Google's NotebookLM and its podcast-like Audio Overviews are being updated with a new feature that allows listeners to interact with the AI "hosts." Google describes how this feature works in a blog post. The Verge reports: In addition to the interactive Audio Overviews, Google is introducing a new interface for NotebookLM that organizes things into three areas: a "sources" panel for your information, a "chat" panel to talk with an AI chatbot about the sources, and a "studio" panel that lets you make things like Audio Overviews and Study Guides. I think it looks nice.

Google is announcing a NotebookLM subscription, too: NotebookLM Plus. The subscription will give you "five times more Audio Overviews, notebooks, and sources per notebook," let you "customize the style and tone of your notebook responses," let you make shared team notebooks, and will offer "additional privacy and security," Google says. The subscription is available today for businesses, schools and universities, and organizations and enterprise customers. It will be added to Google One AI Premium in "early 2025." Google is also launching "Agentspace," a platform for custom AI agents for enterprises.

Healthcare giant Optum has restricted access to an internal AI chatbot used by employees after a security researcher found it was publicly accessible online, and anyone could access it using only a web browser. TechCrunch: The chatbot, which TechCrunch has seen, allowed employees to ask the company questions about how to handle patient health insurance claims and disputes for members in line with the company's standard operating procedures (SOPs).

While the chatbot did not appear to contain or produce sensitive personal or protected health information, its inadvertent exposure comes at a time when its parent company, health insurance conglomerate UnitedHealthcare, faces scrutiny for its use of artificial intelligence tools and algorithms to allegedly override doctors' medical decisions and deny patient claims.

Mossab Hussein, chief security officer and co-founder of cybersecurity firm spiderSilk, alerted TechCrunch to the publicly exposed internal Optum chatbot, dubbed "SOP Chatbot." Although the tool was hosted on an internal Optum domain and could not be accessed from its web address, its IP address was public and accessible from the internet and did not require users to enter a password.

The U.S. and China signed a modified science and technology agreement on Friday, narrowing its scope and adding security safeguards to address growing technological rivalry between the world's two largest economies.

The updated pact, which extends cooperation for five years, focuses solely on basic research and excludes critical technologies like AI and quantum computing. The State Department said the agreement strengthens intellectual property protections and introduces new provisions for transparency and data sharing. The revision comes amid escalating tech tensions, with Washington restricting advanced chip exports to China and limiting U.S. investments in sensitive technologies that could enhance Chinese military capabilities.

An anonymous reader quotes a report from Tom's Hardware, written by Avram Piltch: Microsoft's Recall feature recently made its way back to Windows Insiders after having been pulled from test builds back in June, due to security and privacy concerns. The new version of Recall encrypts the screens it captures and, by default, it has a "Filter sensitive information," setting enabled, which is supposed to prevent it from recording any app or website that is showing credit card numbers, social security numbers, or other important financial / personal info. In my tests, however, this filter only worked in some situations (on two e-commerce sites), leaving a gaping hole in the protection it promises.

When I entered a credit card number and a random username / password into a Windows Notepad window, Recall captured it, despite the fact that I had text such as "Capital One Visa" right next to the numbers. Similarly, when I filled out a loan application PDF in Microsoft Edge, entering a social security number, name and DOB, Recall captured that. (Note that all info in these screenshots is made up). I also created my own HTML page with a web form that said, explicitly, "enter your credit card number below." The form had fields for Credit card type, number, CVC and expiration date. I thought this might trigger Recall to block it, but the software captured an image of my form filled out, complete with the credit card data. Recall did refuse to capture the credit card fields on the payment pages of Pimoroni and Adafruit. "So, when it came to real-world commerce sites that I visited, Recall got it right," adds Piltch. "However, what my experiment proves is that it's pretty much impossible for Microsoft's AI filter to identify every situation where sensitive information is on screen and avoid capturing it."

