Through public records requests, The Markup found more than 20 public agencies using the sometimes-controversial software. From the report: In 2020, the FDA's Center for Drug Evaluation and Research (CDER) faced a daunting task: It needed to fill more than 900 job vacancies -- and fast. The center, which does things like inspect pharmaceutical manufacturing facilities, was in the process of modernizing the FDA's New Drugs Regulatory Program just as the pandemic started. It faced "a surge in work," along with new constraints that have affected everyone during the pandemic, including travel limitations and lockdowns. So they decided to turn to an artificial intelligence tool to speed up the hiring, according to records obtained by The Markup. The center, along with the Office of Management and the Division of Management Services, the background section of a statement of work said, were developing a "recruitment plan to leverage artificial intelligence (AI) to assist in the time to hire process."

The agency ultimately chose to use HireVue, an online platform that allows employers to review asynchronously recorded video interviews and have recruits play video games as part of their application process. Over the years the platform has also offered a variety of AI features to automatically score candidates. HireVue, controversially, used to offer facial analysis to predict whether an applicant would be a good fit for an open job. In recent years, research has shown that facial recognition software is racially biased. In 2019, the company's continued use of the technique led one member of its scientific advisory board to resign. It has since stopped using facial recognition. The Markup used GovSpend, a database of procurement records for U.S. agencies at the state, local, and federal levels, to identify agencies that use HireVue. We also searched for agencies using Teramind and ActivTrak, both another kind of controversial software that allows employers to remotely monitor their workers' browsing activities through screenshots and logs. The Markup contacted and filed public records requests with those 24 agencies to understand how they were using the software. Eleven public agencies, including the FDA, replied to The Markup with documents or confirmations that they had bought HireVue at some point since 2017. Of the six public agencies that replied to The Markup's questions confirming that they actually used the software, all but one -- Lake Travis Independent School District in Texas -- confirmed they did not make use of the AI scoring features of the software. Documents and responses from 13 agencies confirmed that they purchased Teramind or ActivTrak at some point during the same time frame.

An anonymous reader shares a report: Earlier this month, we broke a story about Toyota locking its key fob remote start function behind a monthly subscription. If owners of certain models aren't actively enrolled in a larger Toyota connected services plan, the proximity remote start function on the fob -- that is, when you press the lock button three times to start the car while outside of it -- will not work even though it sends the signal directly to the car. Obviously, this sent people into a frenzy whether they own a Toyota or not, because it was seen as a dark harbinger of the perils of fully-connected cars. Automakers now have the ability to nickel and dime people to death by charging ongoing subscription fees for functions that used to be a one-and-done purchase, and it looked like Toyota was hopping on the bandwagon.

At the time, Toyota declined to give us a detailed answer on why it chose to take a feature that doesn't need an internet connection to function and moved it behind a paywall. Today, we've got answers. Toyota now claims it never intended to market the key fob remote start as a real feature, and it also says the subscription requirement was an inadvertent result of a relatively small technical decision related to the way its new vehicles are architectured. Finally, Toyota has heard the outrage over the last week -- a spokesperson told us the company was caught off guard by the blowback -- and its executive team is currently examining whether it's possible to reverse course and drop the subscription requirement for key fob remote start.

Game makers are increasingly selling virtual weapons and gear as NFTs, extending the trendy digital deeds' reach but rankling some players. From a report: More videogame makers are selling virtual guns, helmets and other gear in the form of NFTs, a move that is increasingly pushing the trendy digital deeds into the average household. Players have been paying for virtual goods in games like "Grand Theft Auto Online" and "World of Warcraft" for years, but turning those items into nonfungible tokens would let gamers trade and resell them, making them into potentially valuable assets. The change also could mean that players who buy an NFT in one game could use it later in other games, on social media and in other corners of the internet -- an important step in developing an economy for the so-called metaverse. "FarmVille" maker Zynga and "Assassin's Creed" creator Ubisoft Entertainment are among the first big, publicly traded gaming companies to say they are experimenting with the strategy. Electronic Arts, Playtika and others are also looking into NFTs' potential use for engaging players.

