Starting today Apple is opening up its App Store to allow game streaming apps and services. From a report: This means that services like Xbox Cloud Streaming and GeForce Now, which previously were only accessible on iOS via a web browser, will be able to offer full-featured apps. "Developers can now submit a single app with the capability to stream all of the games offered in their catalog," Apple wrote in a blog post. These changes apply "worldwide," according to the company.

In 2020, Apple appeared to have carved out a space for these cloud gaming services in the App Store. But that turned out not to be the case, as all games available through each service had to be submitted and reviewed as a standalone app. So the shift to allow one app with a large catalog of games marks a major change. As part of today's announcement, Apple said that "each experience made available in an app on the App Store will be required to adhere to all App Store Review Guidelines and its host app will need to maintain an age rating of the highest age-rated content included in the app." Apple also says that developers will now "be able to provide enhanced discovery opportunities for streaming games, mini-apps, mini-games, chatbots, and plug-ins that are found within their apps," and that "mini-apps, mini-games, chatbots, and plug-ins will be able to incorporate Apple's In-App Purchase system to offer their users paid digital content or services for the first time, such as a subscription for an individual chatbot."

The iPhone's app ecosystem is about to go through its biggest shake-up since the App Store launched in 2008. Today, Apple announced how it plans to change the rules for developers releasing iOS software in the European Union in response to the bloc's Digital Markets Act (DMA) coming into force in March. The big news is that third-party app stores will be allowed on iOS for the first time, breaking the Apple App Store's position as the sole distributor of iPhone apps. The changes will arrive with iOS 17.4 in March. From a report: Here's how the new "alternative app marketplaces," as Apple called them, will work. Users in the EU and on iOS 17.4 will be able to download a marketplace from that marketplace's website. In order to be used on an iPhone, those marketplaces have to go through Apple's approval process, and once you download one, you have to explicitly give it permission to download apps to your device. But once the marketplace is approved and on your device, you can download anything you want -- including apps that violate App Store guidelines. You can even set a non-App Store marketplace as the default on your device.

Developers, meanwhile, can choose whether to use Apple's payment services and in-app purchases or integrate a third-party system for payments without paying an additional fee to Apple. If the developer wants to stick with Apple's existing in-app payment system, there's an additional 3 percent processing fee. Apple still plans to keep a close eye on the app distribution process. All apps must be "notarized" by Apple, and distribution through third-party marketplaces is still managed by Apple's systems. Developers will only be allowed to distribute a single version of their app across different app stores, and they'll still have to abide by some basic platform requirements, like getting scanned for malware. Apple says that anyone looking to develop an alternative app marketplace will have to provide evidence that it can financially "guarantee support for developers and customers." Apple wants "a stand-by letter of credit from an A-rated (or equivalent by S&P, Fitch, or Moody's) financial Institution of 1 million Euro prior to receiving the entitlement. It will need to be auto-renewed on a yearly basis."

Illegal subscription services that steal films or TV shows bring in $2 billion a year in ads and subscriber fees (non-paywalled link). From a report: Ever since taking on Netflix at its own game, old Hollywood has struggled to turn a profit in streaming, with the likes of Disney+, Peacock and Paramount+ losing billions of dollars each year, sparking concerns on Wall Street that the services will never be as profitable as cable once was. But the age of streaming has been a boon for some unintended winners: pirates that use software to rip a film or television show in seconds from legitimate online video platforms and host the titles on their own, illegitimate services, which rake in about $2 billion annually from ads and subscriptions.

With no video production costs, illicit streaming sites such as myflixer and projectfreetv have achieved profit margins approaching 90%, according to the Motion Picture Association, a trade group representing Hollywood studios that's working to crack down on the thousands of illegal platforms that have cropped up in recent years. Initially the rise of legitimate online businesses such as Netflix actually helped curb digital piracy, which had largely been based on file uploads. But now piracy involving illegal streaming services as well as file-sharing costs the US economy about $30 billion in lost revenue a year and some 250,000 jobs, estimates the US Chamber of Commerce's Global Innovation Policy Center. The global impact is about $71 billion annually.

In the US, which counts almost 130 subscription piracy sites, the MPA estimates that the top three combined have about 2 million users paying $5 to $10 per month for films, TV shows and live sports. Analysts say the user number could soar as the cost of subscriptions from legitimate companies such as Walt Disney approach $20 per month as they seek to bolster the finances of their streaming platforms. "Some of these pirate websites have gotten more daily visits than some of the top 10 legitimate sites," says Karyn Temple, the MPA's general counsel. "That really shows how prolific they are."

