joshuark shares a report from BleepingComputer, written by Ax Sharma: Searching for 'GIMP' on Google as recently as last week would show visitors an ad for 'GIMP.org,' the official website of the well known graphics editor, GNU Image Manipulation Program. This ad would appear to be legitimate as it'd state 'GIMP.org' as the destination domain. But clicking on it drove visitors to a lookalike phishing website that provided them with a 700 MB executable disguised as GIMP which, in reality, was malware.

Reddit user ZachIngram04 earlier shared the development stating that the ad previously took users to a Dropbox URL to serve malware, but was soon "replaced with an even more malicious one" which employed a fake replica website 'gilimp.org' to serve malware. BleepingCompuer observed another domain 'gimp.monster' related to this campaign. To pass off the trojanized executable as GIMP in a believable manner to the user, the threat actor artificially inflated the malware, that is otherwise under 5 MB in size, to 700 MB by a simple technique known as binary padding. It still isn't clear if this instance was a slip up caused by a potential bug in Google Ad Manager that allowed malvertising.

NBC News reports: A global helium shortage has doctors worried about one of the natural gas's most essential, and perhaps unexpected, uses: MRIs.

Strange as it sounds, the lighter-than-air element that gives balloons their buoyancy also powers the vital medical diagnostic machines. An MRI can't function without some 2,000 liters of ultra-cold liquid helium keeping its magnets cool enough to work. But helium — a nonrenewable element found deep within the Earth's crust — is running low, leaving hospitals wondering how to plan for a future with a much scarcer supply.... [F]our of five major U.S. helium suppliers are rationing the element, said Phil Kornbluth, president of Kornbluth Helium Consulting. These suppliers are prioritizing the health care industry by reducing helium allotments to less essential customers.

Hospitals haven't canceled patients' MRIs or shut down machines yet. They have seen helium costs rise at an alarming rate, though — possibly up to 30%, guessed Phil Kornbluth, president of Kornbluth Helium Consulting. But without an end in sight for the helium shortage, the future of MRI remains uncertain.... The problem is that no other element is cold enough for the MRI. "There's no alternative," said Donna Craft, a regional construction manager for Premier Inc. who contracts with helium suppliers for some 4,000 hospitals. "Without helium, MRIs would have to shut down...."

GE and Siemens are both developing MRIs requiring less liquid helium. Siemens recently introduced one requiring just 0.7 liters, and, according to Panagiotelis, GE rolled out a machine that's "1.4 times more efficient than previous models." These technologies aren't widely available, though, and replacing the country's 12,000 MRI machines — each weighing up to 50,000 pounds — is anything but a quick fix. Meanwhile, hospitals keep installing additional conventional MRI machines to meet demand for diagnostic scans.
The article notes some scientists are already shutting down research projects that require helium.

Thanks to long-time Slashdot reader Wildbear for submitting the article!

Slashdot reader Soul_Predator writes: Vanilla OS is Ubuntu on stock GNOME, with on-demand immutability and package selection freedom. It is currently a beta project, with a stable release planned for the next month.
"The first-time setup process is a breeze to experience," writes It's FOSS News, applauding how it lets uses choose and enable Flatpak/Snap/AppImage.

Overall, a package manager that installs applications utilizing a container, getting the ability to choose your package managers, on-demand immutability, and vanilla GNOME make it seem like a good deal to keep an eye on... I'd say it is a project that I believe a lot of users will appreciate.

You can download the ISO by joining its Discord channel for now. The ISO is not yet publicly available to all. Take a look at its documentation if you are curious. However, as per the roadmap, they plan to have a release candidate soon enough.

One year after its record-breaking launch, the world's first exchange traded fund tracking the price of bitcoin has lost more of investors' dollars than any other ETF debut. The Financial Times reports: Asset manager ProShares launched its Bitcoin Strategy fund in October 2021, and it immediately became the most successful new ETF in history, amassing more than $1bn in its first week of trading on the New York Stock Exchange. Bitcoin enthusiasts proclaimed the launch as the moment when crypto joined the world's biggest equities market and became enmeshed in mainstream investment strategies for retail and institutional buyers alike. But one year into its existence, the fund has lost money on an unprecedented scale, according to data from Morningstar Direct for the Financial Times.

