Google has revised its Play Store policies, aiming to eliminate subpar and potentially harmful Android apps. The updated Spam and Minimum Functionality policy, set to take effect on August 31, 2024, targets apps that crash frequently, lack substantial content, or provide minimal utility to users, the company said.

This policy shift follows Google's ongoing efforts to enhance Play Store security, with the company having blocked over 2 million policy-violating apps and rejected around 200,000 submissions in 2023 alone.

An anonymous reader quotes a report from The Record: When Florida real estate professional Susan Hicks discovered the app Forewarn over a year ago, she was shocked to learn that for a service costing about $20 a month she could instantly retrieve detailed data on prospective clients with only their phone number. "For anybody who's had exposure to this, usually the first time they see it, it blows their mind," Hicks told Recorded Future News, adding that she enthusiastically recommends the tool to the brokers she manages. "It's incredible that there's that amount of information out there that you can just access with one click." "It can be real creepy and you have to swear that you're not going to use it in a wrong manner," Hicks added, referring to Forewarn rules which say real estate agents can't share data from the app publicly or with third parties, or use the app to pull information on non-professional contacts.

Forewarn is primarily marketed to and used by the real estate industry, and it has been penetrating that market at a rapid clip. Although some real estate agents say the financial information it returns saves time when finding clients most likely to have the budget for the houses they're looking at, most agents and associations tout it primarily as a safety tool because it also supplies criminal records. In addition to those records, the product -- owned by the data broker red violet -- also supplies a given individual's address history; phone, vehicle and property records; bankruptcies; and liens and judgements, including foreclosure histories. Although such data could generally be gleaned from public records, Forewarn delivers it at the press of a button -- a function real estate agents say allows them to gather publicly available information without having to visit courthouses and municipal offices, a process which would normally take days.

The power of Forewarn's technology has led to rapid adoption, but the company is still largely unknown outside the real estate industry. Several fair housing and civil rights advocates interviewed by Recorded Future News weren't aware of its existence. The individuals whose data it sells also have no idea their information is being shared with real estate agents, who potentially might choose not to work with them because of what they discover on the app. Forewarn did not respond to multiple requests for comment, however, statements made by one of its executives suggest that the company intentionally keeps a low profile. "Do not tell the prospect that they are not permitted or unqualified to purchase or sell property because of information you obtained from Forewarn," a company executive said at a recent training webinar with Illinois real estate agents. She emphasized that potential buyers "do not get notified" when they are screened with the app, a question she said many real estate agents ask. Real estate agents who, for example, discover a client has a lien filed against them, should consider telling the prospect they "obtained this information from a confidential service that bases their information on available public record information," the executive added.

Longtime Slashdot reader schwit1 shares a report from Ars Technica, written by Scharon Harding: Since the acquisition closed in 2021, the Google-fication of Fitbit has largely meant a reduction in features and a focus from Google on getting people onto the Fitbit app. Long-time users have flocked to Fitbit -- sometimes upon Fitbit's request -- to share hundreds of complaints about recent changes. However, Google has been mostly unresponsive to customer feedback. [...] It's worth mentioning that users disgruntled with Fitbit are more likely to complain online. However, it's notable that Fitbit's announcement has been met with 1,523 (as of this writing) mostly negative replies, with new responses still coming in. Another thread on Fitbit's forum that requests to keep the web dashboard currently has 601 upvotes. You can find outraged users on Reddit, too.

The most common complaints are around losing previously available features. "Change is fine. Removing key features is not," Community member Seymourh86 wrote in June. "Unless you want people to go to competitors..." Comments from this week show that users are not over the change. DebL555, for example, said today that they're "extremely disappointed and frustrated I cannot access my Dashboard on my PC." Yesterday, NessWeb dubbed the change "an incredibly bad decision," adding: "It's particularly awful for anyone with a visual disability or a finger dexterity issue. It's still bad for everyone else because you just can't see as much on a 3" screen as you can see on a real computer ... Bring back the web interface!!"

