The U.S. and the European Union reached a preliminary deal to allow data about Europeans to be stored on U.S. soil, heading off a growing threat to thousands of companies' trans-Atlantic operations. From a report: The deal, announced Friday by President Biden and European Commission President Ursula von der Leyen, could if concluded resolve one of the thorniest outstanding issues between the two economic giants. It also assuages concerns of companies including Meta and Alphabet's Google that were facing mounting legal challenges to data transfers that underpin some of their operations in Europe. An earlier deal regulating trans-Atlantic data flows was deemed illegal by the EU's top court in 2020. That ruling was the second time since 2015 that the EU's Court of Justice had deemed U.S. safeguards on Europeans' data to be insufficient. The court said the U.S. didn't provide EU citizens effective means to challenge U.S. government surveillance of their data. Mr. Biden and Ms. von der Leyen didn't provide details of how the new agreement would work and withstand legal challenges. At issue in the talks has been whether the U.S. could convince the EU -- and its top court -- with new administrative appeals mechanisms for Europeans, but without a change to U.S. law, which would require approval by Congress, people briefed on the talks have said in recent months. Officials and observers on both sides of the Atlantic expect any new agreement to be challenged in court again, raising uncertainty about how long Friday's deal will last.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Motherboard: As Russia makes preparations to possibly disconnect from the global internet in a bid to control the narrative around the invasion of Ukraine, one secretive U.S. company is rushing to lay the final pieces of an unbreakable network that the Kremlin won't be able to take down. The company is Lantern, which says it has seen staggering growth inside Russia in the last four weeks for its app that allows users to bypass restrictions the Kremlin has put in place on platforms like Facebook, Twitter, and Instagram. But now the company is building something even more robust, an internal peer-to-peer network that will allow dissenting voices to continue to upload and share content even if the Kremlin pulls the plug on the internet. Within the next week, the network will be fully operational, allowing opposition voices to use the Lantern app to post content like videos from protests or updates on the war in Ukraine directly to the Lantern network. This would allow users to share it with other Lantern users without fear that the content will be removed or blocked. [...] Lantern was founded in California in 2010 with the goal of keeping "the world's information, speech, expression, and finance uncensored." The free version of the app has a data cap of 500MB, but the pro version, which costs $32 a year, has no data cap. It has become hugely popular in China because of its ability to stay one step ahead of the government's censorship efforts, spreading mainly via word-of-mouth as it's not available via the Google or Apple app stores inside China. n Russia, like all new markets it enters, Lantern removed the data cap for all users. Despite this, some users still paid for the pro version.

Read more of this story at Slashdot.

According to Techdirt's Timothy Geigner, Gran Turismo 7 on the PlayStation was recently rendered unplayable because the DRM servers that require an online check to play the game crumbled during a maintenance window. From the report: "The scheduled server maintenance, timed around the release of the version 1.07 patch for the game, was initially planned to last just two hours starting at 6 am GMT (2 am Eastern) on Thursday morning," reports Ars Technica. "Six hours later, though, the official Gran Turismo Twitter account announced that 'due to an issue found in Update 1.07, we will be extending the Server Maintenance period. We will notify everyone as soon as possible when this is likely to be completed. We apologize for this inconvenience and ask for your patience while we work to resolve the issue.'" "Inconvenience" in this case means not being able to play the game the customer purchased. Like, basically at all. Why the single player content in a console game of all things should require an online check-in is completely beyond me. Console piracy is a thing, but certainly not much of a thing. There is zero chance that this DRM is worth the headache Sony now has on its hands. A headache that lasted for more than a full calendar day, by the way. And a headache that Sony's competitors picked up on to use in messaging to the public on social media.

Read more of this story at Slashdot.

If Netflix follows through with its test to charge an additional fee to users sharing passwords, it could rake in $1.6 billion in global revenue annually, according to a new Wall Street analysis. Variety reports: Last week, Netflix said it was launching a test in three Latin America countries (Chile, Costa Rica and Peru) to address password sharing. Customers will be able to add up to two Extra Member accounts for about $2-$3/month each, on top of their regular monthly fee. According to estimates by Cowen & Co. analysts, if Netflix rolls the program out globally it could add an incremental $1.6 billion in global revenue annually, or about 4% upside to the firm's 2023 revenue projection of $38.8 billion. The firm's estimate assumes that about half of non-paying Netflix password-sharing households will become paying members; further, the model predicts that of those, about half will opt to sign up for their own separate paid account.

