The Linkielist

Linking ideas with the world

The Linkielist

Facebook Relaxed Fact-Checking Standards on Conservative Pages: Report

Posted on by

In an attempt to correct the perception of a small but very vocal minority that claims Facebook’s silencing conservative voices on its platforms, the company’s reportedly swung too far in the opposite direction and essentially gave a free pass to conservative pages to spew their bullshit online.

According to leaked documents reviewed by NBC, Facebook relaxed its fact-checking rules for conservative news outlets and personalities, including Breitbart and former Fox News stooges Diamond and Silk, so that they wouldn’t be penalized for spreading misinformation. This report comes just a day after a Buzzfeed exposé detailing how a Facebook employee was allegedly fired after collecting evidence of this preferential treatment of right-wing pages.

Per its standards, Facebook issues strikes to pages that have repeatedly spread inaccurate or misleading information as determined by the company’s millions of fact-checking partners (news outlets, politicians, influencers, etc.). If an account receives two strikes in a 90-day period, it receives a “repeat offender” status and can be shadowbanned or even temporarily lose advertising privileges. Facebook employees work with fact-checking partners to triage these misinformation flags, with high-priority issues receiving an “escalation” tag that then pushes them on to company higher-ups for review.

According to an archive of these escalations with the last six months that was leaked to NBC, Facebook employees in the misinformation escalations team waived strikes issued to some conservative pages under direct oversight from senior leadership. Roughly two-thirds of the cases listed concerned conservative pages, including those of Donald Trump Jr., Eric Trump, and Gateway Pundit.

[.,..]

Source: Facebook Relaxed Fact-Checking Standards on Conservative Pages: Report

An odd piece of news if not propoganda considering the big tech companies were slammed during their hearings buy the conspiracy seeing anti-vaxxer senators in the room

Whoops, our bad, we just may have ‘accidentally’ left Google Home devices recording your every word, sound, sorry

Posted on by

Your Google Home speaker may have been quietly recording sounds around your house without your permission or authorization, it was revealed this week.

The Chocolate Factory admitted it had accidentally turned on a feature that allowed its voice-controlled AI-based assistant to activate and snoop on its surroundings. Normally, the device only starts actively listening in and making a note of what it hears after it has heard wake words, such as “Ok, Google” or “Hey, Google,” for privacy reasons. Prior to waking, it’s constantly listening out for those words, but is not supposed to keep a record of what it hears.

Yet punters noticed their Google Homes had been recording random sounds, without any wake word uttered, when they started receiving notifications on their phone that showed the device had heard things like a smoke alarm beeping, or glass breaking in their homes – all without giving their approval.

Google said the feature had been accidentally turned on during a recent software update, and it has now been switched off, Protocol reported. It may be that this feature is or was intended to be used for home security at some point: imagine the assistant waking up whenever it hears a break in, for instance. Google just bought a $450m, or 6.6 per cent, stake in anti-burglary giant ADT.

Source: Whoops, our bad, we just may have ‘accidentally’ left Google Home devices recording your every word, sound, sorry • The Register

NRA riddled with Fraud. Investigation Moves NY AG To Seek Group’s Dissolution

Posted on by

The attorney general of New York took action Thursday to dissolve the National Rifle Association following an 18-month investigation that found evidence the powerful gun rights group is “fraught with fraud and abuse.”

Attorney General Letitia James claims in a lawsuit filed Thursday that she found financial misconduct in the millions of dollars and that it contributed to a loss of more than $64 million over a three-year period.

The suit alleges that top NRA executives misused charitable funds for personal gain, awarded contracts to friends and family members, and provided contracts to former employees to ensure loyalty.

Seeking to dissolve the NRA is the most aggressive sanction James could have sought against the not-for-profit organization, which James has jurisdiction over because it is registered in New York. James has a wide range of authorities relating to nonprofits in the state, including the authority to force organizations to cease operations or dissolve. The NRA is all but certain to contest it.

The NRA said in a statement that the legal action was political, calling it a “baseless premeditated attack on our organization and the Second Amendment freedoms it fights to defend… we not only will not shrink from this fight – we will confront it and prevail.”

“The NRA’s influence has been so powerful that the organization went unchecked for decades while top executives funneled millions into their own pockets,” James said in a statement. “The NRA is fraught with fraud and abuse, which is why, today, we seek to dissolve the NRA, because no organization is above the law.”

James’ complaint names the National Rifle Association as a whole but also names four current and former NRA executives: Executive Vice President Wayne LaPierre, general counsel John Frazer, former Chief Financial Officer Woody Phillips and former chief of staff Joshua Powell.

Source: NRA Lawsuit: Fraud Investigation Moves New York AG To Seek Group’s Dissolution : NPR

Well, my thoughts and prayers go out to you, NRA and all your gun nut psycho killer friends.

Spotify CEO Daniel Ek says working musicians may no longer be able to release music only “once every three to four years” – they will have to work just like the rest of us

Posted on by

Spotify CEO Daniel Ek discussed streaming and sustainability in a recent interview with Music Ally published on Thursday. Ek denied criticisms that Spotify pays insufficient royalties to artists, and insisted that the role of the musician had changed in today’s “future landscape.”

Ek claimed that a “narrative fallacy” had been created and caused music fans to believe that Spotify doesn’t pay musicians enough for streams of their music. “Some artists that used to do well in the past may not do well in this future landscape,” Ek said, “where you can’t record music once every three to four years and think that’s going to be enough.”

What is required from successful musicians, Ek insisted, is a deeper, more consistent, and prolonged commitment than in the past. “The artists today that are making it realize that it’s about creating a continuous engagement with their fans. It is about putting the work in, about the storytelling around the album, and about keeping a continuous dialogue with your fans.”

