×
Privacy

General Motors Quits Sharing Driving Behavior With Data Brokers (nytimes.com) 34

An anonymous reader quotes a report from the New York Times: General Motors said Friday that it had stopped sharing details about how people drove its cars with two data brokers that created risk profiles for the insurance industry. The decision followed a New York Times report this month that G.M. had, for years, been sharing data about drivers' mileage, braking, acceleration and speed with the insurance industry. The drivers were enrolled -- some unknowingly, they said -- in OnStar Smart Driver, a feature in G.M.'s internet-connected cars that collected data about how the car had been driven and promised feedback and digital badges for good driving. Some drivers said their insurance rates had increased as a result of the captured data, which G.M. shared with two brokers, LexisNexis Risk Solutions and Verisk. The firms then sold the data to insurance companies. Since Wednesday, "OnStar Smart Driver customer data is no longer being shared with LexisNexis or Verisk," a G.M. spokeswoman, Malorie Lucich, said in an emailed statement. "Customer trust is a priority for us, and we are actively evaluating our privacy processes and policies."
Piracy

Dutch Court Orders ISP To Block 'Anna's Archive' and 'LibGen' (torrentfreak.com) 26

The Dutch pirate site blocklist has expanded with two new targets, shadow libraries Anna's Archive and Library Genesis. The court order was obtained by local anti-piracy group BREIN, acting on behalf of major publishers. Interestingly, Z-Library isn't listed in the blocking order, despite explicit warnings previously issued by BREIN. TorrentFreak reports: All blocking requests were submitted by local anti-piracy group BREIN, which acts on behalf of rightsholders. These include the major Hollywood studios but BREIN's purview is much broader. Last week, it obtained the latest blocking order, this time on behalf of the publishing industry. Issued by the Rotterdam District Court, the order requires a local Internet provider to block two well-known shadow libraries; "Anna's Archive" and "Library Genesis" (LibGen). News of this new court order was shared by BREIN which notes that both sites were found to make copyright infringing works available on a large scale. At the time of writing, a published copy is not available but, based on the covenant, all large Internet providers are expected to implement the blockades. "These types of illegal shadow libraries are very harmful. The only ones who benefit are the anonymous owners of these illegal services. Authors and publishers see no return on their efforts and investments," BREIN comments. "Copyright holders deserve an honest living. There are numerous legal ways to obtain ebooks. If desired, this can also be done very cheaply; through the library for example."

The Rotterdam court issued a so-called 'dynamic' blocking order, meaning that rightsholders can update the targeted domains and IP addresses if the sites switch to new ones in the future. This also applies to mirrors and increases the blockades' effectiveness, as there is no need to return to court. Previously, Internet provider KPN challenged these 'dynamic' orders, suggesting that they are too broad. The court rejected this argument, however, noting that the process hasn't led to any major problems thus far. BREIN further reports that Google is voluntarily offering a helping hand. As reported in detail previously, the search engine removes blocked domains from its local search results after being notified about an ISP blocking order. "The effectiveness of the blocking measure is increased because Google cooperates in combating these infringements and, at the request of BREIN, completely removes all references to websites that are blocked by order of the Dutch court from the search results," BREIN writes.

United States

DOT Wants To Know How Big Airlines Use Passenger Data (theregister.com) 11

The U.S. Department of Transportation has announced it will conduct a review of the data practices of the country's ten largest airlines, amid concerns over potential misuse of customer information for upselling, overcharging, targeted advertising, and third-party data sales, as well as the security of systems handling sensitive data such as passport numbers. From a report: The probe will look at air carriers' policies and procedures to determine if they are safeguarding personal info properly, unfairly or deceptively monetizing it, or sharing it with third parties, the agency said yesterday. If they're indeed doing anything "problematic," they can look forward to scrutiny, fines, and new rules, says the DOT. "Airline passengers should have confidence that their personal information is not being shared improperly with third parties or mishandled by employees," said US Transportation Secretary Pete Buttigieg.

"This review of airline practices is the beginning of a new initiative by DOT to ensure airlines are being good stewards of sensitive passenger data." The ten airlines going under the magnifying glass are Delta, United, American, Southwest, Alaska, JetBlue, Spirit, Frontier, Hawaiian and Allegiant.

