Twelve years after it was first notified of the issue, Mozilla has finally shipped a fix this week that will prevent abusive websites -- usually tech support scam sites -- from flooding users with non-stop "authentication required" login popups and prevent users from leaving or closing their browsers. From a report: The fix has been shipped in Firefox v68, the current Nightly release, and will hit the browser's stable branch sometimes in early July. According to Firefox engineer Johann Hofmann, starting with Firefox 68, web pages won't be allowed to show more than two login prompts. Starting with the third request, Firefox will intervene to suppress the authentication popup.

Mozilla previously shipped a fix for this issue, but it was incomplete, as it blocked authentication prompts that originated from subresources, such as iframes. This latest patch completes the fix by blocking all types of authentication required prompts -- including those generated by the site's main domain.

Mozilla said this week that it intends to run two experiments over the course of this month to determine the most adequate way of dealing with push notification spam, a growing problem that is slowly deteriorating the web experience for everyone. From a report: The experiments will run in Firefox Nightly (v68) and Firefox Beta (v67). The Firefox Nightly experiment will run from April 1 to April 29. During this time, Mozilla said Firefox Nightly would only allow websites to show a push notification permission only after the user has clicked or pressed a key while on a website. All attempts to show a push notification permission request before a click or key press will be blocked by default. [...] In the last two weeks of the experiment, Firefox will show an icon in the URL bar, but with no visible popup on the page. Users can click this icon and accept any push notification permission requests if they wish so. Further reading: Mozilla and Scroll Partner To Test Alternative Funding Models for the Web.

Friday CNN reported on "what you can do right now to stop robocalls."

"Short of throwing your phone in the garbage, there's no way to avoid them altogether. But wireless providers and smartphone developers offer tools to filter out at least some unwanted calls." - Verizon's Call Filter app is free to download on iPhones and Android devices. The company announced Thursday the app will offer some free features -- including auto-blocking calls from known fraudsters, showing warning banners for suspicious calls, and a spam reporting tool. For $2.99 a month per line, the Call Filter app can use a phonebook feature to look up the names of unknown callers, and it can show a "risk meter" for spam calls.

- AT&T's Call Protect has similar free features and add-ons with a $3.99 per month subscription. (iOS and Android)

- T-Mobile phones come loaded with Scam ID, which warns customers about suspicious phone numbers. It's also free to activate Scam Block, which automatically rejects calls from those numbers. An additional app called Name ID offers premium caller identification for $4 per line monthly. (iOS and Android)

- Sprint's Premium Caller ID , which comes pre-installed, looks up unknown numbers and filters and blocks robocalls for $2.99 per line.

- Google's Pixel phones also give you the option to have your voice assistant answer suspicious calls for you. The phone can transcribe the conversation and lets you decide whether to answer.

The concept of the hyperlink was first outlined over 70 years ago and eventually became a central part of the web. But 30 years since the invention of the world wide web, Google, Apple, Facebook, and Amazon have skewed the original ambitions for hyperlinks, who they are for and how far they can lead you. From a feature story: The impact that Google's PageRank algorithms have had on how the commercial web chooses to deploy hyperlinks can be seen in just about any SEO (search engine optimisation) blog. Publishers and businesses are encouraged to prioritize internal links over external links that may boost the competition in Google's rankings. "Since the very moment Google came on the scene, links moved from being the defining characteristic of the web, to being a battleground. Google's core insight was that you could treat every link as, essentially, a vote for the site," says Adam Tinworth, a digital publishing strategist. Tinworth explains that Google tries to minimize the effect of these 'unnatural linking patterns', which includes comment spam and 'guest posts', but it remains part of "how the shadier side of the SEO industry operates."

With clear, financial incentives to serve Google's web spiders, which regularly 'crawl' website content to determine its placement in searches, a common strategy involves placing hyperlinks on specific 'anchor text' -- the actual words that you click on -- that benefit that site's PageRank for keywords rather than tailor links to readers. That's not inherently a problem but research from the University of Southampton, published in February, suggests it doesn't go unnoticed. [...] In the cases of Apple and Facebook, the question isn't so much how we link and how we react to them, as where we can link to and where we can follow links to. Apple News, Facebook's Instant Articles and Google AMP all propose variations on limited systems of linking back to sources of information. As for Instagram, it's based on a two-tier system: users can't add external links to posts (#linkinbio) unless they buy adverts whereas accounts with a large number of followers are able to add external links to Stories.