Source: Spotify CEO Daniel Ek says working musicians may no longer be able to release music only “once every three to four years” | The FADER

A business model where you work a few weeks a year untill you can just coast along on royalties is wrong on so many levels.

Google victory in German top court over right to be forgotten means you can’t just delete the evil stuff you did

Posted on by

A German court has sided with Google and rejected requests to wipe entries from search results. The cases hinged on whether the right to be forgotten outweighed the public’s right to know.

Germany’s highest court agreed on Monday with lower courts and rejected the two plaintiffs’ appeals over privacy concerns.

In the first case, a former managing director of a charity had demanded Google remove links to certain news articles that appeared in searches of his name. The articles from 2011 reported that the charity was in financial trouble and that the manager had called in sick. He later argued in court that information on his personal health issues should not be divulged to the public years later.

The court ruled that whether links to critical articles have to be removed from the search list always depends on a comprehensive consideration of fundamental rights in the individual case.

A second case was referred to the European Court of Justice. It concerned two leaders of a financial services company that sought to have links to negative reports about their investment model removed. The couple had argued that the US-based websites, which came up in the searches for their names, were full of fake news and sought to market other financial services providers.

[…]

Links are only be deleted from searches in Europe but would appear as normal in other regions. Any data “forgotten” by Google, which mostly provides links to material published by others, is only removed from its search results, not from the internet.

The cases stem from a 2014 ruling in the European Court of Justice (ECJ), which found that EU citizens had the right to request search engines, such as Alphabet’s Google and Microsoft’s Bing, remove “inaccurate, inadequate, irrelevant or excessive” search results linked to their name. The case centered on a Spaniard who found that when his name was Googled, it returned links to an advertisement for a property auction related to an unpaid social welfare debt. He argued the debt had long since been settled.

Source: Google victory in German top court over right to be forgotten | Germany| News and in-depth reporting from Berlin and beyond | DW | 27.07.2020

YouTube threatens to remove music videos in Denmark over songwriter royalty fallout

Posted on by

YouTube is embroiled in a very public spat with songwriters and music publishers in Denmark, via local collection society Koda.

According to Koda – Denmark’s equivalent of ASCAP/BMI (US) or PRS For Music (UK) – YouTube has threatened to remove “Danish music content” (ie. music written by Danish songwriters) from its service.

The cause of this threat is a disagreement between the two parties over the remuneration of songwriters and publishers in the market.

YouTube and Koda’s last multi-year licensing deal expired in April. Since then, the two parties have been operating under a temporary license agreement.

At the same time, Polaris, the umbrella body for collection societies in the Nordics, has been negotiating with YouTube over a new Scandinavia-wide licensing agreement.

But in a statement to media today (July 31), Koda claims YouTube is insisting that – in order to extend its temporary deal in Denmark – Koda must now agree to a near-70% reduction in payments to composers and songwriters.

YouTube has fired back at this claim, suggesting that under its existing temporary deal with Koda (which expires today), the body “earned back less than half of the guarantee payments” handed over by the service.

[…] wait – how on earth does a guarantee payment relate to the amount you renumerate people?

In response to Koda’s refusal to agree to YouTube’s proposed deal, Koda claims that “on the evening of Thursday 30 July, Google announced that they will soon remove all Danish music content on YouTube”.

Reports out of Denmark suggest YouTube may pull the plug on this content as soon as this Saturday.

[…]

“While we’ve had productive conversations we have been unable to secure a fair and equitable agreement before our existing one expired. They are asking for substantially more than what we pay our other partners. This is not only unfair to our other YouTube partners and creators, it is unhealthy for the wider economics of our industry.

“Without a new license, we’re unable to make their content available in Denmark.  Our doors remain open to Koda to bring their content back to YouTube.”

YouTube added in a statement to MBW: “We take copyright law very seriously. As our license expires today and since we have been unable to secure an agreement we will remove identified Koda content from the platform.”

Koda says it “cannot accept” YouTube’s terms, and that as a result “Google have now unilaterally decided that Koda’s members cannot have their content shown on YouTube”.

[…]

Koda’s media director, Kaare Struve, said: “Google have always taken an ‘our way or the highway’ approach, but even for Google, this is a low point.

“Of course, Google know that they can create enormous frustration among our members by denying them access to YouTube – and among the many Danes who use YouTube every day.

“We can only suppose that by doing so, YouTube hope to be able to push through an agreement, one where they alone dictate all terms.”

Koda says that ever since its first agreement with YouTube was signed in 2013, “the level of payments received from YouTube has been significantly lower than the level of payment [distributed] by subscription-based services”.

Koda’s CEO, Gorm Arildsen, said: “It is no secret that our members have been very dissatisfied with the level of payment received for the use of their music on YouTube for many years now. And it’s no secret that we at Koda have actively advocated putting an end to the tech giants’ free-ride approach and underpayment for artistic content in connection with the EU’s new Copyright Directive.

“The fact that Google now demands that the payments due from them should be reduced by almost 70% in connection with a temporary contract extension seems quite bizarre.”

[…]

Source: YouTube threatens to remove music videos in Denmark over songwriter royalty fallout – Music Business Worldwide

Well guys, I reccommend you move over to Vimeo. At least that way you’re helping to break the monopoly. Not that I believe in the slightest that Koda is working in the best interests of artists as much as it’s filling its’ own pockets, but there you go.

AI tracks drone pilot’s location through the small movements the drone makes

Posted on by

The minute details of rogue drone’s movements in the air may unwittingly reveal the drone pilot’s location—possibly enabling authorities to bring the drone down before, say, it has the opportunity to disrupt air traffic or cause an accident. And it’s possible without requiring expensive arrays of radio triangulation and signal-location antennas.

