Slashdot Mirror

Microsoft has official closed its acquisition of GitHub, the Git-based code sharing and collaboration service with 31 million developers. "The Redmond, WA-based software behemoth first said it would acquire GitHub for $7.5 billion in stock in June of this year, and after the acquisition closed it would continue to run it as an independent platform and business," reports TechCrunch. From the report: The acquisition is yet another sign of how Microsoft has been doubling down on courting developers and presenting itself as a neutral partner to help them with their projects. That is because, despite its own very profitable proprietary software business, Microsoft also has a number of other businesses -- for example, Azure, which competes with AWS and Google Cloud -- that rely heavily on it being unbiased towards one platform or another. And GitHub, Microsoft hopes, will be another signal to the community of that position. In that regard, it will be an interesting credibility test for the companies. Nat Friedman, previously the CEO of Xamarin, will be the CEO of GitHub on Monday. He says the site will be run as an independent platform and business.

"We will always support developers in their choice of any language, license, tool, platform, or cloud," he writes, noting that there will be more tools to come. "We will continue to build tasteful, snappy, polished tools that developers love," he added.

Facebook announced today in a blog post that it has removed 8.7 million posts last quarter that violated its rules against child exploitation. The company said it used new AI and machine learning technology to remove 99 percent of those posts before anyone reported them. TechCrunch reports: The new technology examines posts for child nudity and other exploitative content when they are uploaded and, if necessary, photos and accounts are reported to the National Center for Missing and Exploited Children. Facebook had already been using photo-matching technology to compare newly uploaded photos with known images of child exploitation and revenge porn, but the new tools are meant to prevent previously unidentified content from being disseminated through its platform. The technology isn't perfect, with many parents complaining that innocuous photos of their kids have been removed. Davis addressed this in her post, writing that in order to "avoid even the potential for abuse, we take action on nonsexual content as well, like seemingly benign photos of children in the bath" and that this "comprehensive approach" is one reason Facebook removed as much content as it did last quarter. The tech isn't always right though. In 2016, it was criticized for removing content like the iconic 1972 photo of Phan Thi Kim Phuc, known as the "Napalm Girl," fleeing naked after suffering third-degree burns in a South Vietnamese napalm attack on her village. COO Sheryl Sandberg apologized for it at the time.

In a speech discussing ethics and the Internet, the inventor of the World Wide Web, Sir Tim Berners-Lee, has tasked the technology industry and its coder army with paying continuous attention to the world their software is consuming as they go about connecting humanity through technology. From a report: Coding must mean consciously grappling with ethical choices in addition to architecting systems that respect core human rights like privacy, he suggested. "Ethics, like technology, is design," he told delegates at the 40th International Conference of Data Protection and Privacy Commissioners (ICDPPC) which is taking place in Brussels this week. "As we're designing the system, we're designing society. Ethical rules that we choose to put in that design [impact the society]... Nothing is self evident. Everything has to be put out there as something that we think we will be a good idea as a component of our society." If your tech philosophy is the equivalent of 'move fast and break things' it's a failure of both imagination and innovation to not also keep rethinking policies and terms of service -- "to a certain extent from scratch" -- to account for fresh social impacts, he argued in the speech.

He pointed to how Wikipedia had to rapidly adapt its policies after putting online the power for anyone to edit its encyclopedia, noting: "They introduced a whole lot of bureaucracy around it but that actually makes it work, and it ended up be coming very functional." He described today's digital platforms as "sociotechnical systems" -- meaning "it's not just about the technology when you click on the link it is about the motivation someone has to make such a great thing because then they are read and the excitement they get just knowing that other people are reading the things that they have written."

Apple's CEO Tim Cook has joined the chorus of voices warning that data itself is being weaponized against people and societies -- arguing that the trade in digital data has exploded into a "data industrial complex." From a report: Cook did not namecheck the adtech elephants in the room: Google, Facebook and other background data brokers that profit from privacy-hostile business models. But his target was clear. "Our own information -- from the everyday to the deeply personal -- is being weaponized against us with military efficiency," warned Cook. "These scraps of data, each one harmless enough on its own, are carefully assembled, synthesized, traded and sold. Taken to the extreme this process creates an enduring digital profile and lets companies know you better than you may know yourself. Your profile is a bunch of algorithms that serve up increasingly extreme content, pounding our harmless preferences into harm. We shouldn't sugarcoat the consequences. This is surveillance," he added. In a series of tweets, Cook added: It was an honor to be invited to ICDPPC 2018 in Brussels this morning. I'd like to share a bit of what I said to this gathering of privacy regulators from around the world. It all boils down to a fundamental question: What kind of world do we want to live in? GDPR has shown us all that good policy and political will can come together to protect the rights of everyone. We believe that privacy is a fundamental human right. No matter what country you live in, that right should be protected in keeping with four essential principles.

First, companies should challenge themselves to de-identify customer data or not collect that data in the first place. Second, users should always know what data is being collected from them and what it's being collected for. This is the only way to empower users to decide what collection is legitimate and what isn't. Anything less is a sham. Third, companies should recognize that data belongs to users and we should make it easy for people to get a copy of their personal data, as well as correct and delete it. And fourth, everyone has a right to the security of their data. Security is at the heart of all data privacy and privacy rights. Technology is capable of doing great things. But it doesn't want to do great things. It doesn't want anything. That part takes all of us. We are optimistic about technology's awesome potential for good -- but we know that it won't happen on its own.

Lyft is acquiring Blue Vision Labs, a UK-based augmented reality firm whose underlying technology helps cars both know their location and understand their surroundings. It's also unveiling its first test vehicle to advance its vision for self-driving cars. TechCrunch reports: The first car from Lyft's Level 5 self-driving initiative will be the Ford Fusion Hybrid. While the integration of Lyft's autonomous technologies and a Ford car is impressive, perhaps more meaningful is the company's acquisition of Blue Vision Labs, a startup out of London that has developed a way of ingesting street-level imagery and is using it to build collaborative, interactive augmented reality layers -- all by way of basic smartphone cameras.

Blue Vision will sit within Lyft's Level 5 autonomous car division headed up by Luc Vincent (who joined the company last year as VP of engineering after creating and running Google Street View). The startup and its staff of 39 (everyone is joining Lyft) will also become the anchor for a new R&D operation in London or the San Francisco-based company, focused on that autonomous driving effort. Level 5 is stepping up a gear in another way today, too: Lyft is unveiling a new vehicle that it will be using for testing. Blue Vision has developed technology that provides both street level mapping and interactive augmented reality that lets two people see the same virtual objects. The company has already built highly detailed maps that developers can now use to develop collaborative AR experiences -- it's like the maps of these spaces become canvasses for virtual objects to be painted on. Over time, we may see various uses of it throughout the Lyft platform, but for now the main focus is Level 5. The report doesn't provide an exact amount that Blue Vision was acquired for, but people familiar with the acquisition say it's around $72 million with $30 million on top of that based on hitting certain milestones.

An anonymous reader quotes a report from TechCrunch: A few weeks after Circle announced the launch of USD Coin (or USDC for short), Coinbase also announced that customers can now buy, sell, send and receive USDC on Coinbase. A USDC is a token that is worth exactly 1 USD. Its value is going to stay stable against USD -- hence the name stablecoin for this type of coins. Unlike traditional cryptocurrencies, you can be sure that the value of your USDC wallet isn't going to fluctuate like crazy. It opens up new possibilities and use cases.