As has been the case every time there have been problems with Fitbit post-acquisition, theories that Google is making Fitbit worse to push people toward the Pixel Watch run rampant. Others on the Community forum were upset because they felt like Google was ignoring feedback from longtime Fitbit customers. In June, a user going by jessicabilasano wrote: "I just hope Fitbit does not end up like any other Google purchase that turns into a nightmare product/company. Google, instead of removing things that users love about Fitbit features, why not improve them? Listen to your customers/consumers." However, a lack of response to public negative customer feedback has become commonplace for the Fitbit brand lately. "Users seek alternatives as Google is intent on app-centric focus," captions schwit1. "Google ruins everything, it's already ruined Google."

In 2018, Google replaced its URL shortener service, goo.gl, with Firebase Dynamic Links, citing "the changes we've seen in how people find content on the internet, and the number of new popular URL shortening services that emerged in that time." Although it stopped accepting new URLs to shorten, it continued to serve existing URLs that used their service. That's about to change on August 25th, 2025, when Google will turn off the service portion of Google URL Shortener.

"Any developers using links built with the Google URL Shortener in the form https://goo.gl/* will be impacted, and these URLs will no longer return a response after August 25th, 2025," says Google in a blog post today. "Starting August 23, 2024, goo.gl links will start displaying an interstitial page for a percentage of existing links notifying your users that the link will no longer be supported after August 25th, 2025 prior to navigating to the original target page. Over time the percentage of links that will show the interstitial page will increase until the shutdown date." All links will return a 404 response after the shutdown date.

An anonymous reader quotes a report from TechCrunch: The U.S. Postal Service was sharing the postal addresses of its online customers with advertising and tech giants Meta, LinkedIn and Snap, TechCrunch has found. On Wednesday, the USPS said it addressed the issue and stopped the practice, claiming that it was "unaware" of it. TechCrunch found USPS was sharing customers' information by way of hidden data-collecting code (also known as tracking pixels) used across its website. Tech and advertising companies create this kind of code to collect information about the user -- such as which pages they visit -- every time a webpage containing the code loads in the customer's browser.

In the case of USPS, some of that collected data included the postal addresses of logged-in USPS Informed Delivery customers, who use the service to see photos of their incoming mail before it arrives. It's not clear how many individuals had their information collected or for how long. Informed Delivery had more than 62 million users (PDF) as of March 2024. [...] The code also collected other data, such as information about the user's computer type and browser, which appeared as partly pseudonymized -- essentially scrambled in a way that makes it more difficult for humans to know where data came from, or who it relates to, by using randomized identifiers in place of real customer names. But researchers have long warned that pseudonymous data can still be used to re-identify seemingly anonymous individuals.

TechCrunch also found that tracking numbers entered into the USPS website were also shared with advertisers and tech companies, including Bing, Google, LinkedIn, Pinterest and Snap. Some in-transit tracking data was also shared, such as the real-world location of the mail in the postal system, even if the customer was not logged in to USPS' website. USPS spokesperson Jim McKean said in a statement: "The Postal Service leverages an analytics platform for our own internal purposes, so that we understand the usage of our products and services and which we use on an aggregated basis to market our products. The Postal Service does not sell or provide any personal information that is collected from this analytics platform to any third party, and we were unaware of any configuration of the platform that collected personal information from the URL and that shared it without our knowledge with social media."

"We have taken immediate action to remediate this issue," the spokesperson added, without saying what action was taken.

RealPage says it isn't doing anything wrong by suggesting to landlords how much rent they could charge. From a report: In a move to reclaim its own narrative, the property management software company published a microsite and a digital booklet it's calling "The Real Story," as it faces multiple lawsuits and a reported federal criminal probe related to allegations of rental price fixing. RealPage's six-page digital booklet, published on the site in mid-June, addresses what it calls "false and misleading claims about its software" -- the myriad of allegations it faces involving price-fixing and rising rents -- and contends that the software benefits renters and landlords and increases competition. It also said landlords accept RealPage's price recommendations for new leases less than 50 percent of the time and that the software recommends competitive prices to help fill units.

[...] But landlords are left without concrete answers, as questions around the legality of this software are ongoing as they continue renting properties. "I don't think we're seeing this as a RealPage issue but rather as a revenue management software issue," says Alexandra Alvarado, the director of marketing and education at the American Apartment Owners Association, the largest association of landlords in the US. Alvarado says some landlords are taking pause and asking questions before using the tech.

