An anonymous reader quotes a report from The Register: A law firm acting on behalf of the Nevada Attorney General Aaron Ford has asked a state court to issue a temporary restraining order (TRO) denying minors access to encrypted communication in Meta's Messenger application. The motion for a TRO follows AG's Ford announcement of civil lawsuits on January 30, 2024 against five social media companies, including Meta [PDF], alleging the companies deceptively marketed their services to young people through algorithms that were designed to promote addiction. Nevada was not a party to the two multi-district lawsuits filed against Meta last October by 42 State Attorney General over claims that the social media company knowingly ignored evidence that its Facebook and Instagram services contribute to the mental harm of children and teens. Meta, which lately has been investing in virtual reality and large language models, is also being sued by hundreds of school districts around the US.

The Nevada court filing to obtain a TRO follows from AG Ford's initial complaint. The legal claim cites a statement from the National Center for Missing and Exploited Children that argues Meta's provision of end-to-end encryption in Messenger "without exceptions for child sexual abuse material placed millions of children in grave danger." The initial complaint's presumably supporting claims, however, have been redacted in the publicly viewable copy of the document. The motion for a TRO, which also contains redactions, contends that Meta -- by encrypting Messenger -- has thwarted state officials from enforcing the Nevada Unfair and Deceptive Trade Practices Act. "With this Motion, the State seeks to enjoin Meta from using end-to-end encryption (also called 'E2EE') on Young Users' Messenger communications within the State of Nevada," the court filing says. "This conduct -- which renders it impossible for anyone other than a private message's sender and recipient to know what information the message contains -- serves as an essential tool of child predators and drastically impedes law enforcement efforts to protect children from heinous online crimes, including human trafficking, predation, and other forms of dangerous exploitation."

Meta enabled E2EE by default for all users of Messenger in December 2023. But according to the motion for a TRO, "Meta's end-to-end-encryption stymies efforts by Nevada law enforcement, causing needless delay and even risking the spoliation of critical pieces of necessary evidence in criminal prosecutions." The injunction, if granted, would require Meta to disable E2EE for all Messenger users under 18 in Nevada. Presumably that would also affect minors using Messenger who are visiting the Silver State.

Apple is rolling out an upgrade to its iMessage texting platform to defend against future encryption-breaking technologies. From a report: The new protocol, known as PQ3, is another sign that U.S. tech firms are bracing for a potential future breakthrough in quantum computing that could make current methods of protecting users' communications obsolete. "More than simply replacing an existing algorithm with a new one, we rebuilt the iMessage cryptographic protocol from the ground up," an Apple blog post published on Wednesday reads. "It will fully replace the existing protocol within all supported conversations this year."

The Cupertino, California-based iPhone maker says its encryption algorithms are state-of-the-art and that it has found no evidence so far of a successful attack on them. Still, government officials and scientists are concerned that the advent of quantum computers, advanced machines that tap in to the properties of subatomic particles, could suddenly and dramatically weaken those protections. Late last year, a Reuters investigation explored how the United States and China are racing to prepare for that moment, dubbed "Q-Day," both by pouring money into quantum research and by investing in new encryption standards known as post-quantum cryptography. Washington and Beijing have traded allegations of intercepting massive amounts of encrypted data in preparation for Q-Day, an approach sometimes dubbed "catch now, crack later." More on Apple's security blog.

Encrypted messaging app Signal has launched new feature allowing users to conceal their phone numbers and instead use usernames, in a move aimed at boosting privacy protections long sought by cybersecurity experts and privacy advocates. From a report: Rather than give your phone number to other Signal contacts as the identifier they use to begin a conversation with you, in other words, you can now choose to be discoverable via a chosen handle -- or even to prevent anyone who does have your phone number from finding you on Signal.

The use of phone numbers has long been perhaps the most persistent criticism of Signal's design. These new privacy protections finally offer a fix, says Meredith Whittaker, Signal's executive director. "We want to build a communications app that everyone in the world can easily use to connect with anyone else privately. That 'privately' is really in bold, underlined, in italics," Whittaker tells WIRED. "So we're extremely sympathetic to people who might be using Signal in high-risk environments who say, 'The phone number is really sensitive information, and I don't feel comfortable having that disseminated broadly.'"

