Slashdot Mirror

Catalin Cimpanu, writing for ZDNet: Jigsaw, a technology incubator created by Google and operated as a subsidiary under the Alphabet brand, has released today an Android app named Intra that can encrypt DNS queries as a protection against DNS manipulation at the ISP (internet service provider) level. DNS manipulation is one of the most common forms of online censorship used by oppressive regimes or unscrupulous ISPs, used to block access to news sites, information portals, social media platforms, undesirable software, and more. Intra protects against DNS manipulation by keeping DNS traffic hidden from third-parties with state-level surveillance capabilities, such as internet service providers in countries with autocratic regimes. Reports suggest that Alphabet tested the app with a few dozen political activists in Venezuela before the global roll-out.

An anonymous reader quotes a report from Ars Technica: A lone engineer has succeeded in doing what Uber's top lawyers and expert witnesses could not -- overturning most of a foundational patent covering arch-rival Waymo's lidar laser ranging devices. Following a surprise left-field complaint by Eric Swildens, the US Patent and Trademark Office (USPTO) has rejected all but three of 56 claims in Waymo's 936 patent, named for the last three digits of its serial number. The USPTO found that some claims replicated technology described in an earlier patent from lidar vendor Velodyne, while another claim was simply "impossible" and "magic." The 936 patent played a key role in last year's epic intellectual property lawsuit with Uber. In December 2016, a Waymo engineer was inadvertently copied on an email from one of its suppliers to Uber, showing a lidar circuit design that looked almost identical to one shown in the 936 patent.

The patent describes how a laser diode can be configured to emit pulses of laser light using a circuit that includes an inductor and a gallium nitride transistor. That chance discovery helped spark a lawsuit in which Waymo accused Uber of patent infringement and of using lidar secrets supposedly stolen by engineer Anthony Levandowski. In August 2017, Uber agreed to redesign its Fuji lidar not to infringe the 936 patent. Then, in February 2018, Waymo settled the remaining trade secret theft allegations in exchange for Uber equity worth around $245 million and a commitment from Uber not to copy its technology. "This includes an agreement to ensure that any Waymo confidential information is not being incorporated in Uber hardware and software," said a Waymo spokesperson at the time. That redesign now seems to have been unnecessary, says Swildens, the engineer who asked the USPTO to take a closer look at 936. "Waymo's claim that Uber infringed the 936 patent was spurious, as all the claims in the patent that existed at the time of the lawsuit have been found to be invalid," he said. Uber told Ars that despite the ruling, it would not be redesigning its lidars yet again. Swildensj, an employee at a small cloud computing startup, reportedly "spent $6,000 of his own money to launch a formal challenge to 936," reports Ars. "In March, an examiner noted that a re-drawn diagram of Waymo's lidar firing circuit showed current passing along a wire between the circuit and the ground in two directions -- something generally deemed impossible. 'Patent owner's expert testimony is not convincing to show that the path even goes to ground in view of the magic ground wire, which shows current moving in two directions along a single wire,' noted the examiners dryly."

"As I investigated the 936 patent, it became clear it was invalid due to prior art for multiple reasons," Swildens told Ars. "I only filed the reexamination because I was absolutely sure the patent was invalid."

New submitter ilguido writes: At a workshop organized by CERN, Prof Alessandro Strumia of Pisa University said that "physics was invented and built by men, it's not by invitation", BBC reported Monday. Strumia's presentation [Google Drive link] that supports the idea that "physics is not sexist against women[...], however the truth does not matter, because it is part of a political battle coming from outside" has already received a lot of criticism, with one female physicist defining Strumia's analysis as "simplistic, drawing on ideas that had long been discredited." In a statement on Sunday, CERN said, "It is unfortunate that one of the 38 presentations, by a scientist from one of the collaborating universities, risks overshadowing the important message and achievements of the event. CERN, like many members of the community, considers that the presentation, with its attacks on individuals, was unacceptable in any professional context and was contrary to the CERN Code of Conduct. It, therefore, decided to remove the slides from the online repository." On Monday, CERN said it has suspended the scientist from any activity at CERN with immediate effect, pending investigation into last week's event.

Earlier this year, Google updated its financial services-ad policies to ban any advertising about cryptocurrency-related content, including initial coin offerings (ICOs), wallets, and trading advice. Google appears to be reversing course with a new policy starting in October that will allow regulated cryptocurrency exchanges to buy ads in the U.S. and Japan. Advertising about ICOs, wallets and trading advice are reportedly still not allowed. CNBC reports: Google's updated policy applies to advertisers all over the world, though the ads can only run in the U.S. and Japan, and interested parties will need to apply for certification to serve ads in each country individually. Google's move follows Facebook, which started allowing pre-approved cryptocurrency advertisers in June. Google parent company Alphabet gets roughly 86 percent of its total revenue from advertising. The company booked more than $54 billion in ad revenue in the first half of 2018.

An anonymous reader quotes a report from Bloomberg: Tesla is under investigation by the Justice Department over public statements made by the company and Chief Executive Officer Elon Musk. The criminal probe is running alongside a previously reported civil inquiry by securities regulators. Federal prosecutors opened a fraud investigation after Musk tweeted last month that he was contemplating taking Tesla private and had "funding secured" for the deal. The tweet initially sent the company's shares higher. Tesla confirmed it has been contacted by the Justice Department. The investigation by the U.S. attorney's office in the Northern District of California follows a subpoena issued by the Securities and Exchange Commission seeking information from the electric-car maker about Musk's plans to go private, which he has since abandoned. Tesla said in a statement following Bloomberg's report: "Last month, following Elon's announcement that he was considering taking the company private, Tesla received a voluntary request for documents from the DOJ and has been cooperative in responding to it. We have not received a subpoena, a request for testimony, or any other formal process. We respect the DOJ's desire to get information about this and believe that the matter should be quickly resolved as they review the information they have received."

112-mph winds from Hurricane Florence battered the Carolinas on Saturday, resulting in at least 13 deaths and leaving more than 796,000 households with no electricity, according to CNN, with over 20,000 people evacuating to emergency shelters.

One Myrtle Beach resident spotted an alligator walking through their neighborhood, and the New York Post warns the hurricane "could displace venomous snakes from South Carolina's wetlands," uprooting "some 38 species of snakes -- including dangerous cottonmouths and copperhead vipers."

Cellphone carriers are offering free calling, texting, and data services to affected customers in the Carolinas, and Quartz reports that other tech companies are also trying to help: People fleeing Florence can find hundreds of places on Airbnb to stay for free; the company will screen applicants and cover homeowners for any damage up to $1 million. Harmany is an app created specifically to connect people during natural disasters. It's set up so that people who have a place can list it, adding it to a map where those needing shelter can find them. Gas Buddy, which lets users search for gas prices and availability by zip code, has set up a special "Florence Live Updates" page and section on its app so users can identify which gas stations are out of fuel, diesel, or power....

The main federal disaster agency, the Federal Emergency Management Agency (FEMA), has an app that is supposed to provide up-to-the minute information about the storm, shelters, and evacuation routes. It is crashing constantly, according to Android users. (Quartz's didn't have the same problems, but hitting the "get directions" button to one North Carolina shelter inexplicably opened up Uber.) FEMA also recommends the Red Cross's Hurricane app, which shows location specific weather alerts, has a flashlight and an alarm, and allows users to connect with people in their contacts, but doesn't have information on shelters.
And the data backup company Datto is even deploying equipment for free to bring back critical infrastructure. "With this storm, it looks like flooding will be as much of a danger as wind. It doesn't take a lot of water to knock out infrastructure like cable and internet. Things that can take weeks to build it back..."

112-mph winds from Hurricane Florence battered the Carolinas on Saturday, resulting in at least 13 deaths and leaving more than 796,000 households with no electricity, according to CNN, with over 20,000 people evacuating to emergency shelters.

One Myrtle Beach resident spotted an alligator walking through their neighborhood, and the New York Post warns the hurricane "could displace venomous snakes from South Carolina's wetlands," uprooting "some 38 species of snakes -- including dangerous cottonmouths and copperhead vipers."

Cellphone carriers are offering free calling, texting, and data services to affected customers in the Carolinas, and Quartz reports that other tech companies are also trying to help: People fleeing Florence can find hundreds of places on Airbnb to stay for free; the company will screen applicants and cover homeowners for any damage up to $1 million. Harmany is an app created specifically to connect people during natural disasters. It's set up so that people who have a place can list it, adding it to a map where those needing shelter can find them. Gas Buddy, which lets users search for gas prices and availability by zip code, has set up a special "Florence Live Updates" page and section on its app so users can identify which gas stations are out of fuel, diesel, or power....

The main federal disaster agency, the Federal Emergency Management Agency (FEMA), has an app that is supposed to provide up-to-the minute information about the storm, shelters, and evacuation routes. It is crashing constantly, according to Android users. (Quartz's didn't have the same problems, but hitting the "get directions" button to one North Carolina shelter inexplicably opened up Uber.) FEMA also recommends the Red Cross's Hurricane app, which shows location specific weather alerts, has a flashlight and an alarm, and allows users to connect with people in their contacts, but doesn't have information on shelters.
And the data backup company Datto is even deploying equipment for free to bring back critical infrastructure. "With this storm, it looks like flooding will be as much of a danger as wind. It doesn't take a lot of water to knock out infrastructure like cable and internet. Things that can take weeks to build it back..."

