One of the world's most active ransomware groups has taken an unusual -- if not unprecedented -- tactic to pressure one of its victims to pay up: reporting the victim to the US Securities and Exchange Commission. From a report: The pressure tactic came to light in a post published on Wednesday on the dark web site run by AlphV, a ransomware crime syndicate that's been in operation for two years. After first claiming to have breached the network of the publicly traded digital lending company MeridianLink, AlphV officials posted a screenshot of a complaint it said it filed with the SEC through the agency's website. Under a recently adopted rule that goes into effect next month, publicly traded companies must file an SEC disclosure within four days of learning of a security incident that had a "material" impact on their business.

"We want to bring to your attention a concerning issue regarding MeridianLink's compliance with the recently adopted cybersecurity incident disclosure rules," AlphV officials wrote in the complaint. "It has come to our attention that MeridianLink, in light of a significant breach compromising customer data and operational information, has failed to file the requisite disclosure under item 1.05 of form 8-K within the stipulated four business days, as mandated by the new SEC rules." The violation category selected in the online report was "Material misstatement or omission in a company's filings or financial statements or a failure to file."

Sara Fischer reports via Axios: The decline of local newspapers accelerated so rapidly in 2023 that analysts now believe the U.S. will have lost one-third of the newspapers it had as of 2005 by the end of next year -- rather than in 2025, as originally predicted. There are roughly 6,000 newspapers left in America, down from 8,891 in 2005, according to a new report from Northwestern's Medill School of Journalism, Media, Integrated Marketing Communications. "We're almost at a one-third loss now and we'll certainly hit that pace next year," said the report's co-authors -- Penelope Muse Abernathy, a visiting professor at Medill, and Sarah Stonbely, director of Medill's State of Local News Project. Of the papers that still survive, a majority (4,790) publish weekly, not daily.

Over the past two years, newspapers continued to vanish at an average rate of more than two per week, leaving 204 U.S. counties, or 6.4%, without any local news outlet. Roughly half of all U.S. counties (1,562) are now only served with one remaining local news source -- typically a weekly newspaper. Abernathy and Stonbely estimate that 228 of those 1,562 counties, or roughly 7% of all U.S. counties, are at high risk of losing their last remaining local news outlet.

There isn't enough investment in digital news replacements to stop the spread of news deserts in America. The footprint for alternative local news outlets is tiny and they are mostly clustered around metro areas that already have some local coverage. The report estimates that -- for outlets focused on state and local news -- there are roughly 550 digital-only news sites, 720 ethnic media organizations and 215 public broadcasting stations in America, compared to 6,000 newspapers. The authors argue that the dynamic between those with access to quality local news and those who don't "poses a far-reaching crisis for our democracy as it simultaneously struggles with political polarization, a lack of civic engagement and the proliferation of misinformation and information online."

Republican presidential candidate Vivek Ramaswamy revealed a crypto plan today that aims to protect core aspects of the industry, including software developers and unhosted digital wallets. CoinDesk reports: Republican presidential candidate Vivek Ramaswamy has a message for most of the employees at the U.S. Securities and Exchange Commission (SEC) if he's elected to the White House: You're fired. And everybody still left at their desks would need to back off the crypto industry, according to the candidate's new policy strategy for U.S. digital assets. Most cryptocurrencies are commodities that are none of the SEC's business, according to Ramaswamy's crypto plan shared with CoinDesk on Thursday and set for public release at the North American Blockchain Summit in Texas. The pharmaceutical entrepreneur remains among the top four GOP candidates, maintaining 5% support in a dwindling field dominated by former President Donald Trump, according to polling data.

One issue that separates him from other candidates is his enthusiastic support of crypto as a financial innovation. He argues that the sector needs to have several freedoms protected: the right to code as a First Amendment freedom that should shield software developers from criminal or enforcement vulnerability, the right to maintain self-hosted digital wallets outside the reach of regulators and the right to know how each new virtual asset will be treated by the government. "A big part of what we're missing today is clarity from our regulators," Ramaswamy said in an interview with CoinDesk TV. "What we're going to have is rescinding any of those regulations that are allowing the regulatory state to go after perfectly legal behavior, but by claiming that somehow it shouldn't exist because they don't like it. All of that can end on my watch."

