An anonymous reader quotes a report from the New York Times: Since online genealogy services began operating, millions of people have sent them saliva samples in hopes of learning about their family roots and discovering far-flung relatives. These services also appeal to law enforcement authorities, who have used them to solve cold case murders and to investigate crimes like the 2022 killing of four University of Idaho students. Crime-scene DNA submitted to genealogy sites has helped investigators identify suspects and human remains by first identifying relatives.

The use of public records and family-tree building is crucial to this technique, and its main tool has been the genealogy site Ancestry, which has vast amounts of individual DNA profiles and public records. More than 1,400 cases have been solved with the help of so-called genetic genealogy investigations, most of them with help from Ancestry. But a recent step taken by the site is now deterring many police agencies from employing this crime-solving technique.

In August, Ancestry revised the terms and conditions on its site to make it clear that its services were off-limits "for law enforcement purposes" without a legal order or warrant, which can be hard to get, because of privacy concerns. This followed the addition last year to the terms and conditions that the services could not be used for "judicial proceedings." Investigators say the implications are dire and will result in crucial criminal cases slowing or stalling entirely, denying answers to grieving families. "Everyone who does this work has depended on the records database that Ancestry controls," said David Gurney, who runs Ramapo College's Investigative Genetic Genealogy Center in New Jersey. "Without it, casework is going to be a lot slower, and there will be some cases that can't be resolved at all."

An anonymous reader quotes a report from Reuters: Meta's proposal to use less personal data for targeted advertising in its pay-or-consent model that will be rolled out next month won the approval of EU antitrust regulators on Monday, signaling the company will not face daily fines after all. [...] The U.S. tech giant has been locked in discussions with the European Commission after getting hit with a $233 million fine in April for breaching the Digital Markets Act aimed at reining in the power of Big Tech. The violation covered Facebook and Instagram in the period from November 2023 to November 2024, after which Meta tweaked its pay-or-consent model to use less personal data for targeted advertising.

The EU executive has been examining the changes to see if they comply with the DMA, with Meta risking daily fines of as much as 5% of its average daily worldwide turnover if found to be still in breach of the law. The tweaks are in wording, design and transparency to remind users of the two options. Meta did not plan on any substantial changes to its November proposal despite the risk of EU fines, people with direct knowledge of the matter had told Reuters. The Commission, which acts as the EU competition enforcer, acknowledged Meta's November proposal, saying that it will monitor the new ad model and seek feedback, with no more talk of periodic fines. "Meta will give users the effective choice between consenting to share all their data and seeing fully personalized advertising, and opting to share less personal data for an experience with more limited personalized advertising," the Commission said in a statement.

Jolla is "trying again with a new crowd-funded smartphone," reports Phoronix: Finnish company Jolla started out 14 years ago where Nokia left off with MeeGo and developed Sailfish OS as a new Linux smartphone platform. Jolla released their first smartphone in 2013 after crowdfunding but ultimately the Sailfish OS focus the past number of years now has been offering their software stack for use on other smartphone devices [including some Sony Xperia smartphones and OnePlus/Samsung/ Google/ Xiaomi devices].
This new Jolla Phone's pre-order voucher page says the phone will only produced if 2,000 units are ordered before January 4. (But in just a few days they've already received 1,721 pre-orders — all discounted to 499€ from a normal price between 599 and 699 €). Estimate delivery is the first half of 2026. "The new Jolla Phone is powered by a high-performing Mediatek 5G SoC," reports 9to5Linux, "and features 12GB RAM, 256GB storage that can be expanded to up to 2TB with a microSDXC card, a 6.36-inch FullHD AMOLED display with ~390ppi, 20:9 aspect ratio, and Gorilla Glass, and a user-replaceable 5,500mAh battery." The Linux phone also features 4G/5G support with dual nano-SIM and a global roaming modem configuration, Wi-Fi 6 wireless, Bluetooth 5.4, NFC, 50MP Wide and 13MP Ultrawide main cameras, front front-facing wide-lens selfie camera, fingerprint reader on the power key, a user-changeable back cover, and an RGB indication LED. On top of that, the new Jolla Phone promises a user-configurable physical Privacy Switch that lets you turn off the microphone, Bluetooth, Android apps, or whatever you wish.

The device will be available in three colors, including Snow White, Kaamos Black, and The Orange. All the specs of the new Jolla Phone were voted on by Sailfish OS community members over the past few months. Honouring the original Jolla Phone form factor and design, the new model ships with Sailfish OS (with support for Android apps), a Linux-based European alternative to dominating mobile operating systems that promises a minimum of 5 years of support, no tracking, no calling home, and no hidden analytics...

