Wiz, the cloud security startup that was in acquisition talks with Google, has decided not to forward with the deal and to remain an independent company, according to an internal note sent to company employees on Monday. Fortune: "While we are flattered by offers we have received, we have chosen to continue on our path to building Wiz," CEO Assaf Rappaport wrote in the note. Rappaport said in the email that the company's next target is to reach $1 billion in annual recurring revenue and to take the company public.

The Japan Newspaper Publishers and Editors Association claims that AI-powered search engines by U.S. tech giants like Google and Microsoft likely infringe on copyright by using news articles without permission. Therefore, they're urging the Japanese government to quickly review and revise intellectual property laws to address these issues. Kyodo News reports (translated in English): The association argued in the statement that while traditional search engines direct users to various copyrighted material available online, AI search engines disclose the content, making them a completely different type of service. While stressing that in many instances, the essential content of the referenced article is reprinted in its entirety and therefore constitutes copyright infringement, the association also highlighted the issue of "zero-click searches," where users do not visit the source site. It warned that the lack of traffic could lead to the diminution of news organizations' reporting activities, which would then have a negative impact on democracy and culture.

The statement also expressed concern over potential inaccuracies in responses generated by AI search engines, which could give the impression that the source articles themselves were erroneous and damage the credibility of news organizations. The association added that providing AI search engine services without obtaining permission to use the source articles could violate the antimonopoly law. "There are many reasons AI companies are attracted to Japan, including the need for its companies to rapidly develop their digital capabilities and the country's declining population, which is very open to AI," said Yutaka Matsuo, a professor at Tokyo University and chair of the government's AI council, in a statement to the Financial Times. "One other attraction is that AI companies are permitted to learn from information without infringing copyright laws," he added.

The Financial Times says the push to bring AI companies to Japan has raised alarm for some content creators who worry their work isn't being protected. "As it relates to generative AI, Japan's existing Copyright Act does not contribute to protecting creators. In fact, it is focused on restricting the rights of creators," the Japanese Society for Rights of Authors, Composers and Publishers said in a statement.

In a blog post today, Google said it has an "updated approach" that won't involve "deprecating third-party cookies" in Chrome. Instead, it's introducing "a new experience in Chrome that lets people make an informed choice that applies across their web browsing," which they'd be able to adjust at any time. Digiday reports: Google executives are already discussing this pivot with regulators including the U.K.'s Competition and Markets Authority (CMA) and Information Commissioner's Office (ICO) and plan to do the same with the industry soon. For now, details on what this actually means remain light. And as for a timeline, Google seems to have learned its lesson from the numerous delays to its cookie-killing plans -- there isn't one. "As this moves forward, it remains important for developers to have privacy-preserving alternatives," Anthony Chavez, vp of the Privacy Sandbox, said in the blog post. "We'll continue to make the Privacy Sandbox APIs available and invest in them to further improve privacy and utility."

For those who have poured time and effort into third-party cookie alternatives, fear not: Google will keep the APIs in the Sandbox. Your work isn't going to waste. In fact, the plan is to continue to invest in them, continued Chavez, to further improve "privacy and utility." Plus, additional privacy controls, like the recently announced IP Protection (i.e. IP masking for privacy protection) in Chrome's Incognito mode, will be added to the Sandbox. "We developed the Privacy Sandbox with the goal of finding innovative solutions that meaningfully improve online privacy while preserving an ad-supported internet that supports a vibrant ecosystem of publishers, connects businesses with customers, and offers all of us free access to a wide range of content," Chavez wrote in the blog post. Or, to put it another way, the Sandbox isn't going anywhere anytime soon.

Waymo, a subsidiary of Google's parent Alphabet, has taken legal action against alleged vandals targeting its self-driving taxi fleet in San Francisco, according to court documents. The company, which operates ride-hailing services in several U.S. cities, has filed two lawsuits seeking substantial damages for incidents that reportedly resulted in extensive damage to vehicle tires and bodywork, Wired reported Monday.

Long-time Slashdot reader theodp writes: Bob Newhart, whose stammering, deadpan unflappability carried him to stardom as a standup comedian and later in television and movies, has died at age 94. He remains best known for the television shows, "The Bob Newhart Show" (1972-78) and "Newhart" (1982-90), both of which were built around his persona as a reasonable man put-upon by crazies. A younger crowd may remember Newhart from his roles in the movie "Elf" (2003) and TV's "The Big Bang Theory" (2013-18).

