Acer CXI3 Chromebox pre-orders now open and start at $297

If you want a lot of power, you can spend as much as $744.

Seemingly out of nowhere, 2018’s been shaping up to be an excellent year for Chromebox fans. Asus and HP both announced Chromebox hardware during this year’s CES, and a few weeks later, Acer unveiled its new CXI3. Acer’s Chromebox has since gone up for pre-order, and pricing sounds more than reasonable.

There are a few different models to choose from, with the most affordable coming in at just $279.99. For that price, the CXI3 comes equipped with a dual-core Intel Celeron 3865U processor, 4GB of RAM (upgradable to 16GB), and a 32GB SSD. Alternatively, you can go all the way with the $744.99 model with a quad-core Intel Core i7 chip, 16GB RAM, and a 64GB SSD.

If you want something in between the lowest and highest-end models, Acer’s also selling $469.99 and $511.99 models that come with 8GB RAM, a 64GB SSD, and an Intel Core i3 and i5 processor, respectively.

NextWarehouse says it’ll have the CXI3 in stock on April 19, whereas CDW says it’ll be available in 8 or 10 days. There’s no date currently shown on TigerDirect, but it should be available around that same time.

See at TigerDirect

Uber agrees to expanded settlement with FTC over 2016 data breach

Last year, Uber settled with the FTC over allegations that it hadn’t protected it’s customers’ data in 2014, and actually misrepresented how secure that data was. Soon after that, the now-current CEO of the ride-sharing firm found that his company had hidden evidence of an separate extortion-based attack that exposed “25 million names and email addresses, 22 million names and mobile phone numbers, and 600,000 names and driver’s license numbers of US Uber drivers and riders,” according to the FTC.

The CEO at the time, Travis Kalanick, paid hackers $100,000 to hide the attack for more than a year. Because of that secondary breach and Uber’s misconduct around it, the FTC has revised its original settlement for a 2014 incident to include a few more provisions, including civil penalties should the company fail to notify the FTC in the event of future breaches.

“My first week at Uber was the week we disclosed the 2016 breach,” Uber’s Chief Legal Officer Tony West told Engadget. “When Dara Khosrowshahi joined the company, he committed on behalf of every Uber employee that we would learn from our mistakes, change the way we did business and put integrity at the core of every decision we made. Since then we have moved quickly to do just that by taking responsibility for what happened. I am pleased that just a few months after announcing this incident, we have reached a speedy resolution with the FTC that holds Uber accountable for the mistakes of the past by imposing new requirements that reasonably fit the facts.”

Under the terms of the new complaint, Uber must also submit all the reports from the company’s third-party audits of its privacy program, not only the first report. Uber must also retain records related to bug bounty reports like the one that uncovered the second breach.

“After misleading consumers about its privacy and security practices, Uber compounded its misconduct by failing to inform the Commission that it suffered another data breach in 2016 while the Commission was investigating the company’s strikingly similar 2014 breach,” said Acting FTC Chairman Maureen K. Ohlhausen in a statement. “The strengthened provisions of the expanded settlement are designed to ensure that Uber does not engage in similar misconduct in the future.”

The new revised agreement will go through a 30-day public comment period to end on May 14th, when the Commission will decide whether to make the proposal final.

Source: FTC

Mozilla activates Tracking Protection by default for Firefox on iOS

Mozilla has a handful of updates for Firefox on iOS, privacy-minded and otherwise. Now, Tracking Protection is turned on by default rather than being an opt-in bit buried in the settings menu. You can set specific filters so retail sites (or others) can or can’t track you, according to the Mozilla blog. The company says that the Tracking Protection is the same tech that’s used in Firefox Focus on mobile and the desktop browser.

With personal data use and privacy as the topic du jour, it’s easy for Mozilla to earn a few brownie points by turning Tracking Protection on by default. But, will that be enough to stop people from installing Chrome or using Safari on iOS?

As far as iPad goes, now you can drag and drop tabs to re-order them just like you would on desktop. Just long-press to start moving stuff around. And speaking of drag-and-drop, you can take a tab and drop it into iMessage, Twitter or wherever else you see fit, no copy and pasting required. And if you’re in the spirit of using your iPad as a PC replacement, there are a handful of keyboard shortcuts for use too. Enhanced productivity!

