Connect with us

Technology

Google herds FLoC back to the lab for undisclosed ad tech modifications • The Register

Voice Of EU

Published

on

Google has decided to let the initial test of its FLoC ad technology conclude in a few days to work on improvements but isn’t inclined to share feedback from test participants.

Privacy advocates would prefer if the online ad giant provided more insight into the test results, since Google’s ongoing ad infrastructure rewrite affects every internet business and internet user, not to mention the digital ad industry generating $350bn annually.

FLoC stands for Federated Learning of Cohorts and promises a way to divide browser users into interest groups so they can be presented with interest-based ads without revealing personal information to advertisers. It’s one proposal among many, collectively referred to as the Privacy Sandbox, intended to repackage targeted advertising technology so it can continue amid tighter privacy laws and technical limitations like the eventual discontinuation of third-party cookies.

Google last month bought itself another year-and-a-half or so to develop and deploy its Privacy Sandbox systems by pushing back the date when it will drop support for third-party cookies – a current mechanism by which ads get targeted that has fallen out of favor. And it now appears the search ad giant intends to take advantage of the extra time to make its Privacy Sandbox less of a sieve.

Google’s FLoC “Origin Trial,” which began in March, is set to conclude on July 13. During that period, things have not gone well. Privacy advocates have spotted potential concerns and rival browser makers have declared their disinterest in the technology.

While those participating in the trial – web publishers, ad tech companies, and the like – have expressed interest in extending the test, Google opted to retreat and regroup.

“We’ve decided not to extend this initial Origin Trial,” said senior software engineer Josh Karlin in a forum post last week. “Instead, we’re hard at work on improving FLoC to incorporate the feedback we’ve heard from the community before advancing to further ecosystem testing.”

F-words all round

Then on Wednesday, in a Web Commerce Interest Group (WCIG) meeting on a related Privacy Sandbox proposal called First Locally-Executed Decision over Groups Experiment (FLEDGE), Google mathematician Michael Kleber said while comments about FLoC made through public channels exist, the company doesn’t intend to disclose private feedback from those testing the technology.

“The main summary of that feedback will be the next version, and you can surmise based on what features (and the reasoning for these changes) are available in the next version,” Kleber explained, according to the meeting transcript.

Via Twitter, Dr Lukasz Olejnik, independent privacy researcher and consultant, questioned that approach, asking whether the public is just supposed to guess what was said by interpreting technical changes.

Kleber responded, “We write extensively about all the design aspects of our proposals! And we get lots of feedback, which is often public. But when people give us private feedback, we don’t publish it.”

In an email to The Register, Olejnik said the frontal critique of FLoC has clearly made a strong impression and that he expects Google’s design and development teams will take advantage of the extra time to revise the technology.

“FloC greatly suffered due to an apparent lack of coherent PR/communications, or ideas for the privacy lines to adopt,” he said. “It may also seem as if some strategic mistakes happened here as well. [Whether that’s] because of the initial desire to move at an impressively rapid pace is anyone’s guess.”

Olejnik said he wondered whether it makes sense to not describe the nature of changes made to the Privacy Sandbox in response to feedback. “I would consider that such explanations would be helpful, and leaving analysts to decipher the rationale from the design decisions is pretty non-transparent,” he said.

‘Tone deaf and too clever by half’

In a phone interview with The Register, Ashkan Soltani, a privacy researcher and former Federal Trade Commission technologist, said Google’s approach to FLoC was typical for the company, “tone deaf and too clever by half in that it tries to engineer a solution to a human problem and misses the mark.”

The issue people have is not with cookies per se, he said, “the thing people take issue with is the passive collection and inference of their preferences. FLoC does that by default and broadcasts those to more sites because it’s based on a first-party context. It further perpetuates a business model that people have problems with.”

The challenge Google faces to have people accept its Privacy Sandbox vision is that the regulatory and competitive environment is a lot more complicated now than it was when the web was being invented and technical decisions could be made by fiat.

Soltani pointed to how the decision of a single Netscape engineer to allow third-party cookies to be set by default laid the groundwork for the ad industry.

“For better or worse, the negative externalities and problems the industry created with privacy and divisive content, all those things weren’t pondered at the time,” he explained. “Now those decisions need to be more careful. Where you draw that line and how you draw that line affects billions of dollars.”

Further complicating the situation is pushback from existing ad tech companies that profit from the status quo. Soltani pointed to the efforts of James Roswell, CEO of data service biz 51degrees, to shape web standards in a way that suits marketers.

