"Dozens of Fortune 100 organizations" have unknowingly hired North Korean IT workers using fake identities, generating revenue for the North Korean government while potentially compromising tech firms, according to Google's Mandiant unit. "In a report published Monday [...], researchers describe a common scheme orchestrated by the group it tracks as UNC5267, which has been active since 2018," reports The Record. "In most cases, the IT workers 'consist of individuals sent by the North Korean government to live primarily in China and Russia, with smaller numbers in Africa and Southeast Asia.'" From the report: The remote workers "often gain elevated access to modify code and administer network systems," Mandiant found, warning of the downstream effects of allowing malicious actors into a company's inner sanctum. [...] Using stolen identities or fictitious ones, the actors are generally hired as remote contractors. Mandiant has seen the workers hired in a variety of complex roles across several sectors. Some workers are employed at multiple companies, bringing in several salaries each month. The tactic is facilitated by someone based in the U.S. who runs a laptop farm where workers' laptops are sent. Remote technology is installed on the laptops, allowing the North Koreans to log in and conduct their work from China or Russia.

Workers typically asked for their work laptops to be sent to different addresses than those listed on their resumes, raising the suspicions of companies. Mandiant said it found evidence that the laptops at these farms are connected to a "keyboard video mouse" device or multiple remote management tools including LogMeIn, GoToMeeting, Chrome Remote Desktop, AnyDesk, TeamViewer and others. "Feedback from team members and managers who spoke with Mandiant during investigations consistently highlighted behavior patterns, such as reluctance to engage in video communication and below-average work quality exhibited by the DPRK IT worker remotely operating the laptops," Mandiant reported.

In several incident response engagements, Mandiant found the workers used the same resumes that had links to fabricated software engineer profiles hosted on Netlify, a platform often used for quickly creating and deploying websites. Many of the resumes and profiles included poor English and other clues indicating the actor was not based in the U.S. One characteristic repeatedly seen was the use of U.S-based addresses accompanied by education credentials from universities outside of North America, frequently in countries such as Singapore, Japan or Hong Kong. Companies, according to Mandiant, typically don't verify credentials from universities overseas. Further reading: How Not To Hire a North Korean IT Spy

The Verge's Emma Roth reports: NotebookLM, Google's AI note-taking app, can now summarize and help you dig deeper into YouTube videos. The new capability works by analyzing the text in a YouTube video's transcript, including autogenerated ones. Once you add a YouTube link to NotebookLM, it will use AI to provide a brief summary of key topics discussed in the transcript. You can then click on these topics to get more detailed information as well as ask questions. (If you're struggling to come up with something to ask, NotebookLM will suggest some questions.)

After clicking on some of the topics, I found that NotebookLM backs up the information provided in its chat window with a citation that links you directly to the point in the transcript where it's mentioned. You can also create an Audio Overview based on the content, which is a podcast-style discussion hosted by AI. I found that the feature worked on most of the videos I tried, except for ones published within the past two days or so. [...] In addition to adding support for YouTube videos, Google announced that NotebookLM now supports audio recordings as well, allowing you to search transcribed conversations for certain information and create study guides.

A new law in California will make it easier for consumers to cancel their streaming subscriptions and similar products when they enroll in automatic renewal of those services. From a report: The law, passed through Assembly Bill (AB) 2863, will require companies that offer automatic subscription renewals through one-click purchases to also offer customers a way to cancel their subscriptions through the same one-click method. California already had one of the toughest subscription cancellation laws in the country, requiring companies to offer a way to cancel a recurring subscription through the Internet if they allowed customers to sign up for a service that way.

The initial law was meant to prevent companies from allowing customers to purchase a subscription through the web, while forcing them to call a hotline to cancel them. Consumer advocacy groups complained that companies would often subject customers to frustrating long wait times on the phone with the hope that they would eventually hang up without cancelling their service. While the law was good in theory, it contained at least one loophole: Companies were in compliance as long as they offered a way for customers to cancel their subscriptions online, but could make them click several links or visit several webpages with opt-in requirements before a cancellation request was processed.