Meta says it won't be launching its upcoming multimodal AI model -- capable of handling video, audio, images, and text -- in the European Union, citing regulatory concerns. From a report: The decision will prevent European companies from using the multimodal model, despite it being released under an open license. Just last week, the EU finalized compliance deadlines for AI companies under its strict new AI Act. Tech companies operating in the EU will generally have until August 2026 to comply with rules around copyright, transparency, and AI uses like predictive policing. Meta's decision follows a similar move by Apple, which recently said it would likely exclude the EU from its Apple Intelligence rollout due to concerns surrounding the Digital Markets Act.

An anonymous reader quotes a report from The Atlantic: Now, after years of contentious relationships with academic researchers, Meta is opening a small pilot program that would allow a handful of them to access Instagram data for up to about six months in order to study the app's effect on the well-being of teens and young adults. The company will announce today that it is seeking proposals that focus on certain research areas -- investigating whether social-media use is associated with different effects in different regions of the world, for example -- and that it plans to accept up to seven submissions. Once approved, researchers will be able to access relevant data from study participants -- how many accounts they follow, for example, or how much they use Instagram and when. Meta has said that certain types of data will be off-limits, such as user-demographic information and the content of media published by users; a full list of eligible data is forthcoming, and it is as yet unclear whether internal information related to ads that are served to users or Instagram's content-sorting algorithm, for example, might be provided. The program is being run in partnership with the Center for Open Science, or COS, a nonprofit. Researchers, not Meta, will be responsible for recruiting the teens, and will be required to get parental consent and take privacy precautions.

According to Axios, Meta will withhold future multimodel AI models from customers in the European Union "due to the unpredictable nature of the European regulatory environment." From the report: Meta plans to incorporate the new multimodal models, which are able to reason across video, audio, images and text, in a wide range of products, including smartphones and its Meta Ray-Ban smart glasses. Meta says its decision also means that European companies will not be able to use the multimodal models even though they are being released under an open license. It could also prevent companies outside of the EU from offering products and services in Europe that make use of the new multimodal models. The company is also planning to release a larger, text-only version of its Llama 3 model soon. That will be made available for customers and companies in the EU, Meta said.

Meta's issue isn't with the still-being-finalized AI Act, but rather with how it can train models using data from European customers while complying with GDPR -- the EU's existing data protection law. Meta announced in May that it planned to use publicly available posts from Facebook and Instagram users to train future models. Meta said it sent more than 2 billion notifications to users in the EU, offering a means for opting out, with training set to begin in June. Meta says it briefed EU regulators months in advance of that public announcement and received only minimal feedback, which it says it addressed. In June -- after announcing its plans publicly -- Meta was ordered to pause the training on EU data. A couple weeks later it received dozens of questions from data privacy regulators from across the region.

The United Kingdom has a nearly identical law to GDPR, but Meta says it isn't seeing the same level of regulatory uncertainty and plans to launch its new model for U.K. users. A Meta representative told Axios that European regulators are taking much longer to interpret existing law than their counterparts in other regions. A Meta representative told Axios that training on European data is key to ensuring its products properly reflect the terminology and culture of the region.

The U.S. Commerce Department plans to issue proposed rules on connected vehicles next month and expects to impose limits on some software made in China and other countries deemed adversaries, a senior official said Tuesday. From a report: "We're looking at a few components and some software - not the whole car - but it would be some of the key driver components of the vehicle that manage the software and manage the data around that car that would have to be made in an allied country," said export controls chief Alan Estevez at a forum in Colorado.

In May, Commerce Secretary Gina Raimondo said her department planned to issue proposed rules on Chinese-connected vehicles this autumn and had said the Biden administration could take "extreme action" and ban Chinese-connected vehicles or impose restrictions on them after the Biden administration in February launched a probe into whether Chinese vehicle imports posed national security risks.

An anonymous reader shares a report: A recent poll on TechPowerUp revealed that an overwhelming majority of PC users are not interested in paying extra for hardware with AI capabilities. According to the survey, 84% of respondents would not spend more for AI features, while only 7% said they would, and 9% were unsure. The poll data was already contributed by over 26K responders. This indicates that despite the PC market's shift toward integrating AI, most enthusiasts remain skeptical of its value. This suggests that hardware companies should pay attention to the preferences of their core user base. Currently, enthusiasts, who no doubt represent the majority of users on TechPowerUP, show little interest in AI features.