David Pogue: Apparently, a lot of people hang their identities on what phones they carry. An iPhone person might feel personally affronted when a Samsung Galaxy gets a great review, and vice versa. Apple and Samsung just introduced their new fall 2018 smartphones, and it's clearer than ever: all smartphones have pretty much the same features. Therefore, it strikes many people as searingly important to remember which brand had those features first.
OS Features: Apple invented the touchscreen phone as we know it. The original 2007 iPhone brought us multitouch (pinch to zoom), an on-screen keyboard, auto-rotate, lists that scroll as though with momentum, and the apps-on-a-Home-page design that we all use to this day. Not surprisingly, then, Apple wins this category, having introduced 13 ideas, compared to Android's 10 (and Samsung's 1). The screen is the first thing you notice when you turn on a phone --how big, bright, and gorgeous it is. You can read the full review here. The final verdict: Apple leads the invention category, with 44 innovations, according to our calculations. Google's Android comes in second, with 31. And Samsung brings up the rear with 12 innovations. Now, if you count the number of times each company is listed as a Follower in the spreadsheet, you discover that Apple also seems to have stolen the most ideas. In part, that's because I'm pitting Apple against Google/Samsung (its phones use Google's software). As a result, no feature ever lists Google and Samsung as innovator+follower, or vice versa; they're always a single team.

RoccamOccam writes: WebRender, an experimental GPU-based renderer for web content, written in Rust, is now enabled by default for Firefox Nightly users on desktop Windows 10 with Nvidia GPUs. The announcement was made on the mailing list.

Lin Clark provides an excellent overview of WebRender and, states, "with WebRender, we want apps to run at a silky smooth 60 frames per second (FPS) or better no matter how big the display is or how much of the page is changing from frame to frame. And it works. Pages that chug along at 15 FPS in Chrome or today's Firefox run at 60 FPS with WebRender.

In describing the WebRender approach Clark, asks, "what if we removed this boundary between painting and compositing and just went back to painting every pixel on every frame? This may sound like a ridiculous idea, but it actually has some precedent. Modern day video games repaint every pixel, and they maintain 60 frames per second more reliably than browsers do. And they do it in an unexpected way instead of creating these invalidation rectangles and layers to minimize what they need to paint, they just repaint the whole screen."

Google is now selling an updated headphone adapter that's supposed to be more responsive and drain less of your phone's battery. But these minor improvements come at a cost. The new dongle costs $12, whereas the old dongle sold for just $9. "That also means Google's headphone adapter now costs more than Apple's equivalent adapter for the iPhone," The Verge notes. From the report: Physically, though, the dongle is nearly identical to the USB-C to 3.5mm adapter that Google has been selling since last October: this new version is just a hair smaller in almost every dimension. Google says the new dongle will connect to your phone ever so slightly faster, and, more importantly, it's supposed to draw less power, translating to 38 percent more playback time. Android Police first spotted the update.

An anonymous reader writes: Mozilla today released Firefox 62 for Windows, Mac, Linux, and Android. The release builds on Firefox Quantum, which the company calls "by far the biggest update since Firefox 1.0 in 2004." Version 62 brings variable fonts, automatic dark theme on macOS, and better scrolling on Android. Firefox 62 for the desktop is available for download now on Firefox.com, and all existing users should be able to upgrade to it automatically. As always, the Android version is trickling out slowly on Google Play. The latest iOS version is available on Apple's App Store.

An anonymous reader writes: Google today launched Chrome 69 for Windows, Mac, and Linux, Android, and iOS, just a few days after the browser's 10-year anniversary. The release includes a new design, more powerful omnibox, updated password manager, more accurate autofill, plenty of developer-specific changes, and a slew of security improvements. You can update to the latest version now using Chrome's built-in updater, download it directly from google.com/chrome, or grab it from Google Play and Apple's App Store. Further reading: As Chrome turns 10, Google bets on AI and AR, and Google wants to kill the URL.

An anonymous reader writes: Google today launched Chrome 69 for Windows, Mac, and Linux, Android, and iOS, just a few days after the browser's 10-year anniversary. The release includes a new design, more powerful omnibox, updated password manager, more accurate autofill, plenty of developer-specific changes, and a slew of security improvements. You can update to the latest version now using Chrome's built-in updater, download it directly from google.com/chrome, or grab it from Google Play and Apple's App Store. Further reading: As Chrome turns 10, Google bets on AI and AR, and Google wants to kill the URL.

Epic decided to ditch Google Play Store for its sleeper hit Fortnite. By doing so, while Epic may have saved some money that it would have had to split with Google, it also ran into an issue that it could have avoided had it not parted ways with Google. AndroidCentral reports: Google has just publicly disclosed that it discovered an extremely serious vulnerability in Epic's first Fortnite installer for Android that allowed any app on your phone to download and install anything in the background, including apps with full permissions granted, without the user's knowledge. Google's security team first disclosed the vulnerability privately to Epic Games on August 15, and has since released the information publicly following confirmation from Epic that the vulnerability was patched.

[...] When you go to download "Fortnite" you don't actually download the whole game, you download the Fortnite Installer first. The Fortnite Installer is a simple app that you download and install, which then subsequently downloads the full Fortnite game directly from Epic. The problem, as Google's security team discovered, was that the Fortnite Installer was very easily exploitable to hijack the request to download Fortnite from Epic and instead download anything when you tap the button to download the game. It's what's known as a "man-in-the-disk" attack.

Wave723 shares a report from IEEE Spectrum: On August 30, a startup plans to add its "smart pavement" to an intersection in an industrial corner of Denver, Colorado. The company has encased assorted electronics within four slabs of concrete and will wedge those slabs into the road between a Pepsi Co. bottling plant and two parking lots. Integrated Roadways says its product, which can deduce the speed, weight, and direction of a vehicle from the basket of sensors buried in the pavement, will face its first real-world test at that discreet Denver junction. If this trial goes well, the startup "will replace 500 meters of pavement along a dangerous curve in Highway 285, just south of Denver, with its product in early 2019," reports IEEE Spectrum. The sensors will be able to detect when a driver careens off the road's edge and alert authorities. It even has the ability to prompt officials to reconfigure lanes to relieve congestion.

An anonymous reader quotes a report from TechCrunch: In an effort to provide more transparency and deliver on a promise to Congress, Google just published an archive of political ads that have run on its platform. Google's new database, which it calls the Ad Library, is searchable through a dedicated launch page. Anyone can search for and filter ads, viewing them by candidate name or advertiser, spend, the dates the ads were live, impressions and type. For anyone looking for the biggest ad budget or the farthest reaching political ad, the ads can be sorted by spend, impressions and recency, as well. Google also provided a report on the data, showing ad spend by U.S. state, by advertiser and by top keywords.

An anonymous reader quotes a report from TechCrunch: In an effort to provide more transparency and deliver on a promise to Congress, Google just published an archive of political ads that have run on its platform. Google's new database, which it calls the Ad Library, is searchable through a dedicated launch page. Anyone can search for and filter ads, viewing them by candidate name or advertiser, spend, the dates the ads were live, impressions and type. For anyone looking for the biggest ad budget or the farthest reaching political ad, the ads can be sorted by spend, impressions and recency, as well. Google also provided a report on the data, showing ad spend by U.S. state, by advertiser and by top keywords.

Google's recent launch of Android 9.0 Pie hasn't gone off without some early bugs and issues. According to The Verge, users are reporting that Android Pie prevents their phone from fast charging when plugged into many chargers. Google's own charger doesn't even appear to be working. From the report: Other Pixel XL owners say the bundled charger still functions properly and displays "charging rapidly," but third-party USB-PD (power delivery) chargers no longer juice up the XL as quickly as they did pre-update. Google has oddly marked a bug report on the problem as "won't fix (infeasible)," which is likely alarming to see for those experiencing it, especially since it can very clearly be attributed to the Android 9.0 update. Things were working normally, then Pie came, and then something broke. A second thread has been posted with more users chiming in to confirm they're affected.

Google's recent launch of Android 9.0 Pie hasn't gone off without some early bugs and issues. According to The Verge, users are reporting that Android Pie prevents their phone from fast charging when plugged into many chargers. Google's own charger doesn't even appear to be working. From the report: Other Pixel XL owners say the bundled charger still functions properly and displays "charging rapidly," but third-party USB-PD (power delivery) chargers no longer juice up the XL as quickly as they did pre-update. Google has oddly marked a bug report on the problem as "won't fix (infeasible)," which is likely alarming to see for those experiencing it, especially since it can very clearly be attributed to the Android 9.0 update. Things were working normally, then Pie came, and then something broke. A second thread has been posted with more users chiming in to confirm they're affected.

An anonymous reader quotes a report from Gizmodo: An investigation carried out by Federal Communication Commission's own inspector general officially refutes controversial claims that a cyberattack was responsible for disrupting the FCC's comment system in May 2017, at the height of the agency's efforts to kill off net neutrality. The investigation also uncovered that FCC officials had provided congressional lawmakers with misleading information regarding conversations between an FCC employee and the Federal Bureau of Investigation's cybercrime task force. A report from the inspector general's office (OIG) released Tuesday afternoon states that the comment system's downtime was likely caused by a combination of "system design issues" and a massive surge in traffic caused when Last Week Tonight host John Oliver directed millions of TV viewers to flood the FCC's website with pro-net neutrality comments.

Investigators were unable to "substantiate the allegations of multiple DDoS attacks" alleged by then-FCC Chief Information Officer David Bray, the report says. "At best, the published reports were the result of a rush to judgment and the failure to conduct analyses needed to identify the true cause of the disruption to system availability." [Here's an excerpt from the report:] "While we identified a small amount of anomalous activity and could not entirely rule out the possibility of individual DoS attempts during the period from May 7 through May 9, 2017, we do not believe this activity resulted in any measurable degradation of system availability given the minuscule scale of the anomalous activity relative to the contemporaneous voluminous viral traffic." Yesterday, before the report was released, FCC chairman Ajit Pai came clean on the fact that the hack of its comment system last year actually took place. Pai blamed the former chief information officer and the Obama administration for providing "inaccurate information about the incident to me, my office, Congress, and the American people."

