The New York Post writes that "After the COVID-19 pandemic upended mom-and-pops around the city and resulted in thousands shuttering for good, it is important — now more than ever — to shop local."

America's Small Business Administration issued their own statement urging shoppers to "champion small businesses nationwide and #ShopSmall on Saturday, linking to a site mapping small businesses in your area. (And there's also a directory listing online small businesses.) Small Business Saturday was founded by American Express in 2010 and officially cosponsored by the U.S. Small Business Administration since 2011. It is an important part of small businesses' busiest shopping season.

- In 2023, the reported projected spending in the U.S. from those who shopped at small businesses on Small Business Saturday was around $17 billion

- Since 2010, the total reported U.S. spending at small businesses during the annual Small Business Saturday is an estimated $201 billion
"Let's keep the Shop Small tradition going," urges the American Express web site — encouraging shoppers to also use the #ShopSmall hashtag on social media.

Riot Games has announced sweeping changes to its terms of service, expanding penalties for player misconduct beyond in-game behavior to include content creation and social media activities.

The new rules, Engadget reports, enable "Riot-wide bans" for violations across platforms where players discuss or stream Riot games. The company will not actively monitor social media but will respond to reported violations, particularly during game livestreams.

Meta plans to build a $10 billion private, "mother of all" undersea fiber-optic cable network spanning over 40,000 kilometers around the world, according to TechCrunch. The project, dubbed "W" for its shape, would run from the U.S. east coast to the west coast via India, South Africa and Australia, avoiding regions prone to cable sabotage including the Red Sea and South China Sea.

The social media giant, which co-owns 16 existing cable networks, aims to gain full control over traffic prioritization for its services. The project mirrors Google's strategy of private cable ownership. The construction could take 5-10 years to complete.

Major technology companies criticized Australia's new law banning social media access for users under 16, which passed parliament on Thursday with bipartisan support. The legislation threatens fines up to $32 million for platforms failing to block minors. TikTok warned the ban could drive young users to riskier online spaces, while Meta called it a "predetermined process," questioning the rushed parliamentary review that gave stakeholders only 24 hours for submissions. Reuters adds: Snapchat parent Snap said it leaves many questions unanswered. [...] Sunita Bose, managing director of Digital Industry Group, which has most social media companies as members, said no one can confidently explain how the law will work in practice. "The community and platforms are in the dark about what exactly is required of them," she said.

Australia will ban children under 16 from using social media after its senate approved what will become a world-first law. From a report: Children will be blocked from using platforms including TikTok, Instagram, Snapchat and Facebook, a move the Australian government argue is necessary to protect their mental health and wellbeing.

The online safety amendment (social media minimum age) bill will impose fines of up to 50 million Australian dollars ($32.5 million) on platforms for systemic failures to prevent young children from holding accounts. It would take effect a year after the bill becomes law, allowing platforms time to work out technological solutions that would also protect users' privacy. The senate passed the bill 34 votes to 19. The house of representatives overwhelmingly approved the legislation 102 votes to 13 on Wednesday.

A security researcher discovered an unprotected database belonging to SL Data Services containing over 600,000 sensitive files, including criminal histories and background checks with names, addresses, and social media accounts. The Register reports: We don't know how long the personal information was openly accessible. Infosec specialist Jeremiah Fowler says he found the Amazon S3 bucket in October and reported it to the data collection company by phone and email every few days for more than two weeks. [The info service provider eventually closed up the S3 bucket, says Fowler, although he never received any response.] In addition to not being password protected, none of the information was encrypted, he told The Register. In total, the open bucket contained 644,869 PDF files in a 713.1 GB archive.

Some 95 percent of the documents Fowler saw were labeled "background checks," he said. These contained full names, home addresses, phone numbers, email addresses, employment, family members, social media accounts, and criminal record history belonging to thousands of people. In at least one of these documents, the criminal record indicated that the person had been convicted of sexual misconduct. It included case details, fines, dates, and additional charges. While court records and sex offender status are usually public records in the US, this exposed cache could be combined with other data points to make complete profiles of people -- along with their family members and co-workers -- providing everything criminals would need for targeted phishing and/or social engineering attacks.