To comply with the EU's Digital Markets Act, Meta is rolling out changes to give users in Europe the ability to unlink their Facebook, Messenger and Instagram accounts. Neowin reports: One key choice users will have is how information is shared between Facebook and Instagram. Instagram and Facebook users will be able to choose whether or not they want information shared between the apps. Those who currently have connected Instagram and Facebook accounts can opt to keep sharing data between the apps or separate their accounts. Furthermore, Messenger is getting a standalone option. Users can continue using Messenger with their Facebook account or create a new account completely independent of Facebook. This new Messenger account will still offer core features like messaging, chat, and voice/video calls, but without Facebook.

For Facebook Marketplace, the options will be a personalized marketplace experience that taps into Facebook profiles or an anonymized experience where buyers and sellers only communicate via email instead of Messenger. For gamers, Meta offers a similar choice to Facebook Gaming. Users can keep their Facebook info linked for access to features like multiplayer, in-game purchases, and personalized recommendations. Alternatively, they can opt for a Facebook-free gaming experience. Finally, an option introduced in November 2023 remains relevant -- European users can choose to pay a subscription to Facebook and Instagram ad-free. It ensures that their information is not used for targeted advertising.

Jamie Bartlett, a technology columnist, argues that social media platforms constantly pressure users to share opinions on events they may not fully understand, contributing to an atmosphere of performative outrage and conformity rather than thoughtful discussion. However, he also acknowledges the counterpoint that silence in the face of injustice can enable harm. From the column: One of the trickier aspects of digital life is the constant pressure to opine. To have a strong opinion on a subject, and to share it with the world. It's literally baked into the design of the most popular platforms. [...] If I am honest, I know very little about most bad things going on in the world. Certainly not enough that sharing my view will inform or educate or enlighten. Yet whenever I see a news report, an urgent need rises up: what shall I say about this? I have a feeling about it -- which must be shared! (And ideally in emotionally charged language, since that will receive more interactions).

What's wrong with calling out the bad stuff going on? Nothing per se. And certainly not on an individual level. The problem is when people feel a soft and gentle pressure to denounce, to praise, to comment on things they don't feel they fully understand. Things they don't feel comfortable speaking about. Things that are contentious and difficult to discuss on heartless, unforgiving platforms where the wrong phrase or tone might land you in hot water. What social media has done is to make silence an active -- rather than the default -- choice. To speak publicly is now so easy that not doing it kind-of-implies you don't know or don't care about what's going on in the world. Who wants to look ignorant or indifferent? And besides, who doesn't want to appear kind or wise, or morally upstanding in front of others?

But the result is an undirected anger from all sides: frenetic, purposeless, habitual and above all moralising. There's nothing wrong with occasionally saying what you think and sometimes it's very important.

"Bell Labs, the historic headwaters of so many inventions that now define our digital age, is closing in Murray Hill," writes journalism professor Jeff Jarvis (in an op-ed for New Jersey's Star-Ledger newspaper).

"The Labs should be preserved as a historic site and more." I propose that Bell Labs be opened to the public as a museum and school of the internet.

The internet would not be possible without the technologies forged at Bell Labs: the transistor, the laser, information theory, Unix, communications satellites, fiber optics, advances in chip design, cellular phones, compression, microphones, talkies, the first digital art, and artificial intelligence — not to mention, of course, many advances in networks and the telephone, including the precursor to the device we all carry and communicate with today: the Picturephone, displayed as a futuristic fantasy at the 1964 World's Fair.

There is no museum of the internet. Silicon Valley has its Computer History Museum. New York has museums for television and the moving image. Massachusetts boasts a charming Museum of Printing. Search Google for a museum of the internet and you'll find amusing digital artifacts, but nowhere to immerse oneself in and study this immensely impactful institution in society.

Where better to house a museum devoted to the internet than New Jersey, home not only of Bell Labs but also at one time the headquarters of the communications empire, AT&T, our Ma Bell...? The old Bell Labs could be more than a museum, preserving and explaining the advances that led to the internet. It could be a school... Imagine if Bell Labs were a place where scholars and students in many disciplines — technologies, yes, but also anthropology, sociology, psychology, history, ethics, economics, community studies, design — could gather to teach and learn, discuss and research.
The text of Jarvis's piece is behind subscription walls, but has apparently been re-published on X by innovation theorist John Nosta.

In one of the most interesting passages, Jarvis remembers visiting Bell Labs in 1995. "The halls were haunted with genius: lab after lab with benches and blackboards and history within. We must not lose that history."