Less known about Newhart is that he was an early Commodore PET owner, recalling for the LA Times in 2001: "I remember leafing through a copy of Popular Science magazine and seeing an ad for a Commodore computer that had 8- or 16 kilobytes [in 1977]. It had an awful-looking screen, and it was $795. I thought I'd better get one because I had sons who were going to be in high school and might want to know about computers. Later, I moved up to the 64 KB model and thought that was silly because it was more memory than I would ever possibly need.

"I got them for the kids and then found I was fascinated by them. The first ones had tape drives. You would get a program like a word processor, put the tape in and then walk away for about a half an hour while the computer loaded it. But the first time I used a spell checker and it corrected a word, I thought, 'We are getting close to God here."

Google has revised its Play Store policies, aiming to eliminate subpar and potentially harmful Android apps. The updated Spam and Minimum Functionality policy, set to take effect on August 31, 2024, targets apps that crash frequently, lack substantial content, or provide minimal utility to users, the company said.

This policy shift follows Google's ongoing efforts to enhance Play Store security, with the company having blocked over 2 million policy-violating apps and rejected around 200,000 submissions in 2023 alone.

Longtime Slashdot reader schwit1 shares a report from Ars Technica, written by Scharon Harding: Since the acquisition closed in 2021, the Google-fication of Fitbit has largely meant a reduction in features and a focus from Google on getting people onto the Fitbit app. Long-time users have flocked to Fitbit -- sometimes upon Fitbit's request -- to share hundreds of complaints about recent changes. However, Google has been mostly unresponsive to customer feedback. [...] It's worth mentioning that users disgruntled with Fitbit are more likely to complain online. However, it's notable that Fitbit's announcement has been met with 1,523 (as of this writing) mostly negative replies, with new responses still coming in. Another thread on Fitbit's forum that requests to keep the web dashboard currently has 601 upvotes. You can find outraged users on Reddit, too.

The most common complaints are around losing previously available features. "Change is fine. Removing key features is not," Community member Seymourh86 wrote in June. "Unless you want people to go to competitors..." Comments from this week show that users are not over the change. DebL555, for example, said today that they're "extremely disappointed and frustrated I cannot access my Dashboard on my PC." Yesterday, NessWeb dubbed the change "an incredibly bad decision," adding: "It's particularly awful for anyone with a visual disability or a finger dexterity issue. It's still bad for everyone else because you just can't see as much on a 3" screen as you can see on a real computer ... Bring back the web interface!!"

As has been the case every time there have been problems with Fitbit post-acquisition, theories that Google is making Fitbit worse to push people toward the Pixel Watch run rampant. Others on the Community forum were upset because they felt like Google was ignoring feedback from longtime Fitbit customers. In June, a user going by jessicabilasano wrote: "I just hope Fitbit does not end up like any other Google purchase that turns into a nightmare product/company. Google, instead of removing things that users love about Fitbit features, why not improve them? Listen to your customers/consumers." However, a lack of response to public negative customer feedback has become commonplace for the Fitbit brand lately. "Users seek alternatives as Google is intent on app-centric focus," captions schwit1. "Google ruins everything, it's already ruined Google."

In 2018, Google replaced its URL shortener service, goo.gl, with Firebase Dynamic Links, citing "the changes we've seen in how people find content on the internet, and the number of new popular URL shortening services that emerged in that time." Although it stopped accepting new URLs to shorten, it continued to serve existing URLs that used their service. That's about to change on August 25th, 2025, when Google will turn off the service portion of Google URL Shortener.

"Any developers using links built with the Google URL Shortener in the form https://goo.gl/* will be impacted, and these URLs will no longer return a response after August 25th, 2025," says Google in a blog post today. "Starting August 23, 2024, goo.gl links will start displaying an interstitial page for a percentage of existing links notifying your users that the link will no longer be supported after August 25th, 2025 prior to navigating to the original target page. Over time the percentage of links that will show the interstitial page will increase until the shutdown date." All links will return a 404 response after the shutdown date.

OpenAI on Thursday launched GPT-4o mini, a cost-efficient small AI model that will replace GPT-3.5 Turbo in ChatGPT. Reuters reports: Priced at 15 cents per million input tokens and 60 cents per million output tokens, the GPT-4o mini is more than 60% cheaper than GPT-3.5 Turbo, OpenAI said. It currently outperforms the GPT-4 model on chat preferences and scored 82% on Massive Multitask Language Understanding (MMLU), OpenAI said. MMLU is a textual intelligence and reasoning benchmark used to evaluate the capabilities of language models. A higher MMLU score signifies it can understand and use language better across a variety of domains, enhancing real-world usage.

