Author name: Mike M.

fate-of-google’s-search-empire-could-rest-in-trump’s-hands

Fate of Google’s search empire could rest in Trump’s hands


“Are you going to destroy the company?”

Trump may sway DOJ away from breaking up Google.

A few weeks before the US presidential election, Donald Trump suggested that a breakup of Google’s search business may not be an appropriate remedy to destroy the tech giant’s search monopoly.

“Right now, China is afraid of Google,” Trump said at a Chicago event. If that threat were dismantled, Trump suggested, China could become a greater threat to the US, because the US needs to have “great companies” to compete.

Trump’s comments came about a week after the US Department of Justice proposed remedies in the Google monopoly trial, including mulling a breakup.

“I’m not a fan of Google,” Trump insisted. “They treat me badly. But are you going to destroy the company by doing that? If you do that, are you going to destroy the company? What you can do, without breaking it up, is make sure it’s more fair.”

Now that Trump is presumed to soon be taking office before the remedies phase of the DOJ’s litigation ends next year, it seems possible that Trump may sway the DOJ away from breaking up Google.

Experts told Reuters that a final ruling isn’t expected until August, giving Trump plenty of time to possibly influence the DOJ’s case. But Trump’s stance on Google has seemed to shift throughout his campaign, so there’s no predicting his position once he takes power.

Business Insider noted that Trump was extremely critical of Google on the campaign trail, vowing to “do something” to curtail Google’s power after accusing the search giant of only highlighting negative stories about him in search results. (Google has repeatedly denied the accusation.) On Truth Social as recently as September, Trump vowed to prosecute Google “at the maximum levels,” seemingly less concerned then about how this could influence competition with China.

It would be unusual for Trump to meddle with the DOJ’s ongoing litigation, antitrust expert George Hay told Business Insider, but then again, “Trump is a bit more of a wild card.”

“It’s very rare that, at the presidential level, there’s any attempt to influence the course of cases which have already been filed. Those have a life of their own,” Hay said. “They depend on the judge, the courts, the lawyers who carry on a case. It’s extraordinarily unusual for the administration to become at all active.”

Trump may still feel some ownership over the DOJ’s investigation into Google’s core business since it began in 2019 under his administration, and tensions between Trump and Google have not diminished much since. The Verge noted that Trump warned Google to “be careful” in August because he “had a feeling Google is going to be close to shut down.” And earlier this year, Trump’s running mate, JD Vance, called for Google’s breakup on X (formerly Twitter), proclaiming that a stop to Google’s “monopolistic control of information” was “long overdue.”

Trump’s on-and-off feud with Google

For Trump, disabling Google’s search monopoly might feel personal, as he has spent years accusing Google of manipulating results to disfavor him.

His feud with Google appear to have begun in 2016 when Trump falsely accused Google of manipulating votes, claiming Google wanted to make it appear that he didn’t have a “big victory” over Hillary Clinton, CNN reported.

The feud continued through the 2020 election, Politico reported, with Trump warning Google that his administration was “watching Google very closely” after a former Google employee went on Fox News to claim that Google search results were biased against Trump. Google disputed the employee’s report.

And yet throughout this feud, there have also been times where Trump seems to warm to Google. During his last administration, he backtracked a threat to investigate Google’s alleged work with China’s military, Politico noted, after meeting with Google CEO Sundar Pichai. Most recently, he claimed Pichai reached out to praise Trump’s ability to trend on the search engine during Trump’s McDonald’s campaign stunt, SF Gate reported.

So far, Google is not commenting on Trump’s comments on the DOJ’s proposed breakup of its search business. But Pichai did send an internal memo to Google staff on the night before the election, The Verge reported, praising them for boosting accurate information during the US election and reminding them that “the outcome will be a major topic of conversation in living rooms and other places around the world.”

At a time when Trump might continue heavily criticizing Google from the Oval Office, Pichai told Googlers that maintaining trust in Google is a top priority.

“Whomever the voters entrust, let’s remember the role we play at work, through the products we build and as a business: to be a trusted source of information to people of every background and belief,” Pichai’s memo said. “We will and must maintain that.”

The DOJ may not even want to seek a breakup

When the DOJ finally proposed a framework for remedies last month, they emphasized that there’s still so much more to consider before landing on final remedies and that the DOJ reserves “the right to add or remove potential proposed remedies.”

That means that while the DOJ has said that requiring a divestment of Chrome or Android isn’t completely off the table, they currently aren’t committed to following through on ordering a breakup.

Through the remedies phase of litigation, the DOJ expects that discovery will reveal more about whether requiring a breakup is needed or if other remedies might resolve antitrust concerns while preserving Google’s search empire.

