Internet Archive Sued for $700m by Record Labels about digitising songs pre 1960. Petition to rescue the Internet Archive

Posted on by

A dramatic appeal hopes to ensure the survival of the nonprofit Internet Archive. The signatories of a petition, which is now open for further signatures, are demanding that the US recording industry association RIAA and participating labels such as as Universal Music Group (UMG), Capitol Records, Sony Music, and Arista drop their lawsuit against the online library. The legal dispute, pending since mid-2023 and expanded in March, centers on the “Great 78” project. This project aims to save 500,000 song recordings by digitizing 250,000 records from the period 1880 to 1960. Various institutions and collectors have donated the records, which are made for 78 revolutions per minute (“shellac”), so that the Internet Archive can put this cultural treasure online.

The music companies originally demanded Ã…372 million for the online publication of the songs and the associated “mass theft .” They recently increased their demand to Ã…700 million for potential copyright infringement. The basis for the lawsuit is the Music Modernization Act, which US President Donald Trump approved in 2018. This includes the CLASSICS Act. This law retroactively introduces federal copyright protection for sound recordings made before 1972, which until the were protected in the US by different state laws. The monopoly rights now apply US-wide for a good 100 years (for recordings made before 1946) or until 2067 (for recordings made between 1947 and 1972).

Critical Internet infrastructure is at stake

The lawsuit ultimately threatens the existence of the entire Internet Archive , including the wavy-known Wayback Machine , they say. This important public service is used by millions of people every day to access historical “snapshots” from the web. Journalists, educators, researchers, lawyers, and citizens use it to verify sources, investigate disinformation, and maintain public accountability. The legal attack also puts a “critical infrastructure of the internet” at risk. And this at a time when digital information is being deleted, overwritten, and destroyed: “We cannot afford to lose the tools that preserve memory and defend facts.” The Internet Archive was forced to delete 500,000 books as recently as 2024. It also continually struggles with IT attacks .

The case is called Universal Music Group et al. v. Internet Archive. The lawsuit was originally filed in the U.S. District Court for the Southern District of New York (Case No. 1:23-cv-07133), but is now pending in the U.S. District Court for the Northern District of California (Case No. 3:23-cv-6522). The Internet Archive takes the position that the Great 78 project does not harm the music industry. Quite the opposite: Anyone who wants to enjoy music uses commercial streaming services anyway; the old 78 rpm shellac recordings are study material for researchers.

Source: Suit of record labels: Petition to rescue the Internet Archive | heise online (NB this is a Google Translate page from the original German page)

Original page here: https://www.heise.de/news/Klage-von-Plattenlabels-Petition-zur-Rettung-des-Internet-Archive-10358777.html

How can copyright law be so incredibly wrong all the time?!

Australian Radio station uses AI host for 6 months before anyone notices

Posted on by

I got an interesting tipoff the other day that Sydney radio station CADA is using an AI avatar instead of an actual radio host.

The story goes that their workdays presenter – a woman called Thy – actually doesn’t exist. She’s a character made using AI, and rolled out onto CADA’s website.

[…]

What is Thy’s last name? Who is she? Where did she come from? There is no biography, or further information about the woman who is supposedly presenting this show.

Compare that to the (recently resigned) breakfast presenter Sophie Nathan or the drive host K-Sera. Both their show pages include multi-paragraph biographies which include details about their careers and various accolades. They both have a couple of different photos taken during various press shoots.

But perhaps the strangest thing about Thy is that she appears to be a young woman in her 20s who has absolutely no social media presence. This is particularly unusual for someone who works in the media, where the size of your audience is proportionate to your bargaining power in the industry.

There are no photos or videos of Thy on CADA’s socials, either. It seems she was photographed just once and then promptly turned invisible.

[…]

I decided to listen back to previous shows, using the radio archiving tool Flashback. Thy hasn’t been on air for the last fortnight. Before then, the closest thing to a radio host can be found just before the top of the hour. A rather mechanical-sounding female voice announces what songs are coming up. This person does not give her name, and none of the sweepers announce her or the show.

I noticed that on two different days, Thy announced ‘old school’ songs. On the 25th it was “old school Beyonce”, and then on the 26th it was “old school David Guetta”. Across two different days, the intonation was, I thought, strikingly similar.

To illustrate the point, I isolated the voice, and layered them on to audio tracks. There is a bit of interference from the imperfectly-removed song playing underneath the voice, but the host sounds identical in both instances.

Despite all this evidence, there’s still is a slim chance that Thy is a person. She might be someone who doesn’t like social media and is a bit shy around the office. Or perhaps she’s a composite of a couple of real people: someone who recorded her voice to be synthesised, another who’s licensing her image.

[…]

Source: Meet Thy – the radio host I don’t think exists

[…] An ARN spokesperson said the company was exploring how new technology could enhance the listener experience.

“We’ve been trialling AI audio tools on CADA, using the voice of Thy, an ARN team member. This is a space being explored by broadcasters globally, and the trial has offered valuable insights.”

However, it has also “reinforced the power of real personalities in driving compelling content”, the spokesperson added.

The Australian Financial Review reported that Workdays with Thy has been broadcast on CADA since November, and was reported to have reached at least 72,000 people in last month’s ratings.

[….]

CADA isn’t the first radio station to use an AI-generated host. Two years ago, Australian digital radio company Disrupt Radio introduced its own AI newsreader, Debbie Disrupt.

Source: AI host: ARN radio station CADA called out for failing to disclose AI host

Now both of these articles go off the rails about using AI and saying that the radio station should have disclosed that they were using an AI. There is absolutely no legal obligation to disclose this and I think it’s pretty cool that AI is progressing to the point that this can be done. So now if you want to be a broadcaster yourself you can enforce your station vision 24/7 – which you could never possibly do on your own.

ElevenLabs — a generative AI audio platform that transforms text into speech

And write, apparently. Someone needed to produce the “script” that the AI host used, which may also have had some AI involvement I suppose, but ultimately this seems to be just a glorified text to speech engine trying to cash in on the AI bubble. Or maybe they took it to the next logical step and just feed it a playlist and it generates the necessary “filler” from that and what it can find online from a search of the artist and title, plus some randoms chit chat from a (possibly) curated list of relevant current affairs articles.

Frankly, if people couldn’t tell for six months, then whatever they are doing is clearly good enough and the smarter radio DJs are probably already thinking about looking for other work or adding more interactive content like interviews into their shows. Talk Show type presenters probably have a little longer, but it’s probably just a matter of time for them too.

Source: https://radio.slashdot.org/comments.pl?sid=23674797&cid=65329681

A Data Breach at Yale New Haven Health Compromised 5.5 Million Patients’ Information

Posted on by

[…]Yale New Haven Health (YNHHS), a massive nonprofit healthcare network in Connecticut. Hackers stole the data of more than 5.5 million individuals during an attack in March 2025.

