Android and Google Play have billions of users, Google wrote in its security blog this week. "However, like any flourishing ecosystem, it also attracts its share of bad actors... That's why every year, we continue to invest in more ways to protect our community." Google's tactics include industry-wide alliances, stronger privacy policies, and "AI-powered threat detection."

"As a result, we prevented 2.36 million policy-violating apps from being published on Google Play and banned more than 158,000 bad developer accounts that attempted to publish harmful apps. " To keep out bad actors, we have always used a combination of human security experts and the latest threat-detection technology. In 2024, we used Google's advanced AI to improve our systems' ability to proactively identify malware, enabling us to detect and block bad apps more effectively. It also helps us streamline review processes for developers with a proven track record of policy compliance. Today, over 92% of our human reviews for harmful apps are AI-assisted, allowing us to take quicker and more accurate action to help prevent harmful apps from becoming available on Google Play. That's enabled us to stop more bad apps than ever from reaching users through the Play Store, protecting users from harmful or malicious apps before they can cause any damage.
Starting in 2024 Google also "required apps to be more transparent about how they handle user information by launching new developer requirements and a new 'Data deletion' option for apps that support user accounts and data collection.... We're also constantly working to improve the safety of apps on Play at scale, such as with the Google Play SDK Index. This tool offers insights and data to help developers make more informed decisions about the safety of an SDK."

And once an app is installed, "Google Play Protect, Android's built-in security protection, helps to shield their Android device by continuously scanning for malicious app behavior." Google Play Protect automatically scans every app on Android devices with Google Play Services, no matter the download source. This built-in protection, enabled by default, provides crucial security against malware and unwanted software. Google Play Protect scans more than 200 billion apps daily and performs real-time scanning at the code-level on novel apps to combat emerging and hidden threats, like polymorphic malware. In 2024, Google Play Protect's real-time scanning identified more than 13 million new malicious apps from outside Google Play [based on Google Play Protect 2024 internal data]...

According to our research, more than 95 percent of app installations from major malware families that exploit sensitive permissions highly correlated to financial fraud came from Internet-sideloading sources like web browsers, messaging apps, or file managers. To help users stay protected when browsing the web, Chrome will now display a reminder notification to re-enable Google Play Protect if it has been turned off... Scammers may manipulate users into disabling Play Protect during calls to download malicious Internet-sideloaded apps. To prevent this, the Play Protect app scanning toggle is now temporarily disabled during phone or video calls...

Google Play Protect's enhanced fraud protection pilot analyzes and automatically blocks the installation of apps that may use sensitive permissions frequently abused for financial fraud when the user attempts to install the app from an Internet-sideloading source (web browsers, messaging apps, or file managers). Building on the success of our initial pilot in partnership with the Cyber Security Agency of Singapore (CSA), additional enhanced fraud protection pilots are now active in nine regions — Brazil, Hong Kong, India, Kenya, Nigeria, Philippines, South Africa, Thailand, and Vietnam.

In 2024, Google Play Protect's enhanced fraud protection pilots have shielded 10 million devices from over 36 million risky installation attempts, encompassing over 200,000 unique apps.

Just three hours ago, OpenAI made a surprise announcement to their 3.9 million followers on X.com. "Live from Tokyo," they'd be livestreaming... something. Their description of the event was just two words.

"Deep Research"

UPDATE: The stream has begun, and it's about OpenAI's next "agent-ic offering". ("OpenAI cares about agents because we believe they're going to transform knowlege work...")

"We're introducing a capability called Deep Research... a model that does multi-step research. It discovers content, it synthesizes content, and it reasons about this content." It even asks "clarifying" questions to your prompt to make sure its multi-step research stays on track. Deep Research will be launching in ChatGPT Pro later today, rolling out into other OpenAI products...

And OpenAI's site now has an "Introducing Deep Research" page. Its official description? "An agent that uses reasoning to synthesize large amounts of online information and complete multi-step research tasks for you. Available to Pro users today, Plus and Team next."

