schwit1 shares an excerpt from a Motherboard article: Some renters may savor the convenience of "smart home" technologies like keyless entry and internet-connected doorbell cameras. But tech companies are increasingly selling these solutions to landlords for a more nefarious purpose: spying on tenants in order to evict them or raise their rent. "You CAN raise rents in NYC!" reads the headline of one promotional email sent to landlords. It was a sales pitch from Teman, a tech company that makes surveillance systems for apartment buildings. Teman's sales pitch proposes a solution to a frustration for many New York City landlords, who have tenants living in older apartments that are protected by a myriad of rent control and stabilization laws. The company's email suggests a workaround: "3 Simple Steps to Re-Regulate a Unit." First, use one of Teman's automated products to catch a tenant breaking a law or violating their lease, such as by having unapproved subletters or loud parties. Then, "vacate" them and merge their former apartment with one next door or above or below, creating a "new" unit that's not eligible for rent protections. "Combine a $950/mo studio and $1400/mo one-bedroom into a $4200/mo DEREGULATED two-bedroom," the email enticed. Teman's surveillance systems can even "help you identify which units are most-likely open to moving out (or being evicted!)." [...]

Erin McElroy, a professor of American Studies at the University of Texas at Austin who tracks eviction trends, also says that digital surveillance of residential buildings is increasing, particularly in New York City, which she calls the "landlord tech epicenter." Any camera system can document possibly eviction-worthy behavior, but McElroy identified two companies, Teman and Reliant Safety, that use the biometrics of tenants with the explicit goal of facilitating evictions. These companies are part of an expanding industry known as "proptech," encompassing all the technology used for acquiring and managing real estate. A report by Future Market Insights predicts that proptech will quadruple its current value, becoming a $86.5 billion industry by 2023. It is also sprouting start-ups to ease all aspects of the business -- including the unsavory ones. [...]

Reliant Safety, which claims to watch over 20,000 apartment units nationwide, has a less colorful corporate pedigree. It is owned by the Omni Organization, a private developer founded in 2004 that "acquires, rehabilitates, builds and manages quality affordable housing throughout the United States," according to its website. The company claims it has acquired and managed more than 17,000 affordable housing units. Many of the properties it lists are in New York City. Omni's website features spotless apartment complexes under blue skies and boasts about sponsorship of after-school programs, food giveaways, and homeless transition programs. Reliant's website features videos that depict various violations detected by its surveillance cameras. The website has a page of "Lease Violations" it says its system has detected, which include things such as "pet urination in hallway," "hallway fistfight," "improper mattress disposal," "tenant slips in hallway," as well as several alleged assaults, videos of fistfights in hallways, drug sales at doorways and break-ins through smashed windows. Almost all of them show Black or brown people and almost all are labeled as being from The Bronx -- where, in 2016, Omni opened a 140-unit affordable housing building at 655 Morris Avenue that boasted about "state-of-the-art facial recognition building access" running on ubiquitous cameras in common areas. Reliant presents these as "case studies" and lists outcomes that include arrest and eviction. Part of its package of services is "illegal sublet detection" using biometrics submitted by tenants to suss out anyone not authorized to be there. While Reliant claims its products are rooting out illegal and dangerous activity, the use of surveillance and biometrics to further extend policing into minority communities are a major cause for concern to privacy advocates.

Perhaps the biggest reason TVs have gotten so much cheaper than other products is that your TV is watching you and profiting off the data it collects. From a report: Modern TVs, with very few exceptions, are "smart," which means they come with software for streaming online content from Netflix, YouTube, and other services. Perhaps the most common media platform, Roku, now comes built into TVs made by companies including TCL, HiSense, Philips, and RCA. But there are many more operating systems: Google has Google TV, which is used by Sony, among other manufacturers, and LG and Samsung offer their own.

Smart TVs are just like search engines, social networks, and email providers that give us a free service in exchange for monitoring us and then selling that info to advertisers leveraging our data. These devices "are collecting information about what you're watching, how long you're watching it, and where you watch it," Willcox said, "then selling that data -- which is a revenue stream that didn't exist a couple of years ago." There's nothing particularly secretive about this -- data-tracking companies such as Inscape and Samba proudly brag right on their websites about the TV manufacturers they partner with and the data they amass.

