With access to years of data on the purchase activity of hundreds of millions of unique credit and debit cards across millions of small businesses, payments app Square has a window into spending patterns that few other tech companies can match. By supplementing that data with contact details that shoppers provide to Square for the purpose of getting digital receipts, the company is able to assemble expansive profiles of consumer behavior that it can use to run marketing and loyalty programs for its small-business customers. But misfires happen. From a report: Square has forwarded receipts documenting transactions as mundane as a cup of coffee and as sensitive as an obstetrician's visit to people who were uninvolved in the purchases, according to emails reviewed by The Wall Street Journal. In some cases, neither the purchaser nor the recipient could say why Square sent receipts to the people it did. At issue are the methods that tech companies employ to make money off of the financial data of their users, as well as the degree to which those companies disclose or get consent from their users about those efforts. Data on individuals' credit-card transactions can be particularly delicate and more revealing than their social-media posts or web-browsing activity. The Journal reported last year that Facebook requested detailed information from large U.S. banks about their customers as part of an effort to offer new services to users, but that data privacy emerged as a sticking point.

Long-time Slashdot reader rastos1 works for a mid-size software company that for many decades has been developing CAD-CAM software for the textile industry. But last weekend their code-signing certificate was revoked -- and they're looking for advice. On Monday morning we woke up to phones ringing from confused customers unable to launch our software. This has hit mostly Java applications launched from a web page because JRE checks the signature by default using OCSP. But traditional executables and shared libraries also would report invalid signature upon checking.

We reached out, but for half a day we could not get any feedback. Later we got information that some malware was signed with our certificate. Two days and many e-mails and phone calls later, we understand that this is what happened: someone submitted one of our executables to virustotal.com -- a site that runs ~70 antivirus programs on submitted files and reports back whether they flag the uploaded file. Five of their antivirus packages flagged our executable. We tracked down the version and we positively know it was a false positive. There is random guy that wrote a tool that creates a monthly report of files flagged at Virustotal. Sectigo found the report, and, according to their statement, revoked all certificates used to sign executables -- causing major disruption to us and downtime for our customers... There was no attempt to contact us and clarify the situation.

How do you prepare and deal with such scenario? Did you know how little it takes to get your certificate revoked?
They'd bought their certs from the same seller for more than a decade -- and their story has already drawn some interesting comments from long-time Slashdot readers. "False positives are way too common in the anti-virus world today..." argues Z00L00K, adding "you have to cut down all unnecessary players in the chain to a minimum, so the dependency on an external CA is worth reconsidering."

sjames -- Slashdot reader #1,099 -- agrees. "If you must depend on another entity, make sure they're small enough that they would actually care if they lost you as a customer." And Martin S. simply recommends talking to a lawyer, adding "This is a legal problem, not a technology problem."

But what's your advice? Leave your best thoughts in the comments. What should you do when your certificate authority suddenly revokes your cert?

Google says a small number of its enterprise customers mistakenly had their passwords stored on its systems in plaintext. The exact number was not disclosed. "We recently notified a subset of our enterprise G Suite customers that some passwords were stored in our encrypted internal systems unhashed," said Google vice president of engineering Suzanne Frey.

Slashdot reader pegdhcp appears to be one of the users impacted by this security lapse: I am sharing a message that I received from G Suite, redacted. They are having some serious problem... If you missed the message or somehow tend to ignore sometimes extremely frequent and unnecessary G Suite messages like I do, this one can be important depending on your settings. [You can read the full email message (with redactions) below:]

A massive database containing contact information of millions of Instagram influencers, celebrities and brand accounts has been found online. From a report: The database, hosted by Amazon Web Services, was left exposed and without a password allowing anyone to look inside. At the time of writing, the database had over 49 million records -- but was growing by the hour. From a brief review of the data, each record contained public data scraped from influencer Instagram accounts, including their bio, profile picture, the number of followers they have, if they're verified and their location by city and country, but also contained their private contact information, such as the Instagram account owner's email address and phone number.