Some ZFS news from Phoronix this week. "At the end of last year OpenZFS 2.2.2 was released to fix a rare but nasty data corruption issue, but it turns out there are other data corruption bug(s) still lurking in the OpenZFS file-system codebase." A Phoronix reader wrote in today about an OpenZFS data corruption bug when employing native encryption and making use of send/recv support. Making use of zfs send on an encrypted dataset can cause one or more snapshots to report errors. OpenZFS data corruption issues in this area have apparently been known for years.

Since May 2021 there's been this open issue around ZFS corruption related to snapshots on post-2.0 OpenZFS. That issue remains open. A new ticket has been opened for OpenZFS as well in proposing to add warnings against using ZFS native encryption and the send/receive support in production environments.
jd (Slashdot reader #1,658) spotted the news — and adds a positive note. "Bugs, old and new, are being catalogued and addressed much more quickly now that core development is done under Linux, even though it is not mainstreamed in the kernel."

Following a hoax bomb threat sent via ProtonMail to schools in Chennai, India, police in the state of Tamil Nadu put in a request to block the encrypted email service in the region since they have been unable to identify the sender. According to Hindustan Times, that request was granted today. From the report: The decision to block Proton Mail was taken at a meeting of the 69A blocking committee on Wednesday afternoon. Under Section 69A of the IT Act, the designated officer, on approval by the IT Secretary and at the recommendation of the 69A blocking committee, can issue orders to any intermediary or a government agency to block any content for national security, public order and allied reasons. HT could not ascertain if a blocking order will be issued to Apple and Google to block the Proton Mail app. The final order to block the website has not yet been sent to the Department of Telecommunications but the MeitY has flagged the issue with the DoT.

During the meeting, the nodal officer representing the Tamil Nadu government submitted that a bomb threat was sent to multiple schools using ProtonMail, HT has learnt. The police attempted to trace the IP address of the sender but to no avail. They also tried to seek help from the Interpol but that did not materialise either, the nodal officer said. During the meeting, HT has learnt, MeitY representatives noted that getting information from Proton Mail, on other criminal matters, not necessarily linked to Section 69A related issues, is a recurrent problem.

Although Proton Mail is end-to-end encrypted, which means the content of the emails cannot be intercepted and can only be seen by the sender and recipient if both are using Proton Mail, its privacy policy states that due to the nature of the SMTP protocol, certain email metadata -- including sender and recipient email addresses, the IP address incoming messages originated from, attachment name, message subject, and message sent and received times -- is available with the company. "We condemn a potential block as a misguided measure that only serves to harm ordinary people. Blocking access to Proton is an ineffective and inappropriate response to the reported threats. It will not prevent cybercriminals from sending threats with another email service and will not be effective if the perpetrators are located outside of India," said ProtonMail in a statement.

"We are currently working to resolve this situation and are investigating how we can best work together with the Indian authorities to do so. We understand the urgency of the situation and are completely clear that our services are not to be used for illegal purposes. We routinely remove users who are found to be doing so and are willing to cooperate wherever possible within international cooperation agreements."

Google said it will allow businesses to install ChromeOS Flex on their Windows devices, "potentially preventing millions of PCs from hitting landfills after Microsoft ends support for Windows 10 next year," reports Reuters. The Chrome operating system will ultimately allow users to keep using their Windows 10 systems, while also providing regular security updates and features like data encryption. From the report: ChromeOS is significantly less popular than other operating systems. In January 2024, it held a 1.8% share of the worldwide desktop OS market, far behind Windows' share of about 73%, according to data from research firm Statcounter. ChromeOS has struggled with wider adaptability due to its incompatibility with legacy Windows applications and productivity suites used by businesses. Google said that ChromeOS would allow users to stream legacy Windows and productivity applications, which will help deliver them to devices by running the apps on a data center.