The device will be manufactured and sold in Europe, but Jolla says that it will design the cellular band configuration to enable global travelling as much as possible, including e.g. roaming in the U.S. carrier networks. The initial sales markets are the EU, the UK, Switzerland, and Norway.

"Woman Hailed as Hero for Smashing Man's Meta Smart Glasses on Subway," reads the headline at Futurism: As Daily Dot reports, a New York subway rider has accused a woman of breaking his Meta smart glasses. "She just broke my Meta glasses," said the TikTok user, who goes by eth8n, in a video that has since garnered millions of views.

"You're going to be famous on the internet!" he shouted at her through the window after getting off the train. The accused woman, however, peered back at him completely unfazed, as if to say that he had it coming.

"I was making a funny noise people were honestly crying laughing at," he claimed in the caption of a followup video. "She was the only person annoyed..." But instead of coming to his support, the internet wholeheartedly rallied behind the alleged perpetrator, celebrating the woman as a folk hero — and perfectly highlighting how the public feels about gadgets like Meta's smart glasses.

"Good, people are tired of being filmed by strangers," one user commented.

"The fact that no one else on the train is defending him is telling," another wrote...

Others accused the man of fabricating details of the incident. "'People were crying laughing' — I've never heard a less plausible NYC subway story," one user wrote.
In a comment on TikTok, the man acknowledges he'd filmed her on the subway — it looks like he even zoomed in. The man says then her other options were "asking nicely to not post it or blur my face".

He also warns that she could get arrested for breaking his glasses if he "felt like it". (And if he sees her again.) "I filed a claim with the police and it's a misdemeanor charge." A subsequent video's captions describe him unboxing new Meta smartglasses "and I'm about to do my thing again... no crazy lady can stop me now."

I'm imagining being mugged — and then telling the mugger "You're going to be internet famous!" But maybe that just shows how easy it is to weaponize smartglasses and their potential for vast public exposure.

India is weighing a proposal to mandate always-on satellite tracking in smartphones for precise government surveillance -- an idea strongly opposed by Apple, Google, Samsung, and industry groups. Reuters reports: For years, the [Prime Minister Narendra Modi's] administration has been concerned its agencies do not get precise locations when legal requests are made to telecom firms during investigations. Under the current system, the firms are limited to using cellular tower data that can only provide an estimated area location, which can be off by several meters.

The Cellular Operators Association of India (COAI), which represents Reliance's Jio and Bharti Airtel, has proposed that precise user locations should only be provided if the government orders smartphone makers to activate A-GPS technology -- which uses satellite signals and cellular data -- according to a June internal federal IT ministry email. That would require location services to always be activated in smartphones with no option for users to disable them. Apple, Samsung, and Alphabet's Google have told New Delhi that should not be mandated, said three of the sources who have direct knowledge of the deliberations.

A measure to track device-level location has no precedent anywhere else in the world, lobbying group India Cellular & Electronics Association (ICEA), which represents both Apple and Google, wrote in a confidential July letter to the government, which was viewed by Reuters. "The A-GPS network service ... (is) not deployed or supported for location surveillance," said the letter, which added that the measure "would be a regulatory overreach." Earlier this week, Modi's government was forced to rescind an order requiring smartphone makers to preload a state-run cyber safety app on all devices after public backlash and privacy concerns.

An anonymous reader quotes a report from the New York Times: A few years ago, Paul Wieland, a 44-year-old information technology professional living in New York's Adirondack Mountains, was wrapping up a home renovation when he ran into a hiccup. He wanted to be able to control his new garage door with his smartphone. But the options available, including a product called MyQ, required connecting to a company's internet servers. He believed a "smart" garage door should operate only over a local Wi-Fi network to protect a home's privacy, so he started building his own system to plug into his garage door. By 2022, he had developed a prototype, which he named RATGDO, for Rage Against the Garage Door Opener. He had hoped to sell 100 of his new gadgets just to recoup expenses, but he ended up selling tens of thousands. That's because MyQ's maker did what a number of other consumer device manufacturers have done over the last few years, much to the frustration of their customers: It changed the device, making it both less useful and more expensive to operate.