Costs associated with ransomware attacks on critical national infrastructure (CNI) organizations skyrocketed in the past year. From a report: According to Sophos' latest figures, released today, the median ransom payments rose to $2.54 million -- a whopping 41 times last year's sum of $62,500. The mean payment for 2024 is even higher at $3.225 million, although this represents a less dramatic 6x increase. IT, tech, and telecoms were the least likely to pay mega bucks to cybercriminals with an average payment of $330,000, while lower education and federal government orgs reported the highest average payments at $6.6 million.

The numbers are based only on ransomware victims that were willing to disclose the details of their blunders, so do not present the complete picture. On the topic of ransom payments, only 86 CNI organizations of the total 275 involved in the survey offered data. There's a good chance that the numbers would be skewed if 100 percent of the total CNI ransomware victims polled were entirely transparent with their figures. Costs to recover from ransomware attacks are also significantly up compared to the researchers' report last year, with some CNI sectors' costs quadrupling to a median average of $3 million per incident. While the mean cost across oil, gas, energy, and utilities dropped slightly to $3.12 million from $3.17 million last year, the energy and water sectors saw the sharpest increase in recovery costs. The new average for just these two sectors is now four times greater than the global median cross-sector average of $750k, Sophos said.

Repairs have finally commenced on three subsea telecommunications cables that were damaged in the Red Sea in February, even as Houthi militants escalate their attacks on ships in the area. From a report: The AAE-1 cable, a 25,000-kilometer (15,500 miles) fiber optic link between Asia and Europe, was repaired by a ship owned by E-Marine, a subsidiary of Abu Dhabi-based Emirates Telecommunications Group. The cable came online this week, a Yemeni government official said. The same ship, Niwa, remains in Yemeni waters to repair the remaining two cables, Seacom and EIG.

The cables, among more than a dozen that run through the Red Sea, were severed by the anchor of a cargo ship sunk by Iran-backed Houthi militants in late February. Repairs to the cables have depended on gaining access to infrastructure in Yemen's waters, a task complicated by the country's split government and the fact the Red Sea is a conflict zone. It has taken months of negotiations involving the cable operators and the two factions that control Yemen -- the internationally-recognized government in the south and the Houthi-backed government in Sanaa -- to arrange for the repair mission.

Robin McKie writes via The Guardian: Scientists with Breakthrough Listen, the world's largest scientific research program dedicated to finding alien civilizations, say a host of technological developments are about to transform the search for intelligent life in the cosmos. These innovations will be outlined at the group's annual conference, which is to be held in the UK for the first time, in Oxford, this week. Several hundred scientists, from astronomers to zoologists, are expected to attend. "There are amazing technologies that are under development, such as the construction of huge new telescopes in Chile, Africa and Australia, as well as developments in AI," said astronomer Steve Croft, a project scientist with Breakthrough Listen. "They are going to transform how we look for alien civilizations."

Among these new instruments are the Square Kilometer Array, made up of hundreds of radio telescopes now being built in South Africa and Australia, and the Vera Rubin Observatory that is being constructed in Chile. The former will become the world's most powerful radio astronomy facility while the latter, the world's largest camera, will be able to image the entire visible sky every three or four nights, and is expected to help discover millions of new galaxies and stars. Both facilities are set to start observations in the next few years and both will provide data for Breakthrough Listen. Using AI to analyze these vast streams of information for subtle patterns that would reveal evidence of intelligent life will give added power to the search for alien civilizations, added Croft.

"Until now, we have been restricted to looking for signals deliberately sent out by aliens to advertise their existence. The new techniques are going to be so sensitive that, for the first time, we will be able to detect unintentional transmissions as opposed to deliberate ones and will be able to spot alien airport radar, or powerful TV transmitters -- things like that." [...] Croft remains optimistic that we will soon succeed in making contact. "We know that the conditions for life are everywhere, we know that the ingredients for life are everywhere. I think it would be deeply weird if it turned out we were the only inhabited planet in the galaxy or in the universe. But you know, it's possible."