Its 70 percent share price drop also makes this the sixth-worst performing debut ETF of its kind of all time, in a test for investors during what has become known as the "crypto winter." The ETF, known as BITO, has attracted inflows consistently through its life, with only light withdrawals. But even with net inflows of $1.8 billion in its debut year, its assets now stand at $624 million. Taking together the timing of inflows and the 70 per cent drop in the fund's equity price, Morningstar calculates that BITO has lost $1.2 billion of investors' money, making this by far the biggest debut loser. Buyers "remained extremely loyal to the long-term thesis for bitcoin," said Todd Rosenbluth, head of research at consultancy VettaFi.

"The fund has not seen the outflows one would expect given its performance. The pendulum has swung away from certain investment theses this year. Historically it can swing back in favor, but the challenge is whether the asset manager has the confidence to keep the product afloat."

An anonymous reader quotes a report from Ars Technica: Generically, passkeys refer to various schemes for storing authenticating information in hardware, a concept that has existed for more than a decade. What's different now is that Microsoft, Apple, Google, and a consortium of other companies have unified around a single passkey standard shepherded by the FIDO Alliance. Not only are passkeys easier for most people to use than passwords; they are also completely resistant to credential phishing, credential stuffing, and similar account takeover attacks.

On Monday, PayPal said US-based users would soon have the option of logging in using FIDO-based passkeys, joining Kayak, eBay, Best Buy, CardPointers, and WordPress as online services that will offer the password alternative. In recent months, Microsoft, Apple, and Google have all updated their operating systems and apps to enable passkeys. Passkey support is still spotty. Passkeys stored on iOS or macOS will work on Windows, for instance, but the reverse isn't yet available. In the coming months, all of that should be ironed out, though.

Passkeys work almost identically to the FIDO authenticators that allow us to use our phones, laptops, computers, and Yubico or Feitian security keys for multi-factor authentication. Just like the FIDO authenticators stored on these MFA devices, passkeys are invisible and integrate with Face ID, Windows Hello, or other biometric readers offered by device makers. There's no way to retrieve the cryptographic secrets stored in the authenticators short of physically dismantling the device or subjecting it to a jailbreak or rooting attack. Even if an adversary was able to extract the cryptographic secret, they still would have to supply the fingerprint, facial scan, or -- in the absence of biometric capabilities -- the PIN that's associated with the token. What's more, hardware tokens use FIDO's Cross-Device Authentication flow, or CTAP, which relies on Bluetooth Low Energy to verify the authenticating device is in close physical proximity to the device trying to log in. "Users no longer need to enroll each device for each service, which has long been the case for FIDO (and for any public key cryptography)," said Andrew Shikiar, FIDO's executive director and chief marketing officer. "By enabling the private key to be securely synced across an OS cloud, the user needs to only enroll once for a service, and then is essentially pre-enrolled for that service on all of their other devices. This brings better usability for the end-user and -- very significantly -- allows the service provider to start retiring passwords as a means of account recovery and re-enrollment."

In other words: "Passkeys just trade WebAuthn cryptographic keys with the website directly," says Ars Review Editor Ron Amadeo. "There's no need for a human to tell a password manager to generate, store, and recall a secret -- that will all happen automatically, with way better secrets than what the old text box supported, and with uniqueness enforced."

If you're eager to give passkeys a try, you can use this demo site created by security company Hanko.

Aaron Gordon writes via Motherboard: This past June, Stockholm introduced a new shared bicycle service to replace Stockholm City Bikes, which operated from 2006 until 2018. Since that service shut down, the city was one of many around the world swamped by shared e-scooters that littered sidewalks and streets. As a result, the city wanted to reboot a bikeshare program with a more modern approach without succumbing to the trappings of the dockless scooter and bike craze. The new service, Stockholm eBikes, started relatively small, with just over a thousand bikes this past summer, but will grow to more than 5,000 for this coming summer. However, this is not just another bikeshare program. First, all of the bikes are electric. And second, it is ridiculously, ludicrously, almost impossibly cheap to use.

