Slashdot Mirror

According to Quartz, some Uber drivers in Lagos have been using a fake GPS itinerary app called Lockito to illicitly bump up fares for local drivers. The app was initially created for developers to "test geofencing-based apps," but has been used by Uber drivers to inflate the cost of their trips. From the report: In some cases, inflated trips can cost riders more than double the rate they should be paying. "It's more like a parasite," says Mohammed, a driver for both Uber and Taxify in Lagos. "It sets the false GPS movement while allowing the phone also to keep track of its actual movement. The Uber app can't tell the difference between both so it just calculates both." When a driver uses Lockito for an Uber trip he or she can have the fake GPS running (and calculating a fake fare) from the pickup point to the drop off location, before the passenger has even got into the car. When the real trip starts, the real GPS starts running and calculating the actual fare. But at the end of the journey the fares from both trips (real and fake) are tallied up as one fare which the unsuspecting rider pays. Some drivers use Lockito to inflate fares by adding 1000 naira to 2000 naira extra (roughly $3 to $6) but some drivers are believed to inflate fares to exorbitant levels.

Slashdot reader Lauren Weinstein writes from a blog: My inbox has been filling today with questions regarding Google's new warning to Android application developers that they will no longer be able to access Android accessibility service functions in their apps, unless they can demonstrate that those functions are specifically being used to help users with "disabilities" (a term not defined by Google in the warning). Beyond the overall vagueness when it comes to what is meant by disabilities, this entire approach by Google seems utterly wrongheaded and misguided. "While the intended purpose is for developers to create apps for users with disabilities, the API is often used for other functionality (to overlay content, fill in text fields, etc.)," reports Android Police. "LastPass, Universal Copy, Clipboard Actions, Cerberus, Signal Spy, Tasker, and Network Monitor Mini are just a few examples of applications heavily using this API." It's likely Google is cracking down on apps that use Accessibility Services due to the security risks they pose. "Once granted the right permissions, the API can be used to read data from other apps," reports Android Police.
The developer of BatterySaver received the following message from Google:

We're contacting you because your app, BatterySaver System Shortcut, with package name com.floriandraschbacher.batterysaver.free is requesting the 'android.permission.BIND_ACCESSIBILITY_SERVICE.' Apps requesting accessibility services should only be used to help users with disabilities use Android devices and apps. Your app must comply with our Permissions policy and the Prominent Disclosure requirements of our User Data policy.

Action required: If you aren't already doing so, you must explain to users how your app is using the 'android.permission.BIND_ACCESSIBILITY_SERVICE' to help users with disabilities use Android devices and apps. Apps that fail to meet this requirement within 30 days may be removed from Google Play. Alternatively, you can remove any requests for accessibility services within your app. You can also choose to unpublish your app.

Alternatively, you can choose to unpublish the app. All violations are tracked. Serious or repeated violations of any nature will result in the termination of your developer account, and investigation and possible termination of related Google accounts.

If you've reviewed the policy and feel we may have been in error, please reach out to our policy support team. One of my colleagues will get back to you within 2 business days.

Regards,

The Google Play Review Team

Slashdot reader Lauren Weinstein writes from a blog: My inbox has been filling today with questions regarding Google's new warning to Android application developers that they will no longer be able to access Android accessibility service functions in their apps, unless they can demonstrate that those functions are specifically being used to help users with "disabilities" (a term not defined by Google in the warning). Beyond the overall vagueness when it comes to what is meant by disabilities, this entire approach by Google seems utterly wrongheaded and misguided. "While the intended purpose is for developers to create apps for users with disabilities, the API is often used for other functionality (to overlay content, fill in text fields, etc.)," reports Android Police. "LastPass, Universal Copy, Clipboard Actions, Cerberus, Signal Spy, Tasker, and Network Monitor Mini are just a few examples of applications heavily using this API." It's likely Google is cracking down on apps that use Accessibility Services due to the security risks they pose. "Once granted the right permissions, the API can be used to read data from other apps," reports Android Police.
The developer of BatterySaver received the following message from Google:

We're contacting you because your app, BatterySaver System Shortcut, with package name com.floriandraschbacher.batterysaver.free is requesting the 'android.permission.BIND_ACCESSIBILITY_SERVICE.' Apps requesting accessibility services should only be used to help users with disabilities use Android devices and apps. Your app must comply with our Permissions policy and the Prominent Disclosure requirements of our User Data policy.

Action required: If you aren't already doing so, you must explain to users how your app is using the 'android.permission.BIND_ACCESSIBILITY_SERVICE' to help users with disabilities use Android devices and apps. Apps that fail to meet this requirement within 30 days may be removed from Google Play. Alternatively, you can remove any requests for accessibility services within your app. You can also choose to unpublish your app.

Alternatively, you can choose to unpublish the app. All violations are tracked. Serious or repeated violations of any nature will result in the termination of your developer account, and investigation and possible termination of related Google accounts.

If you've reviewed the policy and feel we may have been in error, please reach out to our policy support team. One of my colleagues will get back to you within 2 business days.

Regards,

The Google Play Review Team

Slashdot reader Lauren Weinstein writes from a blog: My inbox has been filling today with questions regarding Google's new warning to Android application developers that they will no longer be able to access Android accessibility service functions in their apps, unless they can demonstrate that those functions are specifically being used to help users with "disabilities" (a term not defined by Google in the warning). Beyond the overall vagueness when it comes to what is meant by disabilities, this entire approach by Google seems utterly wrongheaded and misguided. "While the intended purpose is for developers to create apps for users with disabilities, the API is often used for other functionality (to overlay content, fill in text fields, etc.)," reports Android Police. "LastPass, Universal Copy, Clipboard Actions, Cerberus, Signal Spy, Tasker, and Network Monitor Mini are just a few examples of applications heavily using this API." It's likely Google is cracking down on apps that use Accessibility Services due to the security risks they pose. "Once granted the right permissions, the API can be used to read data from other apps," reports Android Police.
The developer of BatterySaver received the following message from Google:

We're contacting you because your app, BatterySaver System Shortcut, with package name com.floriandraschbacher.batterysaver.free is requesting the 'android.permission.BIND_ACCESSIBILITY_SERVICE.' Apps requesting accessibility services should only be used to help users with disabilities use Android devices and apps. Your app must comply with our Permissions policy and the Prominent Disclosure requirements of our User Data policy.

Action required: If you aren't already doing so, you must explain to users how your app is using the 'android.permission.BIND_ACCESSIBILITY_SERVICE' to help users with disabilities use Android devices and apps. Apps that fail to meet this requirement within 30 days may be removed from Google Play. Alternatively, you can remove any requests for accessibility services within your app. You can also choose to unpublish your app.

Alternatively, you can choose to unpublish the app. All violations are tracked. Serious or repeated violations of any nature will result in the termination of your developer account, and investigation and possible termination of related Google accounts.

If you've reviewed the policy and feel we may have been in error, please reach out to our policy support team. One of my colleagues will get back to you within 2 business days.