"We're doing this because this may be part of the future of gaming," said Matt Wolf, Zynga's new vice president of blockchain gaming. "This is all about community building." Nonfungible tokens are essentially digital deeds that verify the authenticity of the items they represent as unique. They are the latest internet-based collecting craze, and so far they have come in forms ranging from digital artwork and trading cards to virtual real estate and sneakers, as well as concert tickets and even sports highlights. The tokens are stored on a blockchain, a digital ledger that shows when they were purchased and for how much, and ensures NFTs can't be duplicated or changed. Amid all that activity, NFTs' advent in videogames holds particular significance because gamers spend so much time in virtual worlds. That makes them potential early adopters in the metaverse -- a virtual realm where proponents say people will work, play and shop and where technology experts say the ability to buy and sell NFTs will be key.

An anonymous reader shares a report : Ms. Carter is part of a wave of executives and engineers leaving cushy jobs at Google, Amazon, Apple and other large tech companies -- some of which pay millions of dollars in annual compensation -- to chase what they see as a once-in-a-generation opportunity. That next big thing is crypto, they said, a catchall designation that includes digital currencies like Bitcoin and products like nonfungible tokens, or NFTs, that rely on the blockchain. Silicon Valley is now awash with stories of people riding seemingly ridiculous crypto investments like Dogecoin, a digital coin based on a dog meme, to life-changing wealth. Bitcoin has soared around 60 percent this year, while Ether, the cryptocurrency tied to the Ethereum blockchain, has increased more than fivefold in value.

But beyond that speculative mania, a growing contingent of the tech industry's best and brightest sees a transformational moment that comes along once every few decades and rewards those who spot the seismic shift before the rest of the world. With crypto, they see historical parallels to how the personal computer and the internet were once ridiculed, only to upend the status quo and mint a new generation of billionaires. Investors, too, have flooded in. They have poured more than $28 billion into global crypto and blockchain start-ups this year, four times the total in 2020, according to PitchBook, a firm that tracks private investments. More than $3 billion has gone into NFT companies alone. "There is a giant sucking sound coming from crypto," said Sridhar Ramaswamy, chief executive of search engine start-up Neeva and a former Google executive, who competes with crypto companies for talent. "It feels a bit like the 1990s and the birth of the internet all over again. It's that early, that chaotic and that much full of opportunity."

[...] The growing ranks of true believers say crypto can change the world by creating a more decentralized internet that is not controlled by a handful of companies. While such possibilities have existed since Bitcoin emerged in 2009, crypto products such as NFTs broke through to the mainstream only this year. That has accelerated the exodus from Big Tech companies into the crypto world. This month, Brian Roberts, the chief financial officer of Lyft, left the ride-hailing company to join OpenSea, a popular crypto start-up."I've seen enough cycles and paradigm shifts to be cognizant when something this big is just emerging," he said in an email. "We are Day 1 in terms of NFTs and their impact."

Bloomberg Businessweek: Each holiday season since 2015, Amazon.com has counted on selling a lot of its Alexa voice-controlled smart speakers. For almost as long, it's known that the devices have had trouble holding customers' attention even into January. According to internal data, there have been years when 15% to 25% of new Alexa users were no longer active in their second week with the device. Concern about user retention and engagement comes up repeatedly in internal planning documents that Bloomberg Businessweek viewed. The documents, which covered 2018 to 2021, detail Amazon's continued ambitions for Alexa, including plans to add more cameras and sensors that would allow devices to recognize different voices or determine which rooms users are in during each interaction. They also reveal the roadblocks the company sees to realizing these goals. Last year, Amazon's internal analysis of the smart speaker market determined it had "passed its growth phase" and estimated it would expand only 1.2% annually for the next several years.

In the moments before a 6.2-magnitude earthquake struck the northern California coast on Monday, roughly half a million phones began to buzz. From a report: An early-alert system managed by the US Geological Survey sent warnings out before the ground started to shake, giving residents in the sparsely populated area vital time to take cover. The earthquake brought significant shaking but minimal damage in Humboldt county, about 210 miles north-west of San Francisco, and officials said it was an excellent test of the alert-system. It was the largest magnitude quake that's occurred since the system, known as ShakeAlert, was officially rolled out across the west coast. "We got some reports from folks that they got up to 10 seconds' warning before they felt shaking. That's pretty darn good," said Robert de Groot, a ShakeAlert coordinator with the USGS.