One reason it might be necessary to spin off Chrome or Android, however, would be to “prevent Google from using products such as Chrome, Play, and Android to advantage Google search and Google search-related products and features—including emerging search access points and features, such as artificial intelligence—over rivals or new entrants,” the DOJ said.

Google has warned that a breakup could hurt small businesses that depend on open source code Google develops for Android and Chrome. Costs of Android devices could also rise, Google warned.

Adam Epstein—the president and co-CEO of adMarketplace, which bills itself as “the largest consumer search technology company outside of Google and Bing”—told Ars last September that spinning out Android and Chrome may inflict “maximum pain” on Google. But it could also “cause pain to users and publishers and might not be the best way to create competition in search results and advertising.”

Buried in a story from The New York Times is perhaps the biggest clue that Trump may again be warming to Google as he likely heads back to Washington. The Times noted that at the Chicago event, Trump seemed to be echoing a Google talking point.

Google has argued that “a breakup could hurt America’s interests in a heated geopolitical competition with China over dominance in areas like artificial intelligence,” The Times reported. And Trump appeared to be running with that same logic when seemingly shifting his position on wanting to destroy Google in his final days on the campaign trail.

“It’s a very dangerous thing, because we want to have great companies,” Trump said. “We don’t want China to have these companies.”

Photo of Ashley Belanger

Ashley is a senior policy reporter for Ars Technica, dedicated to tracking social impacts of emerging policies and new technologies. She is a Chicago-based journalist with 20 years of experience.

Fate of Google’s search empire could rest in Trump’s hands Read More »

suspect-arrested-in-snowflake-data-theft-attacks-affecting-millions

Suspect arrested in Snowflake data-theft attacks affecting millions

Attack Path UNC5537 has used in attacks against as many as 165 Snowflake customers.

Credit: Mandiant

Attack Path UNC5537 has used in attacks against as many as 165 Snowflake customers. Credit: Mandiant

None of the affected accounts used multifactor authentication, which requires users to provide a one-time password or additional means of authentication besides a password. After that revelation, Snowflake enforced mandatory MFA for accounts and required that passwords be at least 14 characters long.

Mandiant had identified the threat group behind the breaches as UNC5537. The group has referred to itself ShinyHunters. Snowflake offers its services under a model known as SaaS (software as a service).

“UNC5537 aka Alexander ‘Connor’ Moucka has proven to be one of the most consequential threat actors of 2024,” Mandiant wrote in an emailed statement. “In April 2024, UNC5537 launched a campaign, systematically compromising misconfigured SaaS instances across over a hundred organizations. The operation, which left organizations reeling from significant data loss and extortion attempts, highlighted the alarming scale of harm an individual can cause using off-the-shelf tools.”

Mandiant said a co-conspirator, John Binns, was arrested in June. The status of that case wasn’t immediately known.

Besides Ticketmaster, other customers known to have been breached include AT&T and Spain-based bank Santander. In July, AT&T said that personal information and phone and text message records for roughly 110 million customers were stolen. WIRED later reported that AT&T paid $370,000 in return for a promise the data would be deleted.

Other Snowflake customers reported by various news outlets as breached are Pure Storage, Advance Auto Parts, Los Angeles Unified School District, QuoteWizard/LendingTree, Neiman Marcus, Anheuser-Busch, Allstate, Mitsubishi, and State Farm.

KrebsOnSecurity reported Tuesday that Moucka has been named in multiple charging documents filed by US federal prosecutors. Reporter Brian Krebs said specific charges and allegations are unknown because the cases remain sealed.

Suspect arrested in Snowflake data-theft attacks affecting millions Read More »

drugmaker-shut-down-after-black-schmutz-found-in-injectable-weight-loss-drug

Drugmaker shut down after black schmutz found in injectable weight-loss drug

It’s unclear how widely the pharmacy’s drugs were distributed. Fullerton Wellness could not be reached for comment.

Bigger battles

This is just the latest warning on weight-loss drugs from the FDA, which has repeatedly cautioned about quality and safety problems related to compounded versions of the drugs. The compounded drugs are intended to be essentially copycat versions of the blockbuster brand-name drugs. Compounding pharmacies can make copycat versions only as long as the drugs are in short supply, acting as a stopgap for patient access. But, with the popularity of the drugs and the high prices of the brand name versions, compounded formulations have become seen as affordable alternatives for many patients.

The situation has become a legal quagmire, with less-than-scrupulous compounding facilities drawing the ire of the FDA, and the big pharmaceutical companies fighting with their compounding competition. Eli Lilly, maker of Zepbound and Mounjaro (tirzepatide), and Novo Nordisk, maker of Wegovy and Ozempic (semaglutide), have both sued multiple compounding pharmacies over copycat versions of their lucrative drugs, which they claim are unsafe and fraudulent.

