Microsoft Corporate Vice President Joe Belfiore will leave Microsoft after 32 years with the company. From a report: Belfiore has served in several roles at Microsoft but is currently the CVP of Office. His plans to retire were announced internally in an email sent out to employees and later shared publicly on Twitter. Belfiore will be a senior advisor and coach to aid the transition until summer 2023. The Office Group will be led by CVP Ales Holecek, who has led the division alongside Belfiore for several years, and CVP Sumit Chauhan, who will move up from their role as head of Office Organization. Many of our readers know Belfiore best for his time in charge of Windows Phone. He co-led that division from 2009 to 2013, which included Microsoft's acquisition of Nokia. Belfiore then went on to lead the Windows 10 team for almost five years.

Pioneering Sega developer Rieko Kodama has passed away at the age of 58. Eurogamer reports: A memorial message for her was spotted in the credits of the Mega Drive Mini 2 and later confirmed by Sega producer Yosuke Oskunari. Sega subsequently confirmed Kodama passed back in May, but was unable to share details in respect to her family, as reported by IGN. "We pray that the deceased will rest in peace, and we offer our gratitude for her enormous contributions to Sega," said Sega of Japan.

Kodama worked on some of Sega's most celebrated games, including Sonic the Hedgehog 2, Skies of Arcadia, and Alex Kidd. She's perhaps best known as one of the creative leads on the Phantasy Star series, directing Phantasy Star 4. In 2019 she won the Pioneer Award at the Game Developers Choice Awards for her 35-year career in an industry dominated by men.

NASA obligated $2.04 billion to SpaceX in fiscal year 2022, which ended last month, according to new federal procurement data. For the first time, the amount paid by the space agency to SpaceX exceeds that paid to Boeing, which has long been the leading hardware provider to NASA. Boeing received $1.72 billion during the most recent fiscal year, based on data first reported by Aviation Week's Irene Klotz. Ars Technica reports: The California Institute of Technology, which manages the Jet Propulsion Laboratory field center for NASA, remains the agency's No. 1 contractor, with $2.68 billion in funding. The academic institution is responsible for operating the California-based NASA field center and distributing funding for myriad robotic spacecraft missions such as Mars Perseverance and the Europa Clipper. On the one hand, the ascension of SpaceX to the No. 2 spot on NASA's contractor list represents a major shakeup in the order of things. For a long time, NASA's human spaceflight and exploration programs were dominated by Boeing, Lockheed Martin, Aerojet, Northrop Grumman, and a handful of other traditional defense aerospace contractors.

However, it should come as no surprise that a company that has recently delivered the most services -- and, arguably, value -- to NASA should start to receive a large share of its contract awards. This has been most notable with SpaceX's performance on Commercial Crew, NASA's program to buy transportation services from private companies to bring its astronauts to and from the International Space Station. NASA awarded contracts to Boeing and SpaceX in 2014 to develop their spacecraft, paying Boeing about 60 percent more. At the time, it was widely believed that the traditional contractor, with this additional money, would deliver services sooner. But it was SpaceX that first flew crew to the space station in May 2020, and the company has since launched five operational missions to the orbiting laboratory. [...] Much of the funding increase for SpaceX in 2022, an increase of about $400 million over the previous year, appears to be driven by contracts for the Human Landing System as part of the Artemis Moon Program and the purchase of additional Crew Dragon missions to the space station. (Individual contracts can be found within the Federal Procurement Data System).

An anonymous reader quotes a report from ZDNet: Everyone depends on OpenSSL. You may not know it, but OpenSSL is what makes it possible to use secure Transport Layer Security (TLS) on Linux, Unix, Windows, and many other operating systems. It's also what is used to lock down pretty much every secure communications and networking application and device out there. So we should all be concerned that Mark Cox, a Red Hat Distinguished Software Engineer and the Apache Software Foundation (ASF)'s VP of Security, this week tweeted, "OpenSSL 3.0.7 update to fix Critical CVE out next Tuesday 1300-1700UTC." How bad is "Critical"? According to OpenSSL, an issue of critical severity affects common configurations and is also likely exploitable. It's likely to be abused to disclose server memory contents, and potentially reveal user details, and could be easily exploited remotely to compromise server private keys or execute code execute remotely. In other words, pretty much everything you don't want happening on your production systems.

