An anonymous reader quotes a report from Ars Technica: California Gov. Gavin Newsom vetoed a bill that would have required makers of web browsers and mobile operating systems to let consumers send opt-out preference signals that could limit businesses' use of personal information. The bill approved by the State Legislature last month would have required an opt-out signal "that communicates the consumer's choice to opt out of the sale and sharing of the consumer's personal information or to limit the use of the consumer's sensitive personal information." It would have made it illegal for a business to offer a web browser or mobile operating system without a setting that lets consumers "send an opt-out preference signal to businesses with which the consumer interacts."

In a veto message (PDF) sent to the Legislature Friday, Newsom said he would not sign the bill. Newsom wrote that he shares the "desire to enhance consumer privacy," noting that he previously signed a bill "requir[ing] the California Privacy Protection Agency to establish an accessible deletion mechanism allowing consumers to request that data brokers delete all of their personal information." But Newsom said he is opposed to the new bill's mandate on operating systems. "I am concerned, however, about placing a mandate on operating system (OS) developers at this time," the governor wrote. "No major mobile OS incorporates an option for an opt-out signal. By contrast, most Internet browsers either include such an option or, if users choose, they can download a plug-in with the same functionality. To ensure the ongoing usability of mobile devices, it's best if design questions are first addressed by developers, rather than by regulators. For this reason, I cannot sign this bill." Vetoes can be overridden with a two-thirds vote in each chamber. The bill was approved 59-12 in the Assembly and 31-7 in the Senate. But the State Legislature hasn't overridden a veto in decades. "It's troubling the power that companies such as Google appear to have over the governor's office," said Justin Kloczko, tech and privacy advocate for Consumer Watchdog, a nonprofit group in California. "What the governor didn't mention is that Google Chrome, Apple Safari and Microsoft Edge don't offer a global opt-out and they make up for nearly 90 percent of the browser market share. That's what matters. And people don't want to install plug-ins. Safari, which is the default browsers on iPhones, doesn't even accept a plug-in."

GPS spoofing attacks are increasingly disrupting commercial flights worldwide, with over 1,100 daily incidents reported in August, up from dozens in February. The false signals, primarily originating from Russia, Ukraine, and Israel, confuse cockpit navigation systems, triggering false alarms and misdirecting flight paths, WSJ reports.

Pilots report clocks resetting, erroneous warnings, and navigation errors lasting minutes to entire flights. While no major safety incidents have occurred, aviation officials warn that managing these disruptions could overburden crews during emergencies. Airlines, manufacturers, and regulators are scrambling for solutions, but new equipment standards to combat spoofing won't be ready until next year at the earliest. In the meantime, pilots receive briefings on identifying and responding to potential attacks, sometimes instructed to ignore safety system warnings.

Google is getting ready to show off updated Street View imagery in nearly 80 countries. The Verge: In a now-removed blog post seen by The Verge, Google announced that the new images are coming to countries like Australia, Brazil, Denmark, Japan, the Philippines, Rwanda, Serbia, South Africa, and more. Google is also bringing Street View to a handful of countries where it's never been available, including Bosnia, Namibia, Lichtenstein, and Paraguay. The company said its more portable Street View camera, which launched in 2022, will help offer images of "even more places in the future."

Google Maps and Google Earth are getting sharper satellite imagery as well, thanks to the company's cloud-removal AI tool that takes out clouds, shadows, haze, and mist. This should result in "brighter, more vibrant" images, according to Google.

An anonymous reader quotes a report from TechCrunch: Cloudflare announced plans on Monday to launch a marketplace in the next year where website owners can sell AI model providers access to scrape their site's content. The marketplace is the final step of Cloudflare CEO Matthew Prince's larger plan to give publishers greater control over how and when AI bots scrape their websites. "If you don't compensate creators one way or another, then they stop creating, and that's the bit which has to get solved," said Prince in an interview with TechCrunch.