An anonymous reader quotes a report from The Verge: Microsoft will soon let Windows 11 users in the European Economic Area (EEA) disable its Bing web search, remove Microsoft Edge, and even add custom web search providers -- including Google if it's willing to build one -- into its Windows Search interface. All of these Windows 11 changes are part of key tweaks that Microsoft has to make to its operating system to comply with the European Commission's Digital Markets Act, which comes into effect in March 2024. Microsoft will be required to meet a slew of interoperability and competition rules, including allowing users "to easily un-install pre-installed apps or change default settings on operating systems, virtual assistants, or web browsers that steer them to the products and services of the gatekeeper and provide choice screens for key services."

Alongside clearly marking which apps are system components in Windows 11, Microsoft is also responding by adding the ability to uninstall the following apps: Camera, Cortana, Web Search from Microsoft Bing in the EEA, Microsoft Edge in the EEA, and Photos. Only Windows 11 users in the EEA will be able to fully remove Microsoft Edge and the Bing-powered web search from Windows Search. Microsoft could easily extend this to all Windows 11 users, but it's limiting this extra functionality to EEA markets to comply with the rules.

In EEA markets -- which includes EU countries and also Iceland, Liechtenstein, and Norway -- Windows 11 users will also get access to new interoperability features for feeds in the Windows Widgets board and web search in Windows Search. This will allow search providers like Google to extend the main Windows Search interface with their own custom web searches. Microsoft will allow EEA machines to remove the Bing results, so Google could provide its own search results here and effectively become the default if a user has uninstalled Bing. "If the user has more than one search provider installed, Windows Search will show the last one used when opened," explains Aaron Grady, partner group product manager for Windows, in a statement to The Verge.

Amazon is the driving force behind a trio of advocacy groups working to thwart Microsoft's growing ambition to become a major cloud computing contractor for governments, a Bloomberg analysis shows. From the report: The groups -- the Cloud Infrastructure Services Providers in Europe (CISPE), the Coalition for Fair Software Licensing and the Alliance for Digital Innovation -- want to convince policymakers that Microsoft has improperly locked customers into Azure, its cloud computing service, choking off its rivals and hindering the advancement of technology within the government and beyond. These groups have dozens of members. But Amazon is the biggest funder for two of them and the largest company, measured by revenue, that funds another.

Spokespeople for the groups say no single company determines their agendas. But according to a Bloomberg News review of tax filings, documents and interviews with people familiar with the three groups' operations, Amazon Web Services plays a direct role in shaping their efforts in ways that would boost the cloud giant. Through aggressive lobbying of policymakers, these groups want to ensure that customers can use popular Microsoft products like Office Suite or Windows on any cloud computing system -- and, in particular, on Amazon Web Services, the world's number one cloud infrastructure provider and the retail giant's top profit driver.

To hammer that message, they've filed complaints, lobbied regulators and sought to shape the views of policymakers probing the cloud market. In one case, an Amazon executive is listed as the author of a public comment to the Federal Trade Commission, as well as testimony and letters to Congress on behalf of the group, according to an analysis of the documents' metadata, revealing the tech giant's role in the lobbying campaign. (The group says the documents reflect the consensus position of its members.) Amazon denied it authored statements for the group.

An anonymous reader quotes a report from The Verge: The Federal Communications Commission has approved (PDF) a new set of rules aiming to prevent "digital discrimination." It means the agency can hold telecom companies accountable for digitally discriminating against customers -- or giving certain communities poorer service (or none at all) based on income level, race, or religion. The new rules come as part of the Biden Administration's 2021 Bipartisan Infrastructure Law, which requires the FCC to develop and adopt anti-digital discrimination rules. "Many of the communities that lack adequate access to broadband today are the same areas that suffer from longstanding patterns of residential segregation and economic disadvantage," FCC Chairwoman Jessica Rosenworcel said following today's vote. "It shows that minority status and income correlate with broadband access."

Under the new rules, the FCC can fine telecom companies for not providing equal connectivity to different communities "without adequate justification," such as financial or technical challenges of building out service in a particular area. The rules are specifically designed to address correlations between household income, race, and internet speed. Last year, a joint report from The Markup and the Associated Press found that AT&T, Verizon, and other internet service providers offer different speeds depending on the neighborhood in cities throughout the US. The report revealed neighborhoods with lower incomes and fewer white people get stuck with slower internet while still having to pay the same price as those with faster speeds. At the time, USTelecom, an organization that represents major telecom providers, blamed the higher price on having to maintain older equipment in certain communities.