"Would you pay $15 a month so Android doesn't track you and send all of that data back to Google?" asks Stuff South Africa: A new Swiss-based privacy company thinks $15 is a fair fee for that peace of mind. "A person's data is the original digital currency," argues Apostrophy, which has created its own operating system, called Apostrophy OS.

It's based on Android — don't panic — but the version that has already been stripped of Google's intrusiveness by another privacy project called GrapheneOS, which used to be known as CopperheadOS. Launched in 2014, it which was briefly known as the Android Hardening project, before being rebranded as GrapheneOS in 2019. Apostrophy OS is "focused on empowering our users, not leveraging them," it says and is "purposely Swiss-based, so we can be champions of data sovereignty".

What it does, they say, is separate the apps from the underlying architecture of the operating system and therefore prevent apps from accessing miscellaneous personal data, especially the all-important location data so beloved of surveillance capitalism... Apostrophy OS has its own app store, but also cleverly allows users to access the Google Play Store. If you think that is defeating the point, Apostrophy argues that those apps can't get to the vitals of your digital life. Apostrophy OS has "partitioned segments prioritising application integrity and personal data privacy".
The service is free for one year with the purchase of the new MC02 phone from Swiss manufacturer Punkt, according to PC Magazine. "The phone costs $749 and is available for preorder now. It will ship at the end of January." Additional features include a built-in VPN called Digital Nomad based on the open-source Wireguard framework to secure your activity against outside snooping, which includes "exit addresses" in the US, Germany, and Japan with the base subscription.

An anonymous reader quotes a report from IEEE Spectrum: Researchers at Georgia Tech, in Atlanta, have developed what they are calling the world's first functioning graphene-based semiconductor. This breakthrough holds the promise to revolutionize the landscape of electronics, enabling faster traditional computers and offering a new material for future quantum computers. The research, published on January 3 in Nature and led by Walt de Heer, a professor of physics at Georgia Tech, focuses on leveraging epitaxial graphene, a crystal structure of carbon chemically bonded to silicon carbide (SiC). This novel semiconducting material, dubbed semiconducting epitaxial graphene (SEC) -- or alternatively, epigraphene -- boasts enhanced electron mobility compared with that of traditional silicon, allowing electrons to traverse with significantly less resistance. The outcome is transistors capable of operating at terahertz frequencies, offering speeds 10 times as fast as that of the silicon-based transistors used in current chips.

De Heer describes the method used as a modified version of an extremely simple technique that has been known for over 50 years. "When silicon carbide is heated to well over 1,000C, silicon evaporates from the surface, leaving a carbon-rich surface which then forms into graphene," says de Heer. This heating step is done with an argon quartz tube in which a stack of two SiC chips are placed in a graphite crucible, according to de Heer. Then a high-frequency current is run through a copper coil around the quartz tube, which heats the graphite crucible through induction. The process takes about an hour. De Heer added that the SEC produced this way is essentially charge neutral, and when exposed to air, it will spontaneously be doped by oxygen. This oxygen doping is easily removed by heating it at about 200C in vacuum. "The chips we use cost about [US] $10, the crucible about $1, and the quartz tube about $10," said de Heer. [...]

De Heer and his research team concede, however, that further exploration is needed to determine whether graphene-based semiconductors can surpass the current superconducting technology used in advanced quantum computers. The Georgia Tech team do not envision incorporating graphene-based semiconductors with standard silicon or compound semiconductor lines. Instead, they are aiming for a paradigm shift beyond silicon, utilizing silicon carbide. They are developing methods, such as coating SEC with boron nitride, to protect and enhance its compatibility with conventional semiconductor lines. Comparing their work with commercially available graphene field-effect transistors (GFETs), de Heer explains that there is a crucial difference: "Conventional GFETs do not use semiconducting graphene, making them unsuitable for digital electronics requiring a complete transistor shutdown." He says that the SEC developed by his team allows for a complete shutdown, meeting the stringent requirements of digital electronics. De Heer says that it will take time to develop this technology. "I compare this work to the Wright brothers' first 100-meter flight. It will mainly depend on how much work is done to develop it."