An anonymous reader quotes a report from TechCrunch: The FCC has come clean on the fact that a purported hack of its comment system last year never actually took place, after a report from its inspector general found a lack of evidence supporting the idea. Chairman Ajit Pai blamed the former chief information officer and the Obama administration for providing "inaccurate information about this incident to me, my office, Congress, and the American people." It was so galling to everyone looking for answers that the GAO was officially asked to look into it. The letter requesting the office's help at the time complained that the FCC had "not released any records or documentation that would allow for confirmation that an attack occurred, that it was effectively dealt with, and that the FCC has begun to institute measures to thwart future attacks and ensure the security of its systems." That investigation is still going on, but one conducted by the FCC's own OIG resulted in the report Pai cites.

Pai's statement was issued before the OIG publicized its report, as one does when a report is imminent that essentially says your agency has been clueless at best or deliberately untruthful at worst, and for more than a year. To be clear, the report is still unpublished, though its broader conclusions are clear from Pai's statement. In it he slathers Bray with the partisan brush and asserts that the report exonerates his office: "I am deeply disappointed that the FCC's former [CIO], who was hired by the prior Administration and is no longer with the Commission, provided inaccurate information about this incident to me, my office, Congress, and the American people. This is completely unacceptable. I'm also disappointed that some working under the former CIO apparently either disagreed with the information that he was presenting or had questions about it, yet didn't feel comfortable communicating their concerns to me or my office. On the other hand, I'm pleased that this report debunks the conspiracy theory that my office or I had any knowledge that the information provided by the former CIO was inaccurate and was allowing that inaccurate information to be disseminated for political purposes." UPDATE: The complete Office of Inspector General report has been released, refuting claims that a cyberattack was responsible for disrupting the FCC's comment system last year.

Slashdot reader Lauren Weinstein writes: YouTube very quietly made a very cool and rather major improvement in their video players today... YouTube is now adjusting the YT player size to match videos' native aspect ratios. This is a big deal, and very much welcome.
YouTube provided some before-and-after screenshots Friday, and acknowledged that "We launched this update on mobile awhile back (both Android and iOS) so this change also aligns the desktop and mobile viewing experiences."

Gizmodo writes: Until now YouTube forced all videos into a 16:9 ratio by windowboxing them, meaning surround them with black vertical or horizontal bars like the old days of watching widescreen movies on VHS. In that sense, this isn't a huge change -- white space instead of black -- although the location of player controls moves to fit the video's size...

The aspect adjustments are apparently automatic, retroactive to all uploaded video, and if there's a way to turn the feature off in Creator Studio it's non-obvious... Update 7/27/18 7:48pm: A YouTube spokesperson has since clarified to Gizmodo that currently there is no way to disable this feature.

The Google Play Store is no longer welcoming apps that mine cryptocurrencies on users' devices. The new policy plainly states: "We don't allow apps that mine cryptocurrency on devices." As a result, Google will start to remove any app from the Play Store that violates these terms. It will however still allow mining apps that are used to control cryptocurrency mining operations on remote devices -- such as servers or desktops. Bleeping Computer reports: Preventing cryptocurrency mining on Android is crucial because untethered mining operations can easily overheat or destroy batteries -- or even devices if the battery case deforms, leaks, or catches fire. Such scenarios have already happened. Android malware strains like Loapi and HiddenMalware have been known to cause physical damage to infected smartphones. Google didn't publicly announce the policy change, but developers who had apps removed complained on Reddit. Other policy changes were also made, such as the decision to ban apps with repetitive content. You can read the new "Restricted Content" section of the Play Store Policy Center here, and compare it to an earlier version here.

hackingbear writes: Qualcomm officially terminated the deal to buy Dutch semiconductor giant NXP after failing to get a decision from regulators in China by its deadline. It must now shell out a previously agreed upon $2 billion termination fee. The Chinese market accounts for 30% of Qualcomm's revenue. China's refusal of the approval can also be a retaliation against an $1.4 billion penalty against ZTE imposed by the U.S. Department of Commerce over technicalities of ZTE's violation of Iran sanctions, a move viewed by China as a U.S. excuse to launch a trade war. "It's a reminder that trade wars are maybe not that easy to win," says Steven Roach of Morgan Stanley. "And China has a lot of ammunition up its sleeve." Roach urged the Trump administration to understand that the U.S. and China "need each other," saying low-price Chinese imports are needed to "make ends meet" for cash-strapped Americans. Separately, in a hearing at the Office of United States Trade Representative for imposing additional tariffs on Chinese imports due to the alleged intellectual property theft by China, an accusation that the U.S. itself had committed, out of some 61 figures from the country's chemical, electronics, and solar energy sectors, only six expressed their support for the move.

An anonymous reader quotes a report from The Guardian: Smooth or hairy, pungent or tasteless, deep-hued or bright: new versions of old fruits could be hitting the produce aisles as plant experts embrace cutting-edge technology, scientists say. While researchers have previously produced plants with specific traits through traditional breeding techniques, experts say new technologies such as the gene-editing tool Crispr-Cas9 could be used to bring about changes far more rapidly and efficiently. Among the genes flagged in the new study in the journal Trends in Plant Science are those behind the production of a family of substances known as MYBs, which are among the proteins that control whether other genes are switched on or off.

"MYBs are great targets because they are central to several consumer traits or features like color, flavor [and] texture," said Andrew Allan, a co-author of the review from the University of Auckland whose own projects include working on red-fleshed apples and changing the color of kiwi fruits. "Russet skin in apple and pear [is linked to MYBs]. Hairs on peaches but not nectarines -- another type of MYB." Dr Richard Harrison, head of genetics, genomics and breeding at the horticultural organization NIAB EMR, who was not involved in the article, said tweaking MYB genes or the way such genes are themselves controlled was a fruitful approach. Gene-editing of MYB genes and other genes could bring a host of benefits, Harrison said, adding: "There is a large opportunity to improve the nutritional profile of fruits and vegetables in the future using gene-editing technology, as well as other techniques." Such techniques, he said, introduce the same sort of DNA changes as plant breeders have introduced by artificially selecting traits that cropped up through spontaneous DNA mutation -- but much faster. Next week, the European Court of Justice will decide if or how plants that have been gene-edited will be regulated, and whether they will be treated like genetically modified plants. In April, the U.S. Department of Agriculture announced it will no longer regulate genetically altered plants, so long as the changes could have been produced through traditional plant-breeding techniques.

You asked questions, we've got the answers!

Christine Peterson is a long-time futurist who co-founded the nanotech advocacy group the Foresight Institute in 1986. One of her favorite tasks has been contacting the winners of the institute's annual Feynman Prize in Nanotechnology, but she also coined the term "Open Source software" for that famous promotion strategy meeting in 1998.

Christine took some time to answer questions from Slashdot readers.
What exactly happened in 1998?
by Anonymous Coward

Prior to 1998, had you heard anyone using the phrase "open source" before? Or was it something you came up with on your own as the only logical set of words to describe source code which is openly shared.

Starting earlier, our non-profit, Foresight Institute, had been holding a series of small invitational meetings at our office in Los Altos, focused on our free software project and the field in general. One topic of discussion that came up now and then was the problem of the name free software and how it confused newcomers into thinking that the main point was the price because, sadly, in English our word for "free as in freedom" and "free as in price" are the same. (In Spanish they wisely use different words for these two concepts.) But nothing had yet been suggested that seemed good enough to catch on.

Sometime after that the term "open source software" popped into my mind, and my immediate thought was "that's good enough." Not ideal, not great, but good enough to solve the problem. I ran it by a few friends including Mark Miller and Eric Drexler, and they agreed it was probably good enough. One other friend, who worked in PR, thought that "open" had already been overused in the software field, which was true, but it seemed appropriate in this context so I decided to go ahead with the idea anyway.

Eric Raymond came to visit Silicon Valley in connection with the transition of the Netscape code from proprietary to publicly available, so we met again to discuss these new developments. While there Eric took a call from two people from Netscape, and when he was done I asked to speak to them, a man and a woman (possibly Mitchell Baker?). I mentioned the name problem and they agreed, but none of us then had a better term to suggest.

When Eric Raymond visited again, he needed to have other local meetings and doesn't drive, so I offered to drive him around. That's when I found myself sitting in on the meeting at VA Research that included Larry Augustin, Sam Ockman, and "maddog" by phone; I wasn't invited to it. Probably the others thought I was Eric's chauffeur or even his girlfriend. Prior to the meeting I had discussed the "open source software" idea with Todd Anderson, who was also at this meeting, but not with Eric himself, whom I didn't know as well at this point. Being a non-programmer, I had pretty much zero status at this meeting, except with the two who already knew me, so I didn't feel it would work to just say "Hey, here's why you guys all need to use my terminology for your field." The meeting was primarily on broader free software topics anyway, so I just listened and didn't see an opening. Fortunately, Todd was on the ball and tried an interesting tactic: he just used the term casually, not introducing it formally but just throwing it out there in another context. Of course then I perked up and started paying closer attention to see what would happen, if anything. A few minutes later someone else, who hadn't been informed in advance, spontaneously used it, again in a context unrelated to a change in terminology. Todd and I looked at each other and smiled: the meme had jumped successfully!

