Facebook will now freely allow developers to build competitors to its features upon its own platform. Today Facebook announced it will drop Platform Policy section 4.1, which stipulates "Add something unique to the community. Don't replicate core functionality that Facebook already provides." TechCrunch reports: Facebook had previously enforced that policy selectively to hurt competitors that had used its Find Friends or viral distribution features. Apps like Vine, Voxer, MessageMe, Phhhoto and more had been cut off from Facebook's platform for too closely replicating its video, messaging or GIF creation tools. The move will significantly reduce the risk of building on the Facebook platform. It could also cast it in a better light in the eyes of regulators. Anyone seeking ways Facebook abuses its dominance will lose a talking point. And by creating a more fair and open platform where developers can build without fear of straying too close to Facebook's history or road map, it could reinvigorate its developer ecosystem. In a statement to TechCrunch, a Facebook spokesperson said: "We built our developer platform years ago to pave the way for innovation in social apps and services. At that time we made the decision to restrict apps built on top of our platform that replicated our core functionality. These kind of restrictions are common across the tech industry with different platforms having their own variant including YouTube, Twitter, Snap and Apple. We regularly review our policies to ensure they are both protecting people's data and enabling useful services to be built on our platform for the benefit of the Facebook community. As part of our ongoing review we have decided that we will remove this out of date policy so that our platform remains as open as possible. We think this is the right thing to do as platforms and technology develop and grow."

On December 1, 2013, Amazon announced its plans to deliver packages by drone in just "four or five years" on a 60 Minutes episode with then-host Charlie Rose. As The Associated Press reports, it's officially been five years and drone deliveries seem to be nowhere in sight. "Bezos made billions of dollars by transforming the retail sector," reports The Associated Press. "But overcoming the regulatory hurdles and safety issues posed by drones appears to be a challenge even for the world's wealthiest man." From the report: The day may not be far off when drones will carry medicine to people in rural or remote areas, but the marketing hype around instant delivery of consumer goods looks more and more like just that -- hype. Drones have a short battery life, and privacy concerns can be a hindrance, too. Amazon says it is still pushing ahead with plans to use drones for quick deliveries, though the company is staying away from fixed timelines. "We are committed to making our goal of delivering packages by drones in 30 minutes or less a reality," says Amazon spokeswoman Kristen Kish. The Seattle-based online retail giant says it has drone development centers in the United States, Austria, France, Israel and the United Kingdom.

Google has launched Flutter 1.0, the first stable release of its open source, cross-platform UI toolkit and SDK. "Flutter lets developers share a single code base across Android and iOS apps, with a focus on speed and maintaining a native feel," reports Ars Technica. From the report: Flutter enables cross-platform app code by sidestepping the UI frameworks of both Android and iOS. Flutter apps run on the Flutter rendering engine and Flutter framework, which are shipped with every app. The Flutter platform handles communication with each OS and can spit out Android and iOS binaries with native-looking widgets and scrolling behavior if desired. It's kind of like applying a "video game" style of development to apps: if you write for a game engine like Unity or Unreal, those engines are packaged with your game, allowing it to run on multiple different platforms. It's the same deal with Flutter.

Flutter apps are written in Dart, and the SDK offers programmers nice quality-of-life benefits like the "stateful hot reload," a way to instantly make code changes appear in the emulator. For IDEs, there are plugins for Visual Studio Code, Android Studio, and IntelliJ. Apps come with their own set of Flutter UI widgets for Android and iOS, with the iOS widgets closely following Apple's guidelines and the Android widgets following Google's Material Design. Flutter is designed to be fast, with its custom app engine running on Google's hardware-accelerated Skia engine. This means 60fps apps on Android and iOS and a path for 120fps apps in the future. This is a bigger deal on Android than it is on iOS. The Google Ads app is already built on Flutter, which means Google "thinks Flutter is ready for prime time," writes Ron Amadeo. There's a list of other apps built on Flutter, too. Amadeo goes on to suggest that Flutter may be the path to Android's replacement. "Flutter ships its own app engine on Android and iOS, but in secret, Google is also developing an OS called 'Fuchsia' that runs these Flutter apps natively," writes Amadeo. "With Fuchsia, Google would switch from the Android apps written in Java to Flutter apps written in Dart..."

An anonymous reader writes from a report via ZDNet: Three academics from Northeastern University and three researchers from IBM Research have discovered a new variation of the Spectre CPU vulnerability that can be exploited via browser-based code. The vulnerability, which researchers codenamed SplitSpectre, is a variation of the original Spectre v1 vulnerability discovered last year and which became public in January 2018. The difference in SplitSpectre is not in what parts of a CPU's microarchitecture the flaw targets, but how the attack is carried out. Researchers say a SplitSpectre attack is both faster and easier to execute, improving an attacker's ability to recover code from targeted CPUs. The research team says they were successfully able to carry out a SplitSpectre attack against Intel Haswell and Skylake CPUs, and AMD Ryzen processors, via SpiderMonkey 52.7.4, Firefox's JavaScript engine. The good news is that existing Spectre mitigations would thwart the SplitSpectre attacks.