ShakeAlert issues warnings through a series of agencies and apps including the MyShakeApp, public wireless emergency alert systems, and the Android operating system, powered by Google. A data package is created from information provided by USGS sensors and -- within seconds -- shows up on phones. Some apps that provide alerts are available to download but even some who didn't have an app on their phone were notified. Affected individuals are instructed to drop, cover, and hold on. Having extra seconds to do so can save lives. This event provided an opportunity for the scientists and system operators to test and improve ShakeAlert so it will be even better when the next big earthquake strikes. "We can run as many simulations and tests as possible but we are really going to learn the most from real earthquakes," de Groot said. "It's giving us the chance to use the system and learn how to do a better job of alerting people."

Slashdot readers fahrbot-bot and Tangential share a report from Defense One: Within weeks, scientists at the Walter Reed Army Institute of Research expect to announce that they have developed a vaccine that is effective against COVID-19 and all its variants, even Omicron, as well as previous SARS-origin viruses that have killed millions of people worldwide. Walter Reed's Spike Ferritin Nanoparticle COVID-19 vaccine, or SpFN, completed animal trials earlier this year with positive results. Phase 1 of human trials, which tested the vaccine against Omicron and the other variants, wrapped up this month, again with positive results that are undergoing final review, Dr. Kayvon Modjarrad, director of Walter Reed's infectious diseases branch, said in an exclusive interview with Defense One. The new vaccine will still need to undergo phase 2 and phase 3 trials.

Unlike existing vaccines, Walter Reed's SpFN uses a soccer ball-shaped protein with 24 faces for its vaccine, which allows scientists to attach the spikes of multiple coronavirus strains on different faces of the protein. The vaccine's human trials took longer than expected, he said, because the lab needed to test the vaccine on subjects who had neither been vaccinated nor previously infected with COVID. The next step is seeing how the new pan-coronavirus vaccine interacts with people who were previously vaccinated or previously sick. The next step is seeing how the new pan-coronavirus vaccine interacts with people who were previously vaccinated or previously sick. Walter Reed is working with a yet-to-be-named industry partner for that wider rollout.

An anonymous reader quotes a report from Gizmodo: A new report released by Ookla placed the U.S. at the very top of a list of 40 countries in terms of 5G availability. To determine this, Ookla tested to see what percent of users with 5G devices spent the majority of their time actually on 5G during Q3. Under that criteria, the U.S. ranked number one with 49.2% availability. But hold on, don't whip out your red, white, and blue foam finger just yet, it's not all good news. The actual download and upload speeds (in other words, the whole point) of 5G networks still vary significantly by country according to the report. Though the U.S. ranked first in availability, its actual download speeds were amongst the worst of early 5G adopter nations. Ookla placed median 5G download speeds at 93.73 Mbps in the US, far lower than the UK's 184.2 Mbps median and far lower still than South Korea, which led the pack at 492.48 Mbps. The U.S. placed around the same relative position for upload speeds as well. And while U.S. wireless customers can take some solace knowing they're on the top of the availability list, the list itself is unimpressive as a whole, especially in relation to the types of coverage necessary for 5G's most ambitious promises.

Seoul is reining in tech giants Kakao and Naver to save small business -- but it might be too little, too late. From a report: South Korea has left hard cash in the dust. The country is a virtually friction-free, digital payments dream, where just a fraction of purchases are done in notes and coins. Park Se-hwa's bookstore, on a commercial street in Seoul, is a holdout. Inside the narrow door, a sign reads: "The best way to support the bookstore is to pay cash." She bristles every time she processes a purchase by card, since it means she has to pay a fee to the bank, taking a slice out of the already thin income she brings in from book sales. Park refuses, on principle, to use payments services from local tech giants like KakaoPay or Naver Pay. She won't build a platform on Amazon, the e-commerce behemoth that built itself up by reinventing the publishing world. "Those big companies are the public enemy of booksellers," she said. Park, 31, has operated her bookstore for a little more than a year. Her first vocation out of college was in the national Air Force, working seven-hour shifts monitoring radar for signs of North Korean missile launches. She started again as an entrepreneur after spending years in a series of unfulfilling jobs, like an increasing number of young, educated Koreans.

