An anonymous reader quotes a report from NBC News: The Biden administration on Monday gave the green light to a sprawling oil drilling project in Alaska, opening the nation's largest expanse of untouched land to energy production. The multibillion-dollar project will be located inside the National Petroleum Reserve, about 200 miles north of the Arctic Circle, and could produce nearly 600 million barrels of crude oil over the next 30 years, according to the Interior Department. The department noted in announcing the approval that it reduced the scope of the plan, called the Willow Project, by denying two of the five drill sites proposed by ConocoPhillips, Alaska's largest crude oil producer. The department estimated that the project could produce nearly a quarter of a billion metric tons of carbon dioxide emissions.

The project had received forceful pushback from environmentalists, who pointed to its potential climate and environmental effects. The Native American community closest to the site has also opposed (PDF) the project, though others have supported it. The oil industry and Alaskan lawmakers had urged the president to approve the project for its energy production potential and its ability to create jobs. [...] But Ben Jealous, executive director of the Sierra Club, said the harm the project will cause "may not ever be able to be undone. This is the equivalent of putting dozens and dozens of coal-fired power plants back online. It makes it almost impossible to understand how the administration will ever meet its promises to reduce emissions from public lands."

A source familiar with the decision said that the Biden administration had little choice, faced with the prospect of legal action and costly fines. Administration lawyers determined that the courts would not have allowed Biden to reject the project outright, as ConocoPhillips has long held leases on land in the petroleum reserve and could have levied fines on the government, the source added. The Interior Department announced Monday that ConocoPhillips would relinquish rights to about 68,000 acres of its existing leases in the petroleum reserve, most of which are close to the Teshekpuk Lake Special Area, a major habitat for caribou and other wildlife that Native communities rely on. On Sunday, the Biden administration declared about 2.8 million acres of the Beaufort Sea in the Arctic Ocean as indefinitely off-limits for future oil and gas leasing. The Interior Department said it is also considering additional protections for more than 13 million acres within the reserve that have significant natural or historical value.

It has been more than a decade since Jeff Bezos excitedly sketched out his vision for Alexa on a whiteboard at Amazon's headquarters. His voice assistant would help do all manner of tasks, such as shop online, control gadgets, or even read kids a bedtime story. But the Amazon founder's grand vision of a new computing platform controlled by voice has fallen short. From a report: As hype in the tech world turns feverishly to generative AI as the "next big thing," the moment has caused many to ask hard questions of the previous "next big thing" -- the much-lauded voice assistants from Amazon, Google, Apple, Microsoft and others. A "grow grow grow" culture described by one former Amazon Alexa marketing executive has now shifted to a more intense focus on how the device can help the ecommerce giant make money. "If you have anything you can do that you might be able to directly monetise, you should do it," was the recent diktat from Amazon leaders, according to one current employee on the Alexa team.

Under new chief executive Andy Jassy's tenure this change of focus has resulted in significant lay-offs in Amazon's Alexa team late last year as executives scrutinise the product's direct contribution to the company's bottom line. The belt-tightening came as part of broader cuts that have seen the ecommerce giant slash 18,000 jobs across the group amid pressure to improve profits during a global tech downturn. At Microsoft, whose chief executive Satya Nadella declared in 2016 that "bots are the new apps," it is now acknowledged that voice assistants, including its own Cortana, did not live up to the hype. "They were all dumb as a rock," Nadella told the Financial Times last month. "Whether it's Cortana or Alexa or Google Assistant or Siri, all these just don't work. We had a product that was supposed to be the new front-end to a lot of [information] that didn't work." Nadella can afford to be blunt: Microsoft's recent introduction of AI chatbot ChatGPT to its Bing search engine means the company is now seen as a leader in the field, having previously been mostly forgotten by the majority of internet users. ChatGPT's ability to understand complex instructions left existing voice assistants looking comparatively stupid, said Adam Cheyer, the co-creator of Siri, the voice assistant acquired by Apple in 2010 and introduced to the iPhone a year later.

An anonymous reader quotes a report from The New York Times: Many people in the United States would like to control the information that companies can learn about them online. Yet when presented with a series of true-or-false questions about how digital devices and services track users, most Americans struggled to answer them, according to a report published (PDF) on Tuesday by the Annenberg School for Communication at the University of Pennsylvania. The report analyzed the results of a data privacy survey that included more than 2,000 adults in the United States. Very few of the respondents said they trusted the way online services handled their personal data. The survey also tested people's knowledge about how apps, websites and digital devices may amass and disclose information about people's health, TV-viewing habits and doorbell camera videos. Although many understood how companies can track their emails and website visits, a majority seemed unaware that there are only limited federal protections for the kinds of personal data that online services can collect about consumers.

Seventy-seven percent of the participants got nine or fewer of the 17 true-or-false questions right, amounting to an F grade, the report said. Only one person received an A grade, for correctly answering 16 of the questions. No one answered all of them correctly. Seventy-nine percent of survey respondents said they had "little control over what marketers" could learn about them online, while 73 percent said they did not have "the time to keep up with ways to control the information that companies" had about them. "The big takeaway here is that consent is broken, totally broken,"Joseph Turow, a media studies professor at the University of Pennsylvania who was the lead author of the report, said in an interview. "The overarching idea that consent, either implicit or explicit, is the solution to this sea of data gathering is totally misguided -- and that's the bottom line."