Regards,

The Google Play Review Team

According to Reddit user jolioshmolio, Hong Kong-based sex toy company Lovense's remote control vibrator app (Lovense Remote) recorded a use session without their knowledge. "An audio file lasting six minutes was stored in the app's local folder," reports The Verge. "The user says he or she gave the app access to the mic and camera but only to use with the in-app chat function and to send voice clips on command -- not constant recording when in use." The app's behavior appears to be widespread as several others confirmed it too. From the report: A user claiming to represent Lovense responded and called this recording a "minor bug" that only affects Android users. Lovense also says no information or data was sent to the company's servers, and that this audio file exists only temporarily. An update issued today should fix the bug. This isn't Lovense's first security flub. Earlier this year, a butt plug made by the company -- the Hush -- was also found to be hackable. In the butt plug's case, the vulnerability had to do with Bluetooth, as opposed to the company spying on users.

"Earlier this week, a report in The New York Times and a blog post on Medium drew a lot of attention to a world of strange and sometimes disturbing YouTube videos aimed at young children," reports The Verge. "The genre [...] makes use of popular characters from family-friendly entertainment, but it's often created with little care, and can quickly stray from innocent themes to scenes of violence or sexuality." YouTube is cracking down and will now age restrict videos that violate its policy. From the report: The first line of defense for YouTube Kids are algorithmic filters. After that, there is a team of humans that review videos which have been flagged. If a video with recognizable children's characters gets flagged in YouTube's main app, which is much larger than the Kids app, it will be sent to the policy review team. YouTube says it has thousands of people working around the clock in different time zones to review flagged content. If the review finds the video is in violation of the new policy, it will be age restricted, automatically blocking it from traveling to the Kids app. YouTube says it typically takes at least a few days for content to make its way from YouTube proper to YouTube Kids, and the hope is that within that window, users will flag anything potentially disturbing to children. YouTube also has a team of volunteer moderators, which it calls Contributors, looking for inappropriate content. YouTube says it will start training its review team on the new policy and it should be live within a few weeks. Along with filtering content out of the Kids app, the new policy will also tweak who can see these videos on YouTube's main service. Flagged content will be age restricted, and users won't be able to see those videos if they're not logged in on accounts registered to users 18 years or older. All age-gated content is also automatically exempt from advertising. That means this new policy could put a squeeze on the booming business of crafting strange kid's content.

Reader Tablizer writes (edited and condensed): The Chrome team "broke the web" to make Chrome perform better, according to Nikita Prokopov, a software engineer. So the story goes like this: there's a widely-used piece of DOM API called "addEventListener." Almost every web site or web app that does anything dynamic with JS probably depends on this method in some way. In 2016, Google came along and decided that this API was not extensible enough. But that's not the end of the story. Chrome team proposed the API change to add passive option because it allowed them to speed up scrolling on mobile websites. The gist of it: if you mark onscroll/ontouch event listener as passive, Mobile Google can scroll your page faster (let's not go into details, but that's how things are). Old websites continue to work (slow, as before), and new websites have an option to be made faster at the cost of an additional feature check and one more option. It's a win-win, right? Turned out, Google wasn't concerned about your websites at all. It was more concerned about its own product performance, Google Chrome Mobile. That's why on February 1, 2017, they made all top-level event listeners passive by default. They call it "an intervention." Now, this is a terrible thing to do. It's very, very, very bad. Basically, Chrome broke half of user websites, the ones that were relying on touch/scroll events being cancellable, at the benefit of winning some performance for websites that were not yet aware of this optional optimization. This was not backward compatible change by any means. All websites and web apps that did any sort of draggable UI (sliders, maps, reorderable lists, even slide-in panels) were affected and essentially broken by this change.

Corephotonics, an Israeli maker of dual-lens camera technologies for smartphones, has filed a lawsuit against Apple this week alleging that the iPhone 7 Plus and iPhone 8 Plus infringe upon four of its patents. Mac Rumors reports: The patents, filed with the U.S. Patent and Trademark Office between November 2013 and June 2016, relate to dual-lens camera technologies appropriate for smartphones, including optical zoom and a mini telephoto lens assembly: U.S. Patent No. 9,402,032; U.S. Patent No. 9,568,712; U.S. Patent No. 9,185,291; U.S. Patent No. 9,538,152. Corephotonics alleges that the two iPhone models copy its patented telephoto lens design, optical zoom method, and a method for intelligently fusing images from the wide-angle and telephoto lenses to improve image quality. iPhone X isn't listed as an infringing product, despite having a dual-lens camera, perhaps because the device launched just four days ago.

Corephotonics, an Israeli maker of dual-lens camera technologies for smartphones, has filed a lawsuit against Apple this week alleging that the iPhone 7 Plus and iPhone 8 Plus infringe upon four of its patents. Mac Rumors reports: The patents, filed with the U.S. Patent and Trademark Office between November 2013 and June 2016, relate to dual-lens camera technologies appropriate for smartphones, including optical zoom and a mini telephoto lens assembly: U.S. Patent No. 9,402,032; U.S. Patent No. 9,568,712; U.S. Patent No. 9,185,291; U.S. Patent No. 9,538,152. Corephotonics alleges that the two iPhone models copy its patented telephoto lens design, optical zoom method, and a method for intelligently fusing images from the wide-angle and telephoto lenses to improve image quality. iPhone X isn't listed as an infringing product, despite having a dual-lens camera, perhaps because the device launched just four days ago.

Corephotonics, an Israeli maker of dual-lens camera technologies for smartphones, has filed a lawsuit against Apple this week alleging that the iPhone 7 Plus and iPhone 8 Plus infringe upon four of its patents. Mac Rumors reports: The patents, filed with the U.S. Patent and Trademark Office between November 2013 and June 2016, relate to dual-lens camera technologies appropriate for smartphones, including optical zoom and a mini telephoto lens assembly: U.S. Patent No. 9,402,032; U.S. Patent No. 9,568,712; U.S. Patent No. 9,185,291; U.S. Patent No. 9,538,152. Corephotonics alleges that the two iPhone models copy its patented telephoto lens design, optical zoom method, and a method for intelligently fusing images from the wide-angle and telephoto lenses to improve image quality. iPhone X isn't listed as an infringing product, despite having a dual-lens camera, perhaps because the device launched just four days ago.

Corephotonics, an Israeli maker of dual-lens camera technologies for smartphones, has filed a lawsuit against Apple this week alleging that the iPhone 7 Plus and iPhone 8 Plus infringe upon four of its patents. Mac Rumors reports: The patents, filed with the U.S. Patent and Trademark Office between November 2013 and June 2016, relate to dual-lens camera technologies appropriate for smartphones, including optical zoom and a mini telephoto lens assembly: U.S. Patent No. 9,402,032; U.S. Patent No. 9,568,712; U.S. Patent No. 9,185,291; U.S. Patent No. 9,538,152. Corephotonics alleges that the two iPhone models copy its patented telephoto lens design, optical zoom method, and a method for intelligently fusing images from the wide-angle and telephoto lenses to improve image quality. iPhone X isn't listed as an infringing product, despite having a dual-lens camera, perhaps because the device launched just four days ago.