As the first step in its new plan, on Monday, Cloudflare launched free observability tools for customers, called AI Audit. Website owners will get a dashboard to view analytics on why, when, and how often AI models are crawling their sites for information. Cloudflare will also let customers block AI bots from their sites with the click of a button. Website owners can block all web scrapers using AI Audit, or let certain web scrapers through if they have deals or find their scraping beneficial. A demo of AI Audit shared with TechCrunch showed how website owners can use the tool, which is able to see where each scraper that visits your site comes from, and offers selective windows to see how many times scrapers from OpenAI, Meta, Amazon, and other AI model providers are visiting your site. [...]

joshuark shares a report: Microsoft has officially announced that Windows Server Update Services (WSUS) is now deprecated, but plans to maintain current functionality and continue publishing updates through the channel. This move isn't surprising, as Microsoft first listed WSUS as one of the "features removed or no longer developed starting with Windows Server 2025" on August 13. In June, the company also revealed that it would also soon deprecate WSUS driver synchronization.

While new features and development for WSUS will cease, Microsoft said today that it plans to continue supporting the service's existing functionality and updates, which will still be distributed, even after deprecation. "Specifically, this means that we are no longer investing in new capabilities, nor are we accepting new feature requests for WSUS," Microsoft's Nir Froimovici said on Friday. "However, we are preserving current functionality and will continue to publish updates through the WSUS channel. We will also support any content already published through the WSUS channel."

Customers of Kaspersky antivirus in the United States found out in the last few days that their cybersecurity software was automatically replaced with a new one called UltraAV, according to several customers. And while Kaspersky said earlier this month that its U.S. customers would be transitioned to UltraAV, many of its customers said they had no idea this was going to happen and that it would automatically be forced upon them. From a report: "Woke up to Kasperky [sic] completely gone from my system with Ultra AV and Ultra VPN freshly installed (not by me, just automatically while I slept)," a user on Reddit wrote. Others reported having the same experience in the same Reddit thread, as well as in other threads. A reseller, who until recently sold Kaspersky products prior to the recent sales ban, told TechCrunch that he was left "annoyed" by the move to automatically remove Kaspersky software and replace it with an entirely different antivirus. A former senior U.S. government cybersecurity official said that this was an example of the "huge risk" posed by the access granted by Kaspersky software. It's worth noting that, on the other hand, other customers did report receiving an email from Kaspersky about the transition to UltraAV.

An anonymous reader shares a report: YouTube Premium users around the world woke up to bad news today. In over a dozen countries, the price of YouTube Premium individual and family plans increased significantly. This is only the most recent sweep of price increases from Google, as many countries saw price jumps only months ago, with the United States being one of them last summer. Impacted countries include Ireland, Netherlands, Italy, Belgium, UAE, Switzerland, Malaysia, Saudi Arabia, Indonesia, Colombia, Thailand, Singapore, Norway, Sweden, Czech Republic, and Denmark. The prices have gone up by as early as 40%.

Sonos launched a disastrous app update in May, prompting CEO Patrick Spence to commission an internal investigation led by chief counsel Eddie Lazarus. The software release, plagued with missing features and bugs, has sparked widespread customer outrage and led to a $200 million revenue shortfall. Sonos shares have plummeted 25% this year. Lazarus interviewed about two dozen employees and reviewed meeting recordings before presenting his findings to the board in late July. Bloomberg: What has happened to Sonos is at its heart a cautionary tale of company leadership ignoring the perils of "technical debt," the term used by software engineers to describe the compounding threat of outdated code and infrastructure on security, usability and stability.

For two decades, Sonos had allowed its tech debt to pile high. When it undertook in earnest its effort to revamp its app in mid-2022, the company knew it was sitting on infrastructure and code written in languages that were pretty much obsolete. The Sonos app had been adapted and spliced and tinkered with so often, the vast majority of work being performed for the new app was less about introducing new functionality than sorting out the existing mess.

The company could have tackled its tech debt sooner but appears to have lacked a crucial element: urgency. It finally came in the form of the Sonos Ace headphones, the first product in the Sonos range to be fully mobile rather than using home or office Wi-Fi. The app needed to be rebuilt, as did the cloud computing setup underpinning it.

Ace is a critical product for Sonos. Now that Sonos' pandemic sales boom has subsided, Wall Street has started to question where revenue growth will come from. Sonos Ace is a big part of the answer. Despite the company's lofty and well-earned reputation, Sonos' share of the $100 billion audio market is only around 2% because it has not gone toe-to-toe in the headphones category with Apple, Sennheiser, Bose and the rest.