The first time I stumbled on the Stockholm eBikes website and did a currency conversion, I figured there must be some mistake. The website says a 24-hour plan "just to unlock a bike and enjoy Stockholm eBikes for 24 hours" costs 11 Krona, or 98 cents at current conversion rates. A 7-day plan is 26 Krona ($2.32). A 30-day plan is 35 Krona ($3.12). And a whole year of unlimited 90-minute e-bike rides costs a measly 157 Krona, or just about $14. If you want to ride more than 90 minutes in one trip, you will be charged an extra 11 Krona (about $1) per extra hour. This is not simply cheap by e-bike rental standards. It is several orders of magnitude cheaper. And it is a story with global implications for the bikeshare industry and urban transportation in general. Because bikeshare systems have entered a paradox. The invention and proliferation of e-bikes have the potential to make bikeshare systems even more useful thanks to the effortless pedaling including on hills and higher speeds. But virtually every system has surcharges to ride an e-bike, making it expensive to use over time. "It's a truly unique system," [said Daniel Mohlin, Nordics Regional Manager for Inurba Mobility, the company that won the seven-year contract for the new bikeshare program]. "Both in terms of the technology and the setup and the pricing in combination with it." So I asked Mohlin the obvious question: How can Stockholm offer essentially the same product and service for so much less than basically every other city? The obvious assumption would be that, unlike most every bikeshare system in the world which is expected to break even without public subsidies in contrast to traditional public transportation like buses and subways, the government is helping to foot the bill of Stockholm eBikes. [...] But Mohlin said that isn't the case in Stockholm. The city isn't giving Inurba any money.

Mohlin says they plan to run a profitable bikeshare system by doing one thing most other systems do and another thing he says is too often missing. The first thing, the one that everyone does, is advertising. Inurba will be selling advertisements on the bikes and on 350 advertising locations near where the bikes are parked. But the brand will remain Stockholm eBikes. [...] Advertising will only get them so far. The entire bikeshare system, Mohlin said, has been designed to be as efficient and cost-effective as possible. And this, he says, is the biggest difference between Stockholm's system and the ones other cities offer. [...] Inurba adopted a hybrid solution that some e-scooter companies have piloted in a few cities. Instead of traditional docks, there are virtual stations, painted lines on the ground with a sign post. Users lock and unlock the bikes via an app. Locking the bikes requires being within one of the station's geofenced zones. These virtual stations not only save Inurba lots of money not having to outfit and maintain physical docks, but it also provides operational flexibility. Because there is some wiggle room in the geofence by nature of GPS's imprecision, the stations can "swallow a lot more bikes" than traditional docks, as Mohlin put it. This helps avoid the always-empty-or-always-full phenomenon many docked bikeshare systems struggle with.

Mohlin also talked up Inurba's IT infrastructure that helps them learn which stations tend to get full at what time of day and which tend to get empty. He says this enables them to be more efficient with bike-balancing efforts, that it's "basically, do the right task in the right order at the right time." Another smaller money-saver is the company uses cargo e-bikes to go around swapping out batteries, which has to happen about once every three days per bike on average. This means battery swappers aren't stuck in traffic driving a van and can swap out more batteries per worker. So far, the model appears to be working. "55,000 active users took almost 450,000 trips, averaging six per day per bike, which is generally considered high for a bikeshare system," writes Gordon. "Plus, the average trip was almost 40 minutes, much higher than most bikeshare schemes with mechanical bikes, including Helsinki where Inurba also operates the bikeshare system where the average trip is between 12 and 16 minutes."

"We're really looking forward for next year when we can get the full system in operation," Mohlin said. "But I'm confident this is a really unique system that is going to have an impact."

PayPal has announced today that passkeys are being added as a new, password-less login method to secure PayPal accounts for iPhone, iPad, and Mac users on PayPal.com, with plans to expand passkeys to other platforms as they add support. From a report: PayPal passkeys are rolling out to US customers today and will be available to "additional countries" in early 2023. Passkeys are a new type of login credential that replaces passwords with cryptographic key pairs. They are resistant to phishing attempts and are designed to avoid sharing passkey data between platforms, addressing the weakness of current password-based authentication.

Passkeys are supported by Apple, Google, and Microsoft, who have pledged to bring the FIDO Alliance standard to their respective OSes. Reusing passwords across online accounts leaves users open to hacking and other vulnerabilities, but remembering individual login details is no easy task without a secure password manager. A study from Verizon shows that over 2.6 billion records were hacked in 2017, with 81 percent estimated to have been caused by password stealing and guessing.

It's a major Apple update day, as the company is rolling out new versions of its iPhone, iPad and Mac operating systems. While iPhone users at large have already had a taste of iOS 16, this will be the first time that most folks will get their hands on iPadOS 16 and macOS Ventura. From a report: Apple delayed the release of iPadOS 16 amid reports suggesting it needed more time to polish up the Stage Manager multitasking feature (which we felt was unrefined in an early iPadOS 16 beta). In fact, Apple said it was skipping a public release of iPadOS 16 and going straight to version 16.1 -- just in time for the company's latest iPad Pro and entry-level iPad shipping this week.