The Courts

Texas Sues xHamster and Chaturbate (404media.co) 292

An anonymous reader quotes a report from 404 Media: Texas Attorney General Ken Paxton just sued two more porn sites, xHamster and Chaturbate, alleging they aren't complying with age verification laws. As first reported by local news outlet KXAN, the Office of the Attorney General filed two civil lawsuits on Tuesday afternoon against Hammy Media, which owns xHamster, and Multi Media, which owns Chaturbate. Texas Governor Greg Abbott signed HB 1181 into law in June, which requires porn sites to verify the ages of users through a driver's license or passport. If porn sites don't force consenting adults to hand over a government-issued ID in order to watch other consenting adults have sex on camera, they face heavy fines.

Paxton's lawsuit against xHamster asks the court to force the site to pay a civil penalty of up to $1.67 million, with an additional $10,000 a day since filing. For Chaturbate, it's $1.78 million plus $10,000 per day. Last week, Pornhub's parent company Aylo blocked anyone accessing its network of sites from a Texas IP address, and replaced its network of sites -- which include Pornhub, Brazzers, YouPorn and many more -- with a message about its rejection of age verification legislation that requires adults to show government-issued ID to access porn. [...] As of writing, xHamster and Chaturbate are still accessible in Texas and don't have requirements to verify users' ages with a government ID.

Privacy

Hackers Found a Way To Open Any of 3 Million Hotel Keycard Locks In Seconds (wired.com) 33

An anonymous reader quotes a report from Wired: When thousands of security researchers descend on Las Vegas every August for what's come to be known as "hacker summer camp," the back-to-back Black Hat and Defcon hacker conferences, it's a given that some of them will experiment with hacking the infrastructure of Vegas itself, the city's elaborate array of casino and hospitality technology. But at one private event in 2022, a select group of researchers were actually invited to hack a Vegas hotel room, competing in a suite crowded with their laptops and cans of Red Bull to find digital vulnerabilities in every one of the room's gadgets, from its TV to its bedside VoIP phone. One team of hackers spent those days focused on the lock on the room's door, perhaps its most sensitive piece of technology of all. Now, more than a year and a half later, they're finally bringing to light the results of that work: a technique they discovered that would allow an intruder to open any of millions of hotel rooms worldwide in seconds, with just two taps.

Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok. The technique is a collection of security vulnerabilities that would allow a hacker to almost instantly open several models of Saflok-brand RFID-based keycard locks sold by the Swiss lock maker Dormakaba. The Saflok systems are installed on 3 million doors worldwide, inside 13,000 properties in 131 countries. By exploiting weaknesses in both Dormakaba's encryption and the underlying RFID system Dormakaba uses, known as MIFARE Classic, Carroll and Wouters have demonstrated just how easily they can open a Saflok keycard lock. Their technique starts with obtaining any keycard from a target hotel -- say, by booking a room there or grabbing a keycard out of a box of used ones -- then reading a certain code from that card with a $300 RFID read-write device, and finally writing two keycards of their own. When they merely tap those two cards on a lock, the first rewrites a certain piece of the lock's data, and the second opens it.

Dormakaba says that it's been working since early last year to make hotels that use Saflok aware of their security flaws and to help them fix or replace the vulnerable locks. For many of the Saflok systems sold in the last eight years, there's no hardware replacement necessary for each individual lock. Instead, hotels will only need to update or replace the front desk management system and have a technician carry out a relatively quick reprogramming of each lock, door by door. Wouters and Carroll say they were nonetheless told by Dormakaba that, as of this month, only 36 percent of installed Safloks have been updated. Given that the locks aren't connected to the internet and some older locks will still need a hardware upgrade, they say the full fix will still likely take months longer to roll out, at the very least. Some older installations may take years.