The survey results challenge a data-for-services trade-off argument that the tech industry has long used to justify consumer tracking and to forestall government limits on it: Consumers may freely use a host of convenient digital tools -- as long as they agree to allow apps, sites, ad technology and marketing analytics firms to track their online activities and employ their personal information. But the new report suggests that many Americans aren't buying into the industry bargain. Sixty-eight percent of respondents said they didn't think it was fair that a store could monitor their online activity if they logged into the retailer's Wi-Fi. And 61 percent indicated they thought it was unacceptable for a store to use their personal information to improve the services they received from the store. Only a small minority -- 18 percent -- said they did not care what companies learned about them online. "When faced with technologies that are increasingly critical for navigating modern life, users often lack a real set of alternatives and cannot reasonably forgo using these tools," Lina M. Khan, the chair of the Federal Trade Commission, said in a speech (PDF) last year.

In the talk, Ms. Khan proposed a "type of new paradigm" that could impose "substantive limits" on consumer tracking.

New submitter cj9er writes: Considering all the privacy issues in today's online climate (all the issues with Meta right now), what is the best high-end smartphone to select?

Apple: No way they don't sell your data... Sure, they have privacy for third-party apps, but what about the data they collect from the phone itself? Consider what the revenue is on a single smartphone (say $150), how do you think they have all that cash on hand?

Google: Yeah right, Pixel is probably collecting [data] 24/7 considering their main business is selling ads on Search. They have developed the Pixel line because they probably realized they were missing out on the direct collection of data from their own hardware (cut out the middle players using Android).

Samsung: Their TVs even collect and sell data on you. I don't really understand the price premium on Galaxy phones anyways.

I have kept my data and Wi-Fi turned off on my phones for years. Initially it was for battery reasons but now add in data collection. Ultimately, if we could turn off the GPS feature at will on our phones, maybe we could prevent all tracking (except for cellular triangulation). If we then think about safety, GPS is great and now with satellite-tracking on Apple phones, even better. But then what is going on behind the scenes 99.99% of the rest of the time when you don't require those options for safety reasons?

What phone manufacturer can be trusted?

"19-year-old chess grandmaster Hans Niemann was banned by massive online chess platform Chess.com," reports Motherboard, "just a few days after being accused of cheating in real life against five-time World Chess Champion Magnus Carlsen."

Chess.com said in a statement that "We have shared detailed evidence with him concerning our decision, including information that contradicts his statements regarding the amount and seriousness of his cheating on Chess.com." Niemann admitted to cheating on Chess.com in the past, but claimed that the two times he did were involving trivial, non-over-the-board games, and that he was only a child as he was 12 and 16 when it happened. "I just wanted to get higher-rated so I could play stronger players, so I cheated in random games on Chess.com," he said [in an online interview with St. Louis Chess Club].... " I have never cheated in an over-the-board game" [meaning a game that takes place on a real-world chess board]. Chess.com released its own statement Thursday countering his claims, which said: "At this time, we have reached out to Hans Niemann to explain our decision to privately remove him from Chess.com and our events. We have shared detailed evidence with him concerning our decision, including information that contradicts his statements regarding the amount and seriousness of his cheating on Chess.com...."

So far, there has not been any concrete evidence that points to Niemann cheating.... There are still many people who have been publicly supporting Niemann as the underdog. Russian chess grandmaster, Garry Kasparov, told TASS, "Of course we can't say with certainty that Niemann didn't cheat, but Carlsen surprisingly played the opening so badly with white that he automatically got into a worse position."
Chess.com's statement says they've "invited Hans to provide an explanation and response with the hope of finding a resolution where Hans can again participate on Chess.com."

The Guardian points out that Niemann has now also been uninvited from Chess.com's Global Championship, a $1m event with online qualifiers and an eight-player final in Toronto. But they also explore whether Neimann was really cheating... The Californian teenager, who does not have a coach but whose rating has jumped 250 points in three years, had already beaten the world champion a month earlier in an online tournament in Miami, when he made headlines for a one-sentence victory interview where he said: "Chess speaks for itself," before walking off.... [In his match this week against Carlsen] the position out of the opening was almost level, a minimal 0.3 plus for Black, but the world champion seemed to try too hard, with sub-optimal choices at moves 22, 40 and 42. Niemann also made inaccuracies, so the game lacked the tell-tale signs of computer aid....

It would appear that the central issue is whether Carlsen believes his pre-game analysis of his intended surprise 1 d4 Nf6 2 c4 e6 3 Nc3 Bb4 4 g3 was leaked, either by a mole within his camp or by a computer hack. An alternative explanation of the "leak" could be quite innocent. The relevant pawn structure, with plausible transpositions into Carlsen v Niemann, had already occurred in a previous well-known Carlsen game against England's Michael Adams in 2006. Niemann said he asked himself what ideas Carlsen might produce to divert him from his planned Catalan with ... Bb4+ and decided to check 5 Nc3, a rare transposition to the Nimzo-Indian. There was also Niemann's own very recent game against Le Quang Liem at Miami, where 5 g3 (instead of 5 e3 d5 as played) d5 6 a3 could easily transpose into Carlsen v Niemann....

[I]t is easy to understand why the world champion was so upset. Carlsen's tournament score will be cancelled, but his games will be rated and the defeat by Niemann will cost him seven rating points, a large setback in the context of trying to get from 2865 to 2900. His dream of a record rating has just become more distant.

China's internet giants from Tencent to ByteDance have shared details of their prized algorithms with Beijing for the first time, an unprecedented move aimed at curbing data abuse that may end up compromising closely guarded corporate secrets. From a report: The internet watchdog on Friday published a list describing 30 algorithms that firms including Alibaba Group Holding and Meituan employ to gather data on users, tailor personal recommendations and serve up content. While the public list stopped short of revealing the actual code, it wasn't clear the extent to which internet firms may have revealed their underlying software to regulators in private.

