Facebook Inc said on Monday it would provide academic researchers information on how political ads were targeted in the lead-up to the presidential election in the United States last year.
The social media giant said the data would include targeting criteria, such as location and interests, selected by advertisers running social issue, electoral or political ads.
Academics and researchers can apply for access to this information through the Facebook Open Research & Transparency (FORT) platform on Feb. 1, Facebook said in a blog post, adding that the data package would cover more than a million ads that ran between Aug. 3 and Nov. 3. (bit.ly/3a3L91r) Both Facebook and Alphabet Inc's Google have currently paused political ads after the presidential election as part of measures to police misinformation and other abuses.
India’s ministry of electronics and information technology has issued fresh notices to make permanent a ban imposed on video app TikTok and 58 other Chinese apps in June, Indian media reported late on Monday.
When it first imposed the ban, the Indian government gave the 59 apps a chance to explain their position on compliance with privacy and security requirements, the Times of India bit.ly/3iJxgcX reported on Monday.
The companies, which include ByteDance’s popular video-sharing app TikTok, Tencent Holdings’ WeChat and Alibaba’s UC Browser, were also asked to respond to a list of questions, the newspaper said.
"The government is not satisfied with the response/explanation given by these companies. Hence, the ban for these 59 apps is permanent now," business newspaper Livemint bit.ly/3a3Us1t quoted a source familiar with the notices as saying. It said the notices were issued last week.
The ministry’s June order stated that the apps were “prejudicial to sovereignty and integrity of India, defence of India, security of state and public order”.
The order, which India referred to as a “digital strike”, followed a skirmish with Chinese troops at a disputed Himalayan border site when 20 Indian soldiers were killed.
In September, India banned another 118 mobile apps, including Tencent’s popular videogame PUBG, as it stepped up the pressure on Chinese technology companies following the standoff at the border.
A TikTok representative told the Economic Times bit.ly/39lKf1v newspaper that the company was evaluating the notice and will respond to it as appropriate.
The ministry of electronics and information technology could not be reached for comment outside regular working hours. TikTok did not respond to a request for comment.
Apple Inc’s hardware engineering chief, Dan Riccio, will step down to oversee a new project, the iPhone maker said on Monday, providing few details on the longtime executive’s latest role.
Riccio will report to Chief Executive Officer Tim Cook, Apple said in a statement. He will be replaced by company veteran John Ternus, who will join the executive team as senior vice president of hardware engineering.
Riccio, who joined Apple over two decades ago as vice president of product design, was named vice president of iPad hardware engineering in 2010 and leads the Mac, iPhone, iPad and iPod engineering teams.
The company has been focusing on newer projects and moving forward with self-driving car technology, targeting 2024 to produce a passenger vehicle that could include its own breakthrough battery technology, Reuters had reported last month.
Investment flows into cryptocurrency funds and products hit a record $1.31 billion last week after a few weeks of small outflows, as investors took advantage of the decline in bitcoin and other digital asset prices, according to the latest data on Monday from asset manager CoinShares.
Total assets under management (AUM) in the industry slipped to $29.7 billion as of Jan. 22, from an all-time peak of $34.4 billion on Jan. 8. At the end of 2019, the total AUM was just $2 billion.
Grayscale, the world’s largest digital currency manager, posted assets under management of $24 billion last week, down from $28.2 billion on Jan. 8. CoinShares, the second largest crypto fund, managed assets of $2.9 billion in the latest week, also down from $3.4 billion on Jan. 8.
“We believe investors have been very price conscious this year due to the speed at which prices in bitcoin achieved new highs,” said James Butterfill, investment strategist, at CoinShares.
“The recent price weakness, prompted by recent comments from Secretary of the U.S. Treasury Janet Yellen and the unfounded concerns of a double spend, now look to have been a buying opportunity with inflows breaking all-time weekly inflows,” he added.