Later in the meeting, as a rather minor matter compared to the rest of it, the group had a brief discussion and agreed that open source software would be a useful term. No attention was paid then to who suggested it originally, which was fine with me. Later on, Eric even briefly thought it was he himself who came up with it (which would be quite a plausible thing for him to do), but Todd took the initiative to let him know that it was me, and immediately Eric was super gracious about correcting the record on that.

At the time, Todd told me that someday I would be glad to have credit for this, and he was quite right about that. So thank you Todd, wherever you are (and please get in touch).

I don't recall hearing the phrase before it popped into my head, though I found out later that it has long been widely used in the "intelligence" (i.e., spy) field to refer to publicly available information content, so the usage is similar enough to not be a problem. Since the recent coverage of the 20th anniversary, a couple of previous uses in a software context have turned up also. But since I was neither in software nor in intelligence, I probably did not see any of these uses.

I've seen a couple of commenters suggesting that I should defend a claim to having coined the term. Fortunately for me, I don't need to do this, because that decision is not based on my current input or comments. It's an open source community decision based on past experiences, and as a non-programmer I don't even get a vote on this. I just have to accept whatever the community decides, which is why I waited twenty years to let things settle out before publishing my own account.

For a more of the history, see my longer version at Opensource.com. (The OSI history page lists Michael Tiemann also at the VA Research meeting, which is probably correct though I don't recall it. It also has the meeting dated two days earlier than my notes indicate; sadly my calendar data from those days is not accessible format-wise anymore.)

What was it like in 1998?
by DevNull127

As someone who worked closely with Eric Raymond (and had interactions with Jon "maddog" Hall), what were they like in 1998? I'm curious what the whole "mood" of the development community was like in 1998 at that historic meeting. Maybe you could also talk about how things changed -- what they were like before the Open Source movement revved into high gear, and what they were like after.

And how does it all compare to when you first joined the tech scene in the 1980s?

CP: When I arrived in Silicon Valley in 1985, we were still in the early days of the personal computer. Most people did not have an email address or even a fax machine. Only visionaries like Ted Nelson and Doug Engelbart were talking about hypertext and the future of online personal computing. At that time, working on Nelson's Xanadu Hypertext Project was one of the few ways available to move toward that future, and it was through that project that I met many very smart software people including Mark S. Miller and Dean Tribble (who have just started a new company, Agoric, to advance secure smart contracts). It was an exciting time in terms of knowing the potential, but frustrating because the underlying chips were still slow, with little memory or graphics functionality, and online communications were done over regular phone lines using modems, painfully slow.

I vividly recall when Martin Haeberli came to the Foresight office to show us an early MOSAIC browser. It wasn't super impressive at that time, but he explained that this was the start of what would become a world of online hypertext, and he was right. The early days of the World Wide Web were extremely exciting to those of us who had been inspired by Nelson's and Engelbart's visions of hypertext. FINALLY we got to make links! But also they had an undercurrent of intense frustration, because so many of the visionary features were missing, such as automatic micropayments to authors for their original publications and even their quotes used elsewhere online. But the term micropayment was seen by many as anathema, because "information should be free." Even back then, some of us knew that there was no such thing as a free lunch, and that expenses must be paid somehow. It's this lack of micropayments to content providers that has led to today's ubiquitous business model of selling users' personal information and manipulating them using highly-targeted ads, and the negative effects of that on society.

At the time, the open-sourcing of Netscape was seen as yet another innovative Silicon Valley company succumbing to unfair pressure by the all-powerful behemoth Microsoft. This sad situation had the silver lining of bringing an exciting browser project into the free software world. But the small startups trying to do support for free software were having a heck of a time explaining to customers why they should have to pay anything at all to use "free software". (And of course they don't, if they are good enough at dealing with code...which most people, including me, are not.) This awkwardness is what led to the addition of "open source software" to the original -- and still useful -- name "free software".

I did not get to know maddog, but in 1998 Eric Raymond was the one who was most active in doing public outreach, especially media, on behalf of open source. He worked very hard for months or years, unpaid to my knowledge, to promote these ideas and the community. There were many others of course, including Bruce Perens who with Eric co-founded Open Source Initiative to defend the ideas and approve licenses that met the new Open Source Criteria they wrote. Tim O'Reilly played a key role by convening and hosting the community in meetings to make group decisions. And of course we should remember Richard Stallman and the Free Software Foundation, which had been and still are doing similar work under the original term.

To me as a relative outsider, it seemed that there was a big change when the new term was introduced, which happened very close in time to the Netscape open-sourcing. I had been reading Slashdot occasionally, mainly to admire the way it was designed and enabled users to interact much more effectively that other systems I'd seen. But when the new term arrived, it seemed that suddenly there was a fast ramp-up of attention and especially media coverage of the field. For a while it seemed like every day there was a new exciting development in "open source", which often appeared in quotes because it was so new. And these were appearing in non-programmer publications, ultimately in mainstream news media. Reading Slashdot became a daily necessity, especially for me, since I was getting some kind of thrilling brain chemistry surge every time I saw the term used. I still do, but it's smaller now: a nano surge.

Nanotech Prognosis / Open Source Utopia
by qaute

What's the current outlook for nanotechnology? Technically speaking, do we get Star Trek replicators soon, or is that still a 25+ year thing?

The ultimate dream in nanotechnology is a molecular assembler (atomic 3D printer) on every desktop, with a widespread community of hardware designers/developers analogous to open source software today. You'll be able to, say, download files to build a new car from GitHub. Hackaday has a good writeup. Suppose that someone finally figures out how to build such a molecular assembler. Chances are it'll be patent-encumbered and NDA'd. How can we [get] from here to there...? Politically, how do regulations, industry, and patents look?

Socially, is it generally viewed as positive or negative these days?

CP: Let's say that the goal is an open-source molecular 3D printer able to construct molecular machinery, plus a large library of open-source designs to use with the device. Let's divide this into the hardware components and software components.

It's taken decades and billions of dollars investment to get us where we are today in conventional hardware chips. That kind of investment has not been made yet in molecular machinery. I think eventually we would get there using human chemists, but it appears that instead there will be a shortcut. Progress in artificial intelligence is moving faster now, and I expect that instead of human chemists and human designers of molecular machinery and associated construction pathways, this work will be done faster via AI. We do not need AGI (artificial general intelligence) to do this. Targeted knowledge of chemistry and design engineering are what is needed, and that's coming sooner than AGI. So it could well be sooner than 25+ years depending on AI progress, but (and here's the catch) if that happens, the world will be changing in many other ways also, both positive and negative, to the extent that we may have other issues to deal with instead of having the opportunity of focusing on writing open source code for atomically-precise manufacturing.

Regarding regulations and patents: there's no particular regulatory focus on molecular machinery just now, and there probably won't be much until an actual problem crops up. As an example, consider the recent hearings on Facebook: the US legislators are not educated enough on those issues to grapple effectively with them. Patents seem likely to continue to be used whenever a company does the work, unless it sees a strategic advantage to open-sourcing the work.

I don't think that nanotech or atomically-precise manufacturing is on the public radar these days, either positive or negative. The nanotech term itself has become a marketing term for anything with at least one nanoscale dimension, so the average person who hears it probably thinks that we already have nanotech and therefore it's not a big deal. But it's not clear that we need or want the average person to be paying attention to atomically-precise manufacturing just now anyway, so maybe that's just as well.

Open source or free software
by Jim Hall

Some people prefer one term over the other. I'm curious: all these years later, do you still prefer the term open source software or are you more aligned to Free software?

CP: I use both terms, depending on context. When I'm with longtime hackers such as John Gilmore who naturally use the earlier term, I use it too. And of course if one is at a meeting of the Free Software Foundation, it's polite to use their preferred terminology.

However in dealing with non-software people or young people, I believe that the open source term is much clearer and therefore more useful. I tried doing a search on the two terms, and they are both in active use, but I found more "open source software" than "free software" usages. (This is a very crude measure and may be wrong, of course.)

Probably in Spanish-speaking countries, where they have the words gratis and libre to distinguish our two meanings for the English word free, there is less reason to use the new term. Someone could do a PhD dissertation comparing how the new term spread in the English-speaking world vs. the Spanish-speaking world. That would enable us to tease apart how much the newer term spread due to the free/free confusion problem vs. any more intrinsic value it may have, e.g., implying that the source code is open to public view.

Open source and medicine
by AmiMoJo

How can we get more open source medical software? Given that medical devices are so heavily regulated it seems like it will be hard to get, say, an open source pacemaker system that users can hack, or at least audit.

Radio software seems to be in a similar state - cellular modems, wifi chipsets etc. are all heavily regulated and closed source, with signed code required for updates.

CP: As far as I can tell, the Internet of Things world is still using the "security through obscurity" model. Given that, regulators are naturally going to favor closed source code, since that seems to be a way to reduce the likelihood of attacks.

If we want regulators to approve open source software for important devices, we need to show that it's as secure, or preferably more secure, than closed source code.

Although I am not a programmer, I have paid enough attention to this general issue to be intrigued with object capabilities (ocaps) as a path forward toward more secure code, whether closed and open source.

Currently the most serious effort I'm aware of in this area is Agoric.

There are (at least) two problems that ocaps does not solve. Social engineering will continue to be an issue, though my understanding is that ocaps reduces the damage that these can cause. Finally, there is the problem of compromised hardware: deliberate back doors designed into our computer chips; this is a huge problem with only very expensive solutions; see the hardware question below for more on this.

For more on security, see the paper Cyber, Nano, and AGI Risks: Decentralized Approaches to Reducing Risks, by myself, Mark S. Miller, and Allison Duettmann, from the proceedings of UCLA's First International Colloquium on Catastrophic and Existential Risk (2017).