So says a team of Israeli researchers who have trained an AI drone-tracking algorithm to reveal the drone operator’s whereabouts, with a better than 80 per cent accuracy level. They are now investigating whether the algorithm can also uncover the pilot’s level of expertise and even possibly their identity.

[…]

Depending on the specific terrain at any given airport, a pilot operating a drone near a camouflaging patch of forest, for instance, might have an unobstructed view of the runway. But that location might also be a long distance away, possibly making the operator more prone to errors in precise tracking of the drone. Whereas a pilot operating nearer to the runway may not make those same tracking errors but may also have to contend with big blind spots because of their proximity to, say, a parking garage or control tower.

And in every case, he said, simple geometry could begin to reveal important clues about a pilot’s location, too. When a drone is far enough away, motion along a pilot’s line of sight can be harder for the pilot to detect than motion perpendicular to their line of sight. This also could become a significant factor in an AI algorithm working to discover pilot location from a particular drone flight pattern.

The sum total of these various terrain-specific and terrain-agnostic effects, then, could be a giant finger pointing to the operator. This AI application would also be unaffected by any relay towers or other signal spoofing mechanisms the pilot may have put in place.

Weiss said his group tested their drone tracking algorithm using Microsoft Research’s open source drone and autonomous vehicle simulator AirSim. The group presented their work-in-progress at the Fourth International Symposium on Cyber Security, Cryptology and Machine Learning at Ben-Gurion University earlier this month.

Their paper boasts a 73 per cent accuracy rate in discovering drone pilots’ locations. Weiss said that in the few weeks since publishing that result, they’ve now improved the accuracy rate to 83 per cent.

Now that the researchers have proved the algorithm’s concept, Weiss said, they’re hoping next to test it in real-world airport settings. “I’ve already been approached by people who have the flight permissions,” he said. “I am a university professor. I’m not a trained pilot. Now people that do have the facility to fly drones [can] run this physical experiment.”

Source: Attention Rogue Drone Pilots: AI Can See You! – IEEE Spectrum

Libraries lend books, and must continue to lend books: Internet Archive responds to greedy publishers’ lawsuit

Posted on by

Yesterday, the Internet Archive filed our response to the lawsuit brought by four commercial publishers to end the practice of Controlled Digital Lending (CDL), the digital equivalent of traditional library lending. CDL is a respectful and secure way to bring the breadth of our library collections to digital learners. Commercial ebooks, while useful, only cover a small fraction of the books in our libraries. As we launch into a fall semester that is largely remote, we must offer our students the best information to learn from—collections that were purchased over centuries and are now being digitized. What is at stake with this lawsuit? Every digital learner’s access to library books. That is why the Internet Archive is standing up to defend the rights of  hundreds of libraries that are using Controlled Digital Lending.

The publishers’ lawsuit aims to stop the longstanding and widespread library practice of Controlled Digital Lending, and stop the hundreds of libraries using this system from providing their patrons with digital books. Through CDL, libraries lend a digitized version of the physical books they have acquired as long as the physical copy doesn’t circulate and the digital files are protected from redistribution. This is how Internet Archive’s lending library works, and has for more than nine years. Publishers are seeking to shut this library down, claiming copyright law does not allow it. Our response is simple: Copyright law does not stand in the way of libraries’ rights to own books, to digitize their books, and to lend those books to patrons in a controlled way.

“The Authors Alliance has several thousand members around the world and we have endorsed the Controlled Digital Lending as a fair use,” stated Pamela Samuelson, Authors Alliance founder and Richard M. Sherman Distinguished Professor of Law at Berkeley Law. “It’s really tragic that at this time of pandemic that the publishers would try to basically cut off even access to a digital public library like the Internet Archive…I think that the idea that lending a book is illegal is just wrong.”

These publishers clearly intend this lawsuit to have a chilling effect on Controlled Digital Lending at a moment in time when it can benefit digital learners the most. For students and educators, the 2020 fall semester will be unlike any other in recent history. From K-12 schools to universities, many institutions have already announced they will keep campuses closed or severely limit access to communal spaces and materials such as books because of public health concerns. The conversation we must be having is: how will those students, instructors and researchers access information — from textbooks to primary sources? Unfortunately, four of the world’s largest book publishers seem intent on undermining both libraries’ missions and our attempts to keep educational systems operational during a global health crisis.

The publishers’ lawsuit does not stop at seeking to end the practice of Controlled Digital Lending. These publishers call for the destruction of the 1.5 million digital books that Internet Archive makes available to our patrons. This form of digital book burning is unprecedented and unfairly disadvantages people with print disabilities. For the blind, ebooks are a lifeline, yet less than one in ten exists in accessible formats. Since 2010, Internet Archive has made our lending library available to the blind and print disabled community, in addition to sighted users. If the publishers are successful with their lawsuit, more than a million of those books would be deleted from the Internet’s digital shelves forever.

I call on the executives at Hachette, HarperCollins, Wiley, and Penguin Random House to come together with us to help solve the pressing challenges to access to knowledge during this pandemic. Please drop this needless lawsuit.

Source: Libraries lend books, and must continue to lend books: Internet Archive responds to publishers’ lawsuit – Internet Archive Blogs

Telegram hits out at Apple’s app store ‘tax’ in latest EU antitrust complaint

Posted on by

Apple has another antitrust charge on its plate. Messaging app Telegram has joined Spotify in filing a formal complaint against the iOS App Store in Europe — adding its voice to a growing number of developers willing to publicly rail against what they decry as Apple’s app “tax”.