Mozilla is exiting the fediverse by shutting down its Mozilla.social Mastodon server on December 17. Moving forward, the company will focus on Firefox and AI, aligning with its strategy under interim CEO Laura Chambers to scale back investments in non-core products. TechCrunch reports: Mozilla.social was a small instance, having only 270 active users at the time of Tuesday's announcement. By comparison, the most popular Mastodon instance, Mastodon.social, has over 247,500 monthly active users. Mozilla had telegraphed its plans to scale back on its fediverse investments earlier this year after the CEO stepped down. At the time, Mozilla board member Laura Chambers took over the job as the interim CEO of Mozilla Corporation through the end of 2024. Shortly after the change in leadership, Mozilla said it would refocus its product strategy around Firefox and AI and significantly scale back or even shutter other efforts. Among those products affected by the pullback were its VPN, Relay, and Online Footprint Scrubber, in addition to its Mastodon instance, the company said at the time. Meanwhile, its virtual world Hubs was shut down.

The redirection of Mozilla's efforts came after its flagship product, the Firefox web browser, spent years losing market share. That left room for other competitors, like the startup Arc, to take hold in the alternative browser market. Months prior to this change in strategy, Mozilla had been touting the fediverse's potential, but under Chambers, the company said that a more "modest approach" to the fediverse would have allowed it to participate with "greater agility." In an internal memo, Mozilla signaled that going forward, a "much smaller team" would participate in the Mastodon ecosystem. However, it didn't say at the time that the Mozilla.social instance would shut down, adding that it would continue to bring small experiments to those who participated on its instance. Mozilla said it was a "hard decision."

"Thank you for being part of the Mozilla.social community and providing feedback during our closed beta. You can continue to use Mozilla.social until December 17," a post on Mastodon reads. Users can download their data or migrate their accounts at the respective links.

An anonymous reader quotes a report from Ars Technica: Earlier this year, we got a look at something unusual: the results of an internal investigation conducted by Harvard Business School that concluded one of its star faculty members had committed research misconduct. Normally, these reports are kept confidential, leaving questions regarding the methods and extent of data manipulations. But in this case, the report became public because the researcher had filed a lawsuit that alleged defamation on the part of the team of data detectives that had first identified potential cases of fabricated data, as well as Harvard Business School itself. Now, the court has ruled (PDF) on motions to dismiss the case. While the suit against Harvard will go on, the court has ruled that evidence-backed conclusions regarding fabricated data cannot constitute defamation -- which is probably a very good thing for science.

The researchers who had been sued, Uri Simonsohn, Leif Nelson, and Joe Simmons, run a blog called Data Colada where, among other things, they note cases of suspicious-looking data in the behavioral sciences. As we detailed in our earlier coverage, they published a series of blog posts describing an apparent case of fabricated data in four different papers published by the high-profile researcher Francesca Gino, a professor at Harvard Business School. The researchers also submitted the evidence to Harvard, which ran its own investigation that included interviewing the researchers involved and examining many of the original data files behind the paper. In the end, Harvard determined that research misconduct had been committed, placed Gino on administrative leave and considered revoking her tenure. Harvard contacted the journals where the papers were published to inform them that the underlying data was unreliable.

Gino then filed suit alleging that Harvard had breached their contract with her, defamed her, and interfered with her relationship with the publisher of her books. She also added defamation accusations against the Data Colada team. Both Harvard and the Data Colada collective filed a motion to have all the actions dismissed, which brings us to this new decision. Harvard got a mixed outcome. This appears to largely be the result that the Harvard Business School adopted a new and temporary policy for addressing research misconduct when the accusations against Gino came in. This, according to the court, leaves questions regarding whether the university had breached its contract with her. However, most of the rest of the suit was dismissed. The judge ruled that the university informing Gino's colleagues that Gino had been placed on administrative leave does not constitute defamation. Nor do the notices requesting retractions sent to the journals where the papers were published. "I find the Retraction Notices amount 'only to a statement of [Harvard Business School]'s evolving, subjective view or interpretation of its investigation into inaccuracies in certain [data] contained in the articles,' rather than defamation," the judge decided.