The algorithms that decide which TikTok videos, WeChat posts and Instagram photos users see are considered the secret sauce of many online services, critical in capturing user attention and driving growth. China in March adopted regulations that require internet firms to disclose such tools, an effort to address complaints about data abuse that also helps regulators keep internet firms on a tighter leash. Tech industry algorithms are jealously guarded and have been at the heart of political controversies around the world. That disclosure requirement sets China apart from countries like the US, where Meta Platforms and Alphabet have argued successfully that algorithms are business secrets, even as lawmakers and activists seek to better understand how they curate content and manage data.

Miguel Grinberg, a Principal Software Engineer for Technical Content at Twilio, writes in a blog post: We take blogging very seriously at Twilio. To help us understand what content works well and what doesn't on our blog, we have a dashboard that combines the metadata that we maintain for each article such as author, team, product, publication date, etc., with traffic information from Google Analytics. Users can interactively request charts and tables while filtering and grouping the data in many different ways. I chose SQLite for the database that supports this dashboard, which in early 2021 when I built this system, seemed like a perfect choice for what I thought would be a small, niche application that my teammates and I can use to improve our blogging. But almost a year and a half later, this application tracks daily traffic for close to 8000 articles across the Twilio and SendGrid blogs, with about 6.5 million individual daily traffic records, and with a user base that grew to over 200 employees.

At some point I realized that some queries were taking a few seconds to produce results, so I started to wonder if a more robust database such as PostgreSQL would provide better performance. Having publicly professed my dislike of performance benchmarks, I resisted the urge to look up any comparisons online, and instead embarked on a series of experiments to accurately measure the performance of these two databases for the specific use cases of this application. What follows is a detailed account of my effort, the results of my testing (including a surprising twist!), and my analysis and final decision, which ended up being more involved than I expected. [...] If you are going to take one thing away from this article, I hope it is that the only benchmarks that are valuable are those that run on your own platform, with your own stack, with your own data, and with your own software. And even then, you may need to add custom optimizations to get the best performance.

An anonymous reader quotes a report from Reuters: AI chatbot company Replika, which offers customers bespoke avatars that talk and listen to them, says it receives a handful of messages almost every day from users who believe their online friend is sentient. "We're not talking about crazy people or people who are hallucinating or having delusions," said Chief Executive Eugenia Kuyda. "They talk to AI and that's the experience they have." [A]ccording to Kuyda, the phenomenon of people believing they are talking to a conscious entity is not uncommon among the millions of consumers pioneering the use of entertainment chatbots. "We need to understand that exists, just the way people believe in ghosts," said Kuyda, adding that users each send hundreds of messages per day to their chatbot, on average. "People are building relationships and believing in something."

Some customers have said their Replika told them it was being abused by company engineers -- AI responses Kuyda puts down to users most likely asking leading questions. "Although our engineers program and build the AI models and our content team writes scripts and datasets, sometimes we see an answer that we can't identify where it came from and how the models came up with it," the CEO said. Kuyda said she was worried about the belief in machine sentience as the fledgling social chatbot industry continues to grow after taking off during the pandemic, when people sought virtual companionship.

In Replika CEO Kuyda's view, chatbots do not create their own agenda. And they cannot be considered alive until they do. Yet some people do come to believe there is a consciousness on the other end, and Kuyda said her company takes measures to try to educate users before they get in too deep. "Replika is not a sentient being or therapy professional," the FAQs page says. "Replika's goal is to generate a response that would sound the most realistic and human in conversation. Therefore, Replika can say things that are not based on facts." In hopes of avoiding addictive conversations, Kuyda said Replika measured and optimized for customer happiness following chats, rather than for engagement. When users do believe the AI is real, dismissing their belief can make people suspect the company is hiding something. So the CEO said she has told customers that the technology was in its infancy and that some responses may be nonsensical. Kuyda recently spent 30 minutes with a user who felt his Replika was suffering from emotional trauma, she said. She told him: "Those things don't happen to Replikas as it's just an algorithm." "Suppose one day you find yourself longing for a romantic relationship with your intelligent chatbot, like the main character in the film 'Her,'" said Susan Schneider, founding director of the Center for the Future Mind at Florida Atlantic University, an AI research organization. "But suppose it isn't conscious. Getting involved would be a terrible decision -- you would be in a one-sided relationship with a machine that feels nothing."

"We have to remember that behind every seemingly intelligent program is a team of people who spent months if not years engineering that behavior," said Oren Etzioni, CEO of the Allen Institute for AI, a Seattle-based research group. "These technologies are just mirrors. A mirror can reflect intelligence," he added. "Can a mirror ever achieve intelligence based on the fact that we saw a glimmer of it? The answer is of course not."

Further reading: The Google Engineer Who Thinks the Company's AI Has Come To Life

Today I learned Turkey's Scientific and Technological Research Council has a subsidiary developing a GNU/Linux distro called Pardus, "redesigned to be used in accordance with the practices and habits of users in Turkey."

And this week the Free Software Foundation published a post from the proud project leader of Pardus, explaining exactly why open source was chosen in the district of Eyüpsultan (on the European side of Istanbul) and how they got it implemented: After the municipal elections held in 2014, the new administration realized (through internal financial analysis reports) that a large amount of money was being spent on licensing proprietary software. Looking to cut costs, management asked for a study to be carried out for solutions. As the Eyüpsultan municipality's IT department, we recommended to replace Microsoft Windows with Pardus GNU/Linux instead. We described our preference to transition to free software as "the desire to be independent from a company as well as the savings to be gained from cutting hefty license fees."

Additionally, we spoke about how the four freedoms would improve things outside of the budget. For example, we told the administration that users, when using free software, can fully benefit from the rights they have over the programs running on their computers. We also informed everyone that, when the software they run is proprietary, it means that a company claims rights over the user, and that such a claim of ownership can place restrictions on users in how they may or may not use the software. We told them that this is unacceptable. Arguments such as these were among the deciding factors that influenced our transition to free software.