An anonymous reader quotes a report from Ars Technica: The European Court of Human Rights (ECHR) has ruled that weakening end-to-end encryption disproportionately risks undermining human rights. The international court's decision could potentially disrupt the European Commission's proposed plans to require email and messaging service providers to create backdoors that would allow law enforcement to easily decrypt users' messages. This ruling came after Russia's intelligence agency, the Federal Security Service (FSS), began requiring Telegram to share users' encrypted messages to deter "terrorism-related activities" in 2017, ECHR's ruling said. [...] In the end, the ECHR concluded that the Telegram user's rights had been violated, partly due to privacy advocates and international reports that corroborated Telegram's position that complying with the FSB's disclosure order would force changes impacting all its users.

The "confidentiality of communications is an essential element of the right to respect for private life and correspondence," the ECHR's ruling said. Thus, requiring messages to be decrypted by law enforcement "cannot be regarded as necessary in a democratic society." [...] "Weakening encryption by creating backdoors would apparently make it technically possible to perform routine, general, and indiscriminate surveillance of personal electronic communications," the ECHR's ruling said. "Backdoors may also be exploited by criminal networks and would seriously compromise the security of all users' electronic communications. The Court takes note of the dangers of restricting encryption described by many experts in the field."

Martin Husovec, a law professor who helped to draft EISI's testimony, told Ars that EISI is "obviously pleased that the Court has recognized the value of encryption and agreed with us that state-imposed weakening of encryption is a form of indiscriminate surveillance because it affects everyone's privacy." [...] EISI's Husovec told Ars that ECHR's ruling is "indeed very important," because "it clearly signals to the EU legislature that weakening encryption is a huge problem and that the states must explore alternatives." If the Court of Justice of the European Union endorses this ruling, which Husovec said is likely, the consequences for the EU's legislation proposing scanning messages to stop illegal content like CSAM from spreading "could be significant," Husovec told Ars. During negotiations this spring, lawmakers may have to make "major concessions" to ensure the proposed rule isn't invalidated in light of the ECHR ruling, Husovec told Ars. Europol and the European Union Agency for Cybersecurity (ENISA) said in a statement: "Solutions that intentionally weaken technical protection mechanisms to support law enforcement will intrinsically weaken the protection against criminals as well, which makes an easy solution impossible."

DuckDuckGo keeps adding new features to its browser; and while these features are common in other browsers, DuckDuckGo is giving them a privacy-minded twist. The latest is a private, end-to-end encrypted syncing service. There's no account needed, no sign-in, and the company says it never sees what you're syncing. From a report: Using QR codes and shortcodes, and a lengthy backup code you store somewhere safe, DuckDuckGo's browser can keep your bookmarks, passwords, "favorites" (i.e., new tab page shortcuts), and settings for its email protection service synced between devices and browsers. DuckDuckGo points to Google's privacy policy for using its signed-in sync service on Chrome, which uses "aggregated and anonymized synchronized browsing data to improve other Google products and services." DuckDuckGo states that the encryption key for browser sync is stored only locally on your devices and that it lacks any access to your passwords or other data.

Martin Hellman "achieved legendary status as co-inventor of the Diffie-Hellman public key exchange algorithm, a breakthrough in software and computer cryptography," notes a new interview in InfoWorld.

Nine years after winning the Turing award, the 78-year-old cryptologist shared his perspective on some other issues: What do you think about the state of digital spying today?

Hellman: There's a need for greater international cooperation. How can we have true cyber security when nations are planning — and implementing — cyber attacks on one another? How can we ensure that AI is used only for good when nations are building it into their weapons systems? Then, there's the grandaddy of all technological threats, nuclear weapons. If we keep fighting wars, it's only a matter of time before one blows up.

The highly unacceptable level of nuclear risk highlights the need to look at the choices we make around critical decisions, including cyber security. We have to take into consideration all participants' needs for our strategies to be effective....

Your battle with the government to make private communication available to the general public in the digital age has the status of folklore. But, in your recent book (co-authored with your wife Dorothie [and freely available as a PDF]), you describe a meeting of minds with Admiral Bobby Ray Inman, former head of the NSA. Until I read your book, I saw the National Security Agency as bad and Diffie-Hellman as good, plain and simple. You describe how you came to see the NSA and its people as sincere actors rather than as a cynical cabal bent on repression. What changed your perspective?