The FCC was nearly divided on the new set of rules, as it passed with a 3-2 vote. Critics of the new policy argue the rules are an overextension of the FCC's power. Jonathan Spalter, the CEO of USTelecom, says the FCC is "taking overly intrusive, unworkably vague, and ultimately harmful steps in the wrong direction." Spalter adds the framework "is counter" to Congress' goal of giving customers equal access to the internet. Still, supporters of the new rules believe they can go a long way toward improving fractured broadband coverage throughout the US. The FCC will also establish an "improved" customer portal, where the agency will field and review complaints about digital discrimination. It will take things like broadband deployment, network upgrades, and maintenance across communities into account when evaluating providers for potential rule violations, giving it the authority to hopefully finally address the disparities in internet access throughout the US.

Nicola Davis reports via The Guardian: A new study has found people are more likely to think pictures of white faces generated by AI are human than photographs of real individuals. "Remarkably, white AI faces can convincingly pass as more real than human faces -- and people do not realize they are being fooled," the researchers report. The team, which includes researchers from Australia, the UK and the Netherlands, said their findings had important implications in the real world, including in identity theft, with the possibility that people could end up being duped by digital impostors.

However, the team said the results did not hold for images of people of color, possibly because the algorithm used to generate AI faces was largely trained on images of white people. Dr Zak Witkower, a co-author of the research from the University of Amsterdam, said that could have ramifications for areas ranging from online therapy to robots. "It's going to produce more realistic situations for white faces than other race faces," he said. The team caution such a situation could also mean perceptions of race end up being confounded with perceptions of being "human," adding it could also perpetuate social biases, including in finding missing children, given this can depend on AI-generated faces. The findings have been published in the journal Psychological Science.

The U.S. Federal Bureau of Investigation (FBI) has struggled to stop a hyper-aggressive cybercrime gang that's been tormenting corporate America over the last two years, according to nine cybersecurity responders, digital crime experts and victims. Reuters: For more than six months, the FBI has known the identities of at least a dozen members tied to the hacking group responsible for the devastating September break-ins at casino operators MGM Resorts International and Caesars Entertainment, according to four people familiar with the investigation. Industry executives have told Reuters they were baffled by an apparent lack of arrests despite many of the hackers being based in America. "I would love for somebody to explain it to me," said Michael Sentonas, president of CrowdStrike, one of the firms leading the response effort to the hacks.

"For such a small group, they are absolutely causing havoc," Sentonas told Reuters in an interview last month. Sentonas said the hackers were "known" but didn't provide specifics. He did say, "I think there is a failure here." Asked who was responsible for the failure, Sentonas said, "law enforcement." [...] Dubbed by some security professionals as "Scattered Spider," the hacking group has been active since 2021 but it grabbed headlines following a series of intrusions at several high profile American companies.

Anton Shilov reports via Tom's Hardware: A new report from a data recovery company now points the finger at design and manufacturing flaws as the underlying issue with the recent flood of SanDisk Extreme Pro failures that eventually spurred a class action lawsuit. It became clear in May that some of Western Digital's SanDisk Extreme Pro 4TB SSDs suffered from sudden data loss; at this point, the company promised a firmware update to owners of the 4TB models. However, the 2TB and 3TB models also suffer from the same issue, and Western Digital did not promise any firmware updates for these drives.

Markus Hafele, Managing Director of Attingo, a data recovery company, told FutureZone that the problem lies in hardware, not firmware, which could explain the lack of corrective firmware updates for those models and SanDisk's continued silence about the source of the issues. Attingo, which has been in the data recovery business for over 25 years, normally sees these failed SanDisk Extreme Pro SSDs at least once a week. The problem appears to be rather complex. According to HÃfele, the components used in these SSDs are too big for the circuit board, causing weak connections (i.e., high impendence and high temperatures) and making them prone to breaking. He also says that the soldering material used to attach these components is prone to forming bubbles and breaking easily.

It remains unknown whether the cause is cheap solder, the componentry, or both contribute to the issues observed. However, newer revisions of these SanDisk Extreme Pro SSDs seem to have been modified with extra epoxy resin to secure the oversized components. This suggests that Western Digital might know about the hardware problems. Nevertheless, these newer models are still failing, thus sending data recovery service customers to firms like Attingo. According to the head of Attingo, the issue seems to be affecting multiple product lineups, including both SanDisk Extreme Portable SSD as well as the SanDisk Extreme Pro Portable SSD.

Greek economist/politician Yanis Varoufakis "was briefly Greek finance minister in 2015," remembers the Conversation. Now his new book asks the question, "What killed capitalism," with the title's first word providing an answer.

