Longtime Slashdot reader SonicSpike shares a report from The Intercept: With the new version of Signal, you will no longer broadcast your phone number to everyone you send messages to by default, though you can choose to if you want. Your phone number will still be displayed to contacts who already have it stored in their phones. Going forward, however, when you start a new conversation on Signal, your number won't be shared at all: Contacts will just see the name you use when you set up your Signal profile. So even if your contact is using a custom Signal client, for example, they still won't be able to discover your phone number since the service will never tell it to them.

You also now have the option to set a username, which Signal lets you change whenever you want and delete when you don't want it anymore. Rather than directly storing your username as part of your account details, Signal stores a cryptographic hash of your username instead; Signal uses the Ristretto 25519 hashing algorithm, essentially storing a random block of data instead of usernames themselves. This is like how online services can confirm a user's password is valid without storing a copy of the actual password itself. "As far as we're aware, we're the only messaging platform that now has support for usernames that doesn't know everyone's usernames by default," said Josh Lund, a senior technologist at Signal. The move is yet another piece of the Signal ethos to keep as little data on hand as it can, lest the authorities try to intrude on the company. Whittaker explained, "We don't want to be forced to enumerate a directory of usernames." [...]

If Signal receives a subpoena demanding that they hand over all account data related to a user with a specific username that is currently active at the time that Signal looks it up, they would be able to link it to an account. That means Signal would turn over that user's phone number, along with the account creation date and the last connection date. Whittaker stressed that this is "a pretty narrow pipeline that is guarded viciously by ACLU lawyers," just to obtain a phone number based on a username. Signal, though, can't confirm how long a given username has been in use, how many other accounts have used it in the past, or anything else about it. If the Signal user briefly used a username and then deleted it, Signal wouldn't even be able to confirm that it was ever in use to begin with, much less which accounts had used it before.

In short, if you're worried about Signal handing over your phone number to law enforcement based on your username, you should only set a username when you want someone to contact you, and then delete it afterward. And each time, always set a different username. Likewise, if you want someone to contact you securely, you can send them your Signal link, and, as soon as they make contact, you can reset the link. If Signal receives a subpoena based on a link that was already reset, it will be impossible for them to look up which account it was associated with. If the subpoena demands that Signal turn over account information based on a phone number, rather than a username, Signal could be forced to hand over the cryptographic hash of the account's username, if a username is set. It would be difficult, however, for law enforcement to learn the actual username itself based on its hash. If they already suspect a username, they could use the hash to confirm that it's real. Otherwise, they would have to guess the username using password cracking techniques like dictionary attacks or rainbow tables.

According to the latest data from StatCounter, Linux's market share has reached 4.03% -- surging by an additional 1% in the last eight months. What's the reason behind this recent growth? "That's a good question," writes ZDNet's Steven Vaughan-Nichols. "While Windows is the king of the hill with 72.13% and MacOS comes in a distant second at 15.46%, it's clear that Linux is making progress." An anonymous Slashdot reader shares the five reasons why Vaughan-Nichols thinks it's growing: 1. Microsoft isn't that interested in Windows
If you think Microsoft is all about the desktop and Windows, think again. Microsoft's profits these days come from its Azure cloud and Software-as-a-Service (SaaS), Microsoft 365 in particular. Microsoft doesn't want you to buy Windows; the Redmond powerhouse wants you to subscribe to Windows 365 Cloud PC. And, by the way, you can run Windows 365 Cloud PC on Macs, Chromebooks, Android tablets, iPads, and, oh yes, Linux desktops.

2. Linux gaming, thanks to Steam, is also growing
Gaming has never been a strong suit for Linux, but Linux gamers are also a slowly growing group. I suspect that's because Steam, the most popular Linux gaming platform, also has the lion's share of the gaming distribution market

3. Users are finally figuring out that some Linux distros are easy to use
Even now, you'll find people who insist that Linux is hard to master. True, if you want to be a Linux power user, Linux will challenge you. But, if all you want to do is work and play, many Linux distributions are suitable for beginners. For example, Linux Mint is simple to use, and it's a great end-user operating system for everyone and anyone.

4. Finding and installing Linux desktop software is easier than ever
While some Linux purists dislike containerized application installation programs such as Flatpak, Snap, and AppImage, developers love them. Why? They make it simple to write applications for Linux that don't need to be tuned just right for all the numerous Linux distributions. For users, that means they get more programs to choose from, and they don't need to worry about finicky installation details.

5. The Linux desktop is growing in popularity in India
India is now the world's fifth-largest economy, and it's still growing. Do you know what else is growing in India? Desktop Linux. In India, Windows is still the number one operating system with 70.37%, but number two is Linux, with 15.23%. MacOS is way back in fourth place with 3.11%. I suspect this is the case because India's economy is largely based on technology. Where you find serious programmers, you find Linux users.