More critically, the researchers had every allegation against them thrown out. Here, the fact that the accusations involved evidence-based conclusions, and were presented with typical scientific caution, ended up protecting the researchers. The court cites precedent to note that "[s]cientific controversies must be settled by the methods of science rather than by the methods of litigation" and concludes that the material sent to Harvard "constitutes the Data Colada Defendants' subjective interpretation of the facts available to them." Since it had already been determined that Gino was a public figure due to her high-profile academic career, this does not rise to the standard of defamation. And, while the Data Colada team was pretty definitive in determining that data manipulation had taken place, its members were cautious about acknowledging that the evidence they had did not clearly indicate Gino was the one who had performed the manipulation. Finally, it was striking that the researchers had protected themselves by providing links to the data sources they'd used to draw their conclusions. The decision cites a precedent that indicates "by providing hyperlinks to the relevant information, the articles enable readers to review the underlying information for themselves and reach their own conclusions."

An anonymous reader quotes a report from 9to5Google: Rolling out starting today, Google Search results will now directly link to The Internet Archive to add historical context for the links in your results. [...] Google has partnered with The Internet Archive, a non-profit research library that, in part, stores and preserves massive portions of the web to be easily referenced later. This is done through the "Wayback Machine" which can show a website or specific page as it existed on a previous date. Through this new partnership, Google will link directly to The Internet Archive's Wayback Machine for pages that you find in Search.

To access The Internet Archive's Wayback Machine links through Google Search you'll need to click the three-dots menu button that appears alongside all search results and then tap on "More about this page." This new feature is still actively rolling out, but Google was able to provide an image to show what the integration looks like. In a post regarding the announcement, The Internet Archive said that this partnership "underscores the importance of web archiving."

An anonymous reader quotes a report from TechCrunch: A group of Democratic senators is urging the FTC and Justice Department to investigate whether AI tools that summarize and regurgitate online content like news and recipes may amount to anticompetitive practices. In a letter to the agencies, the senators, led by Amy Klobuchar (D-MN), explained their position that the latest AI features are hitting creators and publishers while they're down. As journalistic outlets experience unprecedented consolidation and layoffs, "dominant online platforms, such as Google and Meta, generate billions of dollars per year in advertising revenue from news and other original content created by others. New generative AI features threaten to exacerbate these problems."

The letter continues: "While a traditional search result or news feed links may lead users to the publisher's website, an AI-generated summary keeps the users on the original search platform, where that platform alone can profit from the user's attention through advertising and data collection. [] Moreover, some generative AI features misappropriate third-party content and pass it off as novel content generated by the platform's AI. Publishers who wish to avoid having their content summarized in the form of AI-generated search results can only do so if they opt out of being indexed for search completely, which would result in a materially significant drop in referral traffic. In short, these tools may pit content creators against themselves without any recourse to profit from AI-generated content that was composed using their original content. This raises significant competitive concerns in the online marketplace for content and advertising revenues."

Essentially, the senators are saying that a handful of major companies control the market for monetizing original content via advertising, and that those companies are rigging that market in their favor. Either you consent to having your articles, recipes, stories, and podcast transcripts indexed and used as raw material for an AI, or you're cut out of the loop. The letter goes on to ask the FTC and DOJ to investigate whether these new methods are "a form of exclusionary conduct or an unfair method of competition in violation of the antitrust laws." [...] The letter was co-signed by Senators Richard Blumenthal (D-CT), Mazie Hirono (D-HI), Dick Durbin (D-IL), Sheldon Whitehouse (D-RI), Tammy Duckworth (D-IL), Elizabeth Warren (D-MA), and Tina Smith (D-MN).