With South Koreans' buying activity moving almost entirely online, and the margins of small businesses contracting, she worries that the texture is disappearing from Seoul's streets. "If you look in any new area, it's always just chain stores that open, the same corporate convenience stores and coffee shops. Independent stores can't compete with them," she told Rest of World. Park may seem an anomaly, but she isn't. Her fears reverberate as high up as South Korea's lawmakers and its steely antitrust commission, who have spent this year attempting to rein in the country's vastly powerful tech giants. Kakao and Naver, both multibillion-dollar, publicly-traded empires, are the main targets: They have rapidly expanded their tentacles into South Koreans' digital lives in a way that uncomfortably mirrors the country's previous generation of conglomerates, like Samsung and LG. The government worries that their growth is coming at the sacrifice of the country's small businesses, who they say are being crushed with fees and impossibly high levels of online competition. Over the second half of this year, the battle with regulators has intensified. Both Naver and Kakao recently backpedalled on plans to expand their fintech services when the Financial Services Commission abruptly tightened standards. As the companies' jitters mounted, KakaoPay twice delayed its plans for a stock debut, infecting potential investors with concern. A total of eight different bills, proposed by lawmakers from both main parties, are pending in the legislature. They look to impose stricter standards on what kinds of fees online platforms can charge users, how much they can charge advertisers, and other measures intended to rein in their growth.

Long-time Slashdot reader bird writes: Without admitting wrong-doing, would-be electric truck maker Nikola has agreed to a $125,000,000 settlement to settle charges that it defrauded investors with false claims about their EV vehicle technology. You may recall the video of a supposedly electric-powered truck that was later admitted to be powered not by a motor but rather by gravity? Nikola. The Seattle Times provides additional details about the settlement: Nikola violated the antifraud and disclosure control provisions of the federal securities laws, the Securities and Exchange Commission said Tuesday. In July the founder and one-time chair of Nikola, Trevor Milton, was freed on $100 million bail after pleading not guilty to charges alleging he lied about the company. The U.S. Attorney's Office in Manhattan, New York, charged Milton, 39, with two counts of securities fraud and wire fraud. He resigned as chairman in September. The SEC said in its order that Milton embarked on a public-relations campaign aimed at inflating and maintaining Nikola's stock price before the company had produced a vehicle. The SEC also found that Milton misled investors about Nikola's technological advancements, in-house production capabilities, hydrogen production, truck reservations and orders, and financial outlook. In addition, it found that Nikola misled investors by misrepresenting or omitting information about the refueling time of its prototype vehicles, as well as the economic risks and benefits associated with a potential partnership with General Motors.

Nikola, based in Phoenix, didn't admit or deny the SEC's findings. The company did agree to cease and desist from future violations and to the $125 million penalty. Nikola also agreed to continue cooperating with the SEC's ongoing investigation. The order also establishes a fund to return penalty proceeds to investors who were affected. "We are pleased to bring this chapter to a close as the company has now resolved all government investigations," Nikola said in a statement. We will continue to execute on our strategy and vision to deliver on our business plan."

David E. Sanger and Julian E. Barnes reporting via the New York Times: In the closing days of 2015, the lights went out across a swath of Ukraine as Russian hackers remotely took over an electric utility's control center and flipped off one power station after another, while the company's operators stared at their screens helplessly. The next year, the same thing happened, this time around Kyiv, the capital. Now the United States and Britain have quietly dispatched cyberwarfare experts to Ukraine in hopes of better preparing the country to confront what they think may be the next move by President Vladimir V. Putin of Russia as he again menaces the former Soviet republic: Not an invasion with the 175,000 troops he is massing on the border, but cyberattacks that take down the electric grid, the banking system, and other critical components of Ukraine's economy and government. Russia's goal, according to American intelligence assessments, would be to make Ukraine's president, Volodymyr Zelensky, look inept and defenseless -- and perhaps provide an excuse for an invasion.