Longtime Slashdot reader jmv writes: After more than two years of work, Opus 1.5 is out. It brings many new features that can improve quality and the general audio experience through machine learning, while maintaining fully-compatibility with previous releases. See this release page demonstrating all the new features, including:

• Significant improvement to packet loss robustness using Deep Redundancy (DRED)
• Improved packet loss concealment through Deep PLC
• Low-bitrate speech quality enhancement down to 6 kb/s wideband
• Improved x86 (AVX2) and Arm (Neon) optimizations
• Support for 4th and 5th order ambisonics

Long-time Slashdot reader theodp writes: CACM [Communications of the ACM] Is Now Open Access," proclaims the Association for Computing Machinery (ACM) in its tear-down-this-CACM-paywall announcement. "More than six decades of CACM's renowned research articles, seminal papers, technical reports, commentaries, real-world practice, and news articles are now open to everyone, regardless of whether they are members of ACM or subscribe to the ACM Digital Library."

Ironically, clicking on Google search results for older CACM articles on Aaron Swartz currently returns page-not-found error messages and the CACM's own search can't find Aaron Swarz either, so perhaps there's some work that remains to be done with the transition to CACM's new website. ACM plans to open its entire archive of over 600,000 articles when its five-year transition to full Open Access is complete (January 2026 target date).
"They are right..." the site's editor-in-chief told Slashdot. "We need to get Google to reindex the new site ASAP."

Elon Musk has sued OpenAI, its co-founders Sam Altman and Greg Brockman and affiliated entities, alleging the ChatGPT makers have breached their original contractual agreements by pursuing profits instead of the non-profit's founding mission to develop AI that benefits humanity. TechCrunch: Musk, a co-founder and early backer of OpenAI, claims Altman and Brockman convinced him to help found and bankroll the startup in 2015 with promises it would be a non-profit focused on countering the competitive threat from Google. The founding agreement required OpenAI to make its technology "freely available" to the public, the lawsuit alleges.

The lawsuit, filed in a court in San Francisco late Thursday, says that OpenAI, the world's most valuable AI startup, has shifted to a for-profit model focused on commercializing its AGI research after partnering with Microsoft, the world's most valuable company that has invested about $13 billion into the startup. "In reality, however, OpenAI, Inc. has been transformed into a closed-source de facto subsidiary of the largest technology company in the world: Microsoft. Under its new board, it is not just developing but is actually refining an AGI to maximize profits for Microsoft, rather than for the benefit of humanity," the lawsuit adds. "This was a stark betrayal of the Founding Agreement."

An anonymous reader quotes an excerpt from a Wired article: In 2019, a government contractor and technologist named Mike Yeagley began making the rounds in Washington, DC. He had a blunt warning for anyone in the country's national security establishment who would listen: The US government had a Grindr problem. A popular dating and hookup app, Grindr relied on the GPS capabilities of modern smartphones to connect potential partners in the same city, neighborhood, or even building. The app can show how far away a potential partner is in real time, down to the foot. But to Yeagley, Grindr was something else: one of the tens of thousands of carelessly designed mobile phone apps that leaked massive amounts of data into the opaque world of online advertisers. That data, Yeagley knew, was easily accessible by anyone with a little technical know-how. So Yeagley -- a technology consultant then in his late forties who had worked in and around government projects nearly his entire career -- made a PowerPoint presentation and went out to demonstrate precisely how that data was a serious national security risk.

As he would explain in a succession of bland government conference rooms, Yeagley was able to access the geolocation data on Grindr users through a hidden but ubiquitous entry point: the digital advertising exchanges that serve up the little digital banner ads along the top of Grindr and nearly every other ad-supported mobile app and website. This was possible because of the way online ad space is sold, through near-instantaneous auctions in a process called real-time bidding. Those auctions were rife with surveillance potential. You know that ad that seems to follow you around the internet? It's tracking you in more ways than one. In some cases, it's making your precise location available in near-real time to both advertisers and people like Mike Yeagley, who specialized in obtaining unique data sets for government agencies.

Working with Grindr data, Yeagley began drawing geofences -- creating virtual boundaries in geographical data sets -- around buildings belonging to government agencies that do national security work. That allowed Yeagley to see what phones were in certain buildings at certain times, and where they went afterwards. He was looking for phones belonging to Grindr users who spent their daytime hours at government office buildings. If the device spent most workdays at the Pentagon, the FBI headquarters, or the National Geospatial-Intelligence Agency building at Fort Belvoir, for example, there was a good chance its owner worked for one of those agencies. Then he started looking at the movement of those phones through the Grindr data. When they weren't at their offices, where did they go? A small number of them had lingered at highway rest stops in the DC area at the same time and in proximity to other Grindr users -- sometimes during the workday and sometimes while in transit between government facilities. For other Grindr users, he could infer where they lived, see where they traveled, even guess at whom they were dating.