An anonymous reader writes: Late yesterday afternoon, Google announced plans to deprecate and eventually remove PKP support from the Chromium open-source browser, which indirectly means from Chrome... According to Google engineer Chris Palmer, low adoption and technical difficulties are among the reasons why Google plans to remove the feature from Chrome.

"We would like to do this in Chrome 67, which is estimated to be released to Stable on 29 May 2018," Palmer says. The proposal is up in the air, and users can submit opinions against Google's intent to deprecate, but seeing how little PKP was adopted, it's most likely already out the door. A Neustar survey from March 2016 had PKP deployment at only 0.09% of all HTTPS sites. By August 2017, that needle had barely moved to 0.4% of all sites in the Alexa Top 1 Million.

YouTube has rolled out a new algorithm that the company says will more accurately reflect YouTube's guidelines for ad-friendly material and result in fewer videos being flagged as advertiser-friendly. "It will supposedly reduce the number of demonetized listings by 30 percent, so 'millions more videos' will be able to make money off the full range of advertisements," reports The Verge. From the report: A YouTube manager writes that the new algorithm was trained by nearly three months' worth of human reviews, starting after YouTube added a manual appeals process for creators in August. Theoretically, this should narrow the range of false positives -- videos that were incorrectly flagged for promoting drug use, using excessive profanity, highlighting gratuitous violence, or otherwise featuring content that advertisers might find objectionable. It's being applied retroactively, so creators who didn't appeal could still get some old videos remonetized. Google also encourages people to keep appealing potentially incorrect flags, because "this updated system is an improvement, but it's not perfect."

YouTube has rolled out a new algorithm that the company says will more accurately reflect YouTube's guidelines for ad-friendly material and result in fewer videos being flagged as advertiser-friendly. "It will supposedly reduce the number of demonetized listings by 30 percent, so 'millions more videos' will be able to make money off the full range of advertisements," reports The Verge. From the report: A YouTube manager writes that the new algorithm was trained by nearly three months' worth of human reviews, starting after YouTube added a manual appeals process for creators in August. Theoretically, this should narrow the range of false positives -- videos that were incorrectly flagged for promoting drug use, using excessive profanity, highlighting gratuitous violence, or otherwise featuring content that advertisers might find objectionable. It's being applied retroactively, so creators who didn't appeal could still get some old videos remonetized. Google also encourages people to keep appealing potentially incorrect flags, because "this updated system is an improvement, but it's not perfect."

An anonymous reader quotes a report from PhoneDog: Google explains that it's been investigating reports about the Pixel 2 XL's display and that this has given it "confidence that [its] displays are as great as [it] hoped they would be". Still, Google will be taking steps to respond to consumer complaints about the screen. Google plans to issue a software update that'll add a "saturated" color mode that will make the colors more saturated and vibrant, but less accurate. This way, consumers that feel the Pixel 2 XL's screen is too muted can punch up the color saturation themselves.

When it comes to burn-in, Google says that its investigations of the Pixel 2 XL's display found that its "decay characteristics are comparable to OLED panels used in other premium smartphones." Google does plan to take further steps to fight burn-in, though, and it's testing an update that'll add a new fade-out of the navigation bar buttons after a short period of inactivity. Google is also working with more apps to use a light navigation bar to match the app's color scheme. Additionally, the update will reduce the maximum brightness of the Pixel 2 XL's screen by 50 nits, which Google says will be "virtually imperceptible". This will reduce load on the display with very little change on its observed brightness. This update will roll out to the Pixel 2 XL "in the next few weeks." Google also touched on the reports that some Pixel 2 phones are emitting some clicking sounds. The company plans to release an update in the coming weeks to address the issue, but until then, it says that Pixel 2 owners can turn off NFC by going into Settings > Connected Devices > NFC.

After dealing with all sorts of screen issues, another problem with Google's flagship smartphone is popping up. This time it's an audio issue: users on Google's official forums and elsewhere are reporting odd sounds coming from the Pixel 2 speakers. Ars Technica reports: Customers are complaining of "clicking" and a "high-pitched whine" coming from the Pixel 2 and Pixel 2 XL. Most reports on the forums say the noises are coming from the top or bottom speaker on the Pixel 2 and Pixel 2 XL. Some reports say the sounds come through during calls, while other users say the speaker noises happen any time the screen is on. A user made a recording of the sound, which can be heard here. Most users are being told to return their devices after contacting support, but at least one person claims they were told this issue would be patched in an upcoming update. One possible workaround is to turn off NFC, which some users say stops or lowers the noises.

After dealing with all sorts of screen issues, another problem with Google's flagship smartphone is popping up. This time it's an audio issue: users on Google's official forums and elsewhere are reporting odd sounds coming from the Pixel 2 speakers. Ars Technica reports: Customers are complaining of "clicking" and a "high-pitched whine" coming from the Pixel 2 and Pixel 2 XL. Most reports on the forums say the noises are coming from the top or bottom speaker on the Pixel 2 and Pixel 2 XL. Some reports say the sounds come through during calls, while other users say the speaker noises happen any time the screen is on. A user made a recording of the sound, which can be heard here. Most users are being told to return their devices after contacting support, but at least one person claims they were told this issue would be patched in an upcoming update. One possible workaround is to turn off NFC, which some users say stops or lowers the noises.

Michael J. Coren reports via Quartz: Every two years, the U.S. Energy Information Administration (EIA), America's official source for energy statistics, issues 10-year projections about how much solar, wind and conventional energy the future holds for the U.S. Every two years, since the mid-1990s, the EIA's projections turn out to be wrong. Last year, they proved spectacularly wrong. The Natural Resources Defense Council, an environmental advocacy group, and Statista recently teamed up to analyze the EIA's predictions for energy usage and production. They found that the EIA's 10-year estimates between 2006 to 2016 systematically understated the share of wind, solar and gas. Solar capacity, in particular, was a whopping 4,813% more in 2016 than the EIA had predicted in 2006 it would be. To be fair, there is a caveat here: The prediction in 2006 was that 10 years hence the U.S. would be generating just 0.8 gigawatts (GW) of solar energy. With such a low baseline figure, any increase will look huge in percentage terms. Nonetheless, there is an unmistakable trend in the data: The EIA regularly underestimates the growth in renewables but overestimates U.S. fossil-fuel consumption, which some critics see as an attempt to boost the oil and gas industry.