The last time OpenSSL had a kick in its security teeth like this one was in 2016. That vulnerability could be used to crash and take over systems. Even years after it arrived, security company Check Point estimated it affected over 42% of organizations. This one could be worse. We can only hope it's not as bad as that all-time champion of OpenSSL's security holes, 2014's HeartBleed. [...] There is another little silver lining in this dark cloud. This new hole only affects OpenSSL versions 3.0.0 through 3.0.6. So, older operating systems and devices are likely to avoid these problems. For example, Red Hat Enterprise Linux (RHEL) 8.x and earlier and Ubuntu 20.04 won't be smacked by it. RHEL 9.x and Ubuntu 22.04, however, are a different story. They do use OpenSSL 3.x. [...] But, if you're using anything with OpenSSL 3.x in -- anything -- get ready to patch on Tuesday. This is likely to be a bad security hole, and exploits will soon follow. You'll want to make your systems safe as soon as possible.

Elon Musk has "added [Twitter] to his business empire after months of legal skirmishes," writes The Verge's Elizabeth Lopatto, citing reports from CNBC, The Washington Post and Insider. From the report: Musk's first move on Thursday was to oust Parag Agrawal, who was Twitter's last CEO as a public company. Chief financial officer Ned Segal and Vijaya Gadde, the company's policy chief whom Musk had publicly criticized have also reportedly left the building. Sean Edgett, the general counsel, is also gone, The New York Times reports, adding that at least one of these executives was walked out by security. Chief customer officer Sarah Personette was also fired, Insider reports. The execs received handsome payouts for their trouble, Insider reports: Agrawal got $38.7 million, Segal got $25.4 million, Gadde got $12.5 million, and Personette, who tweeted yesterday about how excited she was for Musk's takeover, got $11.2 million

Questions still remain about what Musk plans to do with Twitter now that he owns it, though he's made a number of public comments. The Washington Post reported that Musk planned to cull 75 percent of Twitter's employees, citing estimates given to prospective Twitter investors. Musk told Twitter staffers that the 75 percent figure was inaccurate, Bloomberg reported. In Musk's text messages, provided during discovery to Twitter's lawyers, he and entrepreneur Jason Calacanis, a friend of his, discussed cutting staff by requiring a return to office. "Day zero," Calacanis texted Musk. "Sharpen your blades boys." Requiring Twitter employees to return to offices would mean 20 percent of the staff would leave voluntarily, Calacanis wrote. Also, Calacanis told Musk, "Twitter CEO is my dream job."

Twitter also faces challenges to its free speech stance in court, as the Supreme Court agreed to take up two cases that will determine its liability for illegal content. Musk, who is also CEO of Tesla and SpaceX, has suggested he'll change the way Twitter's moderation works, potentially relaxing the kinds of policies that saw former President Donald Trump permanently banned from the platform. Although Musk has said that his Twitter acquisition is "not a way to make money," he's reportedly raised ideas for cost cutting and increasing revenue. Governments and corporations could be charged a "slight cost" to use Twitter, and there could be job cuts on the table to improve the company's bottom line. Some of Twitter's current employees have criticized Musk's plans for the platform as "incoherent" and lacking in detail. More broadly, Musk has talked about using Twitter to create "X, the everything app." This is a reference to China's WeChat app, which started life as a messaging platform, but has since grown to encompass multiple businesses, from shopping to payments to gaming. "You basically live on WeChat in China," Musk told Twitter employees in June. "If we can recreate that with Twitter, we'll be a great success."

Social media platform Twitter today announced that it will let users buy, sell, and display NFTs directly through tweets in partnership with four marketplaces. Decrypt reports: The integration, called NFT Tweet Tiles, displays the artwork of an NFT in a dedicated panel within a tweet, and includes a button to let users click through to a marketplace listing. The integration -- which is still in testing -- currently works with marketplaces from four specific partners: Solana-centric marketplace Magic Eden, multi-platform NFT marketplace protocol Rarible, Flow blockchain creator Dapper Labs, and sports-centric platform Jump.trade. Collectively, those marketplaces span several blockchain networks, including Ethereum, Solana, Flow, Polygon, Tezos, and Immutable X.

