An anonymous reader quotes a report from Wired: Today at a hearing of the Colorado Senate Business, Labor, and Technology committee, lawmakers voted unanimously to move Colorado state bill SB26-090 -- titled Exempt Critical Infrastructure from Right to Repair -- out of committee and into the state senate and house for a vote. The bill modifies Colorado's Consumer Right to Repair Digital Electronic Equipment act, which was passed in 2024 and went into effect in January 2026. While the protections secured by that act are wide, the new SB26-090 bill aims to "exempt information technology equipment that is intended for use in critical infrastructure from Colorado's consumer right to repair laws."

The bill is supported by tech manufacturers like Cisco and IBM, according to lobbying disclosures. These are companies that have vested interests in manufacturing things like routers, server equipment, and computers and stand to profit if they can control who fixes their products and the tools, components, and software used to make those upgrades and repairs. They also cite cybersecurity concerns, saying that giving people access to the tools and systems they would need to repair a device could also enable bad actors to use those methods for nefarious means. (This is a common argument manufacturers make when opposing right-to-repair laws.)

[...] During the hearing, more than a dozen repair advocates spoke from organizations like Pirg, the Repair Association, and iFixit opposing the bill. YouTuber and repair advocate Louis Rossmann was there. The main problem, repair advocates say, is that the bill deliberately uses vague language to make the case for controlling who can fix their products. [...] The Colorado Labor and Technology committee advanced the bill, but it still needs to go through votes on the Colorado Senate and House floors before going into effect. Those votes may take place as early as next week. Regardless of how the bill goes in the state, it's likely that manufacturers will continue their push to alter or undo repair legislation in other states across the country. "The 'information technology' and 'critical infrastructure' thing is as cynical as you can possibly be about it," says Nathan Proctor, the leader of Pirg's US right-to-repair campaign. "It sounds scary to lawmakers, but it just means the internet."

The current wording of the bill "leaves it up to the manufacturers to determine which items they will need to provide repair tools and parts to owners and independent repairers and which ones they don't," says Danny Katz, executive director CoPIRG, the Colorado branch of the consumer advocate group Pirg. "This is a bad policy and would be a big step back for Coloradans' repair rights."

iFixit CEO Kyle Wiens said in the hearing: "There's a general principle in cybersecurity that obscurity is not security," iFixit CEO Kyle Wiens said in the hearing. "The money that's behind the scenes, that's what's driving the bill."

The Wall Street Journal shares the "wild behind-the-scenes story" of how the world's largest and most destructive botnet was uncovered and taken down, writes Slashdot reader sturgeon. "At times, the network known as Kimwolf included more than a million compromised home Android devices and digital photo frames -- enough DDoS firepower to disrupt internet traffic across the U.S. and beyond." From the report: Sitting in his dorm room at the Rochester Institute of Technology, Benjamin Brundage was closing in on a mystery that had even seasoned internet investigators baffled. A cat meme helped him crack the case. A growing network of hacked devices was launching the biggest cyberattacks ever seen on the internet. It had become the most powerful cyberweapon ever assembled, large enough to knock a state or even a small country offline. Investigators didn't know exactly who had built it -- or how. Brundage had been following the attacks, too -- and, in between classes, was conducting his own investigation. In September, the college senior started messaging online with an anonymous user who seemed to have insider knowledge.

As they chatted on Discord, a platform favored by videogamers, Brundage was eager to get more information, but he didn't want to come off as too serious and shut down the conversation. So every now and then he'd send a funny GIF to lighten the mood. Brundage was fluent in the memes, jokes and technical jargon popular with young gamers and hackers who are extremely online. "It was a bit of just asking over and over again and then like being a bit unserious," said Brundage. At one point, he asked for some technical details. He followed up with the cat meme: a six-second clip that showed a hand adjusting a necktie on a fluffy gray cat. Brundage didn't expect it to work, but he got the information. "It took me by surprise," he said.

Eventually the leaker hinted there was a new vulnerability on the internet. Brundage, who is 22, would learn it threatened tens of millions of consumers and as much as a quarter of the world's corporations. As he unraveled the mystery, he impressed veteran researchers with his findings -- including federal law enforcement, which took action against the network two weeks ago. Chad Seaman, a researcher at Akamai, joked at one point that the internet could go down if Brundage spent too much time on his exams.