Pollution
by lhowaf

Nano-materials, in general, seem to be becoming a significant source of hard-to-cleanup pollution. Do you see nano-tech heading in the same direction?

CP: The long-term goal of atomically-precise nanotech is the complete control of the structure of matter (to the extent we care about that structure). This would include extremely advanced abilities to clean up the natural environment. The question is what the pathway looks like to get there, and how clean can we make that pathway? This last question is a matter of what we decide to do. If society decides that preventing nanoscale pollution is a priority, then we'll do much better than if we don't try. It's at least possible to consider how to make this happen commercially, through traditional regulatory mechanisms. The more difficult challenge is military use, and use in regions which don't prioritize environmental values. No easy answers here. But the ultimate goal, at least, is a very clean environment, and it should be achievable eventually. It was this prospect that drew me into trying to advance this field in the first place.

How to deal with nanotech hype problem?
by Goldsmith

I am a nanotechnologist. I've done great academic research, worked for the government, managed a few grants, and started a few companies. It's very easy to hype the potential of nanotechnology. On the other hand, it's very hard to get attention put on results from serious commercial efforts. Granting agencies and our community are not good at supporting companies that do what we all tell each other needs to get done (i.e. NanoIntegris). We are great at supporting academic research groups that have a patina of commercial application (i.e. IBM).

As a field we've missed celebrating a number of major commercialization milestones. CNT and graphene electronics are available commercially! Who knew? For five years or so, you could find commercial graphene electronics in cell phone screens in Shenzhen. For the last two years, you could find commercial graphene biosensors at many big pharma companies. For the last year, you could buy CNT based high power RF electronics.

If we were interested in showing the real potential of the field, wouldn't the leaders want to show everyone that it IS working? We have actually met the NNI timeline for commercialization set in the 1990s. The goals we set out with 20 years ago seem to mean nothing to the hype machine we've created.

Simply put, how do we deal with the addiction to hype in nanotechnology, and focus a bit more on substantive accomplishment?

CP: I'm speaking here from a US perspective. This problem is not unique to nanotechnology, or even to technology in general. It's part of a general decline that has at least two sources, the decline in education standards and the decline of serious journalism, resulting in a hype culture with hype consumers who cannot tell the difference among exciting current technologies, valid engineering prospects, and complete nonsense.

It takes substantial science background to understand why nanotech and atomically-precise manufacturing are interesting, and few in our society today have that background. Our K-12 system is largely broken. Many of our colleges and universities now optimize for student entertainment and enjoyment, rather than the hard road of learning science and engineering.

Serious journalism has been decimated -- worse than decimated, including science and technology journalism. Consumers want all their information for free, and in many cases, you get what you pay for in this area as in others. Could micropayments help? Perhaps something built into the browser sending pennies or fraction of pennies to content originators? I am not sure. It seems worth a try. It could at least help with the privacy problem.

As for the education problem: we need to admit the disaster and try some major experiments. For example, some blame the decline of university standards on deceptively easy loans to students who don't realize what they are getting into. Glenn Reynolds has written books worth reading on this general problem of educational decline in the US, and I would look to him for ideas on solutions.

To me, compared to earlier decades, US society overall seems kind of decadent, cynical, in a cultural decline. I hope we can turn this around somehow. People like Slashdot readers give me hope. And there are still many, many people truly working to make the world a better place, including here in Silicon Valley. My view of Silicon Valley has a positive bias because I meet people through Foresight Institute, which helps select for good folks. I invite you all to join our email list (use blue button on this page) and come to our events. Some are research workshops (e.g., application form for Atomic Precision for Longevity workshop) and some are more accessible, such as our salons and Vision Weekend (videos). If you like what you see, consider donating; we are entirely supported by individual donations from great folks like the open source community.

Why Nanotechnology, for Laypeople
by qaute

Integrated circuits, solar panels, and GMOs are some pretty big results in nanotech these days. What are some future benefits we can look forward to that help justify further research to non-techies?

CP: My own focus is on the long term, very advanced applications such as molecular repair of the human body, ending disease and even aging itself. To me this is highly motivating! That's on top of the original goal of restoring the environment that drew me in originally.

Coming up with near- and intermediate-term applications is harder. This is why venture capitalists make lots of money, when they do their job well. Picking winning new applications is so challenging, especially in getting the timing right.

I can say this: amazing new catalysts and filtration technologies are on the way. Sound boring? It is totally not. Huge energy savings, cheap clean water for everyone (this would even help prevent wars), even blood filtration to take out all the stuff that should not be there.

________________________________________________________________________________
Nanotech threat landscape
by bjorng

How concerned should we be about nanotechnology equivalents of the software threats we see today? I would hate to have my circulatory system held hostage for bitcoin.

The Nanotechnology Corollary to Metsploit
by Anonymous Coward

The Internet of Things (IoT) seems to be a ramp-up to Micro-Electromechanical Machines (MEMs), which, in turn, will prime another ramp into atomic-scale nanotechnology. But already, security is atrocious. Worse than Windows XP's exploitation, endless automatic updates and a constant avalanche of zero-day patches.

What will a metasploit framework and CVE database for IoT, MEMs and smaller systems look like? How will biomedical bug bounties, vulnerabilities, exploits and weaponized payloads play themselves out?
________________________________________________________________________________

CP: We should be very concerned and more important, very vigilant. We need to solve today's Internet of Insecure Things as soon as possible, before even more of our world is controlled by software. As mentioned above, I am placing my hope in Agoric and object capabilities in general. There are also suggestions for how to address the insecure chip problem, though they are expensive and have performance costs as well; see the question from AmiMoJo below.

Recent improvements in physical security
by AmiMoJo

Recently big gains have been made in physical security. Many phones are encrypted by default and relatively difficult for unauthorized persons to unlock. Encrypted storage is increasingly common for computers too, although open source support for technologies like OPALv2 seems to be lagging behind closed source systems. In 2017 AMD introduced encrypted RAM.

All of these rely on special hardware to protect encryption keys and perform encryption functions at speeds fast enough to avoid any significant performance loss. It seems like hardware is necessary for very high levels of physical security anyway, e.g. tamper-proof boot ROMs.

How can open source provide this level of security when high end hardware is increasingly difficult for individuals to fabricate? Should we be thinking about how we can fabricate our own security processors and key storage, or is there another way to achieve high levels of physical security?

CP: My understanding from Mark S. Miller is that yes, we need to be thinking about fabricating our own chips, if we want to get around the problem of deliberately-installed backdoors.

In the paper cited above we write, "In the near term one can imagine a technology example that can be secure against those risks: a good open source processor design for which there is a proof of security comparable to the proof of security of the seL4 software. There are many open source processor designs that are sufficiently high performance that, when run on a field-programmable gate array (FPGA), can run fast enough to be practical for many applications. By combining these well-designed processors with a layout algorithm that randomizes layout decisions, the processor could be randomly laid out for each individual hardware instance. Given this randomized layout, there is no feasible corruption of the FPGA hardware that can escape notice under electron microscopes and that would also be able to successfully corrupt most instances of the processor."

UPDATE: After writing the above, I met with Mark and he explained that another approach has been found to the problem of insecure chips. At the recent Zcon0 conference, a method was described using zkSnarks and/or Coda. It's not financially practical yet, and doesn't fix leakage of data, but addresses the integrity issue. This is way outside my area of expertise. Eventually, the Agoric website will have many relevant documents on these topics, but not yet.

50 years ahead
by EngineeringStudent

I heard a myth a few decades ago, that top-secret work in most fields is at least 50 years ahead of the current published state of the art. I can't begin to imagine what that would look like here. What sorts of things do you think are solidly plausible within the next 50 years of work in the field of nano-technology, and how would we detect them "in the field" today, if we were to look for them...?

I know there were published discussions about silicon based listening and transmitting devices, bugs, that were smaller than grains of salt. I also know that there was great published fervor over single-pixel cameras, and, in my personal opinion, I have seen a surprising gap in entangled non-return imaging. I expect "they" have working, single-photon, non-return-imaging cameras on grains of silicon too small for the eye to work with, so perhaps nano drone swarms used for data gathering/surveillance, where each drone is less than 0.1mm across?

When I look at robo-cat, and the alleged robo-squirrels or robo-insects, I think they have such swarms that can be ingested/injected/otherwise-implanted inside animals that don't realize they have become "listening posts". What would you do with a fully-functional jet-engine that was only a few microns across? I remember sub-cellular size bar-codes made by shooting proton based cylindrical holes in silicon, then lithographing layers of gold or other stuff to make the code, then removing the silicon substrate. Could we put markers into people to inform future medical reconstruction such as "non-invasive" 3d printing of organs in-vivo? How would we detect sub-cell-size tagging, or fabrication? I like the idea of nanotech-driven bio-energy harvesting. Why can't we turn trees into solar panels by hacking into their organic photosynthesis?

CP: These areas are above my pay grade, but for inspiration on what could be possible in 50 years I would look at high-quality hard science fiction. Some of those writers pay close attention to physical limits. Yes, the surveillance technology should be amazingly good (or bad, depending on one's point of view). I'm not sure we would need advance markers in the body in order to do great 3D printing of organs in vivo, but I could be wrong on that. Eventually I expect we will come up with physical barriers that only allow understood molecular structures to pass though, to avoid having to detect sub-cell size tagging inside our bodies, when it's harder to find. But that's very long-term and ambitious.