A Twitter representative confirmed to Decrypt that the feature is blockchain-agnostic, so all networks are supported so long as the links are from a partnered marketplace. The representative added that the "feature is currently being tested with select Twitter users across iOS and web," and that those users will see the NFT Tweet Tile integration if they're in the test group. A Twitter Blue premium subscription is not required to use the feature.

"On October 8th, PayPal updated its terms of service agreement to include a clause enabling it to withdraw $2,500 from users' bank accounts simply for posting anything the company deems as misinformation or offensive," reports Grit Daily. "Unsurprisingly, the backlash was instant and massive," causing the company to backtrack on the policy and claim the update was sent out "in error." Now, after the criticism on social media died down, several media outlets are reporting that the company quietly reinstated the questionable misinformation fine -- even though that itself may be a bit of misinformation. From a report: Apparently, they believed that everyone would just accept their claim and immediately forget about the incident. So the clause that was a mistake and was never intended to be included in PayPal's terms of service magically ended up back in there once the criticism died back down. That sounds plausible, right? And as for what constitutes a "violation" of the company's terms of service, the language is so vaguely worded that it could encompass literally anything.

The term "other forms of intolerance" is so broad that it legally gives the company grounds to claim that anyone not fully supporting any particular position is engaging in "intolerance" because the definition of the word is the unwillingness to accept views, beliefs, or behavior that differ from one's own. So essentially, this clause gives PayPal the perceived right to withdraw $2,500 from users accounts for voicing opinions that PayPal disagrees with. As news of PayPal's most recent revision spreads, I anticipate that the company's PR disaster will grow, and with numerous competing payment platforms available today, this could deliver a devastating and well deserved blow to the company. UPDATE: According to The Deep Dive, citing Twitter user Kelley K, PayPal "never removed the $2,500 fine. It's been there for over a year. All they removed earlier this month was a new section that mentioned misinformation."

She goes on to highlight the following:

1.) [T]he $2,500 fine has been there since September 2021.
2.) PayPal did remove what was originally item number 5 of the Prohibited Activities annex, the portion that contained the questionable "promoting misinformation" clause that the company claims was an "error."
3.) [T]he other portion, item 2.f. which includes "other forms of intolerance that is discriminatory," which some have pointed out may also be dangerous as the language is vague, has always been there since the policy was updated, and not recently added.

PayPal's user agreement can be read here.

TechCrunch: Google has acquired Alter, an artificial intelligence (AI) avatar startup that helps creators and brands express their virtual identity, for about $100 million, a source familiar with the matter told TechCrunch, in a push to boost its content game and better compete with TikTok.

Apple has "paused ads related to gambling and a few other categories on App Store product pages" after developers and commentators criticized the types of advertisements showing up in the iPhone's App Store, according to a statement from spokesperson Trevor Kincaid. From a report: On Tuesday, Apple announced that companies could advertise their apps on the store pages for other apps, putting their icon in the "you might also like" section. Almost immediately, developers started showing examples of ads for gambling apps being recommended under their apps. Twitter is also full of screenshots of very inappropriate ad placements: one Twitter user shows a slot machine app being advertised alongside gambling addiction recovery apps, and there are examples of other betting apps being advertised on pages for apps aimed towards children, adult video chat apps showing up on the Apple Books page, and dating apps being placed under apps designed to improve existing relationships.

Shares of Meta plunged 24% Thursday morning as investors and analysts digested the company's third-quarter earnings miss and a weak fourth-quarter outlook. Shares were trading under $100 at market open, the lowest price since 2016. From a report: The parent company of Facebook reported quarterly revenue of $27.7 billion Wednesday, a decline of more than 4% year over year and its second straight quarterly decline. Its profit plummeted 52% to $4.4 billion. Meta warned the fourth quarter would be more of the same, issuing a weaker-than-expected outlook. It's expecting revenue for the fourth quarter to be $30 billion to $32.5 billion. Analysts were expecting sales of $32.2 billion. Meta CEO Mark Zuckerberg reiterated his commitment to spending billions of dollars developing the metaverse. Meta's Reality Labs unit, which is responsible for developing the virtual reality and related augmented reality technology that underpins its plans for the metaverse, has lost $9.4 billion so far this year. Morgan Stanley downgraded the stock Thursday, citing higher spending. Analyst Brian Nowak slashed his price target to $105 from $205. He expects the company's issues to persist as Meta continues to increase spending to build out its AI capabilities. Further reading: Facebook's worth less than Home Depot.