A spokesperson for Telegram confirmed the complaint to TechCrunch, pointing us to this public Telegram post where founder, Pavel Durov, sets out seven reasons why he thinks iPhone users should be concerned about the company’s behavior.

These range from the contention that Apple’s 30% fee on app developers leads to higher prices for iPhone users; to censorship concerns, given Apple controls what’s allowed (and not allowed) on its store; to criticism of delays to app updates that flow from Apple’s app review process; to the claim that the app store structure is inherently hostile to user privacy, given that Apple gets full visibility of which apps users are downloading and engaging with.

This week Durov also published a blog post in which he takes aim at a number of “myths” he says Apple uses to try to justify the 30% app fee — such as a claim that iOS faces plenty of competition for developers; or that developers can choose not to develop for iOS and instead only publish apps for Android.

“Try to imagine Telegram or TikTok as Android -only apps and you will quickly understand why avoiding Apple is impossible,” he writes. “You can’t just exclude iPhone users. As for the iPhone users, the costs for consumers to switch from an iPhone to an Android is so high that it qualifies as a monopolistic lock-in” — citing a study done by Yale University to bolster that claim.

“Now that anti-monopoly investigations against Apple have started in the EU and the US, I expect Apple to double down on spreading such myths,” Durov adds. “We shouldn’t sit idly and let Apple’s lobbyists and PR agents do their thing. At the end of the day, it is up to us – consumers and creators – to defend our rights and to stop monopolists from stealing our money. They may think they have tricked us into a deadlock, because we’ve already bought a critical mass of their devices and created a critical mass of apps for them. But we shouldn’t be giving them a free ride any longer.”

Source: Telegram hits out at Apple’s app store ‘tax’ in latest EU antitrust complaint | TechCrunch

Top antitrust Democrat: There’s a case to break up Facebook – The guys were rambling, the women clear. Apple dodges most bullets, CEOs acting like confused guilty schoolboys

Posted on by

Rep. David Cicilline (D-R.I.), who ended Wednesday’s hearing by saying some Big Tech companies need to be broken up, told Axios that Facebook in particular lacks significant competitors and should not have been allowed to buy Instagram and WhatsApp.

Why it matters: Cicilline chairs the antitrust subcommittee, which has been looking into competition issues in the digital space.

“Mr. Zuckerberg acknowledged in this hearing that his acquisition of WhatsApp and Instagram were part of a plan to both buy a competitor and also maintain his money, power, or his dominance. That’s classic monopoly behavior.”

— Cicilline said on the “Axios Re:Cap” podcastCicilline’s criticisms weren’t limited to Facebook, pointing to the power Google and Amazon also hold in their respective markets.

  • “I think what we saw today was confirmation that these large technology platforms have enduring monopoly power,” he said in the interview with Axios’ Dan Primack.

The big picture: A key issue remains whether existing antitrust law is broad enough to address the modern tech industry, especially companies that provide their products at no direct charge to consumers.

  • “Congress is going to have to ‘think outside the box’ in a comprehensive way about what antitrust laws should look like in the 21st century,” Neguse told Axios’ Ashley Gold after the hearing.

What’s next: The committee plans to develop a set of recommendations and issue them in a final report as soon as late August, according to Cicilline.

You can listen to the podcast here.

Source: Top antitrust Democrat: There’s a case to break up Facebook – Axios

The antitrust session was quite bizarre – the CEOs were running with canned lines which made no sense in their context, they were stumbling, they refused to answer questions, even those which were favorible to their cause. Only one senator was clearly in the pocket of the big tech, the rest were firmly against. One male senator thought Google was targetting him personally and one male couldn’t understand why fake news sites didn’t get high search rankings and were banned by Facebook. It was a laugh if these companies didn’t wield such power. They raised almost all the points I raised in my talk last year.

NASA sends Perseverance Rover to Mars – with a little helicopter on it!

Posted on by

The Mars 2020 mission with its Perseverance rover is part of NASA’s Mars Exploration Program, a long-term effort of robotic exploration of the Red Planet. The Mars 2020 mission addresses high-priority science goals for Mars exploration, including key Astrobiology questions about the potential for life on Mars. The mission takes the next step by not only seeking signs of habitable conditions on Mars in the ancient past, but also searching for signs of past microbial life itself. The Perseverance rover introduces a drill that can collect core samples of the most promising rocks and soils and set them aside in a “cache” on the surface of Mars. A future mission could potentially return these samples  to Earth.  That would help scientists study the samples in laboratories with special room-sized equipment that would be too large to take to Mars. The mission also provides opportunities to gather knowledge and demonstrate technologies that address the challenges of future human expeditions to Mars. These include testing a method for producing oxygen from the Martian atmosphere, identifying other resources (such as subsurface water), improving landing techniques, and characterizing weather, dust, and other potential environmental conditions that could affect future astronauts living and working on Mars.

Source: Overview – NASA Mars

Quick Facts

  • Mission Name: Mars 2020
  • Rover Name: Perseverance
  • Main Job: The Perseverance rover will seek signs of ancient life and collect rock and soil samples for possible return to Earth.
  • Launched: July 30, 2020 4:50 a.m. PDT / 7:50 a.m. EDT
  • Launch Location: Cape Canaveral Air Force Station, Florida
  • Landing: Feb. 18, 2021
  • Landing Site: Jezero Crater, Mars
  • Mission Duration: At least one Mars year (about 687 Earth days)
  • Tech Demo: The Mars Helicopter is a technology demonstration, hitching a ride on the Perseverance rover.
  • Fact Sheet
  • Launch Press Kit

secret police Federal officer louts to pull out of Portland in a major reversal for Trump administration

Posted on by

The Trump administration is to pull federal paramilitaries out of Portland starting on Thursday in a major reversal after weeks of escalating protests and violence.

