Today, the New York Times announced that it is ending its partnership with Apple News and removing its articles from the platform. Engadget reports: The issue seems to be that while other services, like Google News, send readers to publishers' websites, Apple News generally keeps readers in the app. Or, as NYT puts it, Apple's approach does not align with The Times' goal of building direct relationships with paying readers. "Core to a healthy model between The Times and the platforms is a direct path for sending those readers back into our environments, where we control the presentation of our report, the relationships with our readers, and the nature of our business rules," Meredith Kopit Levien, The Times' chief operating officer, wrote in a memo to employees. "Our relationship with Apple News does not fit within these parameters."

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Nearly 20 years after its initial release, a hacker has found a way to run homebrew software on an unmodified PlayStation 2 using nothing but a carefully burned DVD-ROM. Previous efforts to hack the PS2 relied on internal modifications, external hardware (like pre-hacked memory cards and hard drives), or errors found only on very specific models of the system. The newly discovered FreeDVDBoot differs from this previous work by exploiting an error in the console's DVD video player to create a fully software-based method for running arbitrary code on the system. Security researcher CTurt laid out the FreeDVDBoot discovery and method in detail in a blog post this weekend. By decrypting and analyzing the code used for the PS2's DVD player, CTurt found a function that expects a 16-bit string from a properly formatted DVD but will actually easily accept over 1.5 megabytes from a malicious source. Sending carefully formatted data to that function causes a buffer overflow that in turn triggers another badly written function to tell the system to jump to an area of memory with arbitrary, attacker-written code. That code can then tell the system to load an ELF file written to a burned DVD-R in the system. Building on previous PS2 homebrew efforts like uLaunchELF, it's relatively simple to use that DVD-R to load homebrew software or even full copies of otherwise copy-protected PS2 games. The exploit is currently limited to very specific versions of the PS2's DVD player firmware (as of press time, firmwares 3.10 and 3.11, when set to "English") found in later editions of the console and won't work in earlier systems. But CTurt writes that he's "confident that all other versions also contain these same trivial IFO parsing buffer overflows" and can be exploited with broadly similar methods. The possibility of similar hacks through the Blu-ray player on the PS3 and PS4 (or the CD player on the PS1) are also being examined by the community.

Read more of this story at Slashdot.

Microsoft suspended its advertising on Facebook and Instagram in the U.S. in May and recently expanded that to a global pause, according to an internal chat transcript seen by Axios. From a report: Unlike the many advertisers who recently joined a Facebook boycott,, Microsoft is concerned about where its ads are shown, not Facebook's policies. But the move still means yet another big advertiser is not spending on Facebook right now. "Based on concerns we had back in May we suspended all media spending on Facebook/Instagram in the US and we've subsequently suspended all spending on Facebook/Instagram worldwide," Microsoft CMO Chris Capossela said in an internal Yammer post, responding to an employee's question. The transcript did not specifically say what content Microsoft objected to its ads appearing next to, but as examples of "inappropriate content" it cited examples of "hate speech, pornography, terrorist content, etc."

Read more of this story at Slashdot.

Amazon on Monday said it's paying out $500 million in one-time bonuses to front-line employees -- those most at risk of contracting the coronavirus -- who worked for the company through June. From a report: The move is an apparent reversal for the company following weeks of criticism for it cutting its coronavirus hazard pay even as the pandemic has continued. Amazon had eliminated its $2-an-hour hazard pay for workers at the start of June, after it first instituted the higher wages in mid-March. That hazard pay increases had already cost the company hundreds of millions of dollars. "Our front-line operations teams have been on an incredible journey over the last few months, and we want to show our appreciation with a special one-time thank you bonus," Dave Clark, the company's SVP for worldwide operations, wrote in a note to workers Monday. Full-time Amazon workers, Whole Foods employees and Delivery Service Partner drivers will get $500, while their part-time counterparts will receive $250. Amazon and Whole Foods employees in leadership positions will get $1,000, Delivery Service Partner owners will get $3,000 and Amazon Flex drivers who worked more than 10 hours in June will each get $150.

Read more of this story at Slashdot.

A decision that Apple unilaterally took in February 2020 has reverberated across the browser landscape and has effectively strong-armed the Certificate Authority industry into bitterly accepting a new default lifespan of 398 days for TLS certificates. From a report: Following Apple's initial announcement, Mozilla and Google have stated similar intentions to implement the same rule in their browsers. Starting with September 1, 2020, browsers and devices from Apple, Google, and Mozilla will show errors for new TLS certificates that have a lifespan greater than 398 days. The move is an important one because it not only changes how a core part of the internet works -- TLS certificates -- but also because it breaks away from normal industry practices and the cooperation between browsers and CAs. Known as the CA/B Forum, this is an informal group made up of Certificate Authorities (CAs), the companies that issue TLS certificates used to support HTTPS traffic, and browser makers. Since 2005, this group has been making the rules on how TLS certificates should be issued and how browsers are supposed to manage and validate them.

Read more of this story at Slashdot.

Twitch has temporarily banned President Donald Trump, in the latest surprise and high-profile suspension from the streaming service. Trump's account was banned for "hateful conduct" that was aired on stream, and Twitch says the offending content has now been removed. From a report: One of the streams in question was a rebroadcast of Trump's infamous kickoff rally, where he said that Mexico was sending rapists to the United States. Twitch also flagged racist comments at Trumpâ(TM)s recent rally in Tulsa. "Like anyone else, politicians on Twitch must adhere to our Terms of Service and Community Guidelines. We do not make exceptions for political or newsworthy content, and will take action on content reported to us that violates our rules," a Twitch spokesperson told The Verge. The statement was originally issued last year when Trump's channel was launched.

