Two men who allegedly used 65 Google accounts to bombard Google with fraudulent DMCA takedown notices targeting up to 620,000 URLs, have been named in a Google lawsuit filed in California on Monday. Google says the men weaponized copyright law’s notice-and-takedown system to sabotage competitors’ trade, while damaging the search engine’s business and those of its customers.
While all non-compliant DMCA takedown notices are invalid by default, there’s a huge difference between those sent in error and others crafted for purely malicious purposes.
Bogus DMCA takedown notices are nothing new, but the rise of organized groups using malicious DMCA notices as a business tool has been apparent in recent years.
Since the vast majority of culprits facing zero consequences, that may have acted as motivation to send more. Through a lawsuit filed at a California court on Monday, Google appears to be sending the message that enough is enough.
Defendants Weaponized DMCA Takedowns
Google’s complaint targets Nguyen Van Duc and Pham Van Thien, both said to be residents of Vietnam and the leaders of up to 20 Doe defendants. Google says the defendants systematically abused accounts “to submit a barrage” of fraudulent copyright takedown requests aimed at removing their competitors’ website URLs from Google Search results.
[…]
The misrepresentations in notices sent to Google were potentially damaging to other parties too. Under fake names, the defendants falsely claimed to represent large companies such as Amazon, Twitter, and NBC News, plus sports teams including the Philadelphia Eagles, Los Angeles Lakers, San Diego Padres.
In similarly false notices, they claimed to represent famous individuals including Elon Musk, Taylor Swift, LeVar Burton, and Kanye West.
The complaint notes that some notices were submitted under company names that do not exist in the United States, at addresses where innocent families and businesses can be found. Google says that despite these claims, the defendants can be found in Vietnam from where they proudly advertise their ‘SEO’ scheme to others, including via YouTube.
Who would have thought that such a super poorly designed piece of copyright law would be used for this? Probably almost everyone who has been hit by a DMCA with no recourse is all. This is but a tiny tiny fraction of the iceberg, with the actual copyright holders at the top. The only way to stop this is by taking down the whole DMCA system.
Global medium-range weather forecasting is critical to decision-making across many social and economic domains. Traditional numerical weather prediction uses increased compute resources to improve forecast accuracy, but does not directly use historical weather data to improve the underlying model. Here, we introduce “GraphCast,” a machine learning-based method trained directly from reanalysis data. It predicts hundreds of weather variables, over 10 days at 0.25° resolution globally, in under one minute. GraphCast significantly outperforms the most accurate operational deterministic systems on 90% of 1380 verification targets, and its forecasts support better severe event prediction, including tropical cyclones tracking, atmospheric rivers, and extreme temperatures. GraphCast is a key advance in accurate and efficient weather forecasting, and helps realize the promise of machine learning for modeling complex dynamical systems.
[…]
The dominant approach for weather forecasting today is “numerical weather prediction” (NWP), which involves solving the governing equations of weather using supercomputers.
[…]
NWP methods are improved by highly trained experts innovating better models, algorithms, and approximations, which can be a time-consuming and costly process.
Machine learning-based weather prediction (MLWP) offers an alternative to traditional NWP, where forecast models can be trained from historical data, including observations and analysis data.
[…]
In medium-range weather forecasting, i.e., predicting atmospheric variables up to 10 days ahead, NWP-based systems like the IFS are still most accurate. The top deterministic operational system in the world is ECMWF’s High RESolution forecast (HRES), a configuration of IFS which produces global 10-day forecasts at 0.1° latitude/longitude resolution, in around an hour
[…]
Here we introduce an MLWP approach for global medium-range weather forecasting called “GraphCast,” which produces an accurate 10-day forecast in under a minute on a single Google Cloud TPU v4 device, and supports applications including predicting tropical cyclone tracks, atmospheric rivers, and extreme temperatures.
[…]
A single weather state is represented by a 0.25° latitude/longitude grid
[…]
GraphCast is implemented as a neural network architecture, based on GNNs in an “encode-process-decode” configuration (13, 17), with a total of 36.7 million parameters (code, weights and demos can be found at https://github.com/deepmind/graphcast).
[…]
During model development, we used 39 years (1979–2017) of historical data from ECMWF’s ERA5 (21) reanalysis archive.
[…]
Of the 227 variable and level combinations predicted by GraphCast at each grid point, we evaluated its skill versus HRES on 69 of them, corresponding to the 13 levels of WeatherBench (8) and variables (23) from the ECMWF Scorecard (24)
[…]
We find that GraphCast has greater weather forecasting skill than HRES when evaluated on 10-day forecasts at a horizontal resolution of 0.25° for latitude/longitude and at 13 vertical levels.
[NOTE HRES has a resolution of 0.1°]
[…]
We also compared GraphCast’s performance to the top competing ML-based weather model, Pangu-Weather (16), and found GraphCast outperformed it on 99.2% of the 252 targets they presented (see supplementary materials section 6 for details).
[…]
GraphCast’s forecast skill and efficiency compared to HRES shows MLWP methods are now competitive with traditional weather forecasting methods
[…]
With 36.7 million parameters, GraphCast is a relatively small model by modern ML standards, chosen to keep the memory footprint tractable. And while HRES is released on 0.1° resolution, 137 levels, and up to 1 hour time steps, GraphCast operated on 0.25° latitude-longitude resolution, 37 vertical levels, and 6 hour time steps, because of the ERA5 training data’s native 0.25° resolution, and engineering challenges in fitting higher resolution data on hardware.
[…]
Our approach should not be regarded as a replacement for traditional weather forecasting methods, which have been developed for decades, rigorously tested in many real-world contexts, and offer many features we have not yet explored. Rather our work should be interpreted as evidence that MLWP is able to meet the challenges of real-world forecasting problems and has potential to complement and improve the current best methods.
Google pays Apple 36% of its search advertising revenue from Safari, according to new details brought to light in Google’s search antitrust trial on Monday as reported by Bloomberg. The mere utterance of the number, which Google and Apple have tried to keep sealed, caused Google’s main litigator John Schmidtlein to visibly cringe.
“Like the revenue share percentage itself, they are a commercially sensitive part of the financial terms of an agreement currently in effect,” said Google in a filing last week, hoping to keep the true number sealed from the public’s eye.
[…]
It’s well known that Google and Apple share revenue, but not in this much detail. In Pichai’s testimony, he said the search engine has tried to give users a “seamless and easy” experience, even if that meant paying exorbitant fees to do so. Court documents revealed this month show the 20 queries Google makes the most revenue on, including “iPhone,” “Auto insurance,” “Hulu,” and “AARP.”
IDTechEx’s report ‘Micro-LED Displays 2024-2034: Technology, Commercialization, Opportunity, Market and Players‘ explores various angles of Micro-LED displays.
[…]
MicroLED displays are built on the foundation of self-emissive inorganic LEDs, acting as subpixels. These LEDs are usually in the micrometer range, without package nor substrate, and therefore are transferred in a way different from traditional pick & place techniques.
The key to Micro-LED’s success lies in its unique value propositions. Not only do these displays offer stunning visual clarity, high luminance, fast refresh rate, low power consumption, high dynamic range, and high contrast, but they also provide transparency, seamless connections, sensor integration, and the promise of an extended lifetime. Such features make Micro-LED a game-changer in the display industry.
While the disruption begins with Micro-LED, it does not end there. These displays not only meet the demands of existing applications but also create entirely new possibilities.
For the former, eight applications are addressed most: augmented/mixed reality (AR/MR), virtual reality (VR), large video displays, TVs and monitors, automotive displays, mobile phones, smartwatches and wearables, tablets, and laptops.
IDTechEx have recently observed a clear trend that most efforts are put on only a few applications such as large video displays/large TVs, Smartwatches/wearables, and augmented reality.
When talking about Mini-LED and Micro-LED, the LED size is a very common feature to distinguish the two. Both Mini-LED and Micro-LED are based on inorganic LEDs. As the names indicate, Mini-LEDs are considered as LEDs in the millimeter range, while Micro-LEDs are in the micrometer range. However, the distinction is not so strict in reality, and the definition may vary from person to person. However, it is commonly accepted that micro-LEDs are under 100 µm and even under 50 µm. While mini-LEDs are much larger.