Steven Levy, writing for Wired: My first story for WIRED -- yep, 31 years ago -- looked at a group of "crypto rebels" who were trying to pry strong encryption technology from the government-classified world and send it into the mainstream. Naturally I attempted to speak to someone at the National Security Agency for comment and ideally get a window into its thinking. Unsurprisingly, that was a no-go, because the NSA was famous for its reticence. Eventually we agreed that I could fax (!) a list of questions. In return I got an unsigned response in unhelpful bureaucratese that didn't address my queries. Even that represented a loosening of what once was total blackout on anything having to do with this ultra-secretive intelligence agency. For decades after its post-World War II founding, the government revealed nothing, not even the name, of this agency and its activities. Those in the know referred to it as "No Such Agency."

In recent years, the widespread adoption of encryption technology and the vital need for cybersecurity has led to more openness. Its directors began to speak in public; in 2012, NSA director Keith Alexander actually keynoted Defcon. I'd spent the entire 1990s lobbying to visit the agency for my book Crypto; in 2013, I finally crossed the threshold of its iconic Fort Meade Headquarters for an on-the-record conversation with officials, including Alexander. NSA now has social media accounts on Twitter, Instagram, Facebook. And there is a form on the agency website for podcasters to request guest appearances by an actual NSA-ite.

So it shouldn't be a total shock that NSA is now doing its own podcast. You don't need to be an intelligence agency to know that pods are a unique way to tell stories and hold people's attention. The first two episodes of the seven-part season dropped this week. It's called No Such Podcast, earning some self-irony points from the get-go. In keeping with the openness vibe, the NSA granted me an interview with an official in charge of the project -- one of the de facto podcast producers, a title that apparently is still not an official NSA job posting. Since NSA still gotta NSA, I can't use this person's name. But my source did point out that in the podcast itself, both the hosts and the guests -- who are past and present agency officials -- speak under their actual identities.

Spotify claims Apple may be again in violation of European regulation, the Digital Markets Act (DMA), which requires interoperability from big technology companies dubbed "gatekeepers." From a report: This time, the issue isn't about in-app purchases, links or pricing information, but rather how Apple has discontinued the technology that allows Spotify users to control the volume on their connected devices.

When streaming to connected devices via Spotify Connect on iOS, users were previously able to use the physical buttons on the side of their iPhone to adjust the volume. As a result of the change, this will no longer work. To work around the issue, Spotify iOS users will instead be directed to use the volume slider in the Spotify Connect menu in the app to control the volume on connected devices. The company notes that this issue doesn't affect users controlling the volume on iOS Bluetooth or AirPlay sessions, nor users on Android. It only applies to those listening via Spotify Connect on iOS. As a result, Spotify iOS users globally will be directed to use the new in-app volume slider beginning on September 3.

An anonymous reader quotes a report from TechCrunch: [...] Anthropic, in its continued effort to paint itself as a more ethical, transparent AI vendor, has published the system prompts for its latest models (Claude 3 Opus, Claude 3.5 Sonnet and Claude 3 Haiku) in the Claude iOS and Android apps and on the web. Alex Albert, head of Anthropic's developer relations, said in a post on X that Anthropic plans to make this sort of disclosure a regular thing as it updates and fine-tunes its system prompts. The latest prompts, dated July 12, outline very clearly what the Claude models can't do -- e.g. "Claude cannot open URLs, links, or videos." Facial recognition is a big no-no; the system prompt for Claude Opus tells the model to "always respond as if it is completely face blind" and to "avoid identifying or naming any humans in [images]." But the prompts also describe certain personality traits and characteristics -- traits and characteristics that Anthropic would have the Claude models exemplify.