Google announced on Tuesday that it would offer stronger online security for "high risk" users who may be frequent targets of online attacks. The company said anyone with a personal Google account can enroll in the new "advanced protection," while noting that it will require users to "trade off a bit of convenience" for extra security. Motherboard reports: The main advantage in terms of security is the need for a key or token to log in as the second factor, instead of a code sent via SMS or via app. This is much better because there's no way for hackers to steal or phish this key from afar (there have been isolated incidents of hackers using social engineering to gain access to someone's cell phone number by getting the provider to issue a new SIM card, for instance). Thanks to these new features, Gmail is now the most secure email provider available on the internet if you are worried about hackers breaking into your private correspondence. "This is a major step in the right direction in offering the same kind of protection available to high-profile figures to everyday people," Kenneth White, a Washington D.C. based security consultant to federal agencies, told Motherboard. "They have really thought this through, and while it may not make sense for everyone, for those that need it, it's a much needed option."

Google has added three planets and nine moons to Google Maps. "The heavenly bodies include Saturn moons Dione, Enceladus, Iapetus, Mimas, Rhea and Titan, and Jupiter moons Europa, Ganymede and Io," reports CNET. "Google also added dwarf-planets Pluto and Ceres and full-planet Venus." From the report: Once inside Google Maps for planets, you can spin the space objects around, get more information on their place names and zoom in for a closer look. The new worlds are possible thanks to imagery from NASA and the European Space Agency. NASA's dearly departed Cassini spacecraft sent back a treasure trove of views of Saturn's moons. If you have a few moments to spare, fire up a browser, go to your current location on Google Maps, enter satellite mode and hit the zoom-out button until you've left the planet and are "floating" in space. A list of available planets and moons pops up on the side and you're off on your space adventure.

At its hardware event last week, Google unveiled its two new flagship smartphones: the Pixel 2 and Pixel 2 XL. While these devices feature high-end specifications and the latest version of Android, they both lack headphone jacks, upsetting many consumers who still rely heavily on wired headphones. To add insult to injury, Google announced a USB-C adapter for a whopping price of $20 -- that's $11 more than Apple's Lightning to 3.5mm adapter. This resulted in some minor outrage and caused Google to rethink its decision(s). As reported by 9to5Google, Google decided to slash the price of the dongle by over 50%. It is now priced at a more reasonable $9.

Joshua Topolsky, writing for The Outline: The stuff Google showed off on October 4 was brazenly designed and strangely, invitingly touchable. These gadgets were soft, colorful... delightful? They looked human, but like something future humans had made; people who'd gotten righteously drunk with aliens. You could imagine them in your living room, your den, your bedroom. Your teleportation chamber. A fuzzy little donut you can have a conversation with. A VR headset in stunning pink. A phone with playful pops of color and an interface that seems to presage what you want, when you want it. It's weird. It's subtle. It's... good. It's Google? It's Google.

It was only a few years ago that Google was actually something of a laughing stock when it came to design. As an aggressively engineer-led company, the Mountain View behemoth's early efforts, particularly with its mobile software and devices, focused not on beauty, elegance, or simplicity, but rather concentrated on flexibility, iteration, and scale. These are useful priorities for a utilitarian search engine, but didn't translate well to many of the company's other products. Design -- the mysterious intersection of art and communication -- was a second-class citizen at Google, subordinate to The Data. That much was clear from the top down.

Enter Matias Duarte, the design impresario who was responsible for the Sidekick's UI (a wacky, yet strangely prescient mobile-everything concept) and later, the revolutionary (though ill-fated) webOS -- the striking mobile operating system and design language that would be Palm's final, valiant attempt at reclaiming the mobile market. Duarte was hired by Google in 2013 (initially as Android's User Experience Director, though he is now VP of design at the company), and spearheaded a complete reset of the company's visual and functional instincts. But even Duarte was aware of the design challenges his new role presented. "I never thought I'd work for Google," he told Surface Magazine in August. "I had zero ambition to work for Google. Everybody knew Google was a terrible place for design." Duarte went to work on a system that would ultimately be dubbed Material Design -- a set of principles that not only began to dictate how Android should look and work as a mobile operating system, but also triggered the march toward a unified system of design that slowly but surely pulled Google's disparate network of services into something that much more closely resembled a singular vision. A school of thought. A family.

An anonymous reader writes: If you want more proof that Microsoft is embracing Android and iOS, boy, do we have it for you today. The company has launched Edge for iOS in preview, promised Edge for Android is coming soon, and launched Microsoft Launcher for Android in public preview. Edge for iOS preview is available via Apple's TestFlight and is limited, per Apple's rules, to 10,000 users. Microsoft is inviting Windows Insiders in the U.S. to sign up here. Android users can also sign up at that same link -- the preview will hit the Google Play Store in the coming weeks. Microsoft is hoping to release Edge for Android and iOS out of preview "later this year." The Microsoft Launcher is available in preview for English users in the United States on Google Play. Microsoft promises to bring it to other markets "over time" and launch it out of preview "later this year," as well.

The Verge's Dieter Bohn reviews Google's AI camera, dubbed "Clips," which was announced alongside the Pixel 2 and Pixel 2 XL. Here's an excerpt: You know what a digital camera is. It's a lens and a sensor, with a display to see what you're looking at, and a button to take the picture. Google Clips is a camera, but it only has some of those parts. There's no display. There's a shutter button, but it's completely optional to use. Instead, it takes pictures for you, using machine learning to recognize and learn faces and look for interesting moments to record. I don't know if parents -- Google's target market -- will want it. I don't know if Google can find a way to explain everything it is (and isn't) to a broad enough audience to sell the thing in big numbers, especially at $249. I also don't know what the release date will be, beyond that it will be "coming soon." But I do know that it's the most fascinating camera I've used in a very long time.

In addition to the Pixel 2 and Pixel 2 XL, Google debuted a $400 speaker, called Home Max, that looks to compete directly with Apple's recently announced HomePod. The Home Max is a larger Google Home that features stereo speakers and more premium looks and materials. It's expected to go on sale in December in the U.S. TechCrunch reports: It can tune its audio to its own space, analyzing the sound coming from the speaker using its built in microphones to determine the best equalizer settings. This is called Smart Sound, and it evolves over time and based on where you move the speaker, using built-in machine learning. It has Cast functionality, as well as input via stereo 3.5 mm jack. Home Max can output sound that's up to 20 times more powerful than the standard version of Home, Google says, and it has two 4.5 inch woofers on board with two 0.7 inch custom-built tuners. It can sit in either vertical or horizontal orientation, and it comes in both 'chalk' and 'charcoal.' Of course, this bigger speaker also includes a noise isolating array that makes it work even in open rooms with background noise, and it's Assistant-enabled, so you can use it to control your music playback via voice, or manage your smart home devices, set yourself reminders, alarms, and timers and much more. Google also launched a budget-friendly Google Home Mini that features the Google Assistant but in a smaller form factor. 9to5Google reports: Google touts the Home Mini as having a powerful speaker with "crisp" 360 degree sound. The Mini can also be connected to any Chromecast wireless speaker, but there is no 3.5mm jack like Amazon's Echo Dot. In the center, there are four white lights that note when the Home Mini is listening or responding. Besides saying the "Ok, Google" hotword, users can tap on the Home Mini to issue a command. Google also retained the Home's original button for disabling the microphone with a toggle next to the charging port. The Google Home Mini will be go on sale later this month for $49, with pre-orders starting today.