Tokyo Telemessage, Japan's last pager provider, has announced that it will end service to its 1,500 remaining users in September 2019. It will bring a national end to telecommunication beepers, 50 years after their introduction. The BBC reports: The once-popular devices are able to receive and show wireless messages. Users would then find a phone to call the sender back. Developed in the 1950s and 1960s, they grew in popularity in the 1980s. By 1996, Tokyo Telemessage had 1.2 million subscribers. However, the rise of mobile phones rendered the pager obsolete, and few remain worldwide. Emergency services, however, continue to use the reliable technology -- including in the UK.

AmiMoJo shares a report from 9to5Mac: Apple is facing a new class action lawsuit claiming that it sells select iMac and MacBook models without needed dust filters. In turn, this causes issues such as display imprecations, slowing performance, and more, the lawsuit alleges. The iMac and MacBook lawsuit is being brought forward by law firm Hagens Berman Sobol Shapiro, which is a class action litigation firm that has gone after Apple before. Most notably, the firm won the infamous $450 million ebooks pricing case against Apple. Since then, Hagens Berman has levied other suits at Apple, including one regarding the performance throttling of iPhones. Hagens Berman's latest lawsuit reads in part: "iMac and MacBook owners have reported dark smudges and spots on the interior of the screens of their desktop computers as well as excessive slowness and break downs of their computers related to the lack of filter on Apple computers. The computer intakes air to cool its components, but with no filter, dust gets trapped inside. This affects the screen and logic board of the computer, leading to dust stuck behind the screen and gummed up motherboards, causing the computer to run slow and/or overheat."

Hagens Berman says "Apple refuses to remedy the defect," instead forcing affected customers to pay "more than $500 to fix this screen defect, and even more if they wish to replace parts integral to the computer's sped and performance." "We believe Apple owes it to the purchasers of these premium, high-end computers to pay for the widespread defect, and we seek to represent iMac owners to recover their losses in costs to repair this defect, or for their loss of use of their computer."

The Secret Service is planning to test facial recognition surveillance around the White House, "with the goal of identifying 'subjects of interest' who might pose a threat to the president," reports The Verge. The document with the plans was published by the American Civil Liberties Union, describing "a test that would compare closed circuit video footage of public White House spaces against a database of images -- in this case, featuring employees who volunteered to be tracked." From the report: The test was scheduled to begin on November 19th and to end on August 30th, 2019. While it's running, film footage with a facial match will be saved, then confirmed by human evaluators and eventually deleted. The document acknowledges that running facial recognition technology on unaware visitors could be invasive, but it notes that the White House complex is already a "highly monitored area" and people can choose to avoid visiting. We don't know whether the test is actually in operation, however. "For operational security purposes we do not comment on the means and methods of how we conduct our protective operations," a spokesperson told The Verge.

The ACLU says that the current test seems appropriately narrow, but that it "crosses an important line by opening the door to the mass, suspicionless scrutiny of Americans on public sidewalks" -- like the road outside the White House. (The program's technology is supposed to analyze faces up to 20 yards from the camera.) "Face recognition is one of the most dangerous biometrics from a privacy standpoint because it can so easily be expanded and abused -- including by being deployed on a mass scale without people's knowledge or permission."

An anonymous reader quotes a report from Ars Technica: On Tuesday, New York City's Taxi and Limousine Commission voted to set a minimum pay rate for Uber, Lyft, and other on-demand ride-hailing drivers. The new rate will be set at $17.22 after expenses, or $26.51 per hour gross. New York is believed to be the first city in the nation to implement such a pay floor. Four months ago, the Big Apple also imposed a cap on the number of such vehicles in the city. The Independent Drivers Guild, a local affiliate of the Machinists Union, advocated for the change. Meanwhile, Uber has already put out a statement saying that increased driver earnings "will lead to higher than necessary fare increases" and that the new rules do not adequately take into account "incentives or bonuses forcing companies to raise rates even higher." "Today we brought desperately needed relief to 80,000 working families. All workers deserve the protection of a fair, livable wage and we are proud to be setting the new bar for contractor workers' rights in America," Jim Conigliaro, Jr., founder of the Independent Drivers Guild, said in a statement.

China has announced an array of punishments that could restrict companies' access to borrowing and state-funding support over intellectual-property theft. The news comes after the G20 Summit in Argentina, where the Trump Administration agreed to hold off on tariff action for at least 90 days as they negotiate to resolve specific U.S. complaints. Bloomberg reports: China set out a total of 38 different punishments to be applied to IP violations, starting this month. The document, dated Nov. 21, was released Tuesday by the National Development and Reform Commission and signed by various government bodies, including the central bank and supreme court. China says violators would be banned from issuing bonds or other financing tools, and participating in government procurement. They would also be restricted from accessing government financial support, foreign trade, registering companies, auctioning land or trading properties. In addition, violators will be recorded on a list, and financial institutions will refer to that when lending or granting access to foreign exchange. Names will be posted on a government website. "This is an unprecedented regulation on IP violation in terms of the scope of the ministries and severity of the punishment," said Xu Xinming, a researcher at the Center for Intellectual Property Studies at China University of Political Science and Law. The newly announced punishments are "a security net of IP protection" targeting repeat offenders and other individuals who aren't in compliance with the law, he said.