The Russian cyberactivity was discussed by roughly a dozen officials, who requested anonymity because the information was derived from classified intelligence and sensitive discussions about how to mitigate the Russian threat. Those conversations have focused on whether Mr. Putin thinks that a crippling of Ukraine's infrastructure could be his best hope of achieving his primary goal: ousting the Ukrainian government and replacing it with a puppet leader. The calculus, one senior intelligence official said, would be that such an attack would not require him to occupy the country -- or suffer as many of the sanctions that would almost certainly follow a physical invasion.

Already Mr. Putin has been working to build support domestically and in Africa and South and Central America. Russian-led information campaigns have been focused on denigrating the Ukrainian government and accusing its leader of creating a humanitarian crisis in the country's east, where Ukrainian government forces have been battling Russia-led separatists for years, according to U.S. and allied officials. American officials declined to describe the cyberteams that have been inserted into Ukraine. In a statement, the Biden administration said only that "we have long supported Ukraine's efforts to shore up cyberdefenses and increase its cyberresiliency." A spokeswoman for the British government said the assistance that Britain and its allies were providing was defensive in nature. While neither government would provide details, officials said the United States was considering a larger deployment, including resources from U.S. Cyber Command. But it is unclear how much good a bigger team could do beyond demonstrating support.

Cloudflare blog: Let's start with our Top Domains Ranking and 2021 brought us a very interesting duel for the Number 1 spot in our global ranking. Google.com (which includes Maps, Translate, Photos, Flights, Books, and News, among others) ended 2020 as the undefeated leader in our ranking -- from September to December of last year it was always on top. Back then TikTok.com was only ranked #7 or #8.

Top 10 -- Most popular domains (late) 2021

1 TikTok.com
2 Google.com
3 Facebook.com
4 Microsoft.com
5 Apple.com
6 Amazon.com
7 Netflix.com
8 YouTube.com
9 Twitter.com
10 WhatsApp.com

Top 10 -- Most popular domains (late) 2020

1 Google.com
2 Facebook.com
3 Microsoft.com
4 Apple.com
5 Netflix.com*
6 Amazon.com
7 TikTok.com
8 YouTube.com
9 Instagram.com *
10 Twitter.com

2021 told a different story. It was on February 17, 2021, that TikTok got the top spot for a day. Back in March, TikTok got a few more days and also in May, but it was after August 10, 2021, that TikTok took the lead on most days. There were some days when Google was #1, but October and November were mostly TikTok's days, including on Thanksgiving (November 25) and Black Friday (November 26).

The first text message ever sent, reading "Merry Christmas," was sold on Tuesday for 107,000 euros ($121,000) as a 'Non-Fungible Token' at a Paris auction house. From a report: The text, which was sent on Dec. 3, 1992, was put up for auction by the British telecoms company Vodafone. Vodafone engineer Neil Papworth sent the SMS from his computer to a manager in the United Kingdom, who received it on his 2-kg (4 lb) "Orbitel" telephone -- similar to a desk phone but cordless and with a handle.

The number of people using Android Apps on Chromebooks grew 50 percent year over year, according to a blog post from Chrome OS product managers Fahd Imtiaz and Sanj Nathwani this week. The execs cited internal Google data recorded from 2020-2021. From a report: In 2021, as some smartphones moved to Android 12, Google worked on updating Chromebooks to support Android 11, while attempting to boost security and performance by bringing Android on Chrome OS to a virtual machine, rather than a container. The company also improved its general usability, using runtime improvements to make the resizing and scaling of Android apps on Chromebooks work better, as well as app rendering. As the developer-focused blog noted, Chromebooks on Chrome OS 93 or newer (the latest is Chrome OS 96) automatically run Android apps made for mobile devices in a window that's set to stay in a "phone or tablet orientation." And, yes, you can turn this feature off. Additionally, Imtiaz and Nathwani pointed to Android's Nearby Share feature coming to Chrome 96 for Android 11 and Android 9 apps as another way to try to get developers excited about making their apps fit devices with larger screens.