Reuters reports that SpaceX has confidentially filed for a U.S. IPO, reportedly targeting a valuation above $1.75 trillion. Reuters reports: SpaceX puts more rockets in space than any other company and promises a chance to invest in humanity's return to the moon and attempt to colonize Mars. The company aspires to put artificial intelligence data centers in space, while running a lucrative satellite communications system that opens up much of the earth to the internet and is increasingly used in war. [...]

A public listing at a potential valuation of more than $1.75 trillion comes after SpaceX merged with Musk's artificial intelligence startup xAI in a deal that valued the rocket company at $1 trillion and the developer of the Grok chatbot at $250 billion. SpaceX is hosting an analyst day on April 21, encouraging research analysts to attend in person, [...]. The company is also offering analysts an optional visit to xAI's "Macrohard" data center site in Memphis, Tennessee, on April 23, and plans to hold a virtual session on May 4 to discuss financial models with banks' research analysts, the source said.

ZipNada writes: Two software researchers recently demonstrated how modern AI tools can reproduce entire open-source projects, creating proprietary versions that appear both functional and legally distinct. The partly-satirical demonstration shows how quickly artificial intelligence can blur long-standing boundaries between coding innovation, copyright law, and the open-source principles that underpin much of the modern internet.

In their presentation, Dylan Ayrey, founder of Truffle Security, and Mike Nolan, a software architect with the UN Development Program, introduced a tool they call malus.sh. For a small fee, the service can "recreate any open-source project," generating what its website describes as "legally distinct code with corporate-friendly licensing. No attribution. No copyleft. No problems." It's a test case in how intellectual property law -- still rooted in 19th-century precedent -- collides with 21st-century automation. Since the US Supreme Court's Baker v. Selden ruling, copyright has been understood to guard expression, not ideas.

That boundary gave rise to clean-room design, a method by which engineers reverse-engineer systems without accessing the original source code. Phoenix Technologies famously used the technique to build its version of the PC BIOS during the 1980s. Ayrey and Nolan's experiment shows how AI can perform a clean-room process in minutes rather than months. But faster doesn't necessarily mean fair. Traditional clean-room efforts required human teams to document and replicate functionality -- a process that demanded both legal oversight and significant labor. By contrast, an AI-mediated "clean room" can be invoked through a few prompts, raising questions about whether such replication still counts as fair use or independent creation.

An anonymous reader quotes a report from Reuters: Russia is going to further clamp down Virtual Private Networks (VPNs), which are used by millions of Russians to get around internet controls and censorship, Russia's digital minister said. In what has been cast by diplomats as Russia's "great crackdown," the authorities have repeatedly blocked mobile internet and jammed major messenger services while giving sweeping powers to cut off mass communications. "The task is reduce VPN usage," Digital Minister Maksut Shadayev said on state-backed messenger MAX late on Monday, adding that his ministry was trying to impose the limits with minimal impact on users. He said decisions had been taken to restrict access to a number of unidentified foreign platforms without giving details.

Apple unveiled new device-level age restrictions in the UK on Wednesday. "After downloading a new update, users will now have to confirm that they are 18 or older to access unrestricted features," reports Gizmodo.

"Users will be able to confirm their age with a credit card or by scanning an ID." For those underage or who have not confirmed their age, Apple will turn on Web Content Filter and Communication Safety, which will not only restrict access to certain apps or websites, but will also monitor messages, shared photo albums, AirDrop, and FaceTime calls for nudity. Apple didn't specify exactly which services and features are banned for under-18 users, but it will likely be in compliance with UK legislation...

The British government does not require Apple and other OS providers to institute device-level age checks, but it does restrict minor access to online pornography under the Online Safety Act, which passed in 2023. So far, that restriction has only been implemented at the website level, but UK officials have been worried about easy loopholes to evade the age restrictions, like VPNs.

The broader tech industry has been campaigning for some time to use device-level age checks instead in response to the rising tide of under-16 social media and internet bans around the world. Last month, in a landmark social media trial in California, Meta CEO Mark Zuckerberg also supported this idea, saying that conducting age verification "at the level of the phone is just a lot clearer than having every single app out there have to do this separately." Pornhub-operator Aylo had advocated for device-level restrictions in the UK as well, and even sent out letters to Apple, Google, and Microsoft in November asking for OS-level age verification...