An anonymous reader writes: Two Showtime domains are currently loading and running Coinhive, a JavaScript library that mines Monero using the CPU resources of users visiting Showtime's websites. The two domains are showtime.com and showtimeanytime.com, the latter being the official URL for the company's online video streaming service. It is unclear if someone hacked Showtime and included the mining script without the company's knowledge. Showtime did not respond to a request for comment, but it could be an experiment as the setThrottle value is 0.97, meaning the mining script will remain dormant for 97% of the time. Despite this, Coinhive has been recently adopted by a large number of malware operations, such as malvertisers, adware developers, rogue Chrome extensions, and website hackers, who secretly load the code in a page's background and make money off unsuspecting users. At least two ad blockers have added support for blocking Coinhive's JS library -- AdBlock Plus and AdGuard -- and developers have also put together Chrome extensions that terminate anything that looks like Coinhive's mining script -- AntiMiner, No Coin, and minerBlock.

The Pirate Bay recently ran tests using Coinhive. A recent report has calculated that a site like The Pirate Bay could make around $12,000 per month by mining Monero in the background.

An anonymous reader writes: Two Showtime domains are currently loading and running Coinhive, a JavaScript library that mines Monero using the CPU resources of users visiting Showtime's websites. The two domains are showtime.com and showtimeanytime.com, the latter being the official URL for the company's online video streaming service. It is unclear if someone hacked Showtime and included the mining script without the company's knowledge. Showtime did not respond to a request for comment, but it could be an experiment as the setThrottle value is 0.97, meaning the mining script will remain dormant for 97% of the time. Despite this, Coinhive has been recently adopted by a large number of malware operations, such as malvertisers, adware developers, rogue Chrome extensions, and website hackers, who secretly load the code in a page's background and make money off unsuspecting users. At least two ad blockers have added support for blocking Coinhive's JS library -- AdBlock Plus and AdGuard -- and developers have also put together Chrome extensions that terminate anything that looks like Coinhive's mining script -- AntiMiner, No Coin, and minerBlock.

The Pirate Bay recently ran tests using Coinhive. A recent report has calculated that a site like The Pirate Bay could make around $12,000 per month by mining Monero in the background.

An anonymous reader writes: Two Showtime domains are currently loading and running Coinhive, a JavaScript library that mines Monero using the CPU resources of users visiting Showtime's websites. The two domains are showtime.com and showtimeanytime.com, the latter being the official URL for the company's online video streaming service. It is unclear if someone hacked Showtime and included the mining script without the company's knowledge. Showtime did not respond to a request for comment, but it could be an experiment as the setThrottle value is 0.97, meaning the mining script will remain dormant for 97% of the time. Despite this, Coinhive has been recently adopted by a large number of malware operations, such as malvertisers, adware developers, rogue Chrome extensions, and website hackers, who secretly load the code in a page's background and make money off unsuspecting users. At least two ad blockers have added support for blocking Coinhive's JS library -- AdBlock Plus and AdGuard -- and developers have also put together Chrome extensions that terminate anything that looks like Coinhive's mining script -- AntiMiner, No Coin, and minerBlock.

The Pirate Bay recently ran tests using Coinhive. A recent report has calculated that a site like The Pirate Bay could make around $12,000 per month by mining Monero in the background.

An anonymous reader quotes a report from VentureBeat: Mozilla today released Firefox 9.0 for iOS and updated Firefox Focus for Android. The iOS browser is getting tracking protection, improved sync, and iOS 11 compatibility. The Android privacy browser is getting tabs. You can download the former from Apple's App Store and the latter from Google Play. This is the first time Firefox has offered tracking protection on iOS, and Nick Nguyen, vice president of product at Mozilla, notes that it's finally possible "thanks to changes by Apple to enable the option for 3rd party browsers." This essentially means iPhone and iPad users with Firefox and iOS 11 will have automatic ad and content blocking in Private Browsing mode, and the option to turn it on in regular browsing. This is the same feature that's available in Firefox for Android, Windows, Mac, and Linux, as well as the same ad blocking technology used in Firefox Focus for Android and iOS.

An anonymous reader quotes a report from The Verge: A demonstration video posted by Positive Technologies (and first reported by Forbes) shows how easy it is to hack into a bitcoin wallet by intercepting text messages in transit. The group targeted a Coinbase account protected by two-factor authentication, which was registered to a Gmail account also protected by two-factor. By exploiting known flaws in the cell network, the group was able to intercept all text messages sent to the number for a set period of time. That was enough to reset the password to the Gmail account and then take control of the Coinbase wallet. All the group needed was the name, surname and phone number of the targeted Bitcoin user. These were security researchers rather than criminals, so they didn't actually steal anyone's bitcoin, although that would have been an easy step to take. At a glance, this looks like a Coinbase vulnerability, but the real weakness is in the cellular system itself. Positive Technologies was able to hijack the text messages using its own research tool, which exploits weaknesses in the cellular network to intercept text messages in transit. Known as the SS7 network, that network is shared by every telecom to manage calls and texts between phone numbers. There are a number of known SS7 vulnerabilities, and while access to the SS7 network is theoretically restricted to telecom companies, hijacking services are frequently available on criminal marketplaces. The report notes of several ways you can protect yourself from this sort of attack: "On some services, you can revoke the option for SMS two-factor and account recovery entirely, which you should do as soon as you've got a more secure app-based method established. Google, for instance, will let you manage two-factor and account recovery here and here; just set up Authenticator or a recovery code, then go to the SMS option for each and click 'Remove Phone.'"

An anonymous reader quotes a report from The Verge: A demonstration video posted by Positive Technologies (and first reported by Forbes) shows how easy it is to hack into a bitcoin wallet by intercepting text messages in transit. The group targeted a Coinbase account protected by two-factor authentication, which was registered to a Gmail account also protected by two-factor. By exploiting known flaws in the cell network, the group was able to intercept all text messages sent to the number for a set period of time. That was enough to reset the password to the Gmail account and then take control of the Coinbase wallet. All the group needed was the name, surname and phone number of the targeted Bitcoin user. These were security researchers rather than criminals, so they didn't actually steal anyone's bitcoin, although that would have been an easy step to take. At a glance, this looks like a Coinbase vulnerability, but the real weakness is in the cellular system itself. Positive Technologies was able to hijack the text messages using its own research tool, which exploits weaknesses in the cellular network to intercept text messages in transit. Known as the SS7 network, that network is shared by every telecom to manage calls and texts between phone numbers. There are a number of known SS7 vulnerabilities, and while access to the SS7 network is theoretically restricted to telecom companies, hijacking services are frequently available on criminal marketplaces. The report notes of several ways you can protect yourself from this sort of attack: "On some services, you can revoke the option for SMS two-factor and account recovery entirely, which you should do as soon as you've got a more secure app-based method established. Google, for instance, will let you manage two-factor and account recovery here and here; just set up Authenticator or a recovery code, then go to the SMS option for each and click 'Remove Phone.'"