Yahoo laid off around 25% of its cybersecurity team -- known as The Paranoids -- over the last year, TechCrunch has learned. From the report: Overall, the company has laid off or lost through attrition 40 to 50 people from a total of 200 employees in the cybersecurity team since the start of 2024, according to multiple current and former Yahoo employees who spoke to TechCrunch on condition of anonymity. (Yahoo is TechCrunch's parent company.)

The Paranoids are not the only team affected by the layoffs. Valeri Liborski, who was appointed Yahoo's chief technology officer in September, sent an email this week to employees announcing changes across the broader technology unit, including enterprise productivity and core services. The email to staff, which was obtained by TechCrunch, said: "This was a very difficult decision and one I have not taken lightly."

The Paranoids' so-called red team, or offensive security team -- which conducts cyberattack simulations to identify weaknesses in the company's network before external hackers can -- was eliminated entirely this week, and there have been at least three rounds of layoffs impacting the cybersecurity team this year, according to the sources.

Amazon has postponed implementing Microsoft's cloud-based Office suite for its workforce by one year, citing security concerns following a Russian cyber attack on Microsoft's systems. The delay affects a $1 billion, five-year contract signed last year to provide Microsoft 365 to Amazon's 1.5 million employees, making the e-commerce giant one of the largest customers of Microsoft's cloud productivity suite.

The decision came after Microsoft revealed that Midnight Blizzard, a Russia-linked hacking group, had breached several employee email accounts, including those of senior executives and cybersecurity staff. Amazon subsequently conducted its own security review and requested enhanced protection measures from Microsoft.

Security researchers have uncovered a new surveillance tool that they say has been used by Chinese law enforcement to collect sensitive information from Android devices in China. From a report: The tool, named "EagleMsgSpy," was discovered by researchers at U.S. cybersecurity firm Lookout. The company said at the Black Hat Europe conference on Wednesday that it had acquired several variants of the spyware, which it says has been operational since "at least 2017."

Kristina Balaam, a senior intelligence researcher at Lookout, told TechCrunch the spyware has been used by "many" public security bureaus in mainland China to collect "extensive" information from mobile devices. This includes call logs, contacts, GPS coordinates, bookmarks, and messages from third-party apps including Telegram and WhatsApp. EagleMsgSpy is also capable of initiating screen recordings on smartphones, and can capture audio recordings of the device while in use, according to research Lookout shared with TechCrunch.

A manual obtained by Lookout describes the app as a "comprehensive mobile phone judicial monitoring product" that can obtain "real-time mobile phone information of suspects through network control without the suspect's knowledge, monitor all mobile phone activities of criminals and summarize them."

An anonymous reader shares a report: Software vulnerability submissions generated by AI models have ushered in a "new era of slop security reports for open source" -- and the devs maintaining these projects wish bug hunters would rely less on results produced by machine learning assistants. Seth Larson, security developer-in-residence at the Python Software Foundation, raised the issue in a blog post last week, urging those reporting bugs not to use AI systems for bug hunting.

"Recently I've noticed an uptick in extremely low-quality, spammy, and LLM-hallucinated security reports to open source projects," he wrote, pointing to similar findings from the Curl project in January. "These reports appear at first glance to be potentially legitimate and thus require time to refute." Larson argued that low-quality reports should be treated as if they're malicious.

As if to underscore the persistence of these concerns, a Curl project bug report posted on December 8 shows that nearly a year after maintainer Daniel Stenberg raised the issue, he's still confronted by "AI slop" -- and wasting his time arguing with a bug submitter who may be partially or entirely automated.

ChatGPT maker OpenAI released its AI-generated video tool called Sora for general use by its paying customers Monday. From a report: The company then said it would do wide testing with creatives and red-teaming with security experts before its release to the public. "We don't want the world to just be text," OpenAI CEO Sam Altman said in a live-streamed announcement Monday.

"[Video] is important to our culture," Altman added. The company said in a statement that the latest version of Sora, which will be offered as a standalone product to ChatGPT Plus and Pro customers, is "significantly faster" than the one it previewed. It lets you generate videos up to 20 seconds long.