Oregon’s governor, Kate Brown, said she agreed to the pullout in talks with Vice-President Mike Pence.

Brown said state and city police officers will replace Department of Homeland Security agents in guarding the federal courthouse that has become the flashpoint for the protests.

“These federal officers have acted as an occupying force, refused accountability, and brought violence and strife to our community,” the governor said. The head of the US homeland security department said agents would stay near the courthouse until they were sure the plan was working.

Donald Trump said the pullout will not begin until the courthouse is protected. “We’re not leaving until they secure their city. We told the governor, we told the mayor: secure your city,” said the president.

But the announcement is a significant retreat by the administration after Trump sent federal forces to Portland at the beginning of July to end months of Black Lives Matter protests he described as having dragged the city into anarchy.

Instead of quelling the unrest, the arrival of paramilitaries fuelled some of the biggest demonstrations since daily protests following the killing of George Floyd, a Black American, by a white police officer in Minneapolis in May.

The situation escalated particularly after agents in camouflage were filmed snatching protesters from the streets in unmarked vans.

1:57
Portland protests: why Trump has sent in federal agents – video report

Far from imposing order, the federal force, drawn from the border patrol, immigration service and US Marshals, was largely trapped inside the federal courthouse they were ostensibly there to protect, emerging each night to fire waves of teargas, baton rounds and stun grenades in street battles with the protesters. But the demonstrators retained ultimate control of the streets.

Anger at the presence of the paramilitaries brought thousands of people out each night and acted as a lightning rod for broader discontent with Trump, including over his chaotic and divisive handling of the coronavirus epidemic which has killed nearly 150,000 Americans and shows no signs of abating.

Source: Federal officers to pull out of Portland in a major reversal for Trump administration | US news | The Guardian

Australian government sues Google for misleading consumers in Doubleclick data collection

Posted on by

The Australian government has filed its second lawsuit against Google in less than a year over privacy concerns, this time alleging the tech giant misled Australian consumers in an attempt to gather information for targeted ads. The Australian Competition and Consumers Commission (ACCC), the country’s consumer watchdog, says Google didn’t obtain explicit consent from consumers to collect personal data, according to a statement.

The ACCC cites a 2016 change to Google’s policy in which the company began collecting data about Google account holders’ activity on non-Google sites. Previously, this data was collected by ad-serving technology company DoubleClick and was stored separately, not linked to users’ Google accounts. Google acquired DoubleClick in 2008, and the 2016 change to Google’s policy meant Google and DoubleClick’s data on consumers were combined. Google then used the beefed-up data to sell even more targeted advertising.

From June 2016 to December 2018, Google account holders were met with a pop-up that explained “optional features” to accounts regarding how the company collected their data. Consumers could click “I agree,” and Google would begin collecting a “wide range of personally identifiable information” from them, according to the ACCC. The lawsuit contends that the pop-up didn’t adequately explain what consumers were agreeing to.

“The ACCC considers that consumers effectively pay for Google’s services with their data, so this change introduced by Google increased the ‘price’ of Google’s services, without consumers’ knowledge,” said ACCC Chair Rod Sims. Had more consumers sufficiently understood Google’s change in policy, many may not have consented to it, according to the ACCC.

Google told the Associated Press it disagrees with the ACCC’s allegations, and says Google account holders had been asked to “consent via prominent and easy-to-understand notifications.” It’s unclear what penalty the ACCC is seeking with the lawsuit.

Last October, the ACCC sued Google claiming the company misled Android users about the ability to opt out of location tracking on phones and tablets. That case is headed to mediation next week, according to a February Computer World article.

Source: Australian government sues Google for misleading consumers in data collection | Engadget

Google offers refunds after North smart glasses stop working or why cloud sucks and you want things running locally

Posted on by

Smart glasses company North has told customers that their $600 (£460) purchases will stop working in a few days’ time.

The Canadian company, recently purchased by Google, says its Focals glasses will cease functioning on Friday.

From then, owners will not be able to use “any features” of the glasses, or connect to the companion app.

But the company has also said it will automatically refund all customers.

It promised to send the purchase price back to the original payment method, and to contact those customers whose refunds it could not process.

At the end of June, North announced it was being acquired by Google, and would not release a planned second-generation device.

It also said it would “wind down” its first generation smart glasses, released last year.

Customers found out that meant the smart glasses would be rendered “dumb” through a statement published on the company’s website and by email.

The Focals glasses, however, come with prescription lenses as an option, meaning they can function as everyday prescription eyewear. The bulky frames, housing a laser, battery, and other kit will no longer do anything that regular spectacles cannot do.

Ben Wood, chief analyst at CCS Insight, said the pulling of features from cloud-powered hardware is not uncommon – and something that has happened to him before.

“If you want to be an early adopter and have some fun new tech that an ambitious start-up has created, there’s always a risk that they won’t be able to make the business plan stack up,” he warned.

“That could either mean the service stops working or you end up finding you have to pay additional charges to maintain service continuity.”

Source: Google offers refunds after smart glasses stop working – BBC News

When a Customer Gets Refunded For a Paid App, Apple Doesn’t Refund the 30% Cut They Took From The Developer

Posted on by

When a customer gets refunded for an app they purchased, Apple doesn’t refund the 30% cut they took from the developer, says developer Simeon Saens of Two Lives Left. While [online] payment processors generally don’t refund fees on refunded payments, “the App Store doesn’t position itself as a payments processor the way Stripe does, so it sounds really weird that they would act like one,” writes HN user chadlavi. Epic Games CEO Tim Sweeney says in a tweet: This is a critical consideration in these 30% store fees. They come off the top, before funding any developer costs. As a result, Apple and Google make more profit from most developers’ games than the developers themselves. That is terribly unfair and exploitative. “If the app store took a 3% chunk and never refunded it regardless of the ongoing status of the transaction, that would put them right in line with other payment processors,” adds chadlavi. “It would also still net them billions of dollars, I think!”

