PyPI or the Python Package Index is giving away 4,000 Google Titan security keys as part of its move to mandatory two-factor authentication (2FA) for critical projects built in the Python programming language. ZDNet reports: PyPI, which is managed by the Python Software Foundation, is the main repository where Python developers can get third-party developed open-source packages for their projects. [...] One way developers can protect themselves from stolen credentials is by using two-factor authentication and the PSF is now making it mandatory for developers behind "critical projects" to use 2FA in coming months. PyPI hasn't declared a specific date for the requirement. "We've begun rolling out a 2FA requirement: soon, maintainers of critical projects must have 2FA enabled to publish, update, or modify them," the PSF said on its PyPI Twitter account.

As part of the security drive, it is giving away 4,000 Google Titan hardware security keys to project maintainers gifted by Google's open source security team. "In order to improve the general security of the Python ecosystem, PyPI has begun implementing a two-factor authentication (2FA) requirement for critical projects. This requirement will go into effect in the coming months," PSF said in a statement. "To ensure that maintainers of critical projects have the ability to implement strong 2FA with security keys, the Google Open Source Security Team, a sponsor of the Python Software Foundation, has provided a limited number of security keys to distribute to critical project maintainers.

PSF says it deems any project in the top 1% of downloads over the prior six months as critical. Presently, there are more than 350,000 projects on PyPI, meaning that more than 3,500 projects are rated as critical. PyPI calculates this on a daily basis so the Titan giveaway should go a long way to cover a chunk of key maintainers but not all of them. In the name of transparency, PyPI is also publishing 2FA account metrics here. There are currently 28,336 users with 2FA enabled, with nearly 27,000 of them using a 2FA app like Microsoft Authenticator. There are over 3,800 projects rated as "critical" and 8,241 PyPI users in this group. The critical group is also likely to grow since projects that have been designated as critical remain so indefinitely while new projects are added to mandatory 2FA over time. The 2FA rule applies to both project maintainers and owners.

Elon Musk just tweeted a picture of himself laughing — along with a caption he'd apparently added himself.

"They said I couldn't buy Twitter. Then they wouldn't disclose bot info. Now they want to force me to buy Twitter in court. Now they have to disclose bot info in court."

In fact, tonight The Register cited one of the documents Twitter filed in court after Musk's lawyer argued Twitter had "failed or refused" to provide info on spam accounts. But so far it's just a letter Musk's lawyer wrote to the court on Friday, explaining in more detail why Musk wants to call off the acquisition: One segment of the document claims that Musk and his team sought "a variety of board materials, including a working, bottom-up financial model for 2022, a budget for 2022, an updated draft plan or budget, and a working copy of Goldman Sachs' valuation model underlying its fairness opinion."

"Twitter has provided only a pdf copy of Goldman Sachs' final Board presentation."

Other disclosures, the document states, "come with strings attached, use limitations or other artificial formatting features, which has rendered some of the information minimally useful to Mr. Musk and his advisors.

"For example, when Twitter finally provided access to the eight developer 'APIs' first explicitly requested by Mr. Musk in the May 25 Letter, those APIs contained a rate limit lower than what Twitter provides to its largest enterprise customers. Twitter only offered to provide Mr. Musk with the same level of access as some of its customers after we explained that throttling the rate limit prevented Mr. Musk and his advisors from performing the analysis that he wished to conduct in any reasonable period of time.

"Additionally, those APIs contained an artificial 'cap' on the number of queries that Mr. Musk and his team can run regardless of the rate limit — an issue that initially prevented Mr. Musk and his advisors from completing an analysis of the data in any reasonable period of time," the document states.

Musk and his team raised the issue of query limits on June 29, but Twitter did not change the limit until July 6 — after Musk asked for its removal a second time.... Musk felt Twitter was in breach of the merger agreement. So he pulled the plug, leaving open the questions of why Twitter might have provided only limited access to its APIs, or why it could not offer more access given it operates at significant scale.
In fact, it's one of three reasons for ending the acquisition that Musk's lawyer makes in the letter. Materially-relevant figures on spam accounts were reason number one. ("Twitter has not provided information that Mr. Musk has requested for nearly two months notwithstanding his repeated, detailed clarifications intended to simplify Twitter's identification, collection, and disclosure of the most relevant information sought in Mr. Musk's original requests.")

But there's more... Musk's lawyer also argues Twitter is in breach of the merger agreement because of "materially inaccurate representations" — specifically their figures on monetizable daily active users. While Musk's analysis "remains ongoing, all indications suggest that several of Twitter's public disclosures...are either false or materially misleading." While Twitter has claimed they have a reasoned process for calculating monetizable daily active users (and the percentage of spam accounts), Musk's lawyer argues that instead the process "appears to be arbitrary and ad hoc," rendering Twitter's statements "false and misleading." And thus, "Mr. Musk has the right to seek rescission of the Merger Agreement in the event these material representations are determined to be false."

