cross-posted from: https://feddit.org/post/317047

> in February 2024, the EU Parliament adopted the eIDAS regulation, creating the framework for a "European Digital Identity Wallet". This digital Wallet will enable citizens to identify themselves in a legally binding manner, both online and offline, sign documents, login into websites and share personal data about them with others. Recently, the European Commission published the Architectural Reference Framework (ARF) 1.4 for the technical implementation of the Wallet. > > The success of the EU Digital Identity Wallet depends on its ability to gain citizens' trust and establish a resilient infrastructure in our current data-driven economy. > > "However, after our analysis, we believe that this goal has been missed," says the digital rights group Epicenter Works. > > "We see severe shortcomings in the ARF that either contradict the regulation or ignore important elements of it. These issues, if left unaddressed, could significantly undermine user rights and privacy."

> informed employees of the filing late Friday [...] that it had filed for a debtor-in-possession loan — a way for companies that are reorganizing after filing for bankruptcy to secure additional working capital to meet payroll. [...] employees have been waiting for paychecks since June 21st [...] it’s not certain that the company will be able to secure such a loan.

> Chicken Soup took on $325 million in debt when it acquired Redbox in 2022 and has since been sued over a dozen times over unpaid bills.

>The downfall of Chevron deference could completely change the ways courts review net neutrality, according to Bloomberg Intelligence’s Matt Schettenhelm. “The FCC’s 2024 effort to reinstitute federal broadband regulation is the latest chapter in a long-running regulatory saga, yet we think the demise of deference will change its course in a fundamental way,” he wrote in a recent report. “This time, we don’t expect the FCC to prevail in court as it did in 2016.” Schettenhelm estimated an 80 percent chance of the FCC’s newest net neutrality order being blocked or overturned in the absence of Chevron deference.

>Federal Trade Commission Chair Lina Khan has made no secret of her ambitions to use the agency’s authority to take bold action to restore competition to digital markets and protect consumers. But with Chevron being overturned amid a broader movement undermining agency authority without clear direction from Congress, Schettenhelm said, “it’s about the worst possible time for the FTC to be claiming novel rulemaking power to address unfair competition issues in a way that it never has before.” > >Khan’s methods have drawn intense criticism from the business community, most recently with the agency’s labor-friendly rulemaking banning noncompete agreements in employment contracts. That action relies on the FTC’s interpretation of its authority to allow it to take action in this area — the kind of thing that brings up questions about agency deference.

>We’ve said it before: online age verification is incompatible with privacy. Companies responsible for storing or processing sensitive documents like drivers’ licenses are likely to encounter data breaches, potentially exposing not only personal data like users’ government-issued ID, but also information about the sites that they visit. > >This threat is not hypothetical. This morning, 404 Media reported that a major identity verification company, AU10TIX, left login credentials exposed online for more than a year, allowing access to this very sensitive user data. > >A researcher gained access to the company’s logging platform, “which in turn contained links to data related to specific people who had uploaded their identity documents,” including “the person’s name, date of birth, nationality, identification number, and the type of document uploaded such as a drivers’ license,” as well as images of those identity documents. Platforms reportedly using AU10TIX for identity verification include TikTok and X, formerly Twitter. > >Lawmakers pushing forward with dangerous age verifications laws should stop and consider this report. Proposals like the federal Kids Online Safety Act and California’s Assembly Bill 3080 are moving further toward passage, with lawmakers in the House scheduled to vote in a key committee on KOSA this week, and California's Senate Judiciary committee set to discuss AB 3080 next week. Several other laws requiring age verification for accessing “adult” content and social media content have already passed in states across the country. EFF and others are challenging some of these laws in court. > >In the final analysis, age verification systems are surveillance systems. Mandating them forces websites to require visitors to submit information such as government-issued identification to companies like AU10TIX. Hacks and data breaches of this sensitive information are not a hypothetical concern; it is simply a matter of when the data will be exposed, as this breach shows. > >Data breaches can lead to any number of dangers for users: phishing, blackmail, or identity theft, in addition to the loss of anonymity and privacy. Requiring users to upload government documents—some of the most sensitive user data—will hurt all users. > >According to the news report, so far the exposure of user data in the AU10TIX case did not lead to exposure beyond what the researcher showed was possible. If age verification requirements are passed into law, users will likely find themselves forced to share their private information across networks of third-party companies if they want to continue accessing and sharing online content. Within a year, it wouldn’t be strange to have uploaded your ID to a half-dozen different platforms. > >No matter how vigilant you are, you cannot control what other companies do with your data. If age verification requirements become law, you’ll have to be lucky every time you are forced to share your private information. Hackers will just have to be lucky once.