[…]

According to a public notice on the YNHHS website, the organization discovered “unusual activity” on its system on March 8, 2025, which was later identified as unauthorized third-party access that allowed bad actors to copy certain patient data. While the information stolen varies by individual, it may include the following:

  • Name
  • Date of birth
  • Address
  • Phone number
  • Email address
  • Race
  • Ethnicity
  • Social Security number
  • Patient type
  • Medical record number

YNHHS says the breach did not include access to medical records, treatment information, or financial data (such as account and payment information).

[…]

Source: A Data Breach at Yale New Haven Health Compromised 5.5 Million Patients’ Information | Lifehacker

Wait – race and ethnicity?!

Perplexity CEO says its browser will track everything users do online to sell ‘hyper personalized’ ads

Posted on by

CEO Aravind Srinivas said this week on the TBPN podcast that one reason Perplexity is building its own browser is to collect data on everything users do outside of its own app. This so it can sell premium ads.

“That’s kind of one of the other reasons we wanted to build a browser, is we want to get data even outside the app to better understand you,” Srinivas said. “Because some of the prompts that people do in these AIs is purely work-related. It’s not like that’s personal.”

And work-related queries won’t help the AI company build an accurate-enough dossier.

“On the other hand, what are the things you’re buying; which hotels are you going [to]; which restaurants are you going to; what are you spending time browsing, tells us so much more about you,” he explained.

Srinivas believes that Perplexity’s browser users will be fine with such tracking because the ads should be more relevant to them.

“We plan to use all the context to build a better user profile and, maybe you know, through our discover feed we could show some ads there,” he said.

The browser, named Comet, suffered setbacks but is on track to be launched in May, Srinivas said.

He’s not wrong, of course. Quietly following users around the internet helped Google become the roughly $2 trillion market cap company it is today.

[…]

Meta’s ad tracking technology, Pixels, which is embedded on websites across the internet, is how Meta gathers data, even on people that don’t have Facebook or Instagram accounts. Even Apple, which has marketed itself as a privacy protector, can’t resist tracking users’ locations to sell advertising in some of its apps by default.

On the other hand, this kind of thing has led people across the political spectrum in the U.S. and in Europe to distrust big tech.

The irony of Srinivas openly explaining his browser-tracking ad-selling ambitions this week also can’t be overstated.

Google is currently in court fighting the U.S. Department of Justice, which has alleged Google behaved in monopolistic ways to dominate search and online advertising. The DOJ wants the judge to order Google to divest Chrome.

Both OpenAI and Perplexity — not surprisingly, given Srinivas’ reasons — said they would buy the Chrome browser business if Google was forced to sell.

Source: Perplexity CEO says its browser will track everything users do online to sell ‘hyper personalized’ ads | TechCrunch

Yup, so even if Mozilla is making Firefox more invasive, it’s still better than these guys.

Study finding persistent chemical in European wines raises doubts and concerns

Posted on by

A report by the Pesticides Action Network (PAN Europe) and other NGOs that uncovered high concentrations of a forever chemical in wines from across the EU – including organic – is sparking debate about the causes of contamination and restrictions on the substance. 

The report found some wines had trifluoroacetic acid (TFA) levels 100 times higher than the strictest threshold for drinking water in Europe.

TFA is part of the PFAS (per- and polyfluoroalkyl) family of substances used in many products, including pesticides, for their water-repellent properties. Extremely persistent in the environment, they are a known threat to human health.

“This is a wake-up call,” said Helmut Burtscher-Schaden, an environmental chemist at Global 2000, one of the NGOs behind the research. “TFA is a permanent chemical and will not go away.” 

The NGOs analysed 49 wines. Comparing modern wines with older vintages, the findings suggested no detectable residues in pre-1988 wines but a sharp increase since 2010.  

“For no other agricultural product are the harvests from past decades so readily available and well-preserved,” the study said.

PAN sees a correlation between rising levels of TFA in wine and the growing use PFAS-based pesticides.

Under the spotlight

Though nearly a quarter of Austria’s vineyards are cultivated with the organic method, Austrian bottles are over-represented in the list of contaminated wines, 18 out of 49, as the NGOs started testing from the country before expanding the reach of the research.

[… Winemakers complain about the study, who would have thought…]

In response, the European executive’s officials passed the buck to member states, noting they resisted the Commission’s proposal to quit renewing certain PFAS pesticides. An eventual agreement was reached on just two substances.

More could be done to limit PFAS chemicals at the national level under the current EU legislation, Commission representatives said.

Source: Study finding persistent chemical in European wines raises doubts and concerns – Euractiv

Spacetop AR is now an expensive Windows app instead of a useless screenless laptop

Posted on by

The Spacetop AR laptop made a splash when it debuted a few years ago with an intriguing pitch: What if you could have a notebook that works entirely through augmented reality glasses, without a built-in screen of its own? Unfortunately, we found the Spacetop experience to be underwhelming, and the hardware seemed like a tough sell for $1,900. Last Fall, Spacetop’s creator Sightful told CNET that it was abandoning the screen-less laptop altogether and instead focusing on building AR software for Windows PCs. Now, we have a clearer sense of what Sightful is up to.

Today, Sightful is officially launching Spacetop for Intel-powered Windows AI PCs, following a short trial launch from January. For $899 you get a pair of XREAL’s Air Ultra 2 glasses and a year of Spacetop’s software. Afterwards, you’ll have to pay $200 annually for a subscription. The software works just like the original Spacetop concept — it gives you a large 100-inch AR interface for doing all of your productivity work — except now you’re not stuck with the company’s middling keyboard and other hardware.

[…]

Spacetop doesn’t support Intel chips without NPUs, as its AR interface requires constant AI processing. It doesn’t work AMD or Qualcomm’s AI CPUs, either.

[…]

In a conversation with Engadget, Sightful CEO Tamir Berliner noted that the company might pay more attention to other chip platforms if it gets similar attention.

[…]

you’ll have to get used to wearing Xreal’s large Air 2 Ultra glasses. When we demoed it at CES, we found it to be an improvement over previous Xreal frames, thanks to their sharp 1080p micro-OLED displays and wider field of view. The Air 2 Ultra are also notable for having 6DoF tracking, which allows you to move around AR objects. While sleeker than the Vision Pro, the glasses are still pretty clunky, and you’ll also have to snap in additional prescription frames if necessary.

I’ll need to see this latest iteration of Spacetop in action before making any final judgments, but it’s clearly a more viable concept as an app that can work on a variety of laptops. Nobody wants to buy bespoke hardware like the old Spacetop laptop, no matter how good of a party trick it may be.