Meanwhile, in October, a trade organization for large-scale compounding pharmacies sued the FDA after the regulator removed tirzepatide from the drug shortage list, a move that blocks compounders from making copycat versions of the drug. But, the FDA quickly backpedaled in court, saying it would reconsider the removal and would allow compounders to keep producing off-brand versions in the meantime.

Also in October, Novo Nordisk asked the FDA to stop letting compounders make copycat versions of semaglutide, arguing that the drug is too complex for compounders to make and poses too many safety risks to patients. In response, the trade organization for compounders, the Outsourcing Facilities Association, submitted a letter to the FDA asking it to require Novo Nordisk to provide an economic impact statement to assess the cost and price increases that could occur if semaglutide were no longer available through compounding pharmacies.

Drugmaker shut down after black schmutz found in injectable weight-loss drug Read More »

facebook,-nvidia-push-scotus-to-limit-“nuisance”-investor-suits-after-scandals

Facebook, Nvidia push SCOTUS to limit “nuisance” investor suits after scandals


Facebook, Nvidia ask SCOTUS to narrow legal paths to retrieve investor losses.

The Supreme Court will soon weigh two cases that could potentially make it harder for misled investors to sue Big Tech companies after major scandals.

One case involves one of the largest tech scandals of all time, the Facebook-Cambridge Analytica data breach. In 2019, Facebook agreed to pay “more than $5 billion in civil penalties to settle charges by the Federal Trade Commission (FTC) and the Securities and Exchange Commission (SEC) that it had misled its users and investors over the privacy and security of user data on its platform,” a Supreme Court filing said.

The other case involves an allegation that Nvidia intentionally hid how much of its 2017–2018 GPU demand was due to a volatile cryptocurrency boom and not Nvidia’s core gaming business—allegedly misleading investors ahead of a crypto crash. After the bust, Nvidia suddenly had to slash half a billion dollars from its earnings projection, and market experts later estimated that the firm had understated its crypto-related revenue by more than a billion. In 2022, Nvidia paid a $5.5 million SEC penalty over the inadequate disclosures that one SEC chief said “deprived investors of critical information to evaluate the company’s business in a key market.”

Investors, however, have not yet settled their own legal challenges. In both cases, investors suing convinced the 9th Circuit that the companies were guilty of misleading investors. But now, the tech companies have appealed to the Supreme Court, hoping to reverse those rulings.

In case documents, each claimed that their investors have not satisfied high legal bars, which Nvidia argued Congress designed to prevent “frivolous” or “nuisance” lawsuits from going on “fishing expeditions” to claim securities “fraud by hindsight.” Both warned that SCOTUS upholding the 9th Circuit rulings risked flooding courts with frivolous suits, with Nvidia cautioning that such lawsuits can be “used to injure the entire US economy.”

The Supreme Court will hear arguments in the Facebook case on Wednesday, November 6, then the Nvidia case on November 13.

SCOTUS may be persuaded by tech companies still stuck coping with the aftermath of scandals. A former SEC lawyer, Andrew Feller, told Reuters that the Supreme Court’s conservative majority may continue its “recent track record of handing down business-friendly decisions that narrowed the authority of federal regulators” in these cases. Both cases give justices opportunities to “rein in the power of private plaintiffs to enforce federal rules aimed at punishing corporate misconduct,” Reuters reported.

Facebook defends describing risk as hypothetical

The Facebook case centers on an SEC disclosure where Facebook said that its business may be harmed by a data breach, posing that as a hypothetical, without mentioning the ongoing Cambridge Analytica data breach. Specifically, Facebook wrote, “[a]ny failure to prevent or mitigate . . . improper access to or disclosure of our data or user data . . . could result in the loss or misuse of such data, which could harm our business and reputation and diminish our competitive position.”

Investors felt misled, accusing Facebook of hiding the breach by only presenting the risk as a hypothetical that implied no breach had ever occurred in the past and certainly did not disclose the present risk.

However, in a SCOTUS filing, Facebook insisted that “no reasonable investor would interpret a risk disclosure using probabilistic, forward-looking language as impliedly representing that the specified triggering event had never occurred in the past.”

Facebook is now arguing that SCOTUS agreeing that the company should have disclosed the major data breach “would result in a regime under which companies would be required to disclose every previous material incident they have experienced—effectively creating a sweeping regime of omissions liability.”