An anonymous reader quotes a report from MacRumors: Streaming TV services offered by companies like Hulu and AT&T are testing the waters for a new type of advertising called "pause ads." The idea behind pause ads is that instead of facing forced commercial breaks at specified interludes, users would be more accepting of ads that play when they choose to pause a show for a bit while they do something else. Hulu says it plans to launch pause ads in 2019, but not much else was given in the way of details regarding which of its numerous streaming plans will include the new type of commercial. The plan likely to see pause ads is Hulu With Limited Commercials, which interjects a few ads throughout a show's runtime, similar to live TV, but again this hasn't been confirmed.

AT&T cited similar interest in pause ads, stating that it also plans to launch technology in 2019 that plays a video when a user pauses a TV show. For both companies, it's unclear exactly how long these ads will run for, and if you'll be able to immediately cancel them out by simply hitting the play button and resuming your TV show. According to Hulu vice president and head of advertising platforms Jeremy Helfand, pause ads will not be home to longform advertisements, but will instead focus on commercials where advertisers "have seconds" to deliver a message effectively. Over the next three years, Hulu expects "more than half" of its advertising revenue to come from these so-called non-disruptive experiences.

schwit1 shares a report from CBS News: Information sharing website Quora has announced a data breach which has exposed "approximately 100 million users'" personal data. The company said in a statement released Monday that it discovered the "unauthorized access to one of our systems by a malicious third party," on Friday. Chief Executive Adam D'Angelo wrote in the blog post that Quora had alerted law enforcement authorities and was "working rapidly to investigate the situation further and take the appropriate steps to prevent such incidents in the future." D'Angelo said Quora was working to alert the affected users of the site, whose names, email addresses and encrypted passwords, and public content such as their questions, answers and comments, were exposed through the breach. Those users would be required to reset their passwords, D'Angelo said.

An anonymous reader writes: At its Microsoft Connect(); 2018 virtual event today, Microsoft announced the initial public preview of Visual Studio 2019 -- you can download it now for Windows and Mac. Separately, .NET Core 2.2 has hit general availability and .NET Core 3.0 Preview 1 is also available today.

At the event today, Microsoft also made some open-source announcements, as is now common at the company's developer shindigs. Microsoft open-sourced three popular Windows UX frameworks on GitHub: Windows Presentation Foundation (WPF), Windows Forms, and Windows UI XAML Library (WinUI). Additionally, Microsoft announced the expansion of the .NET Foundation's membership model.

Qualcomm announced its new flagship 855 mobile platform today. While the company didn't release all of the details yet, it stressed that the 855 is "the world's first commercial mobile platform supporting multi-gigabit 5G." From a report: The 855 also features a new multi-core AI engine that promises up to 3x better AI performance compared to its previous mobile platform, as well as specialized computer vision silicon for enhanced computational photography (think something akin to Google's Night Light) and video capture. The company also briefly noted that the new platform has been optimized for gaming. The product name for this is "Snapdragon Elite Gaming," but details remain sparse. Qualcomm also continues to bet on AR (or "extended reality" as the company brands it).

Kubernetes has become the most popular cloud container orchestration system by far, so it was only a matter of time until its first major security hole was discovered. And the bug, CVE-2018-1002105, aka the Kubernetes privilege escalation flaw, is a doozy. It's a CVSS 9.8 critical security hole. From a report: With a specially crafted network request, any user can establish a connection through the Kubernetes application programming interface (API) server to a backend server. Once established, an attacker can send arbitrary requests over the network connection directly to that backend. Adding insult to injury, these requests are authenticated with the Kubernetes API server's Transport Layer Security (TLS) credentials. Can you say root? I knew you could. Worse still, "In default configurations, all users (authenticated and unauthenticated) are allowed to perform discovery API calls that allow this escalation." So, yes, anyone who knows about this hole can take command of your Kubernetes cluster.

Petri's Brad Sams writes: For more than a year, we have been hearing about Windows Core OS and how it is a modern version of Windows. As Microsoft continues to build out the platform, it's time to take a look at what the secret project actually includes and how the company is positioning the platform. In Microsoft's feverish attempts to shove out insider builds at an impressive rate, the company doesn't always do a great job at scrubbing the finer details from the builds. Because of this, and some help from a couple insiders, I have been able to piece together what Lite is and where it's headed.

Microsoft is working on a new version of Windows that may not actually be Windows. It's currently called Lite, based on documentation found in the latest build, and I can confirm that this version of the OS is targeting Chromebooks. In fact, there are markings all over the latest release of the insider builds and SDK that help us understand where this OS is headed. If you have heard this before, it should sound a lot like Windows 10 S and RT; Windows 10 Lite only runs PWAs and UWP apps and strips out everything else. This is finally a truly a lightweight version of Windows that isn't only in the name. This is not a version of the OS that will run in the enterprise or even small business environments and I don't think you will be able to 'buy' the OS either; OEM only may be the way forward.