Security researcher Anurag Sen discovered the database and alerted TechCrunch in an effort to find the owner and get the database secured. We traced the database back to Mumbai-based social media marketing firm Chtrbox, which pays influencers to post sponsored content on their accounts. Each record in the database contained a record that calculated the worth of each account, based off the number of followers, engagement, reach, likes and shares they had. This was used as a metric to determine how much the company could pay an Instagram celebrity or influencer to post an ad.

The commercial rollout of Waymo's driver-less taxi service in Chandler, Arizona, a suburb of Phoenix with a population of 260,000 people, has more than a thousand customers already signed up -- including the mayor, reports Forbes: Each of the several hundred Waymo One vans in Chandler arrives with a safety driver at the wheel. But that may be more about public relations than technical necessity. During a recent trip, the human in the driver's seat didn't take her hands off her lap during a trip from the library to a shopping mall a few miles away in light, late morning traffic. "Part of it's just education and getting people really comfortable right out of the gate," a Waymo spokeswoman said. There's another piece of the Arizona program that's closer to Waymo's long-term plans of full autonomy. A few hundred people are getting rides in Pacificas with no safety driver through its Early Rider program, an earlier test rollout. Unlike Waymo One users, Early Riders have to sign nondisclosure agreements and aren't allowed to discuss the program.

Early Riders are also a way for the company to observe how people adapt to a robotic service and the options they want. Recently Waymo integrated Google Play music into the Waymo One app to let riders automatically listen to their preferred songs and artists. Video streaming, games and other in-vehicle options that leverage Google's many services are likely additions, though Waymo won't verify that... "Beyond the initial shock of not seeing a person in the vehicle, which we're getting used to, protocols are being established," says Chandler Police Chief Sean Duggan. "As a police officer, one of the first questions that gets asked is 'who gets the ticket? How do you contact whomever?'" There have been a "half a dozen" collisions involving a Waymo vehicle, Duggan says, but not ones where the Waymo vehicle was at fault. In fact, the department hasn't issued any citations to Waymo in the past couple of years...

Ahead of the commercial launch, there were reports that the vans irritate local commuters because they take too long to make left turns and of assaults on Waymo vans including rock throwing, a slashed tire and even an individual who aimed a gun at one. "People tend to be frustrated when a vehicle is actually obeying the law" by stopping completely at intersections and making turns cautiously, Dugan said. "That happens regardless of if it's self-driving or a person."
Forbes describes Waymo's presence in Chandler as "a test case for the entire industry," citing an interesting perspective from Bryan Reimer, a research scientist at the Massachusetts Institute of Technology's AgeLab. "The view for companies like Waymo is 'we have to be able to show functional safety. Otherwise, we can't protect our decisions in a court of law, where this will all end up long term.'"

"Elon is working mostly on the deep neural net side where a good chunk of it is a black box. Documenting, defending that in court is going to be tough."

Dating back to the 1930s, researchers have discovered that mental illnesses are more common in densely populated cities than in greener and more rural areas, but it wasn't until recently that scientists have started to seriously study the mechanisms through which exposure to various environmental stressors could be wounding our mental health. Popular Science reports: Andreas Meyer-Lindenberg, director of the Central Institute of Mental Health in Mannheim, Germany, and his research partner Matilda van den Bosch, an environmental health researcher at the University of British Columbia in Vancouver, recently reviewed the scientific evidence for these and a number of other physical stressors to find out whether they contribute to depression. The pair searched for studies concerning a wide range of substances and situations that people might run across in everyday life. They discovered that while many of these factors were particularly abundant in cities, they weren't limited to urban environments. For example, air pollution isn't only found within city borders. Another potential danger was pesticides, which farm workers in particular come into contact with.