Fresh off relinquishing the chief executive reins of Twitter, Bitcoin enthusiast Jack Dorsey has taken to the service he co-founded to voice his displeasure with so-called Web3 technology and the involvement of venture capital firms like Andreessen Horowitz. From a report: Web3, the still hazy term for blockchain-based, decentralized systems and tech that are meant to replace the internet as we know it, has garnered much attention and funding this year, with Andreessen Horowitz being among its loudest cheerleaders. Trading of non-fungible tokens, or NFTs, on the Ethereum and Solana blockchains has been the most visible manifestation, with many companies now investing in the development of decentralized apps as well as games for those platforms.

"You don't own 'web3'," tweeted Dorsey. "The VCs and their LPs do. It will never escape their incentives." The post drew more than 16,000 likes and thousands of retweets. Many pushed back with comments like "highly disagree" and "dead wrong," though many others chimed in with support. Tesla chief Elon Musk got in on the discussion by asking if anyone has seen Web3, to which Dorsey replied "it's somewhere between a and z," hinting that it's held under the control of the VC firm founded by Marc Andreessen and Ben Horowitz, commonly contracted to a16z.

New York-based firm Pliant Energy Systems is building a marine system reminiscent of the cuttlefish with its rippling underwater motion, a report from The Economist reveals. The company's biomimetic machine, called Velox, is based on the principle that propellers are nowhere near as efficient as the fins of sea creatures that are prevalent in nature. Interesting Engineering reports: Unlike propellers, fins and flippers can extend around a sea creature, meaning more propulsion without the need for a large protruding propeller that could get caught or damaged by hitting the seabed. Fins are also flexible, meaning that if they do come in contact with any other object in the sea, they are less likely to get damaged. In an interview with The Economist, an ex-marine biologist and founder of Pliant Energy Systems, Benjamin Pietro Filardo, explained how he is designing submersible machines that are propelled using flexible fin-like materials. He said Velox will produce approximately three times as much thrust per unit energy as the average propeller of a small boat. The system can travel underwater and even come out onto land, using its fins almost like robotic legs. The video below shows Velox skating on ice and swimming in a pool.

Filardo showed his new design to America's Office of Naval Research, leading them to commission a new iteration, called C-Ray, that will be faster and lighter than Velox. C-Ray also won't be tethered, unlike Velox, which is currently controlled via a cable. Autonomous swarms of the machine could eventually be used for missions such as undersea patrols, mine removal, and deepsea exploration and monitoring. [...] Filardo said the system has great potential for scalability, giving the blue whale as an example of a massive sea mammal that uses fins for propulsion. Impressively, he also revealed that he is also working on a concept that would allow his system to moor itself, and then use the undulations of its fins, thanks to the sea current, to recharge. A lot of testing is still needed, but if Filardo's system delivers on its promise, we might eventually see giant mechanical sea beasts silently gliding through the oceans.

A Philadelphia mother has given birth to what is believed to be the world's first Tesla baby: an infant delivered in the front seat of an electric smart car while it was driving on autopilot. From a report: The remarkable delivery, reported by the Philadelphia Inquirer, took place in September while Yiran Sherry, 33, and her husband Keating Sherry, 34, were taking their three-year-old son Rafa to pre-school. Yiran Sherry's waters broke while the family was stuck in traffic. With contractions increasing rapidly and traffic barely moving, the couple realized they were not going to make it in time.

Keating Sherry placed the vehicle on autopilot after setting the navigation system to the hospital, 20 minutes away in the western suburb of Paoli. He said he laid one hand gently on the car's steering wheel as he attended to his wife. "She was squeezing my hand to the point where I thought she was going to shatter it," Keating Sherry told the Inquirer. "I was [saying] 'Yiran, OK, focus on your breathing.' That was advice to myself, as well. My adrenaline was pumping." Yiran Sherry said the decision over whether to try to wait to give birth until they reached the hospital was an agonising one. However, she said, she kept glancing at their estimated arrival time and saw it was barely moving.

Before Google Wifi was announced alongside the original Pixel phone, Google a year earlier released OnHub-branded routers from Asus and TP-Link. In late 2022, Google will end support for OnHub routers that will be seven years old at that time. 9to5Google reports: At six years old, currently, Google said "a lot has changed" in the router landscape, and that it will end support for them on December 19, 2022. This is according to emails that customers (via Droid-Life) have been receiving and a new support document. Until that date, "your OnHub router will continue to work as normal," but without security updates for new software features. The last combined OnHub and Google Wifi update came in October of 2019, while Google and Nest Wifi have had several OTAs since then. That said, a year later, the Google Home app added support for managing OnHub hardware ahead of the Google Wifi companion client getting deprecated.