British Prime Minister Keir Starmer inaugurated London's first Google-funded AI Campus in Camden, aiming to equip young people with AI and machine learning skills. Reuters reports: The center, based in Camden, an area which Starmer represents in parliament and which is also home to Google's future offices in Kings Cross, has already started a two-year pilot project for local students. An first cohort of 32 people aged 16-18 will have access to resources in AI and machine learning and receive mentoring and expertise from Google's AI company DeepMind, the tech giant said. The students will tackle real-world projects connecting AI to fields such as health, social sciences and the arts at the campus, which has been established in partnership with the local authority, Google said.

Google's UK and Ireland managing director Debbie Weinstein announced 865,000 pounds ($1.10 million) of funding for an AI literacy program across the UK. The money will be used by charities Raspberry Pi Foundation and Parent Zone to help train teachers with an aim of reaching over 250,000 students by the end of 2026, she said.

Wil Shipley, announcing the end of Delicious Library, a media cataloging app: Amazon has shut off the feed that allowed Delicious Library to look up items, unfortunately limiting the app to what users already have (or enter manually).

I wasn't contacted about this.

I've pulled it from the Mac App Store and shut down the website so nobody accidentally buys a non-functional app. John Gruber of DaringFireball adds: The end of an era, but it's kind of surprising it was still functional until now. (Shipley has been a full-time engineer at Apple for three years now.)

It's hard to describe just what a sensation Delicious Library was when it debuted, and how influential it was. Delicious Library was simultaneously very useful, in very practical ways, and obsessed with its exuberant UI in ways that served no purpose other than looking cool as shit. It was an app that demanded to be praised just for the way it looked, but also served a purpose that resonated with many users. For about a decade it seemed as though most popular new apps would be designed like Delicious Library. Then Apple dropped iOS 7 in 2013, and now, no apps look like this. Whatever it is that we, as an industry, have lost in the now decade-long trend of iOS 7-style flat design, Delicious Library epitomized it.

Qualcomm's interest in acquiring Intel is cooling due to the complexity of the deal, Intel's debt, and regulatory hurdles. However, according to Bloomberg, Qualcomm may still explore acquiring certain divisions of Intel to expand into markets like PCs and networking. Tom's Hardware reports: [T]he proposed acquisition faced significant obstacles, including Intel's $50 billion debt, dropping CPU market share, and its struggling semiconductor manufacturing unit, an area where Qualcomm lacks expertise. A deal of this magnitude would also likely trigger extensive regulatory scrutiny, particularly in China, a key market for both companies.

Intel is undergoing significant restructuring under CEO Pat Gelsinger to reclaim its competitiveness in the semiconductor market in terms of products and process technologies. Still, for now, both Intel and Qualcomm are quite successful standalone companies. While the combination would make a formidable firm (probably facing unprecedented antitrust scrutiny), it does not make much sense for Qualcomm to make such a massive takeover. These factors have collectively made a complete takeover less appealing to Qualcomm. Meanwhile, selling off a part of the company to Qualcomm may not make sense for Intel.

Qualcomm aims to generate $22 billion in annual revenue by 2029 by expanding into markets like personal computers, networking, and automotive chips. Although Cristiano Amon, Qualcomm's chief executive, has stated that his company did not need a major takeover to achieve this goal, the company initiated preliminary discussions with Intel regarding a potential acquisition in September. Yet, it does not look like the deal is going to happen.

An anonymous reader quotes a report from Ars Technica: The Supreme Court signaled it may take up a case that could determine whether Internet service providers must terminate users who are accused of copyright infringement. In an order (PDF) issued today, the court invited the Department of Justice's solicitor general to file a brief "expressing the views of the United States."

In Sony Music Entertainment v. Cox Communications, the major record labels argue that cable provider Cox should be held liable for failing to terminate users who were repeatedly flagged for infringement based on their IP addresses being connected to torrent downloads. There was a mixed ruling at the US Court of Appeals for the 4th Circuit as the appeals court affirmed a jury's finding that Cox was guilty of willful contributory infringement but reversed a verdict on vicarious infringement "because Cox did not profit from its subscribers' acts of infringement." That ruling vacated a $1 billion damages award and ordered a new damages trial. Cox and Sony are both seeking a Supreme Court review. Cox wants to overturn the finding of willful contributory infringement, while Sony wants to reinstate the $1 billion verdict.