Chamberlain Group, a company that makes garage door openers, had created the MyQ hubs so that virtually any garage door opener could be controlled with home automation software from Apple, Google, Nest and others. Chamberlain also offered a free MyQ smartphone app. Two years ago, Chamberlain started shutting down support for most third-party access to its MyQ servers. The company said it was trying to improve the reliability of its products. But this effectively broke connections that people had set up to work with Apple's Home app or Google's Home app, among others. Chamberlain also started working with partners that charge subscriptions for their services, though a basic app to control garage doors was still free.

While Mr. Wieland said RATGDO sales spiked after Chamberlain made those changes, he believes the popularity of his device is about more than just opening and closing a garage. It stems from widespread frustration with companies that sell internet-connected hardware that they eventually change or use to nickel-and-dime customers with subscription fees. "You should own the hardware, and there is a line there that a lot of companies are experimenting with," Mr. Wieland said in a recent interview. "I'm really afraid for the future that consumers are going to swallow this and that's going to become the norm." [...] For Mr. Wieland, the fight isn't over. He started a company named RATCLOUD, for Rage Against the Cloud. He said he was developing similar products that were not yet for sale.

Ancient Slashdot user Alain Williams shares a report from Al Jazeera: The Irish Council for Civil Liberties (ICCL) has announced it filed a complaint against Microsoft, accusing the global tech giant of unlawfully processing data on behalf of the Israeli military and facilitating the killings of Palestinian civilians in Gaza. In the complaint, the council asked the Data Protection Commission -- the European Union's lead data regulator for the company -- to "urgently investigate" Microsoft Ireland's processing.

"Microsoft's technology has put millions of Palestinians in danger. These are not abstract data-protection failures -- they are violations that have enabled real-world violence," Joe O'Brien, ICCL's executive director, said in a statement. "When EU infrastructure is used to enable surveillance and targeting, the Irish Data Protection Commission must step in -- and it must use its full powers to hold Microsoft to account."

After months of complaints from rights groups and Microsoft whistleblowers, the company said in September it cancelled some services to the Israeli military over concerns that it was violating Microsoft's terms of service by using cloud computing software to spy on millions of Palestinians.

joshuark shares a report from BleepingComputer: Microsoft has silently "mitigated" a high-severity Windows LNK vulnerability exploited by multiple state-backed and cybercrime hacking groups in zero-day attacks. Tracked as CVE-2025-9491, this security flaw allows attackers to hide malicious commands within Windows LNK files, which can be used to deploy malware and gain persistence on compromised devices. However, the attacks require user interaction to succeed, as they involve tricking potential victims into opening malicious Windows Shell Link (.lnk) files. Thus some element of social engineering, and user technically naive and gullibility such as thinking Windows is secure is required. [...]

As Trend Micro threat analysts discovered in March 2025, the CVE-2025-9491 was already being widely exploited by 11 state-sponsored groups and cybercrime gangs, including Evil Corp, Bitter, APT37, APT43 (also known as Kimsuky), Mustang Panda, SideWinder, RedHotel, Konni, and others. Microsoft told BleepingComputer in March that it would "consider addressing" this zero-day flaw, even though it didn't "meet the bar for immediate servicing." ACROS Security CEO and 0patch co-founder Mitja Kolsek found, Microsoft has silently changed LNK files in the November updates in an apparent effort to mitigate the CVE-2025-9491 flaw. After installing last month's updates, users can now see all characters in the Target field when opening the Properties of LNK files, not just the first 260. As the movie the Ninth Gate stated: "silentium est aurum"

An anonymous reader quotes a report from the Guardian: Almost three in 10 GPs in the UK are using AI tools such as ChatGPT in consultations with patients, even though it could lead to them making mistakes and being sued, a study reveals. The rapid adoption of AI to ease workloads is happening alongside a "wild west" lack of regulation of the technology, which is leaving GPs unaware which tools are safe to use. That is the conclusion of research by the Nuffield Trust thinktank, based on a survey of 2,108 family doctors by the Royal College of GPs about AI and on focus groups of GPs.

Ministers hope that AI can help reduce the delays patients face in seeing a GP. The study found that more and more GPs were using AI to produce summaries of appointments with patients, assisting their diagnosis of the patient's condition and routine administrative tasks. In all, 598 (28%) of the 2,108 survey respondents said they were already using AI. More male (33%) than female (25%) GPs have used it and far more use it in well-off than in poorer areas.