But finally Musk's lawyer provides a third reason for ending the acquisition. Twitter was required to "seek and obtain consent before deviating from its obligation to conduct its business in the ordinary course and 'preserve substantially intact the material components of its current business organization.'" The lawyer's letter argues that didn't happen: Twitter's conduct in firing two key, high-ranking employees, its Revenue Product Lead and the General Manager of Consumer, as well as announcing on July 7 that it was laying off a third of its talent acquisition team, implicates the ordinary course provision. Twitter has also instituted a general hiring freeze which extends even to reconsideration of outstanding job offers. Moreover, three executives have resigned from Twitter since the Merger Agreement was signed: the Head of Data Science, the Vice President of Twitter Service, and a Vice President of Product Management for Health, Conversation, and Growth.
But Twitter hadn't received "consent for changes in the conduct of its business, including for the specific changes listed above," according to Musk's lawyer, which "therefore constitute a material breach of Section 6.1 of the Merger Agreement."

"If I want AWS to ignore me completely all I have to do is open a pull request against one of their repositories," quipped cloud economist Corey Quinn in April, while also complaining that the real problem is "how they consistently and in my opinion incorrectly try to shape a narrative where they're contributing to the open source ecosystem at a level that's on par with their big tech company peers."

But on Friday tech columnist Matt Asay argued that AWS is quietly getting better at open source. "Agreed," tweeted tech journalist Steven J. Vaughan-Nichols in response, commending "Good open source people, good open-source work." (And Vaughan-Nichols later retweeted an AWS principle software engineer's announcement that "Over at Amazon Linux we are hiring, and also trying to lead and better serve customers by being more involved in upstream communities.") Mark Atwood, principle engineer for open source at Amazon, also joined Asay's thread, tweeting "I'm glad that people are noticing. Me and my team have been doing heavy work for years to get to this point. Generally we don't want to sit at the head of the table, but we are seeing the value of sitting at the table."

Asay himself was AWS's head of developer marketing/Open Source strategy for two years, leaving in August of 2021. But Friday Asay's article noted a recent tweet where AWS engineer Divij Vaidya announced he'd suddenly become one of the top 10 contributors to Apache Kafka after three months as the founding engineer for AWS's Apache Kafka open source team. (Vaida added "We are hiring for a globally distributed fully remote team to work on open source Apache Kafka! Join us.")

Asay writes: Apache Kafka is just the latest example of this.... This is exactly what critics have been saying AWS doesn't do. And, for years, they were mostly correct.

AWS was, and is, far more concerned with taking care of customers than being popular with open-source audiences. So, the company has focused on being "the best place for customers to build and run open-source software in the cloud." Historically, that tended to not involve or require contributing to the open-source projects it kept building managed services around. Many felt that was a mistake — that a company so dependent on open source for its business was putting its supply chain at risk by not sustaining the projects upon which it depended...

PostgreSQL contributor (and sometime AWS open-source critic) Paul Ramsey has noticed. As he told me recently, it "[f]eels like a switch flipped at AWS a year or two ago. The strategic value of being a real stakeholder in the software they spin is now recognized as being worth the dollars spent to make it happen...." What seems to be happening at AWS, if quietly and usually behind the scenes, is a shift toward AWS service teams taking greater ownership in the open-source projects they operationalize for customers. This allows them to more effectively deliver results because they can help shape the roadmap for customers, and it ensures AWS customers get the full open-source experience, rather than a forked repo with patches that pile up as technical debt.

Vaidya and the Managed Service for Kafka team is an example along with Madelyn Olson, an engineer with AWS's ElastiCache team and one of five core maintainers for Redis. And then there are the AWS employees contributing to Kubernetes, etcd and more. No, AWS is still not the primary contributor to most of these. Not yet. Google, Microsoft and Red Hat tend to top many of the charts, to Quinn's point above. This also isn't somehow morally wrong, as Quinn also argued: "Amazon (and any company) is there to make money, not be your friend."

But slowly and surely, AWS product teams are discovering that a key element of obsessing over customers is taking care of the open-source projects upon which those customers depend. In other words, part of the "undifferentiated heavy lifting" that AWS takes on for customers needs to be stewardship for the open-source projects those same customers demand.
UPDATE: Reached for a comment today, Asay clarified his position on Quinn's original complaints about AWS's low level of open source contributions. "What I was trying to say was that while Corey's point had been more-or-less true, it wasn't really true anymore."