The Supreme Court asking for US input on Sony v. Cox could be a precursor to the high court taking up the case. For example, the court last year asked the solicitor general to weigh in on Texas and Florida laws that restricted how social media companies can moderate their platforms. The court subsequently took up the case and vacated lower-court rulings, making it clear that content moderation is protected by the First Amendment.

Palo Alto Networks boasts 70,000 customers in 150 countries, including 85% of the Fortune 500.

But this week "thousands of Palo Alto Networks firewalls were compromised by attackers exploiting two recently patched security bug," reports the Register: The intruders were able to deploy web-accessible backdoors to remotely control the equipment as well as cryptocurrency miners and other malware. Roughly 2,000 devices had been hijacked as of Wednesday — a day after Palo Alto Networks pushed a patch for the holes — according to Shadowserver and Onyphe. As of Thursday, the number of seemingly compromised devices had dropped to about 800. The vendor, however, continues to talk only of a "limited number" of exploited installations... The Register has asked for clarification, including how many compromised devices Palo Alto Networks is aware of, and will update this story if and when we hear back from the vendor.

Rumors started swirling last week about a critical security hole in Palo Alto Networks appliances that allowed remote unauthenticated attackers to execute arbitrary code on devices. Exploitation requires access to the PAN-OS management interface, either across the internet or via an internal network. The manufacturer did eventually admit that the firewall-busting vulnerability existed, and had been exploited as a zero-day — but it was still working on a patch. On Tuesday, PAN issued a fix, and at that time said there were actually two vulnerabilities. The first is a critical (9.3 CVSS) authentication bypass flaw tracked as CVE-2024-0012. The second, a medium-severity (6.9 CVSS) privilege escalation bug tracked as CVE-2024-9474. The two can be chained together to allow remote code execution (RCE) against the PAN-OS management interface... once the attackers break in, they are using this access to deploy web shells, Sliver implants, and/or crypto miners, according to Wiz threat researchers.

Microsoft's controversial "Recall" feature (in a public preview of Windows 11) already has some known issues, Microsoft admitted Friday. For example:

- Recall can be enabled or disabled from "Turn Windows features on or off". We are caching the Recall binaries on disk while we test add/remove. In a future update we will completely remove the binaries.

- You must have Secure Boot enabled for Recall to save snapshots.

- Some users experience a delay before snapshots first appear in the timeline while using their device. If snapshots do not appear after 5 minutes, reboot your device. If saving snapshots is enabled, but you see snapshots are no longer being saved, reboot your device.

- Clicking links within Recall to submit feedback may experience a delay in loading the Feedback Hub application. Be patient and it will display.

CNBC adds that according to Microsoft Recall "won't work with some accessibility programs, and if you specify that Recall shouldn't save content from a given website, it might get captured anyway while using the built-in Edge browser..." But those aren't the only issues CNBC noticed: - While you might expect that your computer will be recording every last thing you look at once you've turned on Recall, it can go several minutes between making snapshots, leaving gaps in the timeline.

- Recall allows you to prevent screenshots from being made when you're accessing specific apps. But a few apps installed on my Surface Pro are not shown on that list.

- When you enter a search string to find words, results might be incomplete or incorrect. Recall clearly had two screen images that mention "Yankees," but when I typed that into the search box, only one of them came up as a text match. I typed in my last name, which appeared in eight images, but Recall produced just two text matches.

- Recall made a screenshot while I was scrolling through posts on social network BlueSky, and one contains a photo of a New York street scene. You can see a stoplight, a smokestack and street signs. I typed each of those into the search box, but Recall came up with no results...

- The search function is fast, but flipping through snapshots in Recall is not. It can take a couple of seconds to load screenshots as you swipe between them.

June, 2023: "Harvard Scholar Who Studies Honesty Is Accused of Fabricating Findings."