Apple just launched new ad placements on the App Store, and developers aren't happy with the types of ads surfacing beneath their apps. From a report: As spotted by MacRumors, several app developers have pointed out that ads for gambling have started appearing in the "You Might Also Like" sections beneath their App Store listings, which is just one of the new places Apple has started sticking ads. Developer Simon B. Stovring posted a screenshot of an ad for an online casino app appearing beneath his text editor Runestone. Stovring says he visited the page for his app 10 times and noticed that ads for gambling apps showed up on three visits. Marco Arment, the developer of the podcast app Overcast, said on Twitter he's "really not OK with" the gambling ads showing up on his app product page. Another user replied to Arment's tweet, noting that the App Store is even showing gambling ads beneath apps designed specifically to help users recover from a gambling addiction, while another noticed gambling ads have even popped up on children's education apps.

While many people in California felt a moderate earthquake Tuesday, some smartphone users actually got a heads-up before it happened thanks to technology developed at the University of California, Berkeley. Axios reports: Researchers at Berkeley released an app called MyShake that can offer a brief earthquake warning by detecting the signals of an earthquake just before they are felt. Think of it like how you can see lightning before you hear thunder. The app works on both iPhone and Android, but Google announced in 2020 it would implement Berkeley's technology directly into Android, allowing far more people to benefit.

As often happens after an earthquake, people turned to Twitter after the Magnitude 5.1 quake. But some reported getting the alert first. "Got the earthquake alert on my Android phone a few seconds before I felt it," Google's Dieter Bohn said in a tweet. Google CEO Sundar Pichai also tweeted about getting the alert.

Social network Twitter has bigger ambitions with crypto. According to Jane Manchun Wong, a Hong Kong-based app researcher and reverse engineer with a great track record of finding evidence of upcoming products and services, the company is working on a "wallet prototype" that supports crypto deposit and withdrawal. The move will make Twitter the latest mainstream tech giant to make further inroads with web 3.

Freeway, a UK-based crypto platform that promised annual returns up to a mind-boggling 43%, halted withdrawals on Sunday, according to a notice published to the company's website. Freeway's native cryptocurrency, which goes by the ticker FWT, plummeted 74% following the announcement and, to top it all off, the Freeway website appears to be scrubbing the names and photos of some executives. From a report: Upset users have taken to the community Telegram channel for Freeway, expressing frustration that they can't access their accounts. People who told friends and family members to invest in the platform seemed the most angry, based on comments viewed by Gizmodo early Monday. The news, first reported by the crypto-watcher Twitter account FatManTerra, comes in the wake of other high-profile collapses in the crypto space this year, including Celsius, which has filed for bankruptcy. FatManTerra tweeted on Saturday that they believed Freeway was a Ponzi scheme which would likely collapse by this time next year. Well, apparently we didn't have to wait a whole year for things to collapse. It seems to have happened in just a day, as Freeway's website includes a varied assortment of confusing terms to explain that users can no longer access their money. And it sounds a lot like what Celsius said after it announced it was halting withdrawals back in June.

"Google is giving Apple a taste of its own medicine," reports Business Insider, arguing that the latest update to Android's messaging app "is going to make texting between iPhone and Androids even more annoying than it already is." [Alternate URL] The updates are great if you're an Android user. Google Messages' new features include the ability to reply to individual messages, star them, and set reminders on texts. But these features and some other updates to Messages are RCS-enabled, meaning they're not going to be very compatible with SMS, which is the texting standard that iMessage switches to when messaging someone without an iPhone. iPhones exchange messages using iMessage, Apple's proprietary messaging system, but revert to SMS when texting an Android.

