Most people in the poorest countries will need to wait another two years before they are vaccinated against COVID-19, researchers have told Nature. From a report: Around 11 billion doses are needed to fully vaccinate 70% of the world's population against COVID-19. As of 4 July, 3.2 billion doses had been administered. At the current vaccination rate, this will increase to around six billion doses by the end of the year, researchers from the International Monetary Fund, based in Washington DC, project. But so far, more than 80% of the doses have gone to people in high-income and upper-middle-income countries. Only 1% of people in low-income countries have been given at least one dose, according to the website Our World in Data.

Last month, the leaders of the G7 group of wealthy nations pledged extra doses for low- and middle-income countries (LMICs) by the end of 2022, at a summit in Cornwall, UK. The centrepiece was a promise from US President Joe Biden to donate 500 million doses of the vaccine made by pharmaceutical company Pfizer of New York City and biotechnology company BioNTech in Mainz, Germany. This is in addition to 87.5 million previously pledged. The United Kingdom pledged 100 million, and France, Germany and Japan have pledged around 30 million each.

Amazon founder Jeff Bezos stepped down as CEO on Monday, handing over the reins as the company navigates the challenges of a world fighting to emerge from the coronavirus pandemic. From a report: Andy Jassy, who ran Amazon's cloud-computing business, replaced Bezos, a change the company announced in February. Bezos, Amazon's biggest shareholder with a stake worth about $180 billion, will still hold sway over the company he started out of his Seattle garage in 1995. He takes over the role of executive chair, with plans to focus on new products and initiatives. Jassy takes the helm of a $1.7 trillion company that benefited greatly from the pandemic, more than tripling its profits in the first quarter of 2021 and posting record revenue as customers grew ever more dependent on online shopping. At the same time, Amazon faces activism from a restive workforce just as a rapid economic recovery causes a labor crunch that has retailers, manufacturers and other companies competing for workers with higher wages and other benefits. The company defeated an attempt by workers to unionize at an Alabama warehouse earlier this year, but faces a more formidable challenge as the International Brotherhood of Teamsters launches a broader effort to unionize Amazon workers.

Anyone deciding to download the free and open-source audio editor Audacity is being warned that the software may now be classified as spyware due to recent updates to its privacy policy. From a report: Audacity has been around for over 21 years and classes as the world's most popular audio editing software. On April 30, the Muse Group acquired Audacity with the promise that the software would "remain forever free and open source." However, as FOSS Post reports, last week the Audacity privacy policy page was updated and introduced a number of personal data collection clauses. The data collected includes OS version and name, user country based on IP address, the CPU being used, data related to Audacity error codes and crash reports, and finally "Data necessary for law enforcement, litigation and authorities' requests (if any)." The personal data collected can be shared with Muse Group employees, auditors, advisors, legal representatives and "similar agents," potential company buyers, and "any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, or (ii) to exercise, establish or defend our legal rights."

The hackers who have claimed responsibility for an international ransomware outbreak have lowered their asking price in a private conversation with a cybersecurity expert, something he said may be a sign the group was having trouble monetizing their massive breach. From a report: The REvil ransomware gang, also known as Sodinokibi, is publicly demanding $70 million to restore the data it's holding ransom after their data-scrambling software affected hundreds of small and medium businesses across a dozen countries - including schools in New Zealand and supermarkets in Sweden. But in a conversation with Jack Cable of the cybersecurity-focused Krebs Stamos Group, one of the gang's affiliates said he could sell a "universal decryptor" for all the victims for $50 million. Cable told Reuters he managed to get through to the hackers after obtaining a cryptographic key needed to log on to the group's payment portal. Reuters was subsequently able to log on to the payment portal and chat with an operator who said the price was unchanged at $70 million "but we are always ready to negotiate."

A shortage of drivers in the U.S. is propelling prices for Uber and Lyft rides to record highs and pushing the services to rethink how they attract gig workers. From a report: Uber and Lyft are pouring millions of dollars into incentives for drivers to return, a short-term fix that has helped alleviate the scarcity and tempered fare increases in some areas but that has also raised the companies' costs. The labor crunch isn't projected to end anytime soon. Some analysts expect the problem will persist through the third quarter, pressuring Uber and Lyft to deal with shifting dynamics of gig labor that they acknowledge will require long-term solutions.

