>Netflix has managed to annoy a good number of its users with an announcement about an upcoming update to its Windows 11 (and Windows 10) app: support for adverts and live events will be added, but the ability to download content is being taken away.

>Netflix must realize that it's a huge frustration for people who relied on offline downloads to watch content without internet access: on planes, trains, and campsites, and anywhere else where Wi-Fi is unavailable or unreliable.

>There's a small chance that Netflix will change its mind if it gets enough complaints, but the streaming service seems determined to add as many money-making features as possible, while taking away genuinely useful ones.

>Microsoft is trying to restore Bing as the default search engine on users' browsers by spinning it as a "repair" through a utility app called PC Manager. > >PC Manager is designed to boost a Windows PC's performance by freeing up memory and eliminating unused apps and files. It offers "Health check" and "Repair tips" buttons, which users can click on to see the recommended actions. > >However, Windows Latest noticed the app pushing a curious recommendation: Both Repair tips and Health check nudge you to restore Bing as the default search engine on the Edge browser.

>A feature Google demoed at its I/O confab yesterday, using its generative AI technology to scan voice calls in real time for conversational patterns associated with financial scams, has sent a collective shiver down the spines of privacy and security experts who are warning the feature represents the thin end of the wedge. They warn that, once client-side scanning is baked into mobile infrastructure, it could usher in an era of centralized censorship.

>Apple abandoned a plan to deploy client-side scanning for CSAM in 2021 after a huge privacy backlash. However, policymakers have continued to heap pressure on the tech industry to find ways to detect illegal activity taking place on their platforms. Any industry moves to build out on-device scanning infrastructure could therefore pave the way for all-sorts of content scanning by default — whether government-led or related to a particular commercial agenda.

>Meredith Whittaker, president of the U.S.-based encrypted messaging app Signal, warned: “This is incredibly dangerous. It lays the path for centralized, device-level client side scanning. > >“From detecting ‘scams’ it’s a short step to ‘detecting patterns commonly associated w[ith] seeking reproductive care’ or ‘commonly associated w[ith] providing LGBTQ resources’ or ‘commonly associated with tech worker whistleblowing.’”

>Google’s AI model will potentially listen in on all your phone calls — or at least ones it suspects are coming from a fraudster. > >To protect the user’s privacy, the company says Gemini Nano operates locally, without connecting to the internet. “This protection all happens on-device, so your conversation stays private to you. We’ll share more about this opt-in feature later this year,” the company says.

>“This is incredibly dangerous,” says Meredith Whittaker, the president of a foundation for the end-to-end encrypted messaging app Signal. > >Whittaker —a former Google employee— argues that the entire premise of the anti-scam call feature poses a potential threat. That’s because Google could potentially program the same technology to scan for other keywords, like asking for access to abortion services. > >“It lays the path for centralized, device-level client-side scanning,” she said in a post on Twitter/X. “From detecting 'scams' it's a short step to ‘detecting patterns commonly associated w/ seeking reproductive care’ or ‘commonly associated w/ providing LGBTQ resources' or ‘commonly associated with tech worker whistleblowing.’”

• Arizona's Attorney General, Kris Mayes, filed two lawsuits against Amazon on Wednesday for allegedly engaging in deceptive business practices and maintaining monopoly status. The first lawsuit accuses the company of using dark patterns to keep users from canceling their Amazon Prime subscriptions, violating Arizona's Consumer Fraud Act. This is similar to a complaint filed by the Federal Trade Commission (FTC) against Amazon in June.

• The second lawsuit alleges that Amazon unfairly maintains its monopoly status through agreements with third-party sellers that restrict them from offering lower prices off of the platform than they do on Amazon, violating Arizona's Uniform State Antitrust Act. This practice has also been targeted by other state attorneys general in cases filed against Amazon.

• Additionally, the lawsuit accuses Amazon's Buy Box algorithm of being biased towards first-party retail offers or sellers who participate in Fulfillment By Amazon, leading consumers to overpay for items that are available at lower prices from other sellers on Amazon. This aspect is also reflected in the FTC's recent antitrust lawsuit against Amazon, which has been joined by more than a dozen state attorneys general.

• Arizona seeks to stop Amazon from engaging in these allegedly deceptive and anticompetitive practices and award civil penalties and disgorgement of ill-gotten gains.

>The Federal Trade Commission's Office of Technology has issued a warning to automakers that sell connected cars. Companies that offer such products "do not have the free license to monetize people’s information beyond purposes needed to provide their requested product or service," it wrote in a blog post on Tuesday. Just because executives and investors want recurring revenue streams, that does not "outweigh the need for meaningful privacy safeguards," the FTC wrote.

