By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

If all goes according to plan, Google will phase out third-party cookies by the end of 2023. These cookies, which brands use to track consumers’ browsing habits across the web, have long been controversial. Recently, the developers of major browsers have begun to block them entirely, preventing websites from saving third-party cookies on users’ systems. The end of these cookies may have big implications for privacy on the web. Third-party cookies are bits of information saved by browsers that were placed on a website by someone other than the owner. For example, pressing the "Like" button on a site may store a cookie on someone’s computer from Facebook, which the company can use to identify the user and the websites they visit. Unlike first-party cookies, which sites use to save preferences and visitor information for later visits, these cookies can track behavior across the web rather than being limited to just one location. In practice, brands and advertisers use third-party cookies to display advertisements that are relevant to users’ browsing habits. For example, if a person visits several sites related to cars, an advertiser may use third-party cookie information to serve them new auto advertisements. The use of third-party cookies has long been controversial. Proponents of online privacy say they make users less private -- and, in some cases, may even create security risks. Google’s decision to phase out third-party cookies by the end of 2023 comes after similar moves made by Apple and Mozilla, the developer of the popular web browser Firefox. No major web browsers will support them once Google phases them out. Apple and Mozilla had similar rationales for ditching third-party cookies -- protecting user privacy from brands and advertisers. Some advertising industry leaders believe consumers will want third-party cookies back so they get relevant ads. However, there’s not much evidence that consumers are particularly anxious about Google’s move to phase these cookies out. There’s a good chance that once the cookies are gone, they’ll be gone for good. The end of third-party cookies is also part of a much bigger movement to protect user privacy online. Along with laws like the GDPR in the EU or the CCPA in California, the disappearance of third-party cookies could signal the growing importance of user privacy to consumers, lawmakers, and businesses. The average consumer will probably experience a few noticeable changes due to Google’s third-party cookie phaseout. It will be much harder for brands to track browsing behavior online. This change will help protect people’s privacy from companies that want to learn more about how they use the internet. It will also make it harder for companies to target advertisements based on users’ interests and browsing history. In the months after the end of third-party cookies, people may notice ads become less specific to their particular interests. In response to the loss of third-party cookie data, marketing agencies and brands will also look for new ways to gather information on consumers’ browsing habits. Most companies that rely on third-party cookie data say they’re not ready for this change, but some brands have already shifted away from using cookies to inform their advertising strategy. People may notice that brands ask for information more frequently, rely on first-party cookies to gather information, and use surveys, polls or other data-gathering strategies to learn more about users’ interests and preferences. This new information will replace the data from third-party cookies that they currently collect. Follow this thread and more on OUR FORUM.

Microsoft has made Windows licensing and activation ridiculously complex. Here's what you need to know. That sentence, which has scrolled past PC users' eyeballs for decades as they click through Windows license agreements without reading them, is what made Bill Gates rich. It is also the gateway to an insanely confusing thicket of legal verbiage, and Microsoft has made the topic even more bewildering through the years by adding layers of anti-piracy protection that are only indirectly related to the license itself. (And let's not even start on weaselly words like genuine.) I've been studying Microsoft licensing agreements for more than two decades. During that time, I've written dozens of articles on the subject and have prepared testimony as an expert witness in criminal and civil cases where Microsoft licensing was at the crux of some serious disagreements. One thing I've learned along the way is that even people who work for Microsoft sometimes get confused about when a license is legitimate and when it's not. And if they have trouble sorting out license agreements, what chance do the rest of us have? Most of the time, a Windows license is strictly a formality, something you can safely ignore. But occasionally, it matters, especially if you're building your own PC or upgrading to a different edition. If you're making IT purchases for a business that involves more than a few dozen PCs, it absolutely matters. To make this difficult topic a little easier, I've put together a list of questions and answers focused specifically on Windows PCs. Is your license valid? How can you tell? Should you care? All of those things are, potentially, evidence that you possess a valid license, which is a legal grant from the licensor (Microsoft) to the licensee (you) which gives you the right to use Microsoft Windows on a particular device, provided that you follow the terms of the license agreement. The license itself is an intangible thing, governed by a legal agreement between you and either Microsoft or one of its partners who resold the Windows license as part of a new PC. That license agreement is the thing you scroll through quickly without reading every time you install Windows. But here's the most fascinating and frustrating part of Windows licensing. If I sit down in front of your computer and (with your permission) do a thorough inspection, I cannot conclusively determine whether you have a valid Windows license. I can confirm that the system is properly activated. I can also make an educated guess about the license status, and I will probably be right. But without seeing an audit trail of receipts for the PC and/or its system software, there's no way of knowing for sure. Over time, Microsoft discovered that it was in the company's best interests to tolerate a certain amount of casual copying as part of its goal of not pissing off legitimate customers. I can't remember the last time I received a complaint about product activation issues with Windows. Today, the overwhelming majority of Windows PCs are sold by giant OEMs that pay Microsoft for every license. Only a tiny sliver of PCs is built by hobbyists or small system builders. If someone in one of those groups tries to reuse a product key inappropriately (by activating multiple PCs using the same product key in a matter of days), the activation servers will object strenuously. But if you reuse a product key months after the first use, it's likely that Microsoft's activation servers will wave you right through. If you bought a PC with Windows preinstalled, you don't need to enter a product key when you set it up for the first time. The company that built that PC entered the product key as part of the process of preparing the system for delivery to you. Big-name OEMs embed that product key into the BIOS. Smaller system builders enter the product key using deployment tools. In either case, once you start up your brand-new PC, accept the license agreement, and activate your copy, that product key is no longer necessary. You can reinstall that edition of Windows on the same hardware as many times as you want, without having to enter a product key. To read this posting in its entirety please visit OUR FORUM.

