The editors of Ars Technica have announced their annual "Deathwatch" list, identifying "companies, tech, and trends least likely to succeed in 2019." An anonymous reader quotes their report: The past year has been an absolute freefall for Essential.... The market was ultimately not impressed with the Essential phone, and the fire sales started almost immediately. Only two months after launch, the phone got a permanent $200 price drop, to $499. November saw deals as low as $399. Eventually, the $700 phone was discounted all the way down to $224, thanks to a mix of poor sales and a lack of consumer confidence in the company. A poorly selling phone was one thing, but things really started to look bad for Essential in May, when it was announced the company had cancelled the second generation Essential Phone. The first device took such a toll on the company that it was considering selling itself, and suddenly the future of Essential was in doubt.

While the phone was dead, in May the company said it was focusing on an upcoming smart home product and operating system. But by October, it announced that it was cutting 30 percent of its staff, and the company was pivoting away from smart home products and would try building a phone again. It will re-sell you a missing headphone jack, though. Essential's next phone -- if the company lasts that long -- is supposedly "an AI Phone That Texts People for You" according to Bloomberg. That sounds awful. On top of all that, Essential's CEO and founder Rubin has been the subject of a major sexual misconduct controversy at Google.
They also write that 2019 "is going to probably determine whether Facebook's management team will continue as it is -- or whether there's a stockholder rebellion, or a government lawsuit, or some combination of both that drives CEO Mark Zuckerberg and others out."

Also on their "Deathwatch" list are Snap, and Verizon's "AOL/Yahoo Frankenstein" -- but not Gwyneth Paltrow's Goop. "As much as we'd love to plop Goop on the 2019 Deathwatch, it is still just on our Deathwatch wish list. Goop is, in fact, thriving."

The attorney general for the District of Columbia filed a lawsuit on Wednesday against Facebook for allowing Cambridge Analytica, a political consultancy, to gain access to the names, "likes" and other personal data about tens of millions of the social site's users without their permission. From a report: The lawsuit filed by Karl Racine [PDF], confirmed Wednesday by two people familiar with the matter but not authorized to speak on record, marks the first major effort by regulators in the United States to penalize the tech giant for its entanglement with the firm. It could presage even tougher fines and other punishments still to come for Facebook as additional state and federal investigations continue.

The lawsuit comes as Facebook continues to face criticism around the world for mismanaging its users' personal information. On Friday, for example, the company admitted that some users' photos may have been improperly accessed by third-party apps. On Tuesday, new details emerged about Facebook's extensive data-sharing arrangements with corporate partners including Amazon and Spotify. The report from The New York Times quickly triggered another round of calls from Capitol Hill for the tech giant to be penalized. To that end, a person familiar with the new D.C. lawsuit said it is likely to be amended in the future to include more recent allegations of improper data collection and use.

An anonymous reader quotes a report from Techdirt: By now, of course, you're aware that the Verizon-owned Tumblr (which was bought by Yahoo, which was bought by Verizon and merged into "Oath" with AOL and other no longer relevant properties) has suddenly decided that nothing sexy is allowed on its servers. This took many by surprise because apparently a huge percentage of Tumblr was used by people to post somewhat racy content. Knowing that a bunch of content was about to disappear, the famed Archive Team sprung into action -- as they've done many times in the past. They set out to archive as much of the content on Tumblr that was set to be disappeared down the memory hole as possible... and it turns out that Verizon decided as a final "fuck you" to cut them off. Jason Scott, the mastermind behind the Archive Team announced over the weekend that Verizon appeared to be blocking their IPs. Thankfully, it didn't take long for the Archive Team to get past the blocks. Scott tweeted on Sunday: "why look at that the archiving of tumblr restarted how did that happen must be a bug surely a crack team of activist archivists didn't see an ip block as a small setback and then turned everything up to 11."

The New York Times obtained hundreds of pages of Facebook documents which were generated in 2017 that show that the social network considered these companies business partners and effectively exempted them from its privacy rules. From a report: Facebook allowed Microsoft's search engine Bing to see the names of nearly all users' friends without their consent, let Spotify, Netflix, and the Royal Bank of Canada read, write, and delete users' private messages, and see participants on a thread, allowed Amazon to get users' names and contact information through their friends, and let Yahoo view streams of friends' posts "as recently as this summer" despite publicly claiming it had stopped sharing such information a year ago, the report said. Collectively, applications made by these technology companies sought the data of hundreds of millions of people a month.

The records also show that Russian search giant Yandex, which was accused last year by Ukraine's security service for giving user data to Kremlin, also had access to Facebook's unique user IDs in 2017. A Yandex spokeswoman told the Times that the company was unaware of the access to user data provided by Facebook. Yandex did not immediately respond to BuzzFeed News' request for comment. In response to the report, Steve Satterfield, Facebook's Director of Privacy and Public Policy defended the actions of the social network.