Before the livestream began, X.com users shared their reactions to the coming announcement:

"It's like DeepSeek, but cleaner"
"Deep do do if things don't work out"
"Live from Tokyo? Hope this research includes the secret to waking up early!"
"Stop trying, we don't trust u"

But one X.com user had presciently pointed out OpenAI has used the phrase "deep research" before. In July of 2024, Reuters reported on internal documentation (confirmed with "a person familiar with the matter") code-named "Strawberry" which suggested OpenAI was working on "human-like reasoning skills." How Strawberry works is a tightly kept secret even within OpenAI, the person said. The document describes a project that uses Strawberry models with the aim of enabling the company's AI to not just generate answers to queries but to plan ahead enough to navigate the internet autonomously and reliably to perform what OpenAI terms "deep research," according to the source. This is something that has eluded AI models to date, according to interviews with more than a dozen AI researchers.

Asked about Strawberry and the details reported in this story, an OpenAI company spokesperson said in a statement: "We want our AI models to see and understand the world more like we do. Continuous research into new AI capabilities is a common practice in the industry, with a shared belief that these systems will improve in reasoning over time." The spokesperson did not directly address questions about Strawberry.

The Strawberry project was formerly known as Q*, which Reuters reported last year was already seen inside the company as a breakthrough... OpenAI hopes the innovation will improve its AI models' reasoning capabilities dramatically, the person familiar with it said, adding that Strawberry involves a specialized way of processing an AI model after it has been pre-trained on very large datasets.

Researchers Reuters interviewed say that reasoning is key to AI achieving human or super-human-level intelligence... OpenAI CEO Sam Altman said earlier this year that in AI "the most important areas of progress will be around reasoning ability.

An aircraft carrier in the U.S. Navy tested "vastly increased" levels of internet connectivity, reports the defense-news web site TWZ, callling it "a game-changer for what a ship, and its sailors, can do while at sea." The F-35 Joint Strike Fighters assigned to the carrier offer a case in point for what more shipboard bandwidth — provided by commercial providers like Starlink and OneWeb — can mean at the tactical level. Jets with the embarked Marine Fighter Attack Squadron 314 took on critical mission data file updates in record time last fall due to the carrier's internet innovations, a capability that is slated to expand across the fleet. "This file offers intelligence updates and design enhancements that enable pilots to identify and counter threats in specific operational environments," the Navy said in an October release announcing the feat. "The update incorporated more than 100 intelligence changes and multiple design improvements, significantly enhancing the aircraft's survivability and lethality...." [Capt. Kevin White, then the Lincoln's combat systems officer] noted how the F-35 "eats and breathes data daily," and it has to be shared with commands ashore. The connectivity innovations he's pioneered will enable such data transfers, which will only grow more complex over time. "If you can't get the data onboard, you're probably going to be at a loss," White said. "So large file transfer capability increases combat readiness...."

When the system was on, it provided not only mission benefits, but benefits to the hard-working Lincoln crew as well, which was at sea for 107 days at one point with no port calls [Capt. Pete "Repete" Riebe, told WEST conference attendees]... White said the average age of an embarked Lincoln sailor was 20.8, and Riebe noted that to attract young people into service, the Navy needs to recognize the innate connection they have to their devices. "The next generation of sailors grew up with a cell phone in their hand, and they are uncomfortable without it," Riebe said. "I don't necessarily like that, but that's reality, and if we want to compete for the best folks coming into the Navy, we need to offer them bandwidth at sea." Having better connectivity also helped with the ship's administrative functions, Riebe said, making medical, dental and other work far easier than they have been in the past...

A sailor who can FaceTime with his family back home carries less non-Navy stress with them as they focus on the life-or-death duties at hand, White said... This beefed-up bandwidth allowed 38 sailors to witness the birth of their child, while others were able to watch their kids' sporting events, White said. Several crew members pursued doctorate and master's degrees while deployed due to better internet, while others were able to deal with personal or legal issues they had left behind back home. One officer was able to commission his wife remotely from the ship... On the operational side, from "the most desolate waters," Lincoln used its bandwidth to connect with a command in Norfolk, which undertook the ship's annual cybersecurity scans "from halfway around the world," White said... Taxpayer dollars can also be saved if a ship isn't paying for WiFi access while in port, White noted, and the crew was able to start getting to know Italian allies online before an exercise, enhancing the personal aspects of such partnerships.