According to Facebook, news broke about the Cambridge Analytica data breach in 2015, and its business wasn’t immediately harmed. Following that logic, the social media company hopes that SCOTUS will agree that Facebook was only required to disclose the data breach in its SEC filing if Facebook knew its business would likely be harmed from the ongoing breach.

By affirming the 9th Circuit ruling, Facebook alleged, SCOTUS would be “vastly expanding the circumstances in which risk disclosures are deemed false or misleading,” exposing to legal challenges “a wide range of previously immune forward-looking statements—revenue projections, future business plans or objectives, and the like.”

But investors suing argue that Facebook is still being misleading about the data scandal in its court filings.

“The only reason Facebook has ever given to explain why the misappropriation risked no harm was that the event was allegedly disclosed to the public in 2015 and no one cared,” investors’ SCOTUS brief said. But in 2015, a report exposing a data breach tied to a Ted Cruz campaign was denied by Cambridge Analytica and prompted a Facebook investigation that concluded no damage had been done.

“Facebook actively misled the public about its investigation, ‘represent[ing] that no misconduct had been discovered,'” investors alleged, and “Facebook’s deception extended to its public filings with the SEC.”

According to investors, the real damage was done when the true extent of the Cambridge Analytica scandal was exposed in 2018. That caused substantial revenue losses that Facebook likely understood it was risking while allegedly leaving investors blind to those risks for years.

Investors argue that disclosure should not be required of every data breach that hits Facebook, whether it harms its business or not, but that the Cambridge Analytica data breach was significant and should have been disclosed as a material risk. The 9th Circuit agreed, holding that “publicly treating such a material adverse event as a merely hypothetical prospect can be misleading even if the event has not yet produced follow-on business harm because the company has kept the truth from the public.”

They further argued that requiring so-called overdisclosure wouldn’t trigger unwarranted litigation, as Facebook suggests, because Congress has always “given considerable attention to concerns over abusive private litigation.”

If Facebook wins, investors alleged, SCOTUS risks giving any tech company “a license to intentionally mislead investors about the occurrence of hugely material events by describing those events as purely hypothetical prospects.” Siding with Facebook would allegedly give “companies an incentive to stuff their annual reports with boilerplate, generic warnings that reveal little about the company’s actual business and to cover up events that could give rise to corporate scandals, as Facebook did here.”

Facebook argued that if the SEC is concerned about specific disclosures connected to the data breach, “the SEC can invoke the rulemaking process to impose” a requirement that companies must disclose all “past material adverse events.”

Nvidia disputes expert’s crypto data

While the Facebook case involved a bigger scandal, the Nvidia case could have bigger legal implications if Nvidia wins.

In the Nvidia case, investors argued that Nvidia CEO Jensen Huang made public statements allegedly misleading investors by downplaying the high demand for GPUs tied to volatile crypto markets. To plead their case, investors relied on statements from Nvidia employees, internal documents like meeting slides, industry research, as well as an expert opinion crunching general market numbers and estimating that Nvidia “underreported its crypto revenues by $1.126 billion.”

Nvidia claimed it’s far more plausible that the company simply made an “honest miscalculation” while navigating a complex emerging market.

To defend against the suit, Nvidia is arguing that the Private Securities Litigation Reform Act (PSLRA) imposes “special burdens on plaintiffs seeking to bring federal securities fraud class actions” through “heightened pleading requirements” to deter frivolous lawsuits arguing fraud by hindsight.

According to Nvidia, the PSLRA requires investors to allege particular facts based on particular contents of internal Nvidia documents, which goes beyond relying on an expert opinion. The tech company has urged SCOTUS that the 9th Circuit “‘significantly erode[d]” the PSLRA requirements by allowing Plaintiffs to “simply” hire “an expert who manufactured data to fit their allegations.”

“They hired an expert to create data and then filed a class action alleging that Nvidia and its CEO committed securities fraud by failing to disclose the data invented by Plaintiffs’ expert,” Nvidia argued.

This allegedly “eviscerates the guardrails that Congress erected to protect the public from abusive securities litigation” and creates a “dangerous” and “easy-to-replicate ‘roadmap’ for plaintiffs to sidestep the PSLRA in this recurring context.”

“Far from serving Congress’s goal of guarding against fishing expeditions by vexatious litigants, the Ninth Circuit’s opinion declares it open season so long as a plaintiff has funding to hire an expert,” Nvidia alleged.

Investors are hoping SCOTUS will uphold the 9th Circuit’s judgment. Instead of seeing their suit as frivolous, they argued that the SEC fine over the same misconduct “undermines any suggestion that this is the type of frivolous suit that the PSLRA was meant to screen out.”