"Machines will need to make ethical decisions, and we will be responsible for those decisions," argues Mike Loukides, O'Reilly Media's vice president of content strategy: We are surrounded by systems that make ethical decisions: systems approving loans, trading stocks, forwarding news articles, recommending jail sentences, and much more. They act for us or against us, but almost always without our consent or even our knowledge. In recent articles, I've suggested the ethics of artificial intelligence itself needs to be automated. But my suggestion ignores the reality that ethics has already been automated... The sheer number of decisions that need to be made means that we can't expect humans to make those decisions. Every time data moves from one site to another, from one context to another, from one intent to another, there is an action that requires some kind of ethical decision...

Ethical problems arise when a company's interest in profit comes before the interests of the users. We see this all the time: in recommendations designed to maximize ad revenue via "engagement"; in recommendations that steer customers to Amazon's own products, rather than other products on their platform. The customer's interest must always come before the company's. That applies to recommendations in a news feed or on a shopping site, but also how the customer's data is used and where it's shipped. Facebook believes deeply that "bringing the world closer together" is a social good but, as Mary Gray said on Twitter, when we say that something is a "social good," we need to ask: "good for whom?" Good for advertisers? Stockholders? Or for the people who are being brought together? The answers aren't all the same, and depend deeply on who's connected and how....

It's time to start building the systems that will truly assist us to manage our data.
The article argues that spam filters provide a surprisingly good set of first design principles. They work in the background without interfering with users, but always allow users to revoke their decisions, and proactively seek out user input in ambiguous or unclear situations.

But in the real world beyond our inboxes, "machines are already making ethical decisions, and often doing so badly. Spam detection is the exception, not the rule."

"My favorite new social network doesn't incessantly spam me with notifications," brags New York Times technology writer Mike Isaac. "When I post, I'm not bombarded with @mentions from bots and trolls. And after I use it, I don't worry about ads following me around the web.

"That's because my new social network is an email newsletter." Every week or so, I blast it out to a few thousand people who have signed up to read my musings. Some of them email back, occasionally leading to a thoughtful conversation. It's still early in the experiment, but I think I love it. The newsletter is not a new phenomenon. But there is a growing interest among those who are disenchanted with social media in what writer Craig Mod has called "the world's oldest networked publishing platform." For us, the inbox is becoming a more attractive medium than the news feed...

For me, the change has happened slowly, but the reasons for it were unmistakable. Every time I was on Twitter, I felt worse. I worried about being too connected to my phone, too wrapped up in the latest Twitter dunks... Now, when I feel the urge to tweet an idea that I think is worth expounding on, I save it for my newsletter... It's much more fun than mediating political fights between relatives on my Facebook page or decoding the latest Twitter dustup...

"You don't have to fight an algorithm to reach your audience," Casey Newton, a journalist who writes The Interface, a daily newsletter for technology news site The Verge, told me. "With newsletters, we can rebuild all of the direct connections to people we lost when the social web came along."
The article suggests a broader movement away from Facebook's worldview to more private ways of sharing, like Slack . "We felt this growing sense of despair in traditional social media," says the CEO of Substack, makers of a newsletter-writing software. "Twitter, Facebook, etc. -- they've all incentivized certain negative patterns."

"The fight against robocalls can even bring telecom rivals together," reports USA Today: AT&T and Comcast said Wednesday that they can authenticate calls made between the two different phone providers' networks, a potential industry first and the latest in the long-running battle against spam calls... The system, which uses a method developed in recent years, verifies that a legitimate call is being made instead of one that has been spoofed by spammers, scammers or robocallers with a "digital signature." The recipient network then confirms the signature on its side. The companies said consumers will get a notification that a call is verified, but exactly what that will look like is not yet known.

Both AT&T and Comcast will roll out the system to home phone users later this year at no extra charge. AT&T also said it will introduce the feature to its mobile users this year... Other major wireless and traditional home voice providers have pledged support for the verification method, including Verizon, T-Mobile, Sprint, Charter, Cox and Vonage, with several announcing plans to roll out or test the feature in 2019.
The day Comcast and AT&T made their announcement, AT&T's CEO was giving a live interview that was interrupted by a robocall.