More bandwidth also means more onboard training, meaning some sailors who don't have to leave to go to the school house, and sailors were able to get answers to maintenance questions from ashore commands faster as well. "Just by being able to have more reliable access to support resources, we definitely become more effective at maintenance," White said.
Every day the aircraft carrier averaged four to eight terabytes of transferred data, according to the article (with a team of two full-time system administrators managing 7,000 IP addresses), and ultimately saw 780 terabytes of data transferred over five-and-a-half months. The article notes it's part of the Navy's larger "Sailor Edge Afloat and Ashore" (SEA2) program to provide all its warships with high-bandwidth connectivity around the world.

The program "involves moving some communications aspects away from proprietary Defense Department satellites, while leaning on commercial satellite constellations and even cellular providers to keep ships more connected at sea for both personal and tactical uses."

Thanks to long-time Slashdot reader SonicSpike for sharing the article.

Thursday America's FDA "raised concerns about cybersecurity vulnerabilities" in patient monitors from China-based medical device company Contec "that could allow unauthorized individuals to access and potentially manipulate those devices," reports Reuters. The patient monitors could be remotely controlled by unauthorized users or may not function as intended, and the network to which these devices are connected could be compromised, the agency warned. The FDA also said that once these devices are connected to the internet, they can collect patient data, including personally identifiable information and protected health information, and can export this data out of the healthcare delivery environment.

The agency, however, added that it is currently unaware of any cybersecurity incidents, injuries, or deaths related to these identified cybersecurity vulnerabilities.
The FDA's announcement says "The software on the patient monitors includes a backdoor, which may mean that the device or the network to which the device has been connected may have been or could be compromised." And it offers this advice to caregivers and patients: If your health care provider confirms that your device relies on remote monitoring features, unplug the device and stop using it. Talk to your health care provider about finding an alternative patient monitor.

If your device does not rely on remote monitoring features, use only the local monitoring features of the patient monitor. This means unplugging the device's ethernet cable and disabling wireless (that is, WiFi or cellular) capabilities, so that patient vital signs are only observed by a caregiver or health care provider in the physical presence of a patient. If you cannot disable the wireless capabilities, unplug the device and stop using it. Talk to your health care provider about finding an alternative patient monitor.
A detailed report from CISA describes how a research team "created a simulated network, created a fake patient profile, and connected a blood pressure cuff, SpO2 monitor, and ECG monitor peripherals to the patient monitor. Upon startup, the patient monitor successfully connected to the simulated IP address and immediately began streaming patient data..." to an IP address that hard-coded into the backdoor function. "Sensor data from the patient monitor is also transmitted to the IP address in the same manner. If the routine to connect to the hard-coded IP address and begin transmitting patient data is called, it will automatically initialize the eth0 interface in the same manner as the backdoor. This means that even if networking is not enabled on startup, running this routine will enable networking and thereby enable this functionality

An anonymous reader shared this report from Reuters: New York-based cybersecurity firm Wiz says it has found a trove of sensitive data from the Chinese artificial intelligence startup DeepSeek inadvertently exposed to the open internet. In a blog post published Wednesday, Wiz said that scans of DeepSeek's infrastructure showed that the company had accidentally left more than a million lines of data available unsecured.

Those included digital software keys and chat logs that appeared to capture prompts being sent from users to the company's free AI assistant.
Wiz's chief technology officer tells Reuters that DeepSeek "took it down in less than an hour" after Wiz alerted them.

"But this was so simple to find we believe we're not the only ones who found it."

Despite being removed from app stores and facing a potential U.S. ban, TikTok has regained nearly 90% of its user traffic, according to Cloudflare Radar. "DNS traffic for TikTok-related domains has continued to recover since service restoration, and is currently about 10% lower than pre-shutdown level," said David Belson, head of data insight at Cloudflare. CNBC reports: The data from Cloudflare shows that, for the most part, TikTok has managed to maintain the bulk of its users and creators in the U.S. despite going offline for about 14 hours and remaining off of the Apple or Google app stores.

As for its alternatives, Cloudflare's data shows a spike in traffic the day of the temporary ban, with levels remaining steadily higher in the following week. Traffic for alternatives began to grow a week ahead of the expected shutdown, driven by the increased popularity of RedNote, known as Xiaohongshu in China, Belson said.

But traffic to TikTok alternatives peaked on Jan. 19, the day TikTok returned online, he added. "DNS traffic fell rapidly once the shutdown ended, and has continued to slowly decline over the last week and a half," Belson said.