The companies that manufacture televisions call this "post-purchase monetization," and it means they can sell TVs close to at cost and still make money over the long term by sharing viewing data. In addition to selling your viewing information to advertisers, smart TVs also show ads in the interface. Roku, for example, prominently features a given TV show or streaming service on the right-hand side of its home screen -- that's a paid advertisement. Roku also has its own ad-supported channel, the Roku Channel, and gets a cut of the video ads shown on other channels on Roku devices.

Sports betting company DraftKings revealed last week that more than 67,000 customers had their personal information exposed following a credential attack in November. BleepingComputer reports: In credential stuffing attacks, automated tools are used to make a massive number of attempts to sign into accounts using credentials (user/password pairs) stolen from other online services. [...] In a data breach notification filed with the Main Attorney General's office, DraftKings disclosed that the data of 67,995 people was exposed in last month's incident. The company said the attackers obtained the credentials needed to log into the customers' accounts from a non-DraftKings source.

"In the event an account was accessed, among other things, the attacker could have viewed the account holder's name, address, phone number, email address, last four digits of payment card, profile photo, information about prior transactions, account balance, and last date of password change," the breach notification reads. "At this time, there is currently no evidence that the attackers accessed your Social Security number, driver's license number or financial account number. While bad actors may have viewed the last four digits of your payment card, your full payment card number, expiration date, and your CVV are not stored in your account."

After detecting the attack, DraftKings reset the affected accounts' passwords and said it implemented additional fraud alerts. It also restored the funds withdrawn as a result of the credential attack, refunding up to $300,000 identified as stolen during the incident, as DraftKings President and Cofounder Paul Liberman said in November. The common denominator for user accounts that got hijacked seems to be an initial $5 deposit followed by a password change, enabling two-factor authentication (2FA) on a different phone number and then withdrawing as much as possible from the victims' linked bank accounts. While DraftKings has not shared additional info on how the attackers stole funds, BleepingComputer has since learned that the attack was conducted by a threat actor selling stolen accounts with deposit balances on an online marketplace for $10 to $35. The sales included instructions on how the buyers could make $5 deposits and withdraw all of the money from hijacked DraftKings user accounts. "After DraftKings announced the credential stuffing attack, they locked down the breached accounts, with the threat actors warning that their campaign was no longer working," adds the report.

"The company is now advising customers never to use the same password for multiple online services, never share their credentials with third-party platforms, turn on 2FA on their accounts immediately, and remove banking details or unlink their bank accounts to block future fraudulent withdrawal requests."

An anonymous reader quotes a report from TechCrunch: The Cuba ransomware gang extorted more than $60 million in ransom payments from victims between December 2021 and August 2022, a joint advisory from CISA and the FBI has warned. The latest advisory is a follow-up to a flash alert (PDF) released by the FBI in December 2021, which revealed that the gang had earned close to $44 million in ransom payments after attacks on more than 49 entities in five critical infrastructure sectors in the United States. Since, the Cuba ransomware gang has brought in an additional $60 million from attacks against 100 organizations globally, almost half of the $145 million it demanded in ransom payments from these victims. "Since the release of the December 2021 FBI Flash, the number of U.S. entities compromised by Cuba ransomware has doubled, with ransoms demanded and paid on the increase," the two federal agencies said on Thursday.

Cuba ransomware actors, which have been active since 2019, continue to target U.S. entities in critical infrastructure, including financial services, government facilities, healthcare and public health, critical manufacturing and information technology. [...] FBI and CISA added that the ransomware gang has modified its tactics, techniques and procedures since the start of the year and has been linked to the RomCom malware, a custom remote access trojan for command and control, and the Industrial Spy ransomware. The advisory notes that the group -- which cybersecurity company Profero previously linked to Russian-speaking hackers -- typically extorts victims by threatening to leak stolen data. While this data was typically leaked on Cuba's dark web leak site, it began selling stolen data on Industrial Spy's online market in May this year. CISA and the FBI are urging at-risk organizations to prioritize patching known exploited vulnerabilities, to train employees to spot and report phishing attacks and to enable and enforce phishing-resistant multi-factor authentication.

Cryptocurrencies and NFTs have been formally disallowed from Grand Theft Auto Online's popular role-playing (RP) servers. That's according to a new set of guidelines posted on Rockstar's support site last Friday. From a report: In the note, the game's publisher says its new RP server rules are aligned with Rockstar's existing rules for single-player mods. Both sets of rules prohibit content that uses third-party intellectual property, interferes with official multiplayer services, or makes new "games, stories, missions or maps" for the game. This means RP servers based on re-creating Super Mario Kart in the Grand Theft Auto world, for instance, could face "priority in enforcement actions" from Rockstar. But the new RP guidelines surpass the existing single-player mod guidelines in barring "commercial exploitation." That's a wide-ranging term that Rockstar says specifically includes selling loot boxes, virtual currencies, corporate sponsorships, or any integrations of cryptocurrencies or "crypto assets (e.g. 'NFTs')."

