A California judge signaled support for forcing Vizio to provide the full source code for its SmartCast TV software after finding a contractual obligation under the GPL. If upheld, the case could strengthen users' rights to modify GPL-licensed software embedded in consumer electronics. The Register reports: The legal complaint from the Software Freedom Conservancy (SFC) seeks access to the SmartCast source code so that Vizio customers can make changes and improvements to the platform, something that ought to be possible for code distributed under the GPL. On Thursday, California Superior Court Judge Sandy Leal issued a tentative ruling in advance of a hearing, indicating support for part of SFC's legal challenge. The tentative ruling is not a final decision, but it signals the judge's inclination to grant the SFC's motion for summary adjudication, at least in part.

"The tentative ruling [PDF] grants SFC's motion on the issue that a direct contract was made between SFC and Vizio when SFC's systems administrator, Paul Visscher, requested the source code to a TV that SFC has purchased," the SFC said in a blog post. "This contract obligated Vizio to provide SFC the complete and corresponding source code." [...]

Karen Sandler, executive director of the SFC, told The Register in an email that the hearing went well, though Vizio's legal counsel "stridently disagreed" with the legal analysis in the tentative ruling. "Judge Leal said she would take the matter 'under submission' which means she will think about it further," Sandler said. "After the Court went off the record, Leal's clerk specifically verified the Court reporter could provide an expedited transcript, so Leal will likely review the hearing transcript soon." Sandler expects Leal will examine the filings again before issuing her opinion, which is likely to be issued in the next few weeks.

Apple has announced a sweeping set of changes to iOS in Japan that will allow alternative app marketplaces, third-party payment processing, and non-WebKit browser engines -- all to comply with Japan's Mobile Software Competition Act, which takes effect December 18. The changes, now available in iOS 26.2, bear a strong resemblance to Apple's compliance measures for the European Union's Digital Markets Act but differ in key ways.

Japanese developers who want to offer alternative payment options must display them alongside Apple's in-app purchase system, giving users a choice at checkout rather than replacing Apple's option entirely. Apps cannot be distributed directly from websites as they can in the EU; they must go through an authorized marketplace.

Apple has established a tiered fee structure for the new arrangements. Apps distributed through the App Store using in-app purchase will pay between 15 and 26% depending on whether developers qualify for the Small Business Program. Alternative payment processing drops the 5% payment fee but keeps the base commission. Apps distributed outside the App Store pay a flat 5% Core Technology Commission on digital goods and services.

The company introduced several user-facing changes beyond app distribution. iPhone users in Japan will see browser and search engine choice screens during device setup, can assign third-party voice assistants to the side button, and can select alternative default navigation apps. Apple said it worked closely with Japanese regulators on protections for younger users. Apps in the Kids category cannot link to external websites for purchases, and users under 13 cannot access web links for transactions in any app.

An Apple spokesperson told Bloomberg that the company has no plans to extend these changes to other markets.

Meta has paused its third-party Horizon OS headset program, effectively canceling planned VR headsets from Asus and Lenovo as it refocuses on "building the world-class first-party hardware and software needed to advance the VR market." Road to VR reports: A little over a year and a half ago, Meta made an "industry-altering announcement," as I called the move in my reporting: the company was rebranding the Quest operating system to 'Horizon OS' and announced it was working with select partners to launch third-party VR headsets powered by the operating system. Meta specifically named Asus and Lenovo as the first partners it was working with to build new Horizon OS headsets. Asus was said to be building an "all-new performance gaming headset," while Lenovo was purportedly working on "mixed reality devices for productivity, learning, and entertainment."

But as we've now learned, neither headset is likely to see the light of day. Meta say it has frozen the third-party Horizon OS headset program. "We have paused the program to focus on building the world-class first-party hardware and software needed to advance the VR market," a Meta spokesperson told Road to VR. "We're committed to this for the long term and will revisit opportunities for 3rd-party device partnerships as the category evolves."

Coursera announced on Wednesday that it will acquire rival online learning platform Udemy in an all-stock deal that values the combined company at $2.5 billion, a move that brings together two of the largest U.S.-based players in an industry that has struggled since pandemic-era enrollment highs faded. Under the terms of the agreement, Udemy shareholders will receive 0.8 shares of Coursera for each share they hold, valuing Udemy at roughly $930 million. Based on Coursera's last closing price, the offer works out to $6.35 per Udemy share, an 18.3% premium. The deal is expected to close in the second half of next year, pending regulatory and shareholder approvals.