AI

UN Adopts First Global Artificial Intelligence Resolution (reuters.com) 12

An anonymous reader quotes a report from Reuters: The United Nations General Assembly on Thursday unanimously adopted the first global resolution on artificial intelligence to encourage protecting personal data, monitoring AI for risks, and safeguarding human rights, U.S. officials said. The nonbinding resolution, proposed by the United States and co-sponsored by China and 121 other nations, took three months to negotiate and also advocates strengthening privacy policies, the officials said, briefing reporters before the resolution's passage. "We're sailing in choppy waters with the fast-changing technology, which means that its more important than ever to steer by the light of our values," said one of the senior administration officials, describing the resolution as the "first-ever truly global consensus document on AI."

"The improper or malicious design, development, deployment and use of artificial intelligence systems ... pose risks that could ... undercut the protection, promotion and enjoyment of human rights and fundamental freedoms," the measure says. Asked whether negotiators faced resistance from Russia or China -- U.N. member states that also voted in favor of the document -- the officials conceded there were "lots of heated conversations. ... But we actively engaged with China, Russia, Cuba, other countries that often don't see eye to eye with us on issues." "We believe the resolution strikes the appropriate balance between furthering development, while continuing to protect human rights," said one of the officials, who spoke on condition of anonymity.

The Courts

Epic, Spotify, Others Back DOJ Lawsuit Against Apple (appfairness.org) 68

The Coalition for App Fairness, an industry body that represents Epic, Spotify, Match Group and Proton among others, issued the following statement following the U.S. announcing it had sued Apple: "With today's announcement, the Department of Justice is taking a strong stand against Apple's stranglehold over the mobile app ecosystem, which stifles competition and hurts American consumers and developers alike. The DOJ complaint details Apple's long history of illegal conduct -- abusing their App Store guidelines and developer agreements to increase prices, extract exorbitant fees, degrade user experiences, and choke off competition. The DOJ joins regulators around the world, who have recognized the many harms of Apple's abusive behavior and are working to address it. As this case unfolds in the coming years more must be done now to end the anticompetitive practices of all mobile app gatekeepers. It remains imperative that Congress pass bipartisan legislation, like the Open App Markets Act, to create a free and open mobile app marketplace." Further reading: Apple Loses $115 Billion in Market Value as Regulators Close In.
Transportation

EPA Sets Strict New Limits On Tailpipe Emissions That Could Boost EV Sector (nypost.com) 282

sinij shares a report from the New York Post: The Biden administration finalized its crackdown on gas cars Wednesday, with the Environmental Protection Agency announcing drastic climate regulations meant to ensure more than two-thirds of passenger cars and light trucks sold by 2032 are electric or hybrid vehicles. The EPA rule imposes strict limits on tailpipe pollution, limits the agency says can be met if 56% of new vehicles sold in the US are electric by eight years from now, along with 13% that are plug-in hybrids or other partially electric cars. That would be a huge increase over current EV sales, which rose to 7.6% of new vehicle sales last year, up from 5.8% in 2022. [...] The new rule slows implementation of stricter pollution standards from 2027 through 2029, before ramping up to near the level the EPA preferred by 2032. "Personal car ownership is about to get A LOT more expensive as it will have to carry the costs of deep discounts to entice EV sales," adds Slashdot reader sinij.
Bitcoin

Woman With $2.5 Billion In Bitcoin Convicted of Money Laundering (bbc.co.uk) 70

mrspoonsi shares a report from the BBC: A former takeaway worker found with Bitcoin worth more than $2.5 billion has been convicted at Southwark Crown Court of a crime linked to money laundering. Jian Wen, 42, from Hendon in north London, was involved in converting the currency into assets including multi-million-pound houses and jewelry. On Monday she was convicted of entering into or becoming concerned in a money laundering arrangement. The Met said the seizure is the largest of its kind in the UK.

Although Wen was living in a flat above a Chinese restaurant in Leeds when she became involved in the criminal activity, her new lifestyle saw her move into a six-bedroom house in north London in 2017 which was rented for more than $21,000 per month. She posed as an employee of an international jewelry business and moved her son to the UK to attend private school, the Crown Prosecution Service (CPS) said. That same year, Wen tried to buy a string of expensive houses in London, but struggled to pass money-laundering checks and her claims she had earned millions legitimately mining Bitcoin were not believed. She later travelled abroad, buying jewelry worth tens of thousands of pounds in Zurich, and purchasing properties in Dubai in 2019.