The prompt for Claude 3 Opus, for instance, says that Claude is to appear as if it "[is] very smart and intellectually curious," and "enjoys hearing what humans think on an issue and engaging in discussion on a wide variety of topics." It also instructs Claude to treat controversial topics with impartiality and objectivity, providing "careful thoughts" and "clear information" -- and never to begin responses with the words "certainly" or "absolutely." It's all a bit strange to this human, these system prompts, which are written like an actor in a stage play might write a character analysis sheet. The prompt for Opus ends with "Claude is now being connected with a human," which gives the impression that Claude is some sort of consciousness on the other end of the screen whose only purpose is to fulfill the whims of its human conversation partners. But of course that's an illusion. "If the prompts for Claude tell us anything, it's that without human guidance and hand-holding, these models are frighteningly blank slates," concludes TechCrunch's Kyle Wiggers. "With these new system prompt changelogs -- the first of their kind from a major AI vendor -- Anthropic is exerting pressure on competitors to publish the same. We'll have to see if the gambit works."

Nearly 200 Google DeepMind workers signed a letter urging Google to cease its military contracts, expressing concerns that the AI technology they develop is being used in warfare, which they believe violates Google's own AI ethics principles. "The letter is a sign of a growing dispute within Google between at least some workers in its AI division -- which has pledged to never work on military technology -- and its Cloud business, which has contracts to sell Google services, including AI developed inside DeepMind, to several governments and militaries including those of Israel and the United States," reports TIME Magazine. "The signatures represent some 5% of DeepMind's overall headcount -- a small portion to be sure, but a significant level of worker unease for an industry where top machine learning talent is in high demand." From the report: The DeepMind letter, dated May 16 of this year, begins by stating that workers are "concerned by recent reports of Google's contracts with military organizations." It does not refer to any specific militaries by name -- saying "we emphasize that this letter is not about the geopolitics of any particular conflict." But it links out to an April report in TIME which revealed that Google has a direct contract to supply cloud computing and AI services to the Israeli Military Defense, under a wider contract with Israel called Project Nimbus. The letter also links to other stories alleging that the Israeli military uses AI to carry out mass surveillance and target selection for its bombing campaign in Gaza, and that Israeli weapons firms are required by the government to buy cloud services from Google and Amazon.

"Any involvement with military and weapon manufacturing impacts our position as leaders in ethical and responsible AI, and goes against our mission statement and stated AI Principles," the letter that circulated inside Google DeepMind says. (Those principles state the company will not pursue applications of AI that are likely to cause "overall harm," contribute to weapons or other technologies whose "principal purpose or implementation" is to cause injury, or build technologies "whose purpose contravenes widely accepted principles of international law and human rights.") The letter says its signatories are concerned with "ensuring that Google's AI Principles are upheld," and adds: "We believe [DeepMind's] leadership shares our concerns." [...]

The letter calls on DeepMind's leaders to investigate allegations that militaries and weapons manufacturers are Google Cloud users; terminate access to DeepMind technology for military users; and set up a new governance body responsible for preventing DeepMind technology from being used by military clients in the future. Three months on from the letter's circulation, Google has done none of those things, according to four people with knowledge of the matter. "We have received no meaningful response from leadership," one said, "and we are growing increasingly frustrated."

Google is making a new desktop app called Essentials that packages a few Google services, like Messages and Photos, and includes links to download many others. The app will be included with many new Windows laptops, with the first ones coming from HP. From a report: The Essentials app lets you "discover and install many of our best Google services," according to Google's announcement, and lets you browse Google Photos as well as send and receive Google Messages in the app. A full list of apps has not yet been announced, but Google's announcement art showcases icons including Google Sheets, Google Drive, Nearby Share, and Google One (a two-month free trial is offered through Essentials for new subscribers).

HP will start including Google Essentials across its computer brands, like Envy, Pavilion, Omen, and more. Google says you're "in control of your experience" and can uninstall any part of Essentials or the whole thing.

OpenAI has announced a partnership with Conde Nest, allowing the company's AI products to display content from Vogue, The New Yorker, Conde Nast Traveler, GQ, Architectural Digest, Vanity Fair, Wired, Bon Appetit and other outlets. CNBC reports: "With the introduction of our SearchGPT prototype, we're testing new search features that make finding information and reliable content sources faster and more intuitive," OpenAI wrote in a blog post. "We're combining our conversational models with information from the web to give you fast and timely answers with clear and relevant sources." OpenAI added that the SearchGPT prototype offers direct links to news stories and that the company plans "to integrate the best of these features directly into ChatGPT in the future." It is the latest in a recent trend of some media outlets joining forces with AI startups such as OpenAI to enter into content deals.