Source: Mozilla

Ogling Apple’s Product RED iPhone 8 Plus

Continuing a tradition that began with a special edition iPod Nano in 2006, Apple is gearing up to sell Product RED versions of the iPhone 8 and 8 Plus in stores tomorrow. To commemorate the occasion, we’ve taken possession of a new iPhone 8 Plus to ogle and, erm, yeah: it’s red. A really nice, deep red. Unlike last year’s Product RED phones, Apple did the right thing and paired the deep red glass-and-metal frame with a black front. (That unfortunately means we can no longer crack jokes in Slack about 2017’s “Canada edition” iPhones.)

I could go on at length about how the specific hue Apple chose for the glass fluctuates between maroon and an almost nuclear candy apple red depending on the lighting, or how the aluminum frame’s crimson finish seems a touch more sophisticated than the bright, boisterous look of last year’s Product RED phone. Suffice to say, this is a much different beast than the RED iPhones we got before, and it’s a real stunner as a result. Since this phone offers no substantive difference from the iPhone 8s you could already buy — except for the knowledge that you’re contributing to the global fight against AIDS — I’ll just leave you with some photos. That’s really what you clicked on this story for, right?

US federal judge rules that UberBlack drivers are not employees

Uber has been fighting the perception that its drivers should be employees for quite some time. Both the UK and the state of California have concluded that drivers should be considered employees and entitled to silly things like minimum wage, holiday pay and other benefits. Now, however, a US judge in Philadelphia has ruled that UberBlack drivers are not, in fact, employees under federal law.

The ruling only applies to Uber’s limousine-like service, but could set precedence for the entire ride-sharing industry and the associated gig economy. The judge said that Uber doesn’t exert enough control over UberBlack drivers to be considered their employer under the US Fair Labor Standards Act, reports Reuters. U.S. District Judge Michael Baylson said that the drivers can work when they want to, are free to nap, can run personal errands or smoke cigarettes between rides.

Uber is understandably pleased with the decision, according to Reuters, while a lawyer for the plaintiffs said he would appeal the ruling to the US 3rd Circuit Court of Appeals, also in Philadelphia. That would make it the first federal appeals court to consider the issue, while Baylson said that he was the first judge to rule on the classification under federal law.

Source: Reuters

Can Facebook really apply the EU’s data privacy rules worldwide?

During his testimony in front of the House Energy & Commerce Committee on Wednesday, Facebook CEO Mark Zuckerberg stated that Facebook would adopt the European Union’s General Data Protection Rules (GDPR) as its privacy standard moving forward. This marks an evolution in Zuckerberg’s position on the issue, having told Reuters earlier this month that he only agreed “in spirit” with the laws. If Zuckerberg follows through with this promise, it could have a significant impact on Facebook users around the world.

The GDPR was first proposed by the European Commission in 2012 as an update to an existing EU data privacy law, Data Protection Directive 95/46/EC, which had been on the books since 1995. The European Parliament passed its own version of the GDPR in 2014 with the Council of the European Union following suit in 2015, at which time the three bodies got together to hash out the final wording of the law. That process lasted until 2016. Now, after a 2-year post-adoption grace period, the GDPR will go into effect in May.

Once it does, it will provide an unprecedented level of privacy protection for EU citizens living both in an EU member nation or abroad. It will effectively regulate the privacy practices of any company that processes the personal data of people residing within the EU, regardless of where the company itself is located — including the cloud. That is, companies will be held responsible for the handling of the personal data they have collected from users. What’s more, it grants people the “right to be forgotten” as well as the right to request both copies of their personal data and information pertaining to how and why their data is being processed.

Users will also enjoy data portability, the ability to move their personal data from one company to another. This rule offers an interesting secondary effect that Facebook might not like. With the ability to move one’s data freely between services, it could help prevent the lock-in effect that helps companies like Facebook and Google establish insurmountable market dominance by lowering the barriers of entry for new, competing services.