Read more of this story at Slashdot.

The European Union agreed on Thursday to one of the world's most far-reaching laws to address the power of the biggest tech companies (Warning: source may be paywalled; alternative source), potentially reshaping app stores, online advertising, e-commerce, messaging services and other everyday digital tools. The New York Times reports: The law, called the Digital Markets Act, is the most sweeping piece of digital policy since the bloc put the world's toughest rules to protect people's online data into effect in 2018. The legislation is aimed at stopping the largest tech platforms from using their interlocking services and considerable resources to box in users and squash emerging rivals, creating room for new entrants and fostering more competition. [...] The Digital Markets Act will apply to so-called gatekeeper platforms, which are defined by factors including a market value of more than 75 billion euros, or about $83 billion. The group includes Alphabet, the owner of Google and YouTube; Amazon; Apple; Microsoft; and Meta. Specifics of the law read like a wish list for rivals of the biggest companies. Apple and Google, which make the operating systems that run on nearly every smartphone, would be required to loosen their grip. Apple will have to allow alternatives to its App Store for downloading apps, a change the company has warned could harm security. The law will also let companies such as Spotify and Epic Games use payment methods other than Apple's in the App Store, which charges a 30 percent commission. Amazon will be barred from using data collected from outside sellers on its services so that it could offer competing products, a practice that is the subject of a separate E.U. antitrust investigation. The law will result in major changes for messaging apps. WhatsApp, which is owned by Meta, could be required to offer a way for users of rival services like Signal or Telegram to send and receive messages to somebody using WhatsApp. Those rival services would have the option to make their products interoperable with WhatsApp. The largest sellers of online advertising, Meta and Google, will see new limits for offering targeted ads without consent. Such ads -- based on data collected from people as they move between YouTube and Google Search, or Instagram and Facebook -- are immensely lucrative for both companies. [...] With these actions, Europe is cementing its leadership as the most assertive regulator of tech companies such as Apple, Google, Amazon, Meta and Microsoft. European standards are often adopted worldwide, and the latest legislation further raises the bar by potentially bringing the companies under new era of oversight -- just like health care, transportation and banking industries. "Faced with big online platforms behaving like they were 'too big to care,' Europe has put its foot down," said Thierry Breton, one of the top digital officials in the European Commission. "We are putting an end to the so-called Wild West dominating our information space. A new framework that can become a reference for democracies worldwide." On Thursday, representatives from the European Parliament and European Council hammered out the last specifics of the law in Brussels. The agreement followed about 16 months of talks -- a speedy pace for the E.U. bureaucracy -- and sets the stage for a final vote in Parliament and among representatives from the 27 countries in the union. That approval is viewed as a formality.

Read more of this story at Slashdot.