November, 2024: "The Business-School Scandal That Just Keeps Getting Bigger." A senior editor at the Atlantic raises the possibility of systemic dishonesty-rewarding incentives where "a study must be even flashier than all the other flashy findings if its authors want to stand out," writing that "More than a year since all of this began, the evidence of fraud has only multiplied."

And the suspect isn't just Francesca Gino, a Harvard Business School professor. One person deeply affected by all this is Gino's co-author, a business school professor from the University of California at Berkeley — Juliana Schroeder — who launched an audit of all 138 studies conducted by Francesca Gino (called "The Many Coauthors Project"): Gino was accused of faking numbers in four published papers. Just days into her digging, Schroeder uncovered another paper that appeared to be affected — and it was one that she herself had helped write... The other main contributor was Alison Wood Brooks, a young professor and colleague of Gino's at Harvard Business School.... If Brooks did conduct this work and oversee its data, then Schroeder's audit had produced a dire twist. The Many Co-Authors Project was meant to suss out Gino's suspect work, and quarantine it from the rest... But now, to all appearances, Schroeder had uncovered crooked data that apparently weren't linked to Gino.... Like so many other scientific scandals, the one Schroeder had identified quickly sank into a swamp of closed-door reviews and taciturn committees. Schroeder says that Harvard Business School declined to investigate her evidence of data-tampering, citing a policy of not responding to allegations made more than six years after the misconduct is said to have occurred...

In the course of scouting out the edges of the cheating scandal in her field, Schroeder had uncovered yet another case of seeming science fraud. And this time, she'd blown the whistle on herself. That stunning revelation, unaccompanied by any posts on social media, had arrived in a muffled update to the Many Co-Authors Project website. Schroeder announced that she'd found "an issue" with one more paper that she'd produced with Gino... [Schroeder] said that the source of the error wasn't her. Her research assistants on the project may have caused the problem; Schroeder wonders if they got confused...

What feels out of reach is not so much the truth of any set of allegations, but their consequences. Gino has been placed on administrative leave, but in many other instances of suspected fraud, nothing happens. Both Brooks and Schroeder appear to be untouched. "The problem is that journal editors and institutions can be more concerned with their own prestige and reputation than finding out the truth," Dennis Tourish, at the University of Sussex Business School, told me. "It can be easier to hope that this all just goes away and blows over and that somebody else will deal with it...." [Tourish also published a 2019 book decrying "Fraud, Deception and Meaningless Research," which the article notes "cites a study finding that more than a third of surveyed editors at management journals say they've encountered fabricated or falsified data."] Maybe the situation in her field would eventually improve, [Schroeder] said. "The optimistic point is, in the long arc of things, we'll self-correct, even if we have no incentive to retract or take responsibility."

"Do you believe that?" I asked.

"On my optimistic days, I believe it."

"Is today an optimistic day?"

"Not really."

Meta wants to force Apple and Google to verify the ages of people downloading apps from their app stores, reports the Washington Post — and now Meta's campaign "is picking up momentum" with legislators in the U.S. Congress.

Federal and state lawmakers have recently proposed a raft of measures requiring that platforms such as Meta's Facebook and Instagram block users under a certain age from using their sites. The push has triggered fierce debate over the best way to ascertain how old users are online. Last year Meta threw its support behind legislation that would push those obligations onto app stores rather than individual app providers, like itself, as your regular host and Naomi Nix reported. While some states have considered the plan, it has not gained much traction in Washington.

That could be shifting. Two congressional Republicans are preparing a new age verification bill that places the burden on app stores, according to two people familiar with the matter, who spoke on the condition of anonymity to discuss the plans... The bill would be the first of its kind on Capitol Hill, where lawmakers have called for expanding guardrails for children amid concerns about the risks of social media but where political divisions have bogged down talks. The measure would give parents the right to sue an app store if their child was exposed to certain content, such as lewd or sexual material, according to a copy obtained by the Tech Brief. App stores could be protected against legal claims, however, if they took steps to protect children against harms, such as verifying their ages and giving parents the ability to block app downloads.
The article points out that U.S. lawmakers "have the power to set national standards that could override state efforts if they so choose..."