Bruce Perens, original co-founder of the Open Source Initiative, has responded to questions from Slashdot readers about a new alternative he's developing that hopefully helps "Post Open" developers get paid.

But first, "One of the things that's clear from the Slashdot patter is that people are not aware of what I've been doing, in general," Perens says. "So, let's start by filling that in..."

Read on for the rest of his wide-ranging answers....

Google's app store claims that their text-messaging app Google Messages means "conversations are end-to-end encrypted".

"That is some serious bullshit," argues tech blogger John Gruber: It's shamefully misleading regarding Google Messages's support for end-to-end encryption... Google Messages does support end-to-end encryption, but only over RCS and only if all participants in the chat are using a recent version of Google Messages. But the second screenshot in the Play Store listing flatly declares "Conversations are end-to-end encrypted", full stop...

I realize that "Some conversations are end-to-end encrypted" will naturally spur curiosity regarding which conversations are encrypted and which aren't, but that's the truth. And users of the app should be aware of that. "RCS conversations with other Google Messages users are encrypted" would work.

Then, in the "report card" section of the listing, it states the following:

Data is encrypted in transit
Your data is transferred over a secure connection

Which, again, is only true sometimes. It's downright fraudulent to describe Google Messages's transit security this way.... [D]epending who you communicate with — iPhone users, Android users with old devices, Android users who use other text messaging apps — it's quite likely most of your messages won't be secure... E2EE is never available for SMS, and never available if a participant in the chat is using any RCS client (on Android or Apple Messages) other than Google Messages. That's an essential distinction that should be made clear, not obfuscated.
Gruber's earlier blog post had pointed out that the RCS standard "has no encryption; E2EE RCS chats in Google Messages use Google's proprietary extension and are exclusive to the Google Messages app, so RCS chats between Google Messages and other apps, most conspicuously Apple Messages, are not encrypted."

And in his newer post, Gruber adds, "While I'm at it, it's also embarrassing that Google Voice has no support for RCS at all. It's Google's own app and service, and Google has been the world's most vocal proponent of RCS messaging."

Peter Jackson is co-executive producer of a new animated Lord of the Rings prequel called The War of the Rohirrim. "Set in an epic world 183 years before the events of The Lord of the Rings trilogy, the King of Rohan is forced into a last stand in ancient Hornburg after a sudden attack..." explains The Hollywood Reporter.

But Variety writes that the movie "fizzled" in its overseas debut this weekend: "Moana 2" has notched $600 million in global ticket sales, standing as the sixth-biggest movie of the year after just two weeks of release. Disney's animated sequel, which was developed as a TV series before pivoting to theaters, has generated $300 million overseas and $300 million domestically... Among new offerings, the Warner Bros. anime fantasy film "The Lord of the Rings: The War of the Rohirrim," faltered with $2 million from 3,410 screens in 31 territories... [The movie] opens in North America and an additional 42 offshore markets on Dec. 13. Top earning territories were Spain with $347,000 followed by Mexico with $239,000 and Thailand with $146,000...

Meanwhile, Paramount's "Gladiator II" collected $17 million in its fourth frame at the international box office, boosting its tally to $235 million overseas and $368.4 million globally. The quarter-century-in-the-making sequel Ridley Scott's Oscar-winning 2000 epic "Gladiator" has been far bigger in offshore markets... There's also "Red One," a Christmas-set action comedy starring the Rock as Santa's head of security, which collected $3.5 million from 4,000 screens in 75 overseas markets. The film, from Amazon MGM, has generated a soft $78.2 million from offshore territories and $164 million globally. "Red One" was originally destined for streaming before the studio opted for a theatrical release, so any coinage from the big screen could be viewed as a win for movie theaters, Amazon MGM and Warner Bros. (which has international rights on Amazon MGM releases). From a strictly theatrical standpoint, though, "Red One" carries a $250 million budget before marketing and stands as one of the year's biggest misfires.