When applied in the display industry, size is just one factor when talking about Mini-LED and Micro-LED displays. Another feature is the LED thickness and substrate. Mini-LEDs usually have a large thickness of over 100 µm, largely due to the existence of an LED substrate. While Micro-LEDs are usually substrateless, and therefore the finished LEDs are extremely thin.
A third feature that is used to distinguish the two is the mass transfer techniques that are utilized to handle the LEDs. Mini-LEDs usually adopt conventional pick-and-place techniques, including surface mounting technology. Every time, the number of LEDs that can be transferred is limited. For Micro-LEDs, millions of LEDs usually need to be transferred when a heterogenous target substrate is used; therefore, the number of LEDs to be transferred at a time is significantly larger, and thus, a disruptive mass transfer technique should be considered.
It’s amazing just how much war and conflict can change a country. On October 7th, Hamas blitzed Israel with an attack that was plainly barbaric. Yes, this is a conflict that has been simmering with occasional flashpoints for decades. No, neither side can even begin to claim it has entirely clean hands as a result of those decades of conflict. We can get the equivocating out of the way. October 7th was different, the worst single day of murder of the Jewish community since the Holocaust. And even in the immediate aftermath, those outside of Israel and those within knew that the attack was going to result in both an immediate reaction from Israel and longstanding changes within its borders. And those of us from America, or those that witnessed how our country reacted to 9/11, knew precisely how much danger this period of change represented.
It’s already started. First, Israel loosened the reigns to allow once-blacklisted spyware companies to use their tools to help Israel find the hundreds of hostages Hamas claims to have taken. While that goal is perfectly noble, of course, the willingness to engage with more nefarious tools to achieve that end had begun. And now we learn that Israel’s government has taken the next step in amending its counterterrorism laws to make the consumption of “terrorist” content a criminal offense, punishable with jail time.
The bill, which was approved by a 13-4 majority in the Knesset, is a temporary two-year measure that amends Article 24 of the counterterrorism law to ban the “systematic and continuous consumption of publications of a terrorist organization under circumstances that indicate identification with the terrorist organization”.
It identifies the Palestinian group Hamas and the ISIL (ISIS) group as the “terrorist” organisations to which the offence applies. It grants the justice minister the authority to add more organisations to the list, in agreement with the Ministry of Defence and with the approval of the Knesset’s Constitution, Law, and Justice Committee.
Make no mistake, this is the institution of thought crime. Read those two paragraphs one more time and realize just how much the criminalization of consumption of materials relies on the judgement and interpretation of those enforcing it. What is systematic in terms of this law? What is a publication? What constitutes a “terrorist organization,” not in the case of Hamas and ISIL, but in that ominous bit at the end of the second paragraph, where more organizations can — and will — be added to this list?
And most importantly, how in the world is the Israeli government going to determine “circumstances that indicate identification with the terrorist organization?”
“This law is one of the most intrusive and draconian legislative measures ever passed by the Israeli Knesset since it makes thoughts subject to criminal punishment,” said Adalah, the Legal Centre for Arab Minority Rights in Israel. It warned that the amendment would criminalise “even passive social media use” amid a climate of surveillance and curtailment of free speech targeting Palestinian citizens of Israel.
“This legislation encroaches upon the sacred realm of an individual’s personal thoughts and beliefs and significantly amplifies state surveillance of social media use,” the statement added. Adalah is sending a petition to the Supreme Court to challenge the bill.
This has all the hallmarks of America’s overreaction to the 9/11 attacks. We still haven’t unwound, not even close, all of the harm that was done in the aftermath of those attacks, all in the name of safety. We are still at a net-negative value in terms of our civil liberties due to that overreaction. President Biden even reportedly warned Israel not to ignore our own mistakes, but they’re doing it anyway.
And circling back to the first quotation and the claim that this law is temporary over a 2 year period, that’s just not how this works. If this law is allowed to continue to exist, it will be extended, and then extended again. The United States is still operating under the Authorization for Use of Military Force of 2001 and used it in order to conduct strikes in Somalia under the Biden administration, two decades later.
The right to speech and thought is as bedrock a thing as exists for a democracy. If we accept that premise, then it is simply impossible to “protect a democracy” by limiting the rights of speech and thought. And that’s precisely what this new law in Israel does: it chips away at the democracy of the state in order to protect it.
That’s not how Israel wins this war, if that is in fact the goal.
The U.S. Navy is set to demonstrate the ability of an uncrewed underwater vehicle, or UUV, to launch and recover a smaller drone that can both swim and fly. The service says it wants the two platforms to be able to go through the deployment and retrieval processes autonomously — without any human involvement.
The Office of Naval Research (ONR) announced today that it had hired SubUAS to “develop and demonstrate launch and recovery capabilities of the Naviator from and to a UUV (using a UUV surrogate).” The total value of the contract, which was formally awarded on November 8, is nearly $3.7 million, if all options are exercised.
What ONR is currently referring to as the Subsurface Autonomous Naviator Delivery (SAND) system must be able to launch and recover the Naviator “without a human-in-the-loop,” according to a brief statement about the deal with SubUAS.
[…]
“Naviator is scalable to multiple sizes, with a 16-foot wingspan and 0-90+ lbs payload, and is optimized for a variety of sensors, cameras, and other payloads. Naviator is faster to deploy than existing underwater Remote Operating Vehicles (ROVs), and is also able to reach its target faster via flight,” according to a 2020 U.S. government press release. “It has longer embedded mission capabilities than similarly sized drones, and utilizes precise GPS and visual position hold, as well as power-saving buoy sentry mode. The platform can easily surface, send data, receive new instructions, and begin a new mission.”
The same release also said that Naviator was capable of “tetherless operation with remote pilot control, and the ability to conduct autonomous missions.” SubUAS’s website notes that smaller versions of the drone could be used in swarms.
A rendering from SubUAS showing another Naviator configuration. SubUAS
SubUAS has said in the past that existing Naviator types are capable of reaching underwater speeds of up to 3.5 knots, and could potentially get up to 10 knots depending on their size and configuration. It’s unclear how fast the drone can fly in its aerial mode.
[…]
“Mines are probably the biggest problem for the Navy,” Diez, the professor at Rutgers behind the Naviator design, said back in 2015. “They need to map where mines are. Now there are a lot of false positives. This could be a better technology to rapidly investigate these potential threats.”
A graphic depicting, in very general terms, how a Naviator might help locate mines in its underwater mode, surface to transmit that data back to friendly forces, and then go back down below the waves to continue searching for more threats. SubUAS
In a naval context, “the drones could emerge quickly from the depths, get a quick glimpse of enemy ship deployments, and then hide again,” a news item from Rutgers at that time further noted. “An air-and-water drone could also help engineers inspect underwater structures, such as bridge and dock piers, ship hulls and oil drilling platforms.”
In this role, Naviator could help protect friendly forces by checking the hulls of ships and coastal infrastructure below the waterline for evidence of mines being placed or other signs of hostile infiltration.
A rendering depicting a Naviator drone inspecting underwater oil or natural gas-related infrastructure. SubUAS
Naviators could help with search and rescue missions, too. “For instance, the vehicle could scan the water from above to locate missing swimmers and sailors, and upon spotting shipwreck debris could dip underwater to further examine the scene,” Rutgers’ 2015 news item notes.
There are also various potential civilian scientific research and commercial applications for the Naviator.
For the U.S. Navy, being able to employ Naviators in swarms and deploy them discreetly using UUVs, which themselves could be launched via crewed submarines, opens up additional possibilities and offers additional operational flexibility. For instance, a swarm of Naviators could scour a broader area around the UUV for threats and do so relatively rapidly.
The Navy also said just last week it hopes, as part of a program called Razorback, to begin fielding a new UUV that can be launched and recovered using the torpedo tubes on its existing crewed submarines within a year. This follows the cancellation of the Snakehead UUV program last year in part due to that design being too large to find inside a standard torpedo tube, limiting the options for deployment and retrieval. The Navy has developed other torpedo-tube-launched drones in the past, but these have typically not been readily recoverable by the same means.
It remains to be seen what will come from the Navy’s new project to launch and recover Naviators from other underwater drones, and do so without the need for direct human involvement. What is clear is that this effort is completely in line with the kind of capabilities the service is pushing to field in the near term.
For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally occurring computational errors occur while the connection is being established.