"Techno-feudalism." Varoufakis argues that we no longer live in a capitalist society... "Today, capitalist relations remain intact, but techno-feudalist relations have begun to overtake them," writes Varoufakis. Traditional capitalists, he proposes, have become "vassal capitalists". They are subordinate and dependent on a new breed of "lords" — the Big Tech companies — who generate enormous wealth via new digital platforms. A new form of algorithmic capital has evolved — what Varoufakis calls "cloud capital" — and it has displaced "capitalism's two pillars: markets and profits".

Markets have been "replaced by digital trading platforms which look like, but are not, markets". The moment you enter amazon.com "you exit capitalism" and enter something that resembles a "feudal fief": a digital world belonging to one man and his algorithm, which determines what products you will see and what products you won't see. If you are a seller, the platform will determine how you can sell and which customers you can approach. The terms in which you interact, share information and trade are dictated by an "algo" that "works for [Jeff Bezos'] bottom line"...

Access to the "digital fief" comes at the cost of exorbitant rents. Varoufakis notes that many third-party developers on the Apple store, for example, pay 30% "on all their revenues", while Amazon charges its sellers "35% of revenues". This, he argues, is like a medieval feudal lord sending round the sheriff to collect a large chunk of his serfs' produce because he owns the estate and everything within it.

There is "no disinterested invisible hand of the market" here. The Big Tech platforms are exempted from free-market competition.
And in the meantime, users are unknowingly training their algorithms for them — so "In this interaction, we are all high-tech 'cloud serfs'... [T]he 'cloud capital' we are generating for them all the time increases their capacity to generate yet more wealth, and thus increases their power — something we have only begun to realise." Approximately 80% of the income of traditional capitalist conglomerates go to salaries and wages, according to Varoufakis, while Big Tech's workers, in contrast, collect "less than 1% of their firms' revenues"... For Varoufakis, we are not just living through a tech revolution, but a tech-driven economic revolution. He challenges us to come to terms with just what has happened to our economies — and our societies — in the era of Big Tech and Big Finance.
Thanks to Slashdot reader ZipNada for sharing the article.

This week the Council of the European Union made an announcement. "With a view to ensuring a trusted and secure digital identity for all Europeans, the Council presidency and European Parliament representatives reached today a provisional agreement on a new framework for a European digital identity (eID)."

The proposed new framework would also require member states "to issue a digital wallet under a notified eID scheme, built on common technical standards, following compulsory certification."

"With the approval of the European digital identity regulation, we are taking a fundamental step so that citizens can have a unique and secure European digital identity," said Nadia Calviao, acting Spanish first vice-president and minister for economy and digitalisation.

From the announcement: The revised regulation constitutes a clear paradigm shift for digital identity in Europe aiming to ensure universal access for people and businesses to secure and trustworthy electronic identification and authentication. Under the new law, member states will offer citizens and businesses digital wallets that will be able to link their national digital identities with proof of other personal attributes (e.g., driving licence, diplomas, bank account). Citizens will be able to prove their identity and share electronic documents from their digital wallets with a click of a button on their mobile phone.

The new European digital identity wallets will enable all Europeans to access online services with their national digital identification, which will be recognised throughout Europe, without having to use private identification methods or unnecessarily sharing personal data. User control ensures that only information that needs to be shared will be shared...

The revised law clarifies the scope of the qualified web authentication certificates (QWACs), which ensures that users can verify who is behind a website, while preserving the current well-established industry security rules and standards.
"When finalised, the text will be submitted to the member states' representatives (Coreper) for endorsement. Subject to a legal/linguistic review, the revised regulation will then need to be formally adopted by the Parliament and the Council before it can be published in the EU's Official Journal and enter into force."

Started in 2013, "Hour of Code" is an annual tradition started by the education non-profit Code.org (which provides free coding lessons to schools). Its FAQ describes the December event for K-12 students as "a worldwide effort to celebrate computer science, starting with 1-hour coding activities," and over 100 million schoolkids have participated over the years.

This year's theme will be "Creativity With AI," and the "computer vision" lesson includes a short video (less than 7 minutes) featuring a Tesla Autopilot product manager from its computer vision team. "I build self-driving cars," they say in the video. "Any place where there can be resources used more efficiently I think is a place where technology can play a role. But of course one of the best, impactful ways of AI, I hope, is through self-driving cars." (The video then goes on to explain how lots of training data ultimately generates a statistical model, "which is just a fancy way of saying, a guessing machine.")