The most obvious question: Could this be brought stateside?

Bell Labs "created many of the foundational innovations of the modern age," writes Jon Gertner, author of The Idea Factory: Bell Labs and the Great Age of American Innovation — from transistors and telecommunications satellites to Unix and the C programming language.

But what was the secret to its success? he asks in a new article for the Wall Street Journal. Start with its lucky arrival in a "problem-rich" environment, suggests Arno Penzias, winner of one of Bell Labs' 11 Nobel Prizes: It was Bell Labs' responsibility, in other words, to create technologies for designing, expanding and improving an unruly communications network of cables and microwave links and glass fibers. The Labs also had to figure out ways to create underwater conduits, as well as switching centers that could manage the growing number of customers and escalating amounts of data.... Money mattered, too. Being connected to AT&T, the largest company in the world, was an advantage. The Labs' budget was enormous, and accounting conventions allowed its parent company to make huge and continuing investments in R & D. The generous funding, moreover, allowed scientists and engineers to buy and build expensive equipment — for instance, anechoic chambers to create the world's quietest rooms...

The most fortunate part of Bell Labs' situation, however, was that in being attached to a monopoly it could partake in long-term thinking... Without competition nipping at its heels, Bell Labs engineers had the luxury of working out difficult ideas over decades. The first conceptualization of a cellular phone network, for instance, came out of the Labs in the late 1940s; it wasn't until the late 1970s that technicians began testing one in Chicago to gauge its potential. The challenge of deploying these technologies was immense. (The regulatory hurdles were formidable, too....)
The article also credits the visionary management of Mervin Kelly — who fortunately also "had access to funding in a decade when most executives and universities didn't" to hire the brightest people. (By the early 1980s Bell Labs employed about 25,000 researchers, technicians and support staff, with an annual budget of $2 billion — roughly $7 billion in today's dollars.) "The Labs' involvement in World War II suggested to Kelly that an exciting postwar era of electronics was approaching, but that the technical problems would be so complex that they required a mix of expertise — not just physicists, but material scientists, chemists, electrical engineers, circuitry experts and the like." At Bell Labs, Kelly would sometimes handpick teams and create such a mix, as was the case for the transistor invention in the late 1940s. He came to see innovation arising not from like-minded or similarly trained people conversing with each other, but from a friction of ideas and approaches. It meant hiring researchers who had different personalities and favored a range of experimental angles. It also meant personally designing a campus in Murray Hill where departments were spread apart, so that scientists and engineers would be forced to walk, mingle and engage in serendipitous conversations and debate ideas. Meanwhile, under Kelly, the Labs focused on hiring people who were deeply curious, not just smart. Kelly saw it as his professional duty to do far more than what was expected, with his laboratory and vast resources, to create new technologies...

The breakup of AT&T's monopoly, which led to a steady shrinking of Bell Labs' staff, budget and remit, shows us that no matter how forward looking your employees and managers may be, they will not necessarily see the future coming. It likewise suggests that technological progress is too unpredictable for one organization, no matter how powerful or smart, to control. Famously, Bell Labs managers didn't see value in the Arpanet, which eventually led to today's internet.

And yet, for at least five decades, Bell Labs created a blueprint for the global development of communications and electronics. In understanding why it did so, I tend to think its ultimate secret may be hiding in plain sight. The secret has to do with Bell Labs' structure — not only being connected to a fabulously profitable monopoly, but being connected to a company that could move theoretical and applied research into a huge manufacturing division that made telecom equipment (at Western Electric) and ultimately into a dynamic operating system (the AT&T network)... Scientists and engineers at the Labs understood their ideas would be implemented, if they passed muster, into the huge system its parent company was running.
Bell Labs racked up about 30,000 patents, according to the article, and celebrated its 100th anniversary last April.

It is now part of Finland-based Nokia.

"Emergency out-of-band fixes issued by enterprise IT giants Microsoft and Oracle have shone a spotlight on issues around both update cycles and patching," reports Computer Weekly: Microsoft's emergency update, KB5085516, addresses an issue that arose after installing the mandatory cumulative updates pushed live on Patch Tuesday earlier this month. According to Microsoft, it has since emerged that many users experienced problems signing into applications with a Microsoft account, seeing a "no internet" error message even though the device had a working connection. This had the effect of preventing access to multiple services and applications. It should be noted that organisations using Entra ID did not experience the issue.

