Channels. For now, only Canary versions disable uBlock Origin and other MV2 extensions, leaving users a way to toggle them back on.

[…]

Source: Microsoft begins turning off uBlock Origin and other extensions in Edge – Neowin

e-taste allows you to send flavours in VR

Posted on by

[…] This work reports a bio-integrated gustatory interface, “e-Taste,” to address the underrepresented chemical dimension in current VR/AR technologies. This system facilitates remote perception and replication of taste sensations through the coupling of physically separated sensors and actuators with wireless communication modules. By using chemicals representing five basic tastes

[…]

Gustation, an essential component of the human perceptual system, plays a key role in the overall sensory experience and flavor perception. However, the integration of gustation is currently limited or missing in most AR/VR experiences. […]

The actuator uses an EM minipump to deliver concentration-controlled tastant solutions into the oral cavity. Figure 2AOpens in image viewer shows schematic illustration of the EM actuator consisting of a microfluidic channel and a minipump that includes a polydimethylsiloxane (PDMS) liquid chamber, NdFeB permanent magnets, and a coil placed perpendicular to the magnet (32). The design details and fabrication process of the EM actuator are in figs. S2 and S3. The outlet of the liquid chamber connects to the refillable microfluidic channel embedded with tastant-infused gels (fig. S4). The equivalent circuit of the system appears on the right. A bipolar junction transistor (BJT) serves as an “on/off” switch through a pulse width modulation (PWM) base current received from an ESP32 chip microcontroller. The actuation system uses an NPN-type transistor (2N2222), within which electrons serve as the majority charge carriers.

[…]

Liquid flows through the channel during the “on” state and stops temporarily during the “off” state, allowing interaction with the hydrogels with tastants. Adjusting the duty cycle controls the time that the liquid takes to traverse the microfluidic channel, thereby regulating the concentrations of taste chemicals in the resulting solution. A larger interval time (t) between pulses corresponds to a longer period of the liquid contacting the gels, increasing the resulting concentration of tastants in the delivered solutions

[…]

the variations in concentrations of five taste-related chemicals (H+, Mg2+, Na+, glucose, and glutamate) in the resulting solutions

[…]

Field testing involves healthy, consenting volunteers instrumented with devices to examine the human perception dimension of the e-Taste system within envisioned application scenarios in the real world. In the first case, assisted by the e-Taste system, it becomes feasible for individuals to share the taste experience of food remotely (Fig. 5AOpens in image viewer). Figure 5BOpens in image viewer illustrates an example of transmitting the taste of beverage: When a person immerses the sensor patch in a cup of lemonade near the Golden Gate Bridge (San Francisco, CA, USA), the system uploads the captured concentration data to the IoT platform. The actuator located at the campus of The Ohio State University (Columbus, OH, United States) subsequently downloads the data, guiding to replicate a liquid with the same taste profile. For the remote control and instruction, the entire duration includes the latency (0.3 and 1.4 s for the short- and long-range process, respectively; fig. S26), the sensor response time (~10 s), and an optional signal stabilization time after the response reaches the plateau.

[…]

The result confirms the high accuracy of the system in replicating taste sensations, effectively mimicking the sourness levels encountered in real-world scenarios.[…] demonstrates an accuracy rate of 70%, indicating that testers can distinguish different sour intensities in the liquids generated by the system. Increasing the training time and providing customized concentration categorization based on individual differences could potentially enhance the accuracy for future applications.

[…]

During the mixed taste recognition test, subjects interact with a multichannel e-Taste system in a “digital cup” geometry (movie S4). The experiment uses five food options: lemonade, cake, fried egg, fish soup, and coffee.

[…]

the recognition outcomes when users taste replicated solutions (sample size: 6, accuracy: 86.7%)

[…]

 

Source: A sensor-actuator–coupled gustatory interface chemically connecting virtual and real environments for remote tasting | Science Advances

Payday from hell as several Brit banks report major outages

Posted on by

The UK is full of unhappy workers that are unable to manage their payday cash amid online service outages at a host of major banks.