The Swiss canton ("state") of Basel-Stadt fixed a tax flyer typo by buying the incorrect domain and setting up a redirect, avoiding a $100,000 reprint cost. TechCrunch reports: As Swiss news outlet SRF reports, the Basel tax administration printed fliers that were supposed to include a URL to file taxes online. However, the Swiss country code top-level domain (ccTLD) of ".ch" was omitted, leaving just the Basel-Stadt suffix of ".bs" -- which just happens to be the ccTLD of the Bahamas.

A spokesperson for Basel-Stadt's department of finance told SRF that it would cost the equivalent of around $100,000 to print and send out a batch of new flyers, so it was a no-brainer to fork out $1,000 to administer the new domain instead.

An anonymous reader quotes a report from 404 Media: Datasets aggregated on data.gov, the largest repository of U.S. government open data on the internet, are being deleted, according to the website's own information. Since Donald Trump was inaugurated as president, more than 2,000 datasets have disappeared from the database. As people in the Data Hoarding and archiving communities have pointed out, on January 21, there were 307,854 datasets on data.gov. As of Thursday, there are 305,564 datasets. Many of the deletions happened immediately after Trump was inaugurated, according to snapshots of the website saved on the Internet Archive's Wayback Machine. Harvard University researcher Jack Cushman has been taking snapshots of Data.gov's datasets both before and after the inauguration, and has worked to create a full archive of the data.

"Some of [the entries link to] actual data," Cushman told 404 Media. "And some of them link to a landing page [where the data is hosted]. And the question is -- when things are disappearing, is it the data it points to that is gone? Or is it just the index to it that's gone?" For example, "National Coral Reef Monitoring Program: Water Temperature Data from Subsurface Temperature Recorders (STRs) deployed at coral reef sites in the Hawaiian Archipelago from 2005 to 2019," a NOAA dataset, can no longer be found on data.gov but can be found on one of NOAA's websites by Googling the title. "Stetson Flower Garden Banks Benthic_Covage Monitoring 1993-2018 -- OBIS Event," another NOAA dataset, can no longer be found on data.gov and also appears to have been deleted from the internet. "Three Dimensional Thermal Model of Newberry Volcano, Oregon," a Department of Energy resource, is no longer available via the Department of Energy but can be found backed up on third-party websites. [...]

Data.gov serves as an aggregator of datasets and research across the entire government, meaning it isn't a single database. This makes it slightly harder to archive than any individual database, according to Mark Phillips, a University of Northern Texas researcher who works on the End of Term Web Archive, a project that archives as much as possible from government websites before a new administration takes over. "Some of this falls into the 'We don't know what we don't know,'" Phillips told 404 Media. "It is very challenging to know exactly what, where, how often it changes, and what is new, gone, or going to move. Saving content from an aggregator like data.gov is a bit more challenging for the End of Term work because often the data is only identified and registered as a metadata record with data.gov but the actual data could live on another website, a state .gov, a university website, cloud provider like Amazon or Microsoft or any other location. This makes the crawling even more difficult."

Phillips said that, for this round of archiving (which the team does every administration change), the project has been crawling government websites since January 2024, and that they have been doing "large-scale crawls with help from our partners at the Internet Archive, Common Crawl, and the University of North Texas. We've worked to collect 100s of terabytes of web content, which includes datasets from domains like data.gov." [...] It is absolutely true that the Trump administration is deleting government data and research and is making it harder to access. But determining what is gone, where it went, whether it's been preserved somewhere, and why it was taken down is a process that is time intensive and going to take a while. "One thing that is clear to me about datasets coming down from data.gov is that when we rely on one place for collecting, hosting, and making available these datasets, we will always have an issue with data disappearing," Phillips said. "Historically the federal government would distribute information to libraries across the country to provide greater access and also a safeguard against loss. That isn't done in the same way for this government data."

The company that Jeff Bezos founded has gone to court to keep the newspaper he owns from finding out too much about the inner workings of its business. From a report: Amazon is suing Washington state to limit the release of public records to The Washington Post from a series of state Department of Labor and Industries investigations of an Amazon Project Kuiper satellite facility in the Seattle area.