The 7-minute video is part of a larger lesson plan (with a total estimated time of 45 minutes) in which students tackle a fun story problem. If a sports arena's scoreboard is showing digital numbers, what series of patterns would a machine-vision system have to recognize to identify each digit. (Students are asked to collaborate in groups.) And it's just one of seven 45-minute lessons, each one accompanied by a short video. (The longest video is 7 minutes and 28 seconds, and all seven videos, if watched back-to-back, would run for about 31 minutes.)

Not all the lessons involve actual coding, but the goal seems to be familiarizing students (starting at the 6th grade level) with artificial intelligence of today, and the issues it raises. The second-to-last lesson is titled "Algorithmic Bias" — with a video including interviews with an ethicist at Open AI and professor focused on AI from both MIT and Stanford. And the last lesson — "Our AI Code of Ethics" — challenges students to assemble documents and videos on AI-related "ethical pitfalls," and then pool their discoveries into an educational resource "for AI creators and legislators everywhere."

This year's installment is being billed as "the largest learning event in history." And it's scheduled for the week of December 4 so it coincides with "Computer Science Education Week" (a CS-education event launched in 2009 by the Association for Computing Machinery, with help from partners including Intel, Microsoft, Google, and the National Science Foundation).

This week GitHub announced the approaching general availability of the GPT-4-powered GitHub Copilot Chat in December "as part of your existing GitHub Copilot subscription" (and "available at no cost to verified teachers, students, and maintainers of popular open source projects.")

And this "code-aware guidance and code generation" will also be integrated directly into github.com, "so developers can dig into code, pull requests, documentation, and general coding questions with Copilot Chat providing suggestions, summaries, analysis, and answers." With GitHub Copilot Chat we're enabling the rise of natural language as the new universal programming language for every developer on the planet. Whether it's finding an error, writing unit tests, or helping debug code, Copilot Chat is your AI companion through it all, allowing you to write and understand code using whatever language you speak...

Copilot Chat uses your code as context, and is able to explain complex concepts, suggest code based on your open files and windows, help detect security vulnerabilities, and help with finding and fixing errors in code, terminal, and debugger...

With the new inline Copilot Chat, developers can chat about specific lines of code, directly within the flow of their code and editor.
InfoWorld notes it will chat in "whatever language a developer speaks." (And that Copilot Chat will also be available in GitHub's mobile app.) But why wait until December? GitHub's blog post says that Copilot Chat "will come to the JetBrains suite of IDEs, available in preview today."

GitHub also plans to introduce "slash commands and context variables" for GitHub Copilot, "so fixing or improving code is as simple as entering /fix and generating tests now starts with /tests."

"With Copilot in the code editor, in the CLI, and now Copilot Chat on github.com and in our mobile app, we are making Copilot ubiquitous throughout the software development lifecycle and always available in all of GitHub's surface areas..."

CNBC adds that "Microsoft-owned GitHub" also plans to introduce "a more expensive Copilot assistant" in February "for developers inside companies that can explain and provide recommendations about internal source code."

Wednesday's blog post announcing these updates was written by GitHub's CEO, who seemed to be predicting an evolutionary leap into a new future. "Just as GitHub was founded on Git, today we are re-founded on Copilot." He promised they'd built on their vision of a future "where AI infuses every step of the developer lifecycle." Open source and Git have fundamentally transformed how we build software. It is now evident that AI is ushering in the same sweeping change, and at an exponential pace... We are certain this foundational transformation of the GitHub platform, and categorically new way of software development, is necessary in a world dependent on software. Every day, the world's developers balance an unsustainable demand to both modernize the legacy code of yesterday and build our digital tomorrow. It is our guiding conviction to make it easier for developers to do it all, from the creative spark to the commit, pull request, code review, and deploy — and to do it all with GitHub Copilot deeply integrated into the developer experience.
And if you're worried about the security of AI-generated code... Today, GitHub Copilot applies an LLM-based vulnerability prevention system that blocks insecure coding patterns in real-time to make GitHub Copilot's suggestions more secure. Our model targets the most common vulnerable coding patterns, including hardcoded credentials, SQL injections, and path injections. GitHub Copilot Chat can also help identify security vulnerabilities in the IDE, explain the mechanics of a vulnerability with its natural language capabilities, and suggest a specific fix for the highlighted code.
But for Enterprise accounts paying for GitHub Advanced Security, there's also an upgrade coming: "new AI-powered application security testing features designed to detect and remediate vulnerabilities and secrets in your code." (It's already available in preview mode.)