>In 2023, the Mozilla Foundation published an extensive report examining the various automakers' policies regarding the use of data from connected cars; the report concluded that "cars are the worst product category we have ever reviewed for privacy."

>The FTC is not taking specific action against any automaker at this point. Instead, the blog post is meant to be a warning to the industry. It says that "connected cars have been on the FTC's radar for years," although the agency appears to have done very little other than hold workshops in 2013 and 2018, as well as publishing guidance for consumers reminding them to wipe the data from their cars before selling them.

>The FTC says the easiest way to comply is to not collect the data in the first place.

>With the latest version of Firefox for U.S. desktop users, we’re introducing a new way to measure search activity broken down into high level categories. This measure is not linked with specific individuals and is further anonymized using a technology called OHTTP to ensure it can’t be connected with user IP addresses. > >Let’s say you’re using Firefox to plan a trip to Spain and search for “Barcelona hotels.” Firefox infers that the search results fall under the category of “travel,” and it increments a counter to calculate the total number of searches happening at the country level. > >Here’s the current list of categories we’re using: animals, arts, autos, business, career, education, fashion, finance, food, government, health, hobbies, home, inconclusive, news, real estate, society, sports, tech and travel. > >Having an understanding of what types of searches happen most frequently will give us a better understanding of what’s important to our users, without giving us additional insight into individual browsing preferences. This helps us take a step forward in providing a browsing experience that is more tailored to your needs, without us stepping away from the principles that make us who we are. > >We understand that any new data collection might spark some questions. Simply put, this new method only categorizes the websites that show up in your searches — not the specifics of what you’re personally looking up. > >Sensitive topics, like searching for particular health care services, are categorized only under broad terms like health or society. Your search activities are handled with the same level of confidentiality as all other data regardless of any local laws surrounding certain health services. > >Remember, you can always opt out of sending any technical or usage data to Firefox. Here’s a step-by-step guide on how to adjust your settings. We also don’t collect category data when you use Private Browsing mode on Firefox.

>The Copy Without Site Tracking option can now remove parameters from nested URLs. It also includes expanded support for blocking over 300 tracking parameters from copied links, including those from major shopping websites. Keep those trackers away when sharing links!

>Telemetry was added to create an aggregate count of searches by category to broadly inform search feature development. These categories are based on 20 high-level content types, such as "sports,” "business," and "travel". This data will not be associated with specific users and will be collected using OHTTP to remove IP addresses as potentially identifying metadata. No profiling will be performed, and no data will be shared with third parties. (read more)

>The Copy Without Site Tracking option can now remove parameters from nested URLs. It also includes expanded support for blocking over 300 tracking parameters from copied links, including those from major shopping websites. Keep those trackers away when sharing links!

Release Notes

>The study (PDF), published this month by University of Chicago and University of Michigan researchers and reported by The Washington Post on Sunday, says: > >In this paper, we provide causal evidence that RTO mandates at three large tech companies—Microsoft, SpaceX, and Apple—had a negative effect on the tenure and seniority of their respective workforce. In particular, we find the strongest negative effects at the top of the respective distributions, implying a more pronounced exodus of relatively senior personnel.

>Dell, Amazon, Google, Meta, and JPMorgan Chase have tracked employee badge swipes to ensure employees are coming into the office as often as expected. Dell also started tracking VPN usage this week and has told workers who work remotely full time that they can't get a promotion.

>Some company leaders are adamant that remote work can disrupt a company's ability to innovate. However, there's research suggesting that RTO mandates aren't beneficial to companies. A survey of 18,000 Americans released in March pointed to flexible work schedules helping mental health. And an analysis of 457 S&P 500 companies in February found RTO policies hurt employee morale and don't increase company value.

>Microsoft's announcement: "We are introducing a new Game Pass recommendation card on the Settings homepage. The Game Pass recommendation card on Settings Homepage will be shown to you if you actively play games on your PC. As a reminder – the Settings homepage will be shown only on the Home and Pro editions of Windows 11 and if you’re signed into Windows with your Microsoft account."

>The new open ecosystem of extensions on Firefox for Android launched in December with just over 400 extensions. Less than five months later we’ve surpassed 1,000 Firefox for Android extensions. That’s an impressive achievement by this developer community! It’s exciting to see so many developers embrace the opportunity to explore new creative possibilities for mobile browser customization.

>What are some of your favorite new Firefox for Android extensions?

>EA has tried this before, with predictable results. In 2020, EA Sports UFC 4 included full-screen ads for the Amazon Prime series The Boys that would appear during 'Replay' moments. These were absent from the game when it launched, with EA introducing the ads about a month later, thereby preventing them from being highlighted in reviews. It wasn't long before the backlash led to EA disabling the ads.