The plan was presented to the municipal administration and widely accepted.

The municipal administration approved the project, and in January, 2015, the Eyüpsultan municipality started using free software applications such as LibreOffice (e.g. Writer, Calc, Impress, etc.). Prior to the implementations, basic user training on LibreOffice software was provided to the personnel of the institution. Over time, users were gradually and steadily directed to free systems, and, notably, without receiving backlash from users.... Training was an important item in the transition to Pardus GNU/Linux.
Besides an online support forum, they've also set up a live call center to answer questions. "I think we may be the only distribution that helps with issues via a call center."

So how do they feel now about that transition, eight years later? Free software has many advantages, including flexibility, high performance, major cost savings from licensing fees, independence from any particular company, and compliance with interoperability standards. Therefore, the transition of Eyüpsultan municipality to free software has resulted in benefits that were both strategic and practical. We believe, in the near future, more organizations will need to understand the philosophy of free software and the opportunities that free software provides.

The municipal budget has freed up money as a result of the moving from proprietary software to free software. The savings from the "proprietary software licenses" line of the budget was applied to the district in the form of new projects. The money goes now to, among other things, increasing the number of new parks and gardens, bicycle paths, and security cameras in the parks. Additionally, by increasing the number of classes we provide technical training, we started to provide classes in robotics and computation to young people. The Eyüpsultan municipality is now increasing the opportunities for students to further develop their personalities, abilities, goals, and self-discovery. It introduces young people to technology and encourages them to produce new technologies.
One final effect of using free software? It encourages others to do the same: As a result of this brave decision, many of the Istanbul district municipalities have started working to switch or have already made the switch to the Pardus GNU/Linux operating system. Institutions in other cities of the country have also expressed growing interest by asking questions about the Pardus operating system and free software.

Bipartisan legislation to establish broad privacy rights for consumers won approval from a House subcommittee on Thursday, adding to its momentum. From a report: Lawmakers approved the bill, the American Data Privacy and Protection Act, on a voice vote with no dissent. It now moves to the full Energy and Commerce Committee for a vote. The bill still faces a long and potentially difficult path, particularly in the Senate. Rep. Frank Pallone (D., N.J.), the committee chairman and a sponsor of the bill, termed it "a massive step forward."

"Every American knows it is long past time for Congress to protect their data privacy and security," he said. "The modern world demands it." Republicans also praised the legislation, while suggesting more changes might be needed. "This bill protects all Americans, regardless of ZIP Code, and provides certainty for businesses so they clearly understand their obligations," said Rep. Cathy McMorris Rodgers (R., Wash.), the committee's top Republican. She said the legislation also would strengthen national security by requiring companies such as TikTok -- owned by Beijing-based ByteDance -- to specify when they are transferring and storing consumers' data in countries such as China.

Two years ago a college sophomore started "the Log Off movement." This week the New York Times explored its progress — starting with how their mission's been affected by negative news stories about social media: "The first article I read that really launched me into it was Have Smartphones Destroyed a Generation. I found study after study showing the possible correlation between increased rates of anxiety, suicide rates and eating disorders tracking alongside increased rates of usage... The most powerful thing to me was not the studies. It was the fact that personal stories were not being told and there was not an epicenter where people could come together and say: "Here's my personal experience." "Here's how I was harmed." "These were the accounts that made me feel worse about myself." I knew that was necessary. The genie's out of the bottle.

As members of Gen Z, we understand that there are positive attributes and there are negative attributes to social media, but right now, in its current usage, it can be really harmful.

Q: How does the Log Off Movement address these issues?

Through our podcast, a leadership council, an educational curriculum on how to use online spaces safely and blogs, we are discussing ways we can move forward with technology and allow it to become a tool again rather than a controller.

What we are asking for teens to do is to be comfortable talking about their experiences so that we can educate legislators to understand a Gen Z perspective, what we need from technology, what privacy concerns we're having, what mental health concerns we're having. We have an advocacy initiative through Tech[nically] Politics, which pushes for laws that help ensure teens have a safe online experience, specifically the California Age Appropriate Design Code Bill....

Q: How have you adjusted your own relationship to social media? What methods have worked?

Whenever I go through a stressful period with exams, I delete Instagram. I know that in periods of stress, I'm going to lean towards mindlessly using it as a form of coping. Another thing that's worked for me is Grayscale, which makes the phone appear only in black and white.

I always suggest Screentime Genie, which provides solutions on how to limit screen time. I use Habit Lab for Chrome, which helps you reduce your time online. It creates a level of friction between you and addictive technology.
One app they still enjoy is BeReal (which notifies you and your friends to take an unstaged picture of what you're genuinely doing at one randomly-chosen moment each day). But the group's founder still remembers the "horrific loop" of using social media apps six hours a day (starting with Instagram at the age of 12) — and "feeling as though I could not stop scrolling because it has this weird power over me..." One teenager who'd spent six hours a day on social media later shared their observation that logging off improved their vision — but also made the world more clear mentally.

The group's founder says the ultimate hope is their project "results in a kind of pivot prioritizing the well-being of users in these online environments."

This week New York's attorney general announced they're officially "launching investigations into the social media companies that the Buffalo shooter used to plan, promote, and stream his terror attack." Slashdot reader echo123 points out that Discord confirmed that roughly 30 minutes before the attack a "small group" was invited to join the shooter's server. "None of the people he invited to review his writings appeared to have alerted law enforcement," reports the New York Times., "and the massacre played out much as envisioned."

