In response to California's new law targeting "false advertising" of "digital goods," Valve has added the following language to its checkout page: "A purchase of a digital product grants a license for the product on Steam." Ars Technica reports: California's AB2426 law, signed by Gov. Gavin Newsom Sept. 26, excludes subscription-only services, free games, and digital goods that offer "permanent offline download to an external storage source to be used without a connection to the internet." Otherwise, sellers of digital goods cannot use the terms "buy, purchase," or related terms that would "confer an unrestricted ownership interest in the digital good." And they must explain, conspicuously, in plain language, that "the digital good is a license" and link to terms and conditions.

Which is what Valve has now added to its cart page before enforcement of these terms was due to start next year. The company has long made it clear, deeper inside its End User License Agreement (EULA), that a purchase is a license, and those licenses cannot be resold, which avoids issues of one's right to resell a game. Now it is something that every user sees on every purchase, however quickly they click-through to get to their download.

In a new 32-page filing (PDF), the Department of Justice indicated that it was considering a possible breakup of Google as an antitrust remedy for its search and advertising monopoly. The remedies necessary to "prevent and restrain monopoly maintenance could include contract requirements and prohibitions; non-discrimination product requirements; data and interoperability requirements; and structural requirements," the department said in the filing. CNBC reports: The DOJ also said it was "considering behavioral and structural remedies that would prevent Google from using products such as Chrome, Play, and Android to advantage Google search and Google search-related products and features -- including emerging search access points and features, such as artificial intelligence -- over rivals or new entrants."

Additionally, the DOJ suggested limiting or prohibiting default agreements and "other revenue-sharing arrangements related to search and search-related products." That would include Google's search position agreements with Apple's iPhone and Samsung devices -- deals that cost the company billions of dollars a year in payouts. The agency suggested one way to do this is requiring a "choice screen," which could allow users to pick from other search engines. Such remedies would end "Google's control of distribution today" and ensure "Google cannot control the distribution of tomorrow."

"Alleged photos and videos of an unannounced 14-inch MacBook Pro with an M4 chip continue to surface on social media, in what could be the worst product leak for Apple since an employee accidentally left an iPhone 4 prototype at a bar in California in 2010," writes MacRumors' Joe Rossignol. From the report: The latest video of what could be a next-generation MacBook Pro was shared on YouTube Shorts today by Russian channel Romancev768, just one day after another Russian channel shared a similar video. The clip shows a box for a 14-inch MacBook Pro that is apparently configured with an M4 chip with a 10-core CPU and a 10-core GPU, 16GB of RAM, 512GB of storage, three Thunderbolt 4 ports, and a Space Black finish. According to the "About This Mac" software menu shown in the video, the MacBook Pro in the video is allegedly an unreleased November 2024 model. [...]

Apple is well known for having a culture of secrecy, so this magnitude of leak is rarely seen for its products. As previously mentioned, this could be the most significant leak for Apple since Gizmodo obtained and shared photos of an iPhone 4 prototype that a then-employee of the company accidentally left behind at a bar in California. In that case, Apple got law enforcement involved, but how it acts this time around remains to be seen.

Veteran Microsoft engineer Larry Osterman is the latest to throw his hat into the "tabs versus spaces" ring. From a report: The debate has vexed engineers for decades -- is it best to indent code with tabs or spaces? Osterman, a four-decade veteran of Microsoft, was Team Tabs when storage was tight, but has since become Team Spaces with the advent of terabytes of relatively inexpensive storage. "Here's the thing," he said. "When you've got 512 kilobytes, and you're writing a program in Pascal with lots of indentation, if you're taking eight bytes for every one of those indentations, for eight spaces, you could save seven bytes in your program by using a tab character."

It all added up, even when floppy disks were part of the equation.

However, according to Osterman, things have changed. Storage is less of an issue, so why not use spaces? A cynic might wonder if that sort of attitude has led to the bloatware of today, where software requires ever-increasing amounts of storage in return for precious little extra functionality and a never-ending stream of patches. Any decent compiler should strip out any extraneous characters, assuming the code is indeed being compiled beforehand and not interpreted at run-time. For his part, Osterman is now a member of team spaces. "I like spaces simply because it always works and it's always consistent," he said.