Automattic CEO and WordPress co-creator Matt Mullenweg unleashed a scathing attack on a rival firm this week, calling WP Engine -- a managed WordPress hosting provider that has raised nearly $300 million in funding over its 14-year history -- a "cancer to WordPress." From a report: Mullenweg criticized the company -- which has been commercializing the open source WordPress project since 2010 -- for profiteering without giving much back, while also disabling key features that make WordPress such a powerful platform in the first place.

[...] But speaking last week at WordCamp US 2024, a WordPress-focused conference held in Portland, Oregon, Mullenweg pulled no punches in his criticism of WP Engine. Taking to the stage, Mullenweg read out a post he had just published to his personal blog, where he points to the distinct "five for the future" investment pledges made by Automattic and WP Engine to contribute resources to support the sustained growth of WordPress, with Automattic contributing 3,900 hours per week, an WP Engine contributing just 40 hours.

While he acknowledged that these figures are just a "proxy," and might not be perfectly accurate, Mullenweg said that this disparity in contributions is notable, as both Automattic and WP Engine "are roughly the same size, with revenue in the ballpark of half-a-billion [dollars]." [...] Mullenweg published a follow up blog post, where he calls WP Engine a "cancer" to WordPress. "It's important to remember that unchecked, cancer will spread," he wrote. "WP Engine is setting a poor standard that others may look at and think is ok to replicate."

The US Commerce Department on Monday will propose a ban on the sale or import of smart vehicles that use specific Chinese or Russian technology because of national security concerns, according to US officials. From a report: A US government investigation that began in February found a range of national security risks from embedded software and hardware from China and Russia in US vehicles, including the possibility of remote sabotage by hacking and the collection of personal data on drivers, Secretary of Commerce Gina Raimondo told reporters Sunday in a conference call.

"In extreme situations, a foreign adversary could shut down or take control of all their vehicles operating in the United States, all at the same time, causing crashes (or) blocking roads," she said. The rule would not apply to cars already on the road in the US that already have Chinese software installed, a senior administration official told CNN. The software ban would take effect for vehicles for "model year" 2027 and the hardware ban for "model year" 2030, according to the Commerce Department. The proposed regulatory action is part of a much broader struggle between the United States and China, the world's two biggest economies, to secure the supply chains of the key computing technology of the future, from semiconductors to AI software. China, in particular, has invested heavily in the connected car market, and inroads made by Chinese manufacturers in Europe have worried US officials.

"Many GitHub users this week received a novel phishing email warning of critical security holes in their code," reports Krebs on Security — citing an email shared by one of his readers: "Hey there! We have detected a security vulnerability in your repository. Please contact us at https://github-scanner[.]com to get more information on how to fix this issue...." Clicking the "I'm not a robot" button generates a pop-up message asking the user to take three sequential steps to prove their humanity. Step 1 involves simultaneously pressing the keyboard key with the Windows icon and the letter "R," which opens a Windows "Run" prompt that will execute any specified program that is already installed on the system.

Step 2 asks the user to press the "CTRL" key and the letter "V" at the same time, which pastes malicious code from the site's virtual clipboard. Step 3 — pressing the "Enter" key — causes Windows to launch a PowerShell command, and then fetch and execute a malicious file from github-scanner[.]com called "l6e.exe...." According to an analysis at the malware scanning service Virustotal.com, the malicious file downloaded by the pasted text is called Lumma Stealer, and it's designed to snarf any credentials stored on the victim's PC.
Even though this might fool some users, Krebs points out that Microsoft "strongly advises against nixing PowerShell because some core system processes and tasks may not function properly without it. What's more, doing so requires tinkering with sensitive settings in the Windows registry..."

Thanks to long-time Slashdot reader sinij for sharing the article.

In the antitrust trial alleging Google had an ad-selling monopoly, "government lawyers have said some of their strongest evidence is in Google's own internal communications," reports the Wall Street Journal: [In 2010] a new crop of ad-tech companies were threatening Google's bottom line. "One way to make sure we don't get further behind in the market is picking up the one with the most traction and parking it somewhere..." [wrote YouTube Chief Executive Neal Mohan, who previously ran Google's display-ads business]. Google ended up buying one such company, AdMeld, for $400 million in 2011. Google shut down AdMeld two years later, after incorporating some of the startup's technology into its ad exchange, known commonly as AdX.