According to lobby group ChargeUK, there were 930,000 electric car chargers in the UK at the end of June, with the majority residing in homes and at businesses. Only about 65,000 public chargers are available. The Guardian reports: The ChargeUK analysis showed that a new public charger was installed every 25 minutes in the spring quarter as companies raced to keep up with demand. Companies installed 5,100 public chargers during the second quarter of 2024, according to the data company Zapmap. [...] There are 1.1 million electric vehicles on UK roads, including 167,000 cars sold in the first half of this year, according to the Society of Motor Manufacturers and Traders lobby group. That is a 9% increase compared with the previous year, although the share of electric sales only increased marginally to 16.6%, as relatively higher upfront prices and rising interest rates deterred some buyers.

ChargeUK's analysis, which was carried out by the thinktank New AutoMotive, suggested that the private sector was confident it could meet a target set by the previous Conservative government of 300,000 public charge points by 2030. "In little more than a decade, the UK's charging sector has grown to become a major player in the green economy, providing the infrastructure that more than a million EV drivers rely on today and scaling fast to deliver the charging needed through to 2030 and beyond," said Vicky Read, the chief executive of ChargeUK.

In its latest State of Application Security Report, Cloudflare says 6.8% of traffic on the internet is malicious, "up a percentage point from last year's study," writes ZDNet's Steven Vaughan-Nichols. "Cloudflare, the content delivery network and security services company, thinks the rise is due to wars and elections. For example, many attacks against Western-interest websites are coming from pro-Russian hacktivist groups such as REvil, KillNet, and Anonymous Sudan." From the report: [...] Distributed Denial of Service (DDoS) attacks continue to be cybercriminals' weapon of choice, making up over 37% of all mitigated traffic. The scale of these attacks is staggering. In the first quarter of 2024 alone, Cloudflare blocked 4.5 million unique DDoS attacks. That total is nearly a third of all the DDoS attacks they mitigated the previous year. But it's not just about the sheer volume of DDoS attacks. The sophistication of these attacks is increasing, too. Last August, Cloudflare mitigated a massive HTTP/2 Rapid Reset DDoS attack that peaked at 201 million requests per second (RPS). That number is three times bigger than any previously observed attack.

The report also highlights the increased importance of application programming interface (API) security. With 60% of dynamic web traffic now API-related, these interfaces are a prime target for attackers. API traffic is growing twice as fast as traditional web traffic. What's worrying is that many organizations appear not to be even aware of a quarter of their API endpoints. Organizations that don't have a tight grip on their internet services or website APIs can't possibly protect themselves from attackers. Evidence suggests the average enterprise application now uses 47 third-party scripts and connects to nearly 50 third-party destinations. Do you know and trust these scripts and connections? You should -- each script of connection is a potential security risk. For instance, the recent Polyfill.io JavaScript incident affected over 380,000 sites.

Finally, about 38% of all HTTP requests processed by Cloudflare are classified as automated bot traffic. Some bots are good and perform a needed service, such as customer service chatbots, or are authorized search engine crawlers. However, as many as 93% of bots are potentially bad.

An anonymous reader quotes a report from Wired, written by Chris Baraniuk: The buses struggling in China's muggy weather gave [Matt Jore, CEO of Montana Technologies] and his colleagues an idea. If they could make dehumidification more efficient somehow, then they could make air conditioning as a whole much more efficient, too. They headed back to the US wondering how to make this happen. [...] "I have here 50-gallon barrels of this stuff. It comes in a special powder," says Jore, referring to the moisture-loving material that coats components inside his firm's novel dehumidifier system, AirJoule. This is the result of years of research and development that followed his team's trip to China. The coating is a type of highly porous material called a metal-organic framework, and the pores are sized so that they fit around water molecules extremely well. It makes for a powerful desiccant, or drying device. "Just one kilogram can take up half or more than half -- in our case 55 percent -- of its own weight in water vapor," says Jore.

The AirJoule system consists of two chambers, each one containing surfaces coated with this special material. They take turns at dehumidifying a flow of air. One chamber is always drying air that is pushed through the system while the other gradually releases the moisture it previously collected. A little heat from the drying chamber gets applied to the moisture-saturated coating in the other, since that helps to encourage the water to drip away for removal. These two cavities swap roles every 10 minutes or so, says Jore. This process doesn't cool the air, but it does make it possible to feed dry air to a more traditional air conditioning device, drastically cutting how much energy that secondary device will use. And Jore claims that AirJoule consumes less than 100 watt-hours per liter of water vapor removed -- potentially cutting the energy required for dehumidification by as much as 90 percent compared to a traditional dehumidifier.