The Boston Globe reports that "More money is starting to flow into the nascent field of quantum computing in Boston, turning academic research at MIT and Harvard labs into startups."

In September, Northeastern University announced it will build a $10 million lab at its Burlington campus to explore applications for quantum technology, and to train students to work with it. And companies based in other countries are setting up outposts here to hire quantum-savvy techies....

"It's still pretty early" for quantum computing, says Russ Wilcox, a partner at the venture capital firm Pillar. "But a number of companies are starting to experiment to learn how to make use of it. The key factor is that the field is progressing at an exponential rate." In 2018, his firm made an early investment in Zapata Computing, a Boston startup building software for quantum computers and selling services — including ways to analyze the new cybersecurity risks that a powerful new class of computers could introduce....

In the current fiscal year, the federal government budgeted about $900 million to advance the field of quantum information science, which includes quantum computing....

[S]everal local venture capital firms are getting comfortable with placing bets on the quantum computing sector. Glasswing's Rudina Seseri says that her firm is "seeing momentum pick up," although the sector is "still in the warm-up phase, not yet in the first inning." But some of the technology being developed by startups, she says, "is so meaningful that if they get the technology to work at scale, they will be incredibly valuable."

That said, much of the revenue available to these companies today comes from researchers in academic and corporate labs trying to understand the potential of quantum computers. Sam Liss, an executive director in Harvard's Office of Technology Development, thinks that "the large commercial opportunities for quantum are still a long way off." The OTD helps attract corporate funding to Harvard research labs, and also helps to license technologies created in those labs to the private sector. "Technologies have a way of getting oversold and overhyped," Liss says. "We all recognize that this is going to take some time."

Large companies like Amazon, Google, and IBM are trying to move the field forward, and startups are beginning to demonstrate their new approaches. In the startup realm, Liss says, we're seeing enough new companies being formed and attracting funding "to support a thesis that this will be a big thing."

Meta has fired or disciplined more than two dozen employees and contractors over the last year whom it accused of improperly taking over user accounts, in some cases allegedly for bribes, The Wall Street Journal reported Thursday, citing people familiar with the matter and documents. From the report: Some of those fired were contractors who worked as security guards stationed at Meta facilities and were given access to the Facebook parent's internal mechanism for employees to help users having trouble with their accounts, according to the documents and people familiar with the matter. The mechanism, known internally as "Oops," has existed since Facebook's early years as a means for employees to help users they know who have forgotten their passwords or emails, or had their accounts taken over by hackers.

As part of the alleged abuse of the system, Meta says that in some cases workers accepted thousands of dollars in bribes from outside hackers to access user accounts, the people and documents say. The disciplinary actions are part of a lengthy internal probe led by Meta executives, according to the documents and one of the people. "Individuals selling fraudulent services are always targeting online platforms, including ours, and adapting their tactics in response to the detection methods that are commonly used across the industry," said Meta spokesman Andy Stone. He added that the company "will keep taking appropriate action against those involved in these kinds of schemes."

At its Zoomtopia conference, the company announced a bunch of features that are coming to its platform, including two key ones for productivity: email and calendars. Engadget reports: You can connect third-party email and calendar services to Zoom and access them through the desktop app. The company says that can help save you time instead of having to switch between apps and perhaps needing to hunt for the right tab in your browser. Those on the Zoom One Pro or Zoom Standard Pro plans will be able to set up email accounts through the platform, and folks with certain plans have the option to use custom domains. You'll get up to 100GB of storage included. The key selling point is that messages sent directly between Zoom Mail Service users (i.e. those who use Zoom's email hosting services) will have end-to-end encryption. You'll also be able to send external emails that can expire and contain access-restricted links.

As for Zoom Calendar, there will be options to see which of your contacts has joined a meeting, and you can schedule Zoom voice and video calls in the app. Zoom's own calendar service will include the ability to book appointments. On the way in 2023 is a feature called Zoom Spots. The company describes this as a virtual coworking space where colleagues can stay more connected during the workday via video-first conversations. While the company didn't reveal too much detail about Zoom Spots in its blog post, there may be a downside as the feature could enable bosses to keep a closer eye on what their employees are doing.