The lawsuit, filed this week in King County Superior Court in Seattle, says the newspaper on Nov. 26 requested "copies of inspection records, investigation notes, interview notes, complaints," and other documents related to four investigations at the Redmond, Wash., facility between August and October 2024. It's not an unusual move by the company, and in some ways it's a legal technicality.

Amazon says it's not seeking to block the records release entirely, but rather seeking to protect from public disclosure certain records that contain proprietary information and trade secrets about the company's satellite internet operations. The lawsuit cites a prior situation in which Amazon and the Department of Labor and Industries similarly worked through the court to respond to a Seattle Times public records request without disclosing proprietary information.

An anonymous reader quotes a report from Ars Technica: US Rep. Zoe Lofgren (D-Calif.) today proposed a law that would let copyright owners obtain court orders requiring Internet service providers to block access to foreign piracy websites. The bill would also force DNS providers to block sites. Lofgren said in a press release that she "work[ed] for over a year with the tech, film, and television industries" on "a proposal that has a remedy for copyright infringers located overseas that does not disrupt the free Internet except for the infringers." Lofgren said she plans to work with Republican leaders to enact the bill. [...]

Lofgren's bill (PDF) would impose site-blocking requirements on broadband providers with at least 100,000 subscribers and providers of public domain name resolution services with annual revenue of over $100 million. The bill has exemptions for VPN services and "similar services that encrypt and route user traffic through intermediary servers"; DNS providers that offer service "exclusively through encrypted DNS protocols"; and operators of premises that provide Internet access, like coffee shops, bookstores, airlines, and universities. Lofgren released a summary of the bill explaining how copyright owners can obtain blocking orders. "A copyright owner or exclusive licensee may file a petition in US District Court to obtain a preliminary order against a foreign website or online service engaging in copyright infringement," the summary said.

For non-live content, the petition must show that "transmission of a work through a foreign website likely infringes exclusive rights under Section 106 [of US law] and is causing irreparable harm." For live events, a petition must show that "an imminent or ongoing unauthorized transmission of a live event is likely to infringe, and will cause irreparable harm." The proposed law says that after a preliminary order is issued, copyright owners would be able to obtain orders directing service providers "to take reasonable and technically feasible measures to prevent users of the service provided by the service provider from accessing the foreign website or online service identified in the order." Judges would not be permitted to "prescribe any specific technical measures" for blocking and may not require any action that would prevent Internet users from using virtual private networks.Consumer advocacy group Public Knowledge described the bill as a "censorious site-blocking" measure "that turns broadband providers into copyright police at Americans' expense."

"Rather than attacking the problem at its source -- bringing the people running overseas piracy websites to court -- Congress and its allies in the entertainment industry has decided to build out a sweeping infrastructure for censorship," Public Knowledge Senior Policy Counsel Meredith Rose said. "Site-blocking orders force any service provider, from residential broadband providers to global DNS resolvers, to disrupt traffic from targeted websites accused of copyright infringement. More importantly, applying blocking orders to global DNS resolvers results in global blocks. This means that one court can cut off access to a website globally, based on one individual's filing and an expedited procedure. Blocking orders are incredibly powerful weapons, ripe for abuse, and we've seen the messy consequences of them being implemented in other countries."

NordVPN has introduced NordWhisper, a new protocol designed to bypass VPN blocks in restrictive countries like Russia and India by making VPN traffic appear like regular internet activity. Gizmodo reports: NordVPN claims to have found a way to make traffic from its service look normal, though admits that it may not always work perfectly. It also says the NordWhisper protocol may introduce more latency. The protocol is rolling out first to users on Windows, Linux, and Android. Support for other platforms will come in the future.

Comcast is deploying "Low Latency, Low Loss, Scalable Throughput" (L4S) technology across its Xfinity internet network in six U.S. cities, a system that reduces the time data packets take to travel between users and servers. Initial trials showed a 78% reduction in working latency under normal home conditions. The technology will first support FaceTime calls, Nvidia's GeForce Now cloud gaming, and Steam games, with planned expansion to Meta's mixed reality applications.