At an Economic Club event in Washington, DC today, AT&T CEO Randall Stephenson was interrupted on stage by a robocall, pausing an interview in front of dozens of people and driving home that absolutely no one is safe from the spam epidemic. From a report: Over the past few months, regulators at the Federal Communications Commission have been feeling the pressure from lawmakers and consumers who are urging them to put an end to the relentless onslaught of robocalls people receive every day. Last year, consumers received over 26.3 billion of these scammy calls and the problem only appears to be getting worse. "I'm getting a robocall, too," Stephenson said during the Economic Club event, ultimately declining the call on his Apple Watch. "It's literally a robocall."

"When your phone rings, there's about a 50 percent chance it's a spam robo-call," reports the Washington Post. Now a computer science professor who's researched robo-call technologies reveals the economics behind automatically dialing phone numbers "either randomly, or from massive databases compiled from automated Web searches, leaked databases of personal information and marketing data." It doesn't matter whether you've signed up with the federal Do Not Call Registry, although companies that call numbers on the list are supposed to be subject to large fines. The robo-callers ignore the list, and evade penalties because they can mask the true origins of their calls.... Each call costs a fraction of a cent -- and a successful robo-call scam can net millions of dollars. That more than pays for all the calls people ignored or hung up on, and provides cash for the next round. Casting an enormous net at low cost lets these scammers find a few gullible victims who can fund the whole operation...

Partly that's because their costs are low. Most phone calls are made and connected via the Internet, so robo-call companies can make tens of thousands, or even millions, of calls very cheaply. Many of the illegal robo-calls targeting the United States probably come from overseas -- which used to be extremely expensive but now is far cheaper...

Meanwhile, the Federal Communications Commission has been asking U.S. phone companies to filter calls and police their own systems to keep out robo-calls. It hasn't worked, mainly because it's too costly and technically difficult for phone companies to do that. It's hard to detect fake Caller ID information, and wrongly blocking a legitimate call could cause them legal problems.
The professor's article suggests guarding your phone number like you guard your credit card numbers. "Don't give your phone number to strangers, businesses or websites unless it's absolutely necessary."

"Of course, your phone number may already be widely known and available, either from telephone directories or websites, or just because you've had it for many years. In that case, you probably can't stop getting robo-calls."

An anonymous reader quotes a report from Bloomberg: Facebook and its Instagram unit sued four companies and three people based in China for promoting the sale of fake accounts, likes and followers that the social network giant says can be used for nefarious purposes. The Chinese companies advertised and created the fake accounts over the last two years and marketed them for sale on six websites, selling them in bulk quantities, according to a complaint filed Friday in San Francisco federal court. "Fake and inauthentic accounts can be used for spam and phishing campaigns, misinformation campaigns, marketing scams, advertising fraud, and other fraud schemes which are profitable at scale," Facebook and Instagram alleged. They said fake accounts were also created on Amazon, Apple, Google, LinkedIn and Twitter. The companies named as defendants -- 9 Xiu Shenzhen, 9 Xiu Feishu, 9 Xiufei and Home Network -- are based in Longyan and Shenzhen. They are affiliated manufacturers of electronics and hardware, as well as providers of software and online advertising services, according to the complaint.

According to a new 16-month study of 1.5 billion tweets, researchers write that Twitter still isn't keeping up with the flood of automated accounts designed to spread spam, inflate follower counts, and game trending topics. Wired reports: In a 16-month study of 1.5 billion tweets, Zubair Shafiq, a computer science professor at the University of Iowa, and his graduate student Shehroze Farooqi identified more than 167,000 apps using Twitter's API to automate bot accounts that spread tens of millions of tweets pushing spam, links to malware, and astroturfing campaigns. They write that more than 60 percent of the time, Twitter waited for those apps to send more than 100 tweets before identifying them as abusive; the researchers' own detection method had flagged the vast majority of the malicious apps after just a handful of tweets. For about 40 percent of the apps the pair checked, Twitter seemed to take more than a month longer than the study's method to spot an app's abusive tweeting. That lag time, they estimate, allows abusive apps to cumulatively churn out tens of millions of tweets per month before they're banned.

The researchers say they've been sharing their results with Twitter for more than a year but that the company hasn't asked for further details of their method or data. When WIRED reached out to Twitter, the company expressed appreciation for the study's goals but objected to its findings, arguing that the Iowa researchers lacked the full picture of how it's fighting abusive accounts. "Research based solely on publicly available information about accounts and tweets on Twitter often cannot paint an accurate or complete picture of the steps we take to enforce our developer policies," a spokesperson wrote.