Bitcoin dropped to a low of $28,800 on Friday, after scaling an all-time peak of $42,000 on Jan.8. It was last down 0.5% at $32,124.
About 97% of inflows went to bitcoin, the data showed, with Ethereum, the second largest cryptocurrency, posting inflows of $34 million last week.
So far this year, volumes in bitcoin have been considerably higher, trading an average of $12.3 billion per day, compared to $2.2 billion in 2020.
Glassnode, which provides insight on blockchain data, said in a report on Monday that bitcoin’s net unrealized profit/loss (NUPL) was getting close to exceeding the “belief” range and moving into the “euphoria” range.
Previously, when NUPL entered this range, it signaled a global top in bitcoin’s price.
Samsung scion Lee Jae-yong and prosecutors have decided not to appeal a court ruling that convicted him for bribing South Korea’s former president for business favors, confirming a prison term of two and a half years for the country’s most influential corporate leader, according to lawyers and court officials on Monday.
But Lee’s legal troubles aren’t over. He has been indicted separately on charges of stock price manipulation, breach of trust and auditing violations related to a 2015 merger between two Samsung affiliates. The deal helped strengthen Lee’s control over Samsung’s corporate empire.
The bribery allegation involving Lee was a key crime in the 2016 corruption scandal that ousted Park Geun-hye from the presidency and sent her to prison.
In a much-anticipated retrial of Lee last week, the Seoul High Court found him guilty of bribing Park and one of her close confidantes to win government support for the contentious merger between Samsung C&T and Cheil Industries, which helped strengthen Lee’s control over Samsung’s business empire.
The deal faced opposition from some shareholders who argued that it unfairly benefited the Lee family and only succeeded with the support of a state-controlled national pension fund, one of Samsung’s biggest investors.
Lee had portrayed himself as a victim of presidential power abuse and his lawyers criticized the ruling. But after mulling his options, Lee decided to “humbly accept” the High Court’s decision, his head attorney Injae Lee said.
Prosecutors had sought a prison term of 9 years for Lee Jae-yong. In a statement released to the domestic media, they said the court was too lenient with Lee considering the severity of his crimes but they will not appeal because their biggest goal was to prove that the payments between Lee and Park were bribes.
Samsung did not release a statement over Lee’s legal issues.
Lee, 52, helms the Samsung group in his capacity as vice chairman of Samsung Electronics, one of the world’s largest makers of computer chips and smartphones.
Like other family-run conglomerates in South Korea, Samsung has been credited with helping propel the country’s economy to one of the world’s largest from the rubbles of the 1950-53 Korean War. But their opaque ownership structures and often-corrupt ties with bureaucrats and government officials have been viewed as a hotbed of corruption in South Korea.
While never admitting to legal wrongdoing, Lee has expressed remorse over causing “public concern” over the corruption scandal and worked to improve Samsung’s public image. He declared that heredity transfers at Samsung would end, promising the management rights he inherited from his father wouldn’t pass to his children. He also said Samsung would stop suppressing employee attempts to organize unions, although labor activists have questioned his sincerity.
It’s not immediately clear what his prison term would mean for Samsung's business. Samsung showed no specific signs of trouble when Lee was in jail in 2017 and 2018. Prison terms have never really stopped Korean corporate leaders from relaying their business decisions from behind bars.
The Supreme Court earlier this month confirmed a 20-year prison sentence for Park for the Samsung case and other bribes and extortion while she was in office from 2013 to 2016.
Source Associated Press
Chrome 88 brings better password protection and Incognito screenshots while sunsetting Flash (APK Download)
Another month, another Chrome release: Following the usual beta testing period, Google has just started rolling out version 88 of its browser, and there are quite a few improvements and significant changes on board. The release enhances some password protection features and paves the way for more web apps in the Play Store, but it also says goodbye to FTP connections and puts the final nail in the Flash Player's coffin.