But Microsoft's emergency patch comes just days after it doubled down on a commitment to software quality, reliability and stability. In a blog post published just 24 hours prior to the latest update, Pavan Davuluri of Microsoft's Windows Insider Program Team said updates should be "predictable and easy to plan around".
Michael Bell, founder/CEO of Suzu Labs tells Computer Weekly that Microsoft's patch for the sign-in bug follows "separate hotpatches for RRAS remote code execution flaws and a Bluetooth visibility bug. Three emergency fixes in eight days does not shout reliability era." Oracle's patch, meanwhile, addresses CVE-2026-21992, a remote code execution flaw in the REST:WebServices component of Oracle Identity Manager and the Web Services Security component of Oracle Web Services Manager in Oracle Fusion Middleware. It carries a CVSS score of 9.8 and can be exploited by an unauthenticated attacker with network access over HTTP.

The Wall Street Journal reports: Walking into his kitchen, Tim Yoder recoiled at a message on his refrigerator door: "Shop Samsung water filters." Yoder, a supply-chain manager in Chicago, owns a Samsung Electronics Family Hub fridge. He paid $1,400 for an appliance that came with a 32-inch screen on the door that allows him to control other Samsung gadgets, pull up recipes or stream music. But since last fall, it's been intermittently serving up ads, part of a pilot program being tested on some of Samsung's smart fridges sold in the U.S. The response? Not warm. "I guess this is another place for somebody to shove an ad in your face," said the 47-year-old Yoder, recalling the first time he noticed one...

The ads are only on certain Family Hub fridges that have screens and internet connectivity. They run as a rectangular banner at the bottom — part of a widget that also shows news, the weather and a calendar. Samsung declined to say how long the pilot might last or whether it would end. The firm recently unveiled a "Screens Everywhere" initiative that also includes washers, dryers and ovens.... Samsung launched the banner-type fridge ads that come as part of the widget via an October software update. In a footnote of a news release at the time, Samsung pledged to "serve contextual or non-personal ads" and respect data privacy. The banner ads can be turned off in settings.

Samsung said the purpose of the pilot is to explore whether ads relevant to home chores can be useful to owners, and that overall pushback has been negligible. The "turn-off" rate for the pilot ad program remains in the bottom single-digit range, it said... While owners can turn off the banner ads, doing so eliminates the widget altogether, a bummer for Brian Bosworth, a media-industry engineer who liked the feature. Bosworth thinks it's wrong to take away the new feature as a condition. Wanting to keep the widget but not the ads, the 49-year-old in Edgewater, Md., made sure his home router's ad-blocking software extended to his fridge. He hasn't seen another since.
One 27-year-old plans to return his refrigerator after the entire display "lit up with a full-screen ad for Apple TV's sci-fi show Pluribus," according to the article. The all-caps ad beckoned him "with an oft-used refrain directed at protagonist Carol Sturka: 'We're Sorry We Upset You, Carol.'"

Thanks to Slashdot reader fjo3 for sharing the article.

An anonymous reader quotes a report from Reuters: Iran-linked hackers have broken into FBI Director Kash Patel's personal email inbox, publishing photographs of the director and other documents to the internet, the hackers and the bureau said on Friday. On their website, the hacker group Handala Hack Team said Patel "will now find his name among the list of successfully hacked victims." The hackers published a series of personal photographs of Patel sniffing and smoking cigars, riding in an antique convertible, and making a face while taking a picture of himself in the mirror with a large bottle of rum.

The FBI confirmed that Patel's emails had been targeted. In a statement, bureau spokesman Ben Williamson said, "we have taken all necessary steps to mitigate potential risks associated with this activity" and that the data involved was "historical in nature and involves no government information." Handala, which presents itself as a group of pro-Palestinian vigilante hackers, is considered by Western researchers to be one of several personas used by Iranian government cyberintelligence units. [...] Alongside the photographs of Patel, the hackers published a sample of more than 300 emails, which appear to show a mix of personal and work correspondence dating between 2010 and 2019.