Is physical security a political problem?
by Anonymous Coward

How to defend against molecule-sized machines is a question, but there is a meta-question there: will we be subject to constant false flag attacks and entrapment? Year 2030: Great Leader or Deep State accuses you of carrying a nanotech attack. You and perhaps people of your supporting network get disappeared into high security facilities, solitary confinement and all. Can we disprove the authorities' lies? Will people be able to know... Will there be anyone left to speak for you?

CP: Yes, this is a meta question and not about nanotech per se. If government is so dysfunctional and corrupt that the scenario above can take place, we have already lost. Our goal has to be to prevent that level of corruption from taking hold. Edmund Burke wrote, "The only thing necessary for the triumph of evil is for good men to do nothing." To take a US perspective, there have been various times in our country's history when the smartest and most civic-minded people have turned their attention to political matters, to get them straightened out for their own generation and those to come. Jefferson wrote, "We will be soldiers, so our sons may be farmers, so their sons may be artists." Sadly, it's looking like it's time to turn from being artists to being soldiers -- not physical soldiers, but soldiers in the fight for freedom, openness, and other values the open source community cares about.

An anonymous reader quotes a report from Motherboard: Earlier this week, an algorithm made an absurd choice. Google AdSense, Google's advertising program that makes up the bulk of the tech giant's advertising revenue, decided that a web page about a decades-old bill about sexual abuse was "adult content," and wasn't allowed to display ads anymore. The page, which is at least six years old and contains strictly legislative information about a bill called the "Child Sexual Abuse and Pornography Act of 1986" on free legislative research and tracking website GovTrack.us, tripped the AdSense algorithm that decides what pages are allowed to run ads. This single, very dry page being flagged as "adult content" is most likely a minor fluke in the AdSense algorithm, but it's a perfect example of how a tiny tweak in the way a platform uses automation to enforce policies can send a ripple through seemingly-unrelated parts of the internet. The page was flagged by Adsense as "policy non-compliant" on Monday, with Google citing the page's "violations" in a summary of the AdSense adult content policy. Here's what Google told GovTrack: "As stated in our program policies, we may not show Google ads on pages with content that is sexually suggestive or intended to sexually arouse. This includes, but is not limited to: pornographic images, videos, or games; sexually gratifying text, images, audio, or video; pages that provide links for or drive traffic to content that is sexually suggestive or intended to sexually arouse." The GovTrack page contains none of these, yet the page still can't run AdSense.

A Democratic assemblyman with financial ties to AT&T has gutted a new law that would serve as a gold standard for true net neutrality protection across the country. The bill SB 822 is expected to be voted on by the California State Assembly Communications and Conveyance committee on Wednesday, where it would go to the state assembly for a full vote, at which point it would become law if it passes. "But late Tuesday evening, Miguel Santiago, a California assemblyman and chair of the Communications and Conveyance committee, edited the bill to allow for gaping loopholes that benefit the telecommunications industry and make the net neutrality legislation toothless," reports Mashable. From the report: If Santiago doesn't remove his amendments, he would be the first California Democrat to side with the Trump administration to actively destroy net neutrality, according to Fight for the Future (an internet freedoms advocacy organization). Specifically, the amendments undermine net neutrality in a few ways. First, they would allow ISPs to charge any website a fee for people to be able to access it.

Next, they would give some content (such as content owned by the provider) preferential treatment on cellular data. That means that some content would eat up cellular data, while others would be free or less impactful to access. There's a high likelihood that privileged content would be created by the network's parent company, since so many telecoms companies like Comcast and, recently, AT&T, now both own the actual content, and the way it's distributed. This loophole makes it likely that people wary about using up the data that they pay for would opt for the content privileged by their telecoms provider, which undermines consumer choice. And finally, Santiago's edits allow for throttling, which means intentionally slowing down content, but with a twist: Instead of slowing down the connection to consumer devices, the data is slowed at the website or service side, affecting everyone trying to access it.

An anonymous reader quotes a report from Ars Technica: Back in January 2017, Google and Uber teamed up to put a cool feature in Google Maps: You could search for, book, and pay for an Uber all directly from Google Maps. You didn't even need the Uber app installed. Now, 18 months later, the feature is dead. Google posted a new support page (first spotted by Android Police) that flatly states, "You can no longer book Uber rides directly in Google Maps."

The feature would have you search for a location in Google Maps and ask for directions like normal, but instead of choosing walking, driving, biking, or mass transit directions, a tab for ride-sharing would allow you to book a ride directly. The ride-sharing tab still exists, but instead of booking an Uber, it just gives you an estimate and offers to kick you out to the Uber app.

An anonymous reader writes: "Several gaming companies have announced plans to remove support for an analytics app they have bundled with their games," reports Bleeping Computer. "The decision to remove the app came after several Reddit and Steam users noticed that many game publishers have recently embedded a controversial analytics SDK (software development kit) part of recent updates to their games. The program bundled with all these games, and at the heart of all the recent controversy, is RedShell, an analytics package provided by Innervate, Inc., to game publishers."

The app is intended to collect information about the source of new game installs, and details about the gamer. Following a massive user outcry in the past two weeks, several game makers have given in to pressure and are removing this SDK. Game makers and games who announced they were removing RedShell include Bethesda (Elder Scrolls), All Total War games, Warhammer games, Magic the Gathering Arena, and more. [This Google Docs spreadsheet and Reddit thread have a list of games containing RedShell.]

The official app for the Spanish soccer league La Liga, which has more than 10 million downloads from Google Play, was recently updated to seek access to users' microphone and GPS settings. "When granted, the app processes audio snippets in an attempt to identify public venues that broadcast soccer games without a license," reports Ars Technica. From the report: According to a statement issued by La Liga officials, the functionality was added last Friday and is enabled only after users click "eyes" to an Android dialog asking if the app can access the mic and geolocation of the device. The statement says the audio is used solely to identify establishments that broadcast games without a license and that the app takes special precautions to prevent it from spying on end users. [La Liga's full statement with the "appropriate technical measures to protect the user's privacy" is embedded in Ars' report.]

[E]ven if the app uses a cryptographic hash or some other means to ensure that stored or transmitted audio fragments can't be abused by company insiders or hackers (a major hypothetical), there are reasons users should reject this permission. For one, allowing an app to collect the IP address, unique app ID, binary representation of audio, and the time that the audio was converted could provide a fair amount of information over time about a user. For another, end users frequenting local bars and restaurants shouldn't be put in the position of policing the copyrights of sports leagues, particularly with an app that uses processed audio from their omnipresent phone.

Rob Riggs writes: Jarek Duda, the inventor of a compression technique called asymmetric numeral systems (ANS), dedicated the invention to the public domain. Since 2014, Facebook, Apple, and Google have all created software based on his breakthrough. Google is now trying to patent a video encoding scheme using the compression technique. The inventor is fighting Google in the European courts and has won a preliminary ruling. The fight's not over and Google is also seeking a patent with the USPTO. A Google spokesperson says Duda came up with a theoretical concept that isn't directly patentable, "while Google's lawyers are seeking to patent a specific application of that theory that reflects additional work by Google's engineers," reports Ars Technica. "But Duda says he suggested the exact technique Google is trying to patent in a 2014 email exchange with Google engineers."

Rob Riggs writes: Jarek Duda, the inventor of a compression technique called asymmetric numeral systems (ANS), dedicated the invention to the public domain. Since 2014, Facebook, Apple, and Google have all created software based on his breakthrough. Google is now trying to patent a video encoding scheme using the compression technique. The inventor is fighting Google in the European courts and has won a preliminary ruling. The fight's not over and Google is also seeking a patent with the USPTO. A Google spokesperson says Duda came up with a theoretical concept that isn't directly patentable, "while Google's lawyers are seeking to patent a specific application of that theory that reflects additional work by Google's engineers," reports Ars Technica. "But Duda says he suggested the exact technique Google is trying to patent in a 2014 email exchange with Google engineers."

Google Lens is now available as an app in the Play Store for devices with Android Marshmallow and above. The app is designed to bring up relevant information using visual analysis. Android Police reports: When you open the app, it goes right into a live viewfinder with Lens looking for things it can ID. Like the Assistant version of Lens, you can tap on items to get more information (assuming Google can figure out what they are) and copy text from documents. However, I've noticed that copying text doesn't work on the OnePlus 6 right now. It works fine with the built-in Lens version. Some users are reporting that it's not working properly on some devices, so keep that mind if you decide to give it a whirl.

The popular Gboard keyboard app for iOS and Android devices has a fundamental flaw. According Reddit user SurroundedByMachines, the red underline has stopped appearing for incorrectly spelled words since November of last year -- and it doesn't appear to be limited to any one device. Issues with the spell checker have been reported on multiple devices across Android and iOS. A simple Google search brings up several different threads where people have reported issues with the feature.

What's more is that nobody at Google seems to get the memo. The Reddit user who first brought this to our attention filed several bug reports, left a review, and joined the beta channel to leave feedback there, yet no response was given. "Many people have been having the issue, and it's even been escalated to the community manager," writes SurroundedByMachines. Since the app has over 500 million downloads on the Play Store alone, this issue could be frustrating a lot of users, especially those who use their phones to send work emails or write documents. Have you noticed Gboard's broken spell checker on your device? If so, you may want to look into another third-party keyboard, such as SwiftKey or Cheetah Keyboard.

The popular Gboard keyboard app for iOS and Android devices has a fundamental flaw. According Reddit user SurroundedByMachines, the red underline has stopped appearing for incorrectly spelled words since November of last year -- and it doesn't appear to be limited to any one device. Issues with the spell checker have been reported on multiple devices across Android and iOS. A simple Google search brings up several different threads where people have reported issues with the feature.