According to Kaspersky, hackers linked to Chinese threat actors have targeted Russian state agencies and tech companies in a campaign named EastWind. The Record reports: [T]he attackers used the GrewApacha remote access trojan (RAT), an unknown PlugY backdoor and an updated version of CloudSorcerer malware, which was previously used to spy on Russian organizations. The GrewApacha RAT has been used by the Beijing-linked hacking group APT31 since at least 2021, the researchers said, while PlugY shares many similarities with tools used by the suspected Chinese threat actor known as APT27.

According to Kaspersky, the hackers sent phishing emails containing malicious archives. In the first stage of the attack, they exploited a dynamic link library (DLL), commonly found in Windows computers, to collect information about the infected devices and load the additional malicious tools. While Kaspersky didn't explicitly attribute the recent attacks to APT31 or APT27, they highlighted links between the tools that were used. Although PlugY malware is still being analyzed, it is highly likely that it was developed using the DRBControl backdoor code, the researchers said. This backdoor was previously linked to APT27 and bears similarities to PlugX malware, another tool typically used by hackers based in China.

An anonymous reader quotes a report from Fast Company's Jared Newman: With its new Pixel 9 phones, Google Assistant is getting a demotion. In its place, Google's will ship Gemini as the default voice assistant on its flagship phones. Gemini uses large language models to interpret questions and generate answers, which means it can respond in a more conversational way. But while Google is eager to showcase Gemini as an answer to OpenAI's ChatGPT, tossing out Assistant is a mistake. Too often, Gemini fails at performing basic tasks, and it's going to cause lots of frustration for folks who depend on their phone's voice control features. Although Google says Gemini can now handle many of the same instructions as Assistant, that hasn't been my experience at all. As evidence, I submit a list of useful Google Assistant actions that either aren't possible or don't work properly with Gemini. Here is a summary of the challenges Gemini faces, as documented by Newman:

1. Local results are worse: Gemini provides less useful information for local business queries compared to Google Assistant, lacking context and formatting.
2. Gemini can't take notes: Unlike Google Assistant, Gemini cannot take voice notes or save them in an app like Google Keep.
3. No-can-do on to-do lists: Gemini does not support adding items to to-do lists, a feature that Google Assistant handles efficiently.
4. Weather doesn't work right: Gemini struggles with weather forecasts, often giving incorrect locations, unlike Google Assistant which works reliably.
5. Turn-by-turn directions don't load: Gemini fails to provide direct turn-by-turn navigation, only offering a preview, whereas Google Assistant launches navigation immediately.
6. Music and podcast requests are YouTube-only: Gemini only supports YouTube Music, unlike Google Assistant which supports multiple streaming services.
7. Video (in)capabilities: Gemini cannot directly access streaming apps for movies or shows, only suggesting content with no direct links.
8. No photo search: Gemini cannot search for photos in Google Photos, a task that Google Assistant can easily handle.
9. Bye-bye to a useful news feature: Gemini fails to play or provide recent news effectively, unlike Google Assistant's useful daily news briefing feature.
10. No Routines: Gemini does not support the automation of multiple actions through Routines, a feature present in Google Assistant.
11. So much for Shortcuts: Gemini lacks the Shortcuts feature available in Google Assistant, offering no replacement for quick actions in third-party apps.
12. A slower experience: Responses from Gemini are slower by a second or two compared to Google Assistant when answering queries.