The latest version of the iPad operating system will include many of the same updates as iOS 16, including significant changes to Mail, Safari, Messages and other key apps. There are more collaboration-centric features, while the Weather and Clock apps are finally coming to iPad. External display support for Stage Manager will arrive within the next couple of months. Also later this year, Apple will release a collaborative productivity iPad app called Freeform. It seems like a souped-up whiteboard where users can sketch out ideas with Apple Pencil. The company says you'll be able to attach just about any kind of file to the canvas, including images, videos, audio, PDFs, documents and URLs, and preview the content inline.

"Google is giving Apple a taste of its own medicine," reports Business Insider, arguing that the latest update to Android's messaging app "is going to make texting between iPhone and Androids even more annoying than it already is." [Alternate URL] The updates are great if you're an Android user. Google Messages' new features include the ability to reply to individual messages, star them, and set reminders on texts. But these features and some other updates to Messages are RCS-enabled, meaning they're not going to be very compatible with SMS, which is the texting standard that iMessage switches to when messaging someone without an iPhone. iPhones exchange messages using iMessage, Apple's proprietary messaging system, but revert to SMS when texting an Android.

One feature that's part of Google's payback to Apple is that now, when Messages users react to an SMS text with an emoji, iPhone users will get a text saying the other person reacted to their text with a description of whatever emoji the person used. It's similar to when iMessage users react to an SMS text, with the recipient getting a "so and so loved" message instead of seeing the heart emoji reaction.... In August, Android launched a page on its website calling Apple out for refusing "to adopt modern texting standards when people with iPhones and Android phones text each other." The page has buttons that take users to Twitter to tweet at Apple to "stop breaking my texting experience. #GetTheMessage" with a link to Android's page urging Apple to "fix texting."

"We would much prefer that everybody adopts RCS which has the capability to support proper reactions," Jan Jedrzejowicz, Google Messages product manager, said in a briefing before the Messages updates were announced. "But in the event that's not possible or hasn't happened yet, this feels like the next best thing." Recently, Apple CEO Tim Cook said he doesn't get a lot of feedback from iPhone users that Apple needs to fix messaging between iPhones and Androids. Apple doesn't have much incentive to do so, either. In legal documents from a 2021 lawsuit between Epic Games and Apple, an Apple executive said "Moving iMessage to Android will hurt us more than help us."

A leaker has claimed that Apple is working on a version of macOS exclusive for the M2 iPad Pro, with it expected at some point in 2023. Apple Insider reports: Leaker Majin Bu's sources have shared that Apple is working on a "smaller" version of macOS exclusively for the M2 iPad Pro. It is said to be codenamed Mendocino and will be released as macOS 14 in 2023. Testing is being done with a 25% larger macOS UI so it is suitable for touch. However, apps run on the product would still be iPad-optimized versions, not macOS ones.

It isn't clear why Apple would move the iPad to a macOS interface in a half-step like this. Those clamoring for macOS on iPad do so for the software more than the interface. [...] The other possible explanation is this wasn't macOS at all. Apple could be working to bring iPadOS even closer to macOS by adding a Menu Bar and other Mac-like interactions. It already introduced a Mac windowing feature in iPadOS 16 called Stage Manager, this could be the next iteration. Majin Bu also suggests that the exclusivity to M2 iPad Pro could be a marketing push. If the feature is only available on that iPad, more people would buy it.

Microsoft is working on a PC Manager app that's designed to boost your computer's performance. The Verge reports: Much like CCleaner, a beta version of Microsoft's PC Manager includes storage management and the ability to end tasks quickly and control which apps start up with Windows. Much of this functionality is already baked into Windows, but this PC Manager app puts it all in one useful location. There's even a browser protection section that makes it easier to change default browsers than what exists in Windows right now.

The storage manager feature includes the ability to manage apps or remove those that are rarely used, and there's also a full cleanup scan available or a scan to find large files on your drives. The process management feature is a more simplified version of the Task Manager so you can quickly kill processes that might be eating up RAM. Hitting the main "boost" button will clear temporary files and free up memory, which could be useful on older PCs.