Underscoring the importance of their discovery, the researchers used their findings to calculate the private portion of almost 200 unique SSH keys they observed in public Internet scans taken over the past seven years. The researchers suspect keys used in IPsec connections could suffer the same fate. SSH is the cryptographic protocol used in secure shell connections that allows computers to remotely access servers, usually in security-sensitive enterprise environments. IPsec is a protocol used by virtual private networks that route traffic through an encrypted tunnel.
The vulnerability occurs when there are errors during the signature generation that takes place when a client and server are establishing a connection. It affects only keys using the RSA cryptographic algorithm, which the researchers found in roughly a third of the SSH signatures they examined. That translates to roughly 1 billion signatures out of the 3.2 billion signatures examined. Of the roughly 1 billion RSA signatures, about one in a million exposed the private key of the host.
While the percentage is infinitesimally small, the finding is nonetheless surprising for several reasons—most notably because most SSH software in use has deployed a countermeasure for decades that checks for signature faults before sending a signature over the Internet. Another reason for the surprise is that until now, researchers believed that signature faults exposed only RSA keys used in the TLS—or Transport Layer Security—protocol encrypting Web and email connections. They believed SSH traffic was immune from such attacks because passive attackers—meaning adversaries simply observing traffic as it goes by—couldn’t see some of the necessary information when the errors happened.
[…]
The new findings are laid out in a paper published earlier this month titled “Passive SSH Key Compromise via Lattices.” It builds on a series of discoveries spanning more than two decades. In 1996 and 1997, researchers published findings that, taken together, concluded that when naturally occurring computational errors resulted in a single faulty RSA signature, an adversary could use it to compute the private portion of the underlying key pair.
The reason: By comparing the malformed signature with a valid signature, the adversary could perform a GCD—or greatest common denominator—mathematical operation that, in turn, derived one of the prime numbers underpinning the security of the key. This led to a series of attacks that relied on actively triggering glitches during session negotiation, capturing the resulting faulty signature and eventually compromising the key. Triggering the errors relied on techniques such as tampering with a computer’s power supply or shining a laser on a smart card.
Then, in 2015, a researcher showed for the first time that attacks on keys used during TLS sessions were possible even when an adversary didn’t have physical access to the computing device. Instead, the attacker could simply connect to the device and opportunistically wait for a signature error to occur on its own. Last year, researchers found that even with countermeasures added to most TLS implementations as long as two decades earlier, they were still able to passively observe faulty signatures that allowed them to compromise the RSA keys of a small population of VPNs, network devices, and websites, most notably Baidu.com, a top-10 Alexa property.
[…]
The attack described in the paper published this month clears the hurdle of missing key material exposed in faulty SSH signatures by harnessing an advanced cryptanalytic technique involving the same mathematics found in lattice-based cryptography. The technique was first described in 2009, but the paper demonstrated only that it was theoretically possible to recover a key using incomplete information in a faulty signature. This month’s paper implements the technique in a real-world attack that uses a naturally occurring corrupted SSH signature to recover the underlying RSA key that generated it.
[…]
The researchers traced the keys they compromised to devices that used custom, closed-source SSH implementations that didn’t implement the countermeasures found in OpenSSH and other widely used open source code libraries. The devices came from four manufacturers: Cisco, Zyxel, Hillstone Networks, and Mocana.
[…]
Once attackers have possession of the secret key through passive observation of traffic, they can mount an active Mallory-in-the-middle attack against the SSH server, in which they use the key to impersonate the server and respond to incoming SSH traffic from clients. From there, the attackers can do things such as recover the client’s login credentials. Similar post-exploit attacks are also possible against IPsec servers if faults expose their private keys.
[…]
a single flip of a bit—in which a 0 residing in a memory chip register turns to 1 or vice versa—is all that’s required to trigger an error that exposes a secret RSA key. Consequently, it’s crucial that the countermeasures that detect and suppress such errors work with near-100 percent accuracy
Under the new law, member states will offer citizens and businesses digital wallets that will be able to link their national digital identities with proof of other personal attributes (e.g., driving licence, diplomas, bank account). Citizens will be able to prove their identity and share electronic documents from their digital wallets with a click of a button on their mobile phone.
The new European digital identity wallets will enable all Europeans to access onlineservices with their national digital identification, which will be recognised throughout Europe, without having to use private identification methods or unnecessarily sharing personal data. User control ensures that only information that needs to be shared will be shared.
Concluding the initial provisional agreement
Since the initial provisional agreement on some of the main elements of the legislative proposal at the end of June this year, a thorough series of technical meetings followed in order to complete a text that allowed the finalisation of the file in full. Some relevant aspects agreed by the co-legislators today are:
the e-signatures: the wallet will be free to use for natural persons by default, but member states may provide for measures to ensure that the free-of-charge use is limited to non-professional purposes
the wallet’s business model: the issuance, use and revocation will be free of charge for all natural persons
the validation of electronic attestation of attributes: member states shall provide free-of-charge validation mechanisms only to verify the authenticity and validity of the wallet and of the relying parties’ identity
the code for the wallets: the application software components will be open source, but member states are granted necessary leeway so that, for justified reasons, specific components other than those installed on user devices may not be disclosed
consistency between the wallet as an eID means and the underpinning scheme under which it is issued has been ensured
Finally, the revised law clarifies the scope of the qualified web authentication certificates (QWACs), which ensures that users can verify who is behind a website, while preserving the current well-established industry security rules and standards.
Next steps
Technical work will continue to complete the legal text in accordance with the provisional agreement. When finalised, the text will be submitted to the member states’ representatives (Coreper) for endorsement. Subject to a legal/linguistic review, the revised regulation will then need to be formally adopted by the Parliament and the Council before it can be published in the EU’s Official Journal and enter into force.
In the EU, Meta has given you a warning saying that you need to choose for an expensive ad free version or continue using targetted adverts. Strangely, considering Meta makes it’s profits by selling your information, you don’t get the option to be paid a cut of the profits they gain by selling your information. Even more strangely, not many people are covering it. Below is a pretty good writeup of the situation, but what is not clear is whether by agreeing to the free version, things continue as they are, or are you signing up for additional invasions into your privacy, such as sending your information to servers into the USA.
Even though it’s a seriously and strangely underreported phenomenon, people are leaving Meta for fear (justly or unjustly) of further intrusions into their privacy by the slurping behemoth.
Why is Meta launching an ad-free plan for Instagram and Facebook?
After receiving major backlash from the European Union in January 2023, resulting in a €377 million fine for the tech giant, Meta has since adapted their applications to suit EU regulations. These major adaptions have all led to the recent launch of their ad-free subscription service.
This most recent announcement comes to keep in line with the European Union’s Digital Marketers Act legislation. The legislation requires companies to give users the option to give consent before being tracked for advertising reasons, something Meta previously wasn’t doing.
As a way of complying with this rule while also sustaining its ad-supported business model, Meta is now releasing an ad-free subscription service for users who don’t want targeted ads showing up on their Instagram and Facebook feeds while also putting some more cash in the company’s pocket.
How much will the ad-free plan cost on Instagram and Facebook?
Austin Distel on Unsplash
The price depends on where you purchase the subscription. If you purchase the ad-free plan from Meta for your desktop, then the plan will cost €9.99/month. If you purchase on your Android or IOS device, the plan will cost €12.99/month. Presumably, this is because Apple and Google charge fees, and Meta is passing those fees along to the user instead of taking a hit on its profit.
If I buy the plan on desktop, will the subscription carry over to my phone?
Yes! It’s confusing at first, but no matter where you sign up for your subscription, it will automatically link to all your meta accounts, allowing you to view ad-free content on every device. Essentially, if you have access to a desktop and are interested in signing up for the ad-free plan, you’re better off signing up there, as you’ll save some money.
When will the ad-free plan be available to Instagram and Facebook users?
The subscription will be available for users in November 2023. Meta didn’t announce a specific date.
“In November, we will be offering people who use Facebook or Instagram and reside in these regions the choice to continue using these personalised services for free with ads, or subscribe to stop seeing ads.”
Can I still use Instagram and Facebook without subscribing to Meta’s ad-free plan?
Meta’s statement said that it believes “in an ad-supported internet, which gives people access to personalized products and services regardless of their economic status.” Staying true to its beliefs, Meta will still allow users to use its services for free with ads.
However, it’s important to note that Meta mentioned in its statement, “Beginning March 1, 2024, an additional fee of €6/month on the web and €8/month on iOS and Android will apply for each additional account listed in a user’s Account Center.” So, for now, the subscription will cover accounts on all platforms, but the cost will rise in the future for users with more than one account
Which countries will get the new. ad-free subscription option?