While Coinbase lets you hold USD in your Coinbase account, this isn't safe. If somebody hacks into your account, you could end up with an empty wallet. That's why you should always try to control the keys of your wallet and transfer your coins to a safer wallet, such as a Ledger wallet or at least a software solution like MyEtherWallet. But if you want to short cryptocurrencies without sending your USD back to your bank account, you can now convert your tokens to USDC. This way, it'll be easier to buy cryptocurrencies again in the future. And maybe you can avoid paying taxes by hiding your tokens from taxation authorities USDC is an ERC-20 token that leverages the Ethereum blockchain and ecosystem. In an effort to regulate USDC, Circle, Coinbase and others have created the CENTRE consortium to define the policies around stablecoins. "For instance, if you want to handle stablecoins on your exchange, you need to send regular audited reports that prove that you have as many USD sitting on a bank account as issued tokens," reports TechCrunch.

"According to CNET, TechCrunch and others, the Trump administration reportedly wants tech giants to make it easy for workers to take leaves of absence to help the government modernize," writes Slashdot reader kimanaw. From a report: White House officials on Monday planned to meet with tech giants including Google, Microsoft, Amazon and IBM, to discuss ways to make it easier for employees to take leaves of absence to help with government projects, according to The Washington Post. The administration reportedly hopes tech industry workers will be able to help modernize state and federal agencies and tackle challenges such as upgrading the veterans' health care system. Attracting tech talent may prove difficult for the Trump administration, which hasn't always seen eye to eye with Silicon Valley on issues such as the president's ban on travel from predominantly Muslim countries. However, White House officials believe tech workers are willing to "put politics aside." "This event on Monday is not just about our efforts, it's about our successor, and their successor after that," said one unnamed official, according to the Post. The White House didn't respond to a request for comment.

According to a press release posted today, Netflix is planning to raise $2 billion to help fund new content, including "content acquisitions, production and development, capital expenditures, investments, working capital and potential acquisitions and strategic transactions." TechCrunch reports: The funds will be raised in the form of senior unsecured notes, denominated in U.S. dollars and euros, it said. This debt offering is the sixth time in under four years that Netflix is raising $1 billion or more through bonds, noted Variety, which was among the first to report the news. As of September 30, Netflix's long-term debt had reached $8.34 billion, up 71% from $4.89 billion in the year ago quarter, it said during its last earnings, Variety's report also noted. Netflix recently explained during its Q3 2018 earnings that it needs to continue to invest in original programming in order to remain competitive. "Content companies such as WarnerMedia and Disney/Fox are moving to self-distribute their own content; tech firms like Apple, Amazon and others are investing in premium content to enhance their distribution platforms," the letter also stated. "Amid these massive competitors on both sides, plus traditional media firms, our job is to make Netflix stand out so that when consumers have free time, they choose to spend it with our service," it had said.

Brendan Iribe, the co-founder and former CEO of Oculus, announced today that he is leaving Facebook. From a report: Iribe is leaving Facebook following some internal shake-ups in the company's virtual reality arm last week that saw the cancellation of the company's next generation "Rift 2" PC-powered virtual reality headset, which he had been leading development of, a source close to the matter told TechCrunch. Iribe and the Facebook executive team had "fundamentally different views on the future of Oculus that grew deeper over time," and Iribe wasn't interested in a "race to the bottom" in terms of performance, we are told.

TechCrunch reports: A major new campaign of disinformation around Brexit, designed to stir up U.K. 'Leave' voters, and distributed via Facebook, may have reached over 10 million people in the U.K., according to new research. The source of the campaign is so far unknown, and will be embarrassing to Facebook, which only this week claimed it was clamping down on "dark" political advertising on its platform. Researchers for the U.K.-based digital agency 89up allege that Mainstream Network -- which looks and reads like a "mainstream" news site but which has no contact details or reporter bylines -- is serving hyper-targeted Facebook advertisements aimed at exhorting people in Leave-voting U.K. constituencies to tell their MP to "chuck Chequers." Chequers is the name given to the U.K. Prime Ministers's proposed deal with the EU regarding the U.K.'s departure from the EU next year.
ABC News reports: When the Justice Department unsealed criminal charges detailing a yearslong effort by a Russian troll farm to "sow division and discord in the U.S. political system," it was the first federal case alleging continued foreign interference in U.S. elections. Earlier Friday, American intelligence officials released a rare public statement asserting that Russia, China, Iran and other countries are engaged in ongoing efforts to influence U.S. policy and voters in future elections. The statement didn't provide details on those efforts. That stood in contrast with the criminal charges, which provided a detailed narrative of Russian activities...

The criminal complaint provided a clear picture that there is still a hidden but powerful Russian social media effort aimed at spreading distrust for American political candidates and causing divisions on social issues such as immigration and gun control.... Court papers describe how the operatives in Friday's case would analyze U.S. news articles and decide how they would draft social media messages about those stories. They also show that Russian trolls have stepped up their efforts with a better understanding the U.S. political climate and messages that are no longer riddled with misspellings.
CNN notes that one week before America's 2016 presidential election, "one of the Kremlin-backed accounts denied that Russian meddling, saying: 'Russia's Putin says Moscow not trying to influence U.S. election.'"

An anonymous reader quotes TechCrunch: For the longest time, GitHub was all about storing source code and sharing it either with the rest of the world or your colleagues. Today, the company, which is in the process of being acquired by Microsoft, is taking a step in a different but related direction by launching GitHub Actions. Actions allow developers to not just host code on the platform but also run it. We're not talking about a new cloud to rival AWS here, but instead about something more akin to a very flexible IFTTT for developers who want to automate their development workflows, whether that is sending notifications or building a full continuous integration and delivery pipeline.

This is a big deal for GitHub. Indeed, Sam Lambert, GitHub's head of platform, described it to me as "the biggest shift we've had in the history of GitHub... I see Continuous Integration/Continuous Delivery as one narrow use case of actions. It's so, so much more," Lambert stressed. "And I think it's going to revolutionize DevOps because people are now going to build best in breed deployment workflows for specific applications and frameworks, and those become the de facto standard shared on GitHub... It's going to do everything we did for open source again for the DevOps space and for all those different parts of that workflow ecosystem...."

Over time -- and Lambert seemed to be in favor of this -- GitHub could also allow developers to sell their workflows and Actions through the GitHub marketplace. For now, that's not an option, but it it's definitely that's something the company has been thinking about. Lambert also noted that this could be a way for open source developers who don't want to build an enterprise version of their tools (and the sales force that goes with that) to monetize their efforts.

Winamp, the world's most famous media player, has released version 5.8 to make it compatible with today's modern operating systems such as Windows 8.1 and Windows 10. Bleeping Computer notes that there hasn't been a new updates released since 2014, when Radionomy purchased Winamp from AOL. Some other new features include standalone audio player support, an auto-fullscreen option for videos, updates scrollbars and buttons, and bug fixes.