Another suspect is thought to be behind the fraud but they remain at large. The Met said it carried out a large scale investigation as part of the case - searching several addresses, reviewing 48 electronic devices, and examining thousands of digital files including many which were translated from Mandarin. The CPS has obtained a freezing order from the High Court, while it carries out a civil recovery investigation that could lead to the forfeiture of the Bitcoin. The value of the Bitcoin was worth around $2.5 billion at the time of initial estimates -- but due to the fluctuation in the currency's value, it has since increased to around $4.3 billion.

Censorship

India Will Fact-Check Online Posts About Government Matters (techcrunch.com) 32

An anonymous reader quotes a report from TechCrunch: In India, a government-run agency will now monitor and undertake fact-checking for government related matters on social media even as tech giants expressed grave concerns about it last year. The Ministry of Electronics and IT on Wednesday wrote in a gazette notification that it is amending the IT Rules 2021 to cement into law the proposal to make the fact checking unit of Press Information Bureau the dedicated arbiter of truth for New Delhi matters. Tech companies as well as other firms that serve more than 5 million users in India will be required to "make reasonable efforts" to not display, store, transmit or otherwise share information that deceives or misleads users about matters pertaining to the government, the IT ministry said. India's move comes just weeks ahead of the general elections in the country. Relying on a government agency such as the Press Information Bureau as the sole source to fact-check government business without giving it a clear definition or providing clear checks and balances "may lead to misuse during implementation of the law, which will profoundly infringe on press freedom," Asia Internet Coalition, an industry group that represents Meta, Amazon, Google and Apple, cautioned last year.

Meanwhile, comedian Kunal Kamra, with support from the Editors Guild of India, cautioned that the move could create an environment that forces social media firms to welcome "a regime of self-interested censorship."
Privacy

Users Ditch Glassdoor, Stunned By Site Adding Real Names Without Consent (arstechnica.com) 101

Readers waspleg and SpzToid shared the following report: Glassdoor, where employees go to leave anonymous reviews of employers, has recently begun adding real names to user profiles without users' consent.

Glassdoor acquired Fishbowl, a professional networking app that integrated with Glassdoor last July. This acquisition meant that every Glassdoor user was automatically signed up for a Fishbowl account. And because Fishbowl requires users to verify their identities, Glassdoor's terms of service changed to require all users to be verified.

Ever since Glassdoor's integration with Fishbowl, Glassdoor's terms say that Glassdoor 'may update your Profile with information we obtain from third parties. We may also use personal data you provide to us via your resume(s) or our other services.' This effort to gather information on Fishbowl users includes Glassdoor staff consulting publicly available sources to verify information that is then used to update Glassdoor users' accounts.

Security

'Disabling Cyberattacks' Are Hitting Critical US Water Systems, White House Warns (arstechnica.com) 77

An anonymous reader quotes a report from Ars Technica: The Biden administration on Tuesday warned the nation's governors that drinking water and wastewater utilities in their states are facing "disabling cyberattacks" by hostile foreign nations that are targeting mission-critical plant operations. "Disabling cyberattacks are striking water and wastewater systems throughout the United States," Jake Sullivan, assistant to the President for National Security Affairs, and Michael S. Regan, administrator of the Environmental Protection Agency, wrote in a letter. "These attacks have the potential to disrupt the critical lifeline of clean and safe drinking water, as well as impose significant costs on affected communities." [...]

"Drinking water and wastewater systems are an attractive target for cyberattacks because they are a lifeline critical infrastructure sector but often lack the resources and technical capacity to adopt rigorous cybersecurity practices," Sullivan and Regan wrote in Tuesday's letter. They went on to urge all water facilities to follow basic security measures such as resetting default passwords and keeping software updated. They linked to this list of additional actions, published by CISA and guidance and tools jointly provided by CISA and the EPA. They went on to provide a list of cybersecurity resources available from private sector companies.