The below countries can access Meta’s new subscription:
Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lichtenstein, Lithuania, Luxembourg, Malta, Norway, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Switzerland and Sweden.
Will Meta launch this ad-free plan outside the EU and Switzerland?
It’s unknown at the moment whether Meta plans to expand this service into any other regions. Currently, the only regions able to subscribe to an ad-free plan are those listed above, but if it’s successful in those countries, it’s possible that Meta could roll it out in other regions.
What’s the difference between Meta Verified and this ad-free plan?
Launched in early 2023, Meta Verified allows Facebook and Instagram users to pay for a blue tick mark next to their name. Yes, the same tick mark most celebrities with major followings typically have. This subscription service was launched as a way for users to protect their accounts and promote their businesses. Meta Verified costs $14.99/month (€14/month). It gives users the blue tick mark and provides extra account support and protection from impersonators.
Unsplash/Pocket-lint
While Meta Verified offers several unique account privacy features for users, it doesn’t offer an ad-free subscription. Currently, those subscribed to Meta Verified must also pay for an ad-free account if they live in one of the supported countries.
How can I sign up for Meta’s ad-free plan for Instagram and Facebook?
Users can sign up for the ad-free subscription via their Facebook or Instagram accounts. Here’s what you need to sign up:
Go to account settings on Facebook or Instagram.
Click subscribe on the ad-free plan under the subscriptions tab (once it’s available).
If I choose not to subscribe, will I receive more ads than I do now?
Meta says that nothing will change about your current account if you choose to keep your account as is, meaning you don’t subscribe to the ad-free plan. In other words, you’ll see exactly the same amount of ads you’ve always seen.
How will this affect other social media platforms?
Paid subscriptions seem to be the trend among many social media platforms in the past couple of years. Snapchat hopped onto the trend early in the Summer of 2022 when they released Snapchat+, which allows premium users to pay $4/month to see where they rank on their friends’ best friends list, boost their stories, pin friends as their top best friends, and further customize their settings.
More notably, Twitter, famously bought by Elon Musk, who now rebranded the platform to “X,” released three different tiers of subscriptions meant to improve a user’s experience. The tiers include Basic, Premium, and Premium Plus. X’s latest release, the Premium+ tier, allows users to pay $16/month for an ad-free experience and the ability to edit or undo their posts.
Pocket-lint
Other major apps, such as TikTok, have yet to announce any ad-free subscription plans, although it wouldn’t be shocking if they followed suit.
For Meta’s part, it claims to want its websites to remain a free ad-based revenue domain, but we’ll see how long that lasts, especially if its first two subscription offerings succeed.
What else is noteworthy, is that this comes as Youtube is installing spyware onto your computer to figure out if you are running an adblocker – also something not receiving enough attention.
Many courts have already dealt with these lawsuits-come-lately filed by opportunistic people who failed to capitalize on their own pop culture cache but thought it was worth throwing a few hundred dollars in filing fees towards a federal court in hopes that the eventual payoff would be millions.
Most of these efforts have failed. Dance moves are tough to copyright, considering they’re often not a cohesive form of expression. On top of that, there’s a whole lot of independent invention because the human body is only capable of so many dance moves that portray talent, rather than just an inability to control your limbs.
Hence the federal court’s general hesitance to proclaim controlled flailing protectable. And hence the failure of most these Fortnite-is-worth-millions lawsuits written by people with dollar signs for eyes and Web 2.0 ambulance chasers for lawyers.
But one of these lawsuits has been revived by the Ninth Circuit, which has decided a certain number of sequential dance steps is actual intellectual property worth suing over. Here’s Wes Davis with more details for The Verge:
This week, a panel of US appeals court judges has renewed the legal battle over Fortnite dance moves by reversing the dismissal of a lawsuit filed last year by professional choreographer Kyle Hanagami against Epic Games.
[…]
The lower court said choreographic works are made up of poses that aren’t protectable alone.It found that the steps and poses of dance choreography used by characters in Fortnite were not “substantially similar, other than the four identical counts of poses” because they don’t “share any creative elements” with Hanagami’s work.
The 9th Circuit panel agreed with the lower court that “choreography is composed of various elements that are unprotectable when viewed in isolation.” However, Judge Richard Paez wrote this week that referring to portions of choreography as “poses” was like calling music “just ‘notes.’” They also found that choreography can involve other elements like timing, use of space, and even the energy of the performance.
This is a strange conclusion to reach given prior case law on the subject. But a lot of prior Fortnite case law is based on the fact that complainants never made any attempt to copyright their moves, but rather decided they were owed a living by Fortnite’s producer (Epic Games) simply because Fortnite (and Epic Games) were extremely successful.
That’s not the case here, as the Ninth Circuit [PDF] notes:
Plaintiff Kyle Hanagami (“Hanagami”) is a celebrity choreographer who owns a validly registered copyright in a five-minute choreographic work.
That’s a point in Hanagami’s favor. Whether or not this particular expression is protected under copyright law is no longer an open question. It has been registered with the US Copyright office, thus making it possible for Hanagami to seek a payout that far exceeds actual damages that can be proven in court.
As was noted above, the lower court compared Hanagami’s registered work with the allegedly infringing “emote” and found that, at best, only small parts had been copied.
The Ninth Circuit disagrees.
The district court erred by ruling that, as a matter of law, the Steps are unprotectable because they are relatively brief. Hanagami has more than plausibly alleged that the four-count portion has substantial qualitative significance to the overall Registered Choreography. The four counts in question are repeated eight times throughout the Registered Choreography, corresponding to the chorus and titular lyrics of the accompanying song. Hanagami alleges that the segment is the most recognizable and distinctive portion of his work, similar to the chorus of a song. Whether or not a jury would ultimately find the copied portion to be qualitatively significant is a question for another day. We conclude only that the district court erred in dismissing Hanagami’s copyright claim on the basis that Epic allegedly infringed only a relatively small amount of the Registered Choreography.
This allows the lawsuit to move forward. The Ninth Circuit does not establish a bright line ruling that would encourage/deter similar lawsuits. Nor does it establish a baseline to guide future rulings. Instead, it simply says some choreography is distinctive enough plaintiffs can sue over alleged infringement, but most likely, it will be a jury deciding these facts, rather than a judge handling motions to dismiss.
So… maybe that’s ok? I can understand the point that distinctive progressive dance steps are as significant as distinctive chord progressions when it comes to expression that can be copyrighted. But, on the other hand, the lack of guidance from the appellate level encourages speculative litigation because it refuses to make a call one way or the other but simply decides the lower court is (1) wrong and (2) should handle all the tough questions itself.
Where this ends up is tough to say. But, for now, it guarantees someone who rues every “emote” purchase made for my persistent offspring will only become more “get off my lawn” as this litigation progresses.
In response to criticism suggesting that the ban on short selling implemented on Nov. 6 is a “political decision” aimed at next year’s general election, Lee Bok-hyun, the head of the Financial Supervisory Service (FSS), directly refuted the claims, stating, “About 100 stocks were identified as targets for naked short selling.” He said that it was a decisive measure to uproot rampant illegal short selling in the stock market.
[…]
“Currently, around 100 stocks, regardless of whether they are listed on the KOSPI or KOSDAQ, have been identified as subjects of naked, or illegal, short selling, and additional investigations are ongoing.”
[…]
He described the current situation regarding short selling as, “Not just a street with many broken windows, but rather a market where illegality has become so widespread that all the windows are shattered.”
[…]
Naked shorting is the illegal practice of short-selling shares that have not been affirmatively determined to exist. Ordinarily, traders must borrow a stock or determine that it can be borrowed before they sell it short. So naked shorting refers to short pressure on a stock that may be larger than the tradable shares in the market.
Despite being made illegal after the 2008–09 financial crisis, naked shorting continues to happen because of loopholes in rules and discrepancies between paper and electronic trading systems.
This and dark pool trading well all exposed by the GameStop / #GME explosion a few years ago. It’s nice to see someone finally taking it seriously, even if it is Korea and not the USA.