The GPT-4o mini model's score compared with 77.9% for Google's Gemini Flash and 73.8% for Anthropic's Claude Haiku, according to OpenAI. With the mini model currently supporting text and vision in the application programming interface, OpenAI said support for text, image, video and audio inputs and outputs would be made available in the future.

An anonymous reader quotes a report from TechCrunch: The U.S. Postal Service was sharing the postal addresses of its online customers with advertising and tech giants Meta, LinkedIn and Snap, TechCrunch has found. On Wednesday, the USPS said it addressed the issue and stopped the practice, claiming that it was "unaware" of it. TechCrunch found USPS was sharing customers' information by way of hidden data-collecting code (also known as tracking pixels) used across its website. Tech and advertising companies create this kind of code to collect information about the user -- such as which pages they visit -- every time a webpage containing the code loads in the customer's browser.

In the case of USPS, some of that collected data included the postal addresses of logged-in USPS Informed Delivery customers, who use the service to see photos of their incoming mail before it arrives. It's not clear how many individuals had their information collected or for how long. Informed Delivery had more than 62 million users (PDF) as of March 2024. [...] The code also collected other data, such as information about the user's computer type and browser, which appeared as partly pseudonymized -- essentially scrambled in a way that makes it more difficult for humans to know where data came from, or who it relates to, by using randomized identifiers in place of real customer names. But researchers have long warned that pseudonymous data can still be used to re-identify seemingly anonymous individuals.

TechCrunch also found that tracking numbers entered into the USPS website were also shared with advertisers and tech companies, including Bing, Google, LinkedIn, Pinterest and Snap. Some in-transit tracking data was also shared, such as the real-world location of the mail in the postal system, even if the customer was not logged in to USPS' website. USPS spokesperson Jim McKean said in a statement: "The Postal Service leverages an analytics platform for our own internal purposes, so that we understand the usage of our products and services and which we use on an aggregated basis to market our products. The Postal Service does not sell or provide any personal information that is collected from this analytics platform to any third party, and we were unaware of any configuration of the platform that collected personal information from the URL and that shared it without our knowledge with social media."

"We have taken immediate action to remediate this issue," the spokesperson added, without saying what action was taken.

Cellebrite, the well-known mobile forensics company, was unable to unlock a sizable chunk of modern iPhones available on the market as of April 2024, 404 Media reported Wednesday, citing leaked documents it obtained. From the report: Mobile forensics companies typically do not release details on what specific models their tools can or cannot penetrate, instead using vague terms in marketing materials. The documents obtained by 404 Media, which are given to customers but not published publicly, show how fluid and fast moving the success, or failure, of mobile forensic tools can be, and highlights the constant cat and mouse game between hardware and operating manufacturers like Apple and Google, and the hacking companies looking for vulnerabilities to exploit.

[...] For all locked iPhones able to run 17.4 or newer, the Cellebrite document says "In Research," meaning they cannot necessarily be unlocked with Cellebrite's tools. For previous iterations of iOS 17, stretching from 17.1 to 17.3.1, Cellebrite says it does support the iPhone XR and iPhone 11 series. Specifically, the document says Cellebrite recently added support to those models for its Supersonic BF [brute force] capability, which claims to gain access to phones quickly. But for the iPhone 12 and up running those operating systems, Cellebrite says support is "Coming soon."

Google Docs is adding Markdown support, finally. The update, rolling out over the next two weeks, allows users to import, export, copy, and paste Markdown-formatted text. This move comes a decade after Google consolidated its document editing tools into Drive.

GitLab, a U.S. provider of cloud-based software development tools whose investors include Google parent Alphabet, is exploring a sale after attracting acquisition interest, Reuters is reporting. From the report: GitLab, which has a market value of about $8 billion, is working with investment bankers on a sale process that has attracted interest from peers, including cloud monitoring firm Datadog, the sources said. Any deal is still weeks away and no agreement is certain, the sources said, requesting anonymity because the matter is confidential.

Ashley Belanger reports via Ars Technica: Google tried to derail a Microsoft antitrust settlement over anticompetitive software licensing in the European Union by offering a $500 million alternative deal to the group of cloud providers behind the EU complaint, Bloomberg reported. According to Bloomberg, Google's offer to the Cloud Infrastructure Services Providers in Europe (CISPE) required that the group maintain its EU antitrust complaint. It came "just days" before CISPE settled with Microsoft, and it was apparently not compelling enough to stop CISPE from inking a deal with the software giant that TechCrunch noted forced CISPE to accept several compromises.