Hellman: This is a great, real-life example of how taking a holistic view in a conflict, instead of just a one-sided one, resolved an apparently intractable impasse. Those insights were part of a major change in my approach to life. As we say in our book, "Get curious, not furious." These ideas are effective not just in highly visible conflicts like ours with the NSA, but in every aspect of life.
Hellman also had an interesting answer when asked if math, game theory, and software development teach any lessons applicable to issues like nuclear non-proliferation or national defense.

"The main thing to learn is that the narrative we (and other nations) tell ourselves is overly simplified and tends to make us look good and our adversaries bad."

Clay Risen reports via the New York Times: David Kahn, whose 1967 book, "The Codebreakers," established him as the world's pre-eminent authority on cryptology -- the science of making and breaking secret codes -- died on Jan. 24 in the Bronx. He was 93. His son Michael said the death, at a senior-living facility, was from the long-term effects of a stroke in 2015.

Before Mr. Kahn's book, cryptology itself was something of a secret. Despite an explosion in cryptological technology and techniques during the 20th century and the central role they played during World War II, the subject was typically overlooked by historians, if only because their possible sources were still highly classified. "Codebreaking is the most important form of secret intelligence in the world today," Mr. Kahn wrote in his book's preface. "Yet it has never had a chronicler."

Over the course of more than 1,000 pages, along with some 150 pages of notes, Mr. Kahn laid out cryptology's long history, starting with ancient Egypt 4,000 years ago and proceeding through the French and American revolutions, the innovations wrought by the advent of the telegraph and telephone to the mid-20th century and the dawn of computer-assisted code breaking.

Jakub Lewkowicz reports via SD Times: The Linux Foundation has recently launched the Post-Quantum Cryptography Alliance (PQCA), a collaborative effort aimed at advancing and facilitating the adoption of post-quantum cryptography in response to the emerging threats of quantum computing. This alliance assembles diverse stakeholders, including industry leaders, researchers, and developers, focusing on creating high-assurance software implementations of standardized algorithms. The initiative is also dedicated to supporting the development and standardization of new post-quantum cryptographic methods, aligning with U.S. National Security Agency's guidelines to ensure cryptographic security against quantum computing threats.

The PQCA endeavors to serve as a pivotal resource for organizations and open-source projects in search of production-ready libraries and packages, fostering cryptographic agility in anticipation of future quantum computing capabilities. Founding members include AWS, Cisco, Google, IBM, IntellectEU, Keyfactor, Kudelski IoT, NVIDIA, QuSecure, SandboxAQ, and the University of Waterloo. [...] [T]he PQCA plans to launch the PQ Code Package Project aimed at creating high-assurance, production-ready software implementations of upcoming post-quantum cryptography standards, beginning with the ML-KEM algorithm. By inviting organizations and individuals to participate, the PQCA is poised to play a critical role in the transition to and standardization of post-quantum cryptography, ensuring enhanced security measures in the face of advancing quantum computing technology. You can learn more about the PQCA on its website or GitHub.

AmiMoJo writes: Apple has attacked proposals for the UK government to pre-approve new security features introduced by tech firms. Under the proposed amendments to existing laws, if the UK Home Office declined an update, it then could not be released in any other country, and the public would not be informed. The government is seeking to update the Investigatory Powers Act (IPA) 2016. The Home Office said it supported privacy-focused tech but added that it also had to keep the country safe.

A government spokesperson said: "We have always been clear that we support technological innovation and private and secure communications technologies, including end-to-end encryption, but this cannot come at a cost to public safety." The proposed changes will be debated in the House of Lords tomorrow. Apple says it is an "unprecedented overreach" by the UK government. "We're deeply concerned the proposed amendments to the Investigatory Powers Act (IPA) now before Parliament place users' privacy and security at risk," said Apple in a statement. "It's an unprecedented overreach by the government and, if enacted, the UK could attempt to secretly veto new user protections globally preventing us from ever offering them to customers."

Slashdot reader Bruce66423 shared this report from the BBC: A Spanish court has cleared a British man of public disorder, after he joked to friends about blowing up a flight from London Gatwick to Menorca.

Aditya Verma admitted he told friends in July 2022: "On my way to blow up the plane. I'm a member of the Taliban." But he said he had made the joke in a private Snapchat group and never intended to "cause public distress"... The message he sent to friends, before boarding the plane, went on to be picked up by UK security services. They then flagged it to Spanish authorities while the easyJet plane was still in the air.