As we already covered, Chrome 88 comes with a slew of new password protection features. In addition to checking your saved passwords for breaches, the browser will now also warn you when you want to save a password that's considered too weak to be secure. Should you have to change your already saved passwords, a new button in the built-in password manager will now allow you to do that for the first few supported services. On Android, biometric authentication for password autofill is planned to come soon
Manifest V3 support
Chrome 88 is the first version to fully support Google's controversial new Manifest V3. The key change in Manifest V3 is the deprecation of the web Request API in favor of the declarative Net Request API. Instead of allowing extensions to examine and filter every network request coming to Chrome, which isn't the safest option regarding privacy and security, the declarative Net Request API only lets extensions provide Chrome with a filter list that the browser parses itself. Developers aren't happy with the change because extensions can only apply a maximum of 30,000 rules in Chrome 88 while some of the more common blocklists like Easy List have more than 60,000 rules. Google already vowed to raise that number to 300,000 in Chrome 89, but that might still not be enough to run more than a few blocklists at once.
Google will begin approving and shipping the first extensions using the new manifest following the release of Chrome 88. Right now, Google hasn't communicated the inevitable shutdown date of Manifest V2 and the web Request API. Other Chromium-based browser makers like Vivaldi and Opera promised to continue supporting the older API.
Read more about Manifest V3 in our coverage here.
Play Store billing for web apps
Chrome 88 adds support for Play Store in-app purchases for web apps as part of the Payment Request API. On Android, this allows websites to tap into the Google Play Billing Library. This is important for developers who want to monetize their web apps in the Play Store, as its policies forbid in-app payments using other billing methods.
Flash and FTP deprecation
Similarly, all support for FTP has been removed from Chrome, following the feature's deprecation in Chrome 80. FTP is still a widely used protocol for accessing and transferring files via the internet, but web browsers have always been ill-equipped for file browsing. There are much better client programs for FTP connections, like the open-source FileZilla.
Screenshots in Incognito For a long time, Chrome didn't allow you to take screenshots when browsing in Incognito to prevent you from saving certain potentially infringing content, but there are circumstances when you do want to retain information from Incognito tabs. That's finally possible with Chrome 88 thanks to a new #incognito-screenshot flag that brings back screenshot support to the Incognito mode when enabled. It's not clear when the functionality will roll out to everyone by default.
If you're anything like me, you'll have dozens of tabs open during a regular surfing session, and that's where tab search might come in handy. The feature has been available in Chrome OS for a while already and is now finally making the jump to other desktop OSes with version 88. You have to enable it in chrome://flags under #enable-tab-search (copy and paste the link address in your address bar). After restarting your browser, you'll find a new icon on the rightmost side of the tab strip which you can click to see an overview of all of your open tabs, including a search bar. You can also pull it up via Ctrl+Shift+A.
Google is working on adding tutorial videos to its browser. You can currently activate them via the #video-tutorials flag, but right now, they only consist of placeholder videos from the Google Go app. They're visible as cards on the new tab page, between your most visited websites and the Discover feed.
The titles already suggest what content we can expect in the future: There is "How to use Chrome," "How to download content for later," How to search with Chrome," "How to search with your voice," and "How to use incognito." The videos are limited to Android, and Google will presumably only activate the tutorials for everyone once the proper content is available.
Other changes Apart from these bigger tweaks to Chrome, there are a few smaller changes:
The APK is signed by Google and upgrades your existing app. The cryptographic signature guarantees that the file is safe to install and was not tampered with in any way. Rather than wait for Google to push this download to your devices, which can take days, download and install it just like any other APK.
Source: Android Police
Google Messages is one of the prettiest and most useful messaging apps in the Android world, so it's no surprise that some people download the app as a replacement for their pre-installed default messaging app on phones that don't ship with Google apps. It looks like they might soon not be able to use Messages anymore if they don't have a certified device. XDA Developers has uncovered a string that points to a March 31 deadline when the app will stop working on phones without Google services.