GitHub even announced plans for a new AI assistant in 2024 that generates a step-by-step plan for responding to GitHub issues. (GitHub describes it as "like a pair programming session with a partner that knows about every inch of the project, and can follow your lead to make repository-wide changes from the issue to the pull request with the power of AI.")

CNBC notes that AI-powered coding assistants "are still nascent, though, with less than 10% enterprise adoption, according to Gartner, a technology industry research firm."

But last month Microsoft CEO Satya Nadella told analysts GitHub Copilot already had one million paying users...

And GitHub's blog post concludes, "And we're just getting started."

With 1.4 billion people, India is the second most-populous country in the world.

But a new article in the Washington Post alleges that India has "set a global standard for online censorship." For years, a committee of executives from U.S. technology companies and Indian officials convened every two weeks in a government office to negotiate what could — and could not — be said on Twitter, Facebook and YouTube. At the "69A meetings," as the secretive gatherings were informally called, officials from India's information, technology, security and intelligence agencies presented social media posts they wanted removed, citing threats to India's sovereignty and national security, executives and officials who were present recalled. The tech representatives sometimes pushed back in the name of free speech...

But two years ago, these interactions took a fateful turn. Where officials had once asked for a handful of tweets to be removed at each meeting, they now insisted that entire accounts be taken down, and numbers were running in the hundreds. Executives who refused the government's demands could now be jailed, their companies expelled from the Indian market. New regulations had been adopted that year to hold tech employees in India criminally liable for failing to comply with takedown requests, a provision that executives referred to as a "hostage provision." After authorities dispatched anti-terrorism police to Twitter's New Delhi office, Twitter whisked its top India executive out of the country, fearing his arrest, former company employees recounted.

Indian officials say they have accomplished something long overdue: strengthening national laws to bring disobedient foreign companies to heel... Digital and human rights advocates warn that India has perfected the use of regulations to stifle online dissent and already inspired governments in countries as varied as Nigeria and Myanmar to craft similar legal frameworks, at times with near-identical language. India's success in taming internet companies has set off "regulatory contagion" across the world, according to Prateek Waghre, a policy director at India's Internet Freedom Foundation...

Despite the huge size of China's market, companies like Twitter and Facebook were forced to steer clear of the country because Beijing's rules would have required them to spy on users. That left India as the largest potential growth market. Silicon Valley companies were already committed to doing business in India before the government began to tighten its regulations, and today say they have little choice but to obey if they want to remain there.
The Post spoke to Rajeev Chandrasekhar, the deputy technology minister in the BJP government who oversees many of the new regulations, who argued "The shift was really simple: We've defined the laws, defined the rules, and we have said there is zero tolerance to any noncompliance with the Indian law...

"You don't like the law? Don't operate in India," Chandrasekhar added. "There is very little wiggle room."

The longest actor's strike in Hollywood history ended with "groundbreaking" protections against the use of AI, reports CNN: Studios will have to provide informed consent for the creation of any kind of digital replica of a performer or background actor, with a specific description of the intended use, the union officials said. Compensation for the replica will vary. Notably, the contract also protects background performers from any use of their digital replica without their consent, SAG leadership said. [Even after they are deceased.]

Negotiations over using AI to create synthetic performers continued down to the wire. Union leadership said studios will have to gain consent for any actors whose facial features are used for the AI performer, the studios have to inform actors they're using AI, and the union can bargain over compensation for those affected by it.
The separate deal signed in September with the writer's guild "also includes assurances that AI cannot write or rewrite literary material," the article adds, "and will require AI-generated materials to be disclosed to writers." Now the president of the actor's union tells the Hollywood Reporter, "We got everything we wanted with the AI protections, which was key. Plus we're going to be meeting with the AMPTP [the entertainment industry's bargaining unit] twice a year to make sure that our finger remains on the pulse of the progress, and also to align ourselves on the same side with regard to federal regulations and protections against piracy."

And the union president underscored the importance of AI-related protections to Rolling Stone" "If we didn't get that package, then what are we doing? We're not really able to protect our members in the way that they needed to be protected... If we didn't get those barricades, what would it be in three years...?"

In the union's initial announcement of the tentative deal on Wednesday, SAG-AFTRA promised it had secured a contract "of extraordinary scope" valued at more than $1 billion and "unprecedented provisions for consent and compensation that will protect members from the threat of AI."