Andrew Cunningham writes via Ars Technica: Microsoft's DirectStorage API promises to speed up game-load times, both on the Xbox Series X/S and on Windows PCs (where Microsoft recently exited its developer-preview phase). One of the first games to demonstrate the benefits of DirectStorage on the PC is Square Enix's Forspoken, which was shown off by Luminous Productions technical director Teppei Ono at GDC this week. As reported by The Verge, Ono said that, with a fast NVMe SSD and DirectStorage support, some scenes in Forspoken could load in as little as one second. That is certainly a monstrous jump from the days of waiting for a PlayStation 2 to load giant open-world maps from a DVD. As a demonstration of DirectStorage, though, Forspoken's numbers are a mixed bag. On one hand, the examples Ono showcased clearly demonstrate DirectStorage loading scenes more quickly on the same hardware, compared to the legacy Win32 API -- from 2.6 seconds to 2.2 seconds in one scene, and from 2.4 seconds to 1.9 seconds in another. Forspoken demonstrated performance improvements on older SATA-based SSDs as well, despite being marketed as a feature that will primarily benefit NVMe drives -- dropping from 5.0 to 4.6 seconds in one scene, and from 4.1 to 3.4 seconds in another. Speed improvements for SATA SSDs have been limited for the better part of a decade now because the SATA interface itself (rather than the SSD controller or NAND flash chips) has been holding them back. So eking out any kind of measurable improvement for those drives is noteworthy. On the other hand, Ono's demo showed that game load time wasn't improving as dramatically as the raw I/O speeds would suggest. On an NVMe SSD, I/O speeds increased from 2,862MB/s using Win32 to 4,829MB/s using DirectStorage -- nearly a 70 percent increase. But the load time for the scene decreased from 2.1 to 1.9 seconds. That's a decrease that wouldn't be noticeable even if you were trying to notice it. The Forspoken demo ultimately showed that the speed of the storage you're using still has a lot more to do with how quickly your games load than DirectStorage does. One scene that took 24.6 seconds to load using DirectStorage on an HDD took just 4.6 seconds to load on a SATA SSD and 2.2 seconds to load on an NVMe SSD. That's a much larger gap than the one between Win32 and DirectStorage running on the same hardware.

Read more of this story at Slashdot.

A Japanese startup called H2L Technologies wants you to be able to feel pain inside the metaverse, via a wristband that dishes out small electric shocks. Futurism reports: "Feeling pain enables us to turn the metaverse world into a real [world], with increased feelings of presence and immersion," H2L CEO Emi Tamaki told the Financial Times. The Sony-backed startup's wearable isn't designed with only inflicting pain in mind. It's also meant to convey "weight and resistance feeling to users and avatars on the Metaverse," according to the company. Thanks to the wristband's electrical stimulation, it can mimic a range of sensations from catching a ball to a bird pinching the wearer's skin. Tamaki's goals are much greater than a simple wristband. She's hoping to "release humans from any sort of constraint in terms of space, body and time" within the next decade.

Read more of this story at Slashdot.

Lucas Brooks, an avid Windows fan who digs through and analyzes its early iterations, recently shared his discovery of an easter egg that's been hiding in Windows 1.0 for nearly 37 years. PC Gamer reports: Brooks discovered the secret, a credits list of Windows developers and a "congratulations" message, buried in the data of a smiley face bitmap file that came with the OS. The data for the credits was encrypted, and according to Brooks, the tools he needed to extract the data didn't even exist at the time of the OS' release. There's also a name in the credits all PC gamers will recognize: Gabe Newell, co-founder and president of Valve. Newell began his career at Microsoft after dropping out of Harvard, and contributed to the development of the first three iterations of Windows. He also led the team that ported Doom to Windows from DOS, a crucial step in the transition between the operating systems.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Police in the United Kingdom have arrested seven people over suspected connections to the Lapsus$ hacking group, which has in recent weeks targeted tech giants including Samsung, Nvidia, Microsoft and Okta. In a statement given to TechCrunch, Detective Inspector Michael O'Sullivan from the City of London Police said: "The City of London Police has been conducting an investigation with its partners into members of a hacking group. Seven people between the ages of 16 and 21 have been arrested in connection with this investigation and have all been released under investigation. Our enquiries remain ongoing." News of the arrests comes just hours after a Bloomberg report revealed a teenager based in Oxford, U.K. is suspected of being the mastermind of the now-prolific Lapsus$ hacking group. Four researchers investigating the gang's recent hacks said they believed the 16-year-old, who uses the online moniker "White" or "Breachbase," was a leading figure in Lapsus$, and Bloomberg was able to track down the suspected hacker after his personal information was leaked online by rival hackers. TechCrunch has seen a copy of the the suspected hacker's leaked personal information, which we are not sharing -- but it matches Bloomberg's reporting. City of London Police, which primarily focuses on financial crimes, did not say if the 16-year-old was among those arrested. At least one member of Lapsus$ was also apparently involved with a recent data breach at Electronic Arts, according to [security reporter Brian Krebs], and another is suspected to be a teenager residing in Brazil. The latter is said to be so capable of hacking that researchers first believed that the activity they were witnessing was automated. Researchers' ability to track the suspected Lapsus$ members may be because the group, which now has more than 45,000 subscribers to its Telegram channel where it frequently recruits insiders and leaks victims' data, does little to cover its tracks. In a blog post this week, Microsoft said the group uses brazen tactics to gain initial access to a target organization, which has included publicly recruiting company insiders. As reported by Bloomberg this week, the group has even gone as far as to join the Zoom calls of companies they've breached and taunted employees trying to clean up their hack.