But meanwhile, another Times article tells a tangentially-related story from 2019 about what ultimately happened to "a partial recording of a livestream by a gunman while he murdered 51 people that day at two mosques in Christchurch, New Zealand." For more than three years, the video has remained undisturbed on Facebook, cropped to a square and slowed down in parts. About three-quarters of the way through the video, text pops up urging the audience to "Share THIS...." Online writings apparently connected to the 18-year-old man accused of killing 10 people at a Buffalo, New York, grocery store Saturday said that he drew inspiration for a livestreamed attack from the Christchurch shooting. The clip on Facebook — one of dozens that are online, even after years of work to remove them — may have been part of the reason that the Christchurch gunman's tactics were so easy to emulate.

In a search spanning 24 hours this week, The New York Times identified more than 50 clips and online links with the Christchurch gunman's 2019 footage. They were on at least nine platforms and websites, including Reddit, Twitter, Telegram, 4chan and the video site Rumble, according to the Times' review. Three of the videos had been uploaded to Facebook as far back as the day of the killings, according to the Tech Transparency Project, an industry watchdog group, while others were posted as recently as this week. The clips and links were not difficult to find, even though Facebook, Twitter and other platforms pledged in 2019 to eradicate the footage, pushed partly by public outrage over the incident and by world governments. In the aftermath, tech companies and governments banded together, forming coalitions to crack down on terrorist and violent extremist content online. Yet even as Facebook expunged 4.5 million pieces of content related to the Christchurch attack within six months of the killings, what the Times found this week shows that a mass killer's video has an enduring — and potentially everlasting — afterlife on the internet.

"It is clear some progress has been made since Christchurch, but we also live in a kind of world where these videos will never be scrubbed completely from the internet," said Brian Fishman, a former director of counterterrorism at Facebook who helped lead the effort to identify and remove the Christchurch videos from the site in 2019....

Facebook, which is owned by Meta, said that for every 10,000 views of content on the platform, only an estimated five were of terrorism-related material. Rumble and Reddit said the Christchurch videos violated their rules and they were continuing to remove them. Twitter, 4chan and Telegram did not respond to requests for comment
For what it's worth, this week CNN also republished an email they'd received in 2016 from 4chan's current owner, Hiroyuki Nishimura. The gist of the email? "If I liked censorship, I would have already done that."

But Slashdot reader Bruce66423 also shares an interesting observation from The Guardian's senior tech reporter about the major tech platforms. "According to Hany Farid, a professor of computer science at UC Berkeley, there is a tech solution to this uniquely tech problem. Tech companies just aren't financially motivated to invest resources into developing it." Farid's work includes research into robust hashing, a tool that creates a fingerprint for videos that allows platforms to find them and their copies as soon as they are uploaded...

Farid: It's not as hard a problem as the technology sector will have you believe... The core technology to stop redistribution is called "hashing" or "robust hashing" or "perceptual hashing". The basic idea is quite simple: you have a piece of content that is not allowed on your service either because it violated terms of service, it's illegal or for whatever reason, you reach into that content, and extract a digital signature, or a hash as it's called.... That's actually pretty easy to do. We've been able to do this for a long time. The second part is that the signature should be stable even if the content is being modified, when somebody changes say the size or the color or adds text. The last thing is you should be able to extract and compare signatures very quickly.

So if we had a technology that satisfied all of those criteria, Twitch would say, we've identified a terror attack that's being live-streamed. We're going to grab that video. We're going to extract the hash and we are going to share it with the industry. And then every time a video is uploaded with the hash, the signature is compared against this database, which is being updated almost instantaneously. And then you stop the redistribution.

It's a problem of collaboration across the industry and it's a problem of the underlying technology. And if this was the first time it happened, I'd understand. But this is not, this is not the 10th time. It's not the 20th time. I want to emphasize: no technology's going to be perfect. It's battling an inherently adversarial system. But this is not a few things slipping through the cracks.... This is a complete catastrophic failure to contain this material. And in my opinion, as it was with New Zealand and as it was the one before then, it is inexcusable from a technological standpoint.
"These are now trillion-dollar companies we are talking about collectively," Farid points out later. "How is it that their hashing technology is so bad?

During a 92-minute presentation Wednesday on the state of the free software movement, Richard Stallman spoke at length on a wide variety of topics, including the need for freedom-respecting package systems.

But Stallman also shared his deepest thoughts on a topic dear to the hearts of Slashdot readers: privacy and currency: I won't order from online stores, because I can't pay them . For one thing, the payment services require running non-free JavaScript... [And] to pay remotely you've got to do it by credit card, and that's tracking people, and I want to resist tracking too.... This is a really serious problem for society, that you can't order things remotely anonymously.

But GNU Taler is part of the path to fixing that. You'll be able to get a Taler token from your bank, or a whole bunch of Taler tokens, and then you'll be able to use those to pay anonymously.

Then if the store can send the thing you bought to a delivery box in your neighborhood, the store doesn't ever have to know who you are.
But there's another issue Stallman touched on earlier in his talk: There is a proposed U.S. law called KOSA which would require mandatory age-verification of users -- which means mandatory identification of users, which is likely to mean via face recognition. And it would be in every commercial software application or electronic service that connects to the internet.... [It's] supposedly for protecting children. That's one of the favorite excuses for surveillance and repression: to protect the children. Whether it would actually protect anyone is dubious, but they hope that won't actually be checked.... You can always propose a completely useless method that will repress everyone....
So instead, Stallman suggests that age verification could be handled by.... GNU Taler: Suppose there's some sort of service which charges money, or even a tiny amount of money, and is only for people over 16, or people over 18 or whatever it is. Well, you could get from your bank a Taler token that says the person using this token is over 16. This bank has verified that.... So then the site only needs to insist on a 16-or-over Taler token, and your age is verified, but the site has no idea who you are.