The string is as clear as it can get. If Google pulls through with the certification requirement for Messages, users with uncertified phones might soon see the following message in the app: "On March 31, Messages will stop working on uncertified devices, including this one." This should only affect a small fraction of Android phones that don't ship with Google apps, like recent Huawei phones or Android phones with Chinese ROMs.
Google Messages is one of a few Google apps that work on uncertified devices without Play Services, likely because it relies on the SMS and RCS protocols and doesn't require logging in to your Google account. XDA Developers suspects the move comes following the RCS end-to-end encryption rollout since the company can't guarantee that an uncertified device isn't compromised.
If Google pulls through with the change, people with uncertified phones will soon have to look for another solution. Perhaps Signal could be a good choice — it supports sending and receiving SMS in addition to its chat service.
Source: Android Police
It's time for yet another streaming service—sort of. ViacomCBS has announced that Paramount+ will launch on March 4, but it's more of an evolution than a wholly new service, as it replaces and expands upon the company's previous service, CBS All Access.
The move to replace CBS All Access was announced several months ago. It's in large part a result of the completion of the merger between CBS and Viacom, as CBS All Access launched before that merger, but the merger greatly increased the content library that could be put on a streaming service run by the company.
In addition to shows associated with the CBS TV network, Paramount+ will include content from properties Viacom brought to the mix, including MTV, BET, Comedy Central, VH1, and Nickelodeon, as well as theatrically released films from Paramount Pictures.
Beyond the myriad Star Trek shows that CBS All Access has already offered, planned original series for Paramount+ include a series based on The Godfather as well as a revival of VH1's Behind the Music.
March 4 is the planned launch day in the US and Latin America, and a launch is planned in Nordic countries on March 25, as well as Australia around the middle of the year. Canada will also receive the service sometime this year, but a date has not been named—however, CBS All Access will be rebranded to Paramount+ right away in that country even before new content is introduced.
Before this point, CBS All Access was arguably best known for its various Star Trek programs; it included all the Star Trek TV series that aired on broadcast TV in the past, plus new Trek series like Discovery, Picard, and Lower Decks. It did not, however, have the Star Trek movies at first, as those were owned by Paramount. The merger brought all Star Trek TV and movie content under one corporate roof.
CBS All Access also aired live TV, sports programming, and some additional shows like the critically acclaimed The Good Fight. Those will continue under Paramount+.
The past year and a half has seen numerous new streaming networks launch, including Peacock (NBC Universal), Disney+, and HBO Max, among others.
The onslaught has disappointed those who expected a service like Netflix or Hulu to offer virtually all content for a flat $10-per-month fee, but that was never going to be economically viable, especially as production costs for TV series have risen in recent years as viewers have responded to more lavishly produced shows—something the industry refers to as "prestige TV."
The new normal for TV appears to be similar in some respects to cable, with each media company delivering a channel that primarily consists of the company's own content, plus small amounts of licensed content.
Still, there are some significant differences in the new normal as compared to how TV used to work, even beyond the fact that the content is now delivered over the Internet. For example, the services aren't bundled, so viewers can pick and choose which channels to pay for, and there are far fewer (and in some cases, no) commercials.
Today, the US Court of Appeals for the District of Columbia vacated the Trump administration's attempt to take a minimalist approach to the regulation of carbon dioxide emissions. The ruling was a lopsided victory for the long list of groups opposing the Trump EPA's approach, with the entire rule being vacated. Thus, the Biden administration will start unencumbered by its predecessors' attempts to gut carbon dioxide regulations.
Here we go again
Some of the legal issues here date back to the Clinton administration, when states sued to force the EPA to regulate carbon emissions under the Clean Air Act. That issue was ultimately clarified by the Supreme Court, which, during the George W. Bush administration, ruled that carbon dioxide could be regulated as a pollutant as defined by the Clean Air Act. Early in the Obama administration, the EPA issued an endangerment finding for greenhouse gasses that provided the scientific rationale for regulations. Those regulations came in the form of the Clean Power Plan, issued during Obama's second term.