Read more of this story at Slashdot.

Come July, the EPA plans to retire the archive containing old news releases, policy changes, regulatory actions, and more. The Verge reports: The archive was never built to be a permanent repository of content, and maintaining the outdated site was no longer "cost effective," the EPA said to The Verge in an emailed statement. The EPA announced the retirement early this year, after finishing an overhaul of its main website in 2021, but says that the decision was years in the making. The agency maintains that it's abiding by federal rules for records management and that not all webpages qualify as official records that need to be preserved. The EPA says it plans to migrate much of the information to other places. Old news releases will go to the current EPA website's page for press releases. When it comes to the rest of the content, the EPA has a process for making case-by-case decisions on what content can be deleted -- and what is relevant enough to move to the modern website. Some content might be deemed important enough to join the National Archives. The public will be able to request that content through the Freedom of Information Act. The archive is the only comprehensive way that public information about agency policies, like fact sheets breaking down the impact of environmental legislation, and actions, like how the agency implements those laws, have been preserved, [says Gretchen Gehrke, one of the cofounders of a group called Environmental Data and Governance Initiative (EDGI) that's fighting for public access to resources like the EPA's online archives]. That makes the archive vital for understanding how regulation and enforcement have changed over the years. It also shows how the agency's understanding of an issue, like climate change, has evolved. And when the Trump administration deleted information about climate change on the EPA's website, much of it could still be found on the archive. Besides that, Gehrke says the content should just be available on principle because it's public information, paid for by taxpayer dollars.

Read more of this story at Slashdot.

GitHub has introduced a new feed into the dashboard of users and it doesn't appear to have gone down well with the code shack's regulars. The Register reports: As soon as the new feed arrived, replete with all kinds of exciting suggestions for developers to look at, the complaints began rolling in as users worried the recommendations were turning GitHub into something distressingly like a social media platform. "I do not need to see recommendations, nor activity of people I don't follow," said one user. "Don't fix what's not broken." Others were blunter, stating: "I don't want algorithmic feed" and requesting a feed on stuff that actually mattered â" issues, releases, PRs and so on. GitHub pushed out a new beta version of its Home Feed earlier this week, with the avowed intention of developers reaching a wider audience and building communities. The plan is to make discovery easier and help users "find new repositories or users to follow based on your interests." As if to demonstrate the levels of discontent around GitHub's new feature, a Chrome extension quickly showed up to disable the social feed by removing the "For You" section on the GitHub dashboard. Not all users were upset by the appearance of the new feed, and GitHub staff popped up to promise that there would be an option to make one's profile private and opt out of pretty much everything via a single setting. It will, however, take until late April before this option is likely to appear, they said. Which prompted the obvious question: "Why is this opt-out instead of opt-in?"

Read more of this story at Slashdot.

An anonymous reader quotes a report from Gizmodo: A hacker group claims to have stolen and leaked a trove of Nestle's data. The company says that can't possibly be true. Why? Because the data was actually leaked by Nestle itself several weeks ago. In emails to Gizmodo, a Nestle spokesperson disavowed allegations from the hacktivist collective Anonymous, which claimed this week to have stolen and leaked a 10 gigabyte tranche from the global food and beverage conglomerate. Anonymous said it was punishing Nestle for its reticence to withdraw from Russia, as a host of other major companies have done. The data, which Anonymous said included internal emails, passwords, and information on Nestle's customers, was posted to the web on Tuesday. But, according to Nestle, Anonymous is full of it. A spokesperson told Gizmodo, "This recent claim of a cyber-attack against Nestle and subsequent data leak has no foundation." The spokesperson explained that the trove of data floating around the web was, in fact, the product of a mistake the company made earlier this year: "It relates to a case from February, when some randomized and predominantly publicly available test data of a B2B nature was made accessible unintentionally online for a short period of time." [...] In a follow-up email, the same company spokesperson explained that the data, some of which was already public and some of which was not, had been accidentally published to the open internet for multiple weeks. According to the spokesperson: "Some predominantly publicly-available data (e.g., company names and company addresses and some business email addresses) was erroneously made available on the web for a limited period of time (a few weeks). It was detected by our security team at the time and the appropriate review was carried out. The data was prepared for a B2B test website to perform some functionality checks." Nestle on Wednesday said it planned to partly scale back its operations in Russia, continuing to provide "essential food, such as infant food and medical/hospital nutrition."