Businesses will soon be able to employ Zoom Virtual Agent, a conversational AI and chatbot designed to help customers resolve issues. That tool will be available in early 2023. Other things in the pipeline include a way for developers to make money from the Zoom Apps Marketplace and a virtual coach to help sellers perfect their pitches. As for the core functions people know Zoom for, there's a feature on the way that connects team chats with in-meeting chats. You'll be able to carry the conversation from one to the other and back again to keep things flowing. The company is also looking to roll out translation options for team chats in 2023. In the near future, you'll be able to schedule a chat message to send at a later time.

Zoom Phone is coming to the web, which should be handy for many folks. A progressive web app will be available for ChromeOS too. Meanwhile, users will be able to use a one-click chat message as a response when they can't answer a call. As for Zoom Rooms, there will be a way for folks in one of those to join a Google Meet room and vice versa. Last, but by no means least, Zoom revealed a string of updates for meetings. The Smart Recordings feature uses AI to generate summaries, next steps and chapters to make archived meetings more digestible and help you get to the part you're looking for. There will be meeting templates that can automatically configure the right settings and a way to record videos with narration and screensharing that you can send to colleagues. On top of that, you'll have more avatar options, including the ability to use a Meta avatar.

EU antitrust regulators are asking games developers whether Microsoft will be incentivized to block rivals' access to "Call of Duty" maker Activision Blizzard's best-selling games, according to an EU document seen by Reuters. From the report: EU antitrust regulators are due to make a preliminary decision by Nov. 8 on whether to clear Microsoft's proposed $69 billion acquisition of Activision. The EU competition enforcer also asked if Activision's trove of user data would give the U.S. software giant a competitive advantage in the development, publishing and distribution of computer and console games, the EU document shows. The planned acquisition, the biggest in the gaming industry, will help Microsoft better compete with leaders Tencent and Sony. After its decision next month the European Commission is expected to open a four-month long investigation, underscoring regulatory concerns about Big Tech acquisitions.

Games developers, publishers and distributors were asked whether the deal would affect their bargaining power regarding the terms for selling console and PC games via Microsoft's Xbox and its cloud game streaming service Game Pass. Regulators also wanted to know if there would be sufficient alternative suppliers in the market following the deal and also in the event Microsoft decides to make Activision's games exclusively available on its Xbox, its Games Pass and its cloud game streaming services. They asked if such exclusivity clauses would reinforce Microsoft's Windows operating system versus rivals, and whether the addition of Activision to its PC operating system, cloud computing services and game-related software tools gives it an advantage in the video gaming industry. They asked how important the Call of Duty franchise is for distributors of console games, third-party multi-game subscription services on computers and providers of cloud game streaming services.

Companies such as Amazon and Microsoft, as well as banks, police services and government departments, shred millions of data-storing devices each year, the Financial Times has learnt through interviews with more than 30 people who work in and around the decommissioning industry and via dozens of freedom of information requests. From the report: This is despite a growing chorus of industry insiders who say there is another, better option to safely dispose of data: using computer software to securely wipe the devices before selling them on the secondary market. "From a data security perspective, you do not need to shred," says Felice Alfieri, a European Commission official who co-authored a report about how to make data centres more sustainable and is promoting "data deletion" over device destruction. Underpinning the reluctance to move away from shredding is the fear that data could leak, triggering fury from customers and huge fines from regulators.

Last month, the US Securities and Exchange Commission fined Morgan Stanley $35mn for an "astonishing" failure to protect customer data, after the bank's decommissioned servers and hard drives were sold on without being properly wiped by an inexperienced company it had contracted. This was on top of a $60mn fine in 2020 and a $60mn class action settlement reached earlier this year. Some of the hardware containing bank data ended up being auctioned online. While the incident stemmed from a failure to wipe the devices before selling them on, the bank now mandates that every one of its data-storing devices is destroyed -- the vast majority on site. This approach is widespread. One employee at Amazon Web Services, who spoke on condition of anonymity, explained that the company shreds every single data-storing device once it is deemed obsolete, usually after three to five years of use: "If we let one [piece of data] slip through, we lose the trust of our customers." A person with knowledge of Microsoft's data disposal operations says the company shreds everything at its 200-plus Azure data centres.