"A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers," reports the Wall Street Journal, "potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests.

"For months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S. requests for communications data, according to people familiar with the matter, which amounts to a major national security risk." The attackers also had access to other tranches of more generic internet traffic, they said. Verizon Communications, AT&T and Lumen Technologies are among the companies whose networks were breached by the recently discovered intrusion, the people said.

The widespread compromise is considered a potentially catastrophic security breach and was carried out by a sophisticated Chinese hacking group dubbed Salt Typhoon. It appeared to be geared toward intelligence collection, the people said... The surveillance systems believed to be at issue are used to cooperate with requests for domestic information related to criminal and national security investigations. Under federal law, telecommunications and broadband companies must allow authorities to intercept electronic information pursuant to a court order. It couldn't be determined if systems that support foreign intelligence surveillance were also vulnerable in the breach...

The hackers appear to have engaged in a vast collection of internet traffic from internet service providers that count businesses large and small, and millions of Americans, as their customers. Additionally, there are indications that the hacking campaign targeted a small number of service providers outside the U.S., the people said. A person familiar with the attack said the U.S. government considered the intrusions to be historically significant and worrisome... "It will take time to unravel how bad this is, but in the meantime it's the most significant in a long string of wake-up calls that show how the PRC has stepped up their cyber game," said Brandon Wales, former executive director at the Cybersecurity and Infrastructure Security Agency and now a vice president at SentinelOne, referring to the People's Republic of China. "If companies and governments weren't taking this seriously before, they absolutely need to now."
Three weeks ago TechCrunch also reported that the FBI "took control of a botnet made up of hundreds of thousands of internet-connected devices, such as cameras, video recorders, storage devices, and routers, which was run by a Chinese government hacking group, FBI director Christopher Wray and U.S. government agencies revealed Wednesday.

An anonymous reader quotes a report from TechCrunch: The European Union's top court has sided with a privacy challenge to Meta's data retention policies. It ruled on Friday that social networks, such as Facebook, cannot keep using people's information for ad targeting indefinitely. The judgement could have major implications on the way Meta and other ad-funded social networks operate in the region. Limits on how long personal data can be kept must be applied in order to comply with data minimization principles contained in the bloc's General Data Protection Regulation (GDPR). Breaches of the regime can lead to fines of up to 4% of global annual turnover -- which, in Meta's case, could put it on the hook for billions more in penalties (NB: it is already at the top of the leaderboard of Big Tech GDPR breachers). [...]

The original challenge to Meta's ad business dates back to 2014 but was not fully heard in Austria until 2020, per noyb. The Austrian supreme court then referred several legal questions to the CJEU in 2021. Some were answered via a separate challenge to Meta/Facebook, in a July 2023 CJEU ruling -- which struck down the company's ability to claim a "legitimate interest" to process people's data for ads. The remaining two questions have now been dealt with by the CJEU. And it's more bad news for Meta's surveillance-based ad business. Limits do apply. Summarizing this component of the judgement in a press release, the CJEU wrote: "An online social network such as Facebook cannot use all of the personal data obtained for the purposes of targeted advertising, without restriction as to time and without distinction as to type of data."

The ruling looks important on account of how ads businesses, such as Meta's, function. Crudely put, the more of your data they can grab, the better -- as far as they are concerned. Back in 2022, an internal memo penned by Meta engineers which was obtained by Vice's Motherboard likened its data collection practices to tipping bottles of ink into a vast lake and suggested the company's aggregation of personal data lacked controls and did not lend itself to being able to silo different types of data or apply data retention limits. Although Meta claimed at the time that the document "does not describe our extensive processes and controls to comply with privacy regulations." How exactly the adtech giant will need to amend its data retention practices following the CJEU ruling remains to be seen. But the law is clear that it must have limits. "[Advertising] companies must develop data management protocols to gradually delete unneeded data or stop using them," noyb suggests. The court also weighed in a second question that concerns sensitive data that has been "manifestly made public" by the data subject, "and whether sensitive characteristics could be used for ad targeting because of that," reports TechCrunch. "The court ruled that it could not, maintaining the GDPR's purpose limitation principle."