It’s rare, but now and then a company will go out on a limb and create a truly cutting-edge device, even if its books take a hit. That’s exactly what HP has done with the Spectre Fold. Despite having the same processor as last year’s ASUS Zenbook 17 OLED, HP’s take on a flexible-screen laptop is thinner, lighter and more polished than anything that’s come before it. The Spectre Fold represents a true leap when it comes to next-gen hybrid design to the point where you might even want to buy one. The issue is that at $5,000, this thing will blow up pretty much anyone’s budget.
Display
The centerpiece of the Spectre Fold is its 17-inch 2,560 x 1,920 OLED panel from LG, which features plenty of brightness (400 nits for SDR content or up to 500 nits with HDR) and an impressive color gamut (99.5 percent of DCI-P3). More importantly, it’s got thin bezels and only the faintest hint of a crease. This means in laptop mode, the Spectre Fold looks almost like any other small ultraportable, with what is effectively a 12.5-inch screen. But at a moment’s notice, you can pull its keyboard down to create what HP calls Expanded mode (which gives you the equivalent of one and a half screens) or prop the system up on its kickstand to use its full 17-inch panel. So depending on your needs, you get the perfect-sized display for your content or working space. And as a kid who grew up watching Transformers, there’s something magical about a portable all-in-one that you can pack up and easily toss in a bag. (I still haven’t decided if the Spectre Fold is more like Perceptor or closer to a bot like Reflector though.)
Design
However, where HP really flexes its skills is with the Spectre Fold’s design. Unlike the Zenbook 17 Fold which had a clunky design and flaky peripherals, it feels like HP has accounted for every detail. There’s a kickstand that folds flush against the body of the system, so it disappears when not in use. And its keyboard fits neatly inside the system when closed, while hidden magnetic charging coils keep both the keyboard and HP’s included stylus topped up so they’re always ready to go. The whole kit weighs just 3.58 pounds and measures 0.84 inches thick (when closed), which is significantly thinner and lighter than ASUS’ flexible Zenbook (4.04 pounds, 1.25 inches).
Also, unlike the ASUS, there was virtually no setup involved. The keyboard automatically paired itself during the Spectre Fold’s initial boot and its Bluetooth connection was rock solid. And while the Spectre’s two USB-C ports with Thunderbolt 4 might seem awkwardly placed at first, having them on opposite sides of the device means there’s always at least one within reach regardless of what mode the system is in. To ensure the Spectre Fold is never short on connectivity, there’s an included dongle that adds two more USB-A ports and an HDMI jack. The result is a device that feels surprisingly polished, especially when you consider that this class of laptop has only existed for just a few years.
The one awkward thing about the Spectre Fold is that, while it has a sharp 5-MP webcam with support for Windows Hello, the orientation of the camera itself can be an issue depending on what mode the laptop is in. When set up as an all-in-one, the webcam is in portrait mode instead of landscape. And when you combine that with a sensor that’s located on the left bezel of its display, it can be difficult to frame yourself properly while keeping the laptop centered.
Performance
The Spectre Fold’s processor is the one part of its spec sheet that doesn’t feel quite as sophisticated. There’s only a single configuration that features an Intel Core i7-1250U chip along with 16GB of RAM and a 1TB SSD. This isn’t very impressive for a system this pricey, though HP says it chose that chip to ensure it would fit inside the Spectre Fold’s super thin chassis (just 0.33 inches unfolded). Regardless, for general productivity, this thing is speedy enough. Just don’t expect to do any sort of serious gaming or video editing.
Battery Life
Gallery: HP Spectre Fold review photos | 9 Photos
1/9
Typically on gadgets like this that are basically glorified concept devices, battery life is an afterthought. But the Spectre Fold defies those expectations with longevity that’s on par with more-traditional ultraportables. On PCMark10’s Open Office rundown test, it lasted 10 hours and 29 minutes, which is just 10 minutes shorter than the ASUS Zenbook S13’s time of 10:39. Though that was in laptop mode. With its 17-inch panel fully unfolded, battery life dropped by two hours to 8:31.
Wrap-up
A lot of people remain skeptical about gadgets with flexible displays (for good reason, I might add), but the $5,000 Spectre Fold is the best example yet of what this tech can offer. It’s a sleek machine that fits in tight spaces but also expands when you have more room to work. And when you need to pack up and go, it tucks away neatly in a bag. It gives you all the benefits of carrying around a portable monitor but with practically none of the drawbacks, while also addressing nearly every shortcoming from previous bendy attempts by Lenovo and ASUS.
Photo by Sam Rutherford/Engadget
However, putting a concrete score on something like this feels like it would be missing the point. Sure, it’s insanely expensive, but HP’s goal wasn’t to make something with mass appeal. The mission was to take the most advanced components and design principles available today to showcase the true potential of next-gen hybrid devices. And to that end, I think this device is a success. With the Spectre Fold, HP has made the first flexible-screen laptop you might want to buy. But now comes the hard part: making one that people can actually afford.
The FTC has accused Kochava of violating the FTC Act by amassing and disclosing “a staggering amount of sensitive and identifying information about consumers,” alleging that Kochava’s database includes products seemingly capable of identifying nearly every person in the United States.
According to the FTC, Kochava’s customers, ostensibly advertisers, can access this data to trace individuals’ movements—including to sensitive locations like hospitals, temporary shelters, and places of worship, with a promised accuracy within “a few meters”—over a day, a week, a month, or a year. Kochava’s products can also provide a “360-degree perspective” on individuals, unveiling personally identifying information like their names, home addresses, phone numbers, as well as sensitive information like their race, gender, ethnicity, annual income, political affiliations, or religion, the FTC alleged.
Beyond that, the FTC alleged that Kochava also makes it easy for advertisers to target customers by categories that are “often based on specific sensitive and personal characteristics or attributes identified from its massive collection of data about individual consumers.” These “audience segments” allegedly allow advertisers to conduct invasive targeting by grouping people not just by common data points like age or gender, but by “places they have visited,” political associations, or even their current circumstances, like whether they’re expectant parents. Or advertisers can allegedly combine data points to target highly specific audience segments like “all the pregnant Muslim women in Kochava’s database,” the FTC alleged, or “parents with different ages of children.”
[…]
According to the FTC, Kochava obtains data “from a myriad of sources, including from mobile apps and other data brokers,” which together allegedly connects a web of data that “contains information about consumers’ usage of over 275,000 mobile apps.”
The FTC alleged that this usage data is also invasive, allowing Kochava customers to track not just what apps a customer uses, but how long they’ve used the apps, what they do in the apps, and how much money they spent in the apps, the FTC alleged.
[…]
Kochava “actively promotes its data as a means to evade consumers’ privacy choices,” the FTC alleged. Further, the FTC alleged that there are no real ways for consumers to opt out of Kochava’s data marketplace, because even resetting their mobile advertising IDs—the data point that’s allegedly most commonly used to identify users in its database—won’t stop Kochava customers from using its products to determine “other points to connect to and securely solve for identity.”
[…]
Kochava hoped the court would impose sanctions on the FTC because Kochava argued that many of the FTC’s allegations were “knowingly false.” But Winmill wrote that the bar for imposing sanctions is high, requiring that Kochava show that the FTC’s complaint was not just implausibly pled, but “clearly frivolous,” raised “without legal foundation,” or “brought for an improper purpose.”
In the end, Winmill denied the request for sanctions, partly because the court could not identify a “single” allegation in the FTC complaint flagged by Kochava as false that actually appeared “false or misleading,” the judge wrote.
Instead, it seemed like Kochava was attempting to mislead the court.
[…]
“The Court concludes that the FTC’s legal and factual allegations are not frivolous,” Winmill wrote, dismissing Kochava’s motion for sanctions. The judge concluded that Kochava’s claims that the FTC intended to harass and generate negative publicity about the data broker were ultimately “long on hyperbole and short on facts.”
A federal judge on Tuesday refused to bring back a class action lawsuit alleging four auto manufacturers had violated Washington state’s privacy laws by using vehicles’ on-board infotainment systems to record and intercept customers’ private text messages and mobile phone call logs.
The Seattle-based appellate judge ruled that the practice does not meet the threshold for an illegal privacy violation under state law, handing a big win to automakers Honda, Toyota, Volkswagen and General Motors, which are defendants in five related class action suits focused on the issue. One of those cases, against Ford, had been dismissed on appeal previously.
The plaintiffs in the four live cases had appealed a prior judge’s dismissal. But the appellate judge ruled Tuesday that the interception and recording of mobile phone activity did not meet the Washington Privacy Act’s standard that a plaintiff must prove that “his or her business, his or her person, or his or her reputation” has been threatened.