Researchers create 30 fake student accounts to submit model-generated responses to real exams. Professors grade the 200 or 1500 word responses from the AI undergrads and gave them better grades than real students 84% of the time. 6% of the bot respondents did get caught, though... for being too good. Meanwhile, AI detection tools? Total bunk.

Will AI be the new calculator... or the death of us all (obviously the only alternative).

Note: the software was NOT as good on the advanced exams, even though it handled the easier stuff.

>Long-term carrier lock-in could soon be a thing of the past in America after the FCC proposed requiring telcos to unlock cellphones from their networks 60 days after activation. > >FCC boss Jessica Rosenworcel put out that proposal on Thursday, saying it would encourage competition between carriers. If subscribers could simply walk off to another telco with their handsets after two months of use, networks would have to do a lot more competing, the FCC reasons. > >"When you buy a phone, you should have the freedom to decide when to change service to the carrier you want and not have the device you own stuck by practices that prevent you from making that choice," Rosenworcel said. > >Carrier-locked devices contain software mechanisms that prevent them from being used on other providers' networks. The practice has long been criticized for being anti-consumer.

Are we Wayland yet? Are we JPEG XL yet? Are we Rust yet? Are we ActivityPub yet?

I've gathered a meta-tracker for the adoption state of futuristic technologies.

Many thanks to the Mozilla Wiki contributors: https://wiki.mozilla.org/Areweyet

Windows 11 is getting out of hand with its push for advertisments, frankly - remember the recent full-screen pop-up to persuade users to install Edge or other Microsoft services? Then another advertisment was placed in the Start menu, and now Microsoft has finally worn my temper thin - with a new Game Pass ad coming to the Settings app.

This will likely arrive in the July update for Windows 11, or at least it’s almost certain to do so. It was present in the latest preview update Microsoft just released for the OS (and quickly paused due to a bug, but that’s another story). It’s also worth noting that the ad has been present in earlier test versions of Windows 11.

cross-posted from: https://lemmy.ml/post/17417754

>Earlier this year, Microsoft revealed that a Russia-based cybercriminal group labeled as Midnight Blizzard got access to the email accounts of its top executives in late 2023. Today, the company has confirmed that it is informing more of its customers that emails sent to those executives were seen by that hacker group.

>The Russian security breach, combined with an earlier one in 2023 by Chinese hackers who accessed Outlook-based government email accounts in the US and Europe, has been a major embarrassment to Microsoft.

Louis Rossman discuses many design flaws made by Apple over the years throughout their entire catalog.

This video also came out a few days after I praise the Macbook Pro series for being higher quality then their competition as well. 😂 🫣

cross-posted from: https://feddit.org/post/258478

> - At the Public Spaces conference in the Netherlands on June 6th, Alexis Kauffmann from the French Ministry of Education and co-founder of the non-profit software platform FraMaSoft, discussed France’s move towards a comprehensive open source-based education strategy, 2023-2027. The aim is to achieve digital sovereignty and reduce dependence on big tech companies like Microsoft and Google, which are widely used in education systems in other countries. > - “One of the key actions is to offer authoring tools to our teacher and tools based on open source software. No Google Classrooms. Not Microsoft Teams. We have chosen Moodle Elea as a learning management system,” explained Alexis Kauffmann who also pointed to other tools to learn to code and mathematics like Jupyter. > - France uses an app platform with open-source tools like Nextcloud, Big Blue Botton, and Collaboration. They even have their own ‘github’ (owned by Microsoft) called La Forge, where teachers share code. > - “To support this, we have public funds for digital commons, we organise workshops and finance the software, and therefore we can do without Microsoft and Google,” Alexis Kauffmann explained. > > “I am not saying it is easy. The biggest obstacle is political courage to resist the lobbyists both at a national and European level,” he said and pointed to other risks like the quality of big tech’s products, being isolated in Europa, and artificial intelligence. > > He hopes other European countries will follow suit and quoted The European Council Recommendation on education:

Archived

Here is a thread on it: https://infosec.exchange/@jtig/112689665815283809

• So far "there is no evidence to suggest that the product environment or customer data is affected," the company says on its website.
• TeamViewer's internal IT environment is completely independent from its product environment, the firm adds.