The Federal Communications Commission will abandon a proposal that would have banned mandatory internet service charges for apartment and condominium residents. FCC Chair Brendan Carr halted the Biden-era plan that sought to prevent landlords from requiring tenants to pay for specific broadband providers. Housing industry groups said they welcomed the decision, arguing bulk billing arrangements help secure discounted rates. They claim these agreements can reduce internet costs by up to 50%. However, public interest advocates, who backed the original proposal, contend that landlords don't always pass these savings to tenants.

chicksdaddy share a report from the Security Ledger: Vulnerabilities in Subaru's STARLINK telematics software enabled two, independent security researchers to gain unrestricted access to millions of Subaru vehicles deployed in the U.S., Canada and Japan. In a report published Thursday researchers Sam Curry and Shubham Shah revealed a now-patched flaw in Subaru's STARLINK connected vehicle service that allowed them to remotely control Subarus and access vehicle location information and driver data with nothing more than the vehicle's license plate number, or easily accessible information like the vehicle owner's email address, zip code and phone number. (Note: Subaru STARLINK is not to be confused with the Starlink satellite-based high speed Internet service.)

[Curry and Shah downloaded a year's worth of vehicle location data for Curry's mother's 2023 Impreza (Curry bought her the car with the understanding that she'd let him hack it.) The two researchers also added themselves to a friend's STARLINK account without any notification to the owner and used that access to remotely lock and unlock the friend's Subaru.] The details of Curry and Shah's hack of the STARLINK telematics system bears a strong resemblance to hacks documented in his 2023 report Web Hackers versus the Auto Industry as well as a September, 2024 discovery of a remote access flaw in web-based applications used by KIA automotive dealers that also gave remote attackers the ability to steal owners' personal information and take control of their KIA vehicle. In each case, Curry and his fellow researchers uncovered publicly accessible connected vehicle infrastructure intended for use by [employees and dealers was found to be trivially vulnerable to compromise and lack even basic protections around account creation and authentication].

Facebook has banned posts mentioning Linux-related topics, with the popular Linux news and discussion site, DistroWatch, at the center of the controversy. Tom's Hardware reports: A post on the site claims, "Facebook's internal policy makers decided that Linux is malware and labeled groups associated with Linux as being 'cybersecurity threats.' We tried to post some blurb about distrowatch.com on Facebook and can confirm that it was barred with a message citing Community Standards. DistroWatch says that the Facebook ban took effect on January 19. Readers have reported difficulty posting links to the site on this social media platform. Moreover, some have told DistroWatch that their Facebook accounts have been locked or limited after sharing posts mentioning Linux topics.

If you're wondering if there might be something specific to DistroWatch.com, something on the site that the owners/operators perhaps don't even know about, for example, then it seems pretty safe to rule out such a possibility. Reports show that "multiple groups associated with Linux and Linux discussions have either been shut down or had many of their posts removed." However, we tested a few other Facebook posts with mentions of Linux, and they didn't get blocked immediately. Copenhagen-hosted DistroWatch says it has tried to appeal against the Community Standards-triggered ban. However, they say that a Facebook representative said that Linux topics would remain on the cybersecurity filter. The DistroWatch writer subsequently got their Facebook account locked... DistroWatch points out the irony at play here: "Facebook runs much of its infrastructure on Linux and often posts job ads looking for Linux developers."

UPDATE: Facebook has admited they made a mistake and stopped blocking the posts.

The EFF has complained that in general "smart" products for babies "collect a ton of information about you and your baby on an ongoing basis". (For this year's "worst in privacy" product at CES they chose a $1,200 baby bassinet equipped with a camera, a microphone, and a radar sensor...)

But today the Washington Post reported on a $1,700 bassinet that surprised the mother of a one-month-old when it "abruptly demanded money for a feature she relied on to soothe her baby to sleep." The internet-connected bassinet... reliably comforted her 1-month-old — just as it had her first child — until it started charging $20 a month for some abilities, including one that keeps the bassinet's motion and sounds at one level all night. The level-lock feature previously was available without a fee. "It all felt really intrusive — like they went into our bedroom and clawed back this feature that we've been depending on...." When the Snoo's maker, Happiest Baby, introduced a premium subscription for some of the bassinet's most popular features in July, owners filed dozens of complaints to the Federal Trade Commission and the Better Business Bureau, coordinated review bombs and vented on social media — saying the company took advantage of their desperation for sleep to bait-and-switch them...