An anonymous reader quotes a report from Reuters: Google has sued one of its former engineers in Texas federal court, accusing him of stealing trade secrets related to its chip designs and sharing them publicly on the internet. The lawsuit, filed on Tuesday (PDF), said that Harshit Roy "touted his dominion" over the secrets in social media posts, tagging competitors and making threatening statements to the company including "I need to take unethical means to get what I am entitled to" and "remember that empires fall and so will you."

Google hired Roy in 2020 to develop computer chips used in Google Pixel devices like smartphones. Google said in the lawsuit that Roy resigned in February and moved from Bangalore, India to the United States in August to attend a doctorate program at the University of Texas at Austin. According to the complaint, Roy began posting confidential Google information to his X account later that month along with "subversive text" directed at the company, such as "don't expect me to adhere to any confidentiality agreement." The posts included photographs of internal Google documents with specifications for Pixel processing chips.

The lawsuit said that Roy ignored Google's takedown requests and has posted additional trade secrets to X and LinkedIn since October. Google alleged that Roy tagged competitors Apple and Qualcomm in some of the posts, "presumably to maximize the potential harm of his disclosure." Google's complaint also said that several news outlets have published stories with confidential details about Google's devices based on the information that Roy leaked. Google asked the court for an unspecified amount of monetary damages and court orders blocking Roy from using or sharing its secrets.

An anonymous reader quotes a report from 404 Media: Instagram is flooded with hundreds of AI-generated influencers who are stealing videos from real models and adult content creators, giving them AI-generated faces, and monetizing their bodies with links to dating sites, Patreon, OnlyFans competitors, and various AI apps. The practice, first reported by 404 Media in April, has since exploded in popularity, showing that Instagram is unable or unwilling to stop the flood of AI-generated content on its platform and protect the human creators on Instagram who say they are now competing with AI content in a way that is impacting their ability to make a living.

According to our review of more than 1,000 AI-generated Instagram accounts, Discord channels where the people who make this content share tips and discuss strategy, and several guides that explain how to make money by "AI pimping," it is now trivially easy to make these accounts and monetize them using an assortment of off-the-shelf AI tools and apps. Some of these apps are hosted on the Apple App and Google Play Stores. Our investigation shows that what was once a niche problem on the platform has industrialized in scale, and it shows what social media may become in the near future: a space where AI-generated content eclipses that of humans. [...]

Out of more than 1,000 AI-generated Instagram influencer accounts we reviewed, 100 included at least some deepfake content which took existing videos, usually from models and adult entertainment performers, and replaced their face with an AI-generated face to make those videos seem like new, original content consistent with the other AI-generated images and videos shared by the AI-generated influencer. The other 900 accounts shared images that in some cases were trained on real photographs and in some cases made to look like celebrities, but were entirely AI-generated, not edited photographs or videos. Out of those 100 accounts that shared deepfake or face-swapped videos, 60 self-identify as being AI-generated, writing in their bios that they are a "virtual model & influencer" or stating "all photos crafted with AI and apps." The other 40 do not include any disclaimer stating that they are AI-generated. Adult content creators like Elaina St James say they're now directly competing with these AI rip-off accounts that often use stolen content. Since the explosion of AI-generated influencer accounts on Instagram, St James said her "reach went down tremendously," from a typical 1 million to 5 million views a month to not surpassing a million in the last 10 months, and sometimes coming in under 500,000 views. While she said changes to Instagram's algorithm could also be at play, these AI-generated influencer accounts are "probably one of the reasons my views are going down," St James told 404 Media. "It's because I'm competing with something that's unnatural."

Alexios Mantzarlis, the director of the security, trust, and safety initiative at Cornell Tech and formerly principal of trust and safety intelligence at Google, started researching the problem to see where AI-generated content is taking social media and the internet. "It felt like a possible sign of what social media is going to look like in five years," said Mantzarlis. "Because this may be coming to other parts of the internet, not just the attractive-people niche on Instagram. This is probably a sign that it's going to be pretty bad."