Intelligence agencies have a long and unfortunate history of trying to root out LGBTQ Americans from their workforce, but this wasn't Yeagley's intent. He didn't want anyone to get in trouble. No disciplinary actions were taken against any employee of the federal government based on Yeagley's presentation. His aim was to show that buried in the seemingly innocuous technical data that comes off every cell phone in the world is a rich story -- one that people might prefer to keep quiet. Or at the very least, not broadcast to the whole world. And that each of these intelligence and national security agencies had employees who were recklessly, if obliviously, broadcasting intimate details of their lives to anyone who knew where to look. As Yeagley showed, all that information was available for sale, for cheap. And it wasn't just Grindr, but rather any app that had access to a user's precise location -- other dating apps, weather apps, games. Yeagley chose Grindr because it happened to generate a particularly rich set of data and its user base might be uniquely vulnerable. The report goes into great detail about how intelligence and data analysis techniques, notably through a program called Locomotive developed by PlanetRisk, enabled the tracking of mobile devices associated with Russian President Vladimir Putin's entourage. By analyzing commercial adtech data, including precise geolocation information collected from mobile advertising bid requests, analysts were able to monitor the movements of phones that frequently accompanied Putin, indicating the locations and movements of his security personnel, aides, and support staff.

This capability underscored the surveillance potential of commercially available data, providing insights into the activities and security arrangements of high-profile individuals without directly compromising their personal devices.

Wikipedia has downgraded tech website CNET's reliability rating following extensive discussions among its editors regarding the impact of AI-generated content on the site's trustworthiness. "The decision reflects concerns over the reliability of articles found on the tech news outlet after it began publishing AI-generated stories in 2022," adds Ars Technica. Futurism first reported the news. From the report: Wikipedia maintains a page called "Reliable sources/Perennial sources" that includes a chart featuring news publications and their reliability ratings as viewed from Wikipedia's perspective. Shortly after the CNET news broke in January 2023, Wikipedia editors began a discussion thread on the Reliable Sources project page about the publication. "CNET, usually regarded as an ordinary tech RS [reliable source], has started experimentally running AI-generated articles, which are riddled with errors," wrote a Wikipedia editor named David Gerard. "So far the experiment is not going down well, as it shouldn't. I haven't found any yet, but any of these articles that make it into a Wikipedia article need to be removed." After other editors agreed in the discussion, they began the process of downgrading CNET's reliability rating.

As of this writing, Wikipedia's Perennial Sources list currently features three entries for CNET broken into three time periods: (1) before October 2020, when Wikipedia considered CNET a "generally reliable" source; (2) between October 2020 and present, when Wikipedia notes that the site was acquired by Red Ventures in October 2020, "leading to a deterioration in editorial standards" and saying there is no consensus about reliability; and (3) between November 2022 and January 2023, when Wikipedia considers CNET "generally unreliable" because the site began using an AI tool "to rapidly generate articles riddled with factual inaccuracies and affiliate links."

Futurism reports that the issue with CNET's AI-generated content also sparked a broader debate within the Wikipedia community about the reliability of sources owned by Red Ventures, such as Bankrate and CreditCards.com. Those sites published AI-generated content around the same period of time as CNET. The editors also criticized Red Ventures for not being forthcoming about where and how AI was being implemented, further eroding trust in the company's publications. This lack of transparency was a key factor in the decision to downgrade CNET's reliability rating. A CNET spokesperson said in a statement: "CNET is the world's largest provider of unbiased tech-focused news and advice. We have been trusted for nearly 30 years because of our rigorous editorial and product review standards. It is important to clarify that CNET is not actively using AI to create new content. While we have no specific plans to restart, any future initiatives would follow our public AI policy."

According to the Washington Post (paywalled), the FBI is using mobile push notification data to unmask people suspected of serious crimes, such as pedophilia, terrorism, and murder. Gizmodo reports: The Post did a little digging into court records and found evidence of at least 130 search warrants filed by the feds for push notification data in cases spanning 14 states. In those cases, FBI officials asked tech companies like Google, Apple, and Facebook to fork over data related to a suspect's mobile notifications, then used the data to implicate the suspect in criminal behavior linked to a particular app, even though many of those apps were supposedly anonymous communication platforms, like Wickr.

How exactly is this possible? Push notifications, which are provided by a mobile operating system provider, include embedded metadata that can be examined to understand the use of the mobile apps on a particular phone. Apps come laced with a quiet identifier, a "push token," which is stored on the corporate servers of a company like Apple or another phone manufacturer after a user signs up to use a particular app. Those tokens can later be used to identify the person using the app, based on the information associated with the device on which the app was downloaded. Even turning off push notifications on your device doesn't necessarily disable this feature, experts contend. [...]