Executives say the model they built their businesses on -- luring riders with deep discounts and then incentivizing drivers to provide those rides -- can't be the model that sustains them. "This is a moment of deep introspection and reflection for a company like ours to pause and say, 'How do we make the proposition for drivers more attractive longer term?" said Carrol Chang, Uber's chief of driver operations for the U.S. and Canada. "It is absolutely a reckoning," she said. Ms. Chang's team, tasked with managing the shortage for Uber, is in talks to fund education and career-building programs for drivers. Lyft is exploring a new partnership aimed at reducing drivers' expenses, which could involve sizable discounts on gas or insurance or help with buying vehicles, according to a person familiar with its plans. Both companies recently began emailing drivers more insights into earnings opportunities, previously a black box for them.

It's far from a done deal, but plans by European physicists to build a huge new gravitational wave observatory with a radical design received a boost last week. From a report: The European Strategy Forum on Research Infrastructures (ESFRI), which advises European governments on research priorities, added the $2.25 billion observatory, called the Einstein Telescope, to a road map of large science projects ripe for progress. Developers hope the move will give them the political validation needed to transform the Einstein Telescope idea into a project. "This isn't a promise of any funding, but it shows the clear intention to pursue this," says Harald Luck, a gravitational wave physicist at Leibniz University Hannover and the Max Planck Institute for Gravitational Physics and co-chair of the Einstein Telescope steering committee. âoeIt is more of a political commitment."

U.S. gravitational wave physicists welcomed the announcement, too, as they think it may bolster their plans to build a pair of detectors even bigger than the Einstein Telescope in a project called Cosmic Explorer. "In the U.S., I think the momentum is going to start to build," says David Reitze, executive director of the Laser Interferometer Gravitational-Wave Observatory (LIGO) and a physicist at the California Institute of Technology.

Facebook, Twitter, and Alphabet's Google have privately warned the Hong Kong government that they could stop offering their services in the city if authorities proceed with planned changes to data-protection laws that could make them liable for the malicious sharing of individuals' information online. From a report: A letter sent by an industry group that includes the internet firms said companies are concerned that the planned rules to address doxing could put their staff at risk of criminal investigations or prosecutions related to what the firms' users post online. Doxing refers to the practice of putting people's personal information online so they can be harassed by others. Hong Kong's Constitutional and Mainland Affairs Bureau in May proposed amendments to the city's data-protection laws that it said were needed to combat doxing, a practice that was prevalent during 2019 protests in the city. The proposals call for punishments of up to 1 million Hong Kong dollars, the equivalent of about $128,800, and up to five years' imprisonment. "The only way to avoid these sanctions for technology companies would be to refrain from investing and offering the services in Hong Kong," said the previously unreported June 25 letter [PDF] from the Singapore-based Asia Internet Coalition, which was reviewed by The Wall Street Journal.

Endurance22 will launch early next year with aim of locating and surveying wreck in the Weddell Sea. From a report: The location of Sir Ernest Shackleton's Endurance has been one of the great maritime mysteries since the ship became trapped in ice and sank in 1915. Finding this symbol of the "heroic age" of polar exploration at the bottom of the Weddell Sea was long thought impossible because of the harshness of the Antarctic environment -- "the evil conditions," as Shackleton described them. Now a major scientific expedition, announced on Monday, is being planned with a mission to locate, survey and film the wreck. Endurance22 will launch early next year, in a vessel that will brave the most treacherous frozen waters, pounding its way through miles of pack ice. The effects of climate change will make the expedition a little less difficult, with melting ice easing the vessel's passage. An international team of scientists with expertise in the study of ice and climate will be onboard, advancing knowledge of the Antarctic environment.

Mensun Bound, its director of exploration, headed the 2019 search for the Endurance that had to be called off because of extreme weather conditions, after an underwater vehicle became trapped beneath the ice. He told the Guardian: "There's a complexity of emotions all swishing around within me. On the one hand, there's great excitement. On the other, for the last three years, I've had to carry this persistent sadness in me that we didn't find it last time. It's never far from my thoughts. That ship is always teasing my imagination." Bound said global warming in the Antarctic is "absolutely devastating," but that the melting ice "has improved our chances" of discovering the shipwreck.

China has ordered app-store operators to remove the app of Didi from their stores, the latest as tension escalates between the nation's largest ride-hailing giant and local regulators. From a report: The app has disappeared from several stores including Apple's App Store in China, TechCrunch can confirm. The nation's cyberspace administration, which unveiled the order on Sunday, said Didi was illegally collecting users' personal data. The ride-hailing giant, which counts Apple, SoftBank, and Tencent and Uber among its investors and filed for an IPO late last month, has been ordered to make changes to comply with Chinese data protection rules. The move comes after the Chinese internet watchdog announced a probe into Didi over "national security" concerns earlier this week. Didi raised at least $4 billion this week after the New York Stock Exchange debut in one of the largest U.S. IPOs. In a statement, Didi said it had removed its app from various app stores and begun the "corrections." It also said it had halted new user registrations on Saturday. For existing users, the Didi app remains operational.