New submitter Vernon Chan writes: It was discovered that Google will automatically schedule to delete your Android device backups if it is inactive for more than two months. The issue was discovered by a Reddit user after his Nexus 6P was sent for a refund claim. He was using an old iPhone while he waited for an Android replacement device. When he glanced at his Google Drive Backup folder, he freaked out when he noticed his Nexus 6P backup was missing. He then stumbled upon this Google Drive help document regarding backup expirations: "Your backup will remain as long as you use your device. If you don't use your device for 2 weeks, you may see an expiration date below your backup. For instance: 'Expires in 54 days.'" Once a backup is deleted, there is zero chance for recovery.

Google engineer Mike West writes: As part of our ongoing effort to accurately communicate the transport security status of a given page, we're planning to label resources delivered over the FTP protocol as "Not secure", beginning in Chrome 63 (sometime around December, 2017). We didn't include FTP in our original plan, but unfortunately its security properties are actually marginally worse than HTTP (delivered in plaintext without the potential of an HSTS-like upgrade). Given that FTP's usage is hovering around 0.0026% of top-level navigations over the last month, and the real risk to users presented by non-secure transport, labeling it as such seems appropriate. We'd encourage developers to follow the example of the linux kernel archives by migrating public-facing downloads (especially executables!) from FTP to HTTPS.

An anonymous reader quotes a report from Bleeping Computer: Security researchers have discovered eight vulnerabilities -- codenamed collectively as BlueBorne -- in the Bluetooth implementations used by over 5.3 billion devices. Researchers say the vulnerabilities are undetectable and unstoppable by traditional security solutions. No user interaction is needed for an attacker to use the BleuBorne flaws, nor does the attacker need to pair with a target device. They affect the Bluetooth implementations in Android, iOS, Microsoft, and Linux, impacting almost all Bluetooth device types, from smartphones to laptops, and from IoT devices to smart cars. Furthermore, the vulnerabilities can be concocted into a self-spreading BlueTooth worm that could wreak havoc inside a company's network or even across the world. "These vulnerabilities are the most serious Bluetooth vulnerabilities identified to date," an Armis spokesperson told Bleeping Computer via email. "Previously identified flaws found in Bluetooth were primarily at the protocol level," he added. "These new vulnerabilities are at the implementation level, bypassing the various authentication mechanisms, and enabling a complete takeover of the target device." Consumers are recommended to disable Bluetooth unless you need to use it, but then turn it off immediately. When a patch or update is issued and installed on your device, you should be able to turn Bluetooth back on and leave it on safely. The BlueBorne Android App on the Google Play Store will be able to determine if a user's Android device is vulnerable. A technical report on the BlueBorne flaws is available here (PDF).

BrianFagioli shares a report from BetaNews: The documentation aspect of any project is very important, as it can help people to both understand it and track changes. Unfortunately, many developers aren't very interested in documentation aspect, so it often gets neglected. Luckily, if you want to maintain proper documentation and stay organized, today, Google is releasing its internal developer documentation style guide. This can quite literally guide your documentation, giving you a great starting point and keeping things consistent.

Jed Hartman, Technical Writer, Google says, "For some years now, our technical writers at Google have used an internal-only editorial style guide for most of our developer documentation. In order to better support external contributors to our open source projects, such as Kubernetes, AMP, or Dart, and to allow for more consistency across developer documentation, we're now making that style guide public. If you contribute documentation to projects like those, you now have direct access to useful guidance about voice, tone, word choice, and other style considerations. It can be useful for general issues, like reminders to use second person, present tense, active voice, and the serial comma; it can also be great for checking very specific issues, like whether to write 'app' or 'application' when you want to be consistent with the Google Developers style." You can access Google's style guide here.

An anonymous reader shares a report: A Polish academic is accusing Google of trying to patent technology he invented and that he purposely released into the public domain so companies like Google couldn't trap it inside restrictive licenses. The technology's name is Asymmetric Numeral Systems (ANS), a family of entropy coding methods that Polish assistant professor Jarosaw (Jarek) Duda developed in the early 2000s, and which is now hot tech at companies like Apple, Google, and Facebook, mostly because it can improve data compression from 3 to 30 times. Duda says that Google is now trying to register a patent that includes most of the ANS basic principles. Ironically, most of the technology described in the patent, Duda said he explained to Google engineers in a Google Groups discussion from 2014. The researcher already filed a complaint, to which WIPO ISA responded by calling out Google for not coming up with "an inventive contribution over the prior art, because it is no more than a straightforward application of known coding algorithms." A Google spokesperson refused to comment, and the mystery remains surrounding Google's decision to patent something that's in the public domain since 2014.

An anonymous reader shares a report: A Polish academic is accusing Google of trying to patent technology he invented and that he purposely released into the public domain so companies like Google couldn't trap it inside restrictive licenses. The technology's name is Asymmetric Numeral Systems (ANS), a family of entropy coding methods that Polish assistant professor Jarosaw (Jarek) Duda developed in the early 2000s, and which is now hot tech at companies like Apple, Google, and Facebook, mostly because it can improve data compression from 3 to 30 times. Duda says that Google is now trying to register a patent that includes most of the ANS basic principles. Ironically, most of the technology described in the patent, Duda said he explained to Google engineers in a Google Groups discussion from 2014. The researcher already filed a complaint, to which WIPO ISA responded by calling out Google for not coming up with "an inventive contribution over the prior art, because it is no more than a straightforward application of known coding algorithms." A Google spokesperson refused to comment, and the mystery remains surrounding Google's decision to patent something that's in the public domain since 2014.

Holly Hartman, a journalism teacher for 22 years, writes an incredible story: After watching nonstop coverage of the hurricane and the incredible rescues that were taking place, I got in bed at 10:30 on Tuesday night. I had been glued to the TV for days. I read an article about the Cajun Navy and the thousands of selfless volunteers who have shown up to this city en masse. The article explained they were using a walkie-talkie-type app called Zello to communicate with each other, locate victims, get directions, etc. I downloaded the app, found the Cajun Navy channel and started listening. I was completely enthralled. Voice after voice after voice coming though my phone in the dark, some asking for help, some saying they were on their way. Most of the transmissions I was hearing when I first tuned in were from Houston, but within 30 minutes or so, calls started coming in from Port Arthur and Orange. Harvey had moved east from Houston and was pummeling East Texas. Call after call from citizens saying they were trapped in their houses and needed boat rescue. None of the volunteer rescuers had made it to that area from Houston, but as soon as the calls started coming in, they were moving out, driving as fast as they could into the middle of Harvey.

theodp writes: After a flood of cheating cases roiled Harvard's Computer Science 50: "Introduction to Computer Science I" last year, Dean of Undergraduate Education Jay Harris implored students in the course not to cheat on assignments at an orientation session Wednesday night. Course head David Malan, the Harvard Crimson reports, spent the last five minutes of the orientation session fielding questions from students confused about the course's collaboration policy and whether or not CS50 enrollees are allowed to use code found online. He told them never to Google solutions, and never to borrow a friend's work. Last week, CS50 students were informed via a CS50 FAQ that they are also now "encouraged" to physically attend the course's taped weekly lectures. In an essay last year, Prof. Malan had questioned the value of saying everyone should attend every lecture. Attendance is now also expected at every discussion section until the first mid-semester exam. In case you're curious, the estimated sticker price for attending Harvard College during the 2017-2018 school year is $69,600-$73,600 (health insurance sold separately).