9to5Mac has found evidence in the iOS 17.2 beta code that hints the company is moving towards enabling sideloading on iOS devices. From the report: iOS 17.2 has a new public framework called "Managed App Distribution." While our first thought was that this API would be related to MDM solutions for installing enterprise apps (which is already possible on iOS), it seems that Apple has been working on something more significant than that. By analyzing the new API, we've learned that it has an extension endpoint declared in the system, which means that other apps can create extensions of this type. Digging even further, we found a new, unused entitlement that will give third-party apps permission to install other apps. In other words, this would allow developers to create their own app stores.

The API has basic controls for downloading, installing, and even updating apps from external sources. It can also check whether an app is compatible with a specific device or iOS version, which the App Store already does. Again, this could easily be used to modernize MDM solutions, but here's another thing. We also found references to a region lock in this API, which suggests that Apple could restrict it to specific countries. This wouldn't make sense for MDM solutions, but it does make sense for enabling sideloading in particular countries only when required by authorities -- such as in the European Union. Under the European Union's Digital Markets Act, or DMA, big tech companies will be required to, among other things, allow users to install any apps they want from third-party sources. "In theory, Apple is required to comply with DMA legislation by March 2024," reports 9to5Mac. "The company has even admitted in a Form 10-K filing that it expects to make changes that will impact the App Store's business model."

Internet service providers and their lobby groups are fighting a US plan to prohibit discrimination in access to broadband services. In particular, ISPs want the Federal Communications Commission to drop the plan's proposal to require that prices charged to consumers be non-discriminatory. From a report: In 2021, Congress required the Federal Communications Commission to issue rules "preventing digital discrimination of access based on income level, race, ethnicity, color, religion, or national origin" within two years. FCC Chairwoman Jessica Rosenworcel last month released her draft plan to comply with the congressional mandate and scheduled a November 15 commission vote on adopting final rules. The plan is likely to pass in a party-line vote as Rosenworcel has a 3-2 Democratic majority, but aspects of the draft could be changed before the vote. Next week's meeting could be a contentious one, judging by a statement issued Monday by Republican Commissioner Brendan Carr.

Carr described Rosenworcel's proposal as "President Biden's plan to give the administrative state effective control of all Internet services and infrastructure in the US." He also objects to the Rosenworcel plan's statement that the FCC rules may apply to entities that are not broadband providers, such as landlords, if they "impede equal access to broadband Internet access service." Consumer advocates generally support the proposal but say the planned system for handling complaints, ISP responses, and investigations is not transparent enough, reducing the system's potential to act as a deterrent. Consumer advocates also say Internet users who have already been harmed by discrimination may not get any relief because the proposed rules do not apply retroactively. ISPs including Comcast, Charter, AT&T, and Verizon have held a flurry of meetings with FCC officials and commissioners in which they argued that the rules are too broad.

Angela Watercutter and Will Bedingfield report via Wired: After 118 days on the picket lines, the longest such strike in Hollywood's history, the Screen Actors Guild-American Federation of Television and Radio Artists has reached a deal with the Alliance of Motion Picture and Television Producers. Both sides were mum about the terms of the deal Wednesday night, but it comes following a long struggle over the use of artificial intelligence on actors' performances and actors' demands for residual payments for shows and films that play on streaming services. A committee from SAG, which represents thousands of film and television actors, approved the agreement Wednesday. The strike itself, which has featured pickets outside the offices of Netflix, Disney, Warner Bros. Discovery, and others, will end Thursday morning. It's expected that the tentative deal will head to the union's national board to be approved on Friday.

Undeniably, this is a huge milestone for Hollywood, a $130 billion-plus industry that has all but ground to halt this year, as both the Writers Guild of America and SAG dug in their heels over fair wages and the use of AI in their work. WGA members went on strike in May; SAG walked off the job in July, the first time the industry had faced a dual work stoppage since 1960. The WGA strike ended in September with a historic deal that put up guardrails to protect writers from AI encroaching on their work. As this year's negotiations between SAG and AMPTP dragged on, generative AI became the major sticking point. Back in July, studios claimed they offered a "groundbreaking AI proposal that protects actors' digital likenesses." SAG countered that the proposal stipulated background performers could be scanned, paid for the day, and then turned into digital characters that studios could use "for the rest of eternity." (AMPTP disputed this.)