Bloomberg uncovered Google's attempted counteroffer after reviewing confidential documents and speaking to "people familiar with the matter." Apparently, Google sought to sway CISPE with a package worth nearly $500 million for more than five years of software licenses and about $15 million in cash. But CISPE did not take the bait, announcing last week that an agreement was reached with Microsoft, seemingly frustrating Google. CISPE initially raised its complaint in 2022, alleging that Microsoft was "irreparably damaging the European cloud ecosystem and depriving European customers of choice in their cloud deployments" by spiking costs to run Microsoft's software on rival cloud services. In February, CISPE said that "any remedies and resolution must apply across the sector and to be accessible to all cloud customers in Europe." They also promised that "any agreements will be made public."

But the settlement reached last week excluded major rivals, including Amazon, which is a CISPE member, and Google, which is not. And despite CISPE's promise, the terms of the deal were not published, apart from a CISPE blog roughly outlining central features that it claimed resolved the group's concerns over Microsoft's allegedly anticompetitive behaviors. What is clear is that CISPE agreed to drop their complaint by taking the deal, but no one knows exactly how much Microsoft paid in a "lump sum" to cover CISPE legal fees for three years, TechCrunch noted. However, "two people with direct knowledge of the matter" told Reuters that Microsoft offered about $22 million.

Google is discontinuing its experimental Notes feature in Search Labs, the company confirmed on Wednesday. The feature, launched in November, allowed users to add comments and tips to search results and Discover content. It aimed to create a community-driven platform within Google's ecosystem, similar to social media forums.

An anonymous reader a report:Google is no longer trying to index the entire web. In fact, it's become extremely selective, refusing to index most content. This isn't about content creators failing to meet some arbitrary standard of quality. Rather, it's a fundamental change in how Google approaches its role as a search engine.

From my experience, Google now seems to operate on a "default to not index" basis. It only includes content in its index when it perceives a genuine need. This decision appears to be based on various factors:
Extreme content uniqueness: It's not enough to write about something that isn't extensively covered. Google seems to require content to be genuinely novel or fill a significant gap in its index.
Perceived authority: Sites that Google considers highly authoritative in their niche may have more content indexed, but even then, it's not guaranteed.
Brand recognition: Well-known brands often see most of their content indexed, while small or unknown bloggers face much stricter selectivity.
Temporary indexing and de-indexing: In practice, Google often indexes new content quite quickly, likely to avoid missing out on breaking news or important updates. Soon after, Google may de-index the content, and it remains de-indexed thereafter. So getting initially indexed isn't necessarily a sign that Google considers your content valuable.

Last week, Senior Advisor on AI Governance at the Center for Democracy & Technology, Kevin Bankston, took to X to report that Google's Gemini AI was caught summarizing his private tax return on Google Drive without his permission. "Despite attempts to disable the feature, Bankston found that Gemini's continued to operate in Google Drive, raising questions about Google's handling of user data and privacy settings," writes TechRadar's Craig Hale. From the report: After failing to find the right controls to disable Gemini's integration, the Advisor asked Google's ChatGPT-rivalling AI chatbot on two occasions to pinpoint the settings. A second, more detailed response still brought no joy: "Gemini is *not* in Apps and services on my dashboard (1st option), and I didn't have a profile pic in the upper right of the Gemini page (2nd)."

With help from another X user, Bankston found the control, which was already disabled, highlighting either a malfunctioning control or indicating that further settings are hidden elsewhere. However, previous Google documentation has confirmed that the company will not use Google Workspace data to train or improve its generative AI services or to feed targeted ads. Bankston theorizes that his previous participation in Google Workspace Labs might have influenced Gemini's behavior. The Gemini side panel in Google Drive for PDFs can be closed if a user no longer wishes to access generative AI summaries.

At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Krebs on Security: Squarespace bought all assets of Google Domains a year ago, but many customers still haven't set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn't yet been registered, merely by supplying an email address tied to an existing domain. The Squarespace domain hijacks, which took place between July 9 and July 12, appear to have mostly targeted cryptocurrency businesses, including Celer Network, Compound Finance, Pendle Finance, and Unstoppable Domains. In some cases, the attackers were able to redirect the hijacked domains to phishing sites set up to steal visitors' cryptocurrency funds.

New York City-based Squarespace purchased roughly 10 million domain names from Google Domains in June 2023, and it has been gradually migrating those domains to its service ever since. Squarespace has not responded to a request for comment, nor has it issued a statement about the attacks. But an analysis released by security experts at Metamask and Paradigm finds the most likely explanation for what happened is that Squarespace assumed all users migrating from Google Domains would select the social login options -- such "Continue with Google" or "Continue with Apple" -- as opposed to the "Continue with email" choice.