An anonymous reader shares a report: Are smartphones ever entirely secure? It depends on one's definition of "secure," particularly when dealing with corporate environments. Most companies with bring-your-own-device policies install apps or agents on workers' smartphones to help secure them, leveraging the management capabilities built into operating systems like Android and iOS. But those might not be sufficient. That's what Cloudflare argues, anyway, in the pitch for the new services it's launching this week. Today, the company announced Zero Trust SIM and Zero Trust for Mobile Operators, two product offerings targeting smartphone users, the companies securing corporate phones and the carriers selling data services. Let's start with Zero Trust SIM. Designed to secure all data packets leaving a smartphone, Zero Trust SIM -- once launched in the U.S. (to start) -- will be available as an eSIM deployable via existing mobile device management platforms to both iOS and Android devices. It'll be locked to a specific device, mitigating the risk of SIM-swapping attacks, and usable either in a standalone configuration or in tandem with Cloudflare's mobile agent, WARP.

In a recent email interview, Cloudflare CTO John Graham-Cumming made the case that Zero Trust SIM can accomplish what VPNs and other secure layers can't: cell-level protection. A SIM card can act as another security factor, and -- in combination with hardware keys -- make it nearly impossible to impersonate an employee, he argued. "Zero Trust SIM provides defense in depth. A VPN layer is one of those components, but doesn't remove the need to still deploy cellular connectivity across all of your mobile devices today, and traditional 'AnyConnect-style' VPNs do nothing to stop attackers moving laterally once they're inside the VPN," Graham-Cumming said. "We continue to see organizations breached due to challenges securing their applications and networks, and what was once a real-estate budget is quickly becoming a 'secure my remote and distributed workforce' budget from an IT security perspective." Specifically, Graham-Cumming said that Zero Trust SIM will enable Cloudflare to rewrite DNS requests leaving a device to instead use Cloudflare Gateway for DNS filtering.

"Whirring as it powered up, a hoverbike lifted directly into the air in Michigan, video shows."

That's the lead from one news report about a big debut at a U.S. auto show in Detroit: a gasoline-and-electric powered hoverbike (using a Kawasaki motor) created by Japanese manufacturing company AERWINS Technologies. They've already started selling them in Japan, and they're now also hoping to sell a smaller version in America in 2023. The hoverbike flies for 40 minutes, Reuters reports, and can reach speeds of up to 62 miles per hour (100 kph). (They added that the bike drew "perhaps inevitable comparisons to the speeder bikes of Star Wars.")

From McClatchy news services: Video from WXYZ's Facebook shows the hoverbike's flight. The test rider checks the vehicle then signals with a fist pump. The engines power up, whirring louder and louder until the bike lifts off. The hoverbike flies back and forth, slightly faster as the ride goes on, then lands smoothly to the ground, video shows. "I feel like I'm literally 15 years old and I just got out of Star Wars," the test rider told Reuters. "It's awesome! Of course, you have a little apprehension, but I was just so amped. I literally had goosebumps and feel like a little kid...."

The price of a hoverbike? Only $777,000 according to current estimates, though the company hopes to get the cost down to about $50,000, The Detroit News reported.
The Detroit News adds this about the company's founder/CEO: As a boy, Shuhei Komatsu loved Star Wars movies, especially the lightning-fast land speeders. So when he grew up, he decided to make one of his own, he said.

"I wanted to make something from the movie real," Komatsu said. "It's a land speeder for the Dark Side...."

Komatsu said his company will make its public offering of stock on the NASDAQ exchange in November.... He said he's hoping the U.S. government classifies its XTURISMO as a non-aircraft.... He said he thinks consumers will buy the machine for recreation, and governments will buy it for law enforcement and for inspecting infrastructure. "I hope that in the future, people will use it for every day," he said.

Eye on Design is the official blog of the US-based professional graphic design organization AIGA. They've just published a fascinating interview with Tom Persky, who calls himself "the last man standing in the floppy disk business." He is the time-honored founder of floppydisk.com, a US-based company dedicated to the selling and recycling of floppy disks. Other services include disk transfers, a recycling program, and selling used and/or broken floppy disks to artists around the world. All of this makes floppydisk.com a key player in the small yet profitable contemporary floppy scene....