One feature that's part of Google's payback to Apple is that now, when Messages users react to an SMS text with an emoji, iPhone users will get a text saying the other person reacted to their text with a description of whatever emoji the person used. It's similar to when iMessage users react to an SMS text, with the recipient getting a "so and so loved" message instead of seeing the heart emoji reaction.... In August, Android launched a page on its website calling Apple out for refusing "to adopt modern texting standards when people with iPhones and Android phones text each other." The page has buttons that take users to Twitter to tweet at Apple to "stop breaking my texting experience. #GetTheMessage" with a link to Android's page urging Apple to "fix texting."

"We would much prefer that everybody adopts RCS which has the capability to support proper reactions," Jan Jedrzejowicz, Google Messages product manager, said in a briefing before the Messages updates were announced. "But in the event that's not possible or hasn't happened yet, this feels like the next best thing." Recently, Apple CEO Tim Cook said he doesn't get a lot of feedback from iPhone users that Apple needs to fix messaging between iPhones and Androids. Apple doesn't have much incentive to do so, either. In legal documents from a 2021 lawsuit between Epic Games and Apple, an Apple executive said "Moving iMessage to Android will hurt us more than help us."

Disinformation has "metastasized" since experts began raising alarms about the threat, reports the New York Times.

"Despite years of efforts by the media, by academics and even by social media companies themselves to address the problem, it is arguably more pervasive and widespread today." Not long ago, the fight against disinformation focused on the major social media platforms, like Facebook and Twitter. When pressed, they often removed troubling content, including misinformation and intentional disinformation about the Covid-19 pandemic. Today, however, there are dozens of new platforms, including some that pride themselves on not moderating — censoring, as they put it — untrue statements in the name of free speech....

The purveyors of disinformation have also become increasingly sophisticated at sidestepping the major platforms' rules, while the use of video to spread false claims on YouTube, TikTok and Instagram has made them harder for automated systems to track than text.... A report last month by NewsGuard, an organization that tracks the problem online, showed that nearly 20 percent of videos presented as search results on TikTok contained false or misleading information on topics such as school shootings and Russia's war in Ukraine. "People who do this know how to exploit the loopholes," said Katie Harbath, a former director of public policy at Facebook who now leads Anchor Change, a strategic consultancy.

With the [U.S.] midterm elections only weeks away, the major platforms have all pledged to block, label or marginalize anything that violates company policies, including disinformation, hate speech or calls to violence. Still, the cottage industry of experts dedicated to countering disinformation — think tanks, universities and nongovernment organizations — say the industry is not doing enough. The Stern Center for Business and Human Rights at New York University warned last month, for example, that the major platforms continued to amplify "election denialism" in ways that undermined trust in the democratic system.

Thursday a Forbes senior writer reported: A China-based team at TikTok's parent company, ByteDance, planned to use the TikTok app to monitor the personal location of some specific American citizens, according to materials reviewed by Forbes.

The team behind the monitoring project — ByteDance's Internal Audit and Risk Control department — is led by Beijing-based executive Song Ye, who reports to ByteDance cofounder and CEO Rubo Liang. The team primarily conducts investigations into potential misconduct by current and former ByteDance employees. But in at least two cases, the Internal Audit team also planned to collect TikTok data about the location of a U.S. citizen who had never had an employment relationship with the company, the materials show.

It is unclear from the materials whether data about these Americans was actually collected; however, the plan was for a Beijing-based ByteDance team to obtain location data from U.S. users' devices.
Challenging the article, TikTok responded on Twitter that their service "does not collect precise GPS location information from U.S. users, meaning TikTok could not monitor U.S. users in the way the article suggested." But Forbes' senior writer thinks that's a misleading denial, writing on Twitter that "We never mentioned GPS in the story. In fact, we quoted their spokesperson saying they collect approximate location via IP address. Not using GPS does not mean they could not use that approximate location to monitor certain individuals."

TikTok also acknowledged on Twitter that they do have a team that will "acquire information they need to conduct internal investigations of violations of the company codes of conduct," but says the team follows a specific set of policies and processes "as is standard in companies across our industry." In Forbes' article, TikTok spokesperson Maureen Shanahan said that TikTok collects approximate location information (based on IP addresses) to "among other things, help show relevant content and ads to users, comply with applicable laws, and detect and prevent fraud and inauthentic behavior."