On Wednesday, the SEC filed (PDF) to appeal a 2023 court ruling that determined XRP is not considered a security when sold to retail investors on exchanges. The announcement sent the price of XRP tumbling more than 8%. "XRP, which was created by the founders of Ripple, is the native token of the open source XRP Ledger, which Ripple uses in its cross-border payments business," notes CNBC. "It is the fifth-largest coin by market cap, excluding stablecoins Tether (USDT) and USD Coin (USDC)." CNBC reports: Ripple, the largest holder of XRP coins, scored a partial victory last summer after a three-year battle with the SEC. U.S. District Judge Analisa Torres handed down the decision, which was hailed as a landmark win for the crypto industry. Still, while XRP isn't considered a security when sold to retail investors on exchanges, it is considered an unregistered security offering if sold to institutional investors.

Ripple declined to comment but referred to Wednesday evening posts on X by CEO Brad Garlinghouse and chief legal officer Stuart Alderoty. Alderoty said the company is evaluating whether to file a cross appeal, and called the SEC's decision to appeal "disappointing, but not surprising." The SEC, under Chair Gary Gensler, has become notorious for its refusal to provide clear guidance for crypto businesses, instead opting to regulate by enforcement actions. "XRP's status as a non-security is the law of the land today - and that does not change even in the face of this misguided - and infuriating - appeal," Garlinghouse said on X.

An anonymous reader shares a report: The arrival of energy-assisted magnetic recording (EAMR) technologies like Seagate's HAMR will play a crucial role in accelerating HDD capacity growth in the coming years. According to the new IEEE International Roadmap for Devices and Systems Mass Data Storage, we will see 60 TB hard disk drives in 2028. If the prediction is accurate, we will see HDD storage capacity doubling in just four years, something that did not happen for a while. Also, IEEE believes that HDD unit sales will increase.

IEEE's latest HDD development roadmap spans 2022 to 2037 and covers 15 years of hard drive evolution. The arrival of HAMR in 2024 will play a pivotal role in the increase in HDD capacity (even though Western Digital has managed to stay competitive with Seagate's HAMR HDDs using a set of its technologies) over the next few years. IEEE engineers expect HDDs to leapfrog to 40TB in 2025 and 60TB in 2028, doubling capacity from 30TB in 2024. By 2037, there will be 100TB of storage space, according to IEEE.

To get to those extreme capacities, HDD makers will have to increase the areal density of their platters steadily. To get to 40TB per drive, they will have to get to 2 TB/inch^2 in 2025 and then to over 4 TB/inch^2 in 2028 to build 60TB HDDs. By 2037, areal density will grow to over 10 Tb/inch^2. Increasing areal density will necessitate the use of new media, magnetic films, and all-new write and read heads.

Mozilla has released Firefox 131 for multiple platforms, addressing security vulnerabilities and introducing some new features. The update fixes at least seven high-risk security issues, none reportedly exploited in the wild. New features include Tab Preview, which displays thumbnails and details when hovering over background tabs, and temporary location permission storage. Firefox now also supports URL fragment text directives, allowing users to link to specific text passages on web pages.

California Governor Gavin Newsom signed a law giving the California Energy Commission the authority to require bidirectional charging in electric vehicles (EVs) in the future -- although no timeline is set. Bidirectional charging allows EVs to not only charge from the grid but also supply electricity back to the grid, potentially enhancing grid resiliency, supporting renewable energy, and reducing peak electricity demand. Electrek reports: The idea started in 2023 when state Senator Nancy Skinner introduced a bill which would require EVs to have bidirectional charging by 2027. As this bill made its way through the legislative process, it got watered down from that ambitious timeline. So the current form of the bill, which is now called SB 59, took away that timeline and instead gave the California Energy Commission (CEC) the go-ahead to issue a requirement whenever they see it fit. The bill directs the CEC, the California Air Resources Board, and the California Public Utilities Commission to examine the use cases of bidirectional charging and give them the power to require specific weight classes of EVs to be bidirectional-capable if a compelling use case exists.