While the Clean Power Plan completed the federal rule-making process, it was held up by lawsuits when President Obama left office. Trump issued an executive order that directed the EPA to replace the Clean Power Plan. The EPA's eventual replacement, the Affordable Clean Energy rule (ACE), went well beyond simply ending or limiting the Clean Power Plan. Instead, the ACE attempted to narrow the regulation allowed under the Clean Air Act by having states regulate each individual source of emissions rather than regulating the state's total emissions. As an added bonus, it also stretched out the timeline for states to bring their emissions into compliance.
Under this view, the EPA's regulations could only force existing coal-operating plants to function more efficiently; the rules couldn't promote having them switch fuels to natural gas or biomass, much less have them closed and replaced by natural gas or renewable power sources. Needless to say, this approach was pretty ineffectual at limiting carbon emissions, and the EPA itself predicted that the ACE would cause them to fall by only 1 percent.
Not even wrong
The new ruling eviscerates the EPA's logic, finding it so flawed that the entire rule has been vacated.
"The central operative terms of the ACE Rule and the repeal of its predecessor rule, the Clean Power Plan, hinged on a fundamental misconstruction of... the Clean Air Act," the decision reads. "In addition, the ACE Rule’s amendment of the regulatory framework to slow the process for reduction of emissions is arbitrary and capricious."
The ruling's primary focus is on Section 7411 of the Clean Air Act, which indicates that EPA regulations could compel changes in pollution "achievable through the application of the best system of emission reduction." The EPA wanted to interpret this as meaning the best system that could be applied at individual sources of pollution, such as a single power plant, rather than treating the power grid as a unified system. The court found that this reasoning came up short—and badly short—writing, "It fails for at least three reasons, any of which is alone fatal."
The court noted that Section 7411 has a list of limitations on its applicability, and none of them include the idea that the EPA is limited to considering individual sources. In addition, the EPA's interpretation of the Section requires the insertion of words that aren't present in the statute's text. Finally, to cancel an existing rule, the EPA's interpretation has to be the only one that's consistent with Section 7411's language, which the court notes is clearly not true.
The ruling also held that the EPA wasn't even internally consistent when making its decision, saying, "Recognizing that sources generally have 'broad discretion' in how they comply with state standards, the EPA nonetheless categorically excluded two specific measures from the States’ consideration: averaging and trading, and biomass co-firing." This inconsistency makes sense if the EPA specifically wanted to encourage coal use (the EPA head at the time was a former coal lobbyist), but it doesn't make for federal rule-making that holds up to legal challenge.
Odds and ends
The EPA had also argued that its new interpretation required a review under something called the "Major Questions Doctrine," but the court found that unpersuasive, as the EPA had been managing regulations under its previous view of Section 7411 for decades. Many of these regulations had withstood multiple legal challenges. Oddly, two coal mining companies joined the suit claiming that the ACE was adopted without an endangerment finding; the court dismissed this due to the fact that the earlier greenhouse gas endangerment finding was still operative. Other groups that sued lacked standing, as their only claim for joining the case was that they paid for electricity.
The court also rejected the EPA's attempt to lengthen the timeline for states to bring their electric grids into compliance, which would delay even the feeble emissions cuts that would result from the ACE. In essence, the court found that there was insufficient reason given for these changes: "Because the challenged regulations lack reasoned support, they cannot stand."
In its decision, the court cites the US's National Climate Assessment in providing a rationale for regulating greenhouse gas emissions. The court notes that the assessment concluded, “The evidence of human-caused climate change is overwhelming and continues to strengthen” and “the impacts of climate change are intensifying across the country.” The importance assigned to the assessment is likely why the Trump administration placed noted climate contrarians at NOAA in what was thought to be an attempt to weaken the next edition of the National Climate Assessment.