Apple reportedly has full access to customize Google's Gemini model, allowing it to distill smaller on-device AI models for Siri and other features that can run locally without an internet connection. MacRumors reports: The Information explains that Apple can ask the main Gemini model to perform a series of tasks that provide high-quality results, with a rundown of the reasoning process. Apple can feed the answers and reasoning information that it gets from Gemini to train smaller, cheaper models. With this process, the smaller models are able to learn the internal computations used by Gemini, producing efficient models that have Gemini-like performance but require less computing power.

Apple is also able to edit Gemini as needed to make sure that it responds to queries in a way that Apple wants, but Apple has been running into some issues because Gemini has been tuned for chatbot and coding applications, which doesn't always meet Apple's needs.

Longtime Slashdot reader JackSpratts writes: The Supreme Court unanimously said on Wednesday that a major internet provider could not be held liable for the piracy of thousands of songs online in a closely watched copyright clash. Music labels and publishers sued Cox Communications in 2018, saying the company had failed to cut off the internet connections of subscribers who had been repeatedly flagged for illegally downloading and distributing copyrighted music. At issue for the justices was whether providers like Cox could be held legally responsible and required to pay steep damages -- a billion dollars or more in Cox's case -- if they knew that customers were pirating music but did not take sufficient steps to terminate their internet access.

In its opinion released (PDF) on Wednesday, the court said a company was not liable for "merely providing a service to the general public with knowledge that it will be used by some to infringe copyrights." Writing for the court, Justice Clarence Thomas said a provider like Cox was liable "only if it intended that the provided service be used for infringement" and if it, for instance, "actively encourages infringement." Justice Sonia Sotomayor, joined by Justice Ketanji Brown Jackson, wrote separately to say that she agreed with the outcome but for different reasons. [...] Cox called the court's unanimous decision a "decisive victory" for the industry and for Americans who "depend on reliable internet service."

"This opinion affirms that internet service providers are not copyright police and should not be held liable for the actions of their customers," the company said.

A jury found Meta and YouTube negligent in a landmark social media addiction case, ruling that addictive design features such as infinite scroll and algorithmic recommendations harmed a young user and contributed to her mental health distress. The verdict awards $3 million in compensatory damages so far and could pave the way for more lawsuits seeking financial penalties and product changes across the social media industry. "Meta is responsible for 70 percent of that cost and YouTube for the remainder," notes The New York Times. "TikTok and Snap both settled with the plaintiff for undisclosed terms before the trial started." From the report: The bellwether case, which was brought by a now 20-year-old woman identified as K.G.M., had accused social media companies of creating products as addictive as cigarettes or digital casinos. K.G.M. sued Meta, which owns Instagram and Facebook, and Google's YouTube over features like infinite scroll and algorithmic recommendations that she claimed led to anxiety and depression.

The jury of seven women and five men will deliberate further to decide what further punitive damages the companies should pay for malice or fraud. The verdict in K.G.M.'s case -- one of thousands of lawsuits filed by teenagers, school districts and state attorneys general against Meta, YouTube, TikTok and Snap, which owns Snapchat -- was a major win for the plaintiffs. The finding validates a novel legal theory that social media sites or apps can cause personal injury. It is likely to factor into similar cases expected to go to trial this year, which could expose the internet giants to further financial damages and force changes to their products. The verdict also comes on the heels of a New Mexico jury ruling that found Meta liable for violating state law by failing to protect users of its apps from child predators.

An anonymous reader quotes a report from Ars Technica: A new hacking group has been rampaging the Internet in a persistent campaign that spreads a self-propagating and never-before-seen backdoor -- and curiously a data wiper that targets Iranian machines. The group, tracked under the name TeamPCP, first gained visibility in December, when researchers from security firm Flare observed it unleashing a worm that targeted cloud-hosted platforms that weren't properly secured. The objective was to build a distributed proxy and scanning infrastructure and then use it to compromise servers for exfiltrating data, deploying ransomware, conducting extortion, and mining cryptocurrency. The group is notable for its skill in large-scale automation and integration of well-known attack techniques.