“His group is responsible for the lawsuit [against Google] by the UK Competition and Markets Authority (CMA),” said Soltani. “He has been incredibly successful and problematic in the W3C process in terms of finding ways to disrupt and undermine the standards making process.”

Soltani also pointed out that the W3C leadership has been trying to expand its dues paying membership, which has brought more ad tech firms into the standards-making process.

That’s made the voices of the few organizations advocating for internet users harder to hear. And one of those organizations, Mozilla, has become less vigorous in its defense of privacy.

“Mozilla has been slow to adapt and has not engaged,” Soltani said, attributing the shift in part to layoffs that affected its policy team. “It’s been playing a wait-and-see strategy. The one saving grace [in terms of user-focused advocacy in the standards process] has been Apple and folks like [WebKit engineer] John Wilander.”

“You can’t be blind to the fact that who can participate [in the standards process] and how much time they have will dictate outcomes,” he said. “At the end of the day, I do think while standards are important, as they bleed into policy debates, there’s a question to the transparency and legitimacy of the standards making process if it’s skewed to [W3C] members.”

In other words, if there are concerns about FLoC, perhaps they should be disclosed to the public and addressed in the open. ®



Source link

Technology

Microsoft vulnerabilities down for 2021 • The Register

Voice Of EU

Published

on

Despite a record number of publicly disclosed security flaws in 2021, Microsoft managed to improve its stats, according to research from BeyondTrust.

Figures from the National Vulnerability Database (NVD) of the US National Institute of Standards and Technology (NIST) show last year broke all records for security vulnerabilities. By December, according to pentester Redscan, 18,439 were recorded. That’s an average of more than 50 flaws a day.

However just 1,212 vulnerabilities were reported in Microsoft products last year, said BeyondTrust, a 5 percent drop on the previous year. In addition, critical vulnerabilities in the software (those with a CVSS score of 9 or more) plunged 47 percent, with the drop in Windows Server specifically down 50 percent. There was bad news for Internet Explorer and Edge vulnerabilities, though: they were up 280 percent on the prior year, with 349 flaws spotted in 2021.

BeyondTrust commented that analysis had been simplified by Microsoft’s move to the Common Vulnerability Scoring System (CVSS), although an unfortunate side effect meant that security gurus can now determine the impact of administrative rights on critical vulnerabilities.

“From 2015 to 2020,” said the report, “removing admin rights could have mitigated, on average, 75 percent of critical vulnerabilities.”

It’s a very good point: keeping permissions to the bare minimum is excellent practice, although difficult to enforce.

The decline in vulnerabilities marks a change for Microsoft. In 2016, the count of vulnerabilities stood at 451, according to the report. By 2020 they had leapt to 1,268. A drop, even if only to 1,212, is a first. It’s just as well since between 2019 and 2020, there was a 48 percent rise in vulnerabilities year on year.

And the trendiest categories are…

The report also drilled into vulnerability categories. Topping the table with 326 and 588 vulnerabilities respectively were Remote Code Execution and Elevation of Privilege flaws, with the latter up from 559 in 2020. RCE was itself down in 2021 from 345 in the prior year.

Explaining the apparent explosion in Edge and Internet Explorer numbers (349 vulnerabilities up from 92 in 2020), BeyondTrust pointed to a consolidation in the browser market and a renewed focus on browser attacks as exploited plugins (such as Flash) were dropped and bug bounties made reporting vulnerabilities more financially attractive. It also pointed out that only six were critical (a record low).

The decline in Windows vulnerabilities was attributed to Microsoft’s efforts to improve the security architecture of its supported products, as was the fall in Windows Server holes. The move from security as an afterthought to something front and center is also a factor, even if it has taken a few iterations of operating systems.

That said, there were some spectacular holes in the company’s products during 2021. Last year’s Exchange Server vulnerabilities, for example, left many administrators scrambling to patch systems. 2021’s stability, from the standpoint of Microsoft’s vulnerabilities, must be considered alongside the rapid rises of previous years.

As the report authors note, simply patching the problems might not deal with the underlying issues. Removing admin rights and privileges also play a part in reducing the attack surface. ®

Source link

Continue Reading

Technology

Ford’s new car safety tech can automatically reduce vehicle speed

Voice Of EU

Published

on

The new Ford Geofencing Speed Limit Control system alerts a driver when the car breaks a speed limit – then slows down the vehicle.

Speed limit signs may soon be a thing of the past as Ford is now trialling connected vehicle technology that can automatically reduce a car’s speed in certain zones to improve road safety.

Up to 29pc of all road fatalities in Europe, depending on the country, are pedestrians and cyclists, according to a 2020 report by the European Transport Safety Council. Setting up speed limits in certain areas is one of the frontline measures to minimise road accidents.