The state already estimates that integrating EVs into the grid could save $1 billion in costs annually, so there's definitely a use case there, but the question is the cost and immediacy of building those vehicles into the grid. The reason this can't be done immediately is that cars take time to design, and while adding bidirectional charging to an EV isn't the most difficult process, it also only really becomes useful with a whole ecosystem of services around the vehicle.

And that ecosystem has been a bit of a hard sell so far. It's all well and good to tell someone they can make $500/year by selling energy to the grid, but then you have to convince them to buy a more expensive charging unit and keep their car plugged in all the time, with someone else managing its energy storage. Some consumers might push back against that, so part of CEC's job is to wait to pull the trigger until it becomes apparent that people are actually interested in the end-user use case for V2G -- otherwise, no sense in requiring a feature that nobody is going to use.

U.S. real estate developers "are having a hard time keeping up with demand," reports the Los Angeles Times, "as businesses in search of secure spots for their servers rent nearly every square foot that becomes available..." Construction of new data centers is at "extraordinary levels" driven by "insatiable demand," a recent report on the industry by real estate brokerage JLL found. "Never in my career of 25 years in real estate have I seen demand like this on a global scale," said JLL real estate broker Darren Eades, who specializes in data centers...

The biggest drivers are AI and cloud service providers that include some of the biggest names in tech, such as Amazon, Microsoft, Google and Oracle. With occupancy in conventional office buildings still down sharply following the impact of the COVID-19 pandemic and property values falling, data centers represent a rare ripe opportunity for real estate developers, who are pursuing opportunities in major markets like Los Angeles and less urban locales that are served by plentiful and preferably cheap power needed to run data centers. "If you can find a cluster of power to build a site, they'll come," Eades said of developers. Construction is taking place at an "extraordinary" pace nationwide and still not keeping up, the JLL data center report said. [Data center] "Vacancy declined to a record low of 3% at midyear due to insatiable demand and despite rampant construction."

Development increased more than sevenfold in two years, with the pipeline of new projects leveling off in the first half of 2024, a potential signal that the U.S. power grid cannot support development at a faster pace. But when projects currently under construction or planned are complete, the U.S. colocation market, in which businesses rent space in a data center owned by another company for their servers and other computing hardware, will triple in size from current levels... Real estate investors and landlords are being drawn into the market because demand from tenants is high and they are likely to renew their leases after shouldering the costs of setting up data centers. "They invest in their space and in your space and they tend to stick around longer," said Mark Messana, president of Downtown Properties, which owns offices in Los Angeles and San Francisco. "As we all know, the office market is struggling a little bit, so it's nice to be able to have some data customers in the mix..."

Power demand for computing is growing so intense that it threatens to strain the nation's electrical grid, sending users to remote locations where power is plentiful and preferably cheap. Data center developers are working in Alabama, the Dakotas and Indiana, "traditionally states that wouldn't have data centers," Eades said.
The article includes "the mother of all data centers" in the western U.S. — a 30-story building where "thousands of miles of undersea fiber-optic cables disappear into an ordinary-looking office tower." Once a prestigious location for businesses, "The recent departure of a law firm that had been in the building more than 50 years cleared out five floors that will quickly be re-leased to data tenants, said Eades, who represents the landlord..."

To retrofit the building for data centers, "two elevators were removed so the empty shafts could hold water pipes used to help keep the temperature cool enough for the heat-producing servers" — and developers are happy rents "can be double what they are at newer downtown office high-rises, according to real estate data provider CoStar...

"By 2030, data centers could account for as much as 11% of U.S. power demand — up from 3% now, according to analysts at Goldman Sachs."