Read more of this story at Slashdot.

Google's Threat Analysis Group announced on Thursday that it had discovered a pair of North Korean hacking cadres going by the monikers Operation Dream Job and Operation AppleJeus in February that were leveraging a remote code execution exploit in the Chrome web browser. From a report: The blackhatters reportedly targeted the US news media, IT, crypto and fintech industries, with evidence of their attacks going back as far as January 4th, 2022, though the Threat Analysis Group notes that organizations outside the US could have been targets as well. "We suspect that these groups work for the same entity with a shared supply chain, hence the use of the same exploit kit, but each operate with a different mission set and deploy different techniques," the Google team wrote on Thursday. "It is possible that other North Korean government-backed attackers have access to the same exploit kit." Operation Dream Job targeted 250 people across 10 companies with fraudulent job offers from the likes of Disney and Oracle sent from accounts spoofed to look like they came from Indeed or ZipRecruiter. Clicking on the link would launch a hidden iframe that would trigger the exploit.

Read more of this story at Slashdot.

Israel blocked Ukraine from buying NSO Group's Pegasus spyware for fear that Russian officials would be angered by the sale of the sophisticated hacking tool to a regional foe, The Guardian reported Thursday, citing people familiar with the matter. From the report: The revelation, following a joint investigation by the Guardian and Washington Post, offers new insight into the way Israel's relationship with Russia has at times undermined Ukraine's offensive capabilities -- and contradicted US priorities. The Ukrainian president, Volodymyr Zelenskiy, has been critical of Israel's stance since Russia launched its full and bloody invasion of Ukraine on 24 February, saying in a recent address before members of Israel's Knesset that Israel would have to "give answers" on why it had not given weapons to Ukraine or applied sanctions on Russians. People with direct knowledge of the matter say that, dating back to at least 2019, Ukrainian officials lobbied Israel to try to convince it to license the spyware tool for use by Ukraine. But those efforts were rebuffed and NSO Group, which is regulated by the Israeli ministry of defense, was never permitted to market or sell the company's spyware to Ukraine.

Read more of this story at Slashdot.

Google executives, facing a barrage of criticism from employees on issues related to compensation, defended the company's competitiveness at a recent all-hands meeting while acknowledging that the performance review process could change. From a report: The companywide virtual gathering earlier this month followed the release of internal survey results, which showed a growing number of staffers don't view their pay packages as fair or competitive with what they could make elsewhere. At all-hands meetings, Google CEO Sundar Pichai and other senior executives regularly read top submissions from Dory, a site where employees write questions and give a thumbs up to those they want leadership to address. The second highest-rated question ahead of the March meeting was about the annual "Googlegeist" survey. As CNBC reported, the lowest scores from the survey, which went out to employees in January, were in the areas of compensation and execution. "Compensation-related questions showed the biggest decrease from last year, what is your understanding of why that is?" Pichai read aloud from the employee submissions. According to the survey results, only 46% of respondents said their total compensation is competitive compared to similar jobs at other companies. Bret Hill was first to respond. Hill is Google's vice president of "Total Rewards," which refers to compensation and stock packages. "There's some macro economic trends at play," Hill said. "It's a very competitive market and you're probably hearing anecdotal stories of colleagues getting better offers at other companies."

Read more of this story at Slashdot.