Still, a key part of improving our collective mental health will be making our cities more livable, says Meyer-Lindenberg. He and van den Bosch published their findings this year in the journal Annual Review of Public Health. More than half the world's population already lives in cities and this number is expected to rise to nearly 70 percent by 2050. In their review, Meyer-Lindenberg and van den Bosch found that some potential threats had been examined more thoroughly than others. For some, including pollen, there wasn't enough information yet to show a convincing link to depression. However, the team did find a number of studies suggesting that heavy metals like lead, pesticides, common chemicals like bisphenol A (BPA), and noise pollution may contribute to depression, although further research is still needed to confirm that this is the case. Even more compelling was the evidence condemning air pollution. In addition to causing respiratory and cardiovascular problems that kill millions of people each year, this particular menace raises our risk for a number of psychiatric problems. Poor air quality has been associated with depression, anxiety, and psychotic experiences such as paranoia and hearing voices. Obviously if you live in a city, these studies don't mean that you will develop depression or anxiety. Rather, they suggest that hazards like air pollution and pesticides will increase a person's overall risk, especially for those who are already vulnerable for other reasons.

"For people in poor communities, though, the impact is likely especially potent; not only does financial stress contribute to depression, but low-income neighborhoods face disproportionately high levels of air and noise pollution and lead exposure," the report adds. It goes on to say that people can fight back by spending more time in nature, which has been shown to calm activity in several brain regions involved in rumination, the tendency to obsess over one's mistakes and troubles that is a common feature of disorders like depression and anxiety.

Facebook revealed last Friday that it has filed a lawsuit alleging South Korean analytics firm Rankwave abused its developer platform's data, and has refused to cooperate with a mandatory compliance audit and request to delete the data. TechCrunch reports: Facebook's lawsuit centers around Rankwave offering to help businesses build a Facebook authorization step into their apps so they can pass all the user data to Rankwave, which then analyzes biographic and behavioral traits to supply user contact info and ad targeting assistance to the business. Rankwave also apparently misused data sucked in by its own consumer app for checking your social media "influencer score." That app could pull data about your Facebook activity such as location checkins, determine that you've checked into a baseball stadium, and then Rankwave could help its clients target you with ads for baseball tickets.

The use of a seemingly fun app to slurp up user data and repurpose it for other business goals is strikingly similar to how Cambridge Analytica's personality quiz app tempted millions of users to provide data about themselves and their friends. TechCrunch has attained a copy of the lawsuit that alleges that Rankwave misused Facebook data outside of the apps where it was collected, purposefully delayed responding to a cease-and-desist order, claimed it didn't violate Facebook policy, lied about not using its apps since 2018 when they were accessed in April 2019, and then refused to comply with a mandatory audit of its data practices. Facebook Platform data is not supposed to be repurposed for other business goals, only for the developer to improve their app's user experience.

The Guardian profiles stay-at-home mom Jessa Jones, who taught herself how to fix her daughter's iPhone with online tutorials, eventually leading to motherboard repair work that she found through eBay.

"After recruiting other stay-at-home moms in her neighborhood and teaching them electronics repair, she launched a small business from her dining room called MommyFixits. 'Suddenly our play dates became moms sitting around the dining table fixing mailed-in iPhones,' she told me." As Jones's expertise grew, she discovered that technology manufacturers used underhanded techniques to discourage independent repair. Phone and tablet parts were glued together, causing components to break when pried apart. Schematics and manuals were copyrighted and kept under trade secret. Apple even used their own proprietary "pentalobe" screws, which cannot be removed with common screwdrivers. Despite these barriers to repair, Jones knew that fixing things independently, instead of taking them back to the manufacturer, was almost always possible and often cheaper. To spread her knowledge, she started a YouTube channel called iPad Rehab, which offered step-by-step repair tutorials for other DIY enthusiasts...