Meta has been fined $101.5 million by the Irish Data Protection Commission (DPC) for storing over half a billion user passwords in plain text for years, with some engineers having access to this data for over a decade. The issue, discovered in 2019, predominantly affected non-US users, especially those using Facebook Lite. AppleInsider reports: Meta Ireland was found guilty of infringing four parts of GDPR, including how it "failed to notify the DPC of a personal data breach concerning storage of user passwords in plain text." Meta Ireland did report the failure, but only some months after it was discovered. "It is widely accepted that user passwords should not be stored in plaintext, considering the risks of abuse that arise from persons accessing such data," said Graham Doyle, Deputy Commissioner at the DPC, in a statement about the fine. "It must be borne in mind, that the passwords the subject of consideration in this case, are particularly sensitive, as they would enable access to users' social media accounts."

Other than the fine and an official reprimand, the full extent of the DPC's ruling is yet to be released publicly. The details published so far do not reveal whether the passwords included any of US users as well as ones in Ireland or across the rest of the European Union. It's most likely that the issue concerns only non-US users, however. That's because in 2019, Facebook told CNN that the majority of the plain text passwords were for a service called Facebook Lite, which it described as being a cut-down service for areas of the world with slower connectivity.

An anonymous reader quotes a report from Ars Technica: Software fixes are now responsible for more than 1 in 5 automotive recalls. That's the key finding from a decade's worth of National Highway Traffic Safety Administration recall data, according to an analysis from the law firm DeMayo Law. While that's a sign of growing inconvenience for drivers, the silver lining is that a software patch is usually a much quicker fix than something requiring hardware replacement. "Our analysis suggests we're witnessing a shift in how automotive recalls are handled. The growing number of software-related recalls, coupled with the ability to address issues remotely, could revolutionize the recall process for both manufacturers and vehicle owners," said a spokesperson for DeMayo Law.

In 2014, 34 of 277 automotive recalls were software fixes. The percentage of software recalls floated around 12-13 percent (apart from a spike in 2015) before growing steadily from 2020. In 2021, 16 percent of automotive recalls (61 out of 380) were for software. In 2022, almost 22 percent of recalls were software fixes (76 out of 348), and last year topped 23 percent (82 out of 356). Leading the way was Chrysler, with 82 different software recalls since 2014. Ford (66 recalls) and Mercedes-Benz (60) are the two runner-ups. Meanwhile, Tesla ranks only eighth, with 26 software recalls since 2014, which puts it on par with Hyundai (25) and Kia (25).

Electrical systems were the most common problem area, which makes sense -- this is also the second-most common hardware fix recall and would probably be the top if it were not for the massive Takata airbag recall, which has affected more than 100 million cars worldwide. The other common systems affected by recalls requiring software remedies were related to backover prevention -- whether that be reversing cameras, collision warnings, or automatic emergency braking -- airbags, powertrains, and exterior lighting. "It should be noted that not all recalls involving a software fix are to solve a software problem," notes Ars' Jonathan M. Gitlin. "Take the recent Jaguar I-Pace recall, which was triggered by battery fires caused by battery cells damaged during assembly. Jaguar's fix? A software update that sets a new, lower limit to the storage capacity of the battery pack, preventing it from fully charging to 100 percent."

rPlus Energies has broken ground on a $1 billion solar + battery storage project in east-central Utah. Electrek reports: The Green River Energy Center in Emery County, Utah, is a 400-megawatt (MW) solar and 400 MW/1,600-megawatt-hour battery storage project that will supply power to western electric utility PacifiCorp under a power purchase agreement. EliTe Solar is supplying solar panels, and Tesla is providing battery storage. Sundt Construction is the engineering, procurement, and construction contractor for the project. Securing over $1 billion in construction debt financing in July, the Green River project is expected to create around 500 jobs. Salt Lake City-based rPlus Energies gives the target completion date as 2026.