Sweden's financial watchdog said on Monday it was investigating payments firm Klarna over a potential breach of banking secrecy laws in connection with an IT incident at the firm in May. From a report: For a 30 minute period on May 27, Klarna customers were shown other users' data - a digital mishap which the firm, in a statement on June 4, blamed on human error. "(We) will investigate whether Klarna has violated bank secrecy in connection with an IT incident in May where the bank's customers were able to access information about each other for a limited time," Sweden's Finansinspektionen said in a statement. A spokesperson for Klarna told Reuters that the probe, "was very much expected as part of our regular dialogue with the Swedish FSA and as always we approach this with full cooperation and transparency."

An anonymous reader shares a report: If you receive emails flagged as spam or see a warning that a message might be a phishing attempt, it's a sign that your email provider is scanning your emails. The company may do that just to protect you from danger, but in some situations it can delve into your communications for other purposes, as well. Google announced that it would stop scanning Gmail users' email messages for ad targeting in 2017 -- but that doesn't mean it stopped scanning them altogether. Verizon didn't respond to requests for comments about Yahoo and AOL's current practices, but in 2018 the Wall Street Journal reported that both email providers were scanning emails for advertising. And Microsoft scans its Outlook users' emails for malicious content. Here's what major email providers say about why they currently scan users' messages.

Email providers can scan for spam and malicious links and attachments, often looking for patterns. [...] You may see lots of ads in your email inbox, but that doesn't necessarily mean your email provider is using the content of your messages to target you with marketing messages. For instance, like Google, Microsoft says that it refrains from using your email content for ad targeting. But it does target ads to consumers in Outlook, along with MSN, and other websites and apps. The data to do that come from partnering with third-party providers, plus your browsing activity and search history on Bing and Microsoft Edge, as well as information you've given the company, such as your gender, country, and date of birth.

[...] If you're using an email account provided by your employer, an administrator with qualifying credentials can typically access all your incoming and outgoing emails on that account, as well as any documents you create using your work account or that you receive in your work account. This allows companies to review emails as part of internal investigations and access their materials after an employee leaves the company. [...] Law enforcement can request access to emails, though warrants, court orders, or subpoenas may be required. Email providers may reject requests that don't satisfy applicable laws, and may narrow requests that ask for too much information. They may also object to producing information altogether.

Long-time Slashdot reader BigVig209 shares a Chicago Tribune report "on how suburban police departments in the Chicago area use license plate cameras as a crime-fighting tool." Critics of the cameras note that only a tiny percentage of the billions of plates photographed lead to an arrest, and that the cameras generally haven't been shown to prevent crime. More importantly they say the devices are unregulated, track innocent people and can be misused to invade drivers' privacy. The controversy comes as suburban police departments continue to expand the use of the cameras to combat rising crime. Law enforcement officials say they are taking steps to safeguard the data. But privacy advocates say the state should pass a law to ensure against improper use of a nationwide surveillance system operated by private companies.

Across the Chicago area, one survey by the nonprofit watchdog group Muckrock found 88 cameras used by more than two dozen police agencies. In response to a surge in shootings, after much delay, state police are taking steps to add the cameras to area expressways. In the northwest suburbs, Vernon Hills and Niles are among several departments that have added license plate cameras recently. The city of Chicago has ordered more than 200 cameras for its squad cars. In Indiana, the city of Hammond has taken steps to record nearly every vehicle that comes into town.

Not all police like the devices. In the southwest suburbs, Darien and La Grange had issues in years past with the cameras making false readings, and some officers stopped using them...

Homeowner associations may also tie their cameras into the systems, which is what led to the arrest in Vernon Hills. One of the leading sellers of such cameras, Vigilant Solutions, a part of Chicago-based Motorola Solutions, has collected billions of license plate numbers in its National Vehicle Location Service. The database shares information from thousands of police agencies, and can be used to find cars across the country... Then there is the potential for abuse by police. One investigation found that officers nationwide misused agency databases hundreds of times, to check on ex-girlfriends, romantic rivals, or perceived enemies. To address those concerns, 16 states have passed laws restricting the use of the cameras.
The article cites an EFF survey which found 99.5% of scanned plates weren't under suspicion — "and that police shared their data with an average of 160 other agencies."

"Two big concerns the American Civil Liberties Union has always had about the cameras are that the information can be used to track the movements of the general population, and often is sold by operators to third parties like credit and insurance companies."