According to Nathan Proctor, director of the Campaign for the Right to Repair at the US Public Interest Research Group, this YouTube community is an integral part of a broader political movement that is attempting to wrest consumer agency from an increasingly consolidated electronics marketplace. Proctor says that while in the past there was a legal balance between protecting manufacturers' intellectual property and empowering consumers to tinker with, modify, and repair their own products, the rise of software in electronics has shifted power to manufacturers. Not only are the products more complex and harder to fix, the line between self-repair and hacking has become nebulous, meaning that manufacturers have been able to use digital copyright law to gain a legal monopoly over repair. This, in turn, has created a broader cultural anxiety around self-repair, a sense that when our devices malfunction, the problem can only be dealt with by so-called experts at a specific company.

According to Proctor, YouTube channels such as Jones's are useful in disrupting this dynamic. "I frequently will talk to people who had something break on their phone and were told that they had to replace it with the manufacturer," he said. "But then they go on YouTube and watch a video and realize that fixing it isn't impossible, that you could learn how to or find someone who can." As a result of this, those at the forefront of the online repair community are sometimes met with hostility from manufacturers. Apple has brought suits against unauthorized repair shops and have had their intellectual property lawyers directly contact some YouTube tinkerers.
"What we're giving up when we lose the right to repair," Jones tells the Guardian, "is this sense of investigation and wonder and tinkering.

"We're made to see our devices as if they are these sacrosanct objects but really, they're just a battery and a screen, something that a stay-at-home mom can learn how to fix in her dining room."

"This will probably be the first fully 'un-Googled' Android-based smartphone to hit the market ever," writes Slashdot reader getupstandup1: The /e/ smartphone will start to ship soon, on high-grade refurbished smartphones. While more and more people are concerned about privacy, it's interesting to see such initiatives, especially considering that it was started by someone who is coming from the Linux distro world.
Gaël Duval started this non-profit project after realizing "he was more and more using proprietary software -- Apple and Android," and "felt trapped inside those Internet giants' ecosystems that use personal data to fuel their business models," according to the /e/ web site.

"We think that /e/ can have a global, worldwide impact as a major open source project in the public interest. It will help by freeing users from personal data spying and advertising. /e/ is about freedom and privacy in the digital world."

They're now asking interested phone-buyers to "register" their interest in one of their high-grade refurbished (Samsung) smartphones "by clicking on the button located underneath your smartphone of choice, and leaving your contact details so we can come back to you when these phones will be available."

A cruise ship with nearly 300 passengers and crew was ordered quarantined in the Caribbean port of St. Lucia after a case of measles was confirmed on board, island health officials said Wednesday. From a report: One female crew member has a confirmed case and St. Lucian authorities said they've been working in close consultation with the Pan American Health Organization (PAHO) and Caribbean Public Health Agency (CARPHA). The ship has been under quarantine since Monday morning, officials said. "Measles in a highly contagious disease. Anyone who is not adequately immunized against measles can contract the disease, if there has been close contact with a confirmed case," according to a statement issued Wednesday by Dr. Merlene Fredericks-James, the island nation's chief medical officer. "It is therefore likely that other persons on the boat may have been exposed." "The ship's doctor has the confirmed case in isolation on the ship," Dr. Fredericks-James added. "The individual is in stable condition." St. Lucian health officials declined to name the ship involved. But St. Lucia Coast Guard Sgt. Victor Theodore told NBC News that the vessel involved is named "Freewinds," which is the name of a 440-foot cruise ship owned and operated by the Church of Scientology

Mike Bouma (Slashdot reader #85,252) tipped us off to "Amiga present and future," an interview with Trevor Dickinson of A-EON Technology, a group funding ongoing hardware and software development for the Amiga community. "Amongst the topics are the still in betatest Mini-ITX and quad-core PPC Amiga motherboards. Trevor regularly writes editorials for the Amiga Future print magazine [English-translated version here] and his company will be attending and is sponsoring the Amiga34 event in Neuss Germany on the 12th and 13th of October 2019."