They’ve disputed Nvidia’s arguments that they’ve relied solely on a hired expert to support their claims, arguing that each fact was corroborated by employee witnesses and third-party reports.

If Nvidia wins, investors warned, the SCOTUS decision would risk harming a wide range of private securities litigation that Congress has found “‘is an indispensable tool’ for ‘defrauded investors’ to ‘recover their losses without having to rely upon government action.'”

Photo of Ashley Belanger

Ashley is a senior policy reporter for Ars Technica, dedicated to tracking social impacts of emerging policies and new technologies. She is a Chicago-based journalist with 20 years of experience.

Facebook, Nvidia push SCOTUS to limit “nuisance” investor suits after scandals Read More »

nvidia-ousts-intel-from-dow-jones-index-after-25-year-run

Nvidia ousts Intel from Dow Jones Index after 25-year run

Changing winds in the tech industry

The Dow Jones Industrial Average serves as a benchmark of the US stock market by tracking 30 large, publicly owned companies that represent major sectors of the US economy, and being a member of the Index has long been considered a sign of prestige among American companies.

However, S&P regularly makes changes to the index to better reflect current realities and trends in the marketplace, so deletion from the Index likely marks a new symbolic low point for Intel.

While the rise of AI has caused a surge in several tech stocks, it has delivered tough times for chipmaker Intel, which is perhaps best known for manufacturing CPUs that power Windows-based PCs.

Intel recently withdrew its forecast to sell over $500 million worth of AI-focused Gaudi chips in 2024, a target CEO Pat Gelsinger had promoted after initially pushing his team to project $1 billion in sales. The setback follows Intel’s pattern of missed opportunities in AI, with Reuters reporting that Bank of America analyst Vivek Arya questioned the company’s AI strategy during a recent earnings call.

In addition, Intel has faced challenges as device manufacturers increasingly use Arm-based alternatives that power billions of smartphone devices and from symbolic blows like Apple’s transition away from Intel processors for Macs to its own custom-designed chips based on the Arm architecture.

Whether the historic tech company will rebound is yet to be seen, but investors will undoubtedly keep a close watch on Intel as it attempts to reorient itself in the face of changing trends in the tech industry.

Nvidia ousts Intel from Dow Jones Index after 25-year run Read More »

fungi-may-not-think,-but-they-can-communicate

Fungi may not think, but they can communicate

Because the soil layer was so thin, most hyphae, which usually grow and spread underground by releasing spores, were easily seen, giving the researchers an opportunity to observe where connections were being made in the mycelium. Early hyphal coverage was not too different between the X and circle formations. Later, each showed a strong hyphal network, which makes up the mycelium, but there were differences between them.

While the hyphal network was pretty evenly distributed around the circle, there were differences between the inner and outer blocks in the X arrangement. Levels of decay activity were determined by weighing the blocks before and after the incubation period, and decay was pretty even throughout the circle, but especially evident on the four outermost blocks of the X. The researchers suggest that there were more hyphal connections on those blocks for a reason.

“The outermost four blocks, which had a greater degree of connection, may have served as “outposts” for foraging and absorbing water and nutrients from the soil, facilitated by their greater hyphal connections,” they said in the same study.

Talk to me

Fungal mycelium experiences what’s called acropetal growth, meaning it grows outward in all directions from the center. Consistent with this, the hyphae started out growing outward from each block. But over time, the hyphae shifted to growing in the direction that would get them the most nutrients.

Why did it change? Here is where the team thinks communication comes in. Previous studies found electrical signals are transmitted through hyphae. These signals sync up after the hyphae connect into one huge mycelium, much like the signals transmitted among neurons in organisms with brains. Materials such as nutrients are also transferred throughout the network.

Fungi may not think, but they can communicate Read More »

as-hospitals-struggle-with-iv-fluid-shortage,-nc-plant-restarts-production

As hospitals struggle with IV fluid shortage, NC plant restarts production

The western North Carolina plant that makes 60 percent of the country’s intravenous fluid supply has restarted its highest-producing manufacturing line after being ravaged by flooding brought by Hurricane Helene last month.

While it’s an encouraging sign of recovery as hospitals nationwide struggle with shortages of fluids, supply is still likely to remain tight for the coming weeks.

IV fluid maker Baxter Inc, which runs the Marion plant inundated by Helene, said Thursday that the restarted production line could produce, at peak, 25 percent of the plant’s total production and about 50 percent of the plant’s production of one-liter IV solutions, the product most commonly used by hospitals and clinics.

“Recovery progress at our North Cove site continues to be very encouraging,” Baxter CEO and President José Almeida said. “In a matter of weeks, our team has advanced from the depths of Hurricane Helene’s impact to restarting our highest-throughput manufacturing line. This is a pivotal milestone, but more hard work remains as we work to return the plant to full production.”