Where to go from here
The federal rule-making process that established the ACE also eliminated the Clean Power Plan, and the court's decision doesn't revive it, according to Ben Levitan, a senior attorney at the Environmental Defense Fund. Levitan said at this point, it was unclear whether anyone involved in the case will seek further review, as there were a number of parties beyond the EPA involved (the list of parties occupies 13 pages of the decision). But it's safe to assume that the Biden EPA is unlikely to want to appeal a decision that, in Levitan's view, rejected an attempt to "undermine the Clean Air Act and deprive Americans of the protections they deserve."
Which means that the Biden administration will likely start from scratch. And given the changes that have taken place since the Obama administration, that's almost certainly the most appropriate course. Due to the plunging prices of renewable energy, fossil fuels in 2021 will account for less than 20 percent of the new generating capacity added to the US grid, and all of it will be natural gas, furthering the precipitous decline of coal use. Biden also intends to promote an even higher pace of renewable energy use as part of his pandemic recovery package.
Given those facts, the original Clean Power Plan has been made obsolete, and any future regulations would need to reflect the new reality.
Source: ARS Technica
Security firm Malwarebytes said it was breached by the same nation-state-sponsored hackers who compromised a dozen or more US government agencies and private companies.
The attackers are best known for first hacking into Austin, Texas-based SolarWinds, compromising its software-distribution system and using it to infect the networks of customers who used SolarWinds’ network management software. In an online notice, however, Malwarebytes said the attackers used a different vector.
“While Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor,” the notice stated. “We can confirm the existence of another intrusion vector that works by abusing applications with privileged access to Microsoft Office 365 and Azure environments.”
Investigators have determined that the attacker gained access to a limited subset of internal company emails. So far, the investigators have found no evidence of unauthorized access or compromise in any Malwarebytes production environments.
The notice isn’t the first time investigators have said the SolarWinds software supply chain attack wasn’t the sole means of infection.
When the mass compromise came to light last month, Microsoft said the hackers also stole signing certificates that allowed them to impersonate any of a target’s existing users and accounts through the Security Assertion Markup Language. Typically abbreviated as SAML, the XML-based language provides a way for identity providers to exchange authentication and authorization data with service providers.
Twelve days ago, the Cybersecurity & Infrastructure Security Agency said that the attackers may have obtained initial access by using password guessing or password spraying or by exploiting administrative or service credentials.
Mimecast“In our particular instance, the threat actor added a self-signed certificate with credentials to the service principal account,” Malwarebytes researcher Marcin Kleczynski wrote. “From there, they can authenticate using the key and make API calls to request emails via MSGraph.”
Last week, email management provider Mimecast also said that hackers compromised a digital certificate it issued and used it to target select customers who use it to encrypt data they sent and received through the company’s cloud-based service. While Mimecast didn’t say the certificate compromise was related to the ongoing attack, the similarities make it likely that the two attacks are related.
Because the attackers used their access to the SolarWinds network to compromise the company’s software build system, Malwarebytes researchers investigated the possibility that they too were being used to infect their customers. So far, Malwarebytes said it has no evidence of such an infection. The company has also inspected its source code repositories for signs of malicious changes.
Malwarebytes said it first learned of the infection from Microsoft on December 15, two days after the SolarWinds hack was first disclosed. Microsoft identified the network compromise through suspicious activity from a third-party application in Malwarebytes’ Microsoft Office 365 tenant. The tactics, techniques, and procedures in the Malwarebytes attack were similar in key ways to the threat actor involved in the SolarWinds attacks.
Malwarebytes’ notice marks the fourth time a company has disclosed it was targeted by the SolarWinds hackers. Microsoft and security firms FireEye and CrowdStrike have also been targeted, although CrowdStrike has said the attempt to infect its network was unsuccessful. Government agencies reported to be affected include the Departments of Defense, Justice, Treasury, Commerce, and Homeland Security as well as the National Institutes of Health.
Source: Ars Technica