[Edit typo.]

• China’s energy regulator said it will limit “low-end” solar panel manufacturing after industry leaders called for more government intervention earlier this month. The move is an acknowledgement by Beijing that solar panel overcapacity is a problem, one that has pushed Chinese solar firms into a price war and shriveled returns.
• The competition in China’s solar power industry is “indeed very fierce,” an official at the National Energy Administration (NEA) said at a press conference Thursday.
• A price war on solar panels in China has meant that big firms have rapidly lost profit while small firms risk bankruptcy.
• Historically, the industry has been propped up by city governments, which build solar panel factories to lease or sell to private firms. But while some local authorities have expressed willingness to continue to keep solar firms afloat, “that support may dry up as the provinces are themselves swimming in debt, largely stemming from the country’s property crisis, and solar has to compete for their support with other green tech sectors, like electric vehicles, that are also struggling with overcapacity.
• Chinese officials want homeowners to install solar panels to combat overcapacity, but China’s grid is still not able to accommodate fluctuating solar energy levels.
• One solution may be virtual power plants: smaller-scale grids that rely on local renewable energy infrastructure and incentivize homeowners to use that energy during peak times with cash payments. But beyond building a new grid meant to handle renewable energy, China also needs “improved coordination” from Beijing to enable solar-heavy provinces to trade energy with solar-weak provinces.
• China’s energy regulator is also pushing for more spot trading — where prices will fluctuate with supply and demand — rather than fixed rates, encouraging customers to use energy during low-demand periods.

cross-posted from: https://feddit.org/post/259710

> - The University Hospital Centre Zagreb (KBC Zagreb) is under cyberattack that started on Wednesday (June 26) night. All services are working, but the processing of patients is slower than usual, Milivoj Novak, Assistant Director at the hospital, has said. > > - The attacks have been claimed by the pro-Russian NoName057(16) hacker group and have resulted in a temporary unavailability of the institutions’ websites and online portals. The sites are back online now. > > - It is currently unknown whether the cyberattack against the hospital involved the deployment of ransomware, and whether it’s connected to yesterday’s DDoS attacks on the websites of several Croatian government and financial institutions: the Ministry of Finance, the Tax Administration, the Croatian National Bank (HNB), the Economic Bank of Zagreb (PBZ), and the Zagreb Stock Exchange (ZSE).

On Wednesday, June 26, 2024, TeamViewer, a leading provider of remote access software, announced that attackers had compromised its internal corporate IT environment.

The company’s security team detected an “irregularity” in their internal systems, prompting an immediate response.

TeamViewer activated its incident response procedures and brought in external cybersecurity experts to investigate and implement remediation measures.

In a statement, TeamViewer emphasized that its corporate IT environment is “completely independent” from its product environment.

The company stated there is no evidence that the breach affected customer data or the TeamViewer product itself. However, investigations are still ongoing.

>Netflix, once a pioneer of ad-free viewing that offered a break from traditional TV norms, is now contemplating launching free ad-supported versions of its service in markets like Europe and Asia, Bloomberg reported.

>The plans to offer a free ad-supported tier, albeit in select markets, suggests that pivot towards monetizing user data, in other words — making users and not the extensive library of award-winning shows a product, might be well in the pipeline.

>Mac malware that steals passwords, cryptocurrency wallets, and other sensitive data has been spotted circulating through Google ads, making it at least the second time in as many months the widely used ad platform has been abused to infect web surfers.

>Like most other large advertising networks, Google Ads regularly serves malicious content that isn’t taken down until third parties have notified the company. Google Ads takes no responsibility for any damage that may result from these oversights. The company said in an email it removes malicious ads once it learns of them and suspends the advertiser and has done so in this case.

>People who want to install software advertised online should seek out the official download site rather than relying on the site linked in the ad. They should also be wary of any instructions that direct Mac users to install apps through the right-click method mentioned earlier. The Malwarebytes post provides indicators of compromise people can use to determine if they’ve been targeted.