An anonymous reader shares a report: As the economy slows, more tech companies have been showing employees the door. Now some senior leaders at Silicon Valley fintech giant Stripe, which in early 2021 was valued by private investors at $95 billion, have asked managers to start giving lower ratings on performance reviews, current and former employees say. That move could lead to more people being fired or feeling pressured to quit and comes at a time when tech businesses, particularly Stripe's payments and ecommerce peers, have been struggling.

Potential cuts, which Stripe wouldn't have to disclose as layoffs because they would be performance-based, could affect hundreds of workers at the dual Dublin- and San Francisco-headquartered company, which has more than 8,000 employees. The pressure to lower ratings follows months of anxious speculation among workers after Stripe added a new question, asking whether a manager would rehire someone, to its performance reviews this past summer. Forbes spoke to ten former and current Stripe employees for this story; all asked to remain anonymous. In interviews and in comments online, workers say Stripe's recent moves have exacerbated a lack of "psychological safety" at the hard-charging private company, leaving some afraid to speak up or express dissenting opinions.

The next versions of macOS and iPadOS will be released to the general public on October 24, Apple announced today. From a report: The iPadOS 16 update runs on all iPad Pros, the 5th-generation iPad and later, the fifth-generation iPad mini and later, and the 3rd-generation iPad Air and later, dropping support for the venerable iPad Air 2 and a handful of other models (it will also ship on all the new iPads Apple announced today). The macOS Ventura update generally requires a Mac released in 2017 or later, dropping support for various models released between 2013 and 2016. Both updates will enable some iOS 16 features on iPads and Macs, including editing and deletion of iMessages, better search in Mail, passkey support in Safari, and a new large-screened Weather app and redesigned Home app, improved gamepad support, and more. Both also include a version of the Stage Manager window management feature, and Ventura includes a redesigned System Settings app.

DuckDuckGo is rolling out its web browsing app for Mac users as an open beta test. Designed for privacy, the app was announced back in April as a closed beta, but is now available for all Mac users to try before its official public launch. From a report: The desktop browser includes the same built-in protections we've seen already featured in DuckDuckGo's mobile apps, combining DuckDuckGo's search engine, defenses against third-party tracking, cookie pop-up protection, and its popular one-click data clearing 'Fire Button.' Some additional features have been added to the browser (version 0.30) since its original announcement.

Now users can try Duck Player, a feature that protects users from targeted ads and cookies while watching YouTube content. Ads viewed within the Duck Player will not be personalized, which DuckDuckGo claims actually removed most YouTube ads as a result during testing. YouTube will still register your views, but content watched through Duck Player won't contribute to your YouTube advertising profile. Pinned tabs and a new bookmarks bar have been included to address feedback from early beta testing, as well as a way to view your locally stored browsing history. DuckDuckGo's Cookie Consent Pop-Up Manager is also available which works on about 50 percent of sites (with more to come) to automatically choose the most private option and spare users from the annoying pop-up messages. The app also lets you activate DuckDuckGo Email Protection on the desktop to better protect your inbox with email tracker blocking.

Some have complained high-paying tech jobs have driven up rents in major tech hubs — creating an exodus that will later drive up rents in other cities.

But ProPublica asks whether there's another technology at work: On a summer day last year, a group of real estate tech executives gathered at a conference hall in Nashville to boast about one of their company's signature products: software that uses a mysterious algorithm to help landlords push the highest possible rents on tenants. "Never before have we seen these numbers," said Jay Parsons, a vice president of RealPage, as conventiongoers wandered by. Apartment rents had recently shot up by as much as 14.5%, he said in a video touting the company's services. Turning to his colleague, Parsons asked: What role had the software played?

"I think it's driving it, quite honestly," answered Andrew Bowen, another RealPage executive. "As a property manager, very few of us would be willing to actually raise rents double digits within a single month by doing it manually."

The celebratory remarks were more than swagger. For years, RealPage has sold software that uses data analytics to suggest daily prices for open units. Property managers across the United States have gushed about how the company's algorithm boosts profits. "The beauty of YieldStar is that it pushes you to go places that you wouldn't have gone if you weren't using it," said Kortney Balas, director of revenue management at JVM Realty, referring to RealPage's software in a testimonial video on the company's website. The nation's largest property management firm, Greystar, found that even in one downturn, its buildings using YieldStar "outperformed their markets by 4.8%," a significant premium above competitors, RealPage said in materials on its website. Greystar uses RealPage's software to price tens of thousands of apartments.

