Category: Technology

A group of anonymous plaintiffs who filed their taxes online in 2020 using H&R Block has sued Meta, accusing the company of violating users’ trust and privacy. If you’ll recall, a recent Markup investigation revealed that H&R Block, along with other popular tax-filing websites like TaxAct and TaxSlayer, have been sending users’ sensitive financial information to Meta through its Pixel tracking tool. 

Pixel is a piece of code companies can embed on their websites so they can track visitors’ activities and identify Facebook and Instagram users to target with ads. Apparently, the aforementioned tax prep websites had been transmitting personal information, such as income data, filing statuses, refund amounts and dependents’ tuition grants, to Meta through that code. The tax-filing services had already changed their Pixel settings to stop sending information or had been reevaluating how they used Pixel by the time Markup’s report came out. 

In a statement sent to Engadget when the news first came out, Meta said that advertisers are prohibited from sharing personal information and that it uses an automated system that can filter out sensitive content sent through Pixel. The plaintiffs acknowledged in their complaint (PDF, courtesy of The Markup) that Meta does require businesses that use Pixel to “have lawful rights to collect, use and share” user data before providing the company with any information. However, the plaintiffs argue that Meta makes no effort to enforce that rule and instead relies on a “broken honor-system” that has resulted in “repeated, documented violations.”

According to The Markup, the lawsuit is seeking class action status for people who used the tax prep services mentioned in the publication’s report. The services themselves, however, were not named as defendants in the case. 

 

Some Florida residents may be keeping a close eye on their finances after a security incident. Researcher Kamran Mohsin tellsTechCrunch that Florida’s Department of Revenue website had a flaw that exposed hundreds of filers’ bank account and Social Security numbers. Anyone who logged in to the state business tax registration site could see, modify and even delete personal data just by modifying the web address pointing to a taxpayer’s application number — you just needed to change the digits in the link.

There were over 713,000 applications in the Department’s pipeline at the time of the discovery, Mohsin said. Mohsin warned the Department about the flaw on October 27th.

Department representative Bethany Wester said in a statement that the government fixed the flaw within four days of the report, and that two unnamed firms have deemed the site secure. She added there was “no sign” attackers abused the flaw, but didn’t say how officials might have spotted any misuse. The agency contacted every affected taxpayers by phone or writing within four days of learning about the issue, and has offered a year of free credit monitoring.

Bugs like these, known as insecure direct object references, are relatively easy to fix. The damage might also be limited compared to other tax-related breaches, such as a Healthcare.gov intrusion that compromised about 75,000 people in 2018. However, the incident underscores the potential harm from weak security — even a small-scale exposure like this could be used to commit tax fraud and steal refunds.

 

More Activision Blizzard workers have voted to unionize. Quality assurance testers at Blizzard Albany have voted 14-0 in favor of unionization. The team at the Diablo-focused office will join the Communication Workers of America (CWA), the representative of the existing Raven Software union.

The game publisher tried to prevent the vote in October, arguing that 88 developers should be included to prevent a “fractured” office. The National Labor Relations Board (NLRB) denied that bid in late November, noting that the game testers shared a “community of interest” for their cause. Expansions like this are sometimes used in union-busting efforts to reduce the chances of a successful vote. The company also tried to impound three votes that arrived late due to mail delays, although those wouldn’t have affected the outcome.

Activision Blizzard told Engadget in a statement that it was “considering all options.” It maintained that all Albany workers should have voted in the name of “fundamental fairness and rights” for the entire branch, not just the QA unit.

The CWA said in its own statement that this was a vote against “burn out culture,” while Blizzard Albany associate test analyst Amanda Deep said the group was “advocating for ourselves” out of care for the work and the games. Workers at Raven and Blizzard Albany have complained about long hours, pay rates and other labor issues. Unionization theoretically gives staff more clout in demanding better conditions.

It may not be so simple, however. While Activision Blizzard responded to initial unionization efforts by converting 1,100 testers to full-time jobs and raising their base pay, the NLRB also found that it unfairly withheld raises from Raven QA workers who had voted to join a union. Activision Blizzard claimed that it had pass on those pay raises due to “legal obligations” around a pending election, but the NLRB attributed this to the unionization. Improved conditions might come, but they aren’t guaranteed to come quickly.

 

John Wick creator Derek Kolstad is working on yet another videogame adaptation. Fresh off the news that he’s writing and producing a Streets of Rage film, it emerged that Kolstad is taking on the same duties for a live-action movie based on Sifu.