In an example of the issues at stake, plaintiffs in one of the five cases filed suit against Honda in 2021, arguing that beginning in at least 2014 infotainment systems in the company’s vehicles began downloading and storing a copy of all text messages on smartphones when they were connected to the system.
An Annapolis, Maryland-based company, Berla Corporation, provides the technology to some car manufacturers but does not offer it to the general public, the lawsuit said. Once messages are downloaded, Berla’s software makes it impossible for vehicle owners to access their communications and call logs but does provide law enforcement with access, the lawsuit said.
Many car manufacturers are selling car owners’ data to advertisers as a revenue boosting tactic, according to earlier reporting by Recorded Future News. Automakers are exponentially increasing the number of sensors they place in their cars every year with little regulation of the practice.
A new feature in WhatsApp will let you hide your IP address from whoever you call using the app. Knowing someone’s IP address can reveal a lot of personal information such as their location and internet service provider, so having the option to hide it is a major privacy win. “This new feature provides an additional layer of privacy and security geared towards our most privacy-conscious users,” WhatsApp wrote in a blog post.
WhatsApp currently relays calls either through its own servers or by establishing a direct connection called peer-to-peer with whoever you are calling depending on network conditions. Peer-to-peer calls often provide better voice quality, but require both devices to know each other’s IP addresses.
Once you turn the new feature, known simply as “Protect IP address in calls” on, however, WhatsApp will always relay your calls through its own servers rather than establishing a peer-to-peer connection, even if it means a slight hit to sound quality. All calls will continue to remain end-to-end encrypted, even if they go through WhatsApp’s servers, the company said.
WhatsApp has been adding more privacy features over the last few months. In June, the company added a feature that let people automatically silence unknown callers. It also introduced a “Privacy Checkup” section to allow users to tune up a host of privacy settings from a single place in the app, and earlier this year, added a feature that lets people lock certain chats with a fingerprint or facial recognition.
So this means that Meta / Facebook / Whatsapp will now know who you are calling with, once you turn this privacy feature on. So to gain some privacy towards the end caller, you sacrifice privacy towards Meta.
It truly is amazing that the video game industry is so heavily divided on the topic of user-made game mods. I truly don’t understand it. My take has always been very simple: mods are good for gamers and even better for game makers. Why? Simple, mods serve to extend the useful life of video games by adding new ways to play them and therefore making them more valuable, they can serve to fix or make better the original game thereby doing some of the game makers work for them for free, and can simply keep a classic game relevant decades later thanks to a dedicated group of fans of a franchise that continues to be a cash cow to this day.
On the other hand are all the studios and publishers that somehow see mods as some kind of threat, even outside of the online gaming space. Take Two, Nintendo, EA: the list goes on and on and on. In most of those cases, it simply appears that control is preferred by the publisher over building an active community and gaining all the benefits that come along with that modding community.
And then there’s Capcom, which recently made some statements essentially claiming that for all practical purposes mods are just a different form of cheating and that mods hurt the gaming experience for the public.
“For the purposes of anti-cheat and anti-piracy, all mods are defined as cheats,” Capcom explained. The only exception to this are mods which are “officially” supported by the developer and, as Capcom sees it, all user-created mods are “internally” no different than cheating.
Capcom goes on to say that some mods with offensive content can be “detrimental” to a game or franchise’s reputation. The publisher also explained that mods can create new bugs and lead to more players needing support, stretching resources, and leading to increased game development costs or even delays. (I can’t help but feel my eyes starting to roll…)
I’m sorry, but just… no. No to pretty much all of this. Mods do not need to be defined as cheats, particularly in offline single player games. Mods are mods, cheats are cheats. There are a zillion different aesthetic and/or quality of life mods that exist for hundreds of games that fall into this category. Skipping intro videos for games, which I do in Civilization, cannot possibly be equated to cheating within the game, but that’s a mod.
As to the claim that mods increase development time because support teams have to handle requests from people using mods that are causing problems within the games… come on, now. Support and dev teams are very distinct and I refuse to believe this is a big enough problem to even warrant a comment.
As to offensive mods, here I have some sympathy. But I also have a hard time believing that the general public is really looking with narrow eyes at publishers of games because of what third-party mods do to their product. Mods like that exist for all kinds of games and those publishers and developers appear to be getting on just fine.
Whatever the reason behind Capcom’s discomfort with mods, it should think long and hard about its stance and decide whether it’s valid. We have seen time and time again examples of modding communities being a complete boon to publishers and I see no reason why Capcom should be any different.
So they allow people to play the game in new and unexpected ways. The same does go for cheats. Sometimes you just don’t have the patience to do that boss fight for the 100th time. Sometimes you just want to get through the game. Sometimes you want to play that super 1/1000 drop chance rare item. If you’re not online, then mod and cheat the hell out of the game. It yours! You paid for it, installed the code on your hard drive. It’s out of the hands of the publisher.
The EU is currently updating eIDAS (electronic IDentification, Authentication and trust Services), an EU regulation on electronic identification and trust services for electronic transactions in the European Single Market.
[…]
Back in March 2022, a group of experts sent an open letter to MEPs [pdf] […]
It warned:
The Digital Identity framework includes provisions that are intended to increase the take-up of Qualified Website Authentication Certificates (QWACs), a specific EU form of website certificate that was created in the 2014 eIDAS regulation but which – owing to flaws with its technical implementation model – has not gained popularity in the web ecosystem. The Digital Identity framework mandates browsers accept QWACs issued by Trust Service Providers, regardless of the security characteristics of the certificates or the policies that govern theirissuance. This legislative approach introduces significant weaknesses into the global multi-stakeholder ecosystem for securing web browsing, and will significantly increase the cybersecurity risks for users of the web.
The near-final text for eIDAS 2.0 has now been agreed by the EU’s negotiators, and it seems that it is even worse than the earlier draft. A new site from Mozilla called “Last Chance to fix eIDAS” explains how new legislative articles will require all Web browsers in Europe to trust the the certificate authorities and cryptographic keys selected by the government of EU Member States. Mozilla explains:
These changes radically expand the capability of EU governments to surveil their citizens by ensuring cryptographic keys under government control can be used to intercept encrypted web traffic across the EU. Any EU member state has the ability to designate cryptographic keys for distribution in web browsers and browsers are forbidden from revoking trust in these keys without government permission.
This enables the government of any EU member state to issue website certificates for interception and surveillance which can be used against every EU citizen, even those not resident in or connected to the issuing member state. There is no independent check or balance on the decisions made by member states with respect to the keys they authorize and the use they put them to. This is particularly troubling given that adherence to the rule of law has not been uniform across all member states, with documented instances of coercion by secret police for political purposes.
To make matters worse, browser producers will be forbidden from carrying out routine and necessary checks
[…]
for those interested in understanding the underlying technology, there’s an excellent introduction to eIDAS and QWACs from Eric Rescorla on the Educated Guesswork blog. But there’s a less technical issue too. Mozilla writes that:
forcing browsers to automatically trust government-backed certificate authorities is a key tactic used by authoritarian regimes, and these actors would be emboldened by the legitimising effect of the EU’s actions. In short, if this law were copied by another state, it could lead to serious threats to cybersecurity and fundamental rights.
[…]
the insinuation that this is just an attempt by Google to head off some pesky EU legislation is undercut by the fact that separately from Mozilla, 335 scientists and researchers from 32 countries and various NGOs have signed a joint statement criticizing the proposed eIDAS reform. If the latest text is adopted, they warn:
the government-controlled authority would then be able to intercept the web traffic of not only their own citizens, but all EU citizens, including banking information, legally privileged information, medical records and family photos. This would be true even when visiting non-EU websites, as such an authority could issue certificates for any website that all browsers would have to accept. Additionally, although much of eIDAS2.0 regulation carefully gives citizens the capability to opt out from usage of new services and functionality, this is not the case for Article 45. Every citizen would have to trust those certificates, and thus every citizen would see their online safety threatened.
[…]
It’s a blatant power-grab by the EU, already attempting to circumvent encryption elsewhere with its Chat Control proposals. It must be stopped before it undermines core elements of the Internet’s security infrastructure not just in the EU, but globally too as result of its knock-on effects.