Perkins: I was actually in the floppy disk duplication business. Not in a million years did I think I would ever sell blank floppy disks. Duplicating disks in the 1980s and early 1990s was as good as printing money. It was unbelievably profitable. I only started selling blank copies organically over time. You could still go down to any office supply store, or any computer store to buy them. Why would you try to find me, when you could just buy disks off the shelf? But then these larger companies stopped carrying them or went out of business and people came to us. So here I am, a small company with a floppy disk inventory, and I find myself to be a worldwide supplier of this product. My business, which used to be 90% CD and DVD duplication, is now 90% selling blank floppy disks. It's shocking to me....

Q: Where does this focus on floppy disks come from? Why not work with another medium...?

Perkins: When people ask me: "Why are you into floppy disks today?" the answer is: "Because I forgot to get out of the business." Everybody else in the world looked at the future and came to the conclusion that this was a dying industry. Because I'd already bought all my equipment and inventory, I thought I'd just keep this revenue stream. I stuck with it and didn't try to expand. Over time, the total number of floppy users has gone down. However, the number of people who provided the product went down even faster. If you look at those two curves, you see that there is a growing market share for the last man standing in the business, and that man is me....

I made the decision to buy a large quantity, a couple of million disks, and we've basically been living off of that inventory ever since. From time to time, we get very lucky. About two years ago a guy called me up and said: "My grandfather has all this floppy junk in the garage and I want it out. Will you take it?" Of course I wanted to take it off his hands. So, we went back and forth and negotiated a fair price. Without going into specifics, he ended up with two things that he wanted: an empty garage and a sum of money. I ended up with around 50,000 floppy disks and that's a good deal.
In the interview Perkins reveals he has around half a million floppy disks in stock — 3.5-inch, 5.25-inch, 8-inch, "and some rather rare diskettes. Another thing that happened organically was the start of our floppy disk recycling service. We give people the opportunity to send us floppy disks and we recycle them, rather than put them into a landfill. The sheer volume of floppy disks we get in has really surprised me, it's sometimes a 1,000 disks a day."

But he also estimates its use is more widespread than we realize. "Probably half of the air fleet in the world today is more than 20 years old and still uses floppy disks in some of the avionics. That's a huge consumer. There's also medical equipment, which requires floppy disks to get the information in and out of medical devices.... "

And in the end he seems to have a genuine affection for floppy disk technology. "There's this joke in which a three-year-old little girl comes to her father holding a floppy disk in her hand. She says: 'Daddy, Daddy, somebody 3D-printed the save icon.' The floppy disks will be an icon forever."

The interview is excerpted from a new book called Floppy Disk Fever: The Curious Afterlives of a Flexible Medium.

Hat tip for finding the story to the newly-redesigned front page of The Verge.

An anonymous reader quotes a report from Ars Technica: The United Kingdom's Competition and Markets Authority (CMA) is challenging Microsoft and Activision Blizzard to justify their planned merger, saying the deal "could substantially lessen competition" in the gaming industry. A CMA announcement today cited concerns about "competition in gaming consoles, multi-game subscription services, and cloud gaming services (game streaming)." Microsoft announced its plan to buy Activision Blizzard for $68.7 billion in January.

"Microsoft is one of three large companies, together with Sony and Nintendo, that have led the market for gaming consoles for the past 20 years with limited entries from new rivals," the CMA said. "Activision Blizzard has some of the world's best-selling and most recognizable gaming franchises, such as Call of Duty and World of Warcraft. The CMA is concerned that if Microsoft buys Activision Blizzard it could harm rivals, including recent and future entrants into gaming, by refusing them access to Activision Blizzard games or providing access on much worse terms."

The CMA said these "concerns warrant an in-depth Phase 2 investigation," so Microsoft and Activision Blizzard have been ordered "to submit proposals to address the CMA's concerns" within five working days. "If suitable proposals are not submitted, the deal will be referred for a Phase 2 investigation," which would "allow an independent panel of experts to probe in more depth the risks identified at Phase 1," the CMA said. Besides Microsoft's Xbox console, the CMA noted Microsoft's Azure cloud computing platform and the Windows operating system. "The CMA is concerned that Microsoft could leverage Activision Blizzard's games together with Microsoft's strength across console, cloud, and PC operating systems to damage competition in the nascent market for cloud gaming services," the announcement said. "A Phase 2 investigation (PDF) can result in a merger being prohibited or a requirement to sell some parts of the business," notes Ars. "A Phase 2 investigation is typically limited to 24 weeks but can be extended by up to eight weeks."

"After a final report, 'the CMA has a statutory deadline of 12 weeks (extendable by up to six weeks for special reasons) to make an order or accept undertakings to give effect to its Phase 2 remedies.'"