The letter extended an invitation for secretaries of each state's governor to attend a meeting to discuss better securing the water sector's critical infrastructure. It also announced that the EPA is forming a Water Sector Cybersecurity Task Force to identify vulnerabilities in water systems. The virtual meeting will take place on Thursday. "EPA and NSC take these threats very seriously and will continue to partner with state environmental, health, and homeland security leaders to address the pervasive and challenging risk of cyberattacks on water systems," Regan said in a separate statement.

AT&T

AT&T Says Leaked Data of 70 Million People Is Not From Its Systems (bleepingcomputer.com) 25

An anonymous reader quotes a report from BleepingComputer: AT&T says a massive trove of data impacting 71 million people did not originate from its systems after a hacker leaked it on a cybercrime forum and claimed it was stolen in a 2021 breach of the company. While BleepingComputer has not been able to confirm the legitimacy of all the data in the database, we have confirmed some of the entries are accurate, including those whose data is not publicly accessible for scraping. The data is from an alleged 2021 AT&T data breach that a threat actor known as ShinyHunters attempted to sell on the RaidForums data theft forum for a starting price of $200,000 and incremental offers of $30,000. The hacker stated they would sell it immediately for $1 million.

AT&T told BleepingComputer then that the data did not originate from them and that its systems were not breached. "Based on our investigation today, the information that appeared in an internet chat room does not appear to have come from our systems," AT&T told BleepingComputer in 2021. When we told ShinyHunters that AT&T said the data did not originate from them, they replied, "I don't care if they don't admit. I'm just selling." AT&T continues to tell BleepingComputer today that they still see no evidence of a breach in their systems and still believe that this data did not originate from them.

Today, another threat actor known as MajorNelson leaked data from this alleged 2021 data breach for free on a hacking forum, claiming it was the data ShinyHunters attempted to sell in 2021. This data includes names, addresses, mobile phone numbers, encrypted date of birth, encrypted social security numbers, and other internal information. However, the threat actors have decrypted the birth dates and social security numbers and added them to another file in the leak, making those also accessible. BleepingComputer has reviewed the data, and while we cannot confirm that all 73 million lines are accurate, we verified some of the data contains correct information, including social security numbers, addresses, dates of birth, and phone numbers. Furthermore, other cybersecurity researchers, such as Dark Web Informer, who first told BleepingComputer about the leaked data, and VX-Underground have also confirmed some of the data to be accurate.
Despite AT&T's statement, BleepingComputer says if you were an AT&T customer before and through 2021, it's "[safe] to assume that your data was exposed and can be used in targeted attacks."

Have I Been Pwned's Troy Hunt writes: "I have proven, with sufficient confidence, that the data is real and the impact is significant."
Patents

Nokia Tells Reddit It Infringes Some Patents in Lead-Up To IPO (bloomberg.com) 33

An anonymous reader shares a report: Reddit, the social media platform gearing up for an initial public offering this week, said Nokia has accused it of infringing some of their patents. Nokia Technologies, the company's licensing business, sent Reddit a letter on Monday with the claims, and Reddit is evaluating them, according to a filing made Tuesday. Nokia's claims come as Reddit prepares for an initial public offering in an effort to raise hundreds of millions of dollars. The company has been working toward a listing for years, and its public market debut this week is set to become a high-profile addition to the year's roster of newly and soon-to-be public companies. Reddit said in the filing: "On March 18, 2024, Nokia sent us a letter indicating they believed that Reddit infringes certain of their patents. We will evaluate their claims. As we face increasing competition and become increasingly high profile, the possibility of receiving more intellectual property claims against us grows.

In addition, various 'non-practicing entities,' and other intellectual property rights holders have asserted in the past, and may attempt to assert in the future, intellectual property claims against us and have sought, and may attempt to seek in the future, to monetize the intellectual property rights they own to extract value through licensing arrangements or other settlements."

Programming

C++ Creator Rebuts White House Warning (infoworld.com) 258

An anonymous reader quotes a report from InfoWorld: C++ creator Bjarne Stroustrup has defended the widely used programming language in response to a Biden administration report that calls on developers to use memory-safe languages and avoid using vulnerable ones such as C++ and C. In a March 15 response to an inquiry from InfoWorld, Stroustrup pointed out strengths of C++, which was designed in 1979. "I find it surprising that the writers of those government documents seem oblivious of the strengths of contemporary C++ and the efforts to provide strong safety guarantees," Stroustrup said. "On the other hand, they seem to have realized that a programming language is just one part of a tool chain, so that improved tools and development processes are essential."