The issue was volleyed back and forth until last weekend, when SAG reviewed the studios' "last, best, and final" offer and rejected it, claiming "there are several essential items on which we still do not have an agreement, including AI. A follow-up story in The Hollywood Reporter revealed that the AMPTP proposal sought to allow studios to pay for AI scans of what are known as Schedule F performers and, following the actors' death, allow studios to use the scans without the consent of the estate or SAG. Schedule F performers include anyone who makes more than the minimum rate for TV series regulars or feature films. The guild wanted compensation for reuse of the scans, along with consent. On Tuesday, the studios reportedly agreed to adjust the AI language in their proposal, a move that seems to have been the tipping point. Even though the terms of the tentative deal reached Thursday are unclear, it's hard to imagine the actors didn't get at least some of the AI protections they were seeking.

An anonymous reader quotes a report from Ars Technica: People who buy a Fire TV from Amazon are probably looking for a cheap and simple way to get an affordable 4K smart TV. When Amazon announced its first self-branded TVs in September 2021, it touted them as being a "great value." But owners of the devices will soon be paying for some of those savings in the form of more prominently displayed advertisements. Charlotte Maines, Amazon's director of Fire TV advertising, monetization, and engagement, detailed the new types of ads that Amazon is selling on Fire TVs. In a StreamTV Insider report from November 1, Amazon said the new ads will allow advertisers to reach an average of 155 million unique monthly viewers. Some of the changes targeting advertisers, like connecting display placement ads with specific in-stream video ads, seem harmless enough. Others could jeopardize the TV-watching experience for owners.

For example, Amazon is preparing to make Alexa with generative AI more useful for finding content on Fire TVs. This could help Alexa, which has struggled alongside other tech giants' voice assistants to generate significant revenue. Amazon gets money every time someone interacts with digital content through Alexa. However, the company is double-dipping on this idea by also tying ads to generative AI on Fire TVs. When users ask Alexa to help them find media with queries such as "play the show with the guy who plays the lawyer in Breaking Bad," they will see ads that are relevant to the search. [...] Finally, Amazon is adding "contextual sponsored tiles" that use machine learning to show ads based on whatever content genre or search term the Fire TV user is browsing.

Amazon Fire TV users will also start seeing banner ads on the device's home screen for things that have nothing to do with entertainment or media. This ad space was previously reserved for advertising media and entertainment, making the ads feel more relevant, at least. Amazon opening the ad space to more types of advertisers is similar to a move Google TV made early this year. The banner ads will occupy the first slot in the rotating hero area, which Amazon believes is the first thing Fire TV users see.

Next April a new LTS Ubuntu arrives, and alongside it will be a whole new immutable desktop edition. At this year's Ubuntu conference in Riga, Latvia, Canonical revealed more details about its forthcoming immutable desktop distro. From a report: Core Desktop is not the next version of Ubuntu itself. Ordinary desktop and server Ubuntu aren't going anywhere, and the next release, numbered 24.04 and codenamed Noble Numbat as we mentioned last month, will be the default and come with all the usual editions and flavors. Nor is this a whole new product: it is a graphical desktop edition of the existing Ubuntu Core distro, as we examined on its release in June last year, a couple of months after 22.04. Ubuntu Core is Canonical's Internet of Things (IoT) distro, intended to be embedded on edge devices, such as digital signs and smart displays. It is an immutable distro, meaning that the root filesystem is read-only and there's no conventional package manager.

Rather than being a basis for customization, like a conventional Linux, the idea is that immutable distros are rolled out and updated more like a phone or tablet OS: there's a single fixed and heavily tested OS image, and it's deployed onto the devices out in the field without modification. Updates are monolithic: a whole fresh image is pushed out, and all the OS components are upgraded in a single operation to the same combination. That isn't unique. Most of the major Linux vendors have immutable offerings, and The Reg has looked at several over the years, including MicroOS, the basis of SUSE's next-gen enterprise OS ALP. As well as the well-known ChromeOS, another immutable desktop is the educational distro Endless OS.

[...] Canonical believes it has some unique new angles. Core Desktop is constructed as additional layers on top of the existing Ubuntu Core distro, and like Core, it's entirely built with a single packaging system: Ubuntu's Snap. While Snap remains controversial, it does have some compelling advantages over both SUSE and Red Hat's tooling. SUSE's transactional_update tool, while simpler than its rivals in implementation, requires a snapshot-capable filesystem, meaning that its immutable distros must use Btrfs. While it has many admirers, the number and the contents of the orange and red cells in the feature tables here in its own documentation reflect the FOSS desk's serious reservations about Btrfs.