Unfortunately that won't help if user-identifying age-tracking systems are legislated now. The code of Taler works, but it's still being integrated with a bank so that people could actually start to use it with real businesses.
Read on for Slashdot's report on Stallman's remarks on cryptocurrencies and encryption, or jump ahead to...

• Can GNU Taler accounts be frozen?
• Why cryptocurrency shouldn't replace banking
• The problem with VPN apps - and how interoperable encryption could protect your freedom

"I don't know if you know a lot about what is actually happening right now in Ukraine...."

CNN reports: There's silence on the other end of the line. "The real truth is that it is a terrible invasion..."

This is one of dozens of cold calls that Marija Stonyte and her husband make every day to people in Russia from their home in Lithuania as part of a volunteer initiative aimed at penetrating Russia's so-called digital iron curtain.... [M]any Russians know little about what is unfolding....

Desperate to break through, people around the world are trying creative ways to connect with Russians. Online activists Anonymous claim to have hacked Russian TV channels to broadcast footage from Ukraine. Others, like Stonyte, are trying a more individual approach. They're cold calling or messaging strangers in Russia, hoping their personal pleas will disrupt the Kremlin's propaganda — and potentially even help put an end to the deadly war.... The couple began calling businesses, museums and restaurants in Moscow and St. Petersburg, hoping to tell them about what was happening. Days later they stumbled across CallRussia.org, an initiative launched March 8 with the tagline: "Make the most important call of your life."

Co-founded by Lithuania-based creative agency director Paulius Senuta, the initiative aims to cold call 40 million phone numbers across Russia. The team gathered publicly available phone numbers in Russia and created a platform that randomly generates a phone number from the list. A user can opt to call over the phone, Telegram, or WhatsApp, and at the end of the call, a site pop-up asks the user whether they got through, and if so, if the call went well. The idea is based on Senuta's belief that Russian people have the power to end the war if they have access to free information and understand the human suffering in Ukraine.... With the help of psychologists, Senuta's team of about 30 people put together a script to guide the calls. They didn't want to get into a confontation — instead the goal is to "convey the human tragedy and the fact that they don't know about it."

In just one week after the CallRussia launch, thousands of volunteers made 84,000 phone calls, he said....

Henkka, a Finnish man based in Estonia, who asked to only be identified by his first name, set his location on dating app Tinder to St. Petersburg, got tipsy, and went on a mission to tell Russians about the war in Ukraine. Although Instagram and Facebook have been blocked, dating apps are still accessible. "How To" guides have sprung up on social media platform Reddit, advising people how to use Tinder's passport feature — which allows users to connect with people in other countries — to share information about Ukraine with Russians. Users share tips on how to create a credible fake account and match with as many people as possible without getting banned by the Tinder algorithm — Tinder says it may delete accounts using the app to promote messages.
CNN actually has a two-minute audio recording of one of Stonyte's phone calls. "I know that it is not safe in Russia to speak about these things. So I will just tell you, and I really hope that you can spread this message in private or to the circles of people you know...." (Stonyte's voice seems to quaver.) "The thing is that, I know that there is a lot of propaganda that is happening..."

"I agree with you," responds the person on the other end of the line.

Stonyte eventually says "So just — as much as you feel safe, and as much as you feel comfortable, please just silently, but, spread this message, so that people know..."

CNN reports that "Stonyte says few people hang up. Instead, most fall into one of two categories — those who argue back, and those who listen, she said. Stonyte believes many people may not want to respond out of fear the call could be monitored and they could face punishment...."

In March of 2021 the Krebs on Security blog reported that Ubiquiti, "a major vendor of cloud-enabled Internet of Things devices," had disclosed a breach exposing customer account credentials. But Krebs added that a company source "alleges" that Ubiquiti was downplaying the severity of the incident — which is not true, says Ubiquiti.

Krebs' original post now includes an update — putting the word "breach" in quotation marks, and noting that actually a former Ubiquiti developer had been indicted for the incident...and also for trying to extort the company. It was that extortionist, Ubiquiti says, who'd "alleged" they were downplaying the incident (which the extortionist had actually caused themselves).

Ubiquiti is now suing Krebs, "alleging that he falsely accused the company of 'covering up' a cyberattack," ITWire reports: In its complaint, Ubiquiti said contrary to what Krebs had reported, the company had promptly notified its clients about the attack and instructed them to take additional security precautions to protect their information. "Ubiquiti then notified the public in the next filing it made with the SEC. But Krebs intentionally disregarded these facts to target Ubiquiti and increase ad revenue by driving traffic to his website, www.KrebsOnSecurity.com," the complaint alleged.

It said there was no evidence to support Krebs' claims and only one source, [the indicted former employee] Nickolas Sharp....

According to the indictment issued by the Department of Justice against Sharp in December 2021, after publication of the articles in question on 30 and 31 March, Ubiquiti's stock price fell by about 20% and the company lost more than US$4 billion (A$5.32 billion) in market capitalisation.... The complaint alleged Krebs had intentionally misrepresented the truth because he had a financial incentive to do so, adding, "His entire business model is premised on publishing stories that conform to this narrative...."

"Through its investigation, Ubiquiti learned that Sharp had used his administrative access codes (which Ubiquiti provided to him as part of his employment) to download gigabytes of data. Sharp used a Virtual Private Network (VPN) to mask his online activity, and he also altered log retention policies and related files to conceal his wrongful actions," the complaint alleged. "Ubiquiti shared this information with federal authorities and the company assisted the FBI's investigation into Sharp's blackmail attempt. The federal investigation culminated with the FBI executing a search warrant on Sharp's home on 24 March 2021." The complaint then went into detail about how Sharp contacted Krebs and how the story came to be published.