ONE THOUSAND FOUR hundred and fifty-nine days have passed since data rights nonprofit NOYB fired off its first complaints under Europe’s flagship data regulation, GDPR. The complaints allege Google, WhatsApp, Facebook, and Instagram forced people into giving up their data without obtaining proper consent, says Romain Robert, a program director at the nonprofit. The complaints landed on May 25, 2018, the day GDPR came into force and bolstered the privacy rights of 740 million Europeans. Four years later, NOYB is still waiting for final decisions to be made. And it’s not the only one. Since the General Data Protection Regulation went into effect, data regulators tasked with enforcing the law have struggled to act quickly on complaints against Big Tech firms and the murky online advertising industry, with scores of cases still outstanding. While GDPR has immeasurably improved the privacy rights of millions inside and outside of Europe, it hasn’t stamped out the worst problems: Data brokers are still stockpiling your information and selling it, and the online advertising industry remains littered with potential abuses. Now, civil society groups have grown frustrated with GDPR’s limitations, while some countries’ regulators complain the system to handle international complaints is bloated and slows down enforcement. By comparison, the information economy moves at breakneck speed. “To say that GDPR is well enforced, I think it’s a mistake. It's not enforced as quickly as we thought,” Robert says. NOYB has just settled a legal case against the delays in its consent complaints. “There’s still what we call an enforcement gap and problems with cross-border enforcement and enforcement against the big players,” adds David Martin Ruiz, a senior legal officer at the European Consumer Organization, which filed a complaint about Google’s location tracking four years ago. Lawmakers in Brussels first proposed reforming Europe’s data rules back in January 2012 and passed the final law in 2016, giving companies and organizations two years to fall in line. GDPR builds upon previous data regulations, super-charging your rights and altering how businesses must handle your personal data, information like your name or IP address. GDPR doesn’t ban the use of data in certain cases, such as police use of intrusive facial recognition; instead, seven principles sit at its heart and guide how your data can be handled, stored, and used. These principles apply equally to charities and governments, pharmaceutical companies, and Big Tech firms. Crucially, GDPR weaponized these principles and handed each European country’s data regulator the power to issue fines of up to 4 percent of a firm's global turnover and order companies to stop practices that violate GDPR's principles. (Ordering a company to stop processing people’s data is arguably more impactful than issuing fines.) It was never likely that GDPR fines and enforcement were going to flow quickly from regulators—in competition law, for instance, cases can take decades—but four years after GDPR started, the total number of major decisions against the world’s most powerful data companies remains agonizingly low. For more on GDRP visit OUR FORUM.

In March, the European Union (EU) took a significant step toward reining in Big Tech offenders with the Digital Markets Act. Targeting the gatekeepers of today’s digital economy, the law is a historic piece of legislation and is a critical next step in the broader fight to level the playing field. However, this watershed moment has failed to reach the US, which continues to fall short in protecting consumers and innovative small businesses from predatory tech companies. Congress must stop playing catch up with Europe and take a leadership role to protect its constituents. Courage and cooperation across the aisle are needed to strengthen the laws that protect the majority. Big tech, their lobbyists, and those seeking to fund their next election are far too cozy as mega-companies continue to exploit their dominance and suppress innovation. The lack of US action is embarrassing, as our friends across the pond take decisive steps. The EU created the Digital Markets Act, or DMA, to limit the reach of internet powerhouses and restore balance to the economy. It is aimed at the most frequent offenders -- companies such as Amazon, Meta, and Google, which have repeatedly abused their large market share and used it to damage smaller, less powerful competitors. The landmark measure carries major consequences for these firms. Gatekeepers will now be required to interoperate with smaller firms, avoid setting their software as the default option, and no longer engage in self-preferencing. In short, the DMA is targeting weak points that prop up the largest and most powerful technology firms and crush innovation in the process. Once officially adopted by the EU, enforcement will be critical since we all know that Big Tech cannot be trusted. While European regulators remain at the helm of Big Tech reform, the US lags far behind. Politics have altered how we handle Big Tech, allowing mega-corporations to grow even bigger. Just recently, Amazon closed its $8.5 billion acquisition of MGM. The Federal Trade Commission had every opportunity to block the merger, but the deal was approved without much pushback. The FTC decision was deadlocked between two Democrat appointees and two Republican appointees, and politics came before ensuring fair competition. Take data privacy, for example. In 2018, the General Data Protection Regulation (GDPR) was enacted, a milestone in privacy protections that safeguards Europeans against the transfer of personal data. While the EU is focused on protecting consumers and competition, Big Tech lobbyists here at home are writing watered-down privacy bills for legislators -- that amounts to a disgusting practice that cedes legislators’ jobs to the powerful few. In Virginia, Amazon boosted political donations tenfold before persuading lawmakers to pass a toothless privacy bill that their own lobbyists drafted rather than the elected officials.  It is not just the EU taking action as a collective body. In 2021, Italy’s antitrust watchdog fined Amazon over $1 billion for alleged abuse of market dominance -- one of the largest penalties levied on a US tech giant in Europe. Meanwhile, a Federal Trade Commission (FTC) investigation into Amazon Web Services (AWS) is only now moving forward again under Chair Lina Khan. A challenge to the MGM acquisition, among others, may come now that Khan has the majority on her side. More on the DMA can be found on OUR FORUM.