Source: Spacetop AR is now an expensive Windows app instead of a useless screenless laptop

This looks like an excellent idea and one which I would love to get if it wasn’t tied so much to hardware and $200 per year.

EC fines Meta, Apple €700M for DMA compliance failures

Posted on by

Meta and Apple have earned the dubious honor of being the first companies fined for non-compliance with the EU’s Digital Markets Act, which experts say could inflame tensions between US President Donald Trump and the European bloc.

Apple was penalised to the tune of €500 million ($570 million) for violating anti-steering rules and Meta by €200 million ($228 million) for its “consent or pay” ad model, the EU said in a press release.

The fines are a pittance for both firms, whose most recent quarterly earnings statements from January saw Apple report $36.33 billion in net income, and Meta $20.83 billion.

Apple’s penalty related to anti-steering violations – for which it’s already paid a €1.8 billion penalty to the EU – saw it found guilty of not allowing app developers to direct users outside Apple’s own in-app payment system for cheaper alternatives. The European Commission also ordered Apple to “remove the technical and commercial restrictions on steering” while simultaneously closing an investigation into Apple’s user choice obligations, finding that “early and proactive” moves by Cupertino to address compliance shortcomings resolved the issue.

Meta, on the other hand, was fined for the pay-or-consent model whereby it offered a paid, ad-free version of its services as the only alternative to allowing the company to harvest user data. The strategy earned it considerable ire in Europe for exactly the reason the EU began investigating it last year: That it still ingested data even if users paid and that it wasn’t clear about how personal data was being collected or used.

“The Commission found that this model is not compliant with the DMA,” the EC said, because it gave users no choice to opt into a service that used less of their data, nor did it allow users to freely consent to having their data combined.

That fine only applies to the period between March and November 2024 when the consent-or-pay model was active, however. The EU said that a new advertising model introduced in November of last year resolved many of its concerns, which European Privacy advocate Max Schrems says will likely still be an issue.

“Meta has moved to a system with a ‘pay,’ a ‘consent’ and a ‘less ads’ option,” Schrems explained in a statement emailed to The Register. Schrems said the “less ads” option is nothing but a distraction.

“It has massive usability limitations – nothing any user seriously wants,” Schrems said. “Meta has simply created a ‘fake choice’, pretending that it would overcome the illegal ‘pay or okay’ approach.”

Alongside the fines, the EU also said that it was removing Facebook Marketplace’s designation as a DMA gatekeeper, as it had too few commercial users to qualify as “an important gateway for business users to reach end users.”

[… followed by stuff about how Americans don’t like the fines in usual snowflakey Trump style crying tantrums]

Source: EC fines Meta, Apple €700M for DMA compliance failures • The Register

Blue Shield of California Exposed the Data of 4.7 Million People to Google for targeted advertising

Posted on by

Blue Shield of California shared the protected health information of 4.7 million individuals with Google over a nearly three-year period, a data breach that impacts the majority of its nearly 6 million members, according to reporting from Bleeping Computer.

This isn’t the only large data breach to affect a healthcare organization the last year alone. Community Health Center records were hacked in October 2024, compromising more than a million individuals’ data, along with an attack on lab testing company Lab Services Cooperative, which affected records of 1.6 million Planned Parenthood patients. UnitedHealth Group suffered a breach in February 2024, resulting in the leak of more than 100 million people’s data.

What happened with Blue Shield of California?

According to an April 9 notice posted on Blue Shield of California’s website, the company allowed certain data, including protected health information, to be shared with Google Ads through Google Analytics, which may have allowed Google to serve targeted ads back to members. While not discovered until Feb. 11, 2025, the leak occurred for several years, from April 2021 to January 2024, when the connection between Google Analytics and Google Ads was severed on Blue Shield websites.

The following Blue Shield member information may have been compromised:

  • Insurance plan name, type, and group number
  • City and zip code
  • Gender
  • Family size
  • Blue Shield assigned identifiers for online accounts
  • Medical claim service date and provider
  • Patient name
  • Patient financial responsibility
  • “Find a Doctor” search criteria and results

According to the notice, no additional personal data—Social Security numbers, driver’s license numbers, and banking and credit card information—were disclosed. Blue Shield also states that no bad actor was involved, nor have they confirmed that the information has been used maliciously.

[…]

Source: Blue Shield of California Exposed the Data of 4.7 Million People to Google | Lifehacker

Tesla now seems to be remote hacking odometers to weasel out of warranty repairs. Time to stop DMCA type laws globally.

Posted on by

A lawsuit filed in February accuses Tesla of remotely altering odometer values on failure-prone cars, in a bid to push these lemons beyond the 50,000 mile warranty limit:

https://www.thestreet.com/automotive/tesla-accused-of-using-sneaky-tactic-to-dodge-car-repairs

The suit was filed by a California driver who bought a used Tesla with 36,772 miles on it. The car’s suspension kept failing, necessitating multiple servicings, and that was when the plaintiff noticed that the odometer readings for his identical daily drive were going up by ever-larger increments. This wasn’t exactly subtle: he was driving 20 miles per day, but the odometer was clocking 72.35 miles/day. Still, how many of us monitor our daily odometer readings?

In short order, his car’s odometer had rolled over the 50k mark and Tesla informed him that they would no longer perform warranty service on his lemon. Right after this happened, the new mileage clocked by his odometer returned to normal. This isn’t the only Tesla owner who’s noticed this behavior: Tesla subreddits are full of similar complaints:

https://www.reddit.com/r/RealTesla/comments/1ca92nk/is_tesla_inflating_odometer_to_show_more_range/

This isn’t Tesla’s first dieselgate scandal. In the summer of 2023, the company was caught lying to drivers about its cars’ range:

https://pluralistic.net/2023/07/28/edison-not-tesla/#demon-haunted-world

Drivers noticed that they were getting far fewer miles out of their batteries than Tesla had advertised. Naturally, they contacted the company for service on their faulty cars. Tesla then set up an entire fake service operation in Nevada that these calls would be diverted to, called the “diversion team.” Drivers with range complaints were put through to the “diverters” who would claim to run “remote diagnostics” on their cars and then assure them the cars were fine. They even installed a special xylophone in the diversion team office that diverters would ring every time they successfully deceived a driver.

These customers were then put in an invisible Tesla service jail. Their Tesla apps were silently altered so that they could no longer book service for their cars for any reason – instead, they’d have to leave a message and wait several days for a callback. The diversion center racked up 2,000 calls/week and diverters were under strict instructions to keep calls under five minutes. Eventually, these diverters were told that they should stop actually performing remote diagnostics on the cars of callers – instead, they’d just pretend to have run the diagnostics and claim no problems were found (so if your car had a potentially dangerous fault, they would falsely claim that it was safe to drive).