From the report: Radionomy has stated that they are not stopping here and have big plans for Winamp. In an interview with TechCrunch, Radionomy CEO Alexandre Saboundjian, revealed that a massive release is planned for 2019 that aims to add cloud support for streaming music, podcasts, and more. "There will be a completely new version next year, with the legacy of Winamp but a more complete listening experience," Saboundjian stated in the interview. "You can listen to the MP3s you may have at home, but also to the cloud, to podcasts, to streaming radio stations, to a playlist you perhaps have built."

An anonymous reader quotes a report from TechCrunch: Thermostats know the temperature of your house, and smart cameras and sensors know when someone's walking around your home. Smart assistants know what you're asking for, and smart doorbells know who's coming and going. And thanks to the cloud, that data is available to you from anywhere -- you can check in on your pets from your phone or make sure your robot vacuum cleaned the house. Because the data is stored or accessible by the smart home tech makers, law enforcement and government agencies have increasingly sought out data from the companies to solve crimes. And device makers won't say if your smart home gadgets have been used to spy on you. We asked some of the most well-known smart home makers on the market if they plan on releasing a transparency report, or disclose the number of demands they receive for data from their smart home devices. For the most part, we received fairly dismal responses. Amazon did not respond to requests for comment, but a spokesperson for the company said last year that it would not reveal the figures for its Echo smart speakers. Facebook said that its transparency report section will include "any requests related to Portal," its new hardware screen with a camera and a microphone. A spokesperson for the company did not comment on if the company will break out the hardware figures separately. Google also declined to comment, but did point TechCruch to Nest's transparency report. Apple, the last of the big tech giants, said that there's no need to disclose its smart home figures because there would be nothing to report, adding that user requests made to HomePod are given a random identifier that cannot be tied to a person.

TechCrunch also asked a number of smaller smart home players, like August, iRobot, Arlo, Ring, Honeywell, Canary, Samsung, and Ecobee.

Security researchers have found flaws in four popular connected storage drives that they say could let hackers access a user's private and sensitive data. From a report: The researchers Paulos Yibelo and Daniel Eshetu said the software running on three of the devices they tested -- NetGear Stora, Seagate Home and Medion LifeCloud -- can allow an attacker to remotely read, change and delete data without requiring a password. Yibelo, who shared the research with TechCrunch this week and posted the findings Friday, said that many other devices may be at risk.

The software, Hipserv, built by tech company Axentra, was largely to blame for three of the four flaws they found. Hipserv is Linux-based, and uses several web technologies -- including PHP -- to power the web interface. But the researchers found that bugs could let them read files on the drive without any authentication. It also meant they could run any command they wanted as "root" -- the built-in user account with the highest level of access -- making the data on the device vulnerable to prying eyes or destruction.

MongoDB is taking action against cloud giants who are taking its open-source code and offering a hosted commercial version of its database to their users without playing by the open-source rules. The company announced today that it has issued a new software license, the Server Side Public License (SSPL), "that will apply to all new releases of its MongoDB Community Server, as well as all patch fixes for prior versions," reports TechCrunch. From the report: For virtually all regular users who are currently using the community server, nothing changes because the changes to the license don't apply to them. Instead, this is about what MongoDB sees as the misuse of the AGPLv3 license. "MongoDB was previously licensed under the GNU AGPLv3, which meant companies who wanted to run MongoDB as a publicly available service had to open source their software or obtain a commercial license from MongoDB," the company explains. "However, MongoDB's popularity has led some organizations to test the boundaries of the GNU AGPLv3."

So while the SSPL isn't all that different from the GNU GPLv3, with all the usual freedoms to use, modify and redistribute the code (and virtually the same language), the SSPL explicitly states that anybody who wants to offer MongoDB as a service -- or really any other software that uses this license -- needs to either get a commercial license or open source the service to give back the community. "The market is increasingly consuming software as a service, creating an incredible opportunity to foster a new wave of great open source server-side software. Unfortunately, once an open source project becomes interesting, it is too easy for cloud vendors who have not developed the software to capture all of the value but contribute nothing back to the community," said Eliot Horowitz, the CTO and co-founder of MongoDB, in a statement. "We have greatly contributed to -- and benefited from -- open source and we are in a unique position to lead on an issue impacting many organizations. We hope this will help inspire more projects and protect open source innovation."

An anonymous reader quotes a report from TechCrunch: Morgan Knutson, a UI designer who seven years ago, spent eight months at Google working on its recently shuttered social networking product Google+ and who, in light of the shutdown, decided to share on Twitter his personal experience with how "awful the project and exec team was." It's a fairly long read, but among his most notable complaints is that former Google SVP Vic Gundotra, who oversaw Google+, ruled by fear and never bothered to talk with Knutson, whose desk was "directly next to Vic's glass-walled office. He would walk by my desk dozens of times during the day. He could see my screen from his desk. During the 8 months I was there, culminating in me leading the redesign of his product, Vic didn't say a word to me. No hello. No goodbye, or thanks for staying late. No handshake. No eye contact."

He also says Gundotra essentially bribed other teams within Google to incorporate Google+'s features into their products by promising them handsome financial rewards for doing so atop their yearly bonuses. "You read that correctly, "tweeted Knutson. "A f*ck ton of money to ruin the product you were building with bloated garbage that no one wanted." Gundotra is today the cofounder and CEO of AliveCor, maker of a device that captures a "medical grade" E.K.G. within 30 seconds; AliveCor has gone on to raise $30 million from investors, including the Mayo Clinic. Asked about Knutson's characterization of him, Gundotra suggested the rant was "absurd" but otherwise declined to comment. Knutson goes on to paint "a picture of a political, haphazard, wasteful and ultimately disappointing division where it was never quite clear who should be working on what or why," reports TechCrunch.

The charmingly outdated media player Winamp is being reinvented as a platform-agnostic audio mobile app that brings together all your music, podcasts, and streaming services to a single location. From a report: It's an ambitious relaunch, but the company behind it says it's still all about the millions-strong global Winamp community -- and as proof, the original desktop app is getting an official update as well. For those who don't remember: Winamp was the MP3 player of choice around the turn of the century, but went through a rocky period during Aol ownership and failed to counter the likes of iTunes and the onslaught of streaming services, and more or less crumbled over the years. The original app, last updated in 2013, still works, but to say it's long in the tooth would be something of an understatement (the community has worked hard to keep it updated, however). So it's with pleasure that I can confirm rumors that substantial updates are on the way.

"There will be a completely new version next year, with the legacy of Winamp but a more complete listening experience," said Alexandre Saboundjan, CEO of Radionomy, the company that bought Winamp (or what remained of it) in 2014. "You can listen to the MP3s you may have at home, but also to the cloud, to podcasts, to streaming radio stations, to a playlist you perhaps have built. People want one single experience," he concluded. "I think Winamp is the perfect player to bring that to everybody. And we want people to have it on every device."

In an effort to build faster, more efficient chips, Apple is paying a total of $600 million to Dialog Semiconductor, a chipmaker based out of Europe that it's been working with since the first iPhone. According to TechCrunch, Apple is paying $300 million in cash to buy a portion of the company, including licensing power-management technologies, assets, and more than 300 employees, as well as "committing a further $300 million to make purchases from the remaining part of Dialog's business." From the report: While Dialog is describing this as an asset transfer and licensing deal, it will be Apple's biggest acquisition by far in terms of people: 300 people will be joining Apple as part of it, or about 16 percent of Dialog's total workforce. From what we understand, those who are joining have already been working tightly with Apple up to now. The teams joining are based across Livorno in Italy, Swindon in England, and Nabern and Neuaubing in Germany, near Munich, where Apple already has an operation.