Safety improvement always has been a goal of C++ development efforts, Stroustrup stressed. "Improving safety has been an aim of C++ from day one and throughout its evolution. Just compare the K&R C language with the earliest C++, and the early C++ with contemporary C++. My CppCon 2023 keynote outlines that evolution," he said. "Much quality C++ is written using techniques based on RAII (Resource Acquisition Is Initialization), containers, and resource management pointers rather than conventional C-style pointer messes." Stroustrup cited a number of efforts to improve C++ safety. "There are two problems related to safety. Of the billions of lines of C++, few completely follow modern guidelines, and peoples' notions of which aspects of safety are important differ. I and the C++ standard committee are trying to deal with that," he said. "Profiles is a framework for specifying what guarantees a piece of code requires and enable implementations to verify them. There are documents describing that on the committee's website -- look for WG21 -- and more are coming. However, some of us are not in a mood to wait for the committee's necessarily slow progress."

Profiles, Stroustrup said, "is a framework that allows us to incrementally improve guarantees -- e.g., to eliminate most range errors relatively soon -- and to gradually introduce guarantees into large code bases through local static analysis and minimal run-time checks. My long-term aim for C++ is and has been for C++ to offer type and resource safety when and where needed. Maybe the current push for memory safety -- a subset of the guarantees I want -- will prove helpful to my efforts, which are shared by many in the C++ standards committee." Stroustrup previously defended the safety of C++ against the NSA, which recommended using memory-safe languages instead of C++ and C in a November 2022 bulletin.

Government

EPA Bans Chrysotile Asbestos (apnews.com) 98

An anonymous reader quotes a report from the Associated Press: The Environmental Protection Agency on Monday announced a comprehensive ban on asbestos, a carcinogen that kills tens of thousands of Americans every year but is still used in some chlorine bleach, brake pads and other products. The final rule marks a major expansion of EPA regulation under a landmark 2016 law that overhauled regulations governing tens of thousands of toxic chemicals in everyday products, from household cleaners to clothing and furniture. The new rule would ban chrysotile asbestos, the only ongoing use of asbestos in the United States. The substance is found in products such as brake linings and gaskets and is used to manufacture chlorine bleach and sodium hydroxide, also known as caustic soda, including some that is used for water purification. [...]

The 2016 law authorized new rules for tens of thousands of toxic chemicals found in everyday products, including substances such as asbestos and trichloroethylene that for decades have been known to cause cancer yet were largely unregulated under federal law. Known as the Frank Lautenberg Chemical Safety Act, the law was intended to clear up a hodgepodge of state rules governing chemicals and update the Toxic Substances Control Act, a 1976 law that had remained unchanged for 40 years. The EPA banned asbestos in 1989, but the rule was largely overturned by a 1991 Court of Appeals decision that weakened the EPA's authority under TSCA to address risks to human health from asbestos or other existing chemicals. The 2016 law required the EPA to evaluate chemicals and put in place protections against unreasonable risks. Asbestos, which was once common in home insulation and other products, is banned in more than 50 countries, and its use in the U.S. has been declining for decades. The only form of asbestos known to be currently imported, processed or distributed for use in the U.S. is chrysotile asbestos, which is imported primarily from Brazil and Russia. It is used by the chlor-alkali industry, which produces bleach, caustic soda and other products. Most consumer products that historically contained chrysotile asbestos have been discontinued. While chlorine is a commonly used disinfectant in water treatment, there are only eight chlor-alkali plants in the U.S. that still use asbestos diaphragms to produce chlorine and sodium hydroxide. The plants are mostly located in Louisiana and Texas.