RealPage became the nation's dominant provider of such rent-setting software after federal regulators approved a controversial merger in 2017, a ProPublica investigation found, greatly expanding the company's influence over apartment prices. The move helped the Texas-based company push the client base for its array of real estate tech services past 31,700 customers.

The impact is stark in some markets. In one neighborhood in Seattle, ProPublica found, 70% of apartments were overseen by just 10 property managers, every single one of which used pricing software sold by RealPage.... But by RealPage's own admission, its algorithm is helping drive rents higher. "Find out how YieldStar can help you outperform the market 3% to 7%," RealPage urges potential clients on its website.
YieldStar has since swapped in a "Page Not Found" error for their web page urging landlords to "outperform the market 3% to 7%" with their software. (But the original page is still viewable at Archive.org.)

ProPublica points out that "Few tenants know that such software, owned by a privately held company, has had a hand in rent increases across the country." Yet by the end of 2020, RealPage told America's Securities and Exchange Commission that its services helped manage 19.7 million of the country's rental units. Five of America's top 10 property managers use the software.

And interestingly, RealPage discourages bargaining with renters, "and has even recommended that landlords in some cases accept a lower occupancy rate in order to raise rents and make more money. One of the algorithm's developers told ProPublica that leasing agents had 'too much empathy' compared to computer generated pricing...."

"The software's design and growing reach have raised questions among real estate and legal experts about whether RealPage has birthed a new kind of cartel that allows the nation's largest landlords to indirectly coordinate pricing, potentially in violation of federal law.... RealPage acknowledged that it feeds its clients' internal rent data into its pricing software, giving landlords an aggregated, anonymous look at what their competitors nearby are charging."

Firefox Relay, a Mozilla service designed to hide your "real" email address by giving you virtual ones to hand out, is expanding to offer virtual phone numbers. From a report: In a blog post Mozilla product manager Tony Amaral-Cinotto explains that the relay service generates a phone number for you to give out to companies if you suspect they might use it to send you spam messages in the future, or if you think they might share it with others who will. The idea is that handing out this alternative phone number makes it easier to block spam phone calls or texts in the future. You can either block all calls or texts sent to your relay number, or just block specific contacts. Importantly it lets you keep your "real" phone number private, which is something you might want to consider if it's a number you use to receive sensitive information like two-step verification codes via SMS. Once you've signed up, the Firefox phone number masking service offers 50 minutes of incoming calls and 75 text messages a month. The phone number masking service is also more expensive at $4.99 a month (or $3.99 a month when paid annually), while the email service offers a choice between a free tier and a premium tier costing $1.99 a month ($0.99 a month when paid annually).

An anonymous reader quotes a report from Axios: TikTok is planning to build its own product fulfillment centers in the U.S., creating an e-commerce supply chain system that could directly challenge Amazon, as indicated by more than a dozen new job openings posted in the past two weeks to LinkedIn. The move signifies TikTok's commitment to e-commerce as its next major revenue stream, following the explosive growth of its ads business. "By providing warehousing, delivery, and customer service returns, our mission is to help sellers improve their operational capability and efficiency, provide buyers a satisfying shopping experience and ensure fast and sustainable growth of TikTok Shop," the company wrote in one job listing.

According to the job postings, TikTok is looking to build an "international e-commerce fulfillment system" that will include international warehousing, customs clearings and supply chain systems that support domestic e-commerce efforts in the U.S. and cross-border e-commerce efforts. The systems will eventually perform parcel consolidation, along with transporting goods from one stage to the next and managing free returns. One position, a logistics solutions manager for a global fulfillment center, is looking for a Seattle-based employee to plan and design fulfillment centers and e-commerce logistics solutions that include the transportation of goods, order prediction and inventory management.

Another Seattle-based role calls for the creation of a new fulfillment service center "from scratch." The center, the posting says, "is a global team responsible for developing and growing our logistics solution" and will include product fulfillment by TikTok Shop to its sellers by "providing warehousing, delivery, and customer service returns." While that role explicitly calls for the development of fulfillment services for TikTok's e-commerce logistics in the U.S., other roles reference a team that is responsible for a global logistics and warehousing network. For now, it does not appear that TikTok plans to build out its own transportation unit like Amazon. The job postings imply that TikTok would work with vendors to handle shipping, parcel consolidation and transportation. One job description for a fulfillment logistics manager implies that, like Amazon, TikTok is looking to develop a free return program.