The GDPR also significantly strengthens consent protections for EU residents/citizens as well. Companies will be prohibited from using “long illegible terms and conditions full of legalese, as the request for consent must be given in an intelligible and easily accessible form, with the purpose for data processing attached to that consent,” according to the GDPR website. “It must be as easy to withdraw consent as it is to give it.​”

When questioned by Congressman Gene Green about how Facebook would implement this practice in the US, Zuckerberg asserted that the FB app will include a step-by-step tool which walks users through their settings, allowing them to adjust their privacy controls as they wish. Whether users will utilize the tool in appreciable numbers remains to be seen.

To ensure companies will comply with these broad demands, the GDPR offers some serious penalties for those who would ignore the law. Infractions carry a maximum fine of 4 percent of annual global turnover (aka the company’s annual revenue) or €20 Million, whichever is greater. The penalties are tiered, mind you, with minor infractions like not having your records in order or not properly notifying authorities in the event of a data breach carrying a 2 percent fine.

To its credit, Facebook has committed to applying the GDPR benchmarks, not just “controls and settings” to all of its global network. “Overall I think regulations like this are very positive” Zuckerberg told reporters on a conference call in April. “We intend to make all the same controls available everywhere, not just in Europe.”

“Is it going to be exactly the same format? Probably not,” he continued. “We’ll need to figure out what makes sense in different markets with different laws in different places. But let me repeat this, we’re going to make all the same controls and settings available everywhere, not just in Europe.” That said, there’s no word yet on when Facebook would actually implement such changes.

From a technical standpoint, there’s not much preventing Facebook from implementing these protections worldwide. The problem, it turns out, is political. As a Facebook representative explained to Techcrunch, the GDPR protections run contrary to data collection laws in some countries which means that they can’t legally be rolled out everywhere. Still, the company remains committed to expanding the protections to as many users as it can.

While it’s all well and good that Facebook is doing the right thing for once rather than moving fast and breaking stuff, there’s no reason for governments not to implement their own data protection legislation. In fact, some local governments are already planning their own privacy bills. San Francisco supervisor Aaron Peskin announced one such bill on Tuesday which would prohibit the city from doing business with any company that does not adhere to the “the highest standards for data protection.” Details of the bill, which will go before voters in November, have not yet been released.

But even without national legislation, the US government already has a de facto data protection enforcement mechanism. It’s called the Federal Trade Commission. The FTC has aggressively pursued a number of companies including Google and Uber over the past few years using Section 5 of the FTC act which prohibits unfair or deceptive trade practices. The FTC has successfully argued that companies which have suffered data breaches violated Section 5 because said breaches were the result of the companies’ failure to adopt “reasonable” data protection schemes.

A few companies have fought against this litigation, rather than settle and issue consent decrees, including Wyndham Hotels and LabMD. These companies argue first that there is no legal definition of what constitute a “reasonable” data protection scheme and, second, that no level of cybersecurity is high enough to defend against each and every hacking attempt.

In a 2017 lawsuit against D-Link, the FTC once again invoked Section 5, arguing that the company failed to take reasonable precautions to harden its products against known and reasonable threats. The FTC charges point out that D-Link left its private key, which hackers can use to cajole machines into running malware, on a public website for six months and the company’s software suffers a known “command injection” vulnerability.

However, the case gets a bit sticky because the FTC goes on to argue that D-Link’s actions — just like LabMD’s — may cause harm to its customers. D-Link has countered, arguing that the mere potential for harm is insufficient to bring litigation. According to D-Link’s filing, “the FTC speculates that consumers were placed “at risk” to be hacked, but fails to allege, as it must, that actual consumers suffered or are likely to suffer actual substantial injuries.”

Both the D-Link and LabMD lawsuits are ongoing but illustrate the need for a legislative solution to the issue of data privacy in America, rather than having the courts craft it one case at a time. However, given the current partisan climate in Washington, passing a bill similar to the GDPR seems unlikely.