The two companies are betting that a combined platform will be better positioned to pursue corporate customers seeking to retrain workers in artificial intelligence, data science and software development. Coursera has built its business on partnerships with universities and institutions to offer degree programs and professional certificates, while Udemy operates a marketplace where independent instructors sell courses directly to consumers and businesses. Both stocks have significantly underperformed this year. Udemy shares have fallen about 35% and Coursera is down roughly 7%, leaving both trading well below their post-IPO highs as investors remain cautious about competition and pricing pressure in the sector.

Google is suing a Chinese-speaking cybercriminal group it says is responsible for a massive wave of scam text messages sent to Americans this year, according to a legal complaint filed Tuesday. From a report: The group, known as Darcula, sells software that allows users to send phishing text messages en masse, impersonating organizations like the IRS or the U.S. Postal Service in scams. The lawsuit is designed to give Google legal standing so U.S. courts will allow it to seize websites the group uses, hampering their operations, a spokesperson said.

Darcula is possibly the most prominent name in an emerging, loosely affiliated cybercrime world that creates and sells hacking programs for aspiring scammers to use. Darcula's signature program, called Magic Cat, provides an easy-to-use, intuitive way for cybercriminals without advanced hacking skills to quickly spam millions of phone numbers with links to fake websites impersonating businesses like YouTube's premium service, then steal the credit card numbers victims put in.

An anonymous reader quotes a report from the Wall Street Journal: The alleged perpetrator had improper access to virtually every South Korean adult's personal information: names, phone numbers and even the keycode to enter residential buildings. It was one of the biggest data breaches of recent years and it has sent the company it targeted -- Coupang, South Korea's equivalent of Amazon -- reeling, generating lawsuits, government investigation and calls to toughen penalties against such leaks. The leak went undetected for nearly five months, hitting Coupang's radar on Nov. 18 only after a customer flagged suspicious activity.

At first, Coupang, which was founded by a Korean-American entrepreneur, said it had experienced a data "exposure" affecting roughly 4,500 customer accounts. But within days, the e-commerce firm revised the figure: The leak exposed up to roughly 34 million user accounts in South Korea -- a sum representing more than 90% of the country's working-age population. Coupang started calling the incident a "leak" after Korean regulators took issue with the company's prior word choice. "The Whole Nation Is a Victim," read one local news headline.

An investigation has found that the alleged perpetrator had once worked in South Korea as a software developer for authentication systems at Coupang, which is known for its blockbuster U.S. initial public offering a few years ago. The suspected leaker is believed to be a Chinese national who has moved back to China and is now on the lam, South Korean officials say. They haven't named the person. Even after leaving the firm roughly a year ago, the suspect secretly held on to an internal authentication key that granted him unfettered access to the personal information of Coupang users, South Korean authorities and lawmakers say. The infiltration, using overseas servers, started on June 24. By using the login credentials, the suspect was able to appear as if he were still a Coupang employee when accessing the company's systems.

Intel has quietly stopped maintaining its open-source user-space driver stack for Gaudi accelerators. Phoronix reports: It turns out earlier this year Intel archived the SynapseAI Core open-source code and is no longer maintained by Intel. The open-source Synapse AI Core GitHub repository was archived in February and README updated with: "This project will no longer be maintained by Intel. Intel has ceased development and contributions including, but not limited to, maintenance, bug fixes, new releases, or updates, to this project. Intel no longer accepts patches to this project. If you have an ongoing need to use this project, are interested in independently developing it, or would like to maintain patches for the open source software community, please create your own fork of this project."

Mozilla has named Anthony Enzor-DeMeo as its new chief executive, promoting the executive who has spent the past year leading the Firefox browser team and who now plans to make AI central to the company's future.

Enzor-DeMeo announced on Tuesday that an "AI Mode" is coming to Firefox next year. The feature will let users choose from multiple AI models rather than being locked into a single provider. Some options will be open-source models, others will be private "Mozilla-hosted cloud options," and the company also plans to integrate models from major AI companies. Mozilla itself will not train its own large language model.

"We're not incentivized to push one model or the other," Enzor-DeMeo told The Verge. Firefox currently has about 200 million monthly users, a fraction of Chrome's roughly 4 billion, though Enzor-DeMeo insists mobile usage is growing at a decent clip.