Overall, Baxter said it is ahead of its previously projected timeline for getting the massive plant back up and running. Previously, the company said it had aimed to produce 90–100 percent of some products by the end of the year. Still, the initial batches now under production are expected to start shipping in late November at the earliest.

One of the many challenges to restoring the facility was the lack of access to the site; Helene had damaged an access bridge. In its latest announcement, Baxter said that a temporary bridge—built with support from North Carolina’s Department of Transportation and the federal Administration of Strategic Preparedness and Response (ASPR)—has allowed the transport of more than 885 truckloads of existing inventory out of the plant since Helene.  A second temporary bridge, expected to be completed in early November, will enable further access of traffic and equipment to the site.

As hospitals struggle with IV fluid shortage, NC plant restarts production Read More »

bats-use-echolocation-to-make-mental-maps-for-navigation

Bats use echolocation to make mental maps for navigation

Bat maps

To evaluate the route each bat took to get back to the roost, the team used their simulations to measure the echoic entropy it experienced along the way. The field where the bats were released was a low echoic entropy area, so during those first few minutes when they were flying around they were likely just looking for some more distinct, higher entropy landmarks to figure out where they were. Once they were oriented, they started flying to the roost, but not in a straight line. They meandered a bit, and the groups with higher sensory deprivation tended to meander more.

The meandering, researchers suspect, was due to trouble the bats had with maintaining the steady path relying on echolocation alone. When they were detecting distinctive landmarks like a specific orchard, they corrected the course. Repeating the process eventually brought them to their roost.

But could this be landmark-based navigation? Or perhaps simple beaconing, where an animal locks onto something like a distant light and moves toward it?

The researchers argue in favor of cognitive acoustic maps. “I think if echolocation wasn’t such a limited sensory modality, we couldn’t reach a conclusion about the bats using cognitive acoustic maps,” Goldshtein says. The distance between landmarks the bats used to correct their flight path was significantly longer than echolocation’s sensing range. Yet they knew which direction the roost was relative to one landmark, even when the next landmark on the way was acoustically invisible. You can’t do that without having the area mapped.

“It would be really interesting to understand how other bats do that, to compare between species,” Goldshtein says. There are bats that fly over a thousand meters above the ground, so they simply can’t sense any landmarks using echolocation. Other species hunt over sea, which, as per this team’s simulations, would be just one huge low-entropy area. “We are just starting. That’s why I do not study only navigation but also housing, foraging, and other aspects of their behavior. I think we still don’t know enough about bats in general,” Goldshtein claims.

Science, 2024.  DOI: 10.1126/science.adn6269

Bats use echolocation to make mental maps for navigation Read More »

microsoft-delays-rollout-of-the-windows-11-recall-feature-yet-again

Microsoft delays rollout of the Windows 11 Recall feature yet again

“We are committed to delivering a secure and trusted experience with Recall. To ensure we deliver on these important updates, we’re taking additional time to refine the experience before previewing it with Windows Insiders,” said Microsoft Windows Insider Senior Program Manager Brandon LeBlanc in a statement provided to The Verge.

LeBlanc didn’t offer additional details on the latest Recall delay or make any new announcements about other security precautions Microsoft is taking with the feature. The company’s September blog post detailed how data was being protected using Windows’ Virtualization-Based Security (VBS) features and Windows Hello authentication and reiterated that Recall will be opt-in by default and that it will be fully removable for Windows users who aren’t interested in using it.

When it does start to roll out, Recall will still require a Copilot+ PC, which gets some AI-related features not available to typical Windows 11 PCs. To meet the Copilot+ requirements, PCs must have at least 16GB of RAM and 256GB of storage, plus a neural processing unit (NPU) that can perform at least 40 trillion operations per second (TOPS). Users will also need their PCs to be enrolled in the Windows Insider Program; we have no idea when non-Windows Insider PCs will start getting Recall, though at this point, it seems likely it won’t be until sometime in 2025.

Microsoft delays rollout of the Windows 11 Recall feature yet again Read More »

rfk-jr.-claims-trump-promised-to-put-him-in-charge-of-nih,-cdc,-and-more

RFK Jr. claims Trump promised to put him in charge of NIH, CDC, and more

Earlier this week, Robert F. Kennedy, Jr. used a Zoom call to tell his supporters that Donald Trump had promised him “control” of the Department of Health and Human Services (HHS), the federal agency that includes the Centers for Disease Control, Food and Drug Administration, National Institutes of Health, as well as the Department of Agriculture. Given Kennedy’s support for debunked anti-vaccine nonsense, this represents a potential public health nightmare.