The head of America's FCC "has drafted plans to regulate the cybersecurity of telecommunications companies," reports the Washington Post, and the plans could include financial penalties phone network operators with insufficient security — "the first time the agency has asserted such powers under federal wiretapping law." Rosenworcel said the FCC's authority in this matter comes from Section 105 of the Communications Assistance for Law Enforcement Act [passed in 1994] — a single sentence that stipulates, without elaboration, that telecommunications carriers should ensure systems security "in accordance with regulations prescribed by the Commission." As one of the measures, she is seeking to require network providers to submit an annual certification to the FCC that they are implementing a cybersecurity risk management plan. In addition to imposing fines, the FCC could coordinate with other agencies to pursue criminal penalties against carriers deemed too careless on cybersecurity...

Biden administration officials said voluntary efforts to protect against aggressive Chinese hacking activity have fallen short. "We've had for the last decade voluntary public-private partnership efforts," Neuberger told The Post in a recent interview. "But we continue to see successful breaches, and in many cases, as with ransomware attacks, we continue to see pretty basic cybersecurity practices not being followed." With China's hackers becoming more brazen, pre-positioning themselves in U.S. critical networks, "we need to lock our digital doors," Neuberger said...

Cyber requirements can make a difference, she said. After the Colonial Pipeline ransomware attack in 2021 shut down one of the nation's largest energy pipelines for several days, creating a national security scare, the Transportation Security Administration issued several security directives, and today, all of the country's several dozen critical pipeline companies are in compliance, she said. Similar directives were subsequently issued for rail and aviation sectors, and the compliance rates in those industries are now at 68 and 57 percent respectively, she said.

Not every tech "advent calendar" involves programming puzzles. Instead the geek tradition of programming-language advent calendars "seems to have started way back in 2000," according to one history, "when London-based programmer Mark Fowler launched a calendar highlighting a different Perl module each day."

So the tradition continues...

• Nearly a quarter of a century later, there's still a Perl Advent Calendar, celebrating tips and tricks like "a few special packages waiting under the tree that can give your web applications a little extra pep in their step."

• And of course there's a separate advent calendar for Raku programmers.

• Since 2009 web performance consultant (and former Yahoo and Facebook engineer) Stoyan Stefanov has been pulling together an annual Web Performance calendar with helpful blog posts.

• There's also a JVM Advent calendar with daily helpful hints for Java programmers.

• Another advent calendar promises daily posts about C#.

• The HTMHell site — which bills itself as "a collection of bad practices in HTML, copied from real websites" — is celebrating the season with the "HTMHell Advent Calendar," promising daily articles on security, accessibility, UX, and performance.

• There's even an advent calendar with tips for the reverse-engineering framework Radar.

• There's still a lovely web-design themed calendar at Designcember.com.

And meanwhile developers at the Svelte frontend framework are actually promising to release something new each day, "whether it's a new feature in Svelte or SvelteKit or an improvement to the website!"

But not every tech advent calendar is about programming...

• Adafruit's managing director is publishing a Retrocomputing Advent Calendar — daily looks at the ghosts of computers past.

• The Atlantic continues its 17-year tradition of a Space Telescope advent calendar, featuring daily images from both NASA's Hubble telescope and James Webb Space Telescope

• The gaming blog Rock Paper Shotgun has been counting down their favorite games of 2024...

The Washington Post details a vision of home security "pitched by Sauron, a Silicon Valley start-up boasting a waiting list of tech CEOs and venture capitalists." In the future, your home will feel as safe from intruders as a state-of-the-art military base. Cameras and sensors surveil the perimeter, scanning bystanders' faces for potential threats. Drones from a "deterrence pod" scare off trespassers by projecting a searchlight over any suspicious movements. A virtual view of the home is rendered in 3D and updated in real time, just like a Tesla's digital display. And private security agents monitor alerts from a central hub.... By incorporating technology developed for autonomous vehicles, robotics and border security, Sauron has built a supercharged burglar alarm [argued Sauron co-founder Kevin Hartz, a tech entrepreneur and former partner at Peter Thiel's venture firm Founders Fund]...