Downdetector indicates trouble at Lloyds Bank, Halifax, TSB, Nationwide, First Direct, Bank of Scotland, and Barclays, although the latter’s woes appear to have been resolved since the surge of complaints earlier today.

The same can’t be said for the others, however, which all continue to report glitches via their service status pages.

Across the board, the outages seem to be related to web and mobile banking, with the root cause unclear.

[…]

Unlike the other banks whose customers can’t access their online banking platforms, those who use Nationwide can still access their accounts and move money around seamlessly, provided the money is going into other Nationwide accounts under their control.

All affected customers are still able to use their debit and credit cards at ATMs and in shops.

The Financial Conduct Authority (FCA), the UK’s finance regulator, published a post-CrowdStrike report in October, saying it noticed an upward trend of third-party related outages hitting UK banks since the beginning of 2023.

[…]

Today’s outage comes weeks after Barclays suffered a weekend-long service wobble, that reportedly left at least one customer homeless as a result.

Source: Payday from hell as several Brit banks report major outages • The Register

Citigroup erroneously credited client account with $81tn in ‘near miss’ due to really atrocious UI

Posted on by
Citigroup credited a client’s account with $81tn when it meant to send only $280, an error that could hinder the bank’s attempt to persuade regulators that it has fixed long-standing operational issues.
The erroneous internal transfer, which occurred last April and has not been previously reported, was missed by both a payments employee and a second official assigned to check the transaction before it was approved to be processed at the start of business the following day.
A third employee detected a problem with the bank’s account balances, catching the payment 90 minutes after it was posted. The payment was reversed several hours later, according to an internal account of the event seen by the Financial Times and two people familiar with the event.
No funds left Citi, which disclosed the “near miss” to the Federal Reserve and Office of the Comptroller of the Currency, according to another person with knowledge of the matter.
[…]
A total of 10 near misses — incidents when a bank processes the wrong amount but is ultimately able to recover the funds — of $1bn or greater occurred at Citi last year, according to an internal report seen by the FT. The figure was down slightly from 13 the previous year. Citi declined to comment on this broader set of events.
Near misses do not need to be reported to regulators, meaning there is no comprehensive public data on how often these incidents occur across the sector. Several former regulators and bank risk managers said near misses of greater than $1bn were unusual across the US bank industry.
The series of near misses at Citi highlights how the Wall Street bank is struggling to repair its operational troubles nearly five years after it mistakenly sent $900mn to creditors engaged in a contentious battle over the debt of cosmetics group Revlon.
Citi’s mistaken Revlon payout led to the ousting of then-chief executive Michael Corbat, big fines and the imposition of regulatory consent orders requiring it to fix the issues.
[…]
Citi’s $81tn near miss in April was due to an input error and a back-up system with a cumbersome user interface, according to people familiar with the incident.
[…]
Citi’s technology team instructed the payments processing employee to manually input the transactions into a rarely used back-up screen. One quirk of the program was that the amount field came pre-populated with 15 zeros, which the person inputting a transaction needed to delete, something that did not happen.

Source: Citigroup erroneously credited client account with $81tn in ‘near miss’

Ultrathin films are revolutionizing electrical conductivity

Posted on by

What if your electronic devices could adapt on the fly to temperature, pressure, or impact? Thanks to a new breakthrough in downsizing quantum materials, that idea is becoming a reality.

In an article published this month in Applied Physics Express, a multi-institutional research team led by Osaka University announced that they have successfully synthesized an ultrathin vanadium dioxide film on a flexible substrate, in a way that preserves the film’s electrical properties.

Vanadium dioxide is well known in the scientific community for its ability to transition between conductor and insulator phases at nearly room temperature. This phase transition underpins smart and adaptable electronics that can adjust to their environment in real time. But there is a limit to how thin vanadium dioxide films can be, because making a material too small affects its ability to conduct or insulate electricity.