• Mullvad VPN's blog post: DNS traffic can leak outside the VPN tunnel on Android >Identified scenarios where the Android OS can leak DNS traffic: >- If a VPN is active without any DNS server configured. >- For a short period of time while a VPN app is re-configuring the tunnel or is being force stopped/crashes. > >The leaks seem to be limited to direct calls to the C function getaddrinfo. > >The above applies regardless of whether Always-on VPN and Block connections without VPN is enabled or not, which is not expected OS behavior and should therefore be fixed upstream in the OS. > >We’ve been able to confirm that these leaks occur in multiple versions of Android, including the latest version (Android 14). > >We have reported the issues and suggested improvements to Google and hope that they will address this quickly.

• GrapheneOS 2024050900 release changelog announcement: >prevent app-based VPN implementations from leaking DNS requests when the VPN is down/connecting (this is a preliminary defense against this issue and more research is required, along with apps preventing the leaks on their end or they'll still have leaks outside of GrapheneOS)

>After reversing its position on remote work, Dell is reportedly implementing new tracking techniques on May 13 to ensure its workers are following the company's return-to-office (RTO) policy, The Register reported today, citing anonymous sources.

>Dell will track employees' badge swipes and VPN connections to confirm that workers are in the office for a significant amount of time.

>Dell's methods for tracking hybrid workers will also reportedly include a color-coding system. From "consistent" to "limited" presence, the colors are blue, green, yellow, and red.

>The Register reported today that approximately 50 percent of Dell's US workers are remote, compared to 66 percent of international workers.

>An examination of 457 companies on the S&P 500 list released in February concluded that RTO mandates don't drive company value but instead negatively affect worker morale. Analysis of survey data from more than 18,000 working Americans released in March found that flexible workplace policies, including the ability to work remotely completely or part-time and flexible schedules, can help employees' mental health.

>Even if you have encrypted your traffic with a VPN (or the Tor Network), advanced traffic analysis is a growing threat against your privacy. Therefore, we now introduce DAITA.

>Through constant packet sizes, random background traffic and data pattern distortion we are taking the first step in our battle against sophisticated traffic analysis.

>Even if you have encrypted your traffic with a VPN (or the Tor Network), advanced traffic analysis is a growing threat against your privacy. Therefore, we now introduce DAITA.

>Through constant packet sizes, random background traffic and data pattern distortion we are taking the first step in our battle against sophisticated traffic analysis.

>In February, HouseFresh managing editor Gisele Navarro called out publishers like BuzzFeed and Rolling Stone as some of the culprits that publish content about air purifiers despite a lack of expertise — but Google rewards these sites with high rankings all the same. The result is a search results page filled with SEO-first content, designed to do not much more than rank highly on Google.

>In a piece published today, she says HouseFresh has “virtually disappeared” from search results: search traffic has decreased 91 percent in recent months, from around 4,000 visitors a day in October 2023 to 200 a day today.

>“We lost rankings we held for months (and sometimes years) for articles that are constantly being updated and improved based on findings from our first-hand and in-depth testing, our long-term experience with the products, and feedback from our readers,” Navarro writes. “Our article [previously ranked at #2] is now buried deep beneath sponsored posts, Quora advice from 2016, best-of lists from big media sites, and no less than 64 Google Shopping product listings. Sixty. Four.”

>SEO-first affiliate content is being deployed ruthlessly at countless sites.

>There is no obvious editorial necessity for Forbes to write articles like “Top 20 Largest Dog Breeds” or “What Fruits Can Dogs Eat?” — until you take a look at the sidebar of these stories, which are filled with dozens of affiliate links for pet insurance that Forbes gets a kickback from every time someone signs up.

>Last year, when CNET was discovered to be using artificial intelligence tools to produce dozens of stories, it was SEO-heavy “evergreen” articles it focused on first. In the cases of Sports Illustrated and USA Today’s AI content debacles, it also was product reviews that were being churned out using automation tools.

>The aggressive targeting of top Google search spots — with or without AI — by big media outlets affects small sites like HouseFresh the most. A significant loss of traffic for independent publishers is often enough to shutter an outlet entirely.

>Below is a look at the most exasperating news from streaming services from this week. The scale of this article demonstrates how fast and frequently disappointing streaming news arises. Coincidentally, as we wrote this article, another price hike was announced.

>We'll also examine each streaming platform's financial status to get an idea of what these companies are thinking (spoiler: They're thinking about money).

>Netflix starts killing its cheapest ad-free plan in June

>Sony bumps Crunchyroll prices weeks after shuttering Funimation

>Peacock is raising prices

>Fubo cuts 19 channels

>In a seemingly desperate push, many streaming services prioritize revenue and profits ahead of building the best streaming service for customers.

>We could go on about how this might force people to reconsider their subscriptions, but we should publish before another service makes yet another policy change.