It is moving quickly into more widespread use. However, large majorities of GPs, whether they use it or not, worry that practices that adopt it could face "professional liability and medico-legal issues," and "risks of clinical errors" and problems of "patient privacy and data security" as a result, the Nuffield Trust's report says. [...] In a blow to ministerial hopes, the survey also found that GPs use the time it saves them to recover from the stresses of their busy days rather than to see more patients. "While policymakers hope that this saved time will be used to offer more appointments, GPs reported using it primarily for self-care and rest, including reducing overtime working hours to prevent burnout," the report adds.

An anonymous reader quotes a report from TechCrunch: Earlier this year, home goods maker Kohler launched a smart camera called the Dekoda that attaches to your toilet bowl, takes pictures of it, and analyzes the images to advise you on your gut health. Anticipating privacy fears, Kohler said on its website that the Dekoda's sensors only see down into the toilet, and claimed that all data is secured with "end-to-end encryption." The company's use of the expression "end-to-end encryption" is, however, wrong, as security researcher Simon Fondrie-Teitler pointed out in a blog post on Tuesday. By reading Kohler's privacy policy, it's clear that the company is referring to the type of encryption that secures data as it travels over the internet, known as TLS encryption -- the same that powers HTTPS websites. [...] The security researcher also pointed out that given Kohler can access customers' data on its servers, it's possible Kohler is using customers' bowl pictures to train AI. Citing another response from the company representative, the researcher was told that Kohler's "algorithms are trained on de-identified data only." A "privacy contact" from Kohler said that user data is "encrypted at rest, when it's stored on the user's mobile phone, toilet attachment, and on our systems." The company also said that, "data in transit is also encrypted end-to-end, as it travels between the user's devices and our systems, where it is decrypted and processed to provide our service."

A federal judge has ordered OpenAI to hand over 20 million anonymized ChatGPT logs in its copyright battle with the New York Times and other outlets. Reuters reports: U.S. Magistrate Judge Ona Wang in a decision made public on Wednesday said that the 20 million logs were relevant to the outlets' claims and that handing them over would not risk violating users' privacy. The judge rejected OpenAI's privacy-related objections to an earlier order requiring the artificial intelligence startup to submit the records as evidence. "There are multiple layers of protection in this case precisely because of the highly sensitive and private nature of much of the discovery," Wang said.

An OpenAI spokesperson on Wednesday cited an earlier blog post from the company's Chief Information Security Officer Dane Stuckey, which said the Times' demand for the chat logs "disregards long-standing privacy protections" and "breaks with common-sense security practices." OpenAI has separately appealed Wang's order to the case's presiding judge, U.S. District Judge Sidney Stein.

A group of newspapers owned by Alden Global Capital's MediaNews Group is also involved in the lawsuit. MediaNews Group executive editor Frank Pine said in a statement on Wednesday that OpenAI's leadership was "hallucinating when they thought they could get away with withholding evidence about how their business model relies on stealing from hardworking journalists."

India has withdrawn its order requiring Apple and other smartphone makers to preinstall the government's Sanchar Saathi app after public backlash and privacy concerns. AppleInsider reports: On November 28, the India Ministry of Communication issued a secret directive to Apple and other smartphone manufacturers, requiring the preinstallation of a government-backed app. Less than a week later, the order has been rescinded. The withdrawal on Wednesday means Apple doesn't have to preload the Sanchar Saathi app onto iPhones sold in the country, in a way that couldn't be "disabled or restricted." [...]

In pulling back from the demand, the government insisted that the app had an "increasing acceptance" among citizens. There was a tenfold spike of new user registrations on Tuesday alone, with over 600,000 new users made aware of the app from the public debacle. India Minister of Communications Jyotiraditya Scindia took a moment to insist that concerns the app could be used for increased surveillance were unfounded. "Snooping is neither possible nor will it happen" with the app, Scindia claimed.

"This is a welcome development, but we are still awaiting the full text of the legal order that should accompany this announcement, including any revised directions under the Cyber Security Rules, 2024," said the Internet Freedom Foundation. It is treating the news with "cautious optimism, not closure," until formalities conclude. However, while promising, the backdown doesn't stop India from retrying something similar or another tactic in the future.

Apple does not plan to comply with India's mandate to preload its smartphones with a state-owned cyber safety app that cannot be disabled. According to Reuters, the order "sparked surveillance concerns and a political uproar" after it was revealed on Monday. From the report: In the wake of the criticism, India's telecom minister Jyotiraditya M. Scindia on Tuesday said the app was a "voluntary and democratic system," adding that users can choose to activate it and can "easily delete it from their phone at any time." At present, the app can be deleted by users. Scindia did not comment on or clarify the November 28 confidential directive that ordered smartphone makers to start preloading it and ensure "its functionalities are not disabled or restricted."