In some cases, Apple will be taking over entire buildings that had been owned by Dialog, and in others they will be colocating in buildings where Dialog will continue to develop its own business â" another sign of how closely the two have and will continue to work together. The Dialog employees Apple is picking up in this acquisition will report to Apple's SVP of hardware technologies, Johny Srouji. Dialog says post the acquisition, the remaining part of the business will focus more on IoT, as well as mobile, automotive, computing and storage markets, specifically as a provider of custom and configurable mixed-signal integrated circuit chips.

Facebook is reportedly testing a feature that will let you take back what you send via Messenger. The company said it was working on the feature back in April after TechCrunch caught it deleting messages from CEO Mark Zuckerberg. After TechCrunch asked Facebook about its progress on the Unsend feature, the company said: "Though we have nothing to announce today, we have previously confirmed that we intend to ship a feature like this and are still planning to do so." From the report: Now we have our first look at the feature thanks to TechCrunch's favorite tipster Jane Manchun Wong. She's managed to generate screenshots of a prototype Unsend button from Facebook Messenger's Android code. Currently, you can only delete messages from your own inbox -- they still remain in the recipients' inbox. But with this Unsend feature prototype, you're able to remove a message from both sides of a conversation. However, the code indicates that in the current prototype there's a "time limit." That may mean users would only have a certain amount of time after they send a message to unsend it. That would essentially be an editing window in which users could take back what they said.

Apple has strongly criticized Australia's anti-encryption bill, calling it "dangerously ambiguous" and "alarming to every Australian." From a report: The Australian government's draft law -- known as the Access and Assistance Bill -- would compel tech companies operating in the country, like Apple, to provide "assistance" to law enforcement and intelligence agencies in accessing electronic data. The government claims that encrypted communications are "increasingly being used by terrorist groups and organized criminals to avoid detection and disruption," without citing evidence. But critics say that the bill's "broad authorities that would undermine cybersecurity and human rights, including the right to privacy" by forcing companies to build backdoors and hand over user data -- even when it's encrypted. Now, Apple is the latest company after Google and Facebook joined civil and digital rights groups -- including Amnesty International -- to oppose the bill, amid fears that the government will rush through the bill before the end of the year. In a seven-page letter to the Australian parliament, Apple said that it "would be wrong to weaken security for millions of law-abiding customers in order to investigate the very few who pose a threat." The company adds, "We appreciate the government's outreach to Apple and other companies during the drafting of this bill. While we are pleased that some of the suggestions incorporated improve the legislation, the unfortunate fact is that the draft legislation remains dangerously ambiguous with respect to encryption and security. This is no time to weaken encryption. Rather than serving the interests of Australian law enforcement, it will just weaken the security and privacy of regular customers while pushing criminals further off the grid."

An anonymous reader quotes a report from TechCrunch: Some nice momentum for privacy-focused search engine DuckDuckGo which has just announced it's hit 30 million daily searches a year after reaching 20 million -- a year-on-year increase of 50%. Hitting the first 10 million daily searches took the search engine a full seven years, and then it was another two to get to 20 million. So as growth curves go it must have required patience and a little faith in the run up. It also recently emerged that DDG had quietly picked up $10 million in VC funding, which is only its second tranche of external investment. The company told us this financing would be used to respond to an expanding opportunity for pro-privacy business models, including by tuning its search engine for more local markets and expanding its marketing channels to "have more of a global focus."

Slate's Rachel Withers argues that "tech companies that profit from Wikipedia's extensive database owe Wikimedia a much greater debt." Amazon's Alexa, for example, uses Wikipedia "without credit, contribution, or compensation." The Google Assistant also sources Wikipedia, but they credit the encyclopedia -- and other sites -- when it uses it as a resource. From the report: Amazon recently donated $1 million to the Wikimedia Endowment, a fund that keeps Wikipedia running, as "part of Amazon's and CEO Jeff Bezos' growing work in philanthropy," according to CNET. It's being framed as a "gift," one that -- as Amazon puts it -- recognizes their shared vision to "make it easier to share knowledge globally." Obviously, and as alluded to by CNET, $1 million is hardly a magnanimous donation from Amazon and Bezos, the former a trillion-dollar company and the latter a man with a net worth of more than $160 billion. But it's not just the fact that this donation is, in the scheme of things, paltry. It's that this "endowment" is dwarfed by what Amazon and its ilk get out of Wikipedia -- figuratively and literally. Wikipedia provides the intelligence behind many of Alexa's most useful skills, its answers to everything from "What is Wikipedia?" to "What is Slate?" (meta).

Amazon's know-it-all Alexa is renowned for its ability to answer questions, but Amazon didn't compile all that data itself; according to the Amazon developer forum, "Alexa gets her information from a variety of trusted sources such as IMDb, Accuweather, Yelp, Answers.com, Wikipedia and many others." Nor did it pay those who did: While Amazon customers pay at least $39.99 for an Echo device (and the pleasure of asking Alexa questions), Alexa freely pulls this information from the internet, leeching off the hard work performed by Wikipedia's devoted volunteers (and unlike high school students, it doesn't even bother to change a few words around). It's hardly noble for Amazon to support Wikipedia, considering how much Alexa uses its services, nor is it particularly selfless to fund the encyclopedia when it relies upon its peer-reviewed accuracy; ultimately, helping Wikipedia helps Amazon, too. [...] We all benefit from Wikipedia, but arguably no one more than the smart speakers, for which the internet's encyclopedia is a valuable and value-adding resource. It's frankly a little exploitative how little they give back. Withers goes on to note that Wikipedia seeks donations from its users -- it's a non-profit that runs entirely on donations from the general public. While one can argue that "Amazon is only packing up information that we ourselves leech for free all the time, [...] Alexa is also diverting people away from visitng Wikipedia pages, where they might noticed a little request for a donation, or from realizing they are using Wikipedia's resources at all," Withers writes.

A report from TechCrunch earlier this year pointed out that Amazon is the only one of the big tech players not found on Wikimedia's 2017-2018 corporate donor list -- one that includes Apple, Google, and even Amazon's Seattle-based sibling Microsoft, all of which matched employee donations to the tune of $50,000.

An anonymous reader writes: FitMetrix, a fitness technology and performance tracking company owned by gym booking giant Mindbody, has exposed millions of user records because it left several of its servers without a password. The company builds fitness tracking software for gyms and group classes -- like CrossFit and SoulCycle -- that displays heart rate and other fitness metric information for interactive workouts. FitMetrix was acquired by gym and wellness scheduling service Mindbody earlier this year for $15.3 million, according to a government filing. Last week, a security researcher found three FitMetrix unprotected servers leaking customer data. It isn't known how long the servers had been exposed, but the servers were indexed by Shodan, a search engine for open ports and databases, in September.