An anonymous reader shares a report: These cafes had all adopted similar aesthetics and offered similar menus, but they hadn't been forced to do so by a corporate parent, the way a chain like Starbucks replicated itself. Instead, despite their vast geographical separation and total independence from each other, the cafes had all drifted toward the same end point. The sheer expanse of sameness was too shocking and new to be boring. Of course, there have been examples of such cultural globalisation going back as far as recorded civilisation. But the 21st-century generic cafes were remarkable in the specificity of their matching details, as well as the sense that each had emerged organically from its location. They were proud local efforts that were often described as "authentic," an adjective that I was also guilty of overusing. When travelling, I always wanted to find somewhere "authentic" to have a drink or eat a meal.

If these places were all so similar, though, what were they authentic to, exactly? What I concluded was that they were all authentically connected to the new network of digital geography, wired together in real time by social networks. They were authentic to the internet, particularly the 2010s internet of algorithmic feeds. In 2016, I wrote an essay titled Welcome to AirSpace, describing my first impressions of this phenomenon of sameness. "AirSpace" was my coinage for the strangely frictionless geography created by digital platforms, in which you could move between places without straying beyond the boundaries of an app, or leaving the bubble of the generic aesthetic. The word was partly a riff on Airbnb, but it was also inspired by the sense of vaporousness and unreality that these places gave me. They seemed so disconnected from geography that they could float away and land anywhere else. When you were in one, you could be anywhere.

My theory was that all the physical places interconnected by apps had a way of resembling one another. In the case of the cafes, the growth of Instagram gave international cafe owners and baristas a way to follow one another in real time and gradually, via algorithmic recommendations, begin consuming the same kinds of content. One cafe owner's personal taste would drift toward what the rest of them liked, too, eventually coalescing. On the customer side, Yelp, Foursquare and Google Maps drove people like me -- who could also follow the popular coffee aesthetics on Instagram -- toward cafes that conformed with what they wanted to see by putting them at the top of searches or highlighting them on a map. To court the large demographic of customers moulded by the internet, more cafes adopted the aesthetics that already dominated on the platforms. Adapting to the norm wasn't just following trends but making a business decision, one that the consumers rewarded. When a cafe was visually pleasing enough, customers felt encouraged to post it on their own Instagram in turn as a lifestyle brag, which provided free social media advertising and attracted new customers. Thus the cycle of aesthetic optimisation and homogenisation continued.

A resident in Virginia has urged the Federal Communications Commission to reconsider canceling $886 million in federal funding for SpaceX's Starlink system. But rival satellite company Viasat has gone out of its way to oppose the citizen-led petition.ÂPCMag: On Jan. 1, the FCC received a petition from the Virginia resident Greg Weisiger asking the commission to reconsider denying the $886 million to SpaceX. "Petitioner is at an absolute loss to understand the Commission's logic with these denials," wrote Weisiger, who lives in Midlothian, Virginia. "It is abundantly clear that Starlink has a robust, reliable, affordable service for rural and insular locations in all states and territories."

The petition arrived a few weeks after the FCC denied SpaceX's appeal to receive $886 million from the commission's Rural Digital Opportunity Fund, which is designed to subsidize 100Mbps to gigabit broadband across the US. SpaceX wanted to use the funds to expand Starlink access in rural areas. But the FCC ruled that "Starlink is not reasonably capable of offering the required high-speed, low latency service throughout the areas where it won auction support." Weisiger disagrees. In his petition, he writes that the FCC's decision will deprive him of federal support to bring high-speed internet to his home. "Thousands of other Virginia locations were similarly denied support," he added.

An anonymous reader quotes a report from Ars Technica: On Thursday, UK's Government Communications Headquarters (GCHQ) announced the release of previously unseen images and documents related to Colossus, one of the first digital computers. The release marks the 80th anniversary of the code-breaking machines that significantly aided the Allied forces during World War II. While some in the public knew of the computers earlier (PDF), the UK did not formally acknowledge the project's existence until the 2000s.

Colossus was not one computer but a series of computers developed by British scientists between 1943 and 1945. These 2-meter-tall electronic beasts played an instrumental role in breaking the Lorenz cipher, a code used for communications between high-ranking German officials in occupied Europe. The computers were said to have allowed allies to "read Hitler's mind," according to The Sydney Morning Herald. The technology behind Colossus was highly innovative for its time. Tommy Flowers, the engineer behind its construction, used over 2,500 vacuum tubes to create logic gates, a precursor to the semiconductor-based electronic circuits found in modern computers. While 1945's ENIAC was long considered the clear front-runner in digital computing, the revelation of Colossus' earlier existence repositioned it in computing history. (However, it's important to note that ENIAC was a general-purpose computer, and Colossus was not.)