Google has recruited its in-house machine learning framework, TensorFlow, to help train additional spam filters for Gmail users. With the new filters in place as of last month, the company claims Gmail is now blocking an extra 100 million spam messages every day. From a report: In the context of Gmail's 1 billion-plus users, this isn't necessarily a huge gain -- it works out as one extra blocked spam email per 10 users -- but Google says Gmail already blocks 99.99 percent of spam, so working out what constitutes that last sliver of a percentage is hard.

Mark Serrels, writing for CNET: Super Bowl 53 has come and gone and, for me at least, there was one clear highlight. This Microsoft commercial. [...] Essentially a commercial for Microsoft's Xbox Adaptive Controller, this ad follows up on an earlier ad from the Christmas period, which highlights young kids with limited mobility playing video games. It's incredible.

It tells the story of kids with limited mobility and their love for video games. All kids love video games and if you're a person with limited mobility, video games can often provide a pathway to experiences that are often difficult in the real world. But in some cases, particular types of limited mobility can make even the games themselves difficult to play -- which is where the Xbox Adaptive Controller comes in. Further reading: Xbox wire; and Why Xbox spent a year designing the Adaptive Controller packaging.

Americans are now getting so many robo-calls on a regular basis that many are simply choosing not to answer the phone altogether. From a report: That's one big takeaway from a report [PDF] released Tuesday by Hiya, a Seattle-based spam-monitoring service that analyzed activity from 450,000 users of its app to determine the scope of unwanted robo-calling -- and how phone users react when they receive an automated call. Consistent with other analyses, Hiya's report found that the number of robo-calls is on the rise. Roughly 26.3 billion robo-calls were placed to U.S. phone numbers last year, Hiya said, up from 18 billion in 2017. One report last year projected that as many as half of all cellphone calls in 2019 could be spam.

While many businesses have legitimate purposes for using robo-calls -- think package delivery services, home maintenance technicians and banks -- unwanted robo-calls represent a growing challenge for regulators and telecom companies. In its analysis of a month's worth of calling data, Hiya found that each of its app users reported an average of 10 unwanted robo-calls. Many more incoming calls, about 60 on average, were from unrecognized numbers or numbers not linked to a person in the recipient's address book.

It's been nearly two years since news blog MusicBusinessWorld kicked off a global conversation over 'fake artists' on Spotify. That debate is about to roar back into life. From a report: Multiple Spotify users have been complaining that their official listening history on Spotify appears to have been infiltrated by acts that they don't simply recognize. The trend was spotted by the BBC, which reported on Friday that plays of 'mystery' tracks from artists such as Bergenulo Five, Bratte Night, DJ Bruej and Doublin Night were being credited within individual Spotify user accounts -- despite these same users knowing nothing about this music.

"Apart from being musically unremarkable, they generally have a few things in common: short songs with few or no lyrics, illustrated with generic cover art, and short, non-descriptive song titles," said the Beeb of these acts -- some of whom had managed to rack up tens of thousands of plays. Albums from these artists contained more than 40 songs apiece, with each track just a minute or two in duration. After the BBC alerted Spotify to the trend, all of these artists disappeared from its platform entirely.

Verizon says it will give all its subscribers free access to its spam alert and call blocking tools, so long as their phones can support the features. From a report: The carrier originally rolled out those tools over a year ago as part of its $3-per-month Call Filter add-on. But starting in March, subscribers with compatible smartphones (including iPhone and Android devices) will be able fend off unwanted robocalls without having to pay extra. Verizon says it will release more info on how to sign up for the free tools near their launch date.

Last week, Ars Technica reported that Verizon's new "spam" fee for texts sent from teachers to students might stop working on the network because of a dispute over texting fees that Verizon demanded from Remind, the company that operates the service. Now, it appears that Verizon "has backed down from its original position slightly, and ongoing negotiations could allow the free texting service to continue," reports Ars. From the report: As we reported Monday, the dispute involves Verizon and Remind, which makes a communication service used by teachers and youth sports coaches. Verizon is charging an additional fee, saying the money will be used to fund spam-blocking services. The fee would increase Remind's costs for sending texts to Verizon users from a few hundred thousand dollars to several million dollars per year, Remind said. Remind said it would absorb the cost in order to continue providing the paid version of its service. But most of Remind's 30 million users rely on the free version of the service, and Remind said it could no longer provide free text message notifications over Verizon's network unless the fee is reversed.