The servers included two of the same ElasticSearch instances and a storage server -- all hosted on Amazon Web Service -- yet none were protected by a password, allowing anyone who knew where to look to access the data on millions of users. Bob Diachenko, Hacken.io's director of cyber risk research, found the databases containing 113.5 million records -- though it's not known how many users were directly affected. Each record contained a user's name, gender, email address, phone numbers, profile photos, their primary workout location, emergency contacts and more. Many of the records were not fully complete.

At the company's first developer conference, Magic Leap announced they are opening orders of the Magic Leap One Creator's Edition headset to the 48 contiguous states of the USA. If you're in Hawaii or Alaska, no dice. TechCrunch reports: Previously, you had to be in Chicago, LA, Miami, NYC, San Francisco or Seattle in order to get your hands on it. Also, if you had previously ordered the headset in one of those cities, someone would come to you, drop it off and get you set up personally. That service is expanding to 50 cities, but you also don't need to have someone set it up for you in order to buy one now. It's worth reiterating that this thing costs $2,295. The company is doing a financing plan with Affirm so that interested buyers can spread the cost of the device over 24 months.

When Chrome 70 arrives on October 16th, it will drop trust for a major HTTPS certificate provider, putting hundreds of popular websites at risk of breaking. "Chrome 70 is expected to be released on or around October 16, when the browser will start blocking sites that run older Symantec certificates issued before June 2016, including legacy branded Thawte, VeriSign, Equifax, GeoTrust and RapidSSL certificates," reports TechCrunch. From the report: [D]espite more than a year to prepare, many popular sites are not ready. Security researcher Scott Helme found 1,139 sites in the top one million sites ranked by Alexa, including Citrus, SSRN, the Federal Bank of India, Pantone, the Tel-Aviv city government, Squatty Potty and Penn State Federal to name just a few. Ferrari, One Identity and Solidworks were named on the list but recently switched to new certificates, escaping any future outages.

HTTPS certificates encrypt the data between your computer and the website or app you're using, making it near-impossible for anyone -- even on your public Wi-Fi hotspot -- to intercept your data. Not only that, HTTPS certificates prove the integrity of the the site you're visiting by ensuring the pages haven't been modified in some way by an attacker. Most websites obtain their HTTPS certificates from a certificate authority, which abide by certain rules and procedures that over time become trusted by web browsers. If you screw that up and lose their trust, the browsers can pull the plug on all of the certificates from that authority. For these reasons, Google stopped supporting Symantec certificates last year after it was found to be issuing misleading and wrong certificates, as well as allowing non-trusted organizations to issue certificates without the proper oversight.

In a 6,000-word leaked memo to Cheddar's Alex Heath, Snapchat's CEO Evan Spiegel attempts to revive employee morale with philosophy, tactics and contrition as Snap's share price sinks to an all-time low of around $8 -- half its IPO price and a third of its peak. TechCrunch reports: "The biggest mistake we made with our redesign was compromising our core product value of being the fastest way to communicate," Spiegel stresses throughout the memo regarding "Project Cheetah." It's the chat that made Snapchat special, and burying it within a combined feed with Stories and failing to build a quick-loading Android app have had disastrous consequences. Spiegel shows great maturity here, admitting to impatient strategic moves and outlining a cohesive path forward. There's no talk of Snapchat ruling the social app world here. He seems to understand that's likely out of reach in the face of Instagram's competitive onslaught. Instead, Snapchat is satisfied if it can help us express ourselves while finally reaching even meager profitability.

Snapchat may be too perceived as a toy to win enough adults, too late to win back international markets from the Facebook empire and too copyable by good-enough alternatives to grow truly massive. But if Snap can follow the Spiegel game plan, it could carve out a sustainable market through a small but loyal audience who want to communicate through imagery. The report goes on to highlight nine of the most interesting takeaways from the memo and why they're important. They include: "Apologizing for rushing the redesign; Chat is king; Snapchat must beat Facebook as best friends; Discover soars as Facebook Watch and IGTV stumble; But Discover is a mess; Aging up to earn money; Finally prioritizing developing markets; Fresh ideas, separate apps; and The freedom of profitability.

Instagram is testing a feature that would allow it to share your location data with Facebook, regardless of whether you're using the app or not. Researcher Jane Manchun Wong says the option, which is being tested as a setting you have to opt-in to, allows Facebook products to "build and use a history of precise locations" which the company says "helps you explore what's around you, get more relevant ads and helps improve Facebook." The Verge reports: In a statement to TechCrunch, a spokesperson from Facebook confirmed that there was no guarantee the feature would see a wide release. "We often work on ideas that may evolve over time or ultimately not be tested or released. Instagram does not currently store Location History; we'll keep people updated with any changes to our location settings in the future."

Wong has a history of correctly identifying features like this before they're officially announced. She has previously leaked Facebook's dating application, Instagram's updated two-factor authentication, and Instagram's school bio feature. Facebook is also reportedly testing a map view to see friend's locations, similar to what's already offered by Snapchat. Instagram's data sharing could provide additional data points to power this functionality, while providing Facebook with more data to better target its ads.

TechCrunch's security editor, Zack Whittaker, analyzes Bloomberg's recent report that China infiltrated Apple, Amazon and others via a tiny microchip inserted into servers at the data centers associated with these companies. With Apple and Amazon refuting Bloomberg's claims, Whittaker talks about the "murky world of national security reporting" and the difficulties of reporting stories of this magnitude with anonymous sources. An anonymous reader shares an excerpt from his report: Today's bombshell Bloomberg story has the internet split: either the story is right, and reporters have uncovered one of the largest and jarring breaches of the U.S. tech industry by a foreign adversary or it's not, and a lot of people screwed up. Welcome to the murky world of national security reporting. I've covered cybersecurity and national security for about five years, most recently at CBS, where I reported exclusively on several stories -- including the U.S. government's covert efforts to force tech companies to hand over their source code in an effort to find vulnerabilities and conduct surveillance. And last year I revealed that the National Security Agency had its fifth data breach in as many years, and classified documents showed that a government data collection program was far wider than first thought and was collecting data on U.S. citizens. Even with this story, my gut is mixed.

Naturally, people are skeptical of this "spy chip" story. On one side you have Bloomberg's decades-long stellar reputation and reporting acumen, a thoroughly researched story citing more than a dozen sources -- some inside the government and out -- and presenting enough evidence to present a convincing case. On the other, the sources are anonymous -- likely because the information they shared wasn't theirs to share or it was classified, putting sources in risk of legal jeopardy. But that makes accountability difficult. No reporter wants to say "a source familiar with the matter" because it weakens the story. It's the reason reporters will tag names to spokespeople or officials so that it holds the powers accountable for their words. And, the denials from the companies themselves -- though transparently published in full by Bloomberg -- are not bulletproof in outright rejection of the story's claims. These statements go through legal counsel and are subject to government regulation. These statements become a counterbalance -- turning the story from an evidence-based report into a "he said, she said" situation. That puts the onus on the reader to judge Bloomberg's reporting. Reporters can publish the truth all they want, but ultimately it's down to the reader to believe it or not. Whittaker ends by saying "Bloomberg's delivery could have been better," and that they "missed an opportunity to be more open and transparent in how it came to the conclusions that it did."