What's more is that nobody at Google seems to get the memo. The Reddit user who first brought this to our attention filed several bug reports, left a review, and joined the beta channel to leave feedback there, yet no response was given. "Many people have been having the issue, and it's even been escalated to the community manager," writes SurroundedByMachines. Since the app has over 500 million downloads on the Play Store alone, this issue could be frustrating a lot of users, especially those who use their phones to send work emails or write documents. Have you noticed Gboard's broken spell checker on your device? If so, you may want to look into another third-party keyboard, such as SwiftKey or Cheetah Keyboard.

The popular Gboard keyboard app for iOS and Android devices has a fundamental flaw. According Reddit user SurroundedByMachines, the red underline has stopped appearing for incorrectly spelled words since November of last year -- and it doesn't appear to be limited to any one device. Issues with the spell checker have been reported on multiple devices across Android and iOS. A simple Google search brings up several different threads where people have reported issues with the feature.

What's more is that nobody at Google seems to get the memo. The Reddit user who first brought this to our attention filed several bug reports, left a review, and joined the beta channel to leave feedback there, yet no response was given. "Many people have been having the issue, and it's even been escalated to the community manager," writes SurroundedByMachines. Since the app has over 500 million downloads on the Play Store alone, this issue could be frustrating a lot of users, especially those who use their phones to send work emails or write documents. Have you noticed Gboard's broken spell checker on your device? If so, you may want to look into another third-party keyboard, such as SwiftKey or Cheetah Keyboard.

The popular Gboard keyboard app for iOS and Android devices has a fundamental flaw. According Reddit user SurroundedByMachines, the red underline has stopped appearing for incorrectly spelled words since November of last year -- and it doesn't appear to be limited to any one device. Issues with the spell checker have been reported on multiple devices across Android and iOS. A simple Google search brings up several different threads where people have reported issues with the feature.

What's more is that nobody at Google seems to get the memo. The Reddit user who first brought this to our attention filed several bug reports, left a review, and joined the beta channel to leave feedback there, yet no response was given. "Many people have been having the issue, and it's even been escalated to the community manager," writes SurroundedByMachines. Since the app has over 500 million downloads on the Play Store alone, this issue could be frustrating a lot of users, especially those who use their phones to send work emails or write documents. Have you noticed Gboard's broken spell checker on your device? If so, you may want to look into another third-party keyboard, such as SwiftKey or Cheetah Keyboard.

The popular Gboard keyboard app for iOS and Android devices has a fundamental flaw. According Reddit user SurroundedByMachines, the red underline has stopped appearing for incorrectly spelled words since November of last year -- and it doesn't appear to be limited to any one device. Issues with the spell checker have been reported on multiple devices across Android and iOS. A simple Google search brings up several different threads where people have reported issues with the feature.

What's more is that nobody at Google seems to get the memo. The Reddit user who first brought this to our attention filed several bug reports, left a review, and joined the beta channel to leave feedback there, yet no response was given. "Many people have been having the issue, and it's even been escalated to the community manager," writes SurroundedByMachines. Since the app has over 500 million downloads on the Play Store alone, this issue could be frustrating a lot of users, especially those who use their phones to send work emails or write documents. Have you noticed Gboard's broken spell checker on your device? If so, you may want to look into another third-party keyboard, such as SwiftKey or Cheetah Keyboard.

Ars Technica's Kyle Orland shares his experience with Valve's recently announced Steam Link app, which lets users play games running on a PC via a tablet, mobile phone, or Apple TV on the same network. The app launches today for Android 5.0+ devices; iOS support is "pending further review from Apple." From the report: Valve isn't kidding when it says a Wi-Fi router in the 5Ghz band is required for wireless streaming. I first tested iPad streaming on the low-end 2.4Ghz router provided with my Verizon FiOS subscription (an Actiontec MI424WR), with a wired Ethernet connection to my Windows gaming rig on the other end. The Steam Link network test warned me that "your network may not work well with Steam Link," thanks to 1- to 2-percent frame loss and about 15ms of "network variance," depending on when I tested. Even graphically simple games like The Binding of Isaac ran at an unplayably slowed-down rate on this connection, with frequent dropped inputs to boot.

Switching over to a 5GHz tri-band router (The Netgear Nighthawk X6, to be precise), the same network test reported a "fantastic" connection that "look[s] like it will work well with Steam." On this router, remotely played games ran incredibly smoothly at the iPad's full 1080p resolution, with total round-trip display latency ranging anywhere from 50 to 150ms, according to Steam Link's reports (and one-way "input lag" of less than 1ms). At that level of delay, playing felt practically indistinguishable from playing directly on the computer, with no noticeable gameplay impact even on quick-response titles like Cuphead.

On Thursday, a federal appeals court ruled that U.S. border agents need some sort of reason to believe a traveler has committed a crime before searching their cellphone. Slashdot reader Wrath0fb0b shares an analysis via Reason, written by Fourth Amendment scholar Orin Kerr: Traditionally, searches at the border don't require any suspicion on the theory that the government has a strong sovereign interest in regulating what enters and exits the country. But there is caselaw indicating that some border searches are so invasive that they do require some kind of suspicion. In the new case, Kolsuz (PDF), the Fourth Circuit agrees with the Ninth Circuit that at least some suspicion is required for a forensic search of a cell phone seized at the border. This is important for three reasons. First, the Fourth Circuit requires suspicion for forensic searches of cell phones seized at the border. Second, it clarifies significantly the forensic/manual distinction, which has always been pretty uncertain to me. Third, it leaves open that some suspicion may be required for manual searches, too.

But wait, that's not all. In fact, I don't think it's the most important part of the opinion. The most important part of the opinion comes in a different section, where the Fourth Circuit adds what seems to be a new and important limit on the border search exception: a case-by-case nexus requirement to the government interests that justify the border search exception. Maybe I'm misreading this passage, but it strikes me as doing something quite new and significant. It scrutinizes the border search that occurred to see if the government's cause for searching in this particular case satisfied "a 'nexus' requirement" of showing sufficient connection between the search and "the rationale for the border search exception," requiring a link between the "predicate for the search and the rationale for the border exception." In other words, the Fourth Circuit appears to be requiring the government to identify the border-search-related interest justifying that particular search in order to rely on the border search exception. "The analysis is interesting throughout, and it would be a fairly large limitation on digital searches conducted at the border, both in requiring some articulable suspicion for digital searches and in the requirement to justify the relationship between the search and the border inspection," writes Wrath0fb0b.

At its Google I/O conference this week, YouTube announced a series of new controls that will allow users to set limits on their viewing, and then receive reminders telling them to "take a break." "The feature is rolling out now in the latest version of YouTube's app, along with others that limit YouTube's ability to send notifications, and soon, one that gives users an overview of their binge behavior so they can make better-informed decisions about their viewing habits," reports TechCrunch. From the report: With "Take a Break," available from YouTube's mobile app Settings screen, users can set a reminder to appear every 15, 30, 60, 90 or 180 minutes, at which point the video will pause. You can then choose to dismiss the reminder and keep watching, or close the app.

Also new is a feature that lets you disable notification sounds during a specified time period each day -- say, for example, from bedtime until the next morning. When users turn on the setting to disable notifications, it will, by default, disable them from 10 PM to 8 AM local time, but this can be changed. Combined with this is an option to get a scheduled digest of notifications as an alternative. And YouTube is preparing to roll out a "time watched profile" that will appear in the Account menu and display your daily average watch time, and how long you've watched YouTube videos today, yesterday and over the past week, along with a set of tools to help you manage your viewing habits.

At its Google I/O conference this week, YouTube announced a series of new controls that will allow users to set limits on their viewing, and then receive reminders telling them to "take a break." "The feature is rolling out now in the latest version of YouTube's app, along with others that limit YouTube's ability to send notifications, and soon, one that gives users an overview of their binge behavior so they can make better-informed decisions about their viewing habits," reports TechCrunch. From the report: With "Take a Break," available from YouTube's mobile app Settings screen, users can set a reminder to appear every 15, 30, 60, 90 or 180 minutes, at which point the video will pause. You can then choose to dismiss the reminder and keep watching, or close the app.

Also new is a feature that lets you disable notification sounds during a specified time period each day -- say, for example, from bedtime until the next morning. When users turn on the setting to disable notifications, it will, by default, disable them from 10 PM to 8 AM local time, but this can be changed. Combined with this is an option to get a scheduled digest of notifications as an alternative. And YouTube is preparing to roll out a "time watched profile" that will appear in the Account menu and display your daily average watch time, and how long you've watched YouTube videos today, yesterday and over the past week, along with a set of tools to help you manage your viewing habits.

At its Google I/O conference this week, YouTube announced a series of new controls that will allow users to set limits on their viewing, and then receive reminders telling them to "take a break." "The feature is rolling out now in the latest version of YouTube's app, along with others that limit YouTube's ability to send notifications, and soon, one that gives users an overview of their binge behavior so they can make better-informed decisions about their viewing habits," reports TechCrunch. From the report: With "Take a Break," available from YouTube's mobile app Settings screen, users can set a reminder to appear every 15, 30, 60, 90 or 180 minutes, at which point the video will pause. You can then choose to dismiss the reminder and keep watching, or close the app.

Also new is a feature that lets you disable notification sounds during a specified time period each day -- say, for example, from bedtime until the next morning. When users turn on the setting to disable notifications, it will, by default, disable them from 10 PM to 8 AM local time, but this can be changed. Combined with this is an option to get a scheduled digest of notifications as an alternative. And YouTube is preparing to roll out a "time watched profile" that will appear in the Account menu and display your daily average watch time, and how long you've watched YouTube videos today, yesterday and over the past week, along with a set of tools to help you manage your viewing habits.