GCHQ's public sharing of archival documents includes several photos of the computer at different periods and a letter discussing Tommy Flowers' groundbreaking work that references the interception of "rather alarming German instructions." Following the war, the UK government issued orders for the destruction of most Colossus machines, and Flowers was required to turn over all related documentation. The GCHQ claims that the Colossus tech "was so effective, its functionality was still in use by us until the early 1960s." In the GCHQ press release, Director Anne Keast-Butler paid tribute to Colossus' place in the UK's lineage of technological innovation: "The creativity, ingenuity and dedication shown by Tommy Flowers and his team to keep the country safe were as crucial to GCHQ then as today."

An anonymous reader quotes a report released Tuesday (Jan. 16th) by the Federal Reserve Bank of San Francisco: The U.S. labor market experienced a massive increase in remote and hybrid work during the COVID-19 pandemic. At its peak, more than 60% of paid workdays were done remotely -- compared with only 5% before the pandemic. As of December 2023, about 30% of paid workdays are still done remotely (Barrero, Bloom, and Davis 2021). Some reports have suggested that teleworking might either boost or harm overall productivity in the economy. And certainly, overall productivity statistics have been volatile. In 2020, U.S. productivity growth surged. This led to optimistic views in the media about the gains from forced digital innovation and the productivity benefits of remote work. However, the surge ended, and productivity growth has retreated to roughly its pre-pandemic trend. Fernald and Li (2022) find from aggregate data that this pattern was largely explained by a predictable cyclical effect from the economy's downturn and recovery. In aggregate data, it thus appears difficult to see a large cumulative effect -- either positive or negative -- from the pandemic so far. But it is possible that aggregate data obscure the effects of teleworking. For example, factors beyond telework could have affected the overall pace of productivity growth. Surveys of businesses have found mixed effects from the pandemic, with many businesses reporting substantial productivity disruptions.

In this Economic Letter, we ask whether we can detect the effects of remote work in the productivity performance of different industries. There are large differences across sectors in how easy it is to work off-site. Thus, if remote work boosts productivity in a substantial way, then it should improve productivity performance, especially in those industries where teleworking is easy to arrange and widely adopted, such as professional services, compared with those where tasks need to be performed in person, such as restaurants. After controlling for pre-pandemic trends in industry productivity growth rates, we find little statistical relationship between telework and pandemic productivity performance. We conclude that the shift to remote work, on its own, is unlikely to be a major factor explaining differences across sectors in productivity performance. By extension, despite the important social and cultural effects of increased telework, the shift is unlikely to be a major factor explaining changes in aggregate productivity. [...]

The shift to remote and hybrid work has reshaped society in important ways, and these effects are likely to continue to evolve. For example, with less time spent commuting, some people have moved out of cities, and the lines between work and home life have blurred. Despite these noteworthy effects, in this Letter we find little evidence in industry data that the shift to remote and hybrid work has either substantially held back or boosted the rate of productivity growth. Our findings do not rule out possible future changes in productivity growth from the spread of remote work. The economic environment has changed in many ways during and since the pandemic, which could have masked the longer-run effects of teleworking. Continuous innovation is the key to sustained productivity growth. Working remotely could foster innovation through a reduction in communication costs and improved talent allocation across geographic areas. However, working off-site could also hamper innovation by reducing in-person office interactions that foster idea generation and diffusion. The future of work is likely to be a hybrid format that balances the benefits and limitations of remote work.

An anonymous reader quotes a report from Wired: Stablecoins, cryptocurrencies pegged to a stable value like the US dollar, were created with the promise of bringing the frictionless, border-crossing fluidity of Bitcoin to a form of digital money with far less volatility. That combination has proved to be wildly popular, rocketing the total value of stablecoin transactions since 2022 past even that of Bitcoin itself. It turns out, however, that as stablecoins have become popular among legitimate users over the past two years, they were even more popular among a different kind of user: those exploiting them for billions of dollars of international sanctions evasion and scams.

As part of itsannual crime report, cryptocurrency-tracing firm Chainalysis today released new numbers on the disproportionate use of stablecoins for both of those massive categories of illicit crypto transactions over the last year. By analyzing blockchains, Chainalysis determined that stablecoins were used in fully 70 percent of crypto scam transactions in 2023, 83 percent of crypto payments to sanctioned countries like Iran and Russia, and 84 percent of crypto payments to specifically sanctioned individuals and companies. Those numbers far outstrip stablecoins' growing overall use -- including for legitimate purposes -- which accounted for 59 percent of all cryptocurrency transaction volume in 2023.