"Journalism isn't proprietary," Whittaker writes. "It should be open to as many people as possible. If you're not transparent in how you report things, you lose readers' trust. That's where the story rests on shaky ground. Admittedly, as detailed and as well-sourced as the story is, you -- and I -- have to put a lot of trust and faith in Bloomberg and its reporters."

Bloomberg BusinessWeek published a story on Thursday which claimed that data center equipments run by Amazon Web Services and Apple were subject to surveillance from the Chinese government via a tiny microchip inserted during the equipment manufacturing process. Both Amazon and Apple have vehemently refuted Bloomberg's reporting. Bloomberg's reporters, who have spent more than a year on the story and have cited 17 sources for the claims they make in it, have doubled down. In a new story, the news outlet reports that Supermicro was the target of at least two additional forms of attack. This report claims that Facebook was aware of these attacks, too, which has confirmed it. From the story: The first of the other two prongs involved a Supermicro online portal that customers used to get critical software updates, and that was breached by China-based attackers in 2015. The problem, which was never made public, was identified after at least two Supermicro customers downloaded firmware -- software installed in hardware components -- meant to update their motherboards' network cards, key components that control communications between servers running in a data center. The code had been altered, allowing the attackers to secretly take over a server's communications, according to samples passed around at the time among a small group of Supermicro customers. One of these customers was Facebook.

"In 2015, we were made aware of malicious manipulation of software related to Supermicro hardware from industry partners through our threat intelligence industry sharing programs," Facebook said in an emailed statement. "While Facebook has purchased a limited number of Supermicro hardware for testing purposes confined to our labs, our investigations reveal that it has not been used in production, and we are in the process of removing them." The victims considered the faulty code a serious breach. Further reading: Bloomberg's spy chip story reveals the murky world of national security reporting.

An anonymous reader quotes a report from TechCrunch: Quantum computing represents tremendous promise to completely alter technology as we've known it, allowing operations that weren't previously possible with traditional computing. The downside of these powerful machines is that they could be strong enough to break conventional cryptography schemes. Today, BlackBerry announced a new quantum-resistant code signing service to help battle that possibility. The solution, which will be available next month, is actually the product of a partnership between BlackBerry and Isara Corporation, a company whose mission is to build quantum-safe security solutions. BlackBerry is using Isara's cryptographic libraries to help sign and protect code as security evolves.

"By adding the quantum-resistant code signing server to our cybersecurity tools, we will be able to address a major security concern for industries that rely on assets that will be in use for a long time. If your product, whether it's a car or critical piece of infrastructure, needs to be functional 10-15 years from now, you need to be concerned about quantum computing attacks," Charles Eagan, BlackBerry's chief technology officer, said in a statement. Some of the long-lived assets include aerospace equipment, connected cars, or transportation infrastructure -- basically anything that will still be in use several years from now when quantum computing attacks are expected to emerge.

An anonymous reader shares a report: It looks like Amazon's move to sell off its physical server business in China last year was because the unit had been compromised by a Chinese government spying program. That's according to a report from Bloomberg which details how the Chinese government infiltrated a number of U.S. companies by sneaking tiny chips onto motherboards from Supermicro. They then became part of servers deployed by the companies giving remote operatives potential access to data. It's a huge story that includes a comparatively small but important passage shedding light on Amazon's China deal last November -- the U.S. firm sold the physical server business to local partner Beijing Sinnet for 2 billion yuan, or around $300 million. That transaction initially sparked reports that AWS would exit China, but Amazon later clarified it planned to continue to operate its cloud services in China. Selling the physical server business, it said, was down to the fact that "Chinese law forbids non-Chinese companies from owning or operating certain technology for the provision of cloud services." While it is correct that China did introduce cybersecurity laws that placed restrictions on overseas firms and appeared to give the government unprecedented access to data, the Bloomberg report claims that Amazon's China-based servers were in fact offloaded because they were plagued with compromised servers.

An anonymous reader shares a report: It looks like Amazon's move to sell off its physical server business in China last year was because the unit had been compromised by a Chinese government spying program. That's according to a report from Bloomberg which details how the Chinese government infiltrated a number of U.S. companies by sneaking tiny chips onto motherboards from Supermicro. They then became part of servers deployed by the companies giving remote operatives potential access to data. It's a huge story that includes a comparatively small but important passage shedding light on Amazon's China deal last November -- the U.S. firm sold the physical server business to local partner Beijing Sinnet for 2 billion yuan, or around $300 million. That transaction initially sparked reports that AWS would exit China, but Amazon later clarified it planned to continue to operate its cloud services in China. Selling the physical server business, it said, was down to the fact that "Chinese law forbids non-Chinese companies from owning or operating certain technology for the provision of cloud services." While it is correct that China did introduce cybersecurity laws that placed restrictions on overseas firms and appeared to give the government unprecedented access to data, the Bloomberg report claims that Amazon's China-based servers were in fact offloaded because they were plagued with compromised servers.

According to The Wall Street Journal, Nintendo is planning to release a new version of its Switch gaming console next year (Warning: source may be paywalled; alternative source) "to maintain the sales momentum of the device," which is "no longer delivering the favorable surprises that marked the machine's first year on the market." From the report: Nintendo is still debating what new hardware and software features to include in the upgrade and weighing the cost of the features, people with knowledge of the discussions said. One option is improving the display, they said. The current Switch uses a lower-end liquid-crystal display without some technologies that are standard in more recent smartphone LCDs. Updating the display with these technologies would make it brighter, thinner and more energy-efficient. The updated Switch isn't expected to adopt the organic light-emitting diode or OLED panels used in Apple's iPhone X series. Nintendo is looking to release the new Switch in the latter half of 2019, perhaps as soon as summer, the people said. [...] The upgraded Switch would likely share many features with the current version and be compatible with existing Switch game software.

An anonymous reader quotes a report from TechCrunch: Facebook has said it's found "no evidence" that third-party apps were affected by the data breach it revealed last week. Hackers stole account access tokens on at least 50 million users by exploiting a chain of three vulnerabilities inadvertently introduced by Facebook last year. Another 40 million also may have been affected by the attack. Facebook revoked those tokens -- which keep users logged in when they enter their username and password -- forcing users to log back into the site again. But there was concern that third-party apps, sites and services that rely on Facebook to log in -- like Spotify, Tinder and Instagram -- also may have been affected, prompting companies that use Facebook Login to seek answers from the social networking giant. "We have now analyzed our logs for all third-party apps installed or logged during the attack we discovered last week,â said Guy Rosen, Facebook's vice president of product management, in a blog post. "That investigation has so far found no evidence that the attackers accessed any apps using Facebook Login. Any developer using our official Facebook SDKs -- and all those that have regularly checked the validity of their users' access tokens -- were automatically protected when we reset people's access tokens."

Furthermore, Rosen said that not all developers use Facebook's developer tools, so the social network is "building a tool to enable developers to manually identify the users of their apps who may have been affected, so that they can log them out."

Microsoft today announced that the Windows 10 October 2018 update is now available. While the update is fairly minor, it does offer a number of interesting new features. TechCrunch reports: The most interesting of these is probably the new "Your Phone" app, which allows you to text from your PC using an Android phone that also runs Microsoft's mobile companion app. In later iterations, that app will also sync notifications to your desktop, but for now, that's not an option. There also are tools for continuing your workflow as you switch from your phone to PC (or vice versa). These features work for iOS users, too. As far as syncing between devices goes, it's worth noting that the update also will allow you to share your clipboard between PCs.