The Justice Department argued that AdMeld was part of a larger trend: Google acquiring nascent rivals to corner the market and then locking customers into using its products by conditioning access to one software tool on them paying for another... In a 2016 email introduced by the government, Google executive Jonathan Bellack asked colleagues: "Is there a deeper issue with us owning the platform, the exchange, and a huge network? The analogy would be if Goldman or Citibank owned the NYSE [New York Stock Exchange]...." The Justice Department also cited a 2018 email from another then-executive, Chris LaSala, who raised concerns internally over the 20% cut that Google takes from many of its AdX customers, saying Google was extracting "irrationally high rent" from users. "I don't think there is 20% of value in comparing two bids," wrote LaSala. "AdX is not providing additional liquidity to the market. It is simply running the auction."

Another former Google executive, Eisar Lipkovitz, testified that Google's omnipresence in ad-tech gives rise to conflicts of interest. Lipkovitz was rebuffed when he tried to get Google to lower the cut it took from AdX, he testified in a prerecorded deposition. The Justice Department finished presenting its case on Friday. Other witnesses included Google customers. One was Stephanie Layser, a former News Corp executive, who said she felt she had no choice but to use Google technology because the search giant has such market power that switching to another ad server would have meant losing out on millions in advertising revenue.
Google's lawyer countered that "There will be no witness in this case who can say with clarity where this industry is going in the next five years."

Or, as the Wall Street Journal puts it, "It makes no sense to focus on display ads, Google argues, when the industry is shifting to apps, social media and streaming services. Far from monopolizing the space, Google is actually losing ground, Google lawyer Karen Dunn said in her opening trial statement..."

The Washington Post reports that electric vehicles made by General Motors now can use Tesla's Superchargers. (GM's charger adapters "will first be made available to customers in the United States, followed by availability for Canadian customers later this year.") The Post writes that the move "expands the number of vehicles compatible with the North American Charging Standard developed by Tesla" — and also marks "another step forward for efforts to settle on a universal public charger network for battery-powered cars and trucks in the U.S.

"It could also allay some GM customers' concerns about a lack of charging options." The new changes take effect immediately, along with sales of the GM-approved power adapters... The deal makes roughly 17,800 Tesla Superchargers available to drivers of GM-manufactured vehicles such as the Chevy Bolt, Cadillac Lyriq and Silverado EV, with the help of an adapter that costs $225... GM estimates that the partnership with Tesla contributes to an overall network of 231,800 fast chargers across the United States available to drivers of its vehicles. GM is also part of IONNA, a joint venture of eight automakers that plans to build at least 30,000 high-powered chargers nationwide.
GM's statement calls it "a move that will help accelerate fast and convenient charging options for current and future EV drivers." And the move comes 15 months after GM announced it was adopting the standard — a move followed within weeks by similar announcements from Rivian, Ford, Volvo, Nissan, Hyundai and Kia. "Ford and Rivian have started distributing adapters for their EVs," the Washington Post points out, "while others, such as BMW, Honda, Hyundai and Mercedes-Benz have promised to start making their vehicles compatible this year or next."

"Knowing we will now have access to Tesla Supercharger locations means that range anxiety has now virtually evaporated..." argues a Chevy owner at CleanTechnica: This is mostly good news for drivers of electric cars from GM. Tesla and The General have been bitter enemies in the past, with GM opposing Tesla's direct sales model in many states. The once fierce battle has cooled in recent years, but GM essentially won by keeping Tesla from selling direct to the public in several US states, including its new home of Texas. Nevertheless, the two companies are now cooperating, which is a bonus for drivers...

Despite some niggling concerns, this is a big deal for EV drivers in North America. Tesla Superchargers are the gold standard in the industry today. There are fast, reliable, and always located in clean, well-lit places where restrooms and fresh foods are available. This could very well change the conversation about electric cars to the point where by the time GM, Ford, and Stellantis get their plug-in hybrids into showrooms, the demand for them will have shrunk considerably.
One GM executive says in this week's statement that "GM's ongoing efforts to help accelerate the expansion of public charging infrastructure is an integral part of our commitment to an all-electric future."

"The cab was cut from a 1997 Jeep Grand Cherokee," writes the New York Times. "The engine once revved up a 1985 Toyota Celica; and 107 hand-sewn rubber segments, courtesy of Mr. Tymofichuk's wife, help to direct low-pressure air beneath the craft so that it rises eight inches above the ground..." On a cold spring day in a small garage in Alberta, Canada, an engine revved up and an improbable machine — fabricated from auto parts, a hand-sewn rubber skirt and an abandoned fiberglass hull — came to life.