Future Human

Now, US carmaker Ford is testing its new Geofencing Speed Limit Control system across two German cities, Cologne and Aachen, to see if the technology can help in making roads safer, preventing fines for drivers and improving the appearance of roadsides.

A geofence is a virtual parameter in a real-world area. It is often used by mobility companies and start-ups, such as Ireland’s Zipp Mobility, to identify and enforce low-speed zones in cities.

How does it work?

Ford’s new system uses geofencing technology to alert a driver through the dashboard when the vehicle enters an area with a designated speed limit. It then lowers the vehicle speed to match the limit automatically.

However, the driver can override the automated system and deactivate speed limit control at any time. They can also use the technology to set their own geofencing zones at speed as low as 20kmph.

“Connected vehicle technology has the proven potential to help make everyday driving easier and safer to benefit everyone, not just the person behind the wheel,” said Michael Huynh, manager of City Engagement Germany at Ford Europe.

“Geofencing can ensure speeds are reduced where – and even when – necessary to help improve safety and create a more pleasant environment.”

Ford already has in-built assistance technologies that help drivers ensure they are abiding by speed limits. However, the new geofencing speed limit control system is the first that can automatically reduce a vehicle’s speed without the driver’s intervention.

Eyes on the road

The year-long trial that runs until March 2023 is collaboration between the Ford City Engagement team, city officials in Cologne and Aachen, and Ford software engineers in Palo Alto, California.

Together with colleagues in Aachen, the Palo Alto engineers developed technology that connects the vehicle to the geofencing system for GPS tracking and data exchange.

Germany has more than 1,000 types of road signs, which can often confuse drivers and distract them from the road ahead. Geofencing technologies such as the new Ford system can help drivers stay focused.

“Our drivers should benefit from the latest technical support, including geofencing based assistant systems that enable them to keep to the speed limits and fully concentrate on the road,” said Dr Bert Schröer of AWB, a Cologne waste disposal company involved in the trial.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Source link

Continue Reading

Technology

Pushing Buttons: Why linking real-world violence to video games is a dangerous distraction | Games

Voice Of EU

Published

on

Welcome to Pushing Buttons, the Guardian’s gaming newsletter. If you’d like to receive it in your inbox every week, just pop your email in below – and check your inbox (and spam) for the confirmation email.

Sign up for Pushing Buttons, our weekly guide to what’s going on in video games.

Remember how, in the wake of yet more awful shootings in the US this month, Fox News decided to blame video games rather than, you know, the almost total absence of meaningful gun control? Remember how I said last week that the video-games-cause-violence “argument” was so mendacious and nakedly manipulative that I wasn’t going to dignify it with a response?

Well, here I am, responding, because the supposed link between video games and real-life violence is one of the most persistent myths that I’ve encountered over the course of my career, and it has an interesting (if also infuriating) history.

Many video games have violent content, just as many films and TV series have violent content (and of course many books, as anyone who has endured a Bret Easton Ellis novel will attest). And it makes intuitive sense that the interactivity of games – especially shooting games – might appear more troubling, from the outside, than passive media such as film. (I gotta say, though, that in 25 years of playing video games I have never seen a scene as violent or upsetting as, say, a Quentin Tarantino movie.)

But the idea that exposure to these violent games turns people into killers in real life is comprehensively false – and it deflects attention from the actual drivers of real-world violence, from inequality to access to firearms to online radicalisation. It is a very politically motivated argument, and one that makes me instantly suspicious of the person wielding it. The NRA, for instance, trots it out on the regular. Donald Trump, inciter of actual real-life violent riots, was fond of it too. Why might that be, I wonder?

First, the facts: there is no scientifically credible link between video games and real-life violence. A lot of the studies around this issue are, in a word, bad – small sample sizes, lab conditions that have no relation to how people engage with games in the real world – but the best we have show either no link at all between violent games and violent thoughts or behaviour, or a positive correlation so minuscule as to be meaningless. A review of the science in 2020, which looked at and re-evaluated 28 global studies of video games and violence, found no cumulative harm, no long-term effect, and barely even any short-term effect on aggression in the real world. It concluded that the “long-term impacts of violent games on youth aggression are near zero”.