The EU Ombudsman has found a case of maladministration in theEuropean Commission’s refusal to provide the list of experts, which it first denied existing, with whom they worked together in drafting the regulation to detect and remove online child sexual abuse material.
Last December, the Irish Council for Civil Liberties (ICCL) filed complaints to the European Ombudsman against the European Commission for refusing to provide the list of external experts involved in drafting the regulation to detect and remove online child sexual abuse material (CSAM).
Consequently, the Ombudsman concluded that “the Commission’s failure to identify the list of experts as falling within the scope of the complainant’s public access request constitutes maladministration”.
The EU watchdog also slammed the Commission for not respecting the deadlines for handling access to document requests, delays that have become somewhat systematic.
The Commission told the Ombudsman inquiry team during a meeting that the requests by the ICCL “seemed to be requests to justify a political decision rather than requests for public access to a specific set of documents”.
The request was about getting access to the list of experts the Commission was in consultations with and who also participated in meetings with the EU Internet Forum, which took place in 2020, according to an impact assessment report dated 11 May 2022.
The main political groups of the EU Parliament reached an agreement on the draft law to prevent the dissemination of online child sexual abuse material (CSAM) on Tuesday (24 October).
The list of experts was of public interest because independent experts have stated on several occasions that detecting CSAM in private communications without violating encryption would be impossible.
The Commission, however, suggested otherwise in their previous texts, which has sparked controversy ever since the introduction of the file last year.
During the meetings, “academics, experts and companies were invited to share their perspectives on the matter as well as any documents that could be valuable for the discussion.”
Based on these discussions, and both oral and written inputs, an “outcome document” was produced, the Commission said.
According to a report about the meeting between the Commission and the Ombudsman, this “was the only document that was produced in relation to these workshops.”
The phantom list
While a list of participants does exist, it was not disclosed “for data protection and public security reasons, given the nature of the issues discussed”, the Commission said, according to the EU Ombudsman.
Besides security reasons, participants were also concerned about their public image, the Commission told the EU Ombudsman, adding that “disclosure could be exploited by malicious actors to circumvent detection mechanisms and moderation efforts by companies”.
Moreover, “revealing some of the strategies and tactics of companies, or specific technical approaches also carries a risk of informing offenders on ways to avoid detection”.
However, the existence of this list was at first denied by the Commission.
Kris Shrishak, senior fellow at the Irish Council for Civil Liberties, told Euractiv that the Commission had told him that no such list exists. However, later on, he was told by the EU Ombudsman that that was not correct since they found a list of experts.
The only reason the ICCL learned that there is a list is because of the Ombudsman, Shrishak emphasised.
Previously, the Commission said there were email exchanges about the meetings, which contained only the links to the online meetings.
“Following the meeting with the Ombudsman inquiry team, the Commission tried to retrieve these emails” but since they were more than two years old at the time, “they had already been deleted in line with the Commission’s retention policy” and were “not kept on file”.
Euractiv reached out to the European Commission for a comment but did not get a response by the time of publication.
This law is an absolute travesty – it’s talking about the poor children (how can we not protect them!) whilst being a wholesale surveillance law being put in by nameless faces and unelected officials.
Researchers at Duke University released a study on Monday tracking what measures data brokers have in place to prevent unidentified or potentially malign actors from buying personal data on members of the military. As it turns out, the answer is often few to none — even when the purchaser is actively posing as a foreign agent.
A 2021 Duke study by the same lead researcher revealed that data brokers advertised that they had access to — and were more than happy to sell —information on US military personnel. In this more recent study researchers used wiped computers, VPNs, burner phones bought with cash and other means of identity obfuscation to go undercover. They scraped the websites of data brokers to see which were likely to have available data on servicemembers. Then they attempted to make those purchases, posing as two entities: datamarketresearch.org and dataanalytics.asia. With little-or-no vetting, several of the brokers transferred the requested data not only to the presumptively Chicago-based datamarketresearch, but also to the server of the .asia domain which was located in Singapore. The records only cost between 12 to 32 cents a piece.
The sensitive information included health records and financial information. Location data was also available, although the team at Duke decided not to purchase that — though it’s not clear if this was for financial or ethical reasons. “Access to this data could be used by foreign and malicious actors to target active-duty military personnel, veterans, and their families and acquaintances for profiling, blackmail, targeting with information campaigns, and more,” the report cautions. At an individual level, this could also include identity theft or fraud.
This gaping hole in our national security apparatus is due in large part to the absence of comprehensive federal regulations governing either individual data privacy, or much of the business practices engaged in by data brokers. Senators Elizabeth Warren, Bill Cassidy and Marco Rubio introduced the Protecting Military Service Members’ Data Act in 2022 to give power to the Federal Trade Commission to prevent data brokers from selling military personnel information to adversarial nations. They reintroduced the bill in March 2023 after it stalled out. Despite bipartisan support, it still hasn’t made it past the introduction phase.
YouTube wants its pound of flesh. Disable your ad blocker or pay for Premium, warns a new message being shown to an unsuspecting test audience, with the barely hidden subtext of “you freeloading scum.” Trouble is, its ad blocker detecting mechanism doesn’t exactly comply with EU law, say privacy activists. Ask for user permission or taste regulatory boot. All good clean fun.
Privacy advocate challenges YouTube’s ad blocking detection scripts under EU law
Only it isn’t. It’s profoundly depressing. The battleground between ad tech and ad blockers has been around so long that in the internet’s time span it’s practically medieval. In 2010, Ars Technica started blocking ad blockers; in under a day, the ad blocker blocker was itself blocked by the ad blockers. The editor then wrote an impassioned plea saying that ad blockers were killing online journalism. As the editor ruefully notes, people weren’t using blockers because they didn’t care about the good sites, it was because so much else of the internet was filled with ad tech horrors.
Nothing much has changed. If your search hit ends up with an “ERROR: Ad blocker detected. Disable it to access this content” then it’s browser back button and next hit down, all day, every day. It’s like running an app that asks you to disable your firewall; that app is never run again. Please disable my ad blocker? Sure, if you stop pushing turds through my digital letterbox.
The reason YouTube has been dabbling with its own “Unblock Or Eff Off” strategy instead of bringing down the universal banhammer is that it knows how much it will upset the balance of the ecosystem. That it’s had to pry deep enough into viewers’ browsers to trigger privacy laws shows just how delicate that balance is. It’s unstable because it’s built on bad ideas.
In that ecosystem of advertisers, content consumers, ad networks, and content distributors, ad blockers aren’t the disease, they’re the symptom. Trying to neutralize a symptom alone leaves the disease thriving while the host just gets sicker. In this case, the disease isn’t cynical freeloading by users, it’s the basic dishonesty of online advertising. It promises things to advertisers that it cannot deliver, while blocking better ways of working. It promises revenue to content providers while keeping them teetering on the brink of unviability, while maximizing its own returns. Google has revenues in the hundreds of billions of dollars, while publishers struggle to survive, and users have to wear a metaphorical hazmat suit to stay sane. None of this is healthy.
Content providers have to be paid. We get that. Advertising is a valid way of doing that. We get that too. Advertisers need to reach audiences. Of course they do. But like this? YouTube needs its free, ad-supported model, or it would just force Premium on everyone, but forcing people to watch adverts will not force them to pony up for what’s being advertised.
The pre-internet days saw advertising directly support publishers who knew how to attract the right audiences who would respond well to the right adverts. Buy a computer magazine and it would be full of adverts for computer stuff – much of which you’d actually want to look at. The publisher didn’t demand you have to see ads for butter or cars or some dodgy crypto. That model has gone away, which is why we need ad blockers.
YouTube’s business model is a microcosm of the bigger ad tech world, where it basically needs to spam millions to generate enough results for its advertisers. It cannot stomach ad blockers, but it can’t neutralize them technically or legally. So it should treat them like the cognitive firewalls they are. If YouTube developed ways to control what and how adverts appeared back into the hands of its content providers and viewers, perhaps we’d tell our ad blockers to leave YouTube alone – punch that hole through the firewall for the service you trust. We’d get to keep blocking things that needed to be blocked, content makers could build their revenues by making better content, and advertisers would get a much better return on their ad spend.
Of course, this wouldn’t provide the revenues to YouTube or the ad tech business obtainable by being spammy counterfeits of responsible companies with a lock on the market. That a harmful business model makes a shipload of money does not make it good, in fact quite the reverse.