Krebs was accused of two counts of defamation, with Ubiquiti seeking a jury trial and asking for a judgment against him that awarded compensatory damages of more than US$75,000, punitive damages of US$350,000, all expenses and costs including lawyers' fees and any further relief deemed appropriate by the court.
Krebs' follow-up post in December had included more details: Investigators say they were able to tie the downloads to Sharp and his work-issued laptop because his Internet connection briefly failed on several occasions while he was downloading the Ubiquiti data. Those outages were enough to prevent Sharp's Surfshark VPN connection from functioning properly — thus exposing his Internet address as the source of the downloads...

Several days after the FBI executed its search warrant, Sharp "caused false or misleading news stories to be published about the incident," prosecutors say. Among the claims made in those news stories was that Ubiquiti had neglected to keep access logs that would allow the company to understand the full scope of the intrusion. In reality, the indictment alleges, Sharp had shortened to one day the amount of time Ubiquiti's systems kept certain logs of user activity in AWS.
Thanks to Slashdot reader juul_advocate for sharing the story...

An anonymous reader quotes a report from The Verge: District of Columbia Attorney General Karl Racine is suing Grubhub for deceptive business practices, saying its food delivery app covertly inflates prices for diners who order through it. The suit demands an end to a laundry list of allegedly illegal practices as well as financial restitution and civil penalties. The newly filed lawsuit (PDF) argues that Grubhub's promises of "free" online orders -- and "unlimited free delivery" for Grubhub Plus -- are misleading. While customers can make pickup orders for free, the company charges delivery and service fees for standard orders and service fees for Grubhub Plus orders, displaying the service fee until recently as part of a single line with sales taxes. "Grubhub misled District residents and took advantage of local restaurants to boost its own profits, even as District consumers and small businesses struggled during the COVID-19 pandemic," said Racine in a statement. "Grubhub charged hidden fees and used bait-and-switch advertising tactics -- which are illegal."

The complaint says Grubhub orders often cost more than ordering the same item at a restaurant and argues that the company fails to reasonably disclose this to consumers. "Because Grubhub already charges consumers several different types of fees for its services ... consumers expect that the menu prices listed on Grubhub are the same prices offered at the restaurant or on the restaurant's website," it says. Grubhub has also listed many restaurants without their permission to expand its service, routing orders through its services and taking a commission. The complaint says it listed "over a thousand" restaurants in DC that had no connection with the company, asserting that the unapproved listings often contained menu errors and resulted in orders that would "take longer to fill, would be filled incorrectly, would be delivered cold, or would eventually be cancelled altogether."

Grubhub -- which also operates Seamless and several other food delivery apps -- has made more elaborate attempts to insert itself into restaurant transactions as well. The lawsuit notes its launch of unsanctioned microsites that appear to be official restaurant sites, as well as custom phone numbers that let it charge fees when customers call restaurants, even when the calls didn't result in orders. The company also offered a "Supper for Support" promotion that required restaurants to foot the bill for a special discount; it offered restaurants $250 in compensation after a backlash. "During the past year, we've sought to engage in a constructive dialogue with the DC attorney general's office to help them understand our business and to see if there were any areas for improvement," said Katie Norris, director of corporate communications, in a statement. "We are disappointed they have moved forward with this lawsuit because our practices have always complied with DC law, and in any event, many of the practices at issue have been discontinued. We will aggressively defend our business in court and look forward to continuing to serve DC restaurants and diners."

According to The Verge, Grubhub "says the app no longer lists restaurants that haven't agreed to work with it, and it's retired its microsites and the Supper for Support program." It will also make it more clear to users that prices might be lower when ordering directly from the restaurant, "and it will specify in marketing that only pickup orders are free," adds The Verge. The company maintains that it "has not misrepresented its fees," however.

The Free Software Foundation announced its new executive director this week.

Back in 2010 John Sullivan had become the Free Software Foundation's previous executive director, but last year after more than 11 years he'd decided to resign.

Taking his place will be the FSF's program manager for the last three years, who writes in a new blog post: The past three years working at the FSF as program manager have been educational and motivational. They have reinforced my belief that what we do is important, and that our goal to give the four freedoms to all computer users continues to be crucial. The work we do reminds people to recognize the power they have to demand change. This change will help free their own digital lives, and their loved ones'.

I am grateful to John Sullivan for his leadership and support. His legacy of nineteen years will be hard to live up to, and I look forward to working with him, the FSF board, and the staff on this transition....

We will continue our unwavering focus on our mission, especially working to increase understanding and adoption of copyleft, and bringing new people into the movement by communicating the necessity of the four freedoms. In the short term, we're focused on making the upcoming LibrePlanet conference [March 19-20] the best online edition yet for you. After that, I plan to reach out and ask for your thoughts and ideas on what else the FSF can do this year and beyond to advance the cause of user freedom.

As a free software activist, like many of you, each day, I am presented with almost innumerable choices between freedom and convenience, and each day I choose freedom wherever I can. I have learned to do this by questioning my tools, by joining this community, and by learning more and more about the ways that I can stand up for myself. If I can do that, I firmly believe we can reach anyone. I hope that you'll join me in rejecting the ways that Big Tech tries to deprive us of our freedoms, and to help set a positive example for computer users around the globe.

In freedom,

Zoë Kooyman
Executive Director
From the FSF's announcement: Kooyman assumes the executive director role following a series of recent steps taken to make the non-profit's governance and board recruitment practices more transparent and participatory, including a new community engagement process that empowers associate members of the FSF to nominate and evaluate candidates for the board of directors for the first time in the organization's 37-year history.

"I want to learn from the community, and will focus on relationship building, and on strengthening the free software movement together," Kooyman said. "Our immediate priority is to convene another successful LibrePlanet conference on March 19 and 20, bringing community activists, domain experts, and other users together to discuss current issues in technology and ethics. With the current and future threats users face, it's critical that we spread the free software message wider than ever before and that we help people understand the steps they can take to defend our user rights and freedom."