The Verge's Richard Lawler reports: Strava recently informed its users and partners that new terms for its API restrict the data that third-party apps can show, refrain from replicating Strava's look, and place a ban on using data "for any model training related to artificial intelligence, machine learning or similar applications." The policy is effective as of November 11th, even though Strava's own post about the change is dated November 15th.

There are plenty of posts on social media complaining about the sudden shift, but one place where dissent won't be tolerated is Strava's own forums. The company says, "...posts requesting or attempting to have Strava revert business decisions will not be permitted." Brian Bell, Strava's VP of Communications and Social Impact, said in a statement: "We anticipate that these changes will affect only a small fraction (less than .1 percent) of the applications on the Strava platform -- the overwhelming majority of existing use cases are still allowed, including coaching platforms focused on providing feedback to users and tools that help users understand their data and performance."

An anonymous reader quotes a report from Nature: Google Scholar -- the largest and most comprehensive scholarly search engine -- turns 20 this week. Over its two decades, some researchers say, the tool has become one of the most important in science. But in recent years, competitors that use artificial intelligence (AI) to improve the search experience have emerged, as have others that allow users to download their data. The impact that Google Scholar -- which is owned by web giant Google in Mountain View, California -- has had on science is remarkable, says Jevin West, a computational social scientist at the University of Washington in Seattle who uses the database daily. But "if there was ever a moment when Google Scholar could be overthrown as the main search engine, it might be now, because of some of these new tools and some of the innovation that's happening in other places," West says.

Many of Google Scholar's advantages -- free access, breadth of information and sophisticated search options -- "are now being shared by other platforms," says Alberto Martin Martin, a bibliometrics researcher at the University of Granada in Spain. AI-powered chatbots such as ChatGPT and other tools that use large language models have become go-to applications for some scientists when it comes to searching, reviewing and summarizing the literature. And some researchers have swapped Google Scholar for them. "Up until recently, Google Scholar was my default search," says Aaron Tay, an academic librarian at Singapore Management University. It's still top of his list, but "recently, I started using other AI tools." Still, given Google Scholar's size and how deeply entrenched it is in the scientific community, "it would take a lot to dethrone," adds West. Anurag Acharya, co-founder of Google Scholar, at Google, says he welcomes all efforts to make scholarly information easier to find, understand and build on. "The more we can all do, the better it is for the advancement of science." Acharya says Google Scholar uses AI to rank articles, suggest further search queries and recommend related articles. What Google Scholar does not yet provide are AI-generated summaries of search query results. According to Acharya, the company has yet to find "an effective solution" for summarizing conclusions from multiple papers in a brief manner that preserves all the important context.

Instagram is introducing a feature that allows users to reset their content recommendations, offering a fresh start for the algorithm to relearn their preferences based on new interactions. Instagram says the feature is rolling out globally "soon." TechCrunch reports: The feature is geared toward users who feel like their content recommendations no longer cater to their interests. For instance, you may have liked recipe videos in the past but are no longer interested in them, yet that sort of content may be all you see on your Reels and Explore pages. Once you reset your Instagram recommendations, your content recommendations will start to personalize again over time based on the posts and accounts you interact with. If you choose to reset your recommendations, you will have the option to review your following list to unfollow accounts that share content you're no longer interested in. "I want to be clear, this is a big thing to do," said Instagram head Adam Mosseri. "It's going to make your Instagram much less interesting at first, because we're going to treat you as if we know nothing about your interests and it will take some time to learn those again. So it's not something I recommend doing all the time -- but if you do end up in a place where you really don't feel good about your experience, this gives you an out."

Coca-Cola's latest AI-generated Christmas advertisement has sparked criticism from creative professionals who say the promotional video lacks authenticity and artistic merit.

The video, which depicts Coca-Cola trucks in snowy landscapes and people drinking the beverage, reimagines the company's 1995 "Holidays Are Coming" campaign using AI. Three AI studios - Secret Level, Silverside AI and Wild Card - produced different versions using four generative AI models, according to Forbes.

Critics, including "Gravity Falls" creator Alex Hirsch, have condemned the company's decision to use AI instead of human artists. The controversial video has garnered over 56 million views on social media platform X. Coca-Cola defended the campaign, stating it combines "human storytellers and the power of generative AI."