In the last two weeks, six new Linux laptops have hit the market (or were announced). "The Linux hardware scene is getting better by the day," writes the site FOSS Weekly:

• Star Labs teases its new StarFighter Linux Laptop with a 4K (10-bit IPS) display.

• MNT Research introduces a "more affordable" 7-inch mini Linux laptop, the MNT Pocket Reform.

• KDE's Slimbook 4 is here with AMD Ryzen 7 5700U processor and a better battery, starting from $1,000. "Buying from Slimbook supports KDE development too," notes Gaming on Linux, adding that there's a choice of 14 or 15.6 inch displays.

• TUXEDO's Pulse 15 — Gen2 (also with an AMD Ryzen 7 5700U processor) has a 15-inch HiDPI WQHD 165Hz display, along with eight cores and 16 threads. (And the Register notes its twin cooling fans, "allowing them to overclock the chip and run it at 35W," and a choice of distros.)

• Pre-orders have opened for the Roma — the first RISC-V Laptop (which may ship in September). Ars Technica reports they're offering "free Silicon upgrades" — that is free system-on-a-chip and system-on-module upgrades for its quad-core RISC-V CPU. And there's also a companion NPU/GPU, notes a blog post at RISCV.org, "for the fastest, seamless RISC-V native software development available." (As well as "early access to next-generation laptop and accessory upgrades at generous discounts or for free.") The blog post calls it a "Web3-friendly platform with NFT creation and publication plus integrated MetaMask-style wallet."

• System 76's "Lemur" Alder Lake- and coreboot-powered laptop arrives with 14 hours of battery life.

Elon Musk no longer wants to buy Twitter, which now will "pursue legal action" simply to "enforce" their planned merger agreement, according to the company's chairman.

But however that plays out, Twitter is now in a worst-case scenario, one Wall Street analyst argues to NBC News: Dan Ives, a managing director and senior equity research analyst covering the technology sector at Wedbush Securities, said Twitter's stock price stands to suffer significant damage.... "The company has been in pure chaos — people have left in droves, and now competitors are going to seize on the ad dollars. With the employee turnover, it's going to be viewed as damaged goods from another potential buyer...."

Ives believes the damage to Twitter's value has only just begun. "When you have a cult figure like Musk — one of, if not the, most followed person in world — calling out Twitter, now it has a ripple effect that's hard to quantify," Ives said. "From advertisers to employees to the political firestorm that could ensue," he said. "For Twitter, it's not about the court battle and the legal ramifications, and how that plays out, that will be debated by lawyers. But it's a public company that needs to be run, and now it's hanging in the wind."

"It's Friday night and I'm meant to be on my first vacation in a year," tweeted a senior writer at Wired. "But instead I've been bargaining with Wired management all day — and will tonight and into the weekend to get a fair deal."

65 editorial workers at Wired are threatening to strike for two days if they can't reach a contract agreement with their publisher, Condé Nast, by July 12. "The employees argue they aren't being paid equitably despite the fact that their work helps drive some of the company's most lucrative traffic days," reports Axios: High-profile writers are joining the union's push, arguing Wired workers should be treated equally to those at other Condé Nast-owned publications, especially when it comes to rights over their work.

"While Condé Nast owns our work, it's fair practice to allow writers and creators to share in the bounty when the work they produce is resold to others — and the company has agreed to that principle by giving full-time New Yorker writers a piece of the action when their work is reprinted by others, or sold to filmmakers," Steven Levy, editor at large at Wired and a contributor there since the magazine's 1993 launch, said in a statement provided to Axios by the union. "We've been asking for exactly the same terms that the New Yorker writers got in their contract, but Condé Nast won't even discuss this with us."

"It's insulting to imply that Wired creators are less deserving than other Condé employees," he said. "And it's not like our work isn't valued outside the company — a Wired story was the basis of a best-picture-of-the-year Oscar...!"

The first union to come out of Condé Nast was on behalf of employees at The New Yorker in June 2018. Ars Technica and Pitchfork launched their own unions the following year. Wired voted to unionize in April 2020.... Earlier this year, Condé Nast employees from publications that hadn't yet unionized, including Vogue, Bon Appétit and others, formed a union representing around 500 editorial workers.
The article also notes successful negotiations at tech sites BuzzFeed News and Vox Media — and shares one more strategic detail:

The Wired workers threatening to walk are asking their supporters to sign an online petition pledging "no contracts, no clicks." (That is, if the workers fail to reach a deal by Tuesday July 12th, "do not click on any WIRED links or shop through WIRED on July 12th and July 13th. Do not cross the picket line.") But if they do reach a deal by Tuesday, "please continue to click. Support union publications!"