He takes over from interim CEO Laura Chambers, who led the company through a major antitrust case and what Mozilla describes as "double-digit mobile growth" in Firefox. Chambers is returning to the Mozilla board of directors. The new CEO has outlined three priorities: ensuring all products give users control over AI features including the ability to turn them off, building a business model around transparent monetization, and expanding Firefox into a broader ecosystem of trusted software. Mozilla VPN integration is planned for the browser next year.

An anonymous reader quotes a report from Ars Technica: Microsoft is killing off an obsolete and vulnerable encryption cipher that Windows has supported by default for 26 years following more than a decade of devastating hacks that exploited it and recently faced blistering criticism from a prominent US senator. When the software maker rolled out Active Directory in 2000, it made RC4 a sole means of securing the Windows component, which administrators use to configure and provision fellow administrator and user accounts inside large organizations. RC4, short for Rivist Cipher 4, is a nod to mathematician and cryptographer Ron Rivest of RSA Security, who developed the stream cipher in 1987. Within days of the trade-secret-protected algorithm being leaked in 1994, a researcher demonstrated a cryptographic attack that significantly weakened the security it had been believed to provide. Despite the known susceptibility, RC4 remained a staple in encryption protocols, including SSL and its successor TLS, until about a decade ago. [...]

Last week, Microsoft said it was finally deprecating RC4 and cited its susceptibility to Kerberoasting, the form of attack, known since 2014, that was the root cause of the initial intrusion into Ascension's network. "By mid-2026, we will be updating domain controller defaults for the Kerberos Key Distribution Center (KDC) on Windows Server 2008 and later to only allow AES-SHA1 encryption," Matthew Palko, a Microsoft principal program manager, wrote. "RC4 will be disabled by default and only used if a domain administrator explicitly configures an account or the KDC to use it." [...] Following next year's change, RC4 authentication will no longer function unless administrators perform the extra work to allow it. In the meantime, Palko said, it's crucial that admins identify any systems inside their networks that rely on the cipher. Despite the known vulnerabilities, RC4 remains the sole means of some third-party legacy systems for authenticating to Windows networks. These systems can often go overlooked in networks even though they are required for crucial functions.

To streamline the identification of such systems, Microsoft is making several tools available. One is an update to KDC logs that will track both requests and responses that systems make using RC4 when performing requests through Kerberos. Kerberos is an industry-wide authentication protocol for verifying the identities of users and services over a non-secure network. It's the sole means for mutual authentication to Active Directory, which hackers attacking Windows networks widely consider a Holy Grail because of the control they gain once it has been compromised. Microsoft is also introducing new PowerShell scripts to sift through security event logs to more easily pinpoint problematic RC4 usage. Microsoft said it has steadily worked over the past decade to deprecate RC4, but that the task wasn't easy. "The problem though is that it's hard to kill off a cryptographic algorithm that is present in every OS that's shipped for the last 25 years and was the default algorithm for so long, Steve Syfuhs, who runs Microsoft's Windows Authentication team, wrote on Bluesky. "See," he continued, "the problem is not that the algorithm exists. The problem is how the algorithm is chosen, and the rules governing that spanned 20 years of code changes."

Once a star of the self-driving hype cycle, lidar maker Luminar has filed for bankruptcy amid legal turmoil, layoffs, and a cooling autonomous-vehicle market. It plans to sell off its assets before shutting down entirely. The Verge reports: As part of its bankruptcy, Luminar is seeking permission to sell both its lidar and semiconductor businesses, the latter of which it has already agreed to sell to Quantum Computing for $110 million. The company plans to continue to operate during the bankruptcy proceedings "to minimize disruptions and maintain delivery of its LiDAR hardware and software." That said, Luminar will cease to exist once the process is complete. "As we navigate this process, our top priority is to continue delivering the same quality, reliability and service our customers have come to expect from us," CEO Paul Ricci said in a statement.

After launching in 2017, Luminar muscled its way to the front of the autonomous vehicle industry as a top maker of lidar systems, a key technology that driverless cars use to sense the shapes and distances of objects around them. Luminar has sold sensors to Mercedes-Benz, Volvo, Audi, Toyota Research Institute, Caterpillar, and even Tesla, which has dismissed lidar sensors in favor of traditional cameras. The company was valued at nearly $3 billion when it went public through a reverse merger with a SPAC in 2020.