A homemade hovercraft began to rise off the ground with a small crew standing by.

The successful liftoff was the culmination of a lifelong fascination of Robert Tymofichuk, 55, who spent about 1,800 hours over a year working on it [according to this nifty video on YouTube ]. And, to the gratitude of passengers, it comes with heated seats. "If you're going through all that hassle, you might as well make yourself comfortable," Mr. Tymofichuk said. He repurposed the seats from a Volkswagen, so the heating coils were already installed.
Achieve speeds around 40 miles per hour (or 64 kmph), "Mr. Tymofichuk's hovercraft now sails above land and water, a bright red gem coasting over the Saskatchewan River," according to the article. And it also quotes Mr. Tymofichuk as saying it's the fulfillment of a childhood dream.

"To actually have something constructed with your own hands be zipping around, and it's fully functional — it's like magic."

UPDATE (9/28): California's governor vetoed the bill.

Below is Slashdot's original story...

"Exceed the speed limit in one of the 27 European Union countries, and you may get some pushback from your vehicle," reports Car and Driver. "As of July, new cars sold in the EU must include a speed-warning device that alerts drivers if they exceed the posted limit."

The warnings can be ither acoustic or haptic, "though the European Commission gives automakers the latitude to supplant those passive measures with either an active accelerator pedal that applies counterpressure against the driver's foot or a governor that restricts the vehicle's speed to the legal limit." Drivers can override or deactivate these admonishments, but the devices must default to their active state at startup.

Now California is looking to emulate the EU with legislation that would mandate in-car speed-warning devices [for driving more than 10 miles per hour over the speed limit — in "just about every 2030 model-year vehicle equipped with either GPS or a front-facing camera"].
The article cites statistics that 18% of those drivers involved in fatal crashes were speeding.

Although the projects director at the European Transport Safety Council also acknowledges the systems may struggle to identify speed limits from passing signs — and that their testing shows the systems generally irritate drivers, who often deactivate the systems...

Thanks to long-time Slashdot reader sinij for sharing the article.

Meta (the parent company of Facebook, Instagram, and Threads) announced Monday that Russian state media outlets like RT are now "banned from our apps globally for foreign interference activity," reports CNN.

CNN adds that Meta is alleging that the "Kremlin-controlled networks" have "engaged in deceptive influence operations and attempted to evade detection... Prior to Monday's ban, RT had 7.2 million followers on Facebook and 1 million followers on Instagram." The move comes days after the US Justice Department announced charges against two RT employees for funneling nearly $10 million into a US company, identified by CNN as Tenet Media, to create and amplify content that aligned with Russian interests. The covert influence campaign was aimed at the American public ahead of the 2024 US presidential election, US officials said.
Last week the U.S. State department "revealed declassified U.S. intelligence findings that suggest RT is fully integrated into Russia's intelligence operations around the world," CNN reported earlier" In addition to its covert influence operations, the leaders of RT also administered an online crowdfunding effort to supply military equipment to Russian soldiers in Ukraine, Blinken alleged. The crowdfunding effort supplied "sniper rifles, suppressors, body armor, night vision equipment, drones, radio equipment, personal weapon sights, diesel generators" to Russian soldiers fighting in Ukraine, according to Blinken.

The goal of the U.S. announcement — and private discussions with allied diplomats — is to make sure that countries know that RT and Russian intelligence agencies are working together to sow division and harm democratic processes, while simultaneously making it much more difficult for RT to operate globally, a senior administration official said...

Asked for comment by CNN, RT responded with a mocking email that read in part: "We've been broadcasting straight out of the KGB headquarters all this time."
More from Reuters: U.S. Secretary of State Antony Blinken said on Friday that countries should treat RT's activities as they do covert intelligence operations... In briefing materials shared with Reuters, Meta said it had seen Russian state-controlled media try to evade detection in their online activities in the past and expected them to continue trying to engage in deceptive practices going forward.
A YouTube spokesperson told Reuters they've also terminated over 230 channels affiliated with Kremlin-controlled outlets — channels which were previously only blocked from viewers.