Android Developers Blog: Passkeys are a significantly safer replacement for passwords and other phishable authentication factors. They cannot be reused, don't leak in server breaches, and protect users from phishing attacks. Passkeys are built on industry standards and work across different operating systems and browser ecosystems, and can be used for both websites and apps. Passkeys follow already familiar UX patterns, and build on the existing experience of password autofill. For end-users, using one is similar to using a saved password today, where they simply confirm with their existing device screen lock such as their fingerprint. Passkeys on users' phones and computers are backed up and synced through the cloud to prevent lockouts in the case of device loss. Additionally, users can use passkeys stored on their phone to sign in to apps and websites on other nearby devices.

Today's announcement is a major milestone in our work with passkeys, and enables two key capabilities: Users can create and use passkeys on Android devices, which are securely synced through the Google Password Manager. Developers can build passkey support on their sites for end-users using Chrome via the WebAuthn API, on Android and other supported platforms. To try this today, developers can enroll in the Google Play Services beta and use Chrome Canary. Both features will be generally available on stable channels later this year. Our next milestone in 2022 will be an API for native Android apps. Passkeys created through the web API will work seamlessly with apps affiliated with the same domain, and vice versa. The native API will give apps a unified way to let the user pick either a passkey or a saved password. Seamless, familiar UX for both passwords and passkeys helps users and developers gradually transition to passkeys.

For the end-user, creating a passkey requires just two steps: (1) confirm the passkey account information, and (2) present their fingerprint, face, or screen lock when prompted. Signing in is just as simple: (1) The user selects the account they want to sign in to, and (2) presents their fingerprint, face, or screen lock when prompted. A passkey on a phone can also be used to sign in on a nearby device. For example, an Android user can now sign in to a passkey-enabled website using Safari on a Mac. Similarly, passkey support in Chrome means that a Chrome user, for example on Windows, can do the same using a passkey stored on their iOS device. Since passkeys are built on industry standards, this works across different platforms and browsers - including Windows, macOS and iOS, and ChromeOS, with a uniform user experience.

Cameco and Brookfield Renewable Partners said on Tuesday they would acquire nuclear power plant equipment maker Westinghouse Electric in a $7.9-billion deal including debt, amid renewed interest in nuclear energy. Reuters reports: The deal for one of the most storied names in the American power industry at an equity value of $4.5 billion comes at a time when nuclear power is seeing an uptick in interest amid an energy crisis in Europe and soaring crude oil and natural gas prices. Nuclear power is also key for countries to meet global net-zero carbon emission goals and could be on the cusp of a boom seen after the 1970s oil crisis.

Cameco will own 49% of Westinghouse, while Brookfield Renewable and its institutional partners will own the rest. Westinghouse was acquired from Toshiba by Brookfield Business Partners , an affiliate of Canadian asset manager Brookfield, out of bankruptcy in 2018, for $4.6 billion, including debt. Brookfield Business said in a separate statement it expects to generate about $1.8 billion in proceeds from the sale of its 44% stake in Westinghouse, with the balance distributed among institutional partners. The deal is expected to close in the second half of 2023. Brookfield Renewable and its partners will pay about $2.3 billion for the deal, whereas Cameco will incur equity costs of about $2.2 billion. Westinghouse's existing debt structure will remain in place.

Google said Tuesday that it will rely on Coinbase to start letting some customers pay for cloud services with cryptocurrencies early in 2023, while Coinbase said it would draw on Google's cloud infrastructure. From a report: The deal, announced at Google's Cloud Next conference, might succeed in luring cutting-edge companies to Google in a fierce, fast-growing market, where Google's top competitors do not currently permit clients to pay with digital currencies. The cloud business helps diversify Google parent Alphabet away from advertising, and it now accounts for 9% of revenue, up from less than 6% three years ago, as it is expanding more quickly than Alphabet as a whole. Coinbase, which generates a majority of its revenue from retail transactions, will move data-related applications to Google from the market-leading Amazon Web Services cloud, which Coinbase has relied on for years, said Jim Migdal, Coinbase's vice president of business development. The Google Cloud Platform infrastructure service will initially accept cryptocurrency payments from a handful of customers in the Web3 world who want to pay with cryptocurrency, thanks to an integration with the Coinbase Commerce service, said Amit Zavery, vice president and general manager and head of platform at Google Cloud, in an interview with CNBC.