Source: When a Customer Gets Refunded For a Paid App, Apple Doesn’t Refund the 30% Cut They Took From The Developer – Slashdot

Aside from that, 30% is an insane amount of cut to steal off someone with no other option but to use your marketplace.

Hackers Broke Into Real News Sites to Plant Fake Stories

Posted on by

On Wednesday, security firm FireEye released a report on a disinformation-focused group it’s calling Ghostwriter. The propagandists have created and disseminated disinformation since at least March 2017, with a focus on undermining NATO and the US troops in Poland and the Baltics; they’ve posted fake content on everything from social media to pro-Russian news websites. In some cases, FireEye says, Ghostwriter has deployed a bolder tactic: hacking the content management systems of news websites to post their own stories. They then disseminate their literal fake news with spoofed emails, social media, and even op-eds the propagandists write on other sites that accept user-generated content.

That hacking campaign, targeting media sites from Poland to Lithuania, has spread false stories about US military aggression, NATO soldiers spreading coronavirus, NATO planning a full-on invasion of Belarus, and more. “They’re spreading these stories that NATO is a danger, that they resent the locals, that they’re infected, that they’re car thieves,” says John Hultquist, director of intelligence at FireEye. “And they’re pushing these stories out with a variety of means, the most interesting of which is hacking local media websites and planting them. These fictional stories are suddenly bona fide by the sites that they’re on, and then they go in and spread the link to the story.”

[…]

the company’s analysts have found that the news site compromises and the online accounts used to spread links to those fabricated stories, as well as the more traditional creation of fake news on social media, blogs, and websites with an anti-US and anti-NATO bent, all tie back to a distinct set of personas, indicating one unified disinformation effort. FireEye’s Hultquist points out that the campaign doesn’t seem financially motivated, indicating a political or state backer, and notes that the focus on driving a wedge between NATO and citizens of Eastern Europe hints at possible Russian involvement.

Nor would it be the first time that Russian hackers planted fake news stories; in 2017, US intelligence agencies concluded that Russian hackers breached Qatar’s state news agency and planted a fake news story designed to embarrass the country’s leader and cause a rift with the US, though US intelligence never confirmed the Kremlin’s involvement.

“We can’t concretely tie it to Russia at this time, but it’s certainly in line with their interests,” Hultquist says of the Ghostwriter campaign. “It wouldn’t be a surprise to me if this is where the evidence leads us.”

Source: Hackers Broke Into Real News Sites to Plant Fake Stories | WIRED

If you own one of these 45 Netgear devices, replace it: Firm won’t patch vulnerable gear despite live proof-of-concept code

Posted on by

Netgear has quietly decided not to patch more than 40 home routers to plug a remote code execution vulnerability – despite security researchers having published proof-of-concept exploit code.

The vuln was revealed publicly in June by Trend Micro’s Zero Day Initiative (ZDI) following six months spent chivvying Netgear behind the scenes to take it seriously.

Keen-eyed Reg readers, however, noticed that Netgear quietly declared 45 of the affected products as “outside the security support period” – meaning those items won’t be updated to protect them against the vuln.

America’s Carnegie-Mellon University summarised the vuln in a note from its Software Engineering Institute: “Multiple Netgear devices contain a stack buffer overflow in the httpd web server’s handling of upgrade_check.cgi, which may allow for unauthenticated remote code execution with root privileges.”

Stung by pressure from infosec researchers that came to a head in June when ZDI went public, Netgear began issuing patches. It had sorted out 28 of the 79 vulnerable product lines by the end of that month.

Infosec biz Grimm pitched in after independently discovering the vuln itself by publishing proof-of-concept exploits for the SOHO (Small Office/Home Office) devices.

With today’s revelation that 45 largely consumer and SME-grade items will never be patched, Netgear faces questions over its commitment to older product lines. Such questions have begun to be addressed in Britain by calls from government agencies for new laws forcing manufacturers to reveal devices’ design lifespans at the point of purchase.

[…]

Today Netgear’s advisory page for the patches shows 45 devices’ fix status as “none; outside security support period”. We have collected those devices’ model numbers in the list below:

  • AC1450
  • D6300
  • DGN2200v1
  • DGN2200M
  • DGND3700v1
  • LG2200D
  • MBM621
  • MBR1200
  • MBR1515
  • MBR1516
  • MBR624GU
  • MBRN3000
  • MVBR1210C
  • R4500
  • R6200
  • R6200v2
  • R6300v1
  • R7300DST
  • WGR614v10
  • WGR614v8
  • WGR614v9
  • WGT624v4
  • WN2500RP
  • WN2500RPv2
  • WN3000RP
  • WN3000RPv2
  • WN3000RPv3
  • WN3100RP
  • WN3100RPv2
  • WN3500RP
  • WNCE3001
  • WNCE3001v2
  • WNDR3300v1
  • WNDR3300v2
  • WNDR3400v1
  • WNDR3400v2
  • WNDR3400v3
  • WNDR3700v3
  • WNDR4000
  • WNDR4500
  • WNDR4500v2
  • WNR3500v1
  • WNR3500Lv1
  • WNR3500v2
  • WNR834Bv2

Source: If you own one of these 45 Netgear devices, replace it: Firm won’t patch vulnerable gear despite live proof-of-concept code • The Register

See When Other Apps Use Your Microphone or Camera With This Android App

Posted on by

you can get this functionality by downloading and installing a simple app from the Google Play Store: Access Dots. It’s free, it’s easy, and it helps you up your Android’s security game. I would almost call it a must-install for anyone, because it’s as unobtrusive as it is helpful.