Numerous Slashdot readers are reporting that they are facing issues access Google Drive, the productivity suite from the Mountain View-based company. Google's dashboard confirms that Drive is facing outage. Third-party web monitoring tool DownDetector also reports thousands of similar complaints from users. The company said, "Google Drive service has already been restored for some users, and we expect a resolution for all users in the near future. Please note this time frame is an estimate and may change. Google Drive is not loading files and results in a failures for a subset of users."

Update: 09/07 17:13 GMT: Google says it has resolved the issue.

The latest version of Google Chrome has launched, bringing a host of new developer features like JavaScript modules and WebUSB support. An anonymous Slashdot reader shares a report from VentureBeat: Google has launched Chrome 61 for Windows, Mac, and Linux. Additions in this release include JavaScript modules and WebUSB support, among other developer features. You can update to the latest version now using the browser's built-in silent updater or download it directly from google.com/chrome. Google also released Chrome 61 for Android today. In addition to performance and stability fixes, you can expect two new features: Translate pages with a more compact toolbar and pick images with an improved image picker.

Chrome now supports JavaScript modules natively via the new element, letting developers declare a script's dependencies. Modules are already popular in third-party build tools, which use them to bundle only the required scripts. Native support means the browser can fetch granular dependencies in parallel, taking advantage of caching, avoiding duplications across the page, and ensuring the script executes in the correct order, all without a build step. Google recommends these two blog posts for more information: ECMAScript modules in browsers and ES6 Modules in Depth. Speaking of JavaScript, Chrome 61 also upgrades the browser's V8 JavaScript engine to version 6.1. Developers can expect performance improvements and a binary size reduction. The WebUSB API meanwhile allows web apps to access user-permitted USB devices. This enables all the functionality provided by hardware peripherals such as keyboards, mice, printers, and gamepads, while still preserving the security guarantees of the web.

A jury has ruled that Nintendo must pay $10.1 million because its Wii and Wii U systems infringe a patent belonging to a Dallas medical motion-detection company. Ars Technica reports: iLife sued Nintendo (PDF) in 2013 after filing lawsuits against four other companies in 2012. The case went to a jury trial in Dallas, and yesterday the jury returned its verdict (PDF). They found that Nintendo infringed U.S. Patent No. 6,864,796, first filed in 1999, which describes "systems and methods for evaluating movement of a body relative to an environment." The patent drawings show a body-mounted motion detector that could detect falls in the elderly, which is the market that iLife was targeting, according to its now defunct website. The $10.1 million was less than 10 percent of what iLife's attorneys had been asking for. When the trial began in Dallas on August 21, Law360 reported that iLife lawyers asked the jury for a $144 million payout. That damage demand was based on a royalty of $4 per Wii unit, multiplied by 36 million systems sold in the six years before the lawsuit was filed.

theodp writes: Most TV computer scientists are still white men," USA Today reports. "Google wants to change that. Google is calling on Hollywood to give equal screen time to women and minorities after a new study the internet giant funded found that most computer scientists on television shows and in the movies are played by white men. The problem with the hackneyed stereotype of the socially inept, hoodie-clad white male coder? It does not inspire underrepresented groups to pursue careers in computer science, says Daraiha Greene, Google CS in Media program manager, multicultural strategy." According to a Google-funded study conducted by Prof. Stacy L. Smith and the Media, Diversity, & Social Change Initiative at the USC Annenberg School for Communication and Journalism, Google's Computer Science in Media team conducted "CS interventions" with "like-minded people" to create "Google influenced storytelling." The executive summary for a USC study entitled Cracking the Code: The Prevalence and Nature of Computer Science Depictions in Media notes that "Google influenced" TV programs include HBO's Silicon Valley and AMC's Halt and Catch Fire. The USC researchers also note that "non-tech focused programs may offer prime opportunities to showcase CS in unique and counter-stereotypical ways. As the Google Team moves forward in its work with series such as Empire, Girl Meets World, Gortimer Gibbons Life on Normal Street, or The Amazing Adventures of Gumball, it appears the Team is seizing these opportunities to integrate CS into storytelling without a primary tech focus." The study adds, "In the case of certain series, we provided on-going advisement. The Fosters, Miles from Tomorrowland, Halt and Catch Fire, Ready, Jet, Go, The Powerpuff Girls and Odd Squad are examples of this. In addition to our continuing interactions, we engaged in extensive PR and marketing support including social media outreach, events and press."

Google's TV interventions have even spilled over into public education -- one of Google-sponsored Code.org's signature Hour of Code tutorials last December was Gumball's Coding Adventure, inspired by the Google-advised Cartoon Network series, The Amazing Adventures of Gumball. "We need more students around the world pursuing an education in CS, particularly girls and minorities, who have historically been underrepresented in the field," explains a Google CS First presentation for educators on the search giant's Hour of Code partnership with Cartoon Network. "Based on our research, one of the reasons girls and underrepresented minorities are not pursuing computer science is because of the negative perception of computer scientists and the relevance of the field beyond coding." According to a 2015 USC report, President Obama was kept abreast of efforts to challenge media's stereotypical portrayals of women; White House Visitor Records show that USC's Smith, the Google-funded study's lead author, and Google CS Education in Media Program Manager Julie Ann Crommett (now at Disney) were among those present when the White House Council on Women and Girls met earlier that year with representatives of the nation's leading toy makers, media giants, retailers, educators, scientists, the U.S. Dept. of Education, and philanthropists.

In October, Kaspersky Labs was sued by a "do-nothing patent holder in East Texas who demanded a cash settlement before it would go away," reports Ars Technica. Today, founder and CEO Eugene Kaspersky said his company has defeated five patent assertion entities, including the infamous claims from Lodsys, "a much-maligned patent holder that sent demand letters to small app developers." The patent-licensing company who sued Kaspersky Labs in October was not only defeated, but they ended up paying Kaspersky $5,000 to end the litigation. From the report: The patent-licensing company, Wetro Lan LLC, owned U.S. Patent No. 6,795,918, which essentially claimed an Internet firewall. The patent was filed in 2000 despite the fact that computer network firewalls date to the 1980s. The '918 patent was used in what the Electronic Frontier Foundation called an "outrageous trolling campaign," in which dozens of companies were sued out of Wetro Lan's "headquarters," a Plano office suite that it shared with several other firms that engage in what is pejoratively called "patent-trolling." Wetro Lan's complaints argued that a vast array of Internet routers and switches infringed its patent. Most companies sued by Wetro Lan apparently reached settlements within a short time, a likely indicator of low-value settlement demands. Not a single one of the cases even reached the claim construction phase. But Kaspersky wouldn't pay up. As claim construction approached, Kaspersky's lead lawyer Casey Kniser served discovery requests for Wetro Lan's other license agreements. He suspected the amounts were low. Wetro Lan's settlement demands kept dropping, down from its initial "amicable" demand of $60,000. Eventually, the demands reached $10,000 -- an amount that's extremely low in the world of patent litigation. Kniser tried to explain that it didn't matter how far the company dropped the demand. "Kaspersky won't pay these people even if it's a nickel," he said. Then Kniser took a new tack. "We said, actually, $10,000 is fine," said Kniser. "Why don't you pay us $10,000?" After some back-and-forth, Wetro Lan's lawyer agreed to pay Kaspersky $5,000 to end the litigation. Papers were filed Monday, and both sides have dropped their claims.