A-EON now has about 50 part-time developers and beta-testers working on software projects for Classic and Next-Generation AmigaOS, Dickinson reveals: I've been a Commodore and Amiga enthusiast since the late 1970s but only really got involved in the business side of Amiga in 2007 when I provided funding to Michael Battilana of Cloanto to help fast track the development of 'Amiga Forever'. [An Amiga preservation, emulation and support package] The funding allowed Michael to hire Nicola Morocutti, the 'Bitplane' magazine Editor, to embark on a major project to catalogue the tens of thousands of Amiga games and software titles which lead to the development of the one-click 'Retro-Platform' player which made its debut in 'Amiga Forever 2008' and the subsequent development 'C64 Forever' in May 2009. But, if you discount my Hardware donation scheme, it was the 'AmigaOne X1000' project [a PowerPC-based personal computer from A-Eon Technology CVBA intended as a high-end platform for AmigaOS 4] that was my first Amiga next-generation funding...

I've always said as long as Amigans keep supporting A-EON by buying the hardware and software we develop, we will keep developing both for AmigaOS. The motherboards names, 'Nemo', 'Cyrus' and 'Tabor' are characters and place names from the Jules Verne novel, "The Mysterious Islands". There are plenty more names available in that book.
Dickinson also discusses various projects that are attempting to build a portable Amiga laptop -- and his own early efforts to fund hardware donations to encourage Amiga developers to write productivity software, games and applications for AmigaOS 4.0. ("I resorted to buying second hand AmigaOne machines from eBay and other online sources...")

He also describes ongoing efforts to bring Libre Office and better web browsers to the Amiga. "Anyone who has the coding skills and is interested in helping out on such projects should contact me."

Google is banning app developer DO Global and removing their apps from the Google Play Store after it discovered the company was committing ad fraud. "As of today, 46 apps from DO Global, which is partly owned by internet giant Baidu, are gone from the Play store," reports BuzzFeed. "BuzzFeed News also found that DO Global apps no longer offer ad inventory for purchase via Google's AdMob network, suggesting the ban has also been extended to the internet giant's ad products." From the report: Prior to the app removals, DO Global had roughly 100 apps in the Play store with over 600 million installs. Their removal from the Play store marks one of the biggest bans, if not the biggest, Google has ever instituted against an app developer. DO Global was a subsidiary of Baidu until it was spun out last summer; Baidu retains a 34% stake. BuzzFeed News reported last week that at least six apps from DO included code that made them fraudulently click on ads even when a user was not using the app. The apps were also listed in the Play store under the generic developer names "Pic Tools Group" and "Photo Artist Studio," hosted their privacy policies on Tumblr, and did not disclose they were owned by DO. It's a violation of Play store policy to conceal ownership information, and to commit ad fraud. The ad fraud was detected by Check Point security, which responded to a request from BuzzFeed News to examine apps uncovered during its investigation.

Google removed those six apps, and claimed its internal systems had also flagged most of them for removal. Another 40 DO apps disappeared from the Play store this week, including 20 using the Do Global Games developer name, and 14 listed under Applecheer Studio. The apps listed different addresses and contact information in the store, making it difficult for the average user to see they were all owned by the same major developer.

Hundreds of students and faculty at two universities in Los Angeles have been asked to stay home unless they can prove that they've been vaccinated against measles. From a report: The LA campuses of the University of California and California State University imposed the quarantine after they became aware of people infected with measles who had potentially exposed hundreds. At UCLA, a student exposed at least 500 people earlier this month; at Cal State, someone with measles went to a library and encountered hundreds. UCLA was notified by the LA County Department of Public Health that one of its students had contracted measles. After identifying people the infected student might have come in contact with while contagious, the school asked them to provide proof of immunization. On Wednesday, 119 people who couldn't provide proof were quarantined. Of those, dozens were able to prove immunity and were released from quarantine by Thursday afternoon. But 82 were still quarantined, and "a few may need to remain in quarantine for up to seven days," the school said in a statement.