An anonymous reader quotes a report from Ars Technica: A public beta for Android P, as it's still known, is out today for those who want to try the software for themselves. The usual caveats with installing unfinished software still apply. Notably, however, Google has made the beta available on devices beyond the company's own Pixel smartphones. Google says those who own the Essential Phone, Nokia 7 Plus, Sony Xperia XZ2, Xiaomi Mi Mix 2S, Vivo X21, Oppo R15 Pro, and the OnePlus 6 (when it comes out) can access the early build alongside those with a Pixel or Pixel 2 phone. Google is crediting its Project Treble updating initiative for making this expansion possible.

As for the update itself, the biggest news in Preview 1 was a new design style that was applied to the notification panel, main settings screen, and some system UI bits. Android VP of Engineering Dave Burke recapped a couple of features that had already been announced in that earlier preview, including a simplified volume control widget and the option to change the screen orientation even when you've locked the device in portrait mode. Perhaps the most immediately noticeable new feature, however, is a new set of gesture controls that trade Android's traditional home and recent apps buttons for a setup similar to what Apple does with its iPhone X. Swiping up from a flatter button at the bottom of the screen will now display a horizontal (not vertical!) list of your recent apps, with icons for five "predicted apps" placed underneath them. Swiping up a second time from there will display the all apps screen, effectively allowing you to access it from anywhere on the phone. You can also slide the home button sideways to start scrolling through recent apps. The icons for those recent apps appear to be larger than before, and Google showed off the ability to highlight text within them. The back button is still there, but not as a global key; it instead appears to only show up in certain contexts, such as the new recent apps screen. Also available in Android P is an "adaptive battery" feature that improves battery life, an "adaptive brightness" feature that uses AI to ensure the phone screen's brightness is more appropriately set for your surroundings, and an "app actions" feature that will surface shortcuts for frequently used apps within the app drawer and Search. Google is also including a "digital wellbeing" Dashboard app that will detail how much time you've spent in particular apps, how often you've unlocked your phone, and how many notifications you've received. There will even be an "app timer" to help you limit your time on a particular app, and a "shush" gesture that will make is so the phone automatically goes into Do Not Disturb mode. Finally, there's a "wind down" mode that will turn on Do Not Disturb until the morning and set your phone screen in a grayscale mode, which will intentionally make content on your phone appear less stimulating to ultimately help you put it down.

Tom's Guide gives us some perspective on just how big of a cultural phenomenon the game Fortnite is: "if Fortnite were a website, it would be one of the top five in the United States." From the report: Take a quick look at Alexa's list of top U.S. websites, and you'll see Google, YouTube, Facebook, Reddit and Amazon in the top five. No surprises there. But as a quick Google Trends search reveals, Fortnite has become a hotter search term than Reddit. What some might see as a flash-in-the-pan gaming fad is actually outpacing one of the web's hottest destinations.

"More people in the U.S. are searching for 'Fortnite' on Google than they are for 'Reddit' and these searches have risen sharply over the last two months," said John DeFeo, VP of Internet Marketing at Purch, Tom's Guide's parent company. "When you consider that Fortnite had more than 3 million concurrent players in February, I believe that if Fortnite were a website, it would be among the top five in the U.S., duking it out with Reddit and Amazon."

The Belgian Gaming Commission has reviewed several big video games and found that randomized loot boxes in at least three of the titles count as "games of chance," and publishers could therefore be subject to fines and prison sentences under the country's gaming legislation. Ars Technica reports: A statement by Belgian Minister of Justice Koen Geens (machine translation) identifies loot boxes in Overwatch, FIFA 18, and Counter Strike: Global Offensive as meeting the criteria for that "game of chance" definition: i.e., "there is a game element [where] a bet can lead to profit or loss and chance has a role in the game." The Commission also looked at Star Wars: Battlefront II and determined that the recent changes EA made to the game means it "no longer technically forms a game of chance." Beyond that simple definition, the Gaming Commission expressed concern over games that draw in players with an "emotional profit forecast" of randomized goods, where players "buy an advantage with real money without knowing what benefit it would be." The fact that these games don't disclose the odds of receiving specific in-game items is also worrisome, the Commission said. The three games noted above must remove their loot boxes or be in criminal violation of the country's gaming legislation, Geens writes. That law carries penalties of up to 800,000EU (~$973,680) and five years in prison, which can be doubled if "minors are involved." But Geens says he wants to start a "dialogue" with loot box providers to "see who should take responsibility where."

Facebook may be in the hot seat right now for its collection of personal data without our knowledge or explicit consent, but as The Wall Street Journal points out, "Google is a far bigger threat by many measures: the volume of information it gathers, the reach of its tracking and the time people spend on its sites and apps." From the report (alternative source): It's likely that Google has shadow profiles (data the company gathers on people without accounts) on as at least as many people as Facebook does, says Chandler Givens, CEO of TrackOff, which develops software to fight identity theft. Google allows everyone, whether they have a Google account or not, to opt out of its ad targeting, though, like Facebook, it continues to gather your data. Google Analytics is far and away the web's most dominant analytics platform. Used on the sites of about half of the biggest companies in the U.S., it has a total reach of 30 million to 50 million sites. Google Analytics tracks you whether or not you are logged in. Meanwhile, the billion-plus people who have Google accounts are tracked in even more ways. In 2016, Google changed its terms of service, allowing it to merge its massive trove of tracking and advertising data with the personally identifiable information from our Google accounts.

Google uses, among other things, our browsing and search history, apps we've installed, demographics like age and gender and, from its own analytics and other sources, where we've shopped in the real world. Google says it doesn't use information from "sensitive categories" such as race, religion, sexual orientation or health. Because it relies on cross-device tracking, it can spot logged-in users no matter which device they're on. Google fuels even more data harvesting through its dominant ad marketplaces. There are up to 4,000 data brokers in the U.S., and collectively they know everything about us we might otherwise prefer they didn't -- whether we're pregnant, divorced or trying to lose weight. Google works with some of these brokers directly but the company says it vets them to prevent targeting based on sensitive information. Google also is the biggest enabler of data harvesting, through the world's two billion active Android mobile devices.

Facebook may be in the hot seat right now for its collection of personal data without our knowledge or explicit consent, but as The Wall Street Journal points out, "Google is a far bigger threat by many measures: the volume of information it gathers, the reach of its tracking and the time people spend on its sites and apps." From the report (alternative source): It's likely that Google has shadow profiles (data the company gathers on people without accounts) on as at least as many people as Facebook does, says Chandler Givens, CEO of TrackOff, which develops software to fight identity theft. Google allows everyone, whether they have a Google account or not, to opt out of its ad targeting, though, like Facebook, it continues to gather your data. Google Analytics is far and away the web's most dominant analytics platform. Used on the sites of about half of the biggest companies in the U.S., it has a total reach of 30 million to 50 million sites. Google Analytics tracks you whether or not you are logged in. Meanwhile, the billion-plus people who have Google accounts are tracked in even more ways. In 2016, Google changed its terms of service, allowing it to merge its massive trove of tracking and advertising data with the personally identifiable information from our Google accounts.

Google uses, among other things, our browsing and search history, apps we've installed, demographics like age and gender and, from its own analytics and other sources, where we've shopped in the real world. Google says it doesn't use information from "sensitive categories" such as race, religion, sexual orientation or health. Because it relies on cross-device tracking, it can spot logged-in users no matter which device they're on. Google fuels even more data harvesting through its dominant ad marketplaces. There are up to 4,000 data brokers in the U.S., and collectively they know everything about us we might otherwise prefer they didn't -- whether we're pregnant, divorced or trying to lose weight. Google works with some of these brokers directly but the company says it vets them to prevent targeting based on sensitive information. Google also is the biggest enabler of data harvesting, through the world's two billion active Android mobile devices.

Facebook may be in the hot seat right now for its collection of personal data without our knowledge or explicit consent, but as The Wall Street Journal points out, "Google is a far bigger threat by many measures: the volume of information it gathers, the reach of its tracking and the time people spend on its sites and apps." From the report (alternative source): It's likely that Google has shadow profiles (data the company gathers on people without accounts) on as at least as many people as Facebook does, says Chandler Givens, CEO of TrackOff, which develops software to fight identity theft. Google allows everyone, whether they have a Google account or not, to opt out of its ad targeting, though, like Facebook, it continues to gather your data. Google Analytics is far and away the web's most dominant analytics platform. Used on the sites of about half of the biggest companies in the U.S., it has a total reach of 30 million to 50 million sites. Google Analytics tracks you whether or not you are logged in. Meanwhile, the billion-plus people who have Google accounts are tracked in even more ways. In 2016, Google changed its terms of service, allowing it to merge its massive trove of tracking and advertising data with the personally identifiable information from our Google accounts.

Google uses, among other things, our browsing and search history, apps we've installed, demographics like age and gender and, from its own analytics and other sources, where we've shopped in the real world. Google says it doesn't use information from "sensitive categories" such as race, religion, sexual orientation or health. Because it relies on cross-device tracking, it can spot logged-in users no matter which device they're on. Google fuels even more data harvesting through its dominant ad marketplaces. There are up to 4,000 data brokers in the U.S., and collectively they know everything about us we might otherwise prefer they didn't -- whether we're pregnant, divorced or trying to lose weight. Google works with some of these brokers directly but the company says it vets them to prevent targeting based on sensitive information. Google also is the biggest enabler of data harvesting, through the world's two billion active Android mobile devices.