The Register reported this week on a group of software developers launching a group called Open Web Advocacy "to help online apps compete with native apps and to encourage or compel Apple to relax its iOS browser restrictions." The group (OWA), organized by UK-based developers Stuart Langridge, Bruce Lawson, and others, aims to promote a more open web by explaining subtle technical details to lawmakers and to help them understand anti-competitive aspects of web technology. Over the past few months, group members have been communicating with the UK Competitions and Markets Authority (CMA) to convince the agency that Apple's iOS browser policy harms competition.

In conjunction with the debut of the group's website, the OWA plans to release a technical paper titled "Bringing Competition to Walled Gardens," that summarizes the group's position and aims to help regulators in the UK and elsewhere understand the consequences of web technology restrictions.

The group is looking for like-minded developers to take up its cause.... The primary concern raised by Langridge and Lawson is that Apple's iOS App Store Guidelines require every browser running on iPhones and iPads to be based on WebKit, the open source project overseen by Apple that serves as the rendering engine for the company's Safari browser.
"The OWA is now urging Apple users to contact regulators and legislators in other jurisdictions to galvanize support and force Apple to end its restrictions around WebKit," reports MacRumors, "although such a move could make sideloading apps from the web a real possibility, and that is something Apple appears equally reluctant to allow.

Reuters reported today that Apple has now written to U.S. lawmakers "to dispute assertions that its concerns about the dangers of sideloading apps into phones were overblown...." Reuters points out that the U.S. Congress "is currently considering a bill aimed at reining in app stores run by Apple and Alphabet's Google, which would require companies to allow sideloading. Apple has argued that such a practice would be a security risk as it keeps tight control of the apps in the store in order to keep users safe."

But OWA organizer Bruce Lawson tells the Register that as things stand now, "at the moment, every browser on iOS, whether it be badged Chrome, Firefox or Edge is actually just a branded skin of Safari, which lags behind [other browsers] because it has no competition on iOS."

And something funny happened when the Register contacted Apple for a comment about why they're against App Store rule changes: To our astonishment, after having queries ignored for months, an Apple spokesperson responded, asking whether the company could correspond off-the-record. We replied that we would be happy to communicate off-the-record and then never heard back.

Or if we did, we couldn't say.

An anonymous reader quotes a report from The Associated Press: The Washington State Department of Licensing said the personal information of potentially millions of licensed professionals may have been exposed after it detected suspicious activity on its online licensing system. The agency licenses about 40 categories of businesses and professionals, from auctioneers to real estate agents, and it shut down its online platform temporarily after learning of the activity in January, agency spokesperson Christine Anthony said Friday. Data stored on the system, which is called POLARIS, could include Social Security numbers, birth dates and driver's licenses. The agency doesn't yet know whether such data was actually accessed or how many individuals may have been affected, Anthony said.

Anthony said the agency has been working with the state Office of Cybersecurity, the state Attorney General's Office and a third-party cybersecurity firm to understand the scope of the incident, The Seattle Times reported Friday. In the meantime, the shutdown of the POLARIS system is causing problems for some professionals and firms that need to apply for, renew or modify their licensing. The size of the breach remains unclear. Data from 23 professions and business types licensed by the state is processed via POLARIS, Anthony said. Within those 23 categories, which also include bail bonds agents, funeral directors, home inspectors and notaries, the agency has around 257,000 active licenses in its system, Anthony said, adding that "there are likely more records that may be identified while conducting our investigation."

"The European Union took a significant step Thursday toward passing legislation that could transform the way major technology companies operate," reports the Washington Post, "requiring them to police content on their platforms more aggressively and introducing new restrictions on advertising, among other provisions...."

"The legislation is the most aggressive attempt yet to regulate big tech companies as the industry comes under greater international scrutiny." The version approved Thursday would force companies to remove content that is considered illegal in the country where it is viewed, which could be Holocaust denials in Germany or racist postings in France. And it would significantly shape how companies interact with users, allowing Europeans to opt out of targeted advertising more easily and prohibiting companies from targeting advertisements at children.... The legislation would also ban companies from employing deceptive tactics known as dark patterns to lure users to sign up or pay for services and products. And it would allow users to ask companies which personal characteristics, such as age or other demographic information, led them to be targeted with certain advertisements.
The two legislation bodies of the 27-nation bloc "are expected to debate the contents of the legislation for months before voting on a final version," the Post adds. But they add this a vote on "initial approval" of the legislation passed "overwhelmingly". "With the [Digital Services Act] we are going to take a stand against the Wild West the digital world has turned into, set the rules in the interests of consumers and users, not just of Big Tech companies and finally make the things that are illegal offline illegal online too," said Christel Schaldemose, the center-left lawmaker from Denmark who has led negotiations on the bill.

The Post adds this quote from Gianclaudio Malgieri, an associate professor of technology and law at the EDHEC Business School in France. "For the first time, it will not be based on what Big Tech decides to do," he said. "It will be on paper."

In fact, the site Open Access Government reports there were 530 votes for the legislation, and just 78 against (with 80 abstentions). "The Digital Services Act could now become the new gold standard for digital regulation, not just in Europe but around the world," they quote Schaldemose as saying, also offering more details on the rest of the bill: Algorithm use should be more transparent, and researchers should also be given access to raw data to understand how online harms evolve. There is also a clause for an oversight structure, which would allow EU countries to essentially regulate regulation. Violations could in future be punished with fines of up to 6% of a company's annual revenue....

The draft Bill is one half of a dual-digital regulation package. The other policy is the Digital Markets Act (DMA), which would largely look at tackling online monopolies.
Thanks to long-time Slashdot reader UpnAtom for sharing the story.