Most modern cars have some kind of internet connection, but Tesla goes much further. By design, its cars receive “over-the-air” updates, including updates that are adverse to drivers’ interests. For example, if you stop paying the monthly subscription fee that entitles you to use your battery’s whole charge, Tesla will send a wireless internet command to your car to restrict your driving to only half of your battery’s charge.

This means that your Tesla is designed to follow instructions that you don’t want it to follow, and, by design, those instructions can fundamentally alter your car’s operating characteristics. For example, if you miss a payment on your Tesla, it can lock its doors and immobilize itself, then, when the repo man arrives, it will honk its horn, flash its lights, back out of its parking spot, and unlock itself so that it can be driven away:

https://tiremeetsroad.com/2021/03/18/tesla-allegedly-remotely-unlocks-model-3-owners-car-uses-smart-summon-to-help-repo-agent/

Some of the ways that your Tesla can be wirelessly downgraded (like disabling your battery) are disclosed at the time of purchase. Others (like locking you out and summoning a repo man) are secret. But whether disclosed or secret, both kinds of downgrade depend on the genuinely bizarre idea that a computer that you own, that is in your possession, can be relied upon to follow orders from the internet even when you don’t want it to. This is weird enough when we’re talking about a set-top box that won’t let you record a TV show – but when we’re talking about a computer that you put your body into and race down the road at 80mph inside of, it’s frankly terrifying.

[…]

Laws that ban reverse-engineering are a devastating weapon that corporations get to use in their bid to subjugate and devour the human race.

The US isn’t the only country with a law like Section 1201 of the DMCA. Over the past 25 years, the US Trade Representative has arm-twisted nearly every country in the world into passing laws that are nearly identical to America’s own disastrous DMCA. Why did countries agree to pass these laws? Well, because they had to, or the US would impose tariffs on them:

https://pluralistic.net/2025/03/03/friedmanite/#oil-crisis-two-point-oh

The Trump tariffs change everything, including this thing. There is no reason for America’s (former) trading partners to continue to enforce the laws it passed to protect Big Tech’s right to twiddle their citizens. That goes double for Tesla: rather than merely complaining about Musk’s Nazi salutes, countries targeted by the regime he serves could retaliate against him, in a devastating fashion. By abolishing their anticircuvmention laws, countries around the world would legalize jailbreaking Teslas, allowing mechanics to unlock all the subscription features and software upgrades for every Tesla driver, as well as offering their own software mods. Not only would this tank Tesla stock and force Musk to pay back the loans he collateralized with his shares (loans he used to buy Twitter and the US predidency), it would also abolish sleazy gimmicks like hacking drivers’ odometers to get out of paying for warranty service:

https://pluralistic.net/2025/03/08/turnabout/#is-fair-play

Source: Pluralistic: Tesla accused of hacking odometers to weasel out of warranty repairs (15 Apr 2025) – Pluralistic: Daily links from Cory Doctorow

Discord Wants Your Face: Begins Testing Facial Scans for Age Verification

Posted on by

Discord has begun requiring some users in the United Kingdom and Australia to verify their age through a facial scan before being permitted to access sensitive content. The chat app’s new process has been described as an “experiment,” and comes in response to laws passed in those countries that place guardrails on youth access to online platforms. Discord has also been the target of concerns that it does not sufficiently protect minors from sexual content.

Users may be asked to verify their age when encountering content that has been flagged by Discord’s systems as being sensitive in nature, or when they change their settings to enable access to sensitive content. The app will ask users to scan their face through a computer or smartphone webcam; alternatively, they can scan a driver’s license or other form of ID.

[…]

Source: Discord Begins Testing Facial Scans for Age Verification

Age verification is impossible to do correctly, incredibly privacy invasive and a really hacker tempting target. The UK and Australia and every other country considering age verification are seriously endangering their citizens.

Fortunately you can always hold up a picture from a magazine in front of the webcam.

Your TV is watching you better: LG TVs’ integrated ads get more personal with tech that analyzes viewer emotions

Posted on by

LG TVs will soon leverage an AI model built for showing advertisements that more closely align with viewers’ personal beliefs and emotions. The company plans to incorporate a partner company’s AI tech into its TV software in order to interpret psychological factors impacting a viewer, such as personal interests, personality traits, and lifestyle choices. The aim is to show LG webOS users ads that will emotionally impact them.

The upcoming advertising approach comes via a multi-year licensing deal with Zenapse, a company describing itself as a software-as-a-service marketing platform that can drive advertiser sales “with AI-powered emotional intelligence.” LG will use Zenapse’s technology to divide webOS users into hyper-specific market segments that are supposed to be more informative to advertisers. LG Ad Solutions, LG’s advertising business, announced the partnership on Tuesday.

The technology will be used to inform ads shown on LG smart TVs’ homescreens, free ad-supported TV (FAST) channels, and elsewhere throughout webOS, per StreamTV Insider. LG will also use Zenapse’s tech to “expand new software development and go-to-market products,” it said. LG didn’t specify the duration of its licensing deal with Zenapse.

[…]

With all this information, ZenVision will group LG TV viewers into highly specified market segments, such as “goal-driven achievers,” “social connectors,” or “emotionally engaged planners,” an LG spokesperson told StreamTV Insider. Zenapse’s website for ZenVision points to other potential market segments, including “digital adopters,” “wellness seekers,” “positive impact & environment,” and “money matters.”

Companies paying to advertise on LG TVs can then target viewers based on the ZenVision-specified market segments and deliver an “emotionally intelligent ad,” as Zenapse’s website puts it.

This type of targeted advertising aims to bring advertisers more in-depth information about TV viewers than demographic data or even contextual advertising (which shows ads based on what the viewer is watching) via psychographic data. Demographic data gives advertisers viewer information, like location, age, gender, ethnicity, marital status, and income. Psychographic data is supposed to go deeper and allow advertisers to target people based on so-called psychological factors, like personal beliefs, values, and attitudes. As Salesforce explains, “psychographic segmentation delves deeper into their psyche” than relying on demographic data.

[…]

With their ability to track TV viewers’ behavior, including what they watch and search for on their TVs, smart TVs are a growing obsession for advertisers. As LG’s announcement pointed out, CTVs represent “one of the fastest-growing ad segments in the US, expected to reach over $40 billion by 2027, up from $24.6 billion in 2023.”

However, as advertisers’ interest in appealing to streamers grows, so do their efforts to track and understand viewers for more targeted advertising. Both efforts could end up pushing the limits of user comfort and privacy.

[…]

 

Source: LG TVs’ integrated ads get more personal with tech that analyzes viewer emotions – Ars Technica

An LG TV is not exactly a cheap thing. I am paying for the whole product, not for a service. I bought a TV, not a marketing department.