“Ordinarily, when a film is placed on a hard substrate, strong surface forces interfere with the atomic structure of the film and degrade its conductive properties,” explains Boyuan Yu, lead author of the study.

To overcome this limitation, the team prepared their films on two-dimensional hexagonal boron nitride (hBN) crystals; hBN is a highly stable soft material that does not have strong bonds with oxides and thus does not excessively strain the film or spoil its delicate structure.

“The results are truly surprising,” says Hidekazu Tanaka, senior author. “We find that by using this soft substrate, the material structure is very nearly unaffected.”

By performing precise spectroscopy measurements, the team was able to confirm that the phase transition temperature of their vanadium dioxide layers remained essentially unchanged, even at thicknesses as thin as 12 nm.

“This discovery significantly improves our ability to manipulate quantum materials in practical ways,” says Yu. “We have gained a new level of control over the transition process, which means we can now tailor these materials to specific applications like sensors and flexible electronics.”

Given that quantum materials like vanadium dioxide play a crucial role in the design of microsensors and devices, this discovery could pave the way for functional and adaptable electronics that can be attached anywhere. The research team is currently working on such devices, as well as exploring ways to incorporate even thinner films and substrates.

Source: Powering the future — ultrathin films are revolutionizing electrical conductivity | ScienceDaily

Apple’s Find My exploit lets hackers track any Bluetooth device

Posted on by

As explained by the researchers in a blog post, they have essentially found a way to turn any device such as a phone or laptop into an AirTag “without the owner ever realizing it.” After that, hackers could remotely track the location of that device.

[…]

Although AirTag was designed to change its Bluetooth address based on a cryptographic key, the attackers developed a system that could quickly find keys for Bluetooth addresses. This was made possible by using “hundreds” of GPUs to find a key match. The exploit called “nRootTag” has a frightening success rate of 90% and doesn’t require “sophisticated administrator privilege escalation.”

In one of the experiments, the researchers were able to track the location of a computer with an accuracy of 10 feet, which allowed them to trace a bicycle moving through the city. In another experiment, they reconstructed a person’s flight path by tracking their game console.

“While it is scary if your smart lock is hacked, it becomes far more horrifying if the attacker also knows its location. With the attack method we introduced, the attacker can achieve this,” said one of the researchers.

Find My coming to South Korea

The researchers informed Apple about the exploit in July 2024 and recommended that the company update its Find My network to better verify Bluetooth devices. Although the company has publicly acknowledged the support of the George Mason team in discovering the exploit, Apple is yet to fix it (and hasn’t provided details of how it will do so). […] For now, they advise users to never allow unnecessary access to the device’s Bluetooth when requested by apps, and of course, always keep their device’s software updated.

Source: Apple’s Find My exploit lets hackers track any Bluetooth device

EA just released source code for a bunch of old Command and Conquer games, and added Steam Workshop support to some more

Posted on by

[…]EA’s announced that it’s releasing the source code for a bunch of old C&C games and—here’s the bit where I, as a man who enjoys modding but is also very lazy, gets excited—adding Steam Workshop support to a few more.

The games getting a source code release are Command & Conquer (Tiberian Dawn), Red Alert, C&C Renegade, and C&C Generals and Zero Hour. They’re being released under the GPL license, meaning folks can mix, match, and redistribute them to their hearts’ content without EA lawyers smashing down the door. You can find them all on EA’s Github page.

As for the Steam Workshop? That’s getting switched on for C&C Renegade, C&C Generals and Zero Hour, C&C 3 Tiberium Wars and Kane’s Wrath, and C&C 4 Tiberium Twilight (they can’t all be winners). EA’s also gone and “updated all the Mission Editor and World Builder tools so you can publish maps directly to the Steam Workshop.”

Plus, it’s putting out a modding support pack that “contains the source Xml, Schema, Script, Shader and Map files for all the games that use the SAGE engine.”

[…]

Source: EA just released source code for a bunch of old Command and Conquer games, and added Steam Workshop support to bangers like C&C 3: Tiberium Wars | PC Gamer