YouTube "began blocking Russian state-sponsored news channels globally in 2022," reports NBC News, "including those tied to RT and Sputnik. Over the years, according to YouTube, the platform has blocked thousands of channels and millions of videos." James Rubin, coordinator for the State Department's Global Engagement Center, said RT is "where propaganda, disinformation and lies are spread to millions, if not billions, of people around the world."

The world's biggest technology companies have embarked on a final push to persuade the European Union to take a light-touch approach to regulating AI as they seek to fend off the risk of billions of dollars in fines. From a report: EU lawmakers in May agreed the AI Act, the world's first comprehensive set of rules governing the technology, following months of intense negotiations between different political groups. But until the law's accompanying codes of practice have been finalised, it remains unclear how strictly rules around "general purpose" AI (GPAI) systems, such as OpenAI's ChatGPT will be enforced and how many copyright lawsuits and multi-billion dollar fines companies may face.

The EU has invited companies, academics, and others to help draft the code of practice, receiving nearly 1,000 applications, an unusually high number according to a source familiar with the matter who requested anonymity because they were not authorised to speak publicly. The AI code of practice will not be legally binding when it takes effect late next year, but it will provide firms with a checklist they can use to demonstrate their compliance. A company claiming to follow the law while ignoring the code could face a legal challenge.

Sandvine, the makers of surveillance-ware that allowed authoritarian countries to censor the internet and spy on their citizens, announced that it is leaving dozens of "non-democratic" countries as part of a major overhaul of the company. From a report: The company, which was founded in Canada, published a statement on Thursday, claiming that it now wants to be "a technology solution leader for democracies." As part of this new strategy, Sandvine said it has already left 32 countries and is in the process of leaving another 24 countries.

Sandvine did not name the 56 countries, apart from Egypt, where Sandvine promised to leave by the end of March 2025. For the remaining countries -- including non-government customers in Egypt -- the "end-of-service" date will be the end of 2025. This change in the company's direction comes after years of investigations by Bloomberg, which reported that Sandvine had sold its internet surveillance products to authoritarian regimes, including Belarus, Egypt, Eritrea, the United Arab Emirates, and Uzbekistan.

The creator of an open source project that scraped the internet to determine the ever-changing popularity of different words in human language usage says that they are sunsetting the project because generative AI spam has poisoned the internet to a level where the project no longer has any utility. 404 Media: Wordfreq is a program that tracked the ever-changing ways people used more than 40 different languages by analyzing millions of sources across Wikipedia, movie and TV subtitles, news articles, books, websites, Twitter, and Reddit. The system could be used to analyze changing language habits as slang and popular culture changed and language evolved, and was a resource for academics who study such things. In a note on the project's GitHub, creator Robyn Speer wrote that the project "will not be updated anymore."

"Generative AI has polluted the data," she wrote. "I don't think anyone has reliable information about post-2021 language usage by humans." She said that open web scraping was an important part of the project's data sources and "now the web at large is full of slop generated by large language models, written by no one to communicate nothing. Including this slop in the data skews the word frequencies." While there has always been spam on the internet and in the datasets that Wordfreq used, "it was manageable and often identifiable. Large language models generate text that masquerades as real language with intention behind it, even though there is none, and their output crops up everywhere," she wrote.

New submitter LazarusQLong shares a report: In late 1965, at what's now London Heathrow airport, a commercial flight coming from Paris made history by being the first to land automatically. The plane -- A Trident 1C operated by BEA, which would later become British Airways -- was equipped with a newly developed extension of the autopilot (a system to help guide the plane's path without manual control) known as "autoland." Today, automatic landing systems are installed on most commercial aircraft and improve the safety of landings in difficult weather or poor visibility.

Now, nearly 60 years later, the world's third largest aircraft manufacturer, Brazil's Embraer, is introducing a similar technology, but for takeoffs. Called "E2 Enhanced Take Off System," after the family of aircraft it's designed for, the technology would not only improve safety by reducing pilot workload, but it would also improve range and takeoff weight, allowing the planes that use it to travel farther, according to Embraer. "The system is better than the pilots," says Patrice London, principal performance engineer at Embraer, who has worked on the project for over a decade. "That's because it performs in the same way all the time. If you do 1,000 takeoffs, you will get 1,000 of exactly the same takeoff."