The Trump administration announced Monday the United States Tech Force, a new program to recruit around 1,000 technologists for two-year government stints starting as soon as March -- less than a year after dismantling several federal technology teams and driving thousands of tech workers out of their jobs.

The program will primarily recruit early-career software engineers and data scientists, paying between $150,000 and $200,000 annually. About 20 companies have signed on to participate, including Palantir, Meta, Oracle and Elon Musk's xAI. Some engineering managers will be allowed to take leaves of absence from their private-sector employers to join the program without divesting their stock holdings.

The initiative follows the March closure of 18F, General Services Administration's internal tech consultancy, and the shuttering of the Social Security Administration's Office of Transformation in February. The IRS had lost over 2,000 tech workers by June.

LG smart TV owners discovered over the weekend that a recent webOS software update had quietly installed Microsoft Copilot on their devices, and the app cannot be uninstalled. Affected users report the feature appears automatically after installing the latest webOS update on certain models, sitting alongside streaming apps like Netflix and YouTube.

LG's support documentation confirms that certain preinstalled or system apps can only be hidden, not deleted. At CES 2025, LG announced plans to integrate Copilot into webOS as part of its "AI TV" strategy, describing it as an extension of its AI Search experience. The current implementation appears to function as a shortcut to a web-based Copilot interface rather than a native application. Samsung TVs include Google's Gemini in a similar fashion. Users wanting to avoid the feature entirely are left with one option: disconnecting their TV from the internet.

The Black Hat Europe hacker conference in London included a session titled "Don't Judge an Audiobook by Its Cover" about a two critical (and now fixed) flaws in Amazon's Kindle. The Times reports both flaws were discovered by engineering analyst Valentino Ricotta (from the cybersecurity research division of Thales), who was awarded a "bug bounty" of $20,000 (£15,000 ). He said: "What especially struck me with this device, that's been sitting on my bedside table for years, is that it's connected to the internet. It's constantly running because the battery lasts a long time and it has access to my Amazon account. It can even pay for books from the store with my credit card in a single click. Once an attacker gets a foothold inside a Kindle, it could access personal data, your credit card information, pivot to your local network or even to other devices that are registered with your Amazon account."

Ricotta discovered flaws in the Kindle software that scans and extracts information from audiobooks... He also identified a vulnerability in the onscreen keyboard. Through both of these, he tricked the Kindle into loading malicious code, which enabled him to take the user's Amazon session cookies — tokens that give access to the account. Ricotta said that people could be exposed to this type of hack if they "side-load" books on to the Kindle through non-Amazon stores.
Ricotta donated his bug bounties to charity...

AI "has gutted entry-level roles in the tech industry," reports Rest of World.

One student at a high-ranking engineering college in India tells them that among his 400 classmates, "fewer than 25% have secured job offers... there's a sense of panic on the campus." Students at engineering colleges in India, China, Dubai, and Kenya are facing a "jobpocalypse" as artificial intelligence replaces humans in entry-level roles. Tasks once assigned to fresh graduates, such as debugging, testing, and routine software maintenance, are now increasingly automated. Over the last three years, the number of fresh graduates hired by big tech companies globally has declined by more than 50%, according to a report published by SignalFire, a San Francisco-based venture capital firm. Even though hiring rebounded slightly in 2024, only 7% of new hires were recent graduates. As many as 37% of managers said they'd rather use AI than hire a Gen Z employee...

Indian IT services companies have reduced entry-level roles by 20%-25% thanks to automation and AI, consulting firm EY said in a report last month. Job platforms like LinkedIn, Indeed, and Eures noted a 35% decline in junior tech positions across major EU countries during 2024...

"Five years ago, there was a real war for [coders and developers]. There was bidding to hire," and 90% of the hires were for off-the-shelf technical roles, or positions that utilize ready-made technology products rather than requiring in-house development, said Vahid Haghzare, director at IT hiring firm Silicon Valley Associates Recruitment in Dubai. Since the rise of AI, "it has dropped dramatically," he said. "I don't even think it's touching 5%. It's almost completely vanished." The company headhunts workers from multiple countries including China, Singapore, and the U.K... The current system, where a student commits three to five years to learn computer science and then looks for a job, is "not sustainable," Haghzare said. Students are "falling down a hole, and they don't know how to get out of it."