In total, Chainalysis measured $40 billion in illicit stablecoin transactions in 2022 and 2023 combined. The largest single category of that stablecoin-enabled crime was sanctions evasion. In fact, across all cryptocurrencies, sanctions evasion accounted for more than half of the $24.2 billion in criminal transactions Chainalysis observed in 2023, with stablecoins representing the vast majority of those transactions. [...] Chainalysis concedes that the analysis in its report excludes some cryptocurrencies like Monero and Zcash that are designed to be harder or impossible to trace with blockchain analysis. It also says it based its numbers on the type of cryptocurrency sent directly to an illicit actor, which may leave out other currencies used in money laundering processes that repeatedly swap one type of cryptocurrency for another to make tracing more difficult. "Whether it's an individual located in Iran or a bad guy trying to launder money -- either way, there's a benefit to the stability of the US dollar that people are looking to obtain," says Andrew Fierman, Chainalysis' head of sanctions strategy. "If you're in a jurisdiction where you don't have access to the US dollar due to sanctions, stablecoins become an interesting play."

Fierman points to Nobitex, the largest cryptocurrency exchange operating in the sanctioned country of Iran, as well as Garantex, a notorious exchange based in Russia that has been specifically sanctioned for its widespread criminal use. According to Chainalysis, "Stablecoin usage on Nobitex outstrips bitcoin by a 9:1 ratio, and on Garantex by a 5:1 ratio," reports Wired. "That's a stark difference from the roughly 1:1 ratio between stablecoins and bitcoins on a few nonsanctioned mainstream exchanges that Chainalysis checked for comparison."

Coinbase said buying cryptocurrency on an exchange was more like collecting Beanie Babies than investing in a stock or bond. From a report: The biggest US crypto exchange made the comparison Wednesday in a New York federal court hearing. Coinbase was arguing for the dismissal of a Securities and Exchange Commission lawsuit accusing it of selling unregistered securities. William Savitt, a lawyer for Coinbase, told US District Judge Katherine Polk Failla that tokens trading on the exchange aren't securities subject to SEC jurisdiction because buyers don't gain any rights as a part of their purchases, as they do with stocks or bonds. "It's the difference between buying Beanie Babies Inc and buying Beanie Babies," Savitt said. The question of whether digital tokens are securities has divided courts.

The EU has proposed sweeping changes within the music streaming industry to promote smaller artists and make sure underpaid performers are being fairly compensated. From a report: A resolution to address concerns regarding inadequate streaming royalties for artists and biased recommendation algorithms was adopted by members of the European Parliament (MEPs) on Wednesday, highlighting that no existing EU rules currently apply to music streaming services, despite being the most popular way to consume audio.

The proposition was made to ensure European musical works are accessible and avoid being overshadowed by the "overwhelming amount" of content being continually added to streaming platforms like Spotify. MEPs also called for outdated "pre-digital" royalty rates to be revised, noting that some schemes force performers to accept little to no revenue in exchange for greater exposure. Imposing quotas for European musical works is being considered to help promote artists in the EU.

An anonymous reader quotes a report from Wired: As more companies ramp up development of artificial intelligence systems, they are increasingly turning to graphics processing unit (GPU) chips for the computing power they need to run large language models (LLMs) and to crunch data quickly at massive scale. Between video game processing and AI, demand for GPUs has never been higher, and chipmakers are rushing to bolster supply. In new findings released today, though, researchers are highlighting a vulnerability in multiple brands and models of mainstream GPUs -- including Apple, Qualcomm, and AMD chips -- that could allow an attacker to steal large quantities of data from a GPU's memory. The silicon industry has spent years refining the security of central processing units, or CPUs, so they don't leak data in memory even when they are built to optimize for speed. However, since GPUs were designed for raw graphics processing power, they haven't been architected to the same degree with data privacy as a priority. As generative AI and other machine learning applications expand the uses of these chips, though, researchers from New York -- based security firm Trail of Bits say that vulnerabilities in GPUs are an increasingly urgent concern. "There is a broader security concern about these GPUs not being as secure as they should be and leaking a significant amount of data," Heidy Khlaaf, Trail of Bits' engineering director for AI and machine learning assurance, tells WIRED. "We're looking at anywhere from 5 megabytes to 180 megabytes. In the CPU world, even a bit is too much to reveal."