Apple has released security updates to address a zero-day vulnerability that threat actors can exploit in attacks targeting Macs and Apple Watch devices. Zero-days are security flaws that the software vendor is unaware of and hasn't yet patched. In some cases, this type of vulnerability may also have publicly available proof-of-concept exploits before a patch arrives or maybe actively exploited in the wild. In security advisories issued on Monday, Apple revealed that they're aware of reports this security bug "may have been actively exploited." The flaw is an out-of-bounds write issue (CVE-2022-22675) in the AppleAVD (a kernel extension for audio and video decoding) that allows apps to execute arbitrary code with kernel privileges. The bug was reported by anonymous researchers and fixed by Apple in macOS Big Sur 11.6.6 and watchOS 8.6 with improved bounds checking. The list of impacted devices includes Apple Watch Series 3 or later and Macs running macOS Big Sur. While Apple disclosed reports of active exploitation in the wild, it did not release any extra info regarding these attacks. By withholding information, the company is likely aiming to allow the security updates to reach as many Apple Watches and Macs as possible before attackers pick up on the zero-day's details and start deploying exploits in other attacks. Although this zero-day was most probably only used in targeted attacks, it's still strongly advised to install today's macOS and watchOS security updates as soon as possible to block attack attempts. In January, Apple patched two other zero-days exploited in the wild to let attackers gain arbitrary code execution with kernel privileges (CVE-2022-22587) and track web browsing activity and user identities in real-time (CVE-2022-22594). One month later, Apple released security updates to patch a new zero-day bug (CVE-2022-22620) exploited to hack iPhones, iPads, and Macs, which leads to OS crashes and remote code execution on compromised Apple devices. In March, two more actively exploited zero-days in the Intel Graphics Driver (CVE-2022-22674) and the AppleAVD media decoder (CVE-2022-22675), the latter patched today in older versions of macOS. These five zero-days impact iPhones (iPhone 6s and up), Macs running macOS Monterey, and multiple iPad models. Throughout last year, the company also patched a long list of zero-days exploited in the wild to target iOS, iPadOS, and macOS devices. Follow this thread and more on OUR FORUM.

Elon Musk’s Twitter purchase has thrust the social media censorship debate squarely into the limelight, triggering the left and elating the right. Celebrities and the liberal media were quick to denounce Musk’s stance on free speech (which is odd, given that those on the left were the advocates of the First Amendment just a decade ago) and some deleted their Twitter accounts. Conservatives, meanwhile, and anyone who cares about free speech, immediately raised the eccentric billionaire to superhero status. Almost overnight, he went from ‘cool rich guy who values free market capitalism’ to savior of the First Amendment. And maybe he will be. But let’s take a moment to zoom out on the bigger picture. Twitter is not Musk’s only darling, and maybe we’re placing too much of a burden on one man. Understandably, without Donald Trump in the White House, regular middle-class Americans long for a hero to disrupt the leftist elite empire. Someone influential, powerful, and brave and who will actually take substantive action is like a godsend to us. And at least on the surface, it appears Elon Musk could fill that role. He’s straight forward, seems genuine, and thus far, capable of dealing with the backlash from his enemies. However, Musk is, first and foremost, a businessman who loves building things and creating. When most of us were still playing with blocks, he was already writing code. It remains unclear how he’s going to like playing politics in the long term, and social media is inevitably political. While that’s not entirely new to the prolific tweeter, politics isn’t his usual territory. The billionaire has already walked back his “free speech absolutist” comments, explaining that what he really meant was free speech that adheres to the law. Fair enough, but the tweet came across as making him seem a bit less steady on his feet. And he will have to be plenty steady, because he’s going to need the proverbial fighting skills of Mike Tyson to handle what’s coming next under the Biden regime. After all, the Democrats have made it clear that they want to control all information to Orwellian extremes. Is Elon ready for that? And even if he is, there’s really only so much he can do with Twitter. It may be a private company, but private companies are subject to government regulations. The founder of multiple multi-billion-dollar companies, he knows this better than anyone and is no stranger to working with the US government and even seeking its help.
Despite being well known as a believer in a limited, hands-off type of government, Musk has on more than one occasion accepted subsidies from the US government for several of his companies. In addition, SpaceX currently has two contracts with the Pentagon to launch Falcon 9 rockets in the coming year. read more on our Forum