More recently, TeamPCP has waged a relentless campaign that uses continuously evolving malware to bring ever more systems under its control. Late last week, it compromised virtually all versions of the widely used Trivy vulnerability scanner in a supply-chain attack after gaining privileged access to the GitHub account of Aqua Security, the Trivy creator. Over the weekend, researchers said they observed TeamPCP spreading potent malware that was also worm-enabled, meaning it had the potential to spread to new machines automatically, with no interaction required of victims behind the keyboard. [...]

As the weekend progressed, CanisterWorm [as Aikido has named the malware] was updated to add an additional payload: a wiper that targets machines exclusively in Iran. When the updated worm infects machines, it checks if the machine is in the Iranian timezone or is configured for use in that country. When either condition was met, the malware no longer activated the credential stealer and instead triggered a novel wiper that TeamPCP developers named Kamikaze. Eriksen said in an email that there's no indication yet that the worm caused actual damage to Iranian machines, but that there was "clear potential for large-scale impact if it achieves active spread." It's unclear what the motive is for TeamPCP. Aikido researcher Charlie Eriksen wrote: "While there may be an ideological component, it could just as easily be a deliberate attempt to draw attention to the group. Historically, TeamPCP has appeared to be financially motivated, but there are signs that visibility is becoming a goal in itself. By going after security tools and open-source projects, including Checkmarx as of today, they are sending a clear and deliberate signal."

New submitter the_skywise shares a report from Reuters: The U.S. Federal Communications Commission said on Monday it was banning the import of all new foreign-made consumer routers, the latest crackdown on Chinese-made electronic gear over security concerns. China is estimated to control at least 60% of the U.S. market for home routers, boxes that connect computers, phones, and smart devices to the internet. The FCC order does not impact the import or use of existing models, but will ban new ones.

The agency said a White House-convened review deemed imported routers pose "a severe cybersecurity risk that could be leveraged to immediately and severely disrupt U.S. critical infrastructure." It said malicious actors had exploited security gaps in foreign-made routers "to attack households, disrupt networks, enable espionage, and facilitate intellectual property theft," citing their role in major hacks like Volt and Salt Typhoon. The determination includes an exemption for routers the Pentagon deems do not pose unacceptable risks.

An anonymous reader quotes a report from Engadget: There could be one more step required before creating an account and posting on Reddit in the future. According to Reddit's CEO, Steve Huffman, the social media platform is exploring different ways to verify a user is human and not a bot. When asked by the TBPN podcast how to confirm that it's a human using Reddit, Huffman responded with several verification methods with varying degrees of heavy-handedness.

"The most lightweight way is with something like Face ID or Touch ID," Huffman said during the interview. "They actually require a human presence, like a human has to touch, or do or look at something, so that actually just proves there's a person there or gets you pretty far." Besides these passkey methods that use biometrics data, Huffman said there are other options like relying on third-party services that are decentralized or don't require ID. On the other end of the spectrum, Huffman also mentioned more burdensome options, like ID-checking services.

[...] "Part of our promise for our users is we don't know your name but we do want to know you're a person," Huffman said. "It'll be an evolution for us for a while, and probably every platform to find the right middle ground here." Reddit co-founder and former executive chair, Alexis Ohanian, said on X that Reddit requiring Face ID wasn't something he expected but agreed that something had to be done about the fake content from bots, adding that, "I just don't know how to sell face-scanning to Redditors or even lurkers." We reached out to Reddit's communications team and will update the story when we hear back. The Digg beta shut down earlier this month after failing to fight the overwhelming influx of AI-driven bots and spam. "The internet is now populated, in meaningful part, by sophisticated AI agents and automated accounts," said CEO Justin Mezzell. "We knew bots were part of the landscape, but we didn't appreciate the scale, sophistication, or speed at which they'd find us."

"We banned tens of thousands of accounts. We deployed internal tooling and industry-standard external vendors. None of it was enough. When you can't trust that the votes, the comments, and the engagement you're seeing are real, you've lost the foundation a community platform is built on."

A new bill proposed in California "goes after big tech companies" writes Semafor. Supported by Y Combinator, Cory Doctorow , and the nonprofit advocacy group Fight for the Future, it's called the "BASED" act — an acronym which stands for "Blocking Anticompetitive Self-preferencing by Entrenched Dominant platforms."

As announced by San Francisco state representative Scott Wiener, the bill "will restore competition to the digital marketplace by prohibiting any digital platform with a market capitalization greater than $1 trillion and serving 100 million or more monthly users in the U.S., from favoring their own products and services on the platforms they operate."