An anonymous reader writes: "Mozilla engineers are discussing plans to change the way Firefox collects usage data (telemetry), and the organization is currently preparing to test an opt-out clause so they could collect more data relevant to the browser's usage," reports Bleeping Computer. "In a Google Groups discussion that's been taking place since Monday, Mozilla engineers cite the lack of usable data the Foundation is currently receiving via its data collection program. The problem is that Firefox collects data from a very small fraction of its userbase, and this data may not be representative of the browser's real usage." Mozilla would like to fix this by flipping everyone's telemetry setting to enabled and adding an opt-out clause. Engineers also plan to embed Google's RAPPAR project [1, 2] for anonymous data collection.

Google Allo, the chat app that arrived on the iPhone and Android devices last year, now has a web counterpart. Head of product for Allo and video chat app Duo, Amit Fulay, tweeted: "Allow for web is here! Try it on Chrome today. Get the latest Allo build on Android before giving it a spin." Engadget reports: To give it a go, you'll need to open the Allo app on your device and use that to scan a QR code you can generate at this link. Once you've scanned the code, Allo pulls up your chat history and mirrors all the conversations you have on your phone. Most of Allo's key features, including smart replies, emoji, stickers and most importantly the Google Assistant are all intact here. In fact, this is the first time you can really get the full Google Assistant experience through the web; it's been limited to phones and Google Home thus far.

An anonymous reader quotes a report from Gizmodo: Benchmark Capital, one of Uber's largest investors, is trying to explain its legal feud with former CEO Travis Kalanick to the ride-sharing company's employees. Benchmark sued Kalanick for fraud last week, adding another controversy to the company's already disastrous summer. In an open letter to Uber employees, Benchmark slammed Kalanick's leadership of the company and said that he was purposely hindering the board's search for a replacement CEO. The firm also criticized Uber's slow response to the report compiled by Eric Holder and Tammy Albarran on harassment within Uber, and the stagnant search for a chief financial officer that has dragged on for more than two years.

"It has appeared at times as if the search was being manipulated to deter candidates and create a power vacuum in which Travis could return," the unsigned letter reads. "It's easy to reduce this situation to a battle of personalities. But this isn't about Benchmark versus Travis. It's about ensuring that Uber can reach its full potential as a company. And that will only happen if we get rid of the roadblocks and distractions that have plagued Uber, and its board, for far too long," Benchmark wrote in its letter. "Failing to act would have meant endorsing behavior that was utterly unacceptable in any company, let alone a company of Uber's size and importance." Kalanick has responded to Benchmark through a spokesperson via The New York Times: "Like many shareholders, I am disappointed and baffled by Benchmark's hostile actions, which clearly are not in the best interests of Uber and its employees on whose behalf they claim to be acting. Since 2009, building Uber into a great company has been my passion and obsession. I continue to work tirelessly with the board to identify and hire the best CEO to guide Uber into its next phase of growth and ensure its continued success."

An anonymous reader quotes Gizmodo: It started back in 1998 as an April Fool's Day gag. Written up by Larry Masinter of the Internet Engineering Task Force (IETF), error code 418 -- "I'm a teapot" -- was nothing more than a poke at the "many bad HTTP extensions that had been proposed". Despite its existence as a joke, a number of major software projects, including Node.js, ASP.NET and Google's Go language, implemented it as an Easter egg. A recent attempt to excise the fictitious code from these projects ended up doing the opposite, cementing it as a "reserved" error by the IETF...

Mark Nottingham, IETF chair for the HTTP and QUIC working groups, flagged the code's removal as an "issue" for Google's Go language, the Node.js Javascript runtime and Microsoft's ASP.NET... Nottingham's argument was that 418 was "polluting [the] core protocol" of these projects... It didn't take long for a "Save 418" website to go live and through the efforts of interested internet historians (and jokers), all three of the aforementioned projects have decided to keep the code as it is, though Google will "revisit" the situation with the next major version of Go.
The Save 418 site argued that "the application of such an status code is boundless. Its utility, quite simply, is astonishingly unparalleled. It's a reminder that the underlying processes of computers are still made by humans. It'd be a real shame to see 418 go."

A federal appeals court affirmed the April 2015 inter partes review (IPR) ruling -- a process that allows anyone to challenge a patent's validity at the U.S. Patent and Trademark Office -- that invalidated the so-called "podcasting patent." "That process was held by a company called Personal Audio, which had threatened numerous podcasts with lawsuits in recent years," reports Ars Technica. From the report: Back in 2013, Personal Audio began sending legal demand letters to numerous podcasters and companies, like Samsung, in an apparent attempt to cajole them into a licensing deal, lest they be slapped with a lawsuit. Some of those efforts were successful: in August 2014, Adam Carolla paid about $500,000. As Personal Audio began to gain more public attention, the Electronic Frontier Foundation, however, stepped in and said that it would challenge Personal Audio's US Patent No. 8,112,504, which describes a "system for disseminating media content representing episodes in a serialized sequence." In the end, EFF raised over $76,000, more than double its initial target.

[T]he history of Personal Audio dates to the late 1990s, when founder Jim Logan created a company seeking to create a kind of proto-iPod digital music player. But his company flopped. Years later, Logan turned to lawsuits to collect money from those investments. He sued companies over both the "episodic content" patent, as well as a separate patent, which Logan and his lawyers said covered playlists. He and his lawyers wrung verdicts or settlements from Samsung and Apple.

Mark Wilson shares a report from BetaNews: Google has relaxed its rules surrounding real-money gambling apps in Google Play -- in some countries, at least. There has been a ban on apps and games that allow users to gamble with real money since 2013, but that has now changed. While there was previously a ban in place due to the difficulty in policing ages and complying with different gambling laws around the world, real-money gambling apps are now permitted in the UK, France and Ireland. The new rules stipulate that developers must submit their gambling apps for a special vetting process, and they must have an IARC content rating. Other rules include a ban on the use of Google payment services, a requirement to display information about responsible gambling, and a requirement to block underage use. The full list of requirements [can be viewed here].