For many tech elites, security is both a national priority and a growing concern in their personal lives... After the presidential election last month, the start-up incubator Y Combinator put out a request for "public safety technology" companies, such as those that produce tools that facilitate a neighborhood watch or technology that uses computer vision to identify "suspicious activities or people in distress from video feeds...." Sauron has raised $18 million in funding from executives behind Flock Safety and Palantir, the data analytics firm, [and] defense tech investors such as 8VC, a venture firm started by Palantir co-founder Joe Lonsdale... Sauron is targeting homeowners at the high end of the real estate market, beginning with a private event at Abraham's home on Thursday, during Art Basel Miami Beach, the annual art exhibition that attracts collectors from around the world. The company plans to launch in San Francisco early next year, before expanding to Los Angeles and Miami...

Big Tech companies haven't deployed tools such as facial recognition as aggressively as Hartz would like. "If somebody comes onto my property, I feel like I should know who that is," Hartz said... In recent years massive investments have driven down the cost of drones, high-resolution cameras and lidar sensors, which use light detection to create 3D maps. Sauron uses lower-cost hardware and tools like facial recognition, combined with custom-built software adapted for residential use. For facial recognition, it will use a third-party service called Paravision... Sauron is still figuring out how to incorporate drones, but it is already imagining more aggressive countermeasures, Hartz said. "Is it a machine that could take out a bad actor with a bullet or something?"

China-linked spies may still be lurking in U.S. telecommunications networks — but the breach could be much, much wider. In fact, a "couple dozen" countries were hit by the attack, the Wall Street Journal reported this week, citing a top U.S. national security adviser. "Chinese government hackers have compromised telecommunications infrastructure across the globe as part of a massive espionage campaign..." Speaking during a press briefing Wednesday, Anne Neuberger, President Biden's deputy national security adviser for cyber and emerging technology, said the so-called Salt Typhoon campaign is ongoing and that at least eight telecommunications firms in the U.S. had been breached... The Journal previously identified Verizon, AT&T, T-Mobile and Lumen Technologies among the victims... [M]etadata grabs appeared to be "regional" in focus, and were likely a means to identify phone lines of valuable senior government officials, which the hackers then targeted to steal encrypted text messages and listen in on some phone calls, the official said... President-elect Donald Trump, Vice President-elect JD Vance, senior congressional staffers and an array of U.S. security officials were among scores of individuals to have their calls and texts directly targeted, an intelligence-collection coup that likely ensnared their private communications with thousands of Americans, the Journal has reported.

The senior administration official said the global tally of countries victimized was currently believed to be in the "low, couple dozen" but didn't give a precise figure. The global campaign of hacking activity dates back at least a year or two, the official said.
"Neuberger, on the press briefing, said that it wasn't believed that classified communications were accessed in the breaches."

"OpenAI is partnering with defense tech company Anduril," wrote the Verge this week, noting that OpenAI "used to describe its mission as saving the world." It was Anduril founder Palmer Luckey who advocated for a "warrior class" and autonomous weapons during a talk at Pepperdine University, saying society's need people "excited about enacting violence on others in pursuit of good aims." The Verge notes it's OpenAI's first partnership with a defense contractor "and a significant reversal of its earlier stance towards the military." OpenAI's terms of service once banned "military and warfare" use of its technology, but it softened its position on military use earlier this year, changing its terms of service in January to remove the proscription.
Hours after the announcement, some OpenAI employees "raised ethical concerns about the prospect of AI technology they helped develop being put to military use," reports the Washington Post. "On an internal company discussion forum, employees pushed back on the deal and asked for more transparency from leaders, messages viewed by The Washington Post show." OpenAI has said its work with Anduril will be limited to using AI to enhance systems the defense company sells the Pentagon to defend U.S. soldiers from drone attacks. Employees at the AI developer asked in internal messages how OpenAI could ensure Anduril systems aided by its technology wouldn't also be directed against human-piloted aircraft, or stop the U.S. military from deploying them in other ways. One OpenAI worker said the company appeared to be trying to downplay the clear implications of doing business with a weapons manufacturer, the messages showed. Another said that they were concerned the deal would hurt OpenAI's reputation, according to the messages...