More from Scott Wiener;s announcement: For years, giant digital platforms like Apple, Amazon, Google, and Meta have used their immense power to promote their own products and services while stifling competitors — a practice also known as self-preferencing. The result has been higher prices, diminished service, and fewer options for consumers, and less innovation across the technology ecosystem.

Self-preferencing also locks startups and mid-sized companies out of the online marketplace unless they play by rules set by their competitors. As a new generation of AI-powered startups seeks to enter the marketplace, their success — and public access to the innovations they produce — depends on their ability to compete on an even playing field.

"Anticompetitive behavior is everywhere on the internet," said Senator Wiener, "from rigged search results, to manipulative nudges boosting the 'house' product, to anti-discount policies that raise prices, to the dreaded green bubble that 'breaks' the group chat. When the world's largest digital platforms rig the game to favor their own products and services, we all lose. By prohibiting these anticompetitive practices, the BASED Act will protect competition online, empower consumers and startups, and promote innovations to improve all our lives."
The announcement includes a quote from Teri Olle, VP of the nonprofit Economic Security California Action, saying the act would "safeguard merit-based market competition. This legislation stands for a simple principle: owning the stadium doesn't mean that you get to rig the game." Some conduct prohibited by the proposed bill includes

• Manipulating the order of search results to favor a provider's products or services, irrespective of a merit-based process,

• Using non-public data generated by third-party sellers — including sales volumes, pricing, and customer behavior — to develop competing products that are subsequently boosted above the third-party sellers' product...

And the announcement also notes that "under the terms of the bill, providers could not prevent consumers from obtaining a portable copy of their own data or restrict voluntary data sharing (by consumers) with third parties."

Read on for reactions from DuckDuckGo, Proton, Yelp, Y Combinator, and Cory Doctorow.

America's cable TV industry "is undergoing its most dramatic collapse in history," reports Cord Cutters News, "with operators large and small waving the white flag on traditional TV service and pointing their customers toward streaming platforms instead." Just in 2025 Comcast lost 1.25 million pay-TV subscribers (ending the year with just 11.3 million), while Charter Spectrum also lost hundreds of thousands of customers each quarter.

But "for smaller regional operators, who lack the scale and diversified revenue streams of giants like Comcast, those kinds of losses are simply unsurvivable," they write. And "the companies that once delivered hundreds of channels through coaxial cables are now either shutting down entirely or reinventing themselves as internet providers." Pay-TV subscriptions have plummeted from nearly 90% of U.S. households in the mid-2010s to roughly half by the end of 2025, resulting in billions in lost revenue and forcing many smaller operators to conclude that continuing linear TV services is no longer viable... [This year over U.S. 50 cable TV companies — primarily smaller and midsize providers — are "expected to cease operations entirely or shut down their television services," Cord Cutters News reported earlier.] YouTube TV's pricing is so competitive that the platform is projected to have close to 12.6 million subscribers by the end of 2026, positioning it to become the largest paid TV distributor in the United States. Exclusive content deals, such as YouTube TV's acquisition of NFL Sunday Ticket rights, have further eroded the value proposition of traditional cable at every level of the market... As older cable subscribers age out of the market, there is no new generation of customers waiting to replace them...

[Cable TV] operators like WOW! are betting that their physical infrastructure — now increasingly upgraded to fiber — is more valuable as an internet delivery system than as a cable TV platform. [WOW! serves customers across Michigan, Ohio, Illinois, and Alabama — but is "phasing out its proprietary streaming live TV service and directing all customers toward YouTube TV," the article notes.] Industry observers see this as part of a broader trend: operators shedding unprofitable video segments to focus on broadband, where returns and network investments are prioritized.

By the end of 2026, non-pay-TV households are expected to surge to 80.7 million, outnumbering traditional pay-TV subscribers at 54.3 million — a milestone that would have seemed unthinkable just a decade ago. For the cable companies still standing, the math is now inescapable: the era of the cable bundle is ending, and the only real question left is how gracefully each operator manages its exit.

"Imagine a newspaper publisher announcing it will no longer allow libraries to keep copies of its paper," writes EFF senior policy analyst Joe Mullin.