This seems self-evident: video games have been a part of popular culture for at least 50 years, since Pong, and violent games have existed in some form since Space Invaders, though they’ve gotten more visually realistic over time. If video games were in some way dangerous – if they significantly affected our behaviour, our emotional responses – you would expect to have seen widespread, cross-cultural changes in how we act. That is demonstrably not the case. Indeed, overall, violent crime has been decreasing for more than 20 years, the exact period of time during which games have become ubiquitous. Though it would be unscientific to credit video games with that effect, you would think that if the generations of people who’ve now played Doom or Call of Duty or Grand Theft Auto were warped by it, we might be seeing some evidence of that by now.

It is true that some perpetrators of mass murders – such as the Columbine shooters – were fans of video games. But given that the great majority of teenagers are fans of video games, that doesn’t mean much. More often than a fixation on violent media – of all kinds – mass shooters display an obsession with weapons or explosives or real-life killers, an interest in extremist views, social ostracisation. These are not otherwise well-adjusted people suddenly compelled to real-world violence by a game, or a film, or a Marilyn Manson album.

The history of the “video games cause violence” argument goes back even further than video games themselves: it’s an extension of the panic that flares up whenever a new and supposedly morally abject form of youth culture emerges. In the 1940s, when New York’s mayor ordered 2,000 pinball machines to be seized so that he could performatively smash them up, it was arcades; during the satanic panic of the 1980s and beyond, it was metal music. Since the mid to late 90s, it’s been video games, and no amount of studies debunking any link between them and real-world violence seems to make a difference.

So why does this argument keep showing up? In short: because it’s an easy scapegoat that ties into older generations’ instinctive wariness of technology, screen time and youth culture, and it greatly benefits institutions like the NRA and pro-gun politicians to have a scapegoat. Whenever video games are implicated in a violent event, there is usually stunning hypocrisy on display. After the El Paso shooting in 2019, Walmart removed violent video game displays from its stores – but continued to sell actual guns. Fox News, the TV network that platforms Tucker Carlson and the great replacement theory with him, is happy to point out that the perpetrator of a mass shooting played video games, while remaining oddly quiet on the racist ideas that show up in these shooters’ manifestos.

I’m not saying that we shouldn’t examine video game violence at all, or question it. Does every game that involves sneaking up on enemies need a gratuitous neck-breaking animation when you succeed in overpowering a guard? Why do games so often resort to violence as the primary method of interaction with a virtual world? Do we really need more violent media – couldn’t we be playing something more interesting than another military shooter? These are valid and interesting questions. But they have nothing to do with real-world violence.

What to play

‘The most interesting anti-violent video game I’ve played’. This week, we recommend 2015’s Undertale
‘The most interesting anti-violent video game I’ve played’. This week, we recommend 2015’s Undertale Photograph: Toby Fox

Back in 1994, video game magazine Edge ended its review of Doom with this infamous line: “If only you could talk to these creatures, then perhaps you could try and make friends with them, form alliances… Now that would be interesting.” Nearly 30 years later, “talk to the monsters” jokes and memes still crop up, even if nobody remembers where it originally came from.

Turns out that reviewer had a point, though, as proved by 2015’s Undertale, probably the most interesting anti-violent video game I’ve played. In this lo-fi role-playing game, you get into fights with plenty of monsters, but instead of battering them into submission you can win them over by talking them down and showing them mercy, which is often the more difficult option. In most games, there’s no question about what you do when a monster turns up in your path: this one makes you interrogate yourself. I interpreted it at the time as social commentary on pacifism and community, and looking back, I don’t think that was too much of an overreach.

Available on: PC, PlayStation 4, Xbox One, Nintendo Switch
Approximate play time: 6-10 hours

What to read

  • I’m going to start with a book this time: Lost in a Good Game: Why We Play Video Games and What They Can Do For Us, by Pete Etchells. A researcher and lecturer in biological psychology, Etchells’ perspective on video games is both relatable and extremely well-informed. He looks at the evidence (or lack of evidence) behind all the most pervasive beliefs about video games, and in the end he makes the case that most of the effects that they have on individuals and society are actually positive. It’s a reassuring read that I often recommend to worried parents who don’t play games themselves.

  • Grand Theft Auto V, perhaps the poster child for morally bankrupt video games that supposedly corrupt the youth, has now sold 165 million copies, following its launch on PS5 and Xbox Series X earlier this year. This makes it one of the most popular entertainment products of all time in any medium, and yet strangely, in the nine years since it was released, we have not seen the emergence of roving gangs of teenagers looking to act out their chaotic GTA Online shootouts in real life. Funny that.

What to click

Gibbon: Beyond the Trees review – short, simple and lovely to play

Activision Blizzard’s Raven Software workers vote to form industry’s first union

Question Block

Will return next week. If you have anything you’d like me to answer, just email me on pushingbuttons@theguardian.com!

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!