Google Found Guilty of Illegal Ad Tech Monopoly in US Federal Court Ruling

Posted on by

A federal judge has ruled that Google maintained illegal monopolies in the digital advertising technology market.

In a landmark case, the Department of Justice and 17 states found Google liable for antitrust violations.

Federal Court Finds Google Violated Sherman Act

U.S. District Judge Leonie Brinkema ruled that Google illegally monopolized two key markets in digital advertising:

  • The publisher ad server market
  • The ad exchange market

The 115-page ruling (PDF link) states Google violated Section 2 of the Sherman Antitrust Act by “willfully acquiring and maintaining monopoly power.”

It also found that Google unlawfully tied its publisher ad server (DFP) and ad exchange (AdX) together.

Judge Brinkema wrote in the ruling:

“Plaintiffs have proven that Google possesses monopoly power in the publisher ad server for open-web display advertising market. Google’s publisher ad server DFP has a durable and ‘predominant share of the market’ that is protected by high barriers both to entry and expansion.”

Google’s Dominant Market Position

The court found that Google controlled approximately 91% of the worldwide publisher ad server market for open-web display advertising from 2018 to 2022.

In the ad exchange market, Google’s AdX handled between 54% and 65% of total transactions, roughly nine times larger than its closest competitor.

The judge cited Google’s pricing power as evidence of its monopoly. Google maintained a 20% take rate for its ad exchange services for over a decade, despite competitors charging only 10%.

The ruling states:

“Google’s ability to maintain AdX’s 20% take rate under these market conditions is further direct evidence of the firm’s sustained and substantial power.”

Illegal Tying of Services Found

A key part of the ruling focused on Google’s practice of tying its publisher ad server (DFP) to its ad exchange (AdX).

The court determined that Google effectively forced publishers to use DFP if they wanted access to real-time bidding with AdWords advertisers, a crucial feature of AdX.

Judge Brinkema wrote, quoting internal Google communications:

“By tying DFP to AdX, Google took advantage of its ‘owning the platform, the exchange, and a huge network’ of advertising demand.”

This was compared to “Goldman or Citibank own[ing] the NYSE [i.e., the New York Stock Exchange].”

[…]

What’s Next?

Judge Brinkema has yet to decide on penalties for Google’s violations. Soon, the court will “set a briefing schedule and hearing date to determine the appropriate remedies.”

Possible penalties include forcing Google to sell parts of its ad tech business. This would dramatically change the digital advertising landscape.

This ruling signals that changes may be coming for marketers relying on Google’s integrated advertising system.

Google intends to appeal the decision, extending the legal battle for years.

[…]

Source: Google Found Guilty of Illegal Ad Tech Monopoly in Court Ruling

OpenDNS Quits Belgium Under Threat of Piracy Blocks or Fines of €100K Per Day after having quit France

Posted on by

In a brief statement citing a court order in Belgium but providing no other details, Cisco says that its OpenDNS service is no longer available to users in Belgium. Cisco’s withdrawal is almost certainly linked to an IPTV piracy blocking order obtained by DAZN; itt requires OpenDNS, Cloudflare and Google to block over 100 pirate sites or face fines of €100,000 euros per day. Just recently, Cisco withdrew from France over a similar order.

dns-block-soccer-ball1 Without assurances that hosts, domain registries, registrars, DNS providers, and consumer ISPs would not be immediately held liable for internet users’ activities, investing in the growth of the early internet may have proven less attractive.

Of course, not being held immediately liable is a far cry from not being held liable at all. After years of relatively plain sailing, multiple ISPs in the United States are currently embroiled in multi-multi million dollar lawsuits for not policing infringing users. In Europe, countries including Italy and France have introduced legislation to ensure that if online services facilitate or assist piracy in any way, they can be compelled by law to help tackle it.

DNS Under Pressure

Given their critical role online, and the fact that not a single byte of infringing content has ever touched their services, some believed that DNS providers would be among the last services to be put under pressure.

After Sony sued Quad9 and wider discussions opened up soon after, in 2023 Canal+ used French law to target DNS providers. Last year, Google, Cloudflare, and Cisco were ordered to prevent their services from translating domain names into IP addresses used by dozens of sports piracy sites.

While all three companies objected, it’s understood that Cloudflare and Google eventually complied with the order. Cisco’s compliance was also achieved, albeit by its unexpected decision to suspend access to its DNS service for the whole of France and the overseas territories listed in the order.

So Long France, Goodbye Belgium

Another court order obtained by DAZN at the end of March followed a similar pattern.

dazn-block-s1 Handed down by a court in Belgium, it compels the same three DNS providers to cease returning IP addresses when internet users provide the domain names of around 100 pirate sports streaming sites.

At last count those sites were linked to over 130 domain names which in its role as a search engine operator, Google was also ordered to deindex from search results.

During the evening of April 5, Belgian media reported that a major blocking campaign was underway to protect content licensed by DAZN and 12th Player, most likely football matches from Belgium’s Pro League. DAZN described the action as the “the first of its kind” and a “real step forward” in the fight against content piracy. Google and Cloudflare’s participation was not confirmed, but it seems likely that Cisco was not involved all.

In a very short statement posted to the Cisco community forum, employee tom1 announced that effective April 11, 2025, OpenDNS will no longer be accessible to users in Belgium due to a court order. The nature of the order isn’t clarified, but it almost certainly refers to the order obtained by DAZN.

 

cisco-belgium
 

Cisco’s suspension of OpenDNS in Belgium mirrors its response to a similar court order in France. Both statements were delivered without fanfare which may suggest that the company prefers not to be seen as taking a stand. In reality, Cisco’s reasons are currently unknown and that has provoked some interesting comments from users on the Cisco community forum.

[…]

Source: OpenDNS Quits Belgium Under Threat of Piracy Blocks or Fines of €100K Per Day * TorrentFreak

Yup the copyrights holders are again blocking human progress on a massive scale and corrupt politicians are creating rules that allow them to pillage whilst holding us back.

Toothpaste widely contaminated with lead and other metals, US research finds

Posted on by

Toothpaste can be widely contaminated with lead and other dangerous heavy metals, new research shows.

Most of 51 brands of toothpaste tested for lead contained the dangerous heavy metal, including those for children or those marketed as green. The testing, conducted by Lead Safe Mama, also found concerning levels of highly toxic arsenic, mercury and cadmium in many brands.

About 90% of toothpastes contained lead, 65% contained arsenic, just under half contained mercury, and one-third had cadmium. Many brands contain a number of the toxins.

The highest levels detected violated the state of Washington’s limits, but not federal limits. The thresholds have been roundly criticized by public health advocates for not being protective – no level of exposure to lead is safe, the federal government has found.