Since everybody likes a dark mode these days, the Windows 10 File Explorer now also includes a dark theme. There's also a revamped search experience, as well as a new screenshot tool. While the release includes plenty of other tweaks, both in terms of functionality and design, the most anticipated feature, Sets, didn't make it into this release. Sets is probably the biggest change to the overall Windows user experience since the release of Windows 10, so maybe it's no surprise that Microsoft is trying to perfect this. And perfection takes a while. ZDNet has highlighted many of the "smaller" new features, such as the improved Windows search functionality, battery details for Bluetooth devices, and a built-in Clipboard manager that can sync clips across devices signed into the same Microsoft account.

Earlier this year, we heard rumors that Google was working on a game-streaming service. It looks like those rumors were true. From a report: The company today unveiled "Project Stream," and while Google calls this a "technical test" to see how well game streaming to Chrome works, it's clear that this is the foundational technology for a game-streaming service.

To sweeten the pot, Google is launching this test in partnership with Ubisoft and giving a limited number of players free access to Assassin's Creed Odyssey for the duration of the test. You can sign up for the test now; starting on October 5, Google will invite a limited number of participants to play the game for free in Chrome. As Google notes, the team wanted to work with a AAA title because that's obviously far more of a challenge than working with a less graphics-intense game. And for any game-streaming service to be playable, the latency has to be minimal and the graphics can't be worse than on a local machine.

HP announced Monday the Spectre Folio, a convertible laptop made of leather. From a report: Unveiled in an over-the-top press event in Manhattan today, that included such turns of phrase as "aluminum has become the gold standard," the device is a convertible laptop with a leather case. As HP put it at the event, "this isn't a PC that's wrapped in leather, it's a PC that's made of leather." So, what does that mean, exactly? Rather than covering the standard aluminum or plastic, the cow skin serves as both the chassis and hinge.

The laptop has a 13.3 inch pen-enabled touch screen and an Intel Core i5 or i7 processor inside. There's 16GB of RAM and up to 2TB of storage. The battery should get up to 18 hours of life on a charge, according to the company -- admittedly pretty solid. Price starts at $1,300 for the variant with the i5 processor.

"Recently, a privacy-oriented search engine called DuckDuckGo raised $10 million from a Canadian pension fund," reports Marketplace.org, saying the privacy-focused search engine is "trying to establish itself as the anti-Google." An anonymous reader quotes their report: "So it's like Google, except when you search on it, you're completely anonymous," said Gabriel Weinberg, CEO of the company. The searches are encrypted. The site knows where you are, but only while you're searching, and it doesn't store your personal information. "We serve you the search results and we throw away your personal information...so your IP address and things like that. And we don't actually store any cookies by default. And so when you search on DuckDuckGo, it's like every time you're a new user and we know nothing about you..." Weinberg said about a quarter of Americans have taken some action to protect their privacy, and DuckDuckGo searches have been growing about 50 percent a year.
"We are proud to have a profitable business model that doesn't rely on collecting personal data," the company tweeted in June, and this week they also shared a quote from a Harvard Business Review article that asked "How far can the surveillance economy go?"

"Most consumers are either unaware of the personal info they share online or, quite understandably, unable to determine the cost of sharing it -- if not both."

An anonymous reader quotes a report from TechCrunch: U.S. government investigators have lost a case to force Facebook to wiretap calls made over its Messenger app. A joint federal and state law enforcement effort investigating the MS-13 gang had pushed a district court to hold the social networking giant in contempt of court for refusing to permit real-time listening in on voice calls. According to sources speaking to Reuters, the judge later ruled in Facebook's favor -- although, because the case remains under seal, it's not known for what reason. The case, filed in a Fresno, Calif. district court, centers on alleged gang members accused of murder and other crimes. The government had been pushing to prosecute 16 suspected gang members, but are said to have leaned on Facebook to obtain further evidence.

Facebook shared the following security announcement Friday: On the afternoon of Tuesday, September 25, our engineering team discovered a security issue affecting almost 50 million accounts. We're taking this incredibly seriously and wanted to let everyone know what's happened and the immediate action we've taken to protect people's security. Our investigation is still in its early stages. But it's clear that attackers exploited a vulnerability in Facebook's code that impacted "View As", a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people's accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don't need to re-enter their password every time they use the app. Here is the action we have already taken.

First, we've fixed the vulnerability and informed law enforcement. Second, we have reset the access tokens of the almost 50 million accounts we know were affected to protect their security. We're also taking the precautionary step of resetting access tokens for another 40 million accounts that have been subject to a "View As" look-up in the last year. As a result, around 90 million people will now have to log back in to Facebook, or any of their apps that use Facebook Login. After they have logged back in, people will get a notification at the top of their News Feed explaining what happened. Third, we're temporarily turning off the "View As" feature while we conduct a thorough security review. The company added it has yet to determine whether these impacted accounts were misused or any information was accessed. Senator Mark Warner has issued a stern reprimand to Facebook over the security incident revelation today. "This is another sobering indicator that Congress needs to step up and take action to protect the privacy and security of social media users. As I've said before -- the era of the Wild West in social media is over," he wrote.

Support for Skype Classic 7.0 was slated to end this month, but has been delayed due to customer complaints. Now, according to an announcement today, Microsoft is going to officially end support in November. TechCrunch reports: The company is killing Skype 7 support on the desktop on November 1, following suit for mobile and tablets two weeks later on the 15th. The initial delay was motivated by vocal users unhappy by the changes brought on by Skype 8 in the name of simplification. One user went so far as to launch a Change.org petition asking Microsoft to "Keep the desktop version of Skype alive for professional users." The petition has since racked up in excess of 1,000 signatures, demanding the company keep enterprise features lost in the shuffle. "We're continuing to work on your most requested features," the company writes in an update to the original announcement. "Recently we launched call recording and have started to roll out the ability to search within a conversation. You'll soon be able to add phone numbers to existing contacts, have more control over your availability status, and more."

A group called the Bandwidth Alliance, being led by Cloudflare, promises to reduce the price of bandwidth for many cloud customers. "The overall idea here is that customers who use both Cloudflare, which is turning eight years old this week, and a cloud provider that's part of this alliance will get a significant discount on their egress traffic or won't have to pay for it at all," reports TechCrunch. From the report: The alliance is open, and others may join still, but right now it includes virtually every major and minor cloud provider you've ever heard of -- with one exception. Current members include Automattic, Backblaze, Digital Ocean, DreamHost, IBM Cloud, Linode, Google, Google Cloud, Microsoft Azure, Packet, Scaleway and Vapor. Some of these will now offer free egress traffic to mutual customers with Cloudflare, while others will offer at least a 75 percent discount.

Why would these businesses choose to do away with what's a minor but high-margin business, though? "The argument that we made to them was a pretty simple argument: it makes sense for you to charge for transit when you are actually paying for it," [Cloudflare CEO and co-founder Matthew Prince] said. Most of the time, though, those costs are very minor and Cloudflare, thanks to his massive number of global peering locations, can ingest the traffic directly from the cloud provider with no middlemen involved.