"Last year, a major meta-analysis that re-examined 107 studies over 40 years came to the conclusion that no amount of alcohol improves health," the New York Times reported this June, citing a study co-authored by Tim Stockwell, an epidemiologist at the Canadian Institute for Substance Use Research. Dr. Stockwell (and other scientists he's collaborated with) "are overhauling decades-worth of scientific evidence — and newspaper headlines — that backed the health benefits of alcohol," writes the Telegraph, "or what is known in the scientific community as the J-curve. The J-curve is the theory that, like a capital J, the negative health consequences of drinking dip slightly into positive territory with moderate drinking — as it benefits such things as the heart — before rising sharply back into negative territory the more someone drinks."

But Stockwell's study prompted at least one scientist to accuse Stockwell of "cherry picking" evidence to suit an agenda — while a think-tank executive suggests he's a front for a worldwide temperance lobby: Dr Stockwell denies this. Speaking to The Telegraph, he in turn accused his detractors of being funded by the alcohol lobby and said his links to temperance societies were fleeting. He was the president of the Kettil Bruun Society (a think tank born out of what was the international temperance congresses) [from 2005 to 2007] and he has been reimbursed for addressing temperance movements and admits attending their meetings, but, he says, not as a member...

Former British government scientist Richard Harding, who gave evidence on safe drinking to the House of Commons select committee on science and technology in 2011, told The Telegraph that Dr Stockwell had wrongly taken a correlation to be causal. "Dr Stockwell's research is essentially epidemiology, which is the study of populations," Dr Harding said. "You record people's lifestyle and then see what diseases they get and try to correlate the disease with some aspect of their lifestyle. But it is just a correlation, it's just an association. Epidemiology can never establish causality on its own. And in this particular case, Dr Stockwell selected six studies out of 107 to focus on. You could say he cherry picked them. Really, the important thing is not the epidemiology, it's the effect that alcohol actually has on the body. We know the reasons why the curve is J-shaped; it's because of the protective effect moderate consumption has on heart disease and a number of other diseases."

Dr Stockwell rejects Dr Harding's criticism of his study, telling The Telegraph that Dr Harding "doesn't appear to have read it" and accusing him of being in the pocket of the alcohol industry. "We identified six high-quality studies out of 107 and they didn't find any J-shaped curve," Dr Stockwell said. "In fact, since our recent paper, we've now got genetic studies which are showing there's no benefits of low-level alcohol use. I personally think there might still be small benefits, but the point of our work is that, if there are benefits, they've been exaggerating them."
The article notes that Stockwell's research "has been published in The Lancet, among other esteemed organs," and that "scientists he has collaborated with on research highlighting the dangers of alcohol are in positions of power at major institutions, such as the World Health Organisation."

And honestly, the opposing viewpoint seems to be thinly-sourced. Besides Harding (the former British government scientist), the article cites:

• The head of lifestyle economics at the Institute of Economic Affairs (which Wikipedia describes as "a right-wing, free market think tank")

• An alcohol policy specialist at Brock University in Ontario (who argues rather unconvincingly that "you can't measure when someone didn't hurt themselves because a friend invited them for a drink.")

On the basis of that, the article writes "respected peers say it is far from settled science and have cast doubt on his research". (And that "fellow academics and experts" told The Telegraph "they read the report in disbelief.") Did the Telegraph speak to others who just aren't mentioned in the story? Or are they extrapolating, in that famous British tabloid journalism sort of way?

An anonymous reader quotes a report from Ars Technica: Back in July 2022, when mobile app metrics firm Branch acquired the popular and well-regarded Nova Launcher for Android, the app's site put up one of those self-directed FAQ posts about it. Under the question heading "What does Branch want with Nova?," Nova founder and creator Kevin Barry started his response with, "Not to mess it up, don't worry!" Branch (formerly/sometimes Branch Metrics) is a firm concerned with helping businesses track the links that lead into their apps, whether from SMS, email, marketing, or inside other apps. Nova, with its Sesame Search tool that helped users find and access deeper links -- like heading straight to calling a car, rather than just opening a rideshare app -- seemed like a reasonable fit. Barry wrote that he had received a number of acquisition offers over the years, but he didn't want to be swallowed by a giant corporation, an OEM, or a volatile startup. "Branch is different," he wrote then, because they wanted to add staff to Nova, keep it available to the public, and mostly leave it alone.