A few days after, Howard Lutnick, a co-chair of Trump’s transition team, appeared on CNN to deny that RFK Jr. would be put in charge of HHS. But he followed that with a long rant in which he echoed Kennedy’s spurious claims about vaccines. This provides yet another indication of how anti-vaccine activism has become deeply enmeshed with Republican politics, to the point where it may be just as bad even if Kennedy isn’t appointed.

Trump as Kennedy’s route to power

Kennedy has a long history of misinformation regarding health, with a special focus on vaccines. This includes the extensively debunked suggestion that there is a correlation between vaccinations and autism incidence, and it extends to a general skepticism about vaccine safety. That’s mixed with conspiracy theories regarding collusion between federal regulators and pharmaceutical companies.

While there is no evidence for any of this, and some of it is clearly wrong, the conspiracies have real-world consequences. An anti-vaccine activist in Samoa, aided by a visit from RFK Jr., helped pave the way for a measles outbreak that shut down the government and ultimately led to over 80 deaths.

Kennedy has long been interested in getting access to the agencies that regulate vaccines and other interests of his, such as food safety, under the assumption they are hiding the data that would vindicate his views. And, long before his recent presidential run, he viewed Trump as the route to that access. Shortly before Trump’s inauguration in 2017, Kennedy claimed that he would be appointed to head a vaccine safety commission that Trump would supposedly create once in office. Nothing ever came of that, and it was never clear whether that was due to Trump lying to him, Kennedy exaggerating his significance, or Trump simply telling him what he wanted to hear at the time and never following up.

RFK Jr. claims Trump promised to put him in charge of NIH, CDC, and more Read More »

colorado-scrambles-to-change-voting-system-passwords-after-accidental-leak

Colorado scrambles to change voting-system passwords after accidental leak


BIOS passwords on website

“The goal is to complete the password updates by this evening,” government says.

Colorado Secretary of State Jena Griswold holds press conference with Matt Crane, Executive Director of the Colorado County Clerks Association, at her office in Denver on Thursday, October 24, 2024. Credit: Getty Images | Hyoung Chang

The Colorado Department of State said it accidentally posted a spreadsheet containing “partial passwords” for voting systems. The department said there is no “immediate security threat” because two passwords are needed for each component, but it is trying to complete password changes by the end of today. There were reportedly hundreds of BIOS passwords accessible on the website for over two months before being removed last week.

A government statement issued Tuesday said the agency “is aware that a spreadsheet located on the Department’s website improperly included a hidden tab including partial passwords to certain components of Colorado voting systems. This does not pose an immediate security threat to Colorado’s elections, nor will it impact how ballots are counted.”

Secretary of State Jena Griswold told Colorado Public Radio that “we do not think there is an immediate security threat to Colorado elections, in part because partial passwords don’t get you anywhere. Two unique passwords are needed for every election equipment component. Physical access is needed. And under Colorado law, voting equipment is stored in secure rooms that require secure ID badges. There’s 24/7 video cameras. There’s restricted access to the secure ballot areas, strict chain of custody, and it’s a felony to access voting equipment without authorization.”

Griswold said her office learned about the spreadsheet upload at the end of last week and “immediately contacted federal partners and then we began our investigation.”

The department’s statement said the two passwords for each component “are kept in separate places and held by different parties” and that the “passwords can only be used with physical in-person access to a voting system.” Additionally, “clerks are required to maintain restricted access to secure ballot areas, and may only share access information with background-checked individuals. No person may be present in a secure area unless they are authorized to do so or are supervised by an authorized and background-checked employee.”

The department also cited “strict chain of custody requirements that track when a voting systems component has been accessed and by whom,” and it said that each “Colorado voter votes on a paper ballot, which is then audited during the Risk Limiting Audit to verify that ballots were counted according to voter intent.”

Goal is to change all passwords by this evening

Griswold described the upload as an accident and said the mistake was made by a civil servant who no longer works for the department. “Out of an abundance of caution, we have people in the field working to reset passwords and review access logs for affected counties,” she said.

Gov. Jared Polis and Griswold, who are both Democrats, issued a joint update about the password changes today. The Polis administration is providing support “to complete changes to all the impacted passwords and review logs to ensure that no tampering occurred.”

“The Secretary of State will deputize certain state employees, who have cybersecurity and technology expertise and have undergone appropriate background checks and training,” the statement said. “In addition to the Department of State Employees and in coordination with county clerks, these employees will only enter badged areas in pairs to update the passwords for election equipment in counties and will be directly observed by local elections officials from the county clerk’s office. The goal is to complete the password updates by this evening and verify the security of the voting components, which are secured behind locked doors by county clerks.”