So, to YouTube we say: you appear to be using a bad lock-in. Disable it, or pay the price
In recent years, some researchers have been puzzled upon finding that water in their experiments, which was held in a sponge-like material known as a hydrogel, was evaporating at a higher rate than could be explained by the amount of heat, or thermal energy, that the water was receiving. And the excess has been significant — a doubling, or even a tripling or more, of the theoretical maximum rate.
After carrying out a series of new experiments and simulations, and reexamining some of the results from various groups that claimed to have exceeded the thermal limit, a team of researchers at MIT has reached a startling conclusion: Under certain conditions, at the interface where water meets air, light can directly bring about evaporation without the need for heat, and it actually does so even more efficiently than heat. In these experiments, the water was held in a hydrogel material, but the researchers suggest that the phenomenon may occur under other conditions as well.
The findings are published this week in a paper in PNAS, by MIT postdoc Yaodong Tu, professor of mechanical engineering Gang Chen, and four others.
[…]
The new findings come as a surprise because water itself does not absorb light to any significant degree. That’s why you can see clearly through many feet of clean water to the surface below. So, when the team initially began exploring the process of solar evaporation for desalination, they first put particles of a black, light-absorbing material in a container of water to help convert the sunlight to heat.
Then, the team came across the work of another group that had achieved an evaporation rate double the thermal limit — which is the highest possible amount of evaporation that can take place for a given input of heat, based on basic physical principles such as the conservation of energy. It was in these experiments that the water was bound up in a hydrogel. Although they were initially skeptical, Chen and Tu starting their own experiments with hydrogels, including a piece of the material from the other group. “We tested it under our solar simulator, and it worked,” confirming the unusually high evaporation rate, Chen says. “So, we believed them now.” Chen and Tu then began making and testing their own hydrogels.
[…]
The researchers subjected the water surface to different colors of light in sequence and measured the evaporation rate. They did this by placing a container of water-laden hydrogel on a scale and directly measuring the amount of mass lost to evaporation, as well as monitoring the temperature above the hydrogel surface. The lights were shielded to prevent them from introducing extra heat. The researchers found that the effect varied with color and peaked at a particular wavelength of green light. Such a color dependence has no relation to heat, and so supports the idea that it is the light itself that is causing at least some of the evaporation.
The puffs of white condensation on glass is water being evaporated from a hydrogel using green light, without heat.
Image: Courtesy of the researchers
The researchers tried to duplicate the observed evaporation rate with the same setup but using electricity to heat the material, and no light. Even though the thermal input was the same as in the other test, the amount of water that evaporated never exceeded the thermal limit. However, it did so when the simulated sunlight was on, confirming that light was the cause of the extra evaporation.
Though water itself does not absorb much light, and neither does the hydrogel material itself, when the two combine they become strong absorbers, Chen says. That allows the material to harness the energy of the solar photons efficiently and exceed the thermal limit, without the need for any dark dyes for absorption.
Having discovered this effect, which they have dubbed the photomolecular effect, the researchers are now working on how to apply it to real-world needs.
Amazon and Meta have agreed to not use data collected from their marketplaces to unfairly benefit themselves, the UK’s Competition and Markets Authority announced on Friday.
The monopoly watchdog launched separateinvestigations into both internet giants’ business practices, and accused the Big Tech duo of not only gathering up information about sellers using their respective online souks, they also – surprise, surprise – exploited that info to get a commercial advantage.
In Amazon’s case, the e-commerce giant used vendors’ sales figures to decide which items it should sell, and how much to price products to get an edge over everyone else. The internet behemoth also promoted its own products with its Buy Box feature and it further cut into retailers’ margins by charging extra costs if they wanted to use Amazon’s Prime delivery services, the CMA said.
Now Amazon has committed to doing less of that. The CMA said the online souk will be prevented from using third-party seller data that gives it an unfair commercial advantage, and will allow rivals to negotiate rates with independent delivery contractors working on behalf of Amazon.
Who would have thought that if the owner and cashier of the marketplace is allowed to sell on there they would use their information dominance to choose which products to sell and then undercut the other vendors on the marketplace?!
It looks like Amazon is hellbent on keeping its spot as the biggest online retailer — even if that means hurting both sellers and customers. In September, the FTC filed a long-expected antitrust lawsuit against Amazon over its alleged use of illegal strategies to stay on top. Details of the suit were previously withheld from the public, but today a mostly unredacted version was released, including details about Amazon’s secret pricing tool, known as Project Nessie. These algorithms helped Amazon increase prices by over $1 billion over two years, the FTC alleges.
[…]
According to the The Wall Street Journal, the internal documents cited in the original complaint show that Amazon executives were well aware of the effects of the company’s policies. In the documents, Amazon executives acknowledged that these policies, which included requiring Amazon sellers to have the lowest prices online or risk consequences, had a “punitive aspect.” One executive pointed out that many sellers “live in constant fear” of being penalized by Amazon for not following the ever-changing pricing policy.
The FTC also alleges that the company had been monitoring its sellers and punishing them if they offered lower prices on other platforms, which the agency says is a violation of antitrust laws. The unredacted documents indicate that Amazon has increased prices by over $1 billion between 2016 to 2018 with the use of secret price gouging algorithms known as Project Nessie. It was also revealed that the “take rate” — aka the amount Amazon makes from sellers who use the Fulfillment By Amazon logistics program — increased from 27.6 percent in 2014 to 39.5 percent in 2018. It’s unclear if that has changed in more recent years since those numbers remained redacted.
And Amazon isn’t just ruining its sellers’ experience. The complaint also revealed Amazon’s increased use of ads in search results. Several ad executives at the company acknowledged that these sponsored ads were often irrelevant to the initial search and caused “harm to consumers” and the overall experience on the site.
The FTC alleges that these policies were the brainchild of Jeff Bezos, Amazon’s founder and former chief executive, to increase the company’s profit margins.
“Mr. Bezos directly ordered his advertising team to continue to increase the number of advertisements on Amazon by allowing more irrelevant advertisements, because the revenue generated by advertisements eclipsed the revenue lost by degrading consumers’ shopping experience,” the FTC complaint alleges.
The Library of Babel is a place for scholars to do research, for artists and writers to seek inspiration, for anyone with curiosity or a sense of humor to reflect on the weirdness of existence – in short, it’s just like any other library. If completed, it would contain every possible combination of 1,312,000 characters, including lower case letters, space, comma, and period. Thus, it would contain every book that ever has been written, and every book that ever could be – including every play, every song, every scientific paper, every legal decision, every constitution, every piece of scripture, and so on. At present it contains all possible pages of 3200 characters, about 104677 books.
Since I imagine the question will present itself in some visitors’ minds (a certain amount of distrust of the virtual is inevitable) I’ll head off any doubts: any text you find in any location of the library will be in the same place in perpetuity. We do not simply generate and store books as they are requested – in fact, the storage demands would make that impossible. Every possible permutation of letters is accessible at this very moment in one of the library’s books, only awaiting its discovery. We encourage those who find strange concatenations among the variations of letters to write about their discoveries in the forum, so future generations may benefit from their research.
Over the summer, BMW finally backed down on its heated seat subscription program from sheer public outrage and bad press. This response apparently hasn’t deterred its rival Audi, however, as the German car company plans to make more new software features paid options on its next generation of vehicles.
Pioneered on the E-Tron and E-Tron Sportback, Audi offers over-the-air features through its myAudi app, adding functions like automated parking or lock-unlock light animations. To borrow a term from the gaming world, they’re microtransactions writ large to milk more money from customers. It’s like horse armor but for your car. Audi’s board rep for technical development Oliver Hoffmann has told Autocar that more “on demand” features like these are on their way.
2024 Audi Q8 E-Tron. Audi
“With our next generation of electronic architecture, we will bring more offers to ‘function on demand’ and you will see year by year we will bring new functions in the cars,” Hoffman told the outlet, claiming it’s a response to customer demand. “This is a [big] step. I think there is a demand from the customer to bring new functions in the car, and this is a profit pool for us—but we don’t see these revenue pools with this kind of functionality.”
Hoffmann reportedly wouldn’t say which features are coming, but was adamant that paid, downloadable features will be “quite normal in the future.” Which features exactly may be previewed by Audi itself, which already paywalls some climate control functions in some markets.
While all non-compliant DMCA takedown notices are invalid by default, there’s a huge difference between those sent in error and others crafted for purely malicious purposes.