Kolstad and his partners at media company Story Kitchen have teamed up with Sifu developer and publisher Sloclap, as Deadline reports. The beat-’em-up proved a hit when it was released in February, as it sold a million copies in three weeks — despite Elden Ring and Horizon Forbidden West arriving at around the same time. What makes Sifu stand out from the pact is that every time the protagonist dies in their quest for vengeance, they get older but their enemies stay the same age.

That hook alone gives a screenwriter a lot of intriguing possibilities. The one vs. many aspect of Sifu seems right up Kolstad’s alley as well, given his experience with the John Wick franchise and Nobody. As if all that wasn’t enough, Kolstad is also behind Netflix’s Splinter Cell, an upcoming animated series based on Ubisoft’s games.

 

Google is starting to test end-to-end encryption (E2EE) in Messages for RCS group chats on Android. Some users who are enrolled in the Messages open beta program will gain access in the coming weeks ahead of a broader rollout. The company said during its I/O 2022 developer conference that an E2EE beta for group chats would be available by the end of this year.

The move comes 18 months after Google Messages started offering E2EE for one-on-one conversations to shield chats from prying eyes. It started testing E2EE in Messages in November 2020, so it may be several months before the privacy feature is enabled for all group chats.

Many carriers and phone manufacturers have gotten on board with RCS over the last several years to offer features such as high-quality photos and videos, read receipts and E2EE. The 30-year-old SMS format doesn’t support any of those. Still, there’s one company that’s continuing to turn its nose up at RCS — Apple, which is staying cozy inside the walled garden of iMessage.

Google has been publicly pleading with Apple to adopt RCS but so far those efforts haven’t proven fruitful. In September, Apple CEO Tim Cook jokingly suggested that iOS users who are having trouble sending videos to a loved one with an Android device should just buy them an iPhone.

Nevertheless, Google has been trying to improve iOS and Android messaging interoperability, and it made another attempt to get Apple onboard with RCS in a blog post. “Today, all of the major mobile carriers and manufacturers have adopted RCS as the standard — except for Apple,” Messages group product manager Neena Budhiraja wrote. “Apple refuses to adopt RCS and continues to rely on SMS when people with iPhones message people with Android phones, which means their texting is stuck in the 1990s.”

Still, there are companies that are working on ways to make iMessage accessible on other devices. Just this week, the developers of an app called Sunbird claim to have gotten iMessage to work on Android.

 

A game that is easy to learn, but difficult to master. This was the concept Atari founder Nolan Bushnell instilled into Allan Alcorn, a then-24-year-old engineer, prior to the development of one of the most recognizable games of all time, Pong, just over 50 years ago.

Pong, a video game in which a square is bounced between two rectangles controlled by players, was released on November 29th of 1972 by Atari, only a few days more than 50 years ago. Atari sold more than 8,000 Pong arcade cabinets, and a few years later, the home version would become an instant success, selling about 150,000 units of a console that played nothing but Pong. However, despite how much time has passed, and the massive changes the gaming industry has endured, Pong‘s — and Atari’s — influence on the world of video games remains prevalent today. Watch the video below for the full story.

 

GE has created a smart mixer that could help take more of the sting out of baking. For one thing, the Profile Smart Mixer with Auto Sense has a built-in scale that will enable you to measure ingredients directly in the mixing bowl — just be sure to add each ingredient slowly so you don’t plop in too much.

It uses motor torque feedback to monitor the texture and viscosity of a mix. According to Crate and Barrel, which snagged the smart mixer as an exclusive product, the appliance will shut off when it detects that your concoction is ready for the next step. That should help you avoid having overmixed dough that results in overly chewy cookies.

Naturally, given that this is a smart mixer, there’s support for Alexa and Google Assistant voice control. So, you can set the mixing speed without having to get flour all over the controls or washing your hands first.

There’s a companion app that has more than a dozen guided recipes at the outset. Through over-the-air updates, GE will add more features and recipes over time. Furthermore, this is said to be the first smart mixer in the US with an advanced digital brushless DC motor system. That seemingly helps the mixer run at consistently high power with the ability to work stiff doughs without stalling or overheating. The smart mixer is said to run at a lower temperature than other models, which should help extend its lifespan.

If it works as promised, the auto shutoff function in particular could be useful for newer bakers who aren’t used to eyeballing doughs for readiness. However, you’ll need to have reasonably steep pockets if you want to pick up GE’s smart mixer as it costs $1,000. Preorders are open now and the mixer should ship later this month.

 

The Meta Quest Pro is a classic case of the early adopter’s dilemma. Although the headset offers a wealth of potential for virtual reality enthusiasts, it also requires a $1,500 investment for something that — at least for now — doesn’t have the software to justify its price. Although today’s v47 update doesn’t fix that problem, it does take a small first step by adding mixed reality (MR) capture and background audio playback.