“It’s unconscionable – especially in 2025,” said Tamara Rubin, Lead Safe Mama’s founder. “What’s really interesting to me is that no one thought this was a concern.”

Lead can cause cognitive damage to children, harm the kidneys and cause heart disease, among other issues. Lead, mercury, cadmium and arsenic are all carcinogens.

Rubin first learned that lead-contaminated ingredients were added to toothpaste about 12 years ago while working with families that had children with high levels of the metal in their blood. The common denominator among them was a brand of toothpaste, Earthpaste, that contained lead.

Last year she detected high levels in some toothpaste using an XRF lead detection tool. The levels were high enough to raise concern, and she crowdfunded with readers to send popular brands to an independent laboratory for testing.

Among those found to contain the toxins were Crest, Sensodyne, Tom’s of Maine, Dr Bronner’s, Davids, Dr Jen and others.

So far, none of the companies Lead Safe Mama checked have said they will work to get lead out of their product, Rubin said. Several sent her cease-and-desist letters, which she said she ignored, but also posted on her blog.

[…]

Source: Toothpaste widely contaminated with lead and other metals, US research finds | US news | The Guardian

Spotify was down for a while. Yay clouds.

Posted on by

April 16

The music-streaming app Spotify was down for a good chunk of time this morning, leaving millions of music fans in the lurch. Both the app and web client weren’t working, but service seem to be broadly returned to normal at this point, though lingering bugs may remain.

To view this content, you’ll need to update your privacy settings. Please click here and view the “Content and social-media partners” setting to do so.

At about 10:40AM ET, Spotify updated its X account saying it was working on the issue and also said that “the reports of this being a security hack are false.” We haven’t seen any such reports yet, but we’ll keep an eye on things to see if they offer any more details on this front. Finally, at 12:08PM ET, the company said things were back to normal. All told, it seems like things were down for nearly four hours, a pretty long outage.

Update, April 16, 2025, 11:04AM ET: Added details about Spotify claiming this downtime was not due to a security hack.

Update, April 16 2025, 12:18PM ET: This story and its headline have been updated to note that Spotify is now back online after its outage.

Source: Spotify was down for a while this morning, but it’s back now

This is one reason why I like my mp3s.

LaLiga Piracy Blocks Randomly Take Down huge innocent segments of internet with no recourse or warning, slammed as “Unaccountable Internet Censorship”

Posted on by

Cloud-based web application platform Vercel is among the latest companies to find their servers blocked in Spain due to LaLiga’s ongoing IPTV anti-piracy campaign. In a statement, Vercel’s CEO and the company’s principal engineer slam “indiscriminate” blocking as an “unaccountable form of internet censorship” that has prevented legitimate customers from conducting their daily business.

laliga-vercel1 Since early February, Spain has faced unprecedented yet avoidable nationwide disruption to previously functioning, entirely legitimate online services.

A court order obtained by top-tier football league LaLiga in partnership with telecommunications giant Telefonica, authorized ISP-level blocking across all major ISPs to prevent public access to pirate IPTV services and websites.

In the first instance, controversy centered on Cloudflare, where shared IP addresses were blocked by local ISPs when pirates were detected using them, regardless of the legitimate Cloudflare customers using them too.

When legal action by Cloudflare failed, in part due to a judge’s insistence that no evidence of damage to third parties had been proven before the court, joint applicants LaLiga and Telefonica continued with their blocking campaign. It began affecting innocent third parties early February and hasn’t stopped since.

Vercel Latest Target

US-based Vercel describes itself as a “complete platform for the web.” Through the provision of cloud infrastructure and developer tools, users can deploy code from their computers and have it up and running in just seconds. Vercel is not a ‘rogue’ hosting provider that ignores copyright complaints, it takes its responsibilities very seriously.

Yet it became evident last week that blocking instructions executed by Telefonica-owned telecoms company Movistar were once again blocking innocent users, this time customers of Vercel.

 

Movistar informed of yet more adverse blockingblock-laliga-tinybird
 

As the thread on X continued, Vercel CEO Guillermo Rauch was asked whether Vercel had “received any requests to remove illegal content before the blocking occurs?”

Vercel Principal Engineer Matheus Fernandes answered quickly.

 

No takedown requests, just blocksblock-laliga-vercel
 

Additional users were soon airing their grievances; ChatGPT blocked regularly on Sundays, a whole day “ruined” due to unwarranted blocking of AI code editor Cursor, blocking at Cloudflare, GitHub, BunnyCDN, the list goes on.

 

shame
 

Vercel Slams “Unaccountable Internet Censorship”

In a joint statement last week, Vercel CEO Guillermo Rauch and Principal Engineer Matheus Fernandes cited the LaLiga/Telefonica court order and reported that ISPs are “blocking entire IP ranges, not specific domains or content.”

Among them, the IP addresses 66.33.60.129 and 76.76.21.142, “used by businesses like Spanish startup Tinybird, Hello Magazine, and others operating on Vercel, despite no affiliations with piracy in any form.”

[…]

The details concerning this latest blocking disaster and the many others since February, are unavailable to the public. This lack of transparency is consistent with most if not all dynamic blocking programs around the world. With close to zero transparency, there is no accountability when blocking takes a turn for the worse, and no obvious process through which innocent parties can be fairly heard.

[…]

The hayahora.futbol project is especially impressive; it gathers evidence of blocking events, including dates, which ISPs implemented blocking, how long the blocks remained in place, and which legitimate services were wrongfully blocked.

[…]

Source: Vercel Slams LaLiga Piracy Blocks as “Unaccountable Internet Censorship” * TorrentFreak

So guys streaming a *game* can close down huge sections of internet without accountability? How did a law like that happen without some serious corruption?

Early childhood antibiotics increases risk of asthma, food allergies, allergic rhinitis, and intellectual disability

Posted on by

[…] Among 1,091,449 children, antibiotic exposure before age 2 was positively associated with asthma (hazard ratio 1.24, 1.22-1.26), food allergy (hazard ratio 1.33, 1.26-1.40), and allergic rhinitis (hazard ratio 1.06, 1.03-1.10), with stronger associations observed following multiple antibiotic courses. Findings from sibling-matched analyses were similar. Early-childhood antibiotic exposure was also dose-dependently associated with intellectual disability (5+ vs. 1-2 courses: hazard ratio 1.73, 1.49-2.01; sibling-matched: 2.79, 1.87-4.18), but not with celiac disease, inflammatory bowel disease, juvenile idiopathic arthritis, psoriasis, type 1 diabetes, attention-deficit/hyperactivity disorder, autism spectrum disorders, or anxiety. Sibling-matched results and a negative control outcome suggested minimal confounding bias.