An anonymous reader shares a report: After seemingly forgetting that Android tablets existed for a while, Google is suddenly very invested in the market. Android 12L is in development to support larger-screened devices, and one of the platform's co-founders, Rich Miner, has rejoined the team with the title "CTO of Android tablets." Now, speaking to developers during an episode of Google's The Android Show, Miner explained the opportunity the company is seeing. [...] The other reason he cites is that tablets can be "very capable, less expensive than a laptop." That spurred Google's work on Android 12L to optimize its system UI for use on bigger devices, as well as the way it formats apps to fit on big screens. Miner is making the pitch for developers to look at their apps and consider taking advantage of the tools Google's building to improve tablet support or even building apps that approach the market as a tablet-first experience. He points to 2020 sales data, where "tablet purchases actually started to approach the number of laptop shipments... I actually think there's going to be a crossover point at some point in the not too distant future where there are more tablets sold annually than there are laptops. I think once you cross over that point, you're not going to be coming back."

Read more of this story at Slashdot.

Toshiba shareholders on Thursday voted down competing proposals -- one presented by management and the other backed by activist shareholders, leaving the future direction of the embattled Japanese conglomerate uncertain. From a report: Management's plan to spin off Toshiba's devices unit and the separate call to seek buyout offers had both failed to gain the required 50% of the vote. The untidy outcome ensures there will be no immediate end to a four-year scandal-filled battle between management and foreign activist hedge funds, while underscoring deep divisions among Toshiba shareholders. Opposition to Toshiba's plans to break up the company had been widespread and included proxy advisory firms, and its failure comes as no surprise. But the outlook for Singapore-based 3D Investment Partners' proposal that Toshiba solicit private equity buyout offers or a minority investment had been less clear cut. Although 3D and Toshiba's other top two shareholders had supported the quest for a buyout offer, proxy advisory firm Institutional Shareholder Services (ISS) had advised against it, saying the proposal "appears overly prescriptive and premature."

Read more of this story at Slashdot.

Stephen Wilhite, the inventor of the internet-popular short-video format, the GIF, has died. He was 74. From a report: His wife, Kathaleen, said Thursday in a phone interview that he died of COVID on March 14. Wilhite, who lived in Milford, Ohio, won a Webby lifetime achievement award in 2013 for inventing the GIF, which decades after its creation became omnipresent in memes and on social media, often used as a cheeky representation of a cultural moment. Wilhite was working at CompuServe in 1987 when he invented the GIF. "I saw the format I wanted in my head and then I started programming," he told The New York Times in 2013, saying the first image was an airplane and insisting that the file had only one pronunciation - a soft "G," like Jif peanut butter. Those using the hard "G," as in "got" or "given," "are wrong," he said. "End of story." "There's way more to him than inventing GIF," Kathaleen Wilhite said of her husband, who loved trains, with a room dedicated to them in the basement of their house with "enormous train tracks," as well as taking camping trips. Still, even after he retired in 2001, "he never stopped programming," she said.

Read more of this story at Slashdot.

Mozilla today launched MDN Plus, a paid subscription product on top of the existing (and recently re-designed) Mozilla Developer Network (MDN), one of the web's most popular destinations for finding documentation and code samples related to web technologies like CSS, HTML and JavaScript. From a report: The new subscription offering will introduce features like notifications, collections (think lists of articles you want to save) and MDN offline for when you want to access MDN when you're not online. There will be three subscription tiers: MDN core, a free limited version of the paid plans; MDN Plus 5, with access to notifications, collections and MDN offline for $5 per month or $50 per year; and MDN Supporter 10 for those who are willing to pay a bit more to support the platform in addition to getting a direct feedback channel to the MDN team (as well as "pride and joy," Mozila says). As the name implies, that more expensive plan will cost $10 a month or $100 for an annual subscription.

Read more of this story at Slashdot.

Apple is working on a subscription service for the iPhone and other hardware products, a move that could make device ownership similar to paying a monthly app fee, Bloomberg News reported Thursday, citing people with knowledge of the matter. From the report: The service would be Apple's biggest push yet into automatically recurring sales, allowing users to subscribe to hardware for the first time -- rather than just digital services. But the project is still in development, said the people, who asked not to identified because the initiative hasn't been announced, Bloomberg News reports.

Read more of this story at Slashdot.