Hulu discounts its HBO add-on to $5 per month

In case it wasn’t already obvious that HBO really, really wants you to watch the second season of Westworld, Hulu just made it crystal clear. The streaming service has discounted its HBO add-on from $15 per month to just $5 ahead of Westworld’s season 2 premiere, with that rate locked in for as long as six months. It’s not certain how long the promotional price will remain in place, but a spokesperson told Variety that it’s available for a limited time. If you’re interested, you might want to act quickly — this makes a basic Hulu/HBO combo more affordable than HBO Now by itself.

The bargain comes hot on the heels of Hulu’s Spotify bundle (which you can’t use at the same time, unfortunately), and suggests the online video has a very straightforward strategy for boosting its subscriber base: lure them in with package deals that are hard to resist, even if they’re temporary. HBO’s eagerness to drive ratings no doubt helped in this case, but we could see deals like this becoming a regular occurrence as Hulu capitalizes on season premieres and other buzz-heavy events.

Via: Variety

Source: Hulu

Anti-drone tech protected a weekend of NASCAR racing

Anti-drone technology isn’t just being used at airports or sensitive political and military locations. Law enforcement just relied on DroneShield’s systems, including its anti-drone gun, to protect against UAVs during a NASCAR race series at the Texas Motor Speedway between April 5th and April 8th. The tech helped police watch out for drones, disable them and (if all else failed) knock them out of the air. There weren’t any known incidents, but it’s notable that the technology was involved in the first place — it was the first time American law enforcers used all three of DroneShield’s products.

The company is also keen to tout that it’s the “sole provider” of counter-drone hardware for NASCAR.

This isn’t the first time the company’s tech has been used at a sporting event. It played a role at the Winter Olympics in PyeongChang. However, it could set a precedent. The US government treats NASCAR races as high-security events, and it won’t be surprising if anti-drone systems become a staple at any large event where drones pose enough of a risk that organizers don’t want to depend on geofencing to keep people safe.

Via: TechCrunch

Source: DroneShield

Martin Scorsese to direct Netflix special on ‘Second City Television’

Canada’s Second City Television sketch comedy series is getting a retrospective, which will be directed by Martin Scorsese for Netflix, Variety reports. The series debuted in 1976 and ran for six seasons, featuring the likes of Martin Short, Catherine O’Hara, John Candy and Rick Moranis. It was also nominated for over a dozen Emmys after NBC picked it up in 1981, winning its first in 1982 and another the following year.

As part of the retrospective special, a panel discussion will reunite SCTV originals like Short, O’Hara, Eugene Levy, Andrea Martin, Dave Thomas and Joe Flaherty. Jimmy Kimmel will moderate the panel, titled “An Afternoon with SCTV,” which will be filmed in front of an audience in Toronto on May 13th.

Netflix scored the rights to Scorsese’s gangster film The Irishman earlier this year. It stars Robert de Niro and Al Pacino and reportedly cost over $100 million.

Via: Variety

Mastercard, Discover and Amex Ending Signature Requirement for Purchases Tomorrow, Visa to Follow Later This Month

Starting tomorrow, the major credit card companies in the United States are officially eliminating the signature requirement for purchases, marking an end to a long running but increasingly unnecessary policy.

American Express, Visa, Discover, and Mastercard first announced plans to end credit card signatures late last year, but have now confirmed to The Verge that the policy change will go into effect starting on April 13. American Express, Mastercard, and Discover all plan to stop requiring signatures tomorrow, while Visa plans to follow later in the month.

Credit and debit card companies have long required signatures for purchases as an added security measure, but with technology improvements that include contactless payments and the adoption of EMV chip technology, signatures are an outdated authentication method.

Officially eliminating signatures when making a purchase will allow for a more consistent, streamlined, and speedy checkout experience for both merchants and cardholders. It should also streamline the Apple Pay experience in the United States, as a signature can on occasion be required for purchases over $50 when using Apple Pay, a step that will be eliminated when the signature changes become official.

American Express plans to end the signature requirement in the United States and other countries around the world, while Mastercard will eliminate it in the United States and Canada. Discover plans to end signatures in the United States, Canada, Mexico, and the Caribbean, and Visa is making signatures optional in North America for companies that offer chip systems.

All merchants continue to be able to collect signatures if required to do so by an applicable law in a particular jurisdiction.
Discuss this article in our forums