The New York State attorney general's office plans to open an investigation into Facebook's unauthorized collection of more than 1.5 million users' email address books, according to The New York Times, citing two people briefed on the matter. From the report: The inquiry concerns a practice unearthed in April in which Facebook harvested the email contact lists of a portion of new users who signed up for the network after 2016, according to the two people, who spoke on condition of anonymity because the inquiry had not been officially announced. Those lists were then used to improve Facebook's ad-targeting algorithms and other friend connections across the network.

"Facebook has repeatedly demonstrated a lack of respect for consumers' information while at the same time profiting from mining that data," said Letitia James, the attorney general of New York, in a statement. "It is time Facebook is held accountable for how it handles consumers' personal information." The attorney general's investigation will focus on how the practice came about, and whether or not the email contact collection spread to hundreds of millions more people across the social network, according to the two people. Nearly 2.4 billion people use Facebook each month, with 1.56 billion people visiting the site at least once every day.

Reader schwit1 writes: Marking your tires with chalk is trespassing, not law enforcement, the federal appeals panel said in a Michigan case. U.S. Circuit Judge Bernice Bouie Donald wrote that when drivers pull into parking spaces, "the city commences its search on vehicles that are parked legally, without probable cause or even so much as 'individualized suspicion of wrongdoing' -- the touchstone of the reasonableness standard." Moreover, overstaying your welcome at a parking space doesn't cause "injury or ongoing harm to the community," she wrote, meaning the city is wrong to argue that parking enforcement is part of its "community caretaking" responsibility, potentially justifying a search without a warrant. In fact, she wrote, "there has been a trespass in this case because the City made intentional physical contact with Taylor's vehicle." Further reading: A court ruling 'chalking' illegal could make way for more privacy-invasive tech.

A popular hotspot finder app for Android exposed the Wi-Fi network passwords for more than two million networks. From a report: The app, downloaded by thousands of users, allowed anyone to search for Wi-Fi networks in their nearby area. The app allows the user to upload Wi-Fi network passwords from their devices to its database for others to use. That database of more than two million network passwords, however, was left exposed and unprotected, allowing anyone to access and download the contents in bulk. Sanyam Jain, a security researcher and a member of the GDI Foundation, found the database and reported the findings to TechCrunch. We spent more than two weeks trying to contact the developer, believed to be based in China, to no avail. Eventually we contacted the host, DigitalOcean, which took down the database within a day of reaching out. "We notified the user and have taken the [server] hosting the exposed database offline," a spokesperson told TechCrunch.

"A growing cadre of neuroscientists is using sophisticated technology -- and some very complicated math -- to capture what happens in one brain, two brains, or even 12 or 15 at a time when their owners are engaged in eye contact, storytelling, joint attention focused on a topic or object, or any other activity that requires social give and take," reports Scientific American. "Although the field of interactive social neuroscience is in its infancy, the hope remains that identifying the neural underpinnings of real social exchange will change our basic understanding of communication and ultimately improve education or inform treatment of the many psychiatric disorders that involve social impairments." Here's an excerpt from the report: [T]he first study to successfully monitor two brains at the same time took place nearly 20 years ago. Physicist Read Montague, now at Virginia Tech, and his colleagues put two people in separate functional magnetic resonance imaging (fMRI) machines and observed their brain activity as they engaged in a simple competitive game in which one player (the sender) transmitted a signal about whether he or she had just seen the color red or green and the other player (the receiver) had to decide if the sender was telling the truth or lying. Correct guesses resulted in rewards. Montague called the technique hyperscanning, and his work proved it was possible to observe two brains at once.