OpenAI executives quickly acknowledged the concerns, messages seen by The Post show, while also writing that the company's work with Anduril is limited to defensive systems intended to save American lives. Other OpenAI employees in the forum said that they supported the deal and were thankful the company supported internal discussion on the topic. "We are proud to help keep safe the people who risk their lives to keep our families and our country safe," OpenAI CEO Sam Altman said in a statement...

[OpenAI] has invested heavily in safety testing, and said that the Anduril project was vetted by its policy team. OpenAI has held feedback sessions with employees on its national security work in the past few months, and plans to hold more, Liz Bourgeois, an OpenAI spokesperson said. In the internal discussions seen by The Post, the executives stated that it was important for OpenAI to provide the best technology available to militaries run by democratically-elected governments, and that authoritarian governments would not hold back from using AI for military uses. Some workers countered that the United States has sold weapons to authoritarian allies. By taking on military projects, OpenAI could help the U.S. government understand AI technology better and prepare to defend against its use by potential adversaries, executives also said.
"The debate inside OpenAI comes after the ChatGPT maker and other leading AI developers including Anthropic and Meta changed their policies to allow military use of their technology," the article points out. And it also notes another concern raised in OpenAI's internal discussion forum.

The comment said "that defensive use cases still represented militarization of AI, and noted that the fictional AI system Skynet, which turns on humanity in the Terminator movies, was also originally designed to defend against aerial attacks on North America.

"SpaceX has launched 20 of its Starlink satellites up into Earth's orbit, enabling direct-to-cellphone connectivity for subscribers anywhere on the planet," reports the tech blog New Atlas. That completes the constellation's first orbital shell, following a launch of an initial batch of six satellites for testing back in January. The satellites were launched with a Falcon 9 rocket from California's Vandenberg Space Force Base on December 5 at 10 PM EST; they were then deployed in low Earth orbit. SpaceX founder Elon Musk noted on X that the effort will "enable unmodified cellphones to have internet connectivity in remote areas." He added a caveat for the first orbital shell — "Bandwidth per beam is only ~10 Mb, but future constellations will be much more capable...."

The big deal with this new venture is that unlike previous attempts at providing satellite-to-phone service, you don't need a special handset or even a specific app to get access anywhere in the world. Starlink uses standard LTE/4G protocols that most phones are compatible with, partners with mobile operators like T-Mobile in the U.S. and Rogers in Canada, and has devised a system to make its service work seamlessly with your phone when it's connecting to satellites 340 miles (540 km) above the Earth's surface. The SpaceX division noted it's also worked out latency constraints, ideal altitudes and elevation angles for its satellites, along with several other parameters, to achieve reliable connectivity. Each satellite has an LTE modem on board, and these satellites plug into the massive constellation of 6,799 existing Starlink spacecraft, according to Space.com.

Connecting to that larger constellation happens via laser backhaul, where laser-based optical communication systems transmit data between satellites. This method leverages the advantages of lasers over traditional radio frequency communications, enabling data rates up to 100 times faster, increased bandwidth, and improved security.
The direct-to-cell program was approved last month, the article points out — but it's ready to ramp up. "You'll currently get only text service through the end of 2024; voice and data will become available sometime next year, as will support for IoT devices (such as smart home gadgets). The company hasn't said how much its service will cost. " (They also note there's already competing services from Lynk, "which has satellites in orbit and launched in the island nation of Palau back in 2023, and AST SpaceMobile, which also has commercial satellites in orbit and contracts with the U.S. government, Europe, and Japan.")