The first update since Quest Pro’s launch lets you record your real-world environment combined with virtual elements. Previously, you could only capture in-game action and the real-world elements would be reduced to a black background.

The feature doesn’t appear to require any settings changes. After installing the update, you can record MR video by pulling up the headset’s Quick Action Bar, navigating to Camera and tapping “Record Video.”

Background audio is another addition. While playing any game, you can stream audio from the headset’s browser or any 2D panel app (progressive web apps optimized for Quest), and you’ll still hear it when you jump into a game. The feature lets you listen to your favorite music or podcast while playing an otherwise serene VR game (fishing, golf and meditation experiences come to mind).

Meta also added several feature updates for its entire Quest lineup (also including the Quest 2 and the original Quest). Horizon Home, the cozy hub you see when you first put on the headset, now makes it easier to change your avatar’s appearance. It also includes a virtual mirror to check out your avatar’s makeovers in real-time. Additionally, the Meta Quest mobile app received a few updates. You can now make your game wish lists public to send to friends and family as a not-so-subtle holiday gift nudge. The mobile app also makes it easier to see friend activity and adds widgets for starting a Cast, including viewing your headset and controller’s battery life.

 

Volkswagen’s electric car lineup is now mature enough that it’s introducing second-generation models — and it appears the company is taking some criticism to heart. VW has teased a redesign of the ID.3 that addresses complaints about the first version while upgrading the technology. The compact EV now sports a “matured” design with a supposedly sharper-looking exterior and higher-quality interior materials. Importantly, it’s also more functional — there’s a larger 12-inch infotainment display, two cupholders in the center console and a removable luggage compartment floor.

The tech may be the centerpiece. VW stresses the new ID.3 will use the company’s “latest” software platform, which boosts the sometimes-sluggish performance and allows for over-the-air updates. It will also reflect feature upgrades that include easier paid EV charging, adaptive lane guidance and parking aids.

VW won’t formally unveil the revamped ID.3 until the spring, and pre-orders placed now won’t arrive until the last quarter of 2023 due to “high order volume.” However, it’s keeping the current starting price of €43,995 (about $43,600) for the Life trim. Business, Style, Max and Tour variants will also be available.

There’s no mention of which markets will get the new EV. As before, though, we wouldn’t expect a North American ID.3 launch. VW remains focused on crossovers and SUVs like the ID.4 in this market, and its fledgling Chattanooga EV factory will still be ramping up production through 2023. All the same, the second-gen ID.3 will be worth a look as a preview what to expect for revisions of those models that do cross the Atlantic. They may not be complete reinventions, but they should fare better against stiff competition from the likes of Ford and Nissan.

 

TikTok and Bumble are the latest tech companies to join an initiative aimed at reducing the spread of revenge porn — intimate images and videos shared without the subject’s consent. They’ve partnered with StopNCII.org (Stop Non-Consensual Intimate Image Abuse), which hosts a tool developed in partnership with Meta. TikTok, Bumble, Facebook and Instagram will detect and block any images that are included in StopNCII.org’s bank of hashes.

The website enables people to create hashes (unique digital fingerprints) of images and videos in question. This process takes place on their device. In order to protect users’ privacy, the actual files aren’t uploaded to StopNCII.org, only a unique string of letters and numbers.

Hashes submitted to StopNCII.org are shared with the initiative’s partners. If an image or video uploaded to TikTok, Bumble, Facebook or Instagram matches a corresponding hash and “meets partner policy requirements,” the file will be sent to the platform’s moderation team. If moderators find that the image breaks their platform’s rules, they’ll remove it. The other partner platforms will block the image from being shared too.

The tool has been live for a year and more than 12,000 people have created cases to prevent intimate videos and images being shared without consent. Users have created more than 40,000 hashes to date. As Bloomberg notes, Meta partnered with SWGfL, the UK nonprofit behind the Revenge Porn Helpline, to develop StopNCII.org. SWGfL hopes that many more platforms will sign up.

The initiative builds on a pilot Meta (then known as Facebook) started in Australia in 2017 that asked users to upload revenge porn images to a Messenger chat with themselves. Meta promised to delete the images after hashing them, but the approach raised obvious privacy concerns.

TikTok and Bumble are joining the initiative amid increasing regulatory scrutiny on the former and a broader crackdown on revenge porn. The UK, for instance, plans to force platforms that host user-generated content to take down non-consensual intimate images more swiftly, as laid out in the government’s Online Safety Bill.