The R programming language "is sometimes frowned upon by 'traditional' software engineers," says the CEO of software quality services vendor Tiobe, "due to its unconventional syntax and limited scalability for large production systems." But he says it "continues to thrive at universities and in research-driven industries, and "for domain experts, it remains a powerful and elegant tool."

Yet it's now gaining more popularity as statistics and large-scale data visualization become important (a trend he also sees reflected in the rise of Wolfram/Mathematica). That's according to December's edition of his TIOBE Index, which attempts to rank the popularity of programming languages based on search-engine results for courses, third-party vendors, and skilled engineers. InfoWorld explains: In the December 2025 index, published December 7, R ranks 10th with a 1.96% rating. R has cracked the Tiobe index's top 10 before, such as in April 2020 and July 2020, but not in recent years. The rival Pypl Popularity of Programming Language Index, meanwhile, has R ranked fifth this month with a 5.84% share. "Programming language R is known for fitting statisticians and data scientists like a glove," said Paul Jansen, CEO of software quality services vendor Tiobe, in a bulletin accompanying the December index...

Although data science rival Python has eclipsed R in terms of general adoption, Jansen said R has carved out a solid and enduring niche, excelling at rapid experimentation, statistical modeling, and exploratory data analysis. "We have seen many Tiobe index top 10 entrants rising and falling," Jansen wrote. "It will be interesting to see whether R can maintain its current position."
"Python remains ahead at 23.64%," notes TechRepublic, "while the familiar chase group behind it holds steady for the moment. The real movement comes deeper in the list, where SQL edges upward, R rises to the top 10, and Delphi/Object Pascal slips away... SQLclimbs from tenth to eighth at 2.10%, adding a small +0.11% that's enough to move it upward in a tightly packed section of the table. Perl holds ninth at 1.97%, strengthened by a +1.33% gain that extends its late-year resurgence."

It's interesting to see how TIOBE's ranking compare with PYPL's (which ranks languages based solely on how often language tutorials are searched on Google):

TIOBE	PYPL
Python	Python
C	C/C++
C++	Objective-C
Java	Java
C#	R
JavaScript	JavaScript
Visual Basic	Swift
SQL	C#
Perl	PHP
R	Rust

Despite their different methodologies, both lists put Python at #1, Java at #5, and JavaScript at #7.

This week the Free Software Foundation honored Andy Wingo, Alx Sa, and Govdirectory with this year's annual Free Software Awards (given to community members and groups making "significant" contributions to software freedom): Andy Wingo is one of the co-maintainers of GNU Guile, the official extension language of the GNU operating system and the Scheme "backbone" of GNU Guix. Upon receiving the award, he stated: "Since I learned about free software, the vision of a world in which hackers freely share and build on each others' work has been a profound inspiration to me, and I am humbled by this recognition of my small efforts in the context of the Guile Scheme implementation. I thank my co-maintainer, Ludovic Courtès, for his comradery over the years: we are just building on the work of the past maintainers of Guile, and I hope that we live long enough to congratulate its many future maintainers."

The 2024 Award for Outstanding New Free Software Contributor went to Alx Sa for work on the GNU Image Manipulation Program (GIMP). When asked to comment, Alx responded: "I am honored to receive this recognition! I started contributing to the GNU Image Manipulation Program as a way to return the favor because of all the cool things it's allowed me to do. Thanks to the help and mentorship of amazing people like Jehan Pagès, Jacob Boerema, Liam Quin, and so many others, I hope I've been able to help other people do some cool new things, too."

Govdirectory was presented with this year's Award for Projects of Social Benefit, given to a project or team responsible for applying free software, or the ideas of the free software movement, to intentionally and significantly benefit society. Govdirectory provides a collaborative and fact-checked listing of government addresses, phone numbers, websites, and social media accounts, all of which can be viewed with free software and under a free license, allowing people to always reach their representatives in freedom...

The FSF plans to further highlight the Free Software Award winners in a series of events scheduled for the new year to celebrate their contributions to free software.

A former Chinese official who fled to the U.S. says Beijing has used advanced surveillance technology from U.S. companies to track, intimidate, and punish him and his family across borders. ABC News reports: Retired Chinese official Li Chuanliang was recuperating from cancer on a Korean resort island when he got an urgent call: Don't return to China, a friend warned. You're now a fugitive. Days later, a stranger snapped a photo of Li in a cafe. Terrified South Korea would send him back, Li fled, flew to the U.S. on a tourist visa and applied for asylum. But even there -- in New York, in California, deep in the Texas desert -- the Chinese government continued to hunt him down with the help of surveillance technology.