Microsoft has "delayed enforcement" of what could be a controversial policy change, according to the Software Freedom Conservancy: A few weeks ago, Microsoft quietly updated its Microsoft [app] Store Policies, adding new policies (which go into effect next week), that include this text:

all pricing ... must ... [n]ot attempt to profit from open-source or other software that is otherwise generally available for free [meaning, in price, not freedom].

Wednesday, a number of Microsoft Store users discovered this and started asking questions. Quickly, those of us (including our own organization) that provide Free and Open Source Software (FOSS) via the Microsoft Store started asking our own questions too.... Since all (legitimate) FOSS is already available (at least in source code form) somewhere "for free" (as in "free beer"), this term (when enacted) will apply to all FOSS...

Sadly, these days, companies like Microsoft have set up these app stores as gatekeepers of the software industry. The primary way that commercial software distributors reach their customers (or non-profit software distributors reach their donors) is via app stores. Microsoft has closed its iron grasp on the distribution chain of software (again) — to squeeze FOSS from the marketplace. If successful, even app store users will come to believe that the only legitimate FOSS is non-commercial FOSS. This is first and foremost an affront to all efforts to make a living writing open source software. This is not a merely hypothetical consideration. Already many developers support their FOSS development (legitimately so, at least under the FOSS licenses themselves) through app store deployments that Microsoft recently forbid in their Store....

Microsoft counter-argues that this is about curating content for customers and/or limiting FOSS selling to the (mythical) "One True Developer". But, even a redrafted policy (that Giorgio Sardo [General Manager of Apps at Microsoft] hinted at publicly early Thursday) will mandate only toxic business models for FOSS (such as demo-ware, less-featureful versions available as FOSS, while the full-featured proprietary version is available for a charge).
The Conservancy argues that FOSS "was designed specifically to allow both the original developers and downstream redistributors to profit fairly from the act of convenient redistribution (such as on app stores)." But it also speculates about the sincerity of Microsoft's intentions. "We're cognizant that Microsoft probably planned all this, anyway — including the community outrage followed by their usual political theater of feigned magnanimity."

The Conservancy's post Thursday received an update Friday about Microsoft's coming policy update: After we and others pointed out this problem, a Microsoft employee claimed via Twitter that they would "delay enforcement" of their new anti-FOSS regulation [giving as their reason that "it could be perceived differently than intended."]

We do hope Microsoft will ultimately rectify the matter, and look forward to the change they intend to enact later. Twitter is a reasonable place to promote such a change once it's made, but an indication of non-enforcement by one executive on their personal account is a suboptimal approach. This is a precarious situation for FOSS projects who currently raise funds on the Microsoft Store; they deserve a definitive answer.

Given the tight timetable (just five days!) until the problematic policy actually does go into effect, we call on Microsoft to officially publish a corrected policy now that addresses this point and move the roll-out date at least two months into the future. (We suggest September 16, 2022.) This will allow FOSS projects to digest the new policy with a reasonable amount of time, and give Microsoft time to receive feedback from the impacted projects and FOSS experts.

Elon Musk wants to end his deal to buy Twitter, reports CNBC citing a letter sent by a lawyer on his behalf. From the report: In the letter, disclosed in a Securities and Exchange Commission filing, Skadden Arps attorney Mike Ringler charged that "Twitter has not complied with its contractual obligations." Ringler claimed that Twitter did not provide Musk with relevant business information he requested, as Ringler said the contract would require. Musk has previously said he wanted to assess Twitter's claims that about 5% of its monetizable daily active users (mDAUs) are spam accounts.

"Twitter has failed or refused to provide this information," Ringler claimed. "Sometimes Twitter has ignored Mr. Musk's requests, sometimes it has rejected them for reasons that appear to be unjustified, and sometimes it has claimed to comply while giving Mr. Musk incomplete or unusable information." Ringler also charged in the letter that Twitter breached the merger agreement because it allegedly contains "materially inaccurate representations." This accusation is based on Musk's own preliminary review of spam accounts on Twitter's platform. Twitter has said it's not possible to calculate spam accounts from solely public information and that a team of experts conducts a review to reach the 5% figure.

"While this analysis remains ongoing, all indications suggest that several of Twitter's public disclosures regarding its mDAUs are either false or materially misleading," Ringer alleged. He also claimed Twitter breached its obligations under the agreement to get Musk's consent before changing its ordinary course of business, pointing to recent layoffs at the company. Twitter shares were down about 5% after hours on Friday. The $44 billion deal was first announced by Twitter on April 25th but was placed "on hold" two weeks later after the social network reported that false or spam accounts comprised less than 5 percent of its 226 million monetizable daily active users, a figure that Musk says the company was not able to prove.