Two years later, Branch has left Nova Launcher a bit too alone. As documented on Nova's official X (formerly Twitter) account, and transcripts from its Discord, as of Thursday Nova had "gone from a team of around a dozen people" to just Barry, the founder, working alone. The Nova cuts were part of "a massive layoff" of purportedly more than 100 people across all of Branch, according to now-former Nova workers. Barry wrote that he would keep working on Nova, "However I have less resources." He would need to "cut scope" on an upcoming Nova release, he wrote. Other employees noted that customer support, marketing, and even correspondence would likely be strained or disappear. "While Nova is not dead (despite mine and others' eulogistic tones), it's certainly not positioned to launch bold new features or plot new futures," writes Ars' Kevin Purdy, in closing. "Here's hoping Barry can make a go of Nova Launcher for as long as it's viable for him."

Apple on Thursday announced changes to its Digital Markets Act (DMA) compliance plan for the European Union, as the tech giant faces an ongoing investigation by the European Commission for suspected non-compliance. The revised rules, set to roll out this fall, ease restrictions on developers' ability to promote external offers within iOS apps. Developers can now inform users about offers available beyond their own websites, including on other apps and marketplaces, without adhering to Apple-mandated templates.

Apple has also introduced a new fee structure for purchases made through external links. An "Initial Acquisition Fee" of 5% will apply to new users' first-year purchases, while a "Store Services Fee" of 10% (or 5% for smaller developers) will be charged on subsequent transactions. These changes replace the controversial Core Technology Fee, which is currently under EU scrutiny.

Spotify and Epic aren't satisfied with the changes. Spotify has called the new plan "unacceptable," arguing it disregards DMA requirements. Epic Games CEO Tim Sweeney labeled it "malicious compliance" involving "junk fees."

Another study is raising concern about the safety of the widely used sugar alcohol sweetener erythritol, a low-calorie sugar substitute found in "keto-friendly" foods, baked goods and candies. From a report: Researchers from the Cleveland Clinic compared erythritol to typical sugar and found only erythritol caused worrisome cardiovascular effects. Although the study was small, it's the first head-to-head look at people's blood levels after they consume products with erythritol or sugar (glucose). "We compared the results, and glucose caused none of the problems," said Dr. Stanley Hazen, a cardiologist at the Cleveland Clinic and the lead author of the study, published Thursday morning in the journal Arteriosclerosis, Thrombosis, and Vascular Biology.

Erythritol is one ingredient on a growing list of nonsugar sweeteners found in low-calorie and sugar-free foods. Erythritol and xylitol are sugar alcohols that are sweet like sugar but with far fewer calories. Erythritol is often mixed with another sweetener, stevia, and xylitol is often found in gum, mouthwash and toothpaste. Earlier studies from Hazen's lab -- one published last year and the other in June -- found potential links between the sugar alcohols and an increased risk of heart attacks and strokes. The research suggested both sugar alcohols might make blood platelets stickier and therefore more susceptible to clotting and blocking veins or arteries, in turn contributing to heart attacks and strokes. For the new research, Hazen's team analyzed the heart effects of erythritol and regular sugar -- in this case, simple glucose -- by enrolling two groups of healthy middle-aged male and female volunteers: 10 who consumed the erythritol and 10 who consumed sugar.

iPhone and Apple Watch users in California will soon be able to add their digital ID and driver's license to the Wallet app, as revealed by new landing pages on the state DMV website. This feature follows a slow rollout since its announcement, with only five states currently supporting it. MacRumors reports: "Now you can add your California driver's license or state ID to Apple Wallet on iPhone and Apple Watch so you can present it easily and securely in person and in app," reads the landing page, which contains broken links and placeholder images, and is still missing a proper website security certificate. The webpages were discovered on Sunday by Jimmy Obomsawin, after someone added a link to the landing pages in an Apple Wallet Wikipedia entry last Wednesday.