Conclusions

Children receiving multiple antibiotic courses between birth and age 2 were more likely to develop asthma, food allergies, allergic rhinitis, and intellectual disability. However, risks of most autoimmune, neurodevelopmental, and psychiatric conditions studied were minimal following early-childhood antibiotic exposure.

[…]

Source: Early childhood antibiotics and chronic pediatric conditions: a retrospective cohort study | The Journal of Infectious Diseases | Oxford Academic

British soldiers take down drone swarm in groundbreaking use of radio wave weapon

Posted on by

  • UK-made, invisible radio wave weapon knocks out drone swarms for the first time.
  • Weapon has potential to help protect against drone threats as nature of warfare changes.
  • The project supports more than 135 highly skilled jobs across the UK.

The trial was completed at a weapons range in West Wales and was the largest counter-drone swarm exercise the British Army have conducted to date.

The weapon system demonstrator is a type of Radiofrequency Directed Energy Weapon (RF DEW) and has proven capable of neutralising multiple targets simultaneously with near-instant effect.

[…]

At an estimated cost of 10p per shot fired, if developed into operational service it could provide a cost-effective complement to traditional missile-based air defence systems.

RF DEW systems can defeat airborne targets at ranges of up to 1km and are effective against threats which cannot be jammed using electronic warfare.

[…]

Successful experiments included the Army taking down two swarms of drones in a single engagement, and the project saw more than 100 drones being tracked, engaged and defeated using the weapon across all trials.

[…]

Source: British soldiers take down drone swarm in groundbreaking use of radio wave weapon – GOV.UK

Synology confirms that higher-end NAS products will require its branded drives

Posted on by

Popular NAS-maker Synology has confirmed and slightly clarified a policy that appeared on its German website earlier this week: Its “Plus” tier of devices, starting with the 2025 series, will require Synology-branded hard drives for full compatibility, at least at first.

“Synology-branded drives will be needed for use in the newly announced Plus series, with plans to update the Product Compatibility List as additional drives can be thoroughly vetted in Synology systems,” a Synology representative told Ars by email. “Extensive internal testing has shown that drives that follow a rigorous validation process when paired with Synology systems are at less risk of drive failure and ongoing compatibility issues.”

Without a Synology-branded or approved drive in a device that requires it, NAS devices could fail to create storage pools and lose volume-wide deduplication and lifespan analysis, Synology’s German press release stated. Similar drive restrictions are already in place for XS Plus and rack-mounted Synology models, though work-arounds exist.

[…]

Synology does not manufacture its own drives but packages and markets drives from major manufacturers, including Toshiba and Seagate. As such, Synology’s drives are typically more expensive than third-party models with similar specs. An 8TB 3.5-inch HDD from Synology’s Plus line, the HAT3310, costs $210 on Synology’s web store. One of the original drives the HAT3310 is reportedly sourced from, the Toshiba N300, can be found for $173 at more than one vendor. That number changes as you move up and down in capacity or move to “Enterprise” levels—and, of course, as you multiply it across large arrays.

[…]

Source: Synology confirms that higher-end NAS products will require its branded drives – Ars Technica

And a lot of people, who are already pissed off with Synology for old software and removing HEIC and mp4 support will be leaving the brand.

Source: https://www.reddit.com/r/synology/comments/1k3o1u6/the_results_are_in/

 

Don’t delete your new inetpub folder. It’s a Windows security fix

Posted on by

Canny Windows users who’ve spotted a mysterious folder on hard drives after applying last week’s security patches for the operating system can rest assured – it’s perfectly benign. In fact, it’s recommended you leave the directory there.

The folder, typically C:\inetpub, is empty and related to Microsoft’s Internet Information Services (IIS). It will be created when you install the security patches whether or not you’re using that optional web server. The purpose of the folder is to mitigate an exploitable elevation-of-privileges flaw within Windows Process Activation, classified as CVE-2025-21204.

That CVE, which can give malware on a system or a rogue user system-level file-management privileges, was fixed in the April Patch Tuesday batch from the Windows maker; installing the fix on Windows 11 and 10 will create the directory as additional protection, we’re told.

“After installing the updates listed in the security updates table for your operating system, a new %systemdrive%\inetpub folder will be created on your device,” advised Microsoft.

“This folder should not be deleted regardless of whether Internet Information Services (IIS) is active on the target device. This behavior is part of changes that increase protection and does not require any action from IT admins and end users.”

[…]

If you have deleted it after applying the patch, there’s a fix. Go to the Windows Control Panel and open Programs and Features. On the left you’ll see “Turn Windows features on or off.” Scroll down until you find IIS and hit “OK” after highlighting it. The folder will be recreated with the correct SYSTEM-level permissions. You can then switch off IIS and restart. (No one uses IIS these days.)

Or create the folder by hand with read-only access and SYSTEM-level ownership

Source: Don’t delete inetpub folder. It’s a Windows security fix • The Register

Apple to Spy on User Emails and other Data on Devices to Bolster AI Technology

Posted on by

Apple Inc. will begin analyzing data on customers’ devices in a bid to improve its artificial intelligence platform, a move designed to safeguard user information while still helping it catch up with AI rivals.

Today, Apple typically trains AI models using synthetic data — information that’s meant to mimic real-world inputs without any personal details. But that synthetic information isn’t always representative of actual customer data, making it harder for its AI systems to work properly.

The new approach will address that problem while ensuring that user data remains on customers’ devices and isn’t directly used to train AI models. The idea is to help Apple catch up with competitors such as OpenAI and Alphabet Inc., which have fewer privacy restrictions.

The technology works like this: It takes the synthetic data that Apple has created and compares it to a recent sample of user emails within the iPhone, iPad and Mac email app. By using actual emails to check the fake inputs, Apple can then determine which items within its synthetic dataset are most in line with real-world messages.

These insights will help the company improve text-related features in its Apple Intelligence platform, such as summaries in notifications, the ability to synthesize thoughts in its Writing Tools, and recaps of user messages.

[…]

The company will roll out the new system in an upcoming beta version of iOS and iPadOS 18.5 and macOS 15.5. A second beta test of those upcoming releases was provided to developers earlier on Monday.

[…]

Already, the company has relied on a technology called differential privacy to help improve its Genmoji feature, which lets users create a custom emoji. It uses that system to “identify popular prompts and prompt patterns, while providing a mathematical guarantee that unique or rare prompts aren’t discovered,” the company said in the blog post.

The idea is to track how the model responds in situations where multiple users have made the same request — say, asking for a dinosaur carrying a briefcase — and improving the results in those cases.

The features are only for users who are opted in to device analytics and product improvement capabilities. Those options are managed in the Privacy and Security tab within the Settings app on the company’s devices.