Download and launch the app, and you’ll see one simple setting you have to enable. That’s all you have to do to fire up Access Dots’ basic functionality.

Illustration for article titled See When Other Apps Use Your Microphone or Camera With This Android App
Screenshot: David Murphy

Well, that and tapping on the new “Access Dots” listing in your Accessibility settings, and then enabling the service there, too.

Illustration for article titled See When Other Apps Use Your Microphone or Camera With This Android App
Screenshot: David Murphy

Head back to your Android’s Home screen and…you won’t see anything. Zilch. That’s the point. Pull up your Camera app, however, and you’ll see a big green icon appear in the upper-right corner of your device. Tap on your Google Assistant’s microphone icon, and you’ll see an orange dot; the same as what iOS 14 users see.

Illustration for article titled See When Other Apps Use Your Microphone or Camera With This Android App
Screenshot: David Murphy

If you don’t like these colors, you can change them to whatever you want in Access Dots’ settings. You can even change the location of said dot, as well as its size. Tap on the little “History” icon in Access Dots’ main UI—you can’t miss it—and you’ll even be able to browse a log of which apps requested camera of microphone access and for how long they used it:

Though I’m not a huge fan of how many ads litter the Access Dots app, I respect someone’s need to make a little cash. You only see them when you launch the app. Otherwise, all you’ll see on your phone are those dots. That’s not a terrible trade-off, I’d say, given how much this simple security app can do.

Source: See When Other Apps Use Your Microphone or Camera With This Android App

Hackers stole GitHub and GitLab OAuth tokens from Git analytics firm Waydev – this is why you don’t give cloud access to your crown jewels

Posted on by

Waydev, a San Francisco-based company, runs a platform that can be used to track software engineers’ work output by analyzing Git-based codebases. To do this, Waydev runs a special app listed on the GitHub and GitLab app stores.

When users install the app, Waydev receives an OAuth token that it can use to access its customers’ GitHub or GitLab projects. Waydev stores this token in its database and uses it on a daily basis to generate analytical reports for its customers.

Waydev CEO and co-founder Alex Circei told ZDNet today in a phone call that hackers used a blind SQL injection vulnerability to gain access to its database, from where they stole GitHub and GitLab OAuth tokens.

The hackers then used some of these tokens to pivot to other companies’ codebases and gain access to their source code projects.

Source: Hackers stole GitHub and GitLab OAuth tokens from Git analytics firm Waydev | ZDNet

GRUB2, you’re getting too bug for your boots: Config file buffer overflow is a boon for malware seeking to drill deeper into a system

Posted on by

An annoying vulnerability in the widely used GRUB2 bootloader can be potentially exploited by malware or a rogue insider already on a machine to thoroughly compromise the operating system or hypervisor while evading detection by users and security tools.

[…]

Designated CVE-2020-10713, the vulnerability allows a miscreant to achieve code execution within the open-source bootloader, and effectively control the device at a level above the firmware and below any system software. Bug hunters at Eclypsium, who found the flaw and dubbed it BootHole, said patching the programming blunder will be a priority and a headache for admins.

To be clear, malware or a rogue user must already have administrator privileges on the device to exploit the flaw, which for the vast majority of victims is a game-over situation anyway. You’ve likely lost all your data and network integrity at that point. What this bootloader bug opens up is the ability for a determined miscreant to burrow deeper, run code at a low level below other defenses, and compromise the foundation of a system to the point where they cannot be easily detected by administrators nor antivirus.

Source: GRUB2, you’re getting too bug for your boots: Config file buffer overflow is a boon for malware seeking to drill deeper into a system • The Register

Origins of the sarsen megaliths at Stonehenge

Posted on by

The sources of the stone used to construct Stonehenge around 2500 BCE have been debated for over four centuries. The smaller “bluestones” near the center of the monument have been traced to Wales, but the origins of the sarsen (silcrete) megaliths that form the primary architecture of Stonehenge remain unknown. Here, we use geochemical data to show that 50 of the 52 sarsens at the monument share a consistent chemistry and, by inference, originated from a common source area. We then compare the geochemical signature of a core extracted from Stone 58 at Stonehenge with equivalent data for sarsens from across southern Britain. From this, we identify West Woods, Wiltshire, 25 km north of Stonehenge, as the most probable source area for the majority of sarsens at the monument.

Source: Origins of the sarsen megaliths at Stonehenge | Science Advances

We’re suing Google for harvesting our personal info even though we opted out of Chrome sync – netizens

Posted on by

A handful of Chrome users have sued Google, accusing the browser maker of collecting personal information despite their decision not to sync data stored in Chrome with a Google Account.

The lawsuit [PDF], filed on Monday in a US federal district court in San Jose, California, claimed Google promises not to collect personal information from Chrome users who choose not to sync their browser data with a Google Account but does so anyway.

“Google intentionally and unlawfully causes Chrome to record and send users’ personal information to Google regardless of whether a user elects to Sync or even has a Google account,” the complaint stated.

Filed on behalf of “unsynced” plaintiffs Patrick Calhoun, Elaine Crespo, Hadiyah Jackson and Claudia Kindler – all said to have stopped using Chrome and to wish to return to it, rather than use a different browser, once Google stops tracking unsynced users – the lawsuit cited the Chrome Privacy Notice.