Apple however does not plan to comply with the directive and will tell the government it does not follow such mandates anywhere in the world as they raise a host of privacy and security issues for the company's iOS ecosystem, said two of the industry sources who are familiar with Apple's concerns. They declined to be named publicly as the company's strategy is private. "Its not only like taking a sledgehammer, this is like a double-barrel gun," said the first source.

An anonymous reader quotes a report from 404 Media: Flock, the automatic license plate reader and AI-powered camera company, uses overseas workers from Upwork to train its machine learning algorithms, with training material telling workers how to review and categorize footage including images people and vehicles in the United States, according to material reviewed by 404 Media that was accidentally exposed by the company. The findings bring up questions about who exactly has access to footage collected by Flock surveillance cameras and where people reviewing the footage may be based. Flock has become a pervasive technology in the US, with its cameras present in thousands of communities that cops use every day to investigate things like carjackings. Local police have also performed numerous lookups for ICE in the system.

Companies that use AI or machine learning regularly turn to overseas workers to train their algorithms, often because the labor is cheaper than hiring domestically. But the nature of Flock's business -- creating a surveillance system that constantly monitors US residents' movements -- means that footage might be more sensitive than other AI training jobs. [...] Broadly, Flock uses AI or machine learning to automatically detect license plates, vehicles, and people, including what clothes they are wearing, from camera footage. A Flock patent also mentions cameras detecting "race." It included figures on "annotations completed" and "annotator tasks remaining in queue," with annotations being the notes workers add to reviewed footage to help train AI algorithms. Tasks include categorizing vehicle makes, colors, and types, transcribing license plates, and "audio tasks." Flock recently started advertising a feature that will detect "screaming." The panel showed workers sometimes completed thousands upon thousands of annotations over two day periods. The exposed panel included a list of people tasked with annotating Flock's footage. Taking those names, 404 Media found some were located in the Philippines, according to their LinkedIn and other online profiles.

Many of these people were employed through Upwork, according to the exposed material. Upwork is a gig and freelance work platform where companies can hire designers and writers or pay for "AI services," according to Upwork's website. The tipsters also pointed to several publicly available Flock presentations which explained in more detail how workers were to categorize the footage. It is not clear what specific camera footage Flock's AI workers are reviewing. But screenshots included in the worker guides show numerous images from vehicles with US plates, including in New York, Michigan, Florida, New Jersey, and California. Other images include road signs clearly showing the footage is taken from inside the US, and one image contains an advertisement for a specific law firm in Atlanta.

An anonymous reader quotes a report from TechCrunch: South Korean e-commerce platform Coupang over the weekend said nearly 34 million Korean customers' personal information had been leaked in a data breach that had been ongoing for more than five months. The company said it first detected the unauthorized exposure of 4,500 user accounts on November 18, but a subsequent investigation revealed that the breach had actually compromised about 33.7 million customer accounts in South Korea. The breach affected customers' names, email addresses, phone numbers, shipping addresses, and certain order histories, per Coupang. More sensitive data like payment information, credit card numbers, and login credentials was not compromised and remains secure, the company said. [...] Police have reportedly identified at least one suspect, a former Chinese Coupang employee now abroad, after launching an investigation following a November 18 complaint.

An anonymous reader quotes a report from PCMag: Four new features are coming to Google Maps, including a way to hide your identity in reviews. Maps will soon let you use a nickname and select an alternative profile picture for online reviews, so you can rate a business without linking it to full name and Google profile photo. Google says it will monitor for "suspicious and fake reviews," and every review is still associated with an account on Google's backend, which it believes will discourage bad actors.

Look for a new option under Your Profile that says Use a custom name & picture for posting. You'll then be able to pick an illustration to represent you and add a nickname. Google didn't explain why it is introducing anonymous reviews; it pitched the idea as a way to be a business's "Secret Santa." Some users are nervous to publicly post reviews for local businesses as it may be used to track their location or movements. It may encourage more people to contribute honest feedback to its platform, for better or worse. Further reading: Gemini AI To Transform Google Maps Into a More Conversational Experience

Poland has launched a new antitrust investigation into Apple's App Tracking Transparency rules, questioning whether Apple misled users about privacy while giving its own apps a competitive advantage over third-party developers. AppleInsider reports: On November 25, Poland's UOKiK has started another investigation into App Tracking Transparency, and whether Apple had restricted competition in mobile advertising. Reuters reports that, to the anti-monopoly regulator, ATT may have limited advertisers' ability to collect user data for advertising purposes while simultaneously favoring Apple's ad program. On November 25, Poland's UOKiK has started another investigation into App Tracking Transparency, and whether Apple had restricted competition in mobile advertising. Reuters reports that, to the anti-monopoly regulator, ATT may have limited advertisers' ability to collect user data for advertising purposes while simultaneously favoring Apple's ad program.