[…]

Source: Apple to Analyze User Data on Devices to Bolster AI Technology

EU gives burner phones and laptops on visits to U.S. (as well as they have been doing for China)

Posted on by

The European Commission has started issuing burner phones and stripped-down laptops to staff visiting the U.S. over concerns that the treatment of visitors to the country has become a security risk, according to a new report from the Financial Times. And it’s just the latest news that America’s slide into fascism under Donald Trump is having severe consequences for the United States’ standing in the world, all while the president announced Monday that he has no plans to obey a U.S. Supreme Court order to bring back a man wrongly sent to a prison in El Salvador.

Officials who spoke with the Financial Times said that new guidance for EU staff traveling to the U.S. included recommendations they not carry personal phones, turn off their burner phones when entering the country, and have “special sleeves” (presumably Faraday cages), that can protect from electronic snooping. U.S. border agents often confiscate phones and claim the right to look through anyone’s personal devices before they can be allowed to enter the U.S.

There have been several reports of researchers denied access to the U.S., including a French scientist who was reportedly stopped last month for having text messages that were critical of Trump. Other travelers from countries like Australia and Canada have reported being detained in horrendous conditions.

[…]

The U.S. is also trying to deport people in a white nationalist scheme to purge the country of any dissent. Several international students have been kidnapped by masked secret police in recent weeks, including people like Mahmoud Khalil and Rumeysa Ozturk, pro-Palestine protesters who are currently sitting in ICE detention facilities. Ozturk’s only “crime” was writing an op-ed for her student newspaper opposing Israel’s war on Gaza and she was picked up off the street near her home outside Boston and flown to Louisiana. The Trump regime has said it locked up Ozturk and is preparing to deport her for “antisemitism,” and supporting Hamas, but the Washington Post reported Sunday that the State Department’s investigation found she did no such thing.

Trump appeared for a press availability in the White House with El Salvador’s president Nayib Bukele on Monday, where he made it clear that he’s going to continue shipping people who’ve committed no crime out of the country to El Salvador’s torture prisons. The U.S. Supreme Court ruled last week that the U.S. government needs to facilitate the return of Kilmar Abrego Garcia, a Maryland man who Trump falsely accuses of being a member of the MS-13 gang, but the U.S. president made it clear he has no plans to bring Garcia back.

[…]

Source: Visitors to U.S. Take Extreme Precautions as Trump Continues March of Fascism

Cholera Outbreak Traced to Holy Water From Ethiopia

Posted on by

A sacred pilgrimage ended up in the toilet for several travelers earlier this year. Health officials in Europe have reported an outbreak of superbug cholera traced back to tainted holy water sourced from Ethiopia.

Health officials in Germany and the UK detailed the strange outbreak in a report published Thursday in the journal Eurosurveillance. At least seven people across both countries were sickened with a multidrug-resistant cholera strain that originated from the Bermel Georgis holy well in Ethiopia. Though several people were hospitalized and some even required intensive care, all of the victims thankfully survived.

[…]

Source: Cholera Outbreak Traced to Holy Water From Ethiopia

VMware revives its free ESXi hypervisor

Posted on by

News of the offering emerged in a throwaway line in the Release Notes for version 8.0 Update 3e of the Broadcom business unit’s ESXi hypervisor.

Just below the “What’s New” section of that document is the statement: “Broadcom makes available the VMware vSphere Hypervisor version 8, an entry-level hypervisor. You can download it free of charge from the Broadcom Support portal.”

We’ve asked VMware for details about the new release and its capabilities, but no further information was available at the time of writing.

VMware offered a free version of ESXi for years, and it was beloved by home lab operators and vAdmins who needed something to tinker with. But in February 2024, VMware discontinued it on grounds that it was dropping perpetual licenses and moving to subscriptions.

If you want to try the hypervisor, you’ll need to be registered with Broadcom’s customer support portal to download it. Sadly, our virtualization desk’s home lab is not currently operational, so while we’ve downloaded the ISO file, we haven’t been able to get it running. Suffice it to say, it doesn’t want to run nested inside a desktop hypervisor.

Broadcom hasn’t explained why it has reversed its decision, but it’s not hard to guess.

VMware shops and partners of all sizes might need test or training environments, but as Broadcom only sells subscriptions (and greatly favors three-year terms) there’s no cheap way to access Virtzilla’s code. A modest freebie makes it more likely the vCurious will do some tinkering that turns into a sale. Free editions are also a way of building a talent pool.

VMware’s rivals know this. Nutanix has had a free Community Edition for years and Platform9 announced a free edition of its own a couple of weeks back. Other VMware competitors are open source, so their code is always free.

While VMware has made its Workstation desktop hypervisor free, it lacked a no-cost server virtualization option. Now it’s back in the game.

[…]

Source: VMware revives its free ESXi hypervisor • The Register

Windows’ Recall Spyware Is Back—Here’s How to Control It

Posted on by

Remember Recall? It’s been close to full trip around the sun since Microsoft announced then suddenly pulled its AI-powered, auto-screenshotting “photographic memory” software for Copilot+ PCs. Whether you want it or not, the feature is coming back, and you should be prepared for it not just if you’re planning to use it, but if you imagine any of your friends, family, or coworkers plan to use it too.

Microsoft’s latest blog about the Windows Insider build KB5055627 includes the note that Recall is rolling out “gradually” to beta users over the coming weeks. Like what Microsoft first showed off in May 2024, Recall automatically screenshots most apps, webpages, or documents you’re on. The system catalogues all these screenshots then uses on-device AI to parse what’s on each screenshot

[…]

Microsoft originally recalled Recall  when security experts found glaring, obvious holes in the software that let any user with access to the PC read the AI’s excerpts. The program had no qualms about screenshotting bank accounts, social security numbers, or any other sensitive information. Microsoft returned Recall to the drawing board, and now users need to enroll in Windows Hello biometric or PIN security to access the screenshots. Users can also pause screenshots or filter out certain apps or specific webpages (though only for Edge, Firefox, Opera, and Chrome browsers). That may not be foolproof, as reports from late last year showed Recall failed to detect when it was looking at bank info. It will be up to users to ensure every sensitive page they visit is on the no-go list.

Microsoft Recall Windows Security 2
© Microsoft

Users will choose whether to enable or disable Recall the first time they startup their device with the new update. To disable it, you need to search “Turn Windows features on or off” in the Windows 11 taskbar, then uncheck Recall.

[…]

This is where some security-focused Windows users are especially concerned. You can tell Recall to gather dust alongside all the other pre-installed Windows apps, but that doesn’t mean your less-tech literate family member will. Security blogger Em pointed out in a Mastodon post (via Ars Technica) if you send that family member any photos or sensitive information, they could be scraping everything you text or email them, including family photos or passwords, and you wouldn’t even know it.

[…]

Source: Windows’ Controversial Recall Is Back—Here’s How to Control It