Google recommends you "upgrade to a new Wi-Fi setup today" and emailed a 40% off Nest Wifi offer to existing OnHub router users that will be available until March 31, 2022. After December 19 next year, the OnHub router will continue to "provide a Wi-Fi signal" but no longer be manageable through the Google Home app, which is the downside of routers that are entirely managed via the cloud/companion app and do not offer local controls. While OnHub routers will continue to work and not disrupt existing networks, Google's decision to remove the ability to change basic settings is quite aggressive. Hopefully, the 2016 Google Wifi will see a longer support period.

Despite the European Union's highest court twice declaring that the United States does not offer sufficient protection for Europeans' data from American national security agencies, the social media giant's lawyers continue to disagree, according to internal documents seen by POLITICO. Their conclusion that the U.S. is safe for EU data is part of Facebook's legal argument for it to be able to continue shipping data across the Atlantic. From the report: In July 2020, the Court of Justice of the European Union (CJEU) struck down a U.S.-EU data transfer instrument called Privacy Shield. The court concluded Washington did not offer adequate protection for EU data shipped overseas because U.S. surveillance law was too intrusive for European standards. In the same landmark ruling, the Luxembourg-based court upheld the legality of another instrument used to export data out of Europe called Standard Contractual Clauses (SCCs). But it cast doubt on whether these complex legal instruments could be used to shuttle data to countries where EU standards cannot be met, including the U.S. The CJEU reached a similar conclusion in 2015, striking down the predecessor agreement to Privacy Shield because of U.S. surveillance law and practices. In both rulings, Europe's top judges categorically stated Washington did not have sufficiently high privacy standards. Still, Facebook -- the company at the heart of both cases -- thinks it shouldn't follow the court's reasoning.

The company's lawyers argue in the documents that the EU court ruling "should not be relied on" for the social media company's own assessment of data transfers to the U.S., because the judges' findings relate to Privacy Shield data pact, and not the Standard Contractual Clauses which Facebook uses to transfer data to the U.S. "The assessment of U.S. law (and practice) under Article 45 GDPR is materially different to the assessment of law and practice required under Article 46 GDPR," the document reads. That refers to the two different types of legal data transfer instruments under the EU's General Data Protection Regulation and indicates that assessment under SCCs is different to assessment under Privacy Shield. The company also says that changes to U.S. law and practices since the July 2020 ruling should be taken into account. As an example, it cites the U.S. Federal Trade Commission, a watchdog, "carrying out its role as a data protection agency with unprecedented force and vigour." Those arguments have been central to Washington's pitch during ongoing transatlantic negotiations over a new EU-U.S. data agreement. "Though companies have to take the EU court ruling into account when making their own assessments of third party country regimes, they can, in theory, diverge from the court's findings if they believe it is justified in a particular situation," notes Politico. "This means that companies like Facebook can, in theory, continue to ship data out of Europe if they can prove its sufficiently protected."

Google's open-source team said they scanned Maven Central, today's largest Java package repository, and found that 35,863 Java packages use vulnerable versions of the Apache Log4j library. From a report: This includes Java packages that use Log4j versions vulnerable to the original Log4Shell exploit (CVE-2021-44228) and a second remote code execution bug discovered in the Log4Shell patch (CVE-2021-45046). James Wetter and Nicky Ringland, members of the Google Open Source Insights Team, said in a report today that typically when a major Java security flaw is found, it typically tends to affect only 2% of the Maven Central index. However, the 35,000 Java packages vulnerable to Log4Shell account to roughly 8% of the Maven Central total of ~440,000, a percentage the two described using just one word -- "enormous." But since the vulnerability was disclosed last week, Wetter and Ringland said the community has responded positively and has already fixed 4,620 of the 35,863 packages they initially found vulnerable. This number accounts to 13% of all the vulnerable packages.