Two Spanish F-18 fighter jets were sent to flank the aircraft. One followed the plane until it landed at Menorca, where the plane was searched. Mr Verma, who was 18 at the time, was arrested and held in a Spanish police cell for two days. He was later released on bail... If he had been found guilty, the university student faced a fine of up to €22,500 (£19,300 or $20,967) and a further €95,000 (£81,204 or $103,200) in expenses to cover the cost of the jets being scrambled.
But how did his message first get from the encrypted app to the UK security services? One theory, raised in the trial, was that it could have been intercepted via Gatwick's Wi-Fi network. But a spokesperson for the airport told BBC News that its network "does not have that capability"... A spokesperson for Snapchat said the social media platform would not "comment on what's happened in this individual case".
richi (Slashdot reader #74,551) thinks it's obvious what happened: SnapChat's own web site says they scan messages for threats and passes them on to the authorities. ("We also work to proactively escalate to law enforcement any content appearing to involve imminent threats to life, such as...bomb threats...."

"In the case of emergency disclosure requests from law enforcement, our 24/7 team usually responds within 30 minutes."

jd (Slashdot reader #1,658) shared this story from BleepingComputer. The article notes that "Multiple implementations of the Kyber key encapsulation mechanism for quantum-safe encryption, are vulnerable to a set of flaws collectively referred to as KyberSlash, which could allow the recovery of secret keys."

jd explains that Crystals-Kyber "was chosen to be the U.S. government's post-quantum cryptography system of choice last year, but a side-channel attack has been identified. But in the article, NIST says that this is an implementation-specific attack (the reference implementation) and not a vulnerability in Kyber itself."

From the article: CRYSTALS-Kyber is the official implementation of the Kyber key encapsulation mechanism (KEM) for quantum-safe algorithm (QSA) and part of the CRYSTALS (Cryptographic Suite for Algebraic Lattices) suite of algorithms. It is designed for general encryption... The KyberSlash flaws are timing-based attacks arising from how Kyber performs certain division operations in the decapsulation process, allowing attackers to analyze the execution time and derive secrets that could compromise the encryption. If a service implementing Kyber allows multiple operation requests towards the same key pair, an attacker can measure timing differences and gradually compute the secret key...

In a KyberSlash1 demo on a Raspberry Pi system, the researchers recovered Kyber's secret key from decryption timings in two out of three attempts...

On December 30, KyberSlash2 was patched following its discovery and responsible reporting by Prasanna Ravi, a researcher at the Nanyang Technological University in Singapore, and Matthias Kannwischer, who works at the Quantum Safe Migration Center.

Security researchers warned Apple as early as 2019 about vulnerabilities in its AirDrop wireless sharing function that Chinese authorities claim they recently used to track down users of the feature, the researchers told CNN, in a case that experts say has sweeping implications for global privacy. From a report: The Chinese government's actions targeting a tool that Apple customers around the world use to share photos and documents -- and Apple's apparent inaction to address the flaws -- revive longstanding concerns by US lawmakers and privacy advocates about Apple's relationship with China and about authoritarian regimes' ability to twist US tech products to their own ends.

AirDrop lets Apple users who are near each other share files using a proprietary mix of Bluetooth and other wireless connectivity without having to connect to the internet. The sharing feature has been used by pro-democracy activists in Hong Kong and the Chinese government has cracked down on the feature in response. A Chinese tech firm, Beijing-based Wangshendongjian Technology, was able to compromise AirDrop to identify users on the Beijing subway accused of sharing "inappropriate information," judicial authorities in Beijing said this week. Although Chinese officials portrayed the exploit as an effective law enforcement technique, internet freedom advocates are urging Apple to address the issue quickly and publicly.

According to Bloomberg, Apple's AirDrop feature has been cracked by a Chinese state-backed institution to identify senders who share "undesirable content". MacRumors reports: AirDrop is Apple's ad-hoc service that lets users discover nearby Macs and iOS devices and securely transfer files between them over Wi-Fi and Bluetooth. Users can send and receive photos, videos, documents, contacts, passwords and anything else that can be transferred from a Share Sheet. Apple advertises the protocol as secure because the wireless connection uses Transport Layer Security (TLS) encryption, but the Beijing Municipal Bureau of Justice (BMBJ) says it has devised a way to bypass the protocol's encryption and reveal identifying information.