This is not the first time that Poland has looked into ATT rules. In December 2021, the regulator held a similar probe following criticism from advertisers. It's not clear what that complaint determined, or if it is still ongoing. Regardless, in the new complaint, the logic is that Apple had a competitive advantage since its own apps were not subject to ATT rules, but third-party apps did have to deal with ATT. Since Apple didn't visibly ask for consent for its first-party apps in the same way, there is a presumption that Apple's rules only applied to other companies.

This is despite Apple's repeated insistence that it doesn't use the same kinds of collected data in its own apps and services for marketing purposes, as well as its stance on privacy in general. In short, Apple apps don't use the data, so it doesn't pop up a dialog box asking the user if the app can use the data. There is also the argument that, in setting up an account with Apple, users are providing blanket consent to the company. Implementing ATT on its own apps would therefore be a waste of time, since that consent was already granted. Apple said that it will work with the regulator on the matter, but warned that it could force them to withdraw the feature "to the detriment of European consumers."

An anonymous reader shares a report: CISA has warned that state-backed snoops and cyber-mercenaries are actively abusing commercial spyware to break into Signal and WhatsApp accounts, hijack devices, and quietly rummage through the phones of what the agency calls "high-value" users.

In an alert published Monday, the US government's cyber agency said it's tracking multiple miscreants that are using a mix of phishing, bogus QR codes, malicious app impersonation, and, in some cases, full-blown zero-click exploits to compromise messaging apps which most people assume are safe.

The agency says the activity it's seeing suggests an increasing focus on "high-value" individuals -- everyone from current and former senior government, military, and political officials to civil society groups across the US, the Middle East, and Europe. In many of the campaigns, attackers delivered spyware first and asked questions later, using the foothold to deploy more payloads and deepen their access.

An anonymous reader quotes a report from Ars Technica: Some members of the maker community are distraught about Arduino's new terms of service (ToS), saying that the added rules put the company's open source DNA at risk. Arduino updated its ToS and privacy policy this month, which is about a month after Qualcomm announced that it's acquiring the open source hardware and software company. Among the most controversial changes is this addition: "User shall not: translate, decompile or reverse-engineer the Platform, or engage in any other activity designed to identify the algorithms and logic of the Platform's operation, unless expressly allowed by Arduino or by applicable license agreements ..."

In response to concerns from some members of the maker community, including from open source hardware distributor and manufacturer Adafruit, Arduino posted a blog on Friday. Regarding the new reverse-engineering rule, Arduino's blog said: "Any hardware, software or services (e.g. Arduino IDE, hardware schematics, tooling and libraries) released with Open Source licenses remain available as before. Restrictions on reverse-engineering apply specifically to our Software-as-a-Service cloud applications. Anything that was open, stays open."

But Adafruit founder and engineer Limor Fried and Adafruit managing editor Phillip Torrone are not convinced. They told Ars Technica that Arduino's blog leaves many questions unanswered and said that they've sent these questions to Arduino without response. "Why is reverse-engineering prohibited at all for a company built on openly hackable systems?" Fried and Torrone asked in a shared statement. There are also concerns about the ToS' broad new AI-monitoring powers, which offer little clarity on what data is collected, who can access it, or how long it's retained. On top of that, the update introduces an unusual patent clause that bars users from using the platform to identify potential infringement by Arduino or its partners, along with sweeping, perpetual rights over user-generated content. This could allow Arduino, and potentially Qualcomm, to republish, modify, monetize, or redistribute user uploads indefinitely.

An anonymous reader shares a report: Google is pushing back on viral social media posts and articles like this one by Malwarebytes, claiming Google has changed its policy to use your Gmail messages and attachments to train AI models, and the only way to opt out is by disabling "smart features" like spell checking.

But Google spokesperson Jenny Thomson tells The Verge that "these reports are misleading -- we have not changed anyone's settings, Gmail Smart Features have existed for many years, and we do not use your Gmail content for training our Gemini AI model."