Initially, Montague's lead was followed mostly by other neuroeconomists rather than social neuroscientists. But the term hyperscanning is now applied to any brain imaging research that involves more than one person. Today the techniques that fit the bill include electroencephalography (EEG), magnetoencephalography and functional near-infrared spectroscopy. Use of these varied techniques, many of them quite new, has broadened the range of possible experiments and made hyperscanning less cumbersome and, as a consequence, much more popular. The report also mentions a study from earlier this year that "used hyperscanning to show that eye contact prepares the social brain to empathize by activating the same areas of each person's brain simultaneously: the cerebellum, which helps predict the sensory consequences of actions, and the limbic mirror system, a set of brain areas that become active both when we move any part of the body (including the eyes) and when we observe someone else's movements."

Jackson Cosko, a former employee of Senator Maggie Hassan, has "admitted to breaking into Hassan's office after being fired, stealing data that included personal contact information, then posting that information online during Supreme Court Justice Brett Kavanaugh's confirmation hearing," reports The Verge. The report says Cosko added several senators' private phone numbers and addresses to Wikipedia. He has pleaded guilty to computer fraud, witness tampering, obstruction of justice, and making restricted personal information public. From the report: Cosko worked as a computer system administrator for Hassan, but he was fired in May of 2018. According to a plea agreement, he retaliated by using another employee's key to break into his old workplace at least four times, installing keyloggers on computers and using stolen login credentials to download gigabytes of data. While watching the Supreme Court confirmation hearing in September, Cosko "became angry" at Republican senators questioning Kavanaugh -- so he posted contact information for Senators Lindsey Graham, Mike Lee, and Orrin Hatch on Wikipedia. Cosko was interning for US Representative Sheila Jackson Lee at the time, and his changes were flagged by a bot that detects Wikipedia edits from congressional computers. The bot inadvertently helped spread the senators' information across Twitter, a process that prosecutors say Cosko aided by tweeting about his leaks.

Cosko struck again a few days later, posting information about Senate Majority Leader Mitch McConnell and Senator Rand Paul -- who had called for an investigation -- on Wikipedia. He added comments calling himself a "golden god" who had a legal right to post the information, asking readers to "send us bitcoins." When a witness spotted him in Hassan's office the next day, Cosko responded with a threatening email titled "I own EVERYTHING." Cosko claimed he would release private emails, encrypted messages, and the health data and social security numbers for senators' children. "If you tell anyone I will leak it all," he wrote. Cosko was arrested soon after. Attorneys say Cosko could serve up to 57 months in prison, and he's required to give up all the equipment used in the crimes.

An anonymous reader quotes a report from Ars Technica: Google is releasing the second Android Q Beta today. As we learned with the first release, Android Q is bringing support for foldable smartphones, better privacy and permissions controls, and a grab bag of other features. We've yet to install the second beta on one of our own devices, but Google's release blog post promises "bug fixes, optimizations, and API updates," as well as a crazy new multitasking feature and an emulator for foldables. Android loves multitasking. So far we've had split screens and floating windows, and Android Q Beta 1 even had a hidden desktop mode. Beta 2 brings us a new multitasking feature called "Bubbles." Bubbles let you minimize an app into a little circle, which floats around on the screen above all your other apps. Tapping on a bubble will open a small UI. The only demo Google shows is one for a messaging app. Each bubble is a contact, and tapping on the bubble shows a small chat UI. If you remember Facebook's "Chat Head" UI for Messenger, Bubbles is that, but built into the OS. "Bubbles are great for messaging because they let users keep important conversations within easy reach," Google said in their blog post. "They also provide a convenient view over ongoing tasks and updates, like phone calls or arrival times. They can provide quick access to portable UI, like notes or translations, and can be visual reminders of tasks too."

"From now on our communities will merge to became one single point of contact for OS/2 users and people investigating the truth about our planet earth," OS2World announced today.

OS2World's news master martiniturbide, also a Slashdot reader, writes: The OS/2 community expects that this action will benefit the platform by getting the funds to finally create an open source clone of OS/2. OS2World asks every OS/2 user to start believing that the earth is flat to get the "big bucks" that will finally turn the operating system into a Windows 10, Ubuntu, MacOS X and Android competitor in the final OS Wars of all ages.