Happiest Baby isn't the only baby gear company that has rolled out a subscription. In 2023, makers of the Miku baby monitor, which retails for up to $400, elicited similar fury from parents when it introduced a $10 monthly subscription for most features. A growing number of internet-connected products have lost software support or functionality after purchase in recent years, such as Spotify's Car Thing — a $90 Bluetooth streaming device that the company announced in May it plans to discontinue — and Levi's $350 smart jacket, which let users control their phones by swiping sensors on its sleeve...

Seventeen consumer protection and tech advocacy groups cited Happiest Baby and Car Thing in a letter urging the FTC to create guidelines that ensure products retain core functionality without the imposition of fees that did not exist when the items were originally bought.
The Times notes that the bassinets are often resold, so the subscription fees are partly to cover the costs of supporting new owners, according to Happiest Baby's vice president for marketing and communications. But the article three additional perspectives:

• "This new technology is actually allowing manufacturers to change the way the status quo has been for decades, which is that once you buy something, you own it and you can do whatever you want. Right now, consumers have no trust that what they're buying is actually going to keep working." — Lucas Gutterman, who leads the Public Interest Research Group's "Design to Last" campaign.

• "It's a shame to be beholden to companies' goodwill, to require that they make good decisions about which settings to put behind a paywall. That doesn't feel good, and you can't always trust that, and there's no guarantee that next week Happiest Baby isn't going to announce that all of the features are behind a paywall." — Elizabeth Chamberlain, sustainability director at iFixit.

• "It's no longer just an out-and-out purchase of something. It's a continuous rental, and people don't know that." — Natasha Tusikov, an associate professor at York University

"An underwater data cable between Sweden and Latvia was damaged early on Sunday," reports the Financial Times, "in at least the fourth episode of potential sabotage in the Baltic Sea that has caused concern in Nato about the vulnerability of critical infrastructure..." Criminal investigations have started in Latvia and Sweden, and a ship has been seized as part of the probes, according to Swedish prosecutors, who did not identify the vessel. Previous incidents have been linked to Russian and Chinese ships...

The latest incident comes as the three Baltic states are preparing to disconnect their electricity systems from the former Soviet network in early February and integrate themselves into the continental European grid, with some fearing further potential disruption ahead of that. Estonia, Latvia and Lithuania have joined the EU and Nato since regaining their independence after their forced annexation by the Soviet Union, and see their switch to the European electricity system as their final integration into the west. KÄ(TM)stutis Budrys, Lithuania's foreign minister, said navigation rules in the Baltic Sea needed to be reviewed "especially when it comes to the use of anchors" and added there were now so many incidents that there was little chance they could all be accidents.

Repair of data cables has tended to take much less time than that for gas or electricity connections, and the Latvian state radio and television centre said it had found alternative routes for its communications.

This weekend Cory Doctorow delved into "the two factors that make services terrible: captive users, and no constraints." If your users can't leave, and if you face no consequences for making them miserable (not solely their departure to a competitor, but also fines, criminal charges, worker revolts, and guerrilla warfare with interoperators), then you have the means, motive and opportunity to turn your service into a giant pile of shit... Every economy is forever a-crawl with parasites and monsters like these, but they don't get to burrow into the system and colonize it until policymakers create rips they can pass through.
Doctorow argues that "more and more critics are coming to understand that lock-in is the root of the problem, and that anti-lock-in measures like interoperability can address it." Even more important than market discipline is government discipline, in the form of regulation. If Zuckerberg feared fines for privacy violations, or moderation failures, or illegal anticompetitive mergers, or fraudulent advertising systems that rip off publishers and advertisers, or other forms of fraud (like the "pivot to video"), he would treat his users better. But Facebook's rise to power took place during the second half of the neoliberal era, when the last shreds of regulatory muscle that survived the Reagan revolution were being devoured... But it's worse than that, because Zuckerberg and other tech monopolists figured out how to harness "IP" law to get the government to shut down third-party technology that might help users resist enshittification... [Doctorow says this is "why companies are so desperate to get you to use their apps rather than the open web"] IP law is why you can't make an alternative client that blocks algorithmic recommendations. IP law is why you can't leave Facebook for a new service and run a scraper that imports your waiting Facebook messages into a different inbox. IP law is why you can't scrape Facebook to catalog the paid political disinformation the company allows on the platform...
But then Doctorow argues that "Legacy social media is at a turning point," citing as "a credible threat" new systems built on open standards like Mastodon (built on Activitypub) and Bluesky (built on Atproto): I believe strongly in improving the Fediverse, and I believe in adding the long-overdue federation to Bluesky. That's because my goal isn't the success of the Fediverse — it's the defeat of enshtitification. My answer to "why spend money fixing Bluesky?" is "why leave 20 million people at risk of enshittification when we could not only make them safe, but also create the toolchain to allow many, many organizations to operate a whole federation of Bluesky servers?" If you care about a better internet — and not just the Fediverse — then you should share this goal, too... Mastodon has one feature that Bluesky sorely lacks — the federation that imposes antienshittificatory discipline on companies and offers an enshittification fire-exit for users if the discipline fails. It's long past time that someone copied that feature over to Bluesky.
Doctorow argues that federated and "federatable" social media "disciplines enshittifiers" by freeing social media's captive audiences.