In 2022 about 346,000 electric cars were reportedly sold in California. But the same year its greenhouse gas emissions dropped a whopping 9.3 million metric tons — the amount produced by 2.2 million gas-powered cars — lowering emissions 2.4% from the year before. "The biggest drop came from transportation, due largely to the increased use of renewable fuels," according to the state's Air Resources Board, touting a newly-released report. (And electricity sector emissions also fell by 2.6 million metric tons, or 4.1%, "even as electricity usage rose," according to The Hill — "a dichotomy that the regulators attributed to an increase in solar and wind power generation.")

So despite a growing economy, "the latest data underscores a continued trend of steady emissions decline..." according to a statement from the Board. "Between 2000 to 2022, emissions fell by 20% while California's gross domestic product increased by 78%, pointing to the effectiveness of the state's climate change and air quality programs." And the amount of carbon dioxide equivalent emitted per unit of economic output ("carbon intensity") has also dropped 55% in the last 20 years: [In 2022] the electricity sector had its lowest carbon intensity since 2000. Wind and solar now represent 30% of generation and in-state solar increased by 15% from 2021, driven by requirements under the state's Cap-and-Trade Program and Renewables Portfolio Standard. Furthermore, California increased its battery storage by 757% from 2019 through 2023, bolstering its renewable energy efforts. The storage capacity is enough to power 6.6 million homes for up to four hours.

Industrial emissions declined by 2%, also falling to the lowest level in 22 years. While refinery emissions remained essentially flat, emissions from oil and gas extraction declined, as did emissions from other fuel use, cement manufacturing, and cogeneration facilities. [The Hill says 2022's industrial emissions were 21.7% below year-2000 levels, according to the report.]

Livestock emissions, which are responsible for 70% of agriculture's greenhouse gas emissions, peaked in 2012 and once again saw reductions in 2022. The decrease is driven by the use of methane digesters funded by the California Climate Investments and incentivized by the Low Carbon Fuel Standard, which capture emissions at the source and convert them to clean fuel.

Landfill methane emissions also continued to decline in 2022. This decline can be attributed in part to the state's efforts to reduce disposal of organic waste, as well as the California Landfill Methane Regulation, which requires landfill operators to monitor and capture emissions escaping from their facilities.
One local news site calls the drop in emissions "shocking," but adds that "the trend is expected to continue. In the second quarter of 2024, 118,181 zero-emission vehicles were purchased in the state, good for about one-quarter of all new car sales."

California governor Gavin Newsom said his state "is proving that climate action goes hand-in-hand with economic growth. We've slashed carbon pollution by a whopping 20% since the turn of the century all while building the world's fifth largest economy. Cleaner air, more good jobs — that's the California way."

The administrators of Great Britain's power grid admit that it's often unable to use energy-storage batteries due to old computer systems and an old network with "not enough cables", according to the Financial Times — though the system operator says they're making progress after upgrading their system last December: The company has plans to lower the rate at which batteries are sidelined to single figures by early next year [said Craig Dyke, from National Grid's electricity system operator], calling current levels "higher than where we want them to be". Dyke's comments came in response to a letter from four leading battery storage groups which said National Grid's "electricity system operator" or ESO division was making the country's power costlier and dirtier by failing to use their technology properly. "Consumers are paying more, clean renewable energy is being wasted, and fossil fuel generation is being used instead," they said... depriving them of revenue and undermining investor confidence.
While the U.K. has the world's second-largest offshore wind market, the article notes that when the system operator can't send its power where it's needed, "the ESO pays wind farms in one place to switch off... and can also need to pay gas-fired power plants in another area to turn on. These payments add up to hundreds of millions of pounds each year, and the costs are passed on to household and business energy bills."

"Use of battery storage abroad has soared in places such as California, where batteries soak up solar power during the day and regularly supply a fifth of the state's power in the evening..."

Thanks to long-time Slashdot reader AmiMoJo for sharing the article.