Li's communications were monitored, his assets seized and his movements followed in police databases. More than 40 friends and relatives -- including his pregnant daughter -- were identified and detained, even by tracking down their cab drivers through facial recognition software. Three former associates died in detention, and for months shadowy men Li believed to be Chinese operatives stalked him across continents, interviews and documents seen by The Associated Press show.

The Chinese government is using an increasingly powerful tool to cement its power at home and vastly amplify it abroad: Surveillance technology, much of it originating in the U.S., an AP investigation has found. Within China, this technology helped identify and punish almost 900,000 officials last year alone, nearly five times more than in 2012, according to state numbers. Beijing says it is cracking down on corruption, but critics charge that such technology is used in China and elsewhere to stifle dissent and exact retribution on perceived enemies.

Outside China, the same technology is being used to threaten wayward officials, along with dissidents and alleged criminals, under what authorities call Operations "Fox Hunt" and "Sky Net." The U.S. has criticized these overseas operations as a "threat" and an "affront to national sovereignty." More than 14,000 people, including some 3,000 officials, have been brought back to China from more than 120 countries through coercion, arrests and pressure on relatives, according to state information.

id Software employees voted to form a wall-to-wall union with the CWA, covering all roles at the Doom studio. "The vote wasn't unanimous, though a majority did vote in favor of the union," notes Engadget. From the report: The union will work in conjunction with the Communications Workers of America (CWA), which is the same organization involved with parent company ZeniMax's recent unionization efforts. Microsoft, who owns ZeniMax, has already recognized this new effort, according to a statement by the CWA. It agreed to a labor neutrality agreement with the CWA and ZeniMax workers last year, paving the way for this sort of thing.

From the onset, this union will look to protect remote work for id Software employees. "Remote work isn't a perk. It's a necessity for our health, our families, and our access needs. RTO policies should not be handed down from executives with no consideration for accessibility or our well-being," said id Software Lead Services Programmer Chris Hays. He also said he looks forward to getting worker protections regarding the "responsible use of AI."

Phoebe Gates, Bill Gates' youngest daughter, has raised $30 million for the AI shopping app she built in her Stanford dorm room with classmate Sophia Kianni. The app is called Phia and is pitched as a way to simplify price comparison and secondhand shopping. "Its AI-powered search engine -- available as an app and as a browser extension for Chrome and Safari -- pulls listings from more than 40,000 retail and resale sites so users can compare prices, surface real-time deals, and determine whether an item's cost is typical, high or fair," reports the San Francisco Chronicle. The app has reached 750,000 downloads in eight months and is valued at $180 million. From the report: Gates told Elle that when she first floated the idea to her parents, they urged her to keep it as a side project -- advice she followed by enrolling in Stanford's night program after moving to New York and finishing her degree in 2024. "They were like, 'Okay, you can do this as a side thing, but you need to stay in school.' I don't think people would expect that from my family, to be honest," she said.

Her father dropped out of Harvard University in 1975 to launch Microsoft. Kianni even paused her degree temporarily "to learn, as quickly as possible, as much as we could about the industry that we would be operating in," she told Vogue. Bill Gates has not invested in the company, though he has publicly supported its mission.

Berlin's regional parliament has passed a far-reaching overhaul of its "security" law, giving police new authority to conduct both digital and physical surveillance. From a report: The CDU-SPD coalition, supported by AfD votes, approved the reform of the General Security and Public Order Act (ASOG), changing the limits that once protected Berliners from intrusive policing. Interior Senator Iris Spranger (SPD) argued that the legislation modernizes police work for an era of encrypted communication, terrorism, and cybercrime. But it undermines core civil liberties and reshapes the relationship between citizens and the state.

One of the most controversial elements is the expansion of police powers under paragraphs 26a and 26b. These allow investigators to hack into computers and smartphones under the banner of "source telecommunications surveillance" and "online searches." Police may now install state-developed spyware, known as trojans, on personal devices to intercept messages before or after encryption.

If the software cannot be deployed remotely, the law authorizes officers to secretly enter a person's home to gain access. This enables police to install surveillance programs directly on hardware without the occupant's knowledge. Berlin had previously resisted such practices, but now joins other federal states that permit physical entry to install digital monitoring tools.