"Any user can go to any server at any time and stay in touch with everyone else."

Two computer scientists at the University of Waterloo in Canada believe changing 30 lines of code in Linux "could cut energy use at some data centers by up to 30 percent," according to the site Data Centre Dynamics.

It's the code that processes packets of network traffic, and Linux "is the most widely used OS for data center servers," according to the article: The team tested their solution's effectiveness and submitted it to Linux for consideration, and the code was published this month as part of Linux's newest kernel, release version 6.13. "All these big companies — Amazon, Google, Meta — use Linux in some capacity, but they're very picky about how they decide to use it," said Martin Karsten [professor of Computer Science in the Waterloo's Math Faculty]. "If they choose to 'switch on' our method in their data centers, it could save gigawatt hours of energy worldwide. Almost every single service request that happens on the Internet could be positively affected by this."

The University of Waterloo is building a green computer server room as part of its new mathematics building, and Karsten believes sustainability research must be a priority for computer scientists. "We all have a part to play in building a greener future," he said. The Linux Foundation, which oversees the development of the Linux OS, is a founder member of the Green Software Foundation, an organization set up to look at ways of developing "green software" — code that reduces energy consumption.
Karsten "teamed up with Joe Damato, distinguished engineer at Fastly" to develop the 30 lines of code, according to an announcement from the university. "The Linux kernel code addition developed by Karsten and Damato was based on research published in ACM SIGMETRICS Performance Evaluation Review" (by Karsten and grad student Peter Cai).

Their paper "reviews the performance characteristics of network stack processing for communication-heavy server applications," devising an "indirect methodology" to "identify and quantify the direct and indirect costs of asynchronous hardware interrupt requests (IRQ) as a major source of overhead...

"Based on these findings, a small modification of a vanilla Linux system is devised that improves the efficiency and performance of traditional kernel-based networking significantly, resulting in up to 45% increased throughput..."

An anonymous reader quotes a report from Ars Technica: When threat actors use backdoor malware to gain access to a network, they want to make sure all their hard work can't be leveraged by competing groups or detected by defenders. One countermeasure is to equip the backdoor with a passive agent that remains dormant until it receives what's known in the business as a "magic packet." On Thursday, researchers revealed that a never-before-seen backdoor that quietly took hold of dozens of enterprise VPNs running Juniper Network's Junos OS has been doing just that. J-Magic, the tracking name for the backdoor, goes one step further to prevent unauthorized access. After receiving a magic packet hidden in the normal flow of TCP traffic, it relays a challenge to the device that sent it. The challenge comes in the form of a string of text that's encrypted using the public portion of an RSA key. The initiating party must then respond with the corresponding plaintext, proving it has access to the secret key.

The lightweight backdoor is also notable because it resided only in memory, a trait that makes detection harder for defenders. The combination prompted researchers at Lumin Technology's Black Lotus Lab to sit up and take notice. "While this is not the first discovery of magic packet malware, there have only been a handful of campaigns in recent years," the researchers wrote. "The combination of targeting Junos OS routers that serve as a VPN gateway and deploying a passive listening in-memory only agent, makes this an interesting confluence of tradecraft worthy of further observation." The researchers found J-Magic on VirusTotal and determined that it had run inside the networks of 36 organizations. They still don't know how the backdoor got installed.