But Forbes' senior writer said in their article that "the material reviewed by Forbes indicates that ByteDance's Internal Audit team was planning to use this location information to surveil individual American citizens, not to target ads or any of these other purposes." The Internal Audit and Risk Control team runs regular audits and investigations of TikTok and ByteDance employees, for infractions like conflicts of interest and misuse of company resources, and also for leaks of confidential information. Internal materials reviewed by Forbes show that senior executives, including TikTok CEO Shou Zi Chew, have ordered the team to investigate individual employees, and that it has investigated employees even after they left the company.
TikTok's response on Twitter? Behavior like that would be a firing ofference. "Any use of internal audit resources as alleged by Forbes would be grounds for immediate dismissal of company personnel."

TikTok also said on Twitter that their service "has never been used to 'target' any members of the U.S. government, activists, public figures or journalists, nor do we serve them a different content experience than other users." The response of Forbes' senior writer? "I'm glad they say TikTok hasn't been used to 'target' some specific groups. I am nonetheless concerned that they planned to use it to monitor specific Americans, which is what we reported.

"Also, for what it's worth, they didn't answer this question when we asked it to them on Wednesday.... Neither TikTok nor ByteDance denied anything we reported, either in the pre-publication process, when we told them what we planned to report and asked for comment, or since then. They have also not requested a story update."

Thanks to Slashdot reader koavf for submitting the story

A leaker has claimed that Apple is working on a version of macOS exclusive for the M2 iPad Pro, with it expected at some point in 2023. Apple Insider reports: Leaker Majin Bu's sources have shared that Apple is working on a "smaller" version of macOS exclusively for the M2 iPad Pro. It is said to be codenamed Mendocino and will be released as macOS 14 in 2023. Testing is being done with a 25% larger macOS UI so it is suitable for touch. However, apps run on the product would still be iPad-optimized versions, not macOS ones.

It isn't clear why Apple would move the iPad to a macOS interface in a half-step like this. Those clamoring for macOS on iPad do so for the software more than the interface. [...] The other possible explanation is this wasn't macOS at all. Apple could be working to bring iPadOS even closer to macOS by adding a Menu Bar and other Mac-like interactions. It already introduced a Mac windowing feature in iPadOS 16 called Stage Manager, this could be the next iteration. Majin Bu also suggests that the exclusivity to M2 iPad Pro could be a marketing push. If the feature is only available on that iPad, more people would buy it.

French police said Friday they're investigating multiple cuts to fiber-optic cables in France's second-largest city. Operators said the cables link Marseille to other cities in France and Europe and that internet and phone services were severely disrupted. From a report: The disruptions in Marseille were a taste of what analysts warn could be far larger problems in other cases if cables are systematically attacked. The vulnerability of fiber-optic cables, especially those underwater, and other key infrastructure was highlighted by the sabotage last month in the Baltic Sea of natural gas pipelines from Russia. The damage in the city in southern France also appeared to resemble suspected acts of sabotage to other cables in the country earlier this year. French cable operator and internet service provider Free said its repair teams were mobilized before dawn Wednesday to deal with "an act of vandalism on our fiber infrastructure." It said the attacks were simultaneous and on multiple spots of its fiber network near Marseille. Photos that Free published on Twitter showed multiple cables completely severed in their concrete housings buried in the ground. It said the cuts led to major disruptions to its network and phone services in the Marseille area.

Microsoft has decided the Windows Subsystem for Android (WSA) -- its offering that runs Android VMs which behave just like another application in Windows -- is sufficiently stable that it can be designated version 1.0 and made available to all. From a report: While it's lovely that Windows can now run Android VMs, Hendrixson's tweet needs a little parsing. The "50,000 apps" he mentions are only available from the Amazon.com app store -- not the larger Google Play digital tat bazaar. Google's apps aren't in the Amazonian store, nor are Microsoft's. I couldn't find Twitter, WhatsApp, Slack, any of the banks I use, or the Australian government apps I need to access services. In fact it's tough work to find apps other than games in the store -- and when a search term does bear fruit it delivers what look like knockoff apps that scream "here be dragons."