Read more of this story at Slashdot.

Reddit first launched as an online discussion site in June 2005. Now, 15 years later, it has finally taken action to officially ban hate speech and groups that promote it. From a report: A revised Reddit content policy, announced Monday, explicitly states that groups or users that "incite violence or that promote hate based on identity or vulnerabilityâ are prohibited. âoeEveryone has a right to use Reddit free of harassment, bullying and threats of violence," it says. With the updated content policy, Reddit is initially banning about 2,000 subreddits, most of which are inactive, the company said. Included in the purge is The_Donald, a pro-Donald Trump forum notorious for users posting racist, misogynistic, anti-Islam and anti-Semitic content. In 2015, Reddit adopted a new content policy and banned several blatantly racist subreddits. But until today, the official rules still did not explicitly forbid hate or racist forums. Reddit CEO/co-founder Steve Huffman, in an post about the new policy, said âoeI admit we have fallen shortâ in supporting the siteâ(TM)s communities and moderators with respect to adopting a comprehensive anti-hate policy.

Read more of this story at Slashdot.

The global total of deaths passed 500,000 on Sunday, while the number of confirmed cases surpassed 10 million. From a report: The grim markers were hit as countries around the world struggle to keep new infections from reaching runaway levels while simultaneously trying to emerge from painful lockdowns. In April, roughly a month after the World Health Organization declared the outbreak a pandemic, deaths topped 100,000. In early May, the figure climbed to 250,000. Now it has doubled in less than two months. More than a quarter of all known deaths have been in the United States. The number of confirmed infections -- which took about 40 days to double -- may be substantially underestimated, public health officials say. Data released last week by the Centers for Disease Control and Prevention indicated that the actual figures in many regions are probably 10 times as high as reported.

Read more of this story at Slashdot.

The Indian government on Monday evening said it was banning 59 apps developed by Chinese firms over concerns that these apps were "engaged in activities which is prejudicial to sovereignty and integrity of India, defence of India, and security of state and public order" in what is the latest standoff between the two most populated nations in the world. From a report: ByteDance's TikTok, which counts India as its biggest market, Community and Video Call apps from Xiaomi, which is the top smartphone vendor in India, UC Browser, UC News, Shareit, CM Browser, Club Factory (India's third-largest e-commerce firm), ES File Explorer are among the 59 apps that India's Ministry of Electronics and IT have ordered to ban. "The Computer Emergency Response Team (CERT-IN) has also received many representations from citizens regarding security of data and breach of privacy impacting upon public order issues," the Indian government agency said.

Read more of this story at Slashdot.

Not wearing a mask is like not wearing pants.

Google will expand free shopping results from a narrow experiment in its shopping tab to the main search engine, dramatically expanding their reach. From a report: The company announced the move today in a blog post written by commerce president Bill Ready. The shift is part of a continuous move away from paid search results and follows a trend of users searching more for information on subjects like the coronavirus and less for products. At the same time, advertisers have been cutting spending as the pandemic takes an economic toll. Ready attributed the move to Google's desire to help sellers and buyers connect and noted that it remains difficult for users to find what they need online in terms of product, price, and seller reputation. Likewise, digital remains a challenge for many small businesses, even as shoppers continue to gravitate toward online purchasing. "It's crucial that we help people find all the best options available and help merchants more easily connect with consumers online," Ready wrote.

Read more of this story at Slashdot.

I try to keep focused on the bigger picture, and let the small stuff be background noise.

In October of last year, before impeachment, I proposed a permanent citizen's occupation of DC. 100K people constantly in protest in DC, rain or shine, 365 days a year, until Trump is gone. On a rotating basis. No one signs up for more than one day. Never more than 100K. Keep a constant presence there for the Democrats and Republicans to remember. To be in the way. To be loud and obnoxious. To help them remember who they work for.

Apple said last week that it declined to implement 16 new web technologies (Web APIs) in Safari because they posed a threat to user privacy by opening new avenues for user fingerprinting. Technologies that Apple declined to include in Safari because of user fingerprinting concerns include: Web Bluetooth - Allows websites to connect to nearby Bluetooth LE devices. Web MIDI API - Allows websites to enumerate, manipulate and access MIDI devices. Magnetometer API - Allows websites to access data about the local magnetic field around a user, as detected by the device's primary magnetometer sensor. Web NFC API - Allows websites to communicate with NFC tags through a device's NFC reader. Device Memory API - Allows websites to receive the approximate amount of device memory in gigabytes. Network Information API - Provides information about the connection a device is using to communicate with the network and provides a means for scripts to be notified if the connection type changes. Battery Status API - Allows websites to receive information about the battery status of the hosting device. Web Bluetooth Scanning - Allows websites to scan for nearby Bluetooth LE devices. Ambient Light Sensor - Lets websites get the current light level or illuminance of the ambient light around the hosting device via the device's native sensors. [...] The vast majority of these APIs are only implemented in Chromium-based browsers, and very few on Mozilla's platform. Apple claims that the 16 Web APIs above would allow online advertisers and data analytics firms to create scripts that fingerprint users and their devices.

Read more of this story at Slashdot.

People who love outliners, esp MORE from 30 years ago on the Mac, we could have an outliner renaissance on the web, now. I have a great lab for development, and the core outliner in JavaScript is open source. I've always felt every app should have a nice outliner built-in. Let's have fun!