To exploit the vulnerability, which the researchers call LeftoverLocals, attackers would need to already have established some amount of operating system access on a target's device. Modern computers and servers are specifically designed to silo data so multiple users can share the same processing resources without being able to access each others' data. But a LeftoverLocals attack breaks down these walls. Exploiting the vulnerability would allow a hacker to exfiltrate data they shouldn't be able to access from the local memory of vulnerable GPUs, exposing whatever data happens to be there for the taking, which could include queries and responses generated by LLMs as well as the weights driving the response. In their proof of concept, as seen in the GIF below, the researchers demonstrate an attack where a target -- shown on the left -- asks the open source LLM Llama.cpp to provide details about WIRED magazine. Within seconds, the attacker's device -- shown on the right -- collects the majority of the response provided by the LLM by carrying out a LeftoverLocals attack on vulnerable GPU memory. The attack program the researchers created uses less than 10 lines of code. [...] Though exploiting the vulnerability would require some amount of existing access to targets' devices, the potential implications are significant given that it is common for highly motivated attackers to carry out hacks by chaining multiple vulnerabilities together. Furthermore, establishing "initial access" to a device is already necessary for many common types of digital attacks. The researchers did not find evidence that Nvidia, Intel, or Arm GPUs contain the LeftoverLocals vulnerability, but Apple, Qualcomm, and AMD all confirmed to WIRED that they are impacted. Here's what each of the affected companies had to say about the vulnerability, as reported by Wired:

Apple: An Apple spokesperson acknowledged LeftoverLocals and noted that the company shipped fixes with its latest M3 and A17 processors, which it unveiled at the end of 2023. This means that the vulnerability is seemingly still present in millions of existing iPhones, iPads, and MacBooks that depend on previous generations of Apple silicon. On January 10, the Trail of Bits researchers retested the vulnerability on a number of Apple devices. They found that Apple's M2 MacBook Air was still vulnerable, but the iPad Air 3rd generation A12 appeared to have been patched.
Qualcomm: A Qualcomm spokesperson told WIRED that the company is "in the process" of providing security updates to its customers, adding, "We encourage end users to apply security updates as they become available from their device makers." The Trail of Bits researchers say Qualcomm confirmed it has released firmware patches for the vulnerability.
AMD: AMD released a security advisory on Wednesday detailing its plans to offer fixes for LeftoverLocals. The protections will be "optional mitigations" released in March.
Google: For its part, Google says in a statement that it "is aware of this vulnerability impacting AMD, Apple, and Qualcomm GPUs. Google has released fixes for ChromeOS devices with impacted AMD and Qualcomm GPUs."

In an opinion piece for the Guardian, American journalist and author John R. MacArthur discusses the alarming decline in reading skills among American youth, highlighted by a Department of Education survey showing significant drops in text comprehension since 2019-2020, with the situation worsening since 2012. While remote learning during the pandemic and other factors like screen-based reading are blamed, a new study by Columbia University suggests that reading on paper is more effective for comprehension than reading on screens, a finding not yet widely adopted in digital-focused educational approaches. From the report: What if the principal culprit behind the fall of middle-school literacy is neither a virus, nor a union leader, nor "remote learning"? Until recently there has been no scientific answer to this urgent question, but a soon-to-be published, groundbreaking study from neuroscientists at Columbia University's Teachers College has come down decisively on the matter: for "deeper reading" there is a clear advantage to reading a text on paper, rather than on a screen, where "shallow reading was observed." [...] [Dr Karen Froud] and her team are cautious in their conclusions and reluctant to make hard recommendations for classroom protocol and curriculum. Nevertheless, the researchers state: "We do think that these study outcomes warrant adding our voices ... in suggesting that we should not yet throw away printed books, since we were able to observe in our participant sample an advantage for depth of processing when reading from print."

I would go even further than Froud in delineating what's at stake. For more than a decade, social scientists, including the Norwegian scholar Anne Mangen, have been reporting on the superiority of reading comprehension and retention on paper. As Froud's team says in its article: "Reading both expository and complex texts from paper seems to be consistently associated with deeper comprehension and learning" across the full range of social scientific literature. But the work of Mangen and others hasn't influenced local school boards, such as Houston's, which keep throwing out printed books and closing libraries in favor of digital teaching programs and Google Chromebooks. Drunk on the magical realism and exaggerated promises of the "digital revolution," school districts around the country are eagerly converting to computerized test-taking and screen-reading programs at the precise moment when rigorous scientific research is showing that the old-fashioned paper method is better for teaching children how to read.