Montana Technologies wants to sell the components for its AirJoule system to established HVAC firms rather than attempt to build its own consumer products and compete with those firms directly -- it calls the approach AirJoule Inside. The firm is also working on a system for the US military, based on the same technology, that can harvest drinkable water from the air. Handy for troops stationed in the desert, one imagines. However, AirJoule is still at the prototype and testing stages. "We're building several of these pilot preproduction units for potential customers and partners," says Jore. "Think rooftops on big-box retailers." Montana Technologies isn't the only firm using cutting-edge technology to make air conditioning units more efficient. Rival firm Blue Frontier has developed a desiccant-based dehumidifying system using a liquid salt solution, with installations in various U.S. locations, that links to a secondary air-conditioning process and regenerates desiccant during off-peak hours to reduce peak electricity demand.

Then there's Nostromo Energy's IceBrick system, installed in California hotels, which freezes water capsules during off-peak hours and uses the stored coolth during peak times. This system can reduce cooling costs by up to 30 percent and emissions by up to 80 percent, according to Wired.

Ashley Belanger reports via Ars Technica: Google tried to derail a Microsoft antitrust settlement over anticompetitive software licensing in the European Union by offering a $500 million alternative deal to the group of cloud providers behind the EU complaint, Bloomberg reported. According to Bloomberg, Google's offer to the Cloud Infrastructure Services Providers in Europe (CISPE) required that the group maintain its EU antitrust complaint. It came "just days" before CISPE settled with Microsoft, and it was apparently not compelling enough to stop CISPE from inking a deal with the software giant that TechCrunch noted forced CISPE to accept several compromises.

Bloomberg uncovered Google's attempted counteroffer after reviewing confidential documents and speaking to "people familiar with the matter." Apparently, Google sought to sway CISPE with a package worth nearly $500 million for more than five years of software licenses and about $15 million in cash. But CISPE did not take the bait, announcing last week that an agreement was reached with Microsoft, seemingly frustrating Google. CISPE initially raised its complaint in 2022, alleging that Microsoft was "irreparably damaging the European cloud ecosystem and depriving European customers of choice in their cloud deployments" by spiking costs to run Microsoft's software on rival cloud services. In February, CISPE said that "any remedies and resolution must apply across the sector and to be accessible to all cloud customers in Europe." They also promised that "any agreements will be made public."

But the settlement reached last week excluded major rivals, including Amazon, which is a CISPE member, and Google, which is not. And despite CISPE's promise, the terms of the deal were not published, apart from a CISPE blog roughly outlining central features that it claimed resolved the group's concerns over Microsoft's allegedly anticompetitive behaviors. What is clear is that CISPE agreed to drop their complaint by taking the deal, but no one knows exactly how much Microsoft paid in a "lump sum" to cover CISPE legal fees for three years, TechCrunch noted. However, "two people with direct knowledge of the matter" told Reuters that Microsoft offered about $22 million.

Google is discontinuing its experimental Notes feature in Search Labs, the company confirmed on Wednesday. The feature, launched in November, allowed users to add comments and tips to search results and Discover content. It aimed to create a community-driven platform within Google's ecosystem, similar to social media forums.

An anonymous reader a report:Google is no longer trying to index the entire web. In fact, it's become extremely selective, refusing to index most content. This isn't about content creators failing to meet some arbitrary standard of quality. Rather, it's a fundamental change in how Google approaches its role as a search engine.

From my experience, Google now seems to operate on a "default to not index" basis. It only includes content in its index when it perceives a genuine need. This decision appears to be based on various factors:
Extreme content uniqueness: It's not enough to write about something that isn't extensively covered. Google seems to require content to be genuinely novel or fill a significant gap in its index.
Perceived authority: Sites that Google considers highly authoritative in their niche may have more content indexed, but even then, it's not guaranteed.
Brand recognition: Well-known brands often see most of their content indexed, while small or unknown bloggers face much stricter selectivity.
Temporary indexing and de-indexing: In practice, Google often indexes new content quite quickly, likely to avoid missing out on breaking news or important updates. Soon after, Google may de-index the content, and it remains de-indexed thereafter. So getting initially indexed isn't necessarily a sign that Google considers your content valuable.