India's CNN-News18 reports: [P]revious research has found that how cells pick a particular repair strategy can be influenced by the microgravity conditions in space. Scientists are concerned that DNA repairs influenced by microgravity conditions may not be adequate, and can lead to harmful consequences. To study the DNA repair process in space, scientists have developed a new technique that uses CRISPR/Cas9 — a gene-editing technology — to recreate precise damages so that cells can be observed repairing them. The team of researchers led by Sarah Stahl-Rommel has successfully demonstrated the technique and its viability aboard the International Space Station.
"CRISPR gene editing is no longer confined to Earth," reports Engadget: The new approach clears the way for other research around DNA repair in space. With enough work, the scientists hope they can replicate the genetic damage from ionizing radiation, not to mention other effects from long-term spaceflight. That, in turn, could help NASA and other agencies develop technology that shields astronauts and makes deep space exploration practical. There's a chance CRISPR might play an important role in getting humans to Mars and beyond.

It's now being called "the single biggest global ransomware attack on record," with thousands of victims in at least 17 different countries breached with ransomware Friday, reports the Associated Press, citing new details provided by cybersecurity researchers.

An affiliate of the Russia-linked gang REvil deployed the ransomware "largely through firms that remotely manage IT infrastructure for multiple customers." A broad array of businesses and public agencies were hit by the latest attack, apparently on all continents, including in financial services, travel and leisure and the public sector — though few large companies, the cybersecurity firm Sophos reported... The Swedish grocery chain Coop said most of its 800 stores would be closed for a second day Sunday because their cash register software supplier was crippled. A Swedish pharmacy chain, gas station chain, the state railway and public broadcaster SVT were also hit. In Germany, an unnamed IT services company told authorities several thousand of its customers were compromised, the news agency dpa reported...

CEO Fred Voccola of the breached software company, Kaseya, estimated the victim number in the low thousands, mostly small businesses like "dental practices, architecture firms, plastic surgery centers, libraries, things like that." Voccola said in an interview that only between 50-60 of the company's 37,000 customers were compromised. But 70% were managed service providers who use the company's hacked VSA software to manage multiple customers. It automates the installation of software and security updates and manages backups and other vital tasks...

Dutch researchers said they alerted Miami-based Kaseya to the breach and said the criminals used a "zero day," the industry term for a previously unknown security hole in software. Voccola would not confirm that or offer details of the breach — except to say that it was not phishing. "The level of sophistication here was extraordinary," he said. When the cybersecurity firm Mandiant finishes its investigation, Voccola said he is confident it will show that the criminals didn't just violate Kaseya code in breaking into his network but also exploited vulnerabilities in third-party software...

Kaseya, which called on customers Friday to shut down their VSA servers immediately, said Sunday it hoped to have a patch in the next few days.
The attacks may have been timed to exploit America's three-day weekend celebrating the nation's founding, according to experts interviewed by the Associated Press. America's National Security advisor is now urging all who believed they were compromised to alert the FBI.

"The attack comes less than a month after Biden pressed Russian President Vladimir Putin to stop providing safe haven to REvil and other ransomware gangs whose unrelenting extortionary attacks the U.S. deems a national security threat."

UPDATE: Bleeping Computer notes the exploited vulnerability "had been previously disclosed to Kaseya by security researchers from the Dutch Institute for Vulnerability Disclosure (DIVD), and Kaseya was validating the patch before they rolled it out to customers."

In a statement today, DIVD posted that "During the last 48 hours, the number of Kaseya VSA instances that are reachable from the internet has dropped from over 2,200 to less than 140 in our last scan today... A good demonstration of how a cooperative network of security-minded organizations can be very effective during a nasty crisis."

"Make America weird again," quipped CNBC, describing Mark Zuckerberg's Instagram post today commemorating America's national Independence Day holiday MarketWatch explains: Yes, that's the Facebook Inc. chief executive wakeboarding while holding an American flag to the tune of John Denver's "Take Me Home, Country Roads."

Because: America.

In fairness, Zuckerberg did have reason to celebrate, as the Federal Trade Commission's antitrust case against Facebook was shot down (at least temporarily) last Monday, and a similar suit by [a coalition of 48] state attorneys general was dismissed outright. Facebook's valuation shot above the $1 trillion mark for the first time following the dismissals, and its shares rose about 4% on the week.
"If the plaintiffs had prevailed in the antitrust lawsuits, Facebook might have been required to divest Instagram and WhatsApp," notes CNBC."

Instead, he's using it to post a picture of himself flying an American flag on a $12,000 electronic surfboard.