According to the BMBJ's website, iPhone device logs were analyzed to create a "rainbow table" which allowed investigators to convert hidden hash values into the original text and correlate the phone numbers and email accounts of AirDrop content senders. The "technological breakthrough" has successfully helped the public security authorities identify a number of criminal suspects, who use the AirDrop function to spread illegal content, the BMBJ added. "It improves the efficiency and accuracy of case-solving and prevents the spread of inappropriate remarks as well as potential bad influences," the bureau added.

It is not known if the security flaw in the AirDrop protocol has been exploited by a government agency before now, but it is not the first time a flaw has been discovered. In April 2021, German researchers found that the mutual authentication mechanism that confirms both the receiver and sender are on each other's address book could be used to expose private information. According to the researchers, Apple was informed of the flaw in May of 2019, but did not fix it.

Amazon-owned Wickr is dead, more than a year after reports showed it had become the app of choice for drug traffickers. 404 Media: If you open the encrypted messaging app Wickr Me today, you'll be greeted with a line of red text: "Reconnecting..." Below that, in white text over a black background, the app says "We're having issues connecting to the Wickr Me network. If the problem persists, try restarting your app or contacting support." Closing and reopening the app will not work. There is no point in contacting support either. That's because on December 31, 2023, Wickr Me, the free version of Wickr, was shut down entirely.

Wickr Me is no longer available to download on the Apple App Store or the Google Play Store. The app stopped accepting new users more than a year ago. And now, even current users cannot speak to one another. So ends the story of an app that while never reaching the popularity of other encrypted messaging apps like Signal, nor those that later turned on end-to-end encryption for the masses like WhatsApp, nonetheless played an important role in the adoption of and debate around secure communications.

An issue with Sony's projectors caused theater chain Alamo Drafthouse to close theaters entirely on New Year's Eve. "As of New Year's Day, however, most theaters and most showtimes now appear to be available, with a few exceptions," reports The Verge. From the report: It's not clear what happened. As New Year's Day is a holiday, we somewhat understandably haven't yet been able to reach Alamo or Sony spokespeople, and not every theater or every screening was affected. That didn't stop Alamo from blaming its Sony projectors for what at least one theater called a "nationwide" outage, however.

"Due to nation-wide technical difficulties with Sony, we aren't able to play any titles today," read part of a taped paper sign hanging inside a Woodbury, Minnesota location. That apparently didn't keep the customer who took a picture of that sign from watching The Apartment at that very same location, though: "When we went to our seats, the wait staff let us know that despite the fact that the previews were playing, we wouldn't know until the movie actually started whether we could see the film or not. If it didn't work, the screen would just turn black. Luckily, the film went through without a hitch."

What might have only affected some screenings at some theaters? I've seen speculation on Reddit that it may have something to do with expired digital certificates used to unlock encrypted films, but we haven't heard that from Alamo or Sony. We're looking forward to finding out. Longtime Slashdot reader innocent_white_lamb suggests that "[a] cryptographic key used to master all movies distributed by Deluxe" was the culprit after it expired on December 30. "This means that almost all Hollywood movies will no longer play on many commercial cinema servers. In particular, many showings of Wonka and Aquaman had to be cancelled due to the expired encryption key." From their submitted story: Deluxe and the movie companies have been frantically trying to remaster and send out revised versions of current movies over the past few days. Nobody knows what will happen to older movie titles since everything mastered by Deluxe since 2011 may be affected and may need to be remastered if it is to be shown in movie theaters again. There are at least four separate threads discussing this matter on Film-Tech.com, notes innocent_white_lamb.

"Billions of people" uses social media every month, notes the Wall Street Journal.. But "fewer and fewer are actually posting."

Instead they're favoring "a more passive experience, surveys of users and research from data-analytics firms say." In an October report from data-intelligence company Morning Consult, 61% of U.S. adult respondents with a social-media account said they have become more selective about what they post. The reasons are varied: People say they feel they can't control the content they see. They have become more protective about sharing their lives online. They also say the fun of social media has fizzled. This lurker mentality is widespread, across Meta Platforms' Instagram and Facebook along with X and TikTok....