"Twitter deal temporarily on hold pending details supporting calculation that spam/fake accounts do indeed represent less than 5% of users," Musk tweeted at the time. However, in a follow-up tweet, he added that he was "still committed to [the] acquisition."

Yesterday, Twitter executives told reporters in a briefing that the social network removes more than 1 million spam accounts each day. This raises the question... how many new real accounts does it get each day?

UPDATE: Twitter says it's going to sue Musk for trying to back out of the deal. "The Twitter Board is committed to closing the transaction on the price and terms agreed upon with Mr. Musk and plans to pursue legal action to enforce the merger agreement," tweeted Twitter's chairman, Bret Taylor, less than an hour after Musk's legal team said he wanted out of the deal in a filing with the Securities and Exchange Commission. "We are confident we will prevail in the Delaware Court of Chancery."

System76, the Colorado-based Linux laptop, desktop, and server specialist, has announced a new highly portable laptop with an Intel Alder Lake processor inside. Tom's Hardware reports: The new Lemur Pro(opens in new tab) is a "lighter than Air" 14-inch form factor laptop with excellent battery life and attractions such as open firmware (powered by Coreboot) and a 180-degree hinge. In addition, buyers can choose to go with Pop!_OS 22.04 LTS or Ubuntu 22.04 LTS pre-installed. The new Lemur Pro has many attractive modern features you might see advertised in many rival mainstream thin and light designs. However, the special sauce here is the "System76 Open Firmware with Coreboot." Coreboot, known initially as LinuxBIOS, is significant as it is an open-source BIOS implementation embraced by Linux users. It is lightweight, flexible, and feature-rich. [...]

System76 has designed the Lemur Pro with monitor-based docking in mind. It envisions users connecting to a big screen using the USB-C connection to benefit from the more expansive workspace and laptop charging. Like Windows, Linux had to have some serious tinkering under the hood to prepare for the mix of Performance and Efficiency cores in Alder Lake chips. However, rest assured, efficient hybrid scheduling is taken care of with the two OS options that can be pre-installed on the Lemur Pro.

System76 allows customers to configure and buy Lemur Pro laptops right now. There are many RAM and storage configurations to pick through, and you can add external keyboards and monitors to the bundle. The entry price with an Intel Core i5-1235U, 8GB RAM, 240GB of storage, and no extras is $1,149. However, the Core i7-1255U model is a bit of a stretch, adding $200 to the base price for the faster CPU clocks.

Twitter removes more than 1 million spam accounts each day, executives told reporters in a briefing on Thursday, providing new insight into efforts to reduce harmful automated bots as billionaire Elon Musk has demanded more details from the social media company. Reuters reports: The briefing comes after Musk threatened to halt a $44 billion deal to purchase Twitter unless the company showed proof that spam and bot accounts were fewer than 5% of users who see advertising on the social media service. Musk previously tweeted that one of his biggest priorities after acquiring Twitter is to "defeat the spam bots or die trying."

On a conference call, the company reiterated that spam accounts were well under 5% of users who are served advertising, a figure that has been unchanged in its public filings since 2013. Human reviewers manually examine thousands of Twitter accounts at random and use a combination of public and private data in order to calculate and report to shareholders the proportion of spam and bot accounts on the service, Twitter said. The company said it does not believe a calculation of such accounts could be performed externally because it would require private information, but declined to comment on the type of data it would provide to Musk.

Twitter has sued the Indian government to challenge some of its takedown orders, TechCrunch reported Tuesday, further escalating the tension between the American social giant and New Delhi. From a report: In its lawsuit, filed Tuesday, Twitter alleges that New Delhi has abused its power by ordering it to remove several tweets from its platform. The lawsuit follows a rough year and a half for Twitter in India, a key overseas market for the firm, where it has been asked to take down hundreds of accounts and tweets, many of which critics argue were objected because they denounced the Indian government's policies and Prime Minister Narendra Modi.

The British army is "investigating an apparent hack," reports Engadget, after its official Twitter and YouTube accounts were compromised Sunday: News of the breach was first reported by Web3 is Going Great . According to the blog, both accounts were simultaneously compromised to promote two different cryptocurrency scams.

Although it has since been scrubbed, the army's verified Twitter account was briefly changed to look like a page for The Possessed, a project involving a collection of 10,000 animated NFTs with a price floor of 0.58 Ethereum (approximately $1,063). During that time, the account tweeted out multiple links to a fake minting website....