Griswold said she is “thankful to the Governor for his support to quickly resolve this unfortunate mistake.” Griswold told Colorado Public Radio that her department has no reason to believe the passwords were posted with malicious intent, but said that “a personnel investigation will be conducted by an outside party to look into the particulars of how this occurred.”

GOP slams Griswold

The Colorado Republican Party criticized Griswold this week after receiving an affidavit from someone who said they accessed the BIOS passwords on the publicly available spreadsheet three times between August 8 and October 23. The file “contained over 600 BIOS passwords for voting system components in 63 of the state’s 64 counties” before being removed on October 24, the state GOP said.

The affidavit described how to reveal the passwords in the VotingSystemInventory.xlsx file. It said that right-clicking a worksheet tab and selecting “unhide” would reveal “a dialog box where the application user can select from one, several, or all four listed hidden worksheets contained in the file.” Three of these worksheets “appear to list Basic Input Output System (BIOS) passwords” for hundreds of individual voting system components, the affidavit said.

The state GOP accused Griswold of downplaying the security risk, saying that only one password is needed for BIOS access. “BIOS passwords are highly confidential, allowing broad access for knowledgeable users to fundamentally manipulate systems and data and to remove any trace of doing so,” the GOP said. The “passwords were not encrypted or otherwise protected,” the GOP said.

State GOP Chairman Dave Williams said the incident “represents significant incompetence and negligence, and it raises huge questions about password management and other basic security protocols at the highest levels within Griswold’s office.” He also claimed the breach could put “the entire Colorado election results for the vast majority of races, including the tabulation for the Presidential race in Colorado, in jeopardy unless all of the machines can meet the standards of a ‘Trusted Build’ before next Tuesday.”

US Rep. Lauren Boebert (R-Colo.) and other Republicans called on Griswold to resign. Griswold said she would stay on the job.

Griswold: “I’m going to keep doing my job”

Republicans in the state House “and Congresswoman Lauren Boebert are the same folks who have spread conspiracies and lies about our election systems over and over and over again,” Griswold told Colorado Public Radio. “Ultimately, a civil servant made a serious mistake and we’re actively working to address it.” Griswold added, “I have faced conspiracy theories from elected Republicans in this state, and I have not been stopped by any of their efforts and I’m going to keep on doing my job.”

Colorado previously had a voting-system breach orchestrated by former county clerk Tina Peters of Mesa County, who was sentenced to nine years in prison in early October. Peters, who promoted former President Donald Trump’s election conspiracy theories, oversaw a leak of voting-system BIOS passwords. Griswold said after the Peters conviction that “Tina Peters willfully compromised her own election equipment trying to prove Trump’s big lie.”

Testimony from the Peters case was cited in the GOP’s criticism of Griswold this week. “In the Tina Peters trial, a senior State official even testified that release of these passwords in a single county represented a grave threat. Here, they have been released for the whole state,” the state GOP said.

The Trump campaign called on Griswold to halt the processing of mail ballots and re-scan all mailed ballots that were already scanned.

Photo of Jon Brodkin

Jon is a Senior IT Reporter for Ars Technica. He covers the telecom industry, Federal Communications Commission rulemakings, broadband consumer affairs, court cases, and government regulation of the tech industry.

Colorado scrambles to change voting-system passwords after accidental leak Read More »

call-of-duty:-black-ops-6-accounted-for-19%-of-comcast-internet-traffic-last-week

Call of Duty: Black Ops 6 accounted for 19% of Comcast Internet traffic last week

You might think that since Call of Duty: Black Ops 6 (which was released last Friday) is the 21st game in the franchise, it wouldn’t be that highly anticipated. You’d be wrong. Last week’s entry set multiple records when it launched.

Specifically, Microsoft CEO Satya Nadella said the game set new records for Game Pass subscribers, particularly for a first-day game launch. That’s, of course, to be expected—Call of Duty was a major reason why Microsoft acquired Activision, the longtime publisher of the series.

It gets a little zanier, though. The Internet service provider Comcast says Black Ops 6 was directly responsible for 19 percent of its overall traffic the week of the launch, according to a report in The Verge.

That’s partly due to the game’s popularity, but it can also be attributed to its huge file size. A full install of Black Ops 6 can take up to just over 100GB, depending on your platform—and possibly as much as 300GB if you also install game modes tied to the previous entries in the series, like the immensely popular battle royale Warzone. That will wreak havoc on users’ data caps; Comcast imposes a 1.2TB monthly cap in many states.

Call of Duty: Black Ops 6 accounted for 19% of Comcast Internet traffic last week Read More »