"That's effectively what's begun happening online in the last few months." The Internet Archive — the world's largest digital library — has preserved newspapers since it went online in the mid-1990s... But in recent months The New York Times began blocking the Archive from crawling its website, using technical measures that go beyond the web's traditional robots.txt rules. That risks cutting off a record that historians and journalists have relied on for decades. Other newspapers, including The Guardian, seem to be following suit...

The Times says the move is driven by concerns about AI companies scraping news content. Publishers seek control over how their work is used, and several — including the Times — are now suing AI companies over whether training models on copyrighted material violates the law. There's a strong case that such training is fair use. Whatever the outcome of those lawsuits, blocking nonprofit archivists is the wrong response.

Organizations like the Internet Archive are not building commercial AI systems. They are preserving a record of our history. Turning off that preservation in an effort to control AI access could essentially torch decades of historical documentation over a fight that libraries like the Archive didn't start, and didn't ask for. If publishers shut the Archive out, they aren't just limiting bots. They're erasing the historical record...

Even if courts place limits on AI training, the law protecting search and web archiving is already well established... There are real disputes over AI training that must be resolved in courts. But sacrificing the public record to fight those battles would be a profound, and possibly irreversible, mistake.

13 million people live in Moscow, reports CNN.

But since early March the city "has experienced internet and mobile service outages on a level previously unseen." (Though Wi-Fi access to the internet is still available...) Russian social media "is flooded with jokes and memes about sending letters by carrier pigeons or using smartphones as ping-pong paddles..." [Moscow residents] complain they cannot navigate around the center or use their favorite mobile apps. The interruptions appear to have had a knock-on effect of making it more difficult to make voice calls or send an SMS. Some are panic-buying walkie-talkies, paper maps, and even pagers.

The latest shutdown builds on similar efforts around the country. For months, mobile internet service interruptions have hit Russia's regions, particularly in provinces bordering Ukraine, which has staged incursions and launched strikes inside Russian territory to counter Russia's full-scale invasion. Some regions have reported not having any mobile internet since summer. But the most recent outages have hit the country's main centers of wealth and power: Moscow and Russia's second city, St. Petersburg.

Public officials claim the blackout of mobile internet service in the capital and other regions is part of a security effort to counter "increasingly sophisticated methods" of Ukrainian attack... Speculation centers on whether the authorities are testing their ability to clamp down on public protest in the case there's an effort to reintroduce unpopular mobilization measures to find fresh manpower for the war in Ukraine; whether mobile internet outages may precede a more sweeping digital blackout; or if the new restrictions reflect an atmosphere of heightened fear and paranoia inside the Kremlin as it watches US-led regime- change efforts unfold against Russian allies such as Venezuela and Iran... On Wednesday, Russian mobile providers sent notifications that there would be "temporary restrictions" on mobile internet in parts of Moscow for security reasons, Russian state news agency RIA-Novosti reported. The measures will last "for as long as additional measures are needed to ensure the safety of our citizens," Kremlin spokesman Dmitry Peskov said on March 11...

As well as banning many social media platforms, Russia blocks calling features on messenger apps such as WhatsApp and Telegram. Roskomnadzor, the country's communications regulator, has introduced a "white list" of approved apps... Russia has also tested what it calls the "sovereign internet," a network that is effectively firewalled from the rest of the world. The disruptions are fueling broader concerns about tightening state control. In parallel with the internet shutdown, the Kremlin has also been pushing to impose a state-controlled messaging app called Max as the country's main portal for state services, payments and everyday communication. There has been speculation the Kremlin may be planning to ban Telegram, Russia's most widely used messaging app, entirely. Roskomnadzor said that it was restricting Telegram for allegedly failing to comply with Russian laws.

"Russia has opened a criminal case against me for 'aiding terrorism,'" Telegram's Russian-born founder Pavel Durov said on X last month. "Each day, the authorities fabricate new pretexts to restrict Russians' access to Telegram as they seek to suppress the right to privacy and free speech...."
The article includes this quote from Mikhail Klimarev, head of the Internet Protection Society and an expert on Russian internet freedom. "In any situation when they (the authorities) perceive some kind of danger for themselves and accept the belief that the internet is dangerous for them, even if it may not be true, they will shut it down," he said. "Just like in Iran."