The ubiquitous device is becoming a shop window for the firm's services. From a report: As it dreams up more gadgets to sell to more people, however, Apple is employing another strategy in parallel. The company has so far put 1.8bn devices in the pockets and on the desks of some of the world's most affluent consumers. Now it is selling access to those customers to other companies, and persuading those who own its devices to sign up to its own subscription services. As Luca Maestri, Apple's chief financial officer, said on a recent earnings call, the Apple devices in circulation represent "a big engine for our services business." The strategy is picking up speed. Last year services brought in $68bn in revenue, or 19% of Apple's total. That is double the share in 2015. In the latest quarter services' share was even higher, at 24%. Apple doesn't break down where the money comes from, but the biggest chunk is reckoned to be fees from its app store, which amounted to perhaps $25bn last year, according to Sensor Tower, a data provider.

The next-biggest part is probably the payment from Google for the right to be Apple devices' default search engine. This was $10bn in 2020; analysts believe the going rate now is nearer $20bn. Apple's fast-growing advertising business -- mainly selling search ads in its app store -- will bring in nearly $7bn this year, reckons eMarketer, another research firm. Most of the rest comes from a range of subscription services: iCloud storage, Apple Music and Apple Care insurance are probably the biggest, estimates Morgan Stanley, an investment bank. More recent ventures like Apple tv+, Apple Fitness, Apple Arcade and Apple Pay make up the rest. New services keep popping up. Last November Apple launched a subscription product for small companies called Apple Business Essentials, offering tech support, device management and so on. In June it announced a "buy now, pay later" service. The company claims a total of 860m active paid subscriptions, nearly a quarter more than it had a year ago.

The Japanese government has been hit in the pocket by an unusual problem -- its young people aren't drinking enough. From a report: Since the pandemic began, bars and other premises selling alcohol have been hit hard by Covid-19 restrictions, causing sales -- and liquor tax revenues -- to plummet in the world's third-largest economy. The government's solution? Launch a contest to find new ways to encourage young people to drink more. The "Sake Viva!" campaign, overseen by the National Tax Agency, invites participants to submit ideas on how to "stimulate demand among young people" for alcohol through new services, promotional methods, products, designs and even sales techniques using artificial intelligence or the metaverse, according to the official competition website.

"The domestic alcoholic beverage market is shrinking due to demographic changes such as the declining birthrate and aging population, and lifestyle changes due to the impact of Covid-19," said the website, adding that the competition aimed to "appeal to the younger generation ... and to revitalize the industry." The contest includes promotional ideas for all types of Japanese alcohol, with applications open until September 9. Finalists will be invited to an expert consultation in October, before a final tournament in November in Tokyo. The winner will receive support for their plan to be commercialized, according to the tax office.

In its latest effort to contend with soaring inflation, Amazon is planning to raise fulfillment fees during the holiday season, passing off some of its increased costs to the millions of merchants who rely on the site to sell their products. From a report: Starting Oct. 15, and running through Jan. 14, third-party sellers who use Fulfillment by Amazon, or FBA, will have to pay 35 cents per item sold in the U.S. or Canada, the company said Tuesday in an email to sellers. For merchants using FBA, Amazon handles the process of picking, packing and shipping items. The holiday fee comes on top of existing charges that sellers pay for using FBA services. Those costs vary depending on an item's size, category and weight.

Amazon said it's implementing an added holiday surcharge for the first time as "expenses are reaching new heights," making it harder for the company to absorb costs tied to the peak shopping season. "Our selling partners are incredibly important to us, and this is not a decision we made lightly," Amazon said in the email. Amazon's third-party marketplace has become the centerpiece of its dominant e-commerce business, as it now accounts for more than half of online retail sales. Because of Amazon's global reach and massive customer base, many retailers count on the company for the majority, and in some cases the entirety, of their business.

In January a California startup named Autonomy began "stocking up on EVs from pretty much every company that makes them," reports Bloomberg (including Tesla, Ford, and Polestar). Their plan? Collect a $5,900 "start fee," then charge $490 to $690 a month for an electric vehicle subscription with up to 1,000 miles of driving (but with no maintenance or registration fees): The subscription model has some logic for consumers. In part because of fast-evolving technology, EVs have traditionally shed value much quicker than gas-powered cars. On a depreciation scale, consumers typically lump them in with cell phones.... But EV ownership is also looking better by the day. The depreciation curve is flattening thanks to longer-range machines, and car companies are getting more vocal about things like battery longevity. A three-year-old Chevrolet Bolt, for example, will recoup 84% of its value today, in line with the average resale of all three-year-old cars in North America, according to CarEdge.com, a consumer-facing market research platform.