Microsoft has launched a new Windows app that serves as a hub for streaming Windows environments from services like Windows 365 and Azure Virtual Desktop. However, it's limited to Microsoft work and school accounts with "no signs that Microsoft plans to support consumer accounts," notes The Verge's Tom Warren. From the report: This new unified app has been in testing for nearly a year, and includes a customizable home screen, multi-monitor support, and USB redirection so you can use local devices like webcams, storage devices, and printers as if they were plugged directly into a cloud PC. This Windows app is limited to Microsoft work and school accounts, as it's primarily designed for existing users of Remote Desktop clients for Windows and other operating systems to move to. Microsoft has had similar apps for connecting to PCs remotely in Windows for decades, including the Remote Desktop Connection app that still ships as part of Windows 11. These apps, including the new Windows one, are useful for connecting to work PCs from a personal laptop or PC. The Windows app is available from the Microsoft Store and Apple App Store. An Android version enters public preview mode today.

An anonymous reader shares a report: Last week, the FBI took control of a botnet made up of hundreds of thousands of internet-connected devices, such as cameras, video recorders, storage devices, and routers, which was run by a Chinese government hacking group, FBI director Christopher Wray and U.S. government agencies revealed Wednesday. The hacking group, dubbed Flax Typhoon, was "targeting critical infrastructure across the U.S. and overseas, everyone from corporations and media organizations to universities and government agencies," Wray said at the Aspen Cyber Summit cybersecurity conference on Wednesday.

"But working in collaboration with our partners, we executed court-authorized operations to take control of the botnet's infrastructure," Wray said, explaining that once the authorities did that, the FBI also removed the malware from the compromised devices. "Now, when the bad guys realized what was happening, they tried to migrate their bots to new servers and even conducted a [Distributed Denial of Service] attack against us."

An anonymous Slashdot reader writes: Haiku (the MIT-licensed operating system, inspired by BeOS) has released its fifth beta for Haiku R1.

Some new features include improved UI color management, improved dark mode coloring, Tracker improvements, TUN/TAP support for VPN connections, TCP throughput improvements, performance optimizations, UFS2 (BSD's filesystem) read-only support, new FAT filesystem driver, improved hardware support, improved POSIX compliance, improved performance, and more.
Slashdot has been covering the fate of the BeOS since 2000 (as well as the short-lived derivative project ZETA — and Haiku).

And now "With a history of over two decades and previously known as OpenBeOS, today's Haiku is pushing forward..." writes the site NotebookCheck: Haiku is a spiritual successor to BeOS, with a focus on a clean and user-friendly design paired with low system requirements. The minimum system requirements are still an Intel Pentium II/AMD Athlon CPU or better, at least 384 MB RAM, an 800x600 screen, and at least 3GB storage. It works on both 32-bit and 64-bit x86 PCs, and the 32-bit version can run many unmodified BeOS applications. It might be the best desktop open-source operating system not based on Linux or Unix... It works well in a virtual machine like VirtualBox or UTM.

23andMe has agreed to pay $30 million to settle a lawsuit over a data breach that exposed the personal information of 6.4 million customers in 2023. BleepingComputer reports: The proposed class action settlement (PDF), filed Thursday in a San Francisco federal court and awaiting judicial approval, includes cash payments for affected customers, which will be distributed within ten days of final approval. "23andMe believes the settlement is fair, adequate, and reasonable," the company said in a memorandum filed (PDF) Friday.

23andMe has also agreed to strengthen its security protocols, including protections against credential-stuffing attacks, mandatory two-factor authentication for all users, and annual cybersecurity audits. The company must also create and maintain a data breach incident response plan and stop retaining personal data for inactive or deactivated accounts. An updated Information Security Program will also be provided to all employees during annual training sessions. "23andMe denies the claims and allegations set forth in the Complaint, denies that it failed to properly protect the Personal Information of its consumers and users, and further denies the viability of Settlement Class Representatives' claims for statutory damages," the company said in the filed preliminary settlement.

"23andMe denies any wrongdoing whatsoever, and this Agreement shall in no event be construed or deemed to be evidence of or an admission or concession on the part of 23andMe with respect to any claim of any fault or liability or wrongdoing or damage whatsoever."