Over on YouTube, the army's channel [had] been made to look like a page for Ark Invest...livestreaming videos that repurpose old footage of Elon Musk, Jack Dorsey and Ark CEO Katie Wood discussing cryptocurrency. The clips feature an overlay promoting "double your money" Bitcoin and Ethereum scams. According to Web3 is Going Great, a similar scheme netted scammers $1.3 million this past May. It's unclear who is behind the attacks.

On Tuesday Brendan Carr, a commissioner on America's Federal Communications Commission,warned on Twitter that TikTok, owned by China-based company ByteDance, "doesn't just see its users dance videos: It collects search and browsing histories, keystroke patterns, biometric identifiers, draft messages and metadata, plus it has collected the text, images, and videos that are stored on a device's clipboard. Tiktok's pattern of misrepresentations coupled with its ownership by an entity beholden to the Chinese Community Party has resulted in U.S. military branches and national security agencies banning it from government devices.... The CCP has a track record longer than a CVS receipt of conducting business & industrial espionage as well as other actions contrary to U.S. national security, which is what makes it so troubling that personnel in Beijing are accessing this sensitive and personnel data.
Today CNN interviewed Carr, while also bringing viewers an update. TikTok's China-based employees accessed data on U.S. TikTok users, BuzzFeed had reported — after which TikTok announced it intends to move backup data to servers in the U.S., allowing them to eventually delete U.S. data from their servers. But days later Republican Senator Blackburn was still arguing to Bloomberg that "Americans need to know if they are on TikTok, communist China has their information."

And FCC commissioner Carr told CNN he remains suspicious too: Carr: For years TikTok has been asked directly by U.S. lawmakers, 'Is any information, any data, being accessed by personnel back in Beijing?' And rather than being forthright and saying 'Yes, and here's the extent of it and here's why we don't think it's a problem,' they've repeatedly said 'All U.S. user data is stored in the U.S.," leaving people with the impression that there's no access.... This recent bombshell reporting from BuzzFeed shows at least some of the extent to which massive amounts of data has allegedy been going back to Beijing.

And that's a problem, and not just a national security problem. But to me it looks like a violation of the terms of the app store, and that's why I wrote a letter to Google and Apple saying that they should remove TikTok and boot them out of the app store... I've left them until July 8th to give me a response, so we'll see what they say. I look forward to hearing from them. But there's precedence for this. Before when applications have taken data surreptitiously and put it in servers in China or otherwise been used for reasons other than servicing the application itself, they have booted them from the app store. And so I would hope that they would just apply the plain terms of their policy here.
When CNN points out the FCC doesn't have jurisdiction over social media, Carr notes "speaking for myself as one member" they've developed "expertise in terms of understanding how the CCP can effectively take data and infiltrate U.S. communications' networks. And he points out that the issue is also being raised by Congressional hearings and by Republican and Democrat Senators signing joint letters together, so "I'm just one piece of a broader federal effort that's looking at the very serious risks that come from TikTok." Carr: At the end of the day, it functions as sophisticated surveillance tool that is harvesting vast amounts of data on U.S. users. And I think TikTok should answer point-blank, has any CCP member obtained non-public user data or viewed it. Not to answer with a dodge, and say they've never been asked for it or never received a request. Can they say no, no CCP member has ever seen non-public U.S. user data.
Carr's appearance was followed by an appearance by TikTok's VP and head of public policy for the Americas. But this afternoon Carr said on Twitter that TikTok's response contradicted its own past statements: Today, a TikTok exec said it was "simply false" for me to say that they collect faceprints, browsing history, & keystroke patterns.

Except, I was quoting directly from TikTok's own disclosures.

TikTok's concerning pattern of misrepresentations about U.S. user data continues.

Monday Amazon posted a 15-second teaser trailer on Twitter for their upcoming Prime Video series The Lord of the Rings: the Rings of Power (premiering September 2nd) — drawing on two lavish one-minute trailers released earlier in the year.

"The first season of Amazon's show will be the most expensive season of television ever produced," reports IndieWire: Season 1 has a $465 million budget. Amazon Studios chief Jennifer Salke stated in May 2021 that she was "pretty confident" that the show will draw the required viewership to make the money worth spent.

Back in 2017, when it was reported that Amazon had bought the rights to "The Lord of the Rings" — winning a bidding war against Netflix — the number reported with that sale was $250 million. That number alone made it the most expensive television series ever, but later, The Hollywood Reporter reported that the whole series would end up costing more than $1 billion, due to production expenses (casting, producers, visual effects, etc.). "The Lord of the Rings" film trilogy's own Elijah Wood reacted to that particular figure during an interview, saying, "That's crazy to me." For context, the Peter Jackson trilogy grossed $2.92 billion worldwide. The combined budget for all three films was $281 million.