Verizon issued an announcement today, titled "App provider Remind threatens to eliminate a free texting service for K-12 education organizations (which will cost it nothing)." The title reflects a new offer Verizon said it made on Tuesday, which would reverse the fee for K-12 users of the free Remind service. "Verizon will not charge Remind fees as long as they don't begin charging K-12 schools, educators, parents and students using its free text message service," Verizon said. "Despite this offer, made Tuesday, Remind has not changed its position that it will stop sending free texts to Verizon customers who use the service regarding school closures, classroom activities and other critical information." The report goes on to note that simply limiting the offer to K-12 users means the fee "would still be charged for preschools, day-care centers, and youth sports coaches who use the free Remind service."

Joshua S. Goldstein, a professor emeritus of international relations at American University, and Staffan A. Qvist, an energy engineer and consultant, writing for The Wall Street Journal: Climate scientists tell us that the world must drastically cut its fossil fuel use in the next 30 years to stave off a potentially catastrophic tipping point for the planet. Confronting this challenge is a moral issue, but it's also a math problem -- and a big part of the solution has to be nuclear power. Today, more than 80% of the world's energy comes from fossil fuels, which are used to generate electricity, to heat buildings and to power car and airplane engines. Worse for the planet, the consumption of fossil fuels is growing quickly as poorer countries climb out of poverty and increase their energy use. Improving energy efficiency can reduce some of the burden, but it's not nearly enough to offset growing demand.

Any serious effort to decarbonize the world economy will require, then, a great deal more clean energy, on the order of 100 trillion kilowatt-hours per year, by our calculations -- roughly equivalent to today's entire annual fossil-fuel usage. A key variable is speed. To reach the target within three decades, the world would have to add about 3.3 trillion more kilowatt-hours of clean energy every year. Solar and wind power alone can't scale up fast enough to generate the vast amounts of electricity that will be needed by midcentury, especially as we convert car engines and the like from fossil fuels to carbon-free energy sources. Even Germany's concerted recent effort to add renewables -- the most ambitious national effort so far -- was nowhere near fast enough. A global increase in renewables at a rate matching Germany's peak success would add about 0.7 trillion kilowatt-hours of clean electricity every year. That's just over a fifth of the necessary 3.3 trillion annual target.

An anonymous reader quotes a report from Ars Technica: A free texting service used by teachers, students, and parents may stop working on the Verizon Wireless network because of a dispute over texting fees that Verizon demanded from the company that operates the service. As a result, teachers that use the service have been expressing their displeasure with Verizon. Remind -- the company that offers the classroom communication service -- criticized Verizon for charging the new fee. Remind said its service's text message notifications will stop working on the Verizon network on January 28 unless Verizon changes course. (Notifications sent via email or via Remind's mobile apps will continue to work.) The controversy cropped up shortly after a Federal Communications Commission decision that allowed U.S. carriers' text-messaging services to remain largely unregulated. Verizon says the fee must be charged to fund spam-blocking services. Remind said in a statement: "To offer our text-messaging service free of charge, Remind has always paid for each text that users receive or send. Now, Verizon is charging Remind an additional fee intended for companies that send spam over its network. Your Remind messages aren't spam, but that hasn't helped resolve the issue with Verizon. The fee will increase our cost of supporting text messaging to at least 11 times our current cost -- forcing us to end free Remind text messaging for the more than 7 million students, parents, and educators who have Verizon Wireless as their carrier."

Python "is often described as being slow when it comes to performance... But is that truly the case?" writes Patrick Wohlschlegel, Arm's senior product manager for infrastructure and high-performance computing tools.

Slashdot reader igor.sfiligoi writes: Effectively profiling Python has always been a pain. Arm recently announced that their Arm Forge is now able to profile both Python and compiled code.
It's available for any hardware architecture, Wohlschlegel writes, adding that developers "typically assume that most of the execution time is spent in compiled, optimized C/C++ or Fortran libraries (e.g. NumPy) which are called from Python..."

"How confident are you that your application is not wasting your precious computing resources for the wrong reasons?"