That could be why auto executives are pushing to round up that sweet, sweet software revenue in smaller chunks. BMW, to much outcry, is selling an $18-a-month subscription for heated seats in the UK, and General Motors turned its OnStar voice navigation into a $1,500 "mandatory" subscription on every new Buick, GMC and Cadillac Escalade. Even without a la carte add-ons, one of the major forces propping up prices for used EVs is, ironically, their ability to update remotely — the same technology carmakers are using to nickel-and-dime drivers with subscription services.

A contemporary car is nothing if not a dense stack of software, which means subscriptions on wheels are not entirely bonkers. But a car is also an appliance, and consumers aren't accustomed to renting a refrigerator, let alone paying a monthly fee to use the ice-maker. Luckily for Autonomy, the simplest pitch may be the best one. If it can bigfoot individual EV orders by jumping to the head of the queue, the startup could find scads of subscribers — simply because it will have available cars.

An anonymous reader quotes a report from The Drive: If you don't want to pay for in-car subscriptions every month, no problem: Just pay it all upfront. That's the line from General Motors today after news spread that it's making a three-year, $1,500 OnStar connected services subscription a mandatory "option" for new Buick, GMC, and Cadillac Escalade models. The subscription, which enables things like using your phone as a key fob, data-enabled navigation, audio streaming, and Amazon's Alexa virtual assistant, is still optional on other GM vehicles, with the Premium package running $49.99 a month. But don't be surprised if this new setup spreads across the automaker's full portfolio.

The $1,500 charge for OnStar will effectively raise the base prices of these cars, though the exact increase varies from model to model. All Buicks will see a price increase of $1,500. Higher trim GMCs will see an increase of as little as $905 with the Hummer EV getting no MSRP boost. Base model GMC pickups, the Sierra and Canyon, are hit the hardest with a $1,675 increase. By far the most common price hike is $1,500, which also applies to the Cadillac Escalade, Automotive News reports. Speaking to GM Authority, a spokesperson said making customers pay for the service will "enhance [their] vehicle ownership experience." They went on to state that "By including this plan as standard equipment on the vehicle, it provides more customer value and a more seamless onboarding experience." The automaker confirmed to AN that buyers who don't activate OnStar and have no desire to use the services will not be offered a discount. Further reading: BMW Starts Selling Heated Seat Subscriptions For $18 a Month

True 5G wireless data, with its ultrafast speeds and enhanced security protections, has been slow to roll out around the world. As the mobile technology proliferates -- combining expanded speed and bandwidth with low-latency connections -- one of its most touted features is starting to come in to focus. But the upgrade comes with its own raft of potential security exposures. From a report: A massive new population of 5G-capable devices, from smart-city sensors to agriculture robots and beyond, are gaining the ability to connect to the internet in places where Wi-Fi isn't practical or available. Individuals may even elect to trade their fiber-optic internet connection for a home 5G receiver. But the interfaces that carriers have set up to manage internet-of-things data are riddled with security vulnerabilities, according to research that will be presented on Wednesday at the Black Hat security conference in Las Vegas. And those vulnerabilities could dog the industry long-term. After years of examining potential security and privacy issues in mobile-data radio frequency standards, Technical University of Berlin researcher Altaf Shaik says he was curious to investigate the application programming interfaces (APIs) that carriers are offering to make IoT data accessible to developers.

These are the conduits that applications can use to pull, say, real-time bus-tracking data or information about stock in a warehouse. Such APIs are ubiquitous in web services, but Shaik points out that they haven't been widely used in core telecommunications offerings. Looking at the 5G IoT APIs of 10 mobile carriers around the world, Shaik and his colleague Shinjo Park found common, but serious API vulnerabilities in all of them, and some could be exploited to gain authorized access to data or even direct access to IoT devices on the network. "There's a big knowledge gap. This is the beginning of a new type of attack in telecom," Shaik told WIRED ahead of his presentation. "There's a whole platform where you get access to the APIs, there's documentation, everything, and it's called something like 'IoT service platform.' Every operator in every country is going to be selling them if they're not already, and there are virtual operators and subcontracts, too, so there will be a ton of companies offering this kind of platform."