Since 2016, that notice has promised, “You don’t need to provide any personal information to use Chrome.” And since 2019, it has said, “the personal information that Chrome stores won’t be sent to Google unless you choose to store that data in your Google Account by turning on sync,” with earlier versions offering variants on that wording.

Nonetheless, whether or not account synchronization has been enabled, it’s claimed, Google uses Chrome to collect IP addresses linked to user agent data, identifying cookies, unique browser identifiers called X-Client Data Headers, and browsing history. And it does so supposedly in violation of federal wiretap laws and state statutes.

Google then links that information with individuals and their devices, it’s claimed, through practices like cookie syncing, where cookies set in a third-party context get associated with cookies set in a first-party context.

“Cookie synching allows cooperating websites to learn each other’s cookie identification numbers for the same user,” the complaint says. “Once the cookie synching operation is complete, the two websites exchange information that they have collected and hold about a user, further making these cookies ‘Personal Information.'”

The litigants pointed to Google’s plan to phase out third-party cookies, and noted Google doesn’t need cookies due to the ability of its X-Client-Data Header to uniquely identify people.

Source: We’re suing Google for harvesting our personal info even though we opted out of Chrome sync – netizens • The Register

Scientists are 3-D printing miniature human organs to test coronavirus drugs

Posted on by

Whether the goal is to find a treatment for COVID-19 or another disease, scientists often have to conduct preliminary tests on animals to determine whether the drug is safe or effective in people. It’s not always a one-for-one comparison, but The New York Times reports there may be a new way around that step going forward: 3-D printing.

For example, Anthony Atala, the director of the Wake Forest Institute for Regenerative Medicine, and his team are using 3-D printers to create tiny replicas of human organs, including miniature lungs and colons, which are particularly affected by the coronavirus. They send them overnight for testing at a biosafety lab at George Mason University.

The idea predated the coronavirus — Atala said he never thought “we’d be considering this for a pandemic” — but it could come in handy and help expedite the experimental drug process, especially since Atala said his Winston-Salem, North Carolina-based lab can churn out thousands of printed organs per hour. “The 3-D models can circumvent animal testing and make the pathway stronger from the lab to the clinic,” said Akhilesh Gaharwar, who directs a lab in the biomedical engineering at Texas A&M University. Read more at The New York Times. Tim O’Donnell

Source: Scientists are 3-D printing miniature human organs to test coronavirus drugs

Twitter Contractors Abused Access to Beyoncé’s Account: Report

Posted on by

Twitter contractors with high-level administrative access to accounts regularly abused their privileges to spy on celebrities including Beyoncé, including approximating their movements via internet protocol addresses, according to a report by Bloomberg.

Over 1,500 workers and contractors at Twitter who handle internal support requests and manage user accounts have high-level privileges that enable them to override user security settings and reset their accounts via Twitter’s backend, as well as view certain details of accounts like IP addresses, phone numbers, and email addresses.

[…]

Two of the former Twitter employees told Bloomberg that projects such as enhancing security of “the system that houses Twitter’s backup files or enhancing oversight of the system used to monitor contractor activity were, at times, shelved for engineering products designed to enhance revenue.” In the meantime, some of those with access (some of whom were contractors with Cognizant at up to six separate work sites) abused it to view details including IP addresses of users. Executives didn’t prioritize policing the internal support team, two of the former employees told Bloomberg, and at times Twitter security allegedly had trouble tracking misconduct due to sheer volume.

A system was in place to create access logs, but it could be fooled by simply creating bullshit support tickets that made the spying appear legitimate; two of the former employees told Bloomberg that from 2017 to 2018 members of the internal support team “made a kind of game out of” the workaround. The security risks inherent to granting access to so many people were reportedly brought up to the company’s board repeatedly from 2015-2019, but little changed.

This had consequences beyond the most recent hack. Last year, the Department of Justice announced charges against two former employees (a U.S. national and a Saudi citizen) that it accused of espionage on behalf of an individual close to Saudi Crown Prince Mohammed bin Salman. The DOJ alleged that the intent of the operation was to gain access to private information on political dissidents.

Source: Twitter Contractors Abused Access to Beyoncé’s Account: Report

Microsoft raised Apple’s app store with US house antitrust group

Posted on by

A US House antitrust committee is getting set to grill tech’s biggest CEOs, but Microsoft wants them to focus on one in particular: Apple’s Tim Cook. Microsoft President Brad Smith met with the committee several weeks ago and relayed concerns about how Apple manages its App Store, according to the The Information (via Bloomberg).

Smith complained specifically about Apple’s arbitrary App Store approval policy which recently caused a ruckus over the rejection of Basecamp’s Hey email app. He also railed against Apple’s payment requirement that allows it to take as much as a 30 percent cut of developers’ revenue. That policy is currently the subject of an EU antitrust investigation launched at the behest of Spotify.

The antitrust committee originally called Smith to get Microsoft’s take on the current antitrust climate, given that the company was the subject of US investigations in the 2000s. Smith said that Apple’s App Store rules impede competition to a much higher degree than Microsoft did with Windows when it was found guilty of antitrust violations two decades ago. Smith didn’t criticize other tech companies during the interview.

Apple has largely avoided the privacy-related investigations faced by Google and Facebook, but now finds itself in the middle of antitrust probes on both sides of the Atlantic. With its old frenemy Microsoft adding to the complaints, Apple could face a lot of heat when the House Judiciary Antitrust hearings kick off next Monday on July 27th.

Source: Microsoft raised Apple’s app store with US house antitrust group | Engadget

After talking about this since early 2019 it’s nice to see stuff actually happening