The use of asbestos diaphragms has been declining and now accounts for less than one-third of the chlor-alkali production in the U.S., the EPA said. The EPA rule will ban imports of asbestos for chlor-alkali as soon as the rule is published but will phase in prohibitions on chlor-alkali use over five or more years to provide what the agency called "a reasonable transition period." A ban on most other uses of asbestos will effect in two years. A ban on asbestos in oilfield brake blocks, aftermarket automotive brakes and linings and other gaskets will take effect in six months. The EPA rule allows asbestos-containing sheet gaskets to be used until 2037 at the U.S. Department of Energy's Savannah River Site in South Carolina to ensure that safe disposal of nuclear materials can continue on schedule. Separately, the EPA is also evaluating so-called legacy uses of asbestos in older buildings, including schools and industrial sites, to determine possible public health risks. A final risk evaluation is expected by the end of the year.

Piracy

BitTorrent Is No Longer the 'King' of Upstream Internet Traffic (torrentfreak.com) 37

An anonymous reader quotes a report from TorrentFreak: Back in 2004, in the pre-Web 2.0 era, research indicated that BitTorrent was responsible for an impressive 35% of all Internet traffic. At the time, file-sharing via peer-to-peer networks was the main traffic driver as no other services consumed large amounts of bandwidth. Fast-forward two decades and these statistics are ancient history. With the growth of video streaming, including services such as YouTube, Netflix, and TikTok, file-sharing traffic is nothing more than a drop in today's data pool. [...]

This week, Canadian broadband management company Sandvine released its latest Global Internet Phenomena Report which makes it clear that BitTorrent no longer leads any charts. The latest data show that video and social media are the leading drivers of downstream traffic, accounting for more than half of all fixed access and mobile data worldwide. Needless to say, BitTorrent is nowhere to be found in the list of 'top apps'. Looking at upstream traffic, BitTorrent still has some relevance on fixed access networks where it accounts for 4% of the bandwidth. However, it's been surpassed by cloud storage apps, FaceTime, Google, and YouTube. On mobile connections, BitTorrent no longer makes it into the top ten. The average of 46 MB upstream traffic per subscriber shouldn't impress any file-sharer. However, since only a small percentage of all subscribers use BitTorrent, the upstream traffic per user is of course much higher.

Businesses

32-Hour Workweek for America Proposed by Senator Bernie Sanders (theguardian.com) 390

The Guardian reports that this week "Bernie Sanders, the independent senator from Vermont who twice ran for the Democratic presidential nomination, introduced a bill to establish a four-day US working week." "Moving to a 32-hour workweek with no loss of pay is not a radical idea," Sanders said on Thursday. "Today, American workers are over 400% more productive than they were in the 1940s. And yet millions of Americans are working longer hours for lower wages than they were decades ago. "That has got to change. The financial gains from the major advancements in artificial intelligence, automation and new technology must benefit the working class, not just corporate chief executives and wealthy stockholders on Wall Street.

"It is time to reduce the stress level in our country and allow Americans to enjoy a better quality of life. It is time for a 32-hour workweek with no loss in pay."

The proposed bill "has received the endorsement of the American Federation of Labor and Congress of Industrial Organizations, United Auto Workers, the Service Employees International Union, the Association of Flight Attendants" — as well as several other labor unions, reports USA Today: More than half of adults employed full time reported working more than 40 hours per week, according to a 2019 Gallup poll... More than 70 British companies started to test a four-day workweek last year, and most respondents reported there has been no loss in productivity.
A statement from Senator Sanders: Bill Gates, the founder of Microsoft, and Jamie Dimon, the CEO of JP Morgan Chase, predicted last year that advancements in technology would lead to a three or three-and-a-half-day workweek in the coming years. Despite these predictions, Americans now work more hours than the people of most other wealthy nations, but are earning less per week than they did 50 years ago, after adjusting for inflation.
"Sanders also pointed to other countries that have reduced their workweeks, such as France, Norway and Denmark," adds NBC News.

USA Today notes that "While Sanders' role as chair of the Senate Health, Education, Labor, and Pensions Committee places a greater focus on shortening the workweek, it is unlikely the bill will garner enough support from Republicans to become federal law and pass in both chambers."

And political analysts who spoke to ABC News "cast doubt on the measure's chances of passage in a divided Congress where opposition from Republicans is all but certain," reports ABC News, "and even the extent of support among Democrats remains unclear."
Government

Why Oregon's Drug Decriminalization Failed (msn.com) 194

In 2020 Oregon passed Measure 110, decriminalizing possession of small amounts of drugs.