An anonymous reader shares a report: Whether you're trying to figure out how many students are attending your lectures or how many evil aliens have taken your Space Force brethren hostage, Wi-Fi can now be used to count them all. The system, created by researchers at UC Santa Barbara, uses a single Wi-Fi router outside of the room to measure attenuation and signal drops. From the release: "The transmitter sends a wireless signal whose received signal strength (RSSI) is measured by the receiver. Using only such received signal power measurements, the receiver estimates how many people are inside the room -- an estimate that closely matches the actual number. It is noteworthy that the researchers do not do any prior measurements or calibration in the area of interest; their approach has only a very short calibration phase that need not be done in the same area." This means that you could simply walk up to a wall and press a button to count, with a high degree of accuracy, how many people are walking around. The system can measure up to 20 people in its current form.

Another day, another hearing of tech giants in Congress. Wednesday's hearing at the Senate Commerce Committee with Apple, Amazon, Google and Twitter, alongside AT&T and Charter, marked the latest in a string of hearings in the past few months into all things tech: but mostly controversies embroiling the companies, from election meddling to transparency. This time, privacy was at the top of the agenda. The problem, lawmakers say, is that consumers have little of it. From a report: The hearing said that the U.S. was lagging behind Europe's new GDPR privacy rules and California's recently passed privacy law, which goes into effect in 2020, and lawmakers were edging toward introducing their own federal privacy law. AT&T, Apple, Charter and Google used their time in the Senate to call on lawmakers to introduce new federal privacy legislation. Tech companies spent the past year pushing back against the new state regulations, but have conceded that new privacy rules are inevitable. Now the companies realize that it's better to sit at the table to influence a federal privacy law than stand outside in the cold. In pushing for a new federal law, representatives from each company confirmed that they support the preemption of California's new rules -- something that critics oppose. AT&T's chief lawyer Len Cali said that a patchwork of state laws would be unworkable. Apple, too, agreed to support a privacy law, but noted as a company that doesn't hoard user data for advertising -- like Facebook and Google -- that any federal law would need to put a premium on protecting the consumer rather than helping companies make money. But Amazon's chief lawyer Andrew DeVore said that complying with privacy rules has "required us to divert significant resources to administrative tasks and away from invention."

Jon Russell, writing for TechCrunch: Mark Zuckerberg was quick to realize that Facebook, the largest social network in the world, doesn't have a monopoly on all users nor can it bank on holding its position as top dog forever. Thus he instituted a policy of buying up promising rivals and integrating them into the Facebook 'group' in a strategy designed to be a win-win for all. But by leaving Facebook in abrupt fashion this week, Kevin Systrom and Mike Krieger -- the founders of Instagram -- have shown that the social network's vision of letting acquired businesses operate independently simply isn't feasible. [...] The original idea is a best-of-both-worlds approach: a company's finances are infinitely secured and it can grow as needed inside the Facebook 'family,' with access to resources like engineering, marketing, admin, etc. That was also the plan for WhatsApp, but founding pair Jan Koum and Brian Acton managed four and three and a half years, respectively, at Facebook following their $19 billion acquisition in 2014. VR firm Oculus, another billion-dollar purchase, lost co-founders Palmer Lucky (political scandal) and Brendan Iribe (reshuffled) three years after its deal.

New submitter atxlakeshore writes: On Monday, ICANN-approved domain registrar Tierra.net turned off access to all Zoho domains, affecting 40 million customers worldwide. Zoho, a web-based office suite company, which provides customer relationship and invoicing services to small businesses, tweeted that the site was 'blocked' earlier in the day by Tierra.Net, which administers its domain name.

Zoho customers affected by the disruption reached out to the registrar's support chat and email. Tierra.net then discussed Zoho's account details with these third parties, claiming that phishing attempts were originating from Zoho's webmail service, and these attempts necessitated blocking the company's domains. Zoho is a privately held India-based competitor to Google's G Suite platform, and maintains US offices in Austin, Texas. The dispute has resulted in calls for censure from ICANN. In a series of tweets, Zoho CEO Sridhar Vembu said TierraNet blocked the domain without "ever notifying us of any issue." He also expressed frustrations at not being able to easily reach out to TierraNet executives.

Apple on Monday made available to the public macOS Mojave -- aka macOS 10.14, the latest major update to its desktop operating system. From a report: Though Mojave is substantially focused on under-the-hood improvements, it includes several major changes to the Mac's Finder, as well as a small collection of apps that were ported from iOS. On the Finder side, Apple has introduced a system-wide Dark Mode, which optionally reskins the entire user interface with black or dark gray elements. Dark Mode pairs up with Dynamic Desktop, which can automatically adjust certain desktop images in sync with time of day (morning, afternoon, and evening) changes. Minutes ahead of the release, Patrick Wardle, chief researcher officer at Digita Security, tweeted a video of an apparent privacy feature bypass that's designed to prevent apps from improperly accessing a user's personal data. From a report: For years, Macs have forced apps to ask for permission before accessing your contacts and calendar after some iOS apps were caught uploading private data. Apple said at its annual developer conference this year that it would expand the feature to include apps asking for permission to access the camera, microphone, email and backups. Wardle told TechCrunch that his findings are "not a universal bypass" of the feature, but that the bug could allow a malicious app to grab certain protected data, such as a user's contacts, when a user is logged in.

Soon after The Verge reported that Instagram was working on a reshare feature, the company said that the function is "not happening." It told The Verge and TechCrunch that it's neither building nor testing a regram feature. Engadget reports: The Verge reported on Thursday that Instagram appeared to be working on a way for users to easily share others' posts in their own feed. The feature would be housed in the menu situated in the upper right-hand corner of each post and would give users the option to "share to feed." A source familiar with the feature provided The Verge with screenshots of posts shared with the feature, which the site noted looked like was in very early stages of development.

Walmart is reportedly planning to send Oculus Go headsets to each of its nearly 5,000 stores so that more of its employees can get instruction more often. TechCrunch reports: The big box giant will begin sending four headsets to each Walmart supercenter and two headsets to each Neighborhood Market in the country. That may not necessarily seem like a ton to train a store full of employees, but at Walmart's scale that amounts to about 17,000 headsets being shipped by year's end. The move is the evolution of an announcement that the company made last year that it was working with STRIVR Labs to bring virtual reality training to its 200 "Walmart Academy" training centers. Those training sessions were done on PC-tethered Oculus Rifts, the move to Oculus Go headsets really showcases how much more simple standalone headset hardware is to set up and operate.

Credit rating giant Equifax has been issued with the maximum possible penalty by the UK's data protection agency for last year's massive data breach. From a report: Albeit, the fine is only 500,000 Pound (roughly $658,000) because the loss of customer data occurred when the UK's prior privacy regime was in force -- rather than the tough new data protection law, brought in via the EU's GDPR, which allows for maximum penalties of as much as 4% of a company's global turnover for the most serious data failures.

So, again, Equifax has managed to dodge worse consequences over the 2017 breach, despite the hack resulting from its own internal process failings after it failed to patch a server that was known to be vulnerable for months -- thereby giving hackers a soft-spot to attack and swipe data on 147 million consumers. Personal information that was lost or compromised in the 2017 Equifax breach included names and dates of birth, addresses, passwords, driving licence and financial details.