That $250 million rights deal for "The Lord of the Rings" also came with a five-season commitment for the series. A guaranteed five seasons should also guarantee at least one full story told from beginning to end, even though there's always the possibility of more, depending on the series' success. The deal also allowed for the potential of spin-off series, which could mean the potential for even more of Middle-earth outside just this adaptation. In November 2019, Deadline confirmed that Amazon had officially ordered a second season of the series and that it was already in the works. According to the report, the official early renewal means that there will be a shorter wait time between the first two seasons come release.

However, the series may not ever get out of the Second Age — which is, again, 3,441 years long, so it's got a lot to work with — as, according to Tolkien scholar and "The Lord of the Rings" consultant Tom Shippey, the estate of J.R.R. Tolkien has refused to grant Amazon permission to film anything other than the Second Age, as to not alter the history of the more fleshed out Third Age. "But you can add new characters and ask a lot of questions..."
The tagline of the newly-released trailer? "Nothing is evil...in the beginning."

In 2019 Shippey was quoted as saying the first season would have either 20 episodes or 22 episodes, though this year Amazon said a number "hasn't been officially announced."

And there's one other thing we know. There will be orcs (and some of their backstory), according to IGN's exclusive interview with the show's executive producer — and the head of its prosthetic department.

"Gen Z may not be familiar with the RadioShack of their grandparents, but they're getting to know its replacement," writes the Washington Post.

"The 100-year-old retailer reintroduced itself on Twitter this week with a stream of often-profane tweets — some since deleted — filled with crude comments and drug references." Variations of, "What in the world is going on?" peppered the comment threads, but a glance of the company's Twitter profile partly held the answer: RadioShack is no longer the electronics store Americans ran to for generations, but rather an online cryptocurrency company that also happens to sell batteries.

"It's our voice, a new voice, one for the people," said Abel Czupor, the chief marketing officer. "RadioShack's audience used to be only an older demographic, but as times have changed and e-commerce has taken over, the old voice of RadioShack is no longer relevant."

Following a decade of decline, RadioShack was delisted by New York Stock Exchange in 2015. In its struggle to find a brand identity, the chain filed for bankruptcy twice, and went from having roughly 5,200 U.S. stores in 2014 to about 400 when private equity firm Retail Ecommerce Ventures (REV) purchased it in 2020. REV was formed by Alex Mehr, the co-founder of online dating site Zoosk.com, and Tai Lopez, an online influencer known for coaching about his lavish lifestyle. They launched RadioShack Swap, a decentralized crypto exchange platform that allows users to swap coins or tokens, a format that comes with more flexibility and lower transaction fees than trading... In a May statement, the company reported trading volume of $40 million, with a daily average of $500,000 to $2 million....

Yet with its latest marketing strategy on Twitter, the reactions were mixed. One day the platform itself "randomly shut down our account and locked us out." Czupor said, though some tweets were later restored.
The new RadioShack tells the Post that "Sales have actually grown since we started upping our Twitter game over the past several weeks." And the founder of social media marketing consultancy Flying Hare Social told the newspaper that RadioShack's tweets may help them gain visibility — because "Everybody who's interested in crypto is interested in this kind of humor."

"Effortlessly funny. Endlessly talented. Gone too soon," tweeted fellow YouTuber Ted Nivison after hearing the news. "Technoblade, a popular Minecraft YouTuber, has died from cancer age 23," writes the Verge.

But before Technoblade left, he'd prepared a goodbye for his 11.9 million subscribers: In a video uploaded to his YouTube channel titled "so long nerds" and narrated by his father, Technoblade thanked his fans and fellow streamers for their support over the years... His father says Technoblade wrote the script for his final video from bed and died shortly afterwards. "I don't think he said everything he wanted to say, but I think he got the main points," says his father. "He finished that up and then he was done. He lived about another eight hours after that."
"Hello, everyone! Technoblade here," the final message begins. "If you're watching this, I am dead. So let's sit down and have one final chat." My real name is Alex. I had one of my siblings call me 'Dave' one time in a deleted video from 2016, and it was one of the most successful pranks we've ever done. Thousands of creepy online dudes trying to get overly personal going 'Oh hey, Dave. How's it going?'

Sorry for selling out so much in the past year. But thanks to everyone that bought hoodies, plushies, and channel memberships. My siblings are going to college! Well, if they want to. I don't want to put any dead-brother peer pressure on them.

But that's all from me. Thank you all for supporting my content over the years. If I had another hundred lives, I think I would choose to be Technoblade every single time, as those were the happiest years of my life. I hope you guys enjoyed my content, and that I made some of you laugh.

And I hope you all go on to live long, prosperous, and happy lives. Because I love you guys.