But now "America's most radical experiment with drug decriminalization has ended," writes the Atlantic, "after more than three years of painful results." Oregon Governor Tina Kotek has pledged to sign legislation repealing the principal elements of the ballot initiative... Possessing hard drugs is again a crime in Oregon, and courts will return to mandating treatment for offenders. Oregonians had supported Measure 110 with 59 percent of the vote in 2020, but three years later, polling showed that 64 percent wanted some or all of it repealed...

More than $260 million were allocated to services such as naloxone distribution, employment and housing services, and voluntary treatment... Once drugs were decriminalized and destigmatized, the thinking went, those who wanted to continue using would be more willing to access harm-reduction services that helped them use in safer ways. Meanwhile, the many people who wanted to quit using drugs but had been too ashamed or fearful to seek treatment would do so. Advocates foresaw a surge of help-seeking, a reduction in drug-overdose deaths, fewer racial disparities in the health and criminal-justice systems, lower rates of incarceration, and safer neighborhoods for all...

Measure 110 did not reduce Oregon's drug problems. The drug-overdose-death rate increased by 43 percent in 2021, its first year of implementation — and then kept rising. The latest CDC data show that in the 12 months ending in September 2023, deaths by overdose grew by 41.6 percent, versus 2.1 percent nationwide. No other state saw a higher rise in deaths... Neither did decriminalization produce a flood of help-seeking. The replacement for criminal penalties, a $100 ticket for drug possession with the fine waived if the individual called a toll-free number for a health assessment, with the aim of encouraging treatment, failed completely. More than 95 percent of people ignored the ticket, for which — in keeping with the spirit of Measure 110 — there was no consequence. The cost of the hotline worked out to about $7,000 per completed phone call, according to The Economist. These realities, as well as associated disorder such as open-air drug markets and a sharp rise in violent crime — while such crime was falling nationally — led Oregonians to rethink their drug policy.

The article notes that Oregon was the first U.S. state to decriminalize marijuana back in 1973, and had long shown low rates of imprisonment for non-violent crimes (diverting offenders into so-called "drug courts" which could mandate treatment or order court-directed supervision). "However, after Measure 110 was passed and the threat of jail time eliminated, the flow of people into these programs slowed."

But "One thing Measure 110 got right, at least in principle, is that Oregon's addiction-treatment system was grossly underfunded," the article concludes. And it adds that the newly-passed law now "provides extensive new funding for immediate needs, including detox facilities, sobering centers, treatment facilities, and the staff to support those services."

They recommend other states adopt "adequately funded, evidence-based prevention and treatment" — and instead of punitive incarcerations, "use criminal justice productively to discourage drug use."
China

EFF Opposes America's Proposed TikTok Ban (eff.org) 67

A new EFF web page is urging U.S. readers to "Tell Congress: Stop the TikTok Ban," arguing the bill will "do little for its alleged goal of protecting our private information and the collection of our data by foreign governments." Tell Congress: Instead of giving the President the power to ban entire social media platforms based on their country of origin, our representatives should focus on what matters — protecting our data no matter who is collecting it... It's a massive problem that current U.S. law allows for all the big social media platforms to harvest and monetize our personal data, including TikTok. Without comprehensive data privacy legislation, this will continue, and this ban won't solve any real or perceived problems. User data will still be collected by numerous platforms and sold to data brokers who sell it to the highest bidder — including governments of countries such as China — just as it is now.

TikTok raises special concerns, given the surveillance and censorship practices of the country that its parent company is based in, China. But it's also used by hundreds of millions of people to express themselves online, and is an instrumental tool for community building and holding those in power accountable. The U.S. government has not justified silencing the speech of Americans who use TikTok, nor has it justified the indirect speech punishment of a forced sale (which may prove difficult if not impossible to accomplish in the required timeframe). It can't meet the high constitutional bar for a restriction on the platform, which would undermine the free speech and association rights of millions of people. This bill must be stopped.

Slashdot Top Deals