Alphabet, Google's parent company, is reportedly in advanced negotiations to acquire cloud security startup Wiz for approximately $23 billion, Wall Street Journal reported on Sunday. The potential deal, which would value Wiz at nearly double its most recent private valuation of $12 billion, underscores the growing importance of cybersecurity in Alphabet's enterprise strategy as it seeks to narrow the gap with cloud computing rivals such as Microsoft, Morgan Stanley said in a note.

Founded in January 2020, Wiz has quickly established itself as a leading player in the Cloud-Native Application Protection Platform (CNAPP) space, utilizing an agentless approach to secure cloud application deployments throughout their lifecycle. The company's platform continuously assesses and prioritizes critical risks across various security domains, providing customers with a comprehensive view of their cloud security posture. Wiz has experienced rapid growth since its inception, with annual recurring revenue (ARR) exceeding $350 million as of January 2024, representing a year-over-year increase of over 75%. The company boasts an impressive client roster, with more than 40% of Fortune 100 companies among its customers, and has raised nearly $2 billion in funding to date.

If confirmed, the acquisition would mark Alphabet's largest to date, significantly expanding its footprint in the burgeoning cloud security market. The move follows previous security-focused acquisitions by the tech giant, including the $5.4 billion purchase of Mandiant in 2022 and the $500 million acquisition of Siemplify. Morgan Stanley adds that the potential acquisition could raise questions about Wiz's ability to maintain neutrality across multiple cloud platforms, potentially benefiting competitors such as Palo Alto Networks and CrowdStrike in the near term.

"The latest version of the Linux kernel adds an array of improvements," writes the blog OMG Ubuntu, " including a new memory sealing system call, a speed boost for AES-XTS encryption on Intel and AMD CPUs, and expanding Rust language support within the kernel to RISC-V." Plus, like in all kernel releases, there's a glut of groundwork to offer "initial support" for upcoming CPUs, GPUs, NPUs, Wi-Fi, and other hardware (that most of us don't use yet, but require Linux support to be in place for when devices that use them filter out)...

Linux 6.10 adds (after much gnashing) the mseal() system call to prevent changes being made to portions of the virtual address space. For now, this will mainly benefit Google Chrome, which plans to use it to harden its sandboxing. Work is underway by kernel contributors to allow other apps to benefit, though. A similarly initially-controversial change merged is a new memory-allocation profiling subsystem. This helps developers fine-tune memory usage and more readily identify memory leaks. An explainer from LWN summarizes it well.

Elsewhere, Linux 6.10 offers encrypted interactions with trusted platform modules (TPM) in order to "make the kernel's use of the TPM reasonably robust in the face of external snooping and packet alteration attacks". The documentation for this feature explains: "for every in-kernel operation we use null primary salted HMAC to protect the integrity [and] we use parameter encryption to protect key sealing and parameter decryption to protect key unsealing and random number generation." Sticking with security, the Linux kernel's Landlock security module can now apply policies to ioctl() calls (Input/Output Control), restricting potential misuse and improving overall system security.

On the networking side there's significant performance improvements to zero-copy send operations using io_uring, and the newly-added ability to "bundle" multiple buffers for send and receive operations also offers an uptick in performance...

A couple of months ago Canonical announced Ubuntu support for the RISC-V Milk-V Mars single-board computer. Linux 6.10 mainlines support for the Milk-V Mars, which will make that effort a lot more viable (especially with the Ubuntu 24.10 kernel likely to be v6.10 or newer). Others RISC-V improvements abound in Linux 6.10, including support for the Rust language, boot image compression in BZ2, LZ4, LZMA, LZO, and Zstandard (instead of only Gzip); and newer AMD GPUs thanks to kernel-mode FPU support in RISC-V.
Phoronix has their own rundown of Linux 6.10, plus a list of some of the highlights, which includes:

• The initial DRM Panic infrastructure
• The new Panthor DRM driver for newer Arm Mali graphics
• Better AMD ROCm/AMDKFD support for "small" Ryzen APUs and new additions for AMD Zen 5.
• AMD GPU display support on RISC-V hardware thanks to RISC-V kernel mode FPU
• More Intel Xe2 graphics preparations
• Better IO_uring zero-copy performance
• Faster AES-XTS disk/file encryption with modern Intel and AMD CPUs
• Continued online repair work for XFS
• Steam Deck IMU support
• TPM bus encryption and integrity protection