Elon Musk's announcement on X.com prompted this interesting exchange:

X.com User: You've stated that purchasing Starlink goes toward funding the journey to Mars, yes?

Elon Musk: Yes.

Nuclear rods are traditionally clad in metal. But a U.S. energy company wants to develop a better, safer alternative that instead uses silicon carbide composites. Working with America's Energy Department, General Atomics Electromagnetic Systems just completed a 120-day irradiation testing period simulating the intense radiation and extreme temperatures (3,452F) of a pressurized water reactor in a real-world nuclear power plant.

And the tests "showed no significant mass change, indicating promising performance," the company said in a statement. "This indicates that the SiGA cladding is exceptionally resistant to the damaging effects of radiation." Long-time Slashdot reader fahrbot-bot shared this report from the Interesting Engineering blog: "This success is a key milestone on SiGA cladding's development path to enhance the safety of the existing U.S. fleet of light water reactors," added Scott Forney, president of GA-EMS. "It could also do the same for the future generation of advanced nuclear power systems." This advanced material offers significant advantages over traditional metal cladding. It can withstand temperatures up to 1900 degreesC (3452 degreesF), far exceeding the limits of current materials. This enhanced heat resistance is crucial for improving safety margins in nuclear reactors. Moreover, the company claims that in case of any accident, SiGA cladding is designed to maintain its integrity at temperatures where traditional cladding might fail. This could prevent the release of radioactive materials and significantly improve overall reactor safety.

Furthermore, SiGA cladding offers performance benefits. It enables higher power operation and longer fuel lifetimes. This translates to increased efficiency and reduced costs for nuclear power plants...

The design, safety, and installation of new nuclear reactors have been a prime subject for research. Recently, France-based Newcleo applied to the United Kingdom's Department of Energy Security and Net Zero (DESNZ) to enter its lead-cooled small modular reactor for generating fission energy in the generic design assessment phase. Newcleo's SMR can operate at atmospheric pressure, and the company also states that no significant energy release occurs in cases of vessel failure. This also eliminates the need for high-pressure-resistant containment.
The article notes that General Atomics's collaboration with the U.S. Energy Department is "part of the Accident Tolerant Fuel Program, a national effort to improve the safety and performance of nuclear reactors."

"TikTok has lost its bid to strike down a law that could result in the platform being banned in the United States," reports CNN.

A U.S. federal appeals court just unanimously ruled in favor of the new U.S. law requiring TikTok's China-based owners to either sell the app next month or face an effective ban in the United States. Denying TikTok's argument that the law was unconstitutional, the judges found that the law does not "contravene the First Amendment to the Constitution of the United States," nor does it "violate the Fifth Amendment guarantee of equal protection of the laws"... After the [January 25] deadline, U.S. app stores and internet services could face hefty fines for hosting TikTok if it is not sold. (Under the legislation, President Biden may issue a one-time extension of the deadline.)

In a statement, TikTok indicated it would appeal the decision. "The Supreme Court has an established historical record of protecting Americans' right to free speech, and we expect they will do just that on this important constitutional issue," said company spokesperson Michael Hughes. "Unfortunately, the TikTok ban was conceived and pushed through based upon inaccurate, flawed and hypothetical information, resulting in outright censorship of the American people. The TikTok ban, unless stopped, will silence the voices of over 170 million Americans here in the US and around the world on January 19th, 2025"....

"People in the United States would remain free to read and share as much PRC propaganda (or any other content) as they desire on TikTok or any other platform of their choosing," the judges said. "What the Act targets is the PRC's ability to manipulate the content covertly. Understood in that way, the Government's justification is wholly consonant with the First Amendment."
The judges also wrote that "in part precisely because of the platform's expansive reach, Congress and multiple Presidents determined that divesting it from the PRC's control is essential to protect our national security... Congress judged it necessary to assume that risk given the grave national-security threats it perceived."

CNN notes that ByteDance "has previously indicated it will not sell TikTok."