Indeed, for the tech boosters, Covid really wasn't all bad for public-school education: "As much as the pandemic was an awful time period," says Todd Winch, the Levittown, Long Island, school superintendent, "one silver lining was it pushed us forward to quickly add tech supports." Newsday enthusiastically reports: "Island schools are going all-in on high tech, with teachers saying they are using computer programs such as Google Classroom, I-Ready, and Canvas to deliver tests and assignments and to grade papers." Terrific, especially for Google, which was slated to sell 600 Chromebooks to the Jericho school district, and which since 2020 has sold nearly $14bn worth of the cheap laptops to K-12 schools and universities.

If only Winch and his colleagues had attended the Teachers College symposium that presented the Froud study last September. The star panelist was the nation's leading expert on reading and the brain, John Gabrieli, an MIT neuroscientist who is skeptical about the promises of big tech and its salesmen: "I am impressed how educational technology has had no effect on scale, on reading outcomes, on reading difficulties, on equity issues," he told the New York audience. "How is it that none of it has lifted, on any scale, reading? ... It's like people just say, "Here is a product. If you can get it into a thousand classrooms, we'll make a bunch of money.' And that's OK; that's our system. We just have to evaluate which technology is helping people, and then promote that technology over the marketing of technology that has made no difference on behalf of students ... It's all been product and not purpose." I'll only take issue with the notion that it's "OK" to rob kids of their full intellectual potential in the service of sales -- before they even get started understanding what it means to think, let alone read.

Google will tweak online search results to give comparison sites more prominence, the company said in a blogpost on Wednesday, as it outlined efforts to comply with new EU tech rules that could hit revenues for some companies. Reuters: Under the European Union's Digital Markets Act (DMA), which the company will have to comply with by March 7, Google is obligated to treat rival services and products the same way as it treats its own when it ranks them in search results. It is also required to allow business users to access the data that they generate when using Google's platform.

The U.S. Supreme Court on Tuesday declined to hear a challenge by Apple to a lower court's decision requiring changes to certain rules in its lucrative App Store, as the justices shunned the lengthy legal battle between the iPhone maker and Epic Games, maker of the popular video game "Fortnite." Reuters: The justices also turned away Epic's appeal of the lower court's ruling that Apple's App Store policies limiting how software is distributed and paid for do not violate federal antitrust laws. The justices gave no reasons for their decision to deny the appeals. In a series of posts on X, Epic CEO Tim Sweeney wrote: The Supreme Court denied both sides' appeals of the Epic v. Apple antitrust case. The court battle to open iOS to competing stores and payments is lost in the United States. A sad outcome for all developers. Now the District Court's injunction against Apple's anti-steering rule is in effect, and developers can include in their apps "buttons, external links, or other calls to action that direct customers to purchasing mechanisms, in addition to IAP."

As of today, developers can begin exercising their court-established right to tell US customers about better prices on the web. These awful Apple-mandated confusion screens are over and done forever. The fight goes on. Regulators are taking action and policymakers around the world are passing new laws to end Apple's illegal and anticompetitive app store practices. The European Union's Digital Markets Act goes into effect March 7.

Sara Fischer reports via Axios: ChatGPT maker OpenAI says it's rolling out new policies and tools meant to combat misinformation and abuse ahead of 2024 elections worldwide. 2024 is one of the biggest election years in history -- with high-stakes races in over 50 countries globally. It's also the first major election cycle where generative AI tools will be widely available to voters, governments and political campaigns. In a statement published Monday, OpenAI said it will lean into verified news and image authenticity programs to ensure users get access to high-quality information throughout elections.

The company will add digital credentials set by a third-party coalition of AI firms that encode details about the origin of images created using its image generator tool, DALL-E 3. The firm says it's experimenting with a new "provenance classifier" tool that can detect AI-generated images that have been made using DALL-E. It hopes to make that tool available to its first group of testers, including journalists, researchers and other tech platforms, for feedback. OpenAI will continue integrating its ChatGPT platform with real-time news reporting globally, "including attribution and links," it said. That effort builds on a first-of-its-kind deal announced with German media giant Axel Springer last year that offers ChatGPT users summaries of select global news content from the company's outlets. In the U.S., OpenAI says it's working with the nonpartisan National Association of Secretaries of State to direct ChatGPT users to CanIVote.org for authoritative information on U.S. voting and elections.

Because generative AI technology is so new, OpenAI says it's still working to understand how effective its tools might be for political persuasion. To hedge against abuse, the firm doesn't allow people to build applications for political campaigning and lobbying, and it doesn't allow engineers to create chatbots that pretend to be real people, such as candidates. Like most tech firms, it doesn't allow users to build applications for its ChatGPT platform that deter people from participating in the democratic process.