In a survey conducted in the U.S. this summer, research firm Gartner found more than half of respondents believed the quality of social media has declined in the past five years. They cited misinformation, toxicity and the proliferation of bots as reasons it has gotten worse. "The less you trust social-media brands, the less of a good experience you're having," says Gartner analyst Emily Weiss. Users are less likely to share opinions or insight into their lives since the community they are looking for isn't there, she adds. Ads and suggested posts have also sucked the joy out of apps, some users say... The algorithmic spotlight on creators and their hyper-curated content has made some users feel insecure and less likely to share their own photos and videos, says Kevin Tran, media and entertainment analyst at Morning Consult. In turn, some now think of social apps more as sources of entertainment, like YouTube or Netflix.

Gartner estimates that 50% of users will either abandon or significantly limit their interactions with social media in the next two years.
Any threat to interacting is a threat to business, the article notes, adding "The companies are responding." They are investing in more private user experiences like messaging, and making interactions more secure. And encouraging people to post to a more intimate audience — as with Instagram's recently expanded Close Friends feature... Meta responded to user complaints, saying it would continue to work on improving recommendations to help creators reach more people. The company added a snooze button that pauses suggested posts for 30 days at a time, and chronological feeds that temporarily only show posts from accounts people follow... Meta began shifting its resources toward messaging, including efforts to enable end-to-end encryption by default across all of its messaging services... TikTok has also shown signs of investing more in the messaging portion of its app, nudging users to chat with people they haven't messaged in a while.
When the Wall Street Journal posted their article on Threads, Adam Mosseri (head of Instagram) responded that "People are sharing to feeds less, but to Stories more," and "even more still" in Messages ("even photos and videos"). Mosseri also said that Instagram's Notes feature — basically a post where you cab specify a smaller subset of your followers to see it — "have quickly become a big thing, particularly for young people.

"So it's no so much that people are sharing less," Mosseri argued, "but rather than they're sharing differently."

A Canadian cybersecurity firm has warned that as soon as 2025, quantum computers could make current encryption methods useless.

But now Slashdot reader christoban shares a "reality check" — an IEEE Spectrum takedown with the tagline "Hype is everywhere, skeptics say, and practical applications are still far away." The quantum computer revolution may be further off and more limited than many have been led to believe. That's the message coming from a small but vocal set of prominent skeptics in and around the emerging quantum computing industry... [T]here's growing pushback against what many see as unrealistic expectations for the technology. Meta's head of AI research Yann LeCun recently made headlines after pouring cold water on the prospect of quantum computers making a meaningful contribution in the near future.

Speaking at a media event celebrating the 10-year anniversary of Meta's Fundamental AI Research team he said the technology is "a fascinating scientific topic," but that he was less convinced of "the possibility of actually fabricating quantum computers that are actually useful." While LeCun is not an expert in quantum computing, leading figures in the field are also sounding a note of caution. Oskar Painter, head of quantum hardware for Amazon Web Services, says there is a "tremendous amount of hype" in the industry at the minute and "it can be difficult to filter the optimistic from the completely unrealistic."

A fundamental challenge for today's quantum computers is that they are very prone to errors. Some have suggested that these so-called "noisy intermediate-scale quantum" (NISQ) processors could still be put to useful work. But Painter says there's growing recognition that this is unlikely and quantum error-correction schemes will be key to achieving practical quantum computers. The leading proposal involves spreading information over many physical qubits to create "logical qubits" that are more robust, but this could require as many as 1,000 physical qubits for each logical one. Some have suggested that quantum error correction could even be fundamentally impossible, though that is not a mainstream view. Either way, realizing these schemes at the scale and speeds required remains a distant goal, Painter says... "I would estimate at least a decade out," he says.
A Microsoft technical fellow believes there's fewer applications where quantum computers can really provide a meaningful advantage, since operating a qubit its magnitudes slower than simply flipping a transistor, which also makes the throughput rate for data thousands or even millions of times slowers.

"We found out over the last 10 years that many things that people have proposed don't work," he says. "And then we found some very simple reasons for that."