If finding new ways to catch pedophiles and terrorists doesn't seem like the worst thing in the world, the Post article highlights the voices of critics who fear that this kind of mobile data could be used to track people who have not committed serious crimes -- like political activists or women seeking abortions in states where the procedure has been restricted.

A new satellite mission to track planet-warming emissions of methane gas is finally set to launch, now aided with AI technology to help build a global map of oil and gas infrastructure and surveil it for leaks [Editor's note: the link may be paywalled; alternative source]. From a report: The MethaneSAT satellite was announced by the Environmental Defense Fund six years ago as a way to monitor releases of methane, an invisible gas that researchers estimate is responsible for almost a third of the emissions-induced increase in global temperatures since the start of the industrial era. The satellite is now scheduled to blast into space in March aboard a rocket operated by Elon Musk's SpaceX. On Wednesday, Google said it would provide the AI computing capabilities required to crunch vast amounts of data produced by the orbiting methane monitor.

MethaneSAT is the latest example of how satellites are used to detect methane emissions from oil and gas facilities, which is more than 80 times more potent than carbon dioxide at trapping heat in the atmosphere over a 20-year timescale. Experts say reducing methane emissions is one of the most powerful short-term actions needed to address global warming. The International Energy Agency this year found the global energy industry was responsible for 135mn tonnes of methane emissions in 2022, only slightly below record high levels of 2019. Existing satellites have detected more than 500 "super-emitting" events in 2022 from oil and gas operations, the IEA said, with a further 100 such events at coal mines, which can release methane during or after operations.

An anonymous reader shares a report: Apple has argued for years that developers who don't want to abide by its rules for native iOS apps can always write web apps. It has done so in its platform guidelines, in congressional testimony, and in court. Web developers, for their part, maintain that Safari and its underlying WebKit engine still lack the technical capabilities to allow web apps to compete with native apps on iOS hardware. To this day, it's argued, the fruit cart's laggardly implementation of Push Notifications remains subpar.

The enforcement of Europe's Digital Markets Act was expected to change that -- to promote competition held back by gatekeepers. But Apple, in a policy change critics have called "malicious compliance," appears to be putting web apps at an even greater disadvantage under the guise of compliance with European law. In the second beta release of iOS 17.4, which incorporates code to accommodate Europe's Digital Markets Act, Progressive Web Apps (PWAs) have been demoted from standalone apps that use the whole screen to shortcuts that open within the default browser. This appears to solely affect users in the European Union, though your mileage may vary. Concerns about this demotion of PWAs surfaced earlier this month, with the release of the initial iOS 17.4 beta. As noted by Open Web Advocacy -- a group that has lobbied to make the web platform more capable -- "sites installed to the home screen failed to launch in their own top-level activities, opening in Safari instead."

The Federal Communications Commission said Thursday it is immediately outlawing scam robocalls featuring fake, AI-created voices, cracking down on so-called "deepfake" technology that experts say could undermine election security or supercharge fraud. From a report: The unanimous FCC vote extends anti-robocall rules to cover AI deepfake calls by recognizing those voices as "artificial" under a federal law governing telemarketing and robocalling. The FCC's move gives state attorneys general more legal tools to pursue illegal robocallers that use AI-generated voices to impersonate celebrities, politicians and close family members, the FCC said.

Mozilla, which manages the open-source Firefox browser, announced today that Mitchell Baker is stepping down as CEO to focus on AI and internet safety as chair of the nonprofit foundation. Laura Chambers, a Mozilla board member and entrepreneur with experience at Airbnb, PayPal, and eBay, will step in as interim CEO to run operations until a permanent replacement is found. Fortune: Baker, a Silicon Valley pioneer who co-founded the Mozilla Project, says it was her decision to step down as CEO, adding that the move is motivated by a sense of urgency over the current state of the internet and public trust. "We want to offer an alternative for people to have better products," says Baker, who wants to draw more attention to policies, products and processes to challenge business models built on fueling outrage. "What are the connections between this global malaise and how humans are engaging with each other and technology?"

Chambers says she plans to focus on building out new products that address growing privacy concerns while actively looking for a full-time CEO. Prior to being recruited to the Mozilla board three years ago, Chambers says she was feeling "pretty disillusioned" about society because of the influence of money in politics and the growing power of the tech giants. "I was confused about what to do and this felt like a genuine way to make an impact." Chambers says she won't be seeking a permanent CEO role because she plans to move back to Australia later this year for family reasons. "I think this is an example of Mozilla doing the right role modelling in how to manage a succession," says Chambers.