Technoblade out.
After reading the statement, the 23-year-old's father remembered that in those final hours, "We all said goodbye." Then he adds that "He was the most amazing — he was the most amazing kid anyone could ever ask for." He said he misses his son, and thanked his viewers "for everything. You meant a lot to him."

And at the end of the video a message from "Techno's mom" appears on the screen. "My son's bravery on this path was a shining lesson to all of us who were privileged to walk it with him."

slack_justyb writes: Thunderbird 102 has been released with some new UI improvements and new features. There has been a change in the icons, the layout of the address book has been upgraded to feature a more modern UI, and a new UI feature known as the spaces toolbar to get around Thunderbird. New features include an updated import and export wizard, a UI for editing the email header settings, and Matrix client support within Thunderbird, which is a messaging system using HTTPS that is similar to Discord if you've used that.

Finally, the Thunderbird Twitter account released the first screenshot of the new UI that is being targeted for the 114 release. For those wondering what the Thunderbird team has done and is doing, you can always head over to the planning section of the developer site. The roadmap are things they're working on the current release and the backlog are the things they are working towards.

FTX is swooping in to buy crypto lender BlockFi for pennies on the dollar, CNBC reported Thursday, citing sources familiar with the matter. From a report: The term sheet is almost over the finish line and expected to be signed by the end of the week, according to one source, who asked not to be named because the deal discussions were confidential. FTX will pay roughly $25 million -- 99% below BlockFi's last private valuation. Jersey City, New Jersey-based BlockFi was last valued at $4.8 billion, according to PitchBook.

An acquisition could take multiple months to close, and the price tag could shift between now and Friday, a source said. Friday also marks the end of the quarter, which the person said was a catalyst for getting a deal signed. The Wall Street Journal first reported that FTX was seeking an equity stake in the company, while the Block reported this week that an outright deal was in the works. Update: BlockFi has denied the reporting. " I can 100% confirm that we aren't being sold for $25M," the company chief executive said.

Swiss climate tech company Climeworks announced yesterday that it has broken ground on its biggest facility yet for capturing carbon dioxide from the air. The Verge reports: The new Direct Air Capture (DAC) plant, named Mammoth, will significantly scale up the company's operations in Hellisheioi, Iceland. That's where Climeworks built Orca, which was the largest DAC plant in the world when it came online last September. Orca can capture up to 4,000 tons of carbon dioxide a year, roughly equivalent to how much climate pollution 790 gas-guzzling passenger vehicles release annually. Mammoth, in comparison, can capture about nine times as much CO2 as Orca.

There are fewer than 20 such plants in the world, according to the International Energy Agency (IEA), and they don't yet have the capacity to make a serious dent in the greenhouse gas emissions humans have dumped into the atmosphere. The IEA says that to do that, the direct air capture industry has to grow to be able to draw down 85 million metric tons of CO2 by the end of the decade. For comparison, it captures just 0.01 million metric tons today. That'll likely require a new generation of DAC plants, each capable of taking in 1 million metric tons of CO2 per year. So in the grand scheme of things, Mammoth -- with the capacity to capture 36,000 tons of CO2 a year -- isn't quite so mammoth. Even so, Mammoth is an important test case for scaling up Direct Air Capture tech.

A leader of the U.S. Federal Communications Commission said he has asked Apple and Google to remove TikTok from their app stores over China-related data security concerns. CNBC reports: The wildly popular short video app is owned by Chinese company ByteDance, which faced U.S. scrutiny under President Donald Trump. Brendan Carr, one of the FCC's commissioners, shared via Twitter a letter to Apple CEO Tim Cook and Alphabet CEO Sundar Pichai. The letter pointed to reports and other developments that made TikTok non-compliant with the two companies' app store policies.

"TikTok is not what it appears to be on the surface. It is not just an app for sharing funny videos or meme. That's the sheep's clothing," he said in the letter. "At its core, TikTok functions as a sophisticated surveillance tool that harvests extensive amounts of personal and sensitive data." Carr's letter, dated June 24 on FCC letterhead, said if the Apple and Alphabet do not remove TikTok from their app stores, they should provide statements to him by July 8. The statements should explain "the basis for your company's conclusion that the surreptitious access of private and sensitive U.S. user data by persons located in Beijing, coupled with TikTok's pattern of misleading representations and conduct, does not run afoul of any of your app store policies," he said. A TikTok spokesperson told BuzzFeed News in a statement: "We know we're among the most scrutinized platforms from a security standpoint, and we aim to remove any doubt about the security of US user data. That's why we hire experts in their fields, continually work to validate our security standards, and bring in reputable, independent third parties to test our defenses."