TechCrunch has confirmed with TMZ that Colin Kroll, the 35-year-old co-founder and CEO of the HQ Trivia app and co-founder of Vine, has been found dead of an apparent drug overdose in his apartment. TMZ cites a police source saying cocaine and heroin were believed to be involved. From the report: Kroll was only named CEO of the HQ Trivia mobile game show app three months ago, replacing fellow co-founder Rus Yusupov who moved over to serve as chief creative officer. Prior to taking the CEO role Kroll served as HQ's CTO. He co-founded the startup in 2015, a few months after moving on from Vine -- the Twitter-owned short video format startup which got closed down in 2017. It's not clear who will take over the CEO role for HQ Trivia at this stage but Yusupov looks a likely candidate, at least in the interim.

Kroll started his career as a software engineer at Right Media, which went on to be acquired by Yahoo in 2006. From then until 2011, he led the engineering team in Yahoo's search and advertising tech group before joining luxury travel site Jetsetter as VP of Product -- where he went on to be promoted to CTO. In 2012 he left to start Vine with co-founders Dominik Hofmann and Yusopov.

An anonymous reader quotes a report from Ars Technica: A recent phishing campaign targeting U.S. government officials, activists, and journalists is notable for using a technique that allowed the attackers to bypass two-factor authentication protections offered by services such as Gmail and Yahoo Mail, researchers said Thursday. The event underscores the risks of 2fa that relies on one-tap logins or one-time passwords, particularly if the latter are sent in SMS messages to phones.

Attackers working on behalf of the Iranian government collected detailed information on targets and used that knowledge to write spear-phishing emails that were tailored to the targets' level of operational security, researchers with security firm Certfa Lab said in a blog post. The emails contained a hidden image that alerted the attackers in real time when targets viewed the messages. When targets entered passwords into a fake Gmail or Yahoo security page, the attackers would almost simultaneously enter the credentials into a real login page. In the event targets' accounts were protected by 2fa, the attackers redirected targets to a new page that requested a one-time password. "In other words, they check victims' usernames and passwords in realtime on their own servers, and even if 2 factor authentication such as text message, authenticator app or one-tap login are enabled they can trick targets and steal that information too," Certfa Lab researchers wrote. "We've seen [it] tried to bypass 2fa for Google Authenticator, but we are not sure they've managed to do such a thing or not," the Certfa representative wrote. "For sure, we know hackers have bypassed 2fa via SMS."

An anonymous reader quotes a report from Bloomberg: Verizon is conceding defeat on its crusade to turn a patchwork of dot-com-era businesses into a thriving online operation. The wireless carrier slashed the value of its AOL and Yahoo acquisitions by $4.6 billion, an acknowledgment that tough competition for digital advertising is leading to shortfalls in revenue and profit. The move will erase almost half the value of the division it had been calling Oath, which houses AOL, Yahoo and other businesses like the Huffington Post. The revision of the Oath division's accounting leaves its goodwill balance -- a measure of the intangible value of an acquisition -- at about $200 million, Verizon said in a filing Tuesday. The unit still has about $5 billion of assets remaining. Verizon also announced yesterday that 10,400 employees are taking buyouts to leave the company. The cuts are "part of an effort to trim the telecom giant's workforce ahead of its push toward 5G," TechCrunch reported.

Flippy, a burger-flipping robot that's been trialed in a number of restaurants this year, is coming to Walmart's headquarters in Bentonville, Arkansas, to see whether or not it's the right fit for its in-store delis. Yahoo News reports: Flippy is the world's first autonomous robotic kitchen assistant powered by artificial intelligence from Miso Robotics, a two-year-old startup. Flippy got a gig at Dodger Stadium in Los Angeles with vending food service company Levy Restaurants, part of Compass Group, to fry up chicken tenders and tater tots. Through the World Series, Flippy churned out 17,000 pounds worth of the fried foods. It's able to fry up to eight baskets of food simultaneously. "Walmart saw what we were doing and said, 'Could you bring Flippy from Dodgers Stadium to our Culinary Institute?'" Miso Robotics CEO David Zito told Yahoo Finance.

In practice, a Walmart associate would place a frozen product on the rack. Using visual recognition technology, Flippy identifies the food in the basket and sets it in the cooking oil. The machine then "agitates" the basket by shaking it to make sure the product cooks evenly. When the food is finished cooking, Flippy moves the basket to the drip rack. An associate then tests the food's internal temperature. A few minutes later, the associate can season the food before it hits the hot display case. The reason Walmart is looking at the robot is so it can do some of the more mundane and repetitive tasks at the deli. The robot is supposed to serve as an "extra set of hands," letting the associate spend less time putting potato wedges and chicken tenders in fryers and more time on other services like taking customer orders and prepping other foods.

Linux.org reports: Wednesday afternoon around 5pm EST someone was able to get into the registrar account for our domain and point DNS to another server -- as well as lock us out from changing it. They pointed the domain name to a pretty rude page for most of the evening until Cloudflare stepped in and blocked the domain for us.

After a lot of back and forth with our registrar, we were able to get things back under our control. I'd like to point out that our server environment was not touched so there are no worries about your data. We've gone over security protocols and are tightening things up that may have slipped through in the past. Thanks for your support!
Linux.org apparently pointed to a page exclaiming "G3T 0WNED L1NUX N3RDZ", which also included a NSFW picture, some abusive language, a shout-out to recently-deceased programmer Terry Davis, and a link to an article about Linus Torvalds' controversial apology for "his hostile behavior towards others in the community."

Long-time Slashdot reader Grady Martin says he also saw the page pointing to "presumably doxed info" about the creator of Linux's code of conduct, a fact confirmed by a report in the Register. "As for how it was hacked, [Linux.org owner Mike] McLagan blames the public Whois displaying his partner's email address -- presumably the hacker worked their way into the Yahoo email account listed as the admin of the site and from there requested a password change in her Network Solutions account to gain access to the domain."

CV Compiler is a new web app that uses machine learning to analyze and repair your technical resume, "allowing you to shine to recruiters at Google, Yahoo and Facebook," reports TechCrunch. "The app essentially checks your resume and tells you what to fix and where to submit it," reports TechCrunch. "It's been completely bootstrapped thus far and they're working on new and improved machine learning algorithms while maintaining a library of common CV fixes." From the report: "There are lots of online resume analysis tools, but these services are too generic, meaning they can be used by multiple professionals and the results are poor and very general. After the feedback is received, users are often forced to buy some extra services," said Andrew Stetsenko. "In contrast, the CV Compiler is designed exclusively for tech professionals. The online review technology scans for keywords from the world of programming and how they are used in the resume, relative to the best practices in the industry."

The product was born out of Stetsenko's work at GlossaryTech, a Chrome extension that helps users understand tech terms. He used a great deal of natural language processing and keyword taxonomy in that product and, in turn, moved some of that to his CV service. "We found that many job applications were being rejected without even an interview, because of the resumes. Apparently, 10 seconds is long enough for a recruiter to eliminate many candidates," he said.

Tumblr has reportedly been removed from Apple's App Store due to child pornography issues. "The app has been missing from the store since November 16th, but until now the reason for its absence was unclear -- initially Tumblr simply said it was 'working to resolve the issue with the iOS app,'" reports The Verge. "However, after Download.com approached Tumblr with sources claiming that the reason was related to the discovery of child pornography on the service, the Yahoo-owned social media network issued a new statement confirming the matter." From the report: In its updated statement, Tumblr said that while every image uploaded to the platform is "scanned against an industry database of child sexual abuse material" to filter out explicit images, a "routine audit" discovered content that was absent from the database, allowing it to slip through the filter. Although Tumblr says the content was immediately removed, its app continues to be unavailable on the App Store. It's still available in the Google Play store for Android users, however.

Mark Wilson writes: Ads in your inbox. Sounds like something you'd expect from the likes of Google or Yahoo, but Microsoft appears to be about to get in on the act as well. And we're not talking about online ads in your Outlook.com account -- we're talking about ads in the Mail app that's included with Windows 10. A new report says that Microsoft is currently testing ads with Windows Insiders, so it could be just a matter of time before they spread wider. In a support page, spotted first by news outlet Thurrott, Microsoft says, "Consistent with consumer email apps and services like Outlook.com, Gmail, and Yahoo Mail, advertising allows us to provide, support, and improve some of our products. We're always experimenting with new features and experiences. Currently, we have a pilot running in Brazil, Canada, Australia, and India to get user feedback on ads in Mail."

Update: ZDNet reports that Calendar app for Windows 10 is getting the same treatment.

An anonymous reader quotes Yahoo Finance: The dating site eharmony is hoping to launch a chatbot to stop people from ghosting, or cutting off communication with potential matches, CEO Grant Langston exclusively tells Yahoo Finance. The would-be feature, which eharmony has yet to start development on, would pop up in the user interface after an online conversation with another user drops off after several days or weeks. The dating bot could analyze information on both users' dating profiles and recommend they reinitiate contact by prompting them to "Say something" or suggesting something more helpful... . "It's astounding really how many people need help. We think we can do that in an automated way..."

Langston acknowledges the business has a lot to troubleshoot with the feature before it eventually rolls it out, including addressing possible user concerns around user privacy. While having a feature like the date bot could hypothetically increase the odds of a user scoring that first date, it could also unnerve some other users wondering how their prospective suitor knew to ask about their favorite musician, movie or music to begin with. Such concerns could theoretically call for privacy options regulating what kind of profile information the bot can grab and serve up as an icebreaker. The dating site could also decide to generally reign in what the dating bot suggests based on user testing. "Just because you can doesn't necessarily mean you should do," adds Langston.
Meanwhile, a Michigan-based startup has launched what one alternative newsweekly describes as a "Yelp for humans" -- a new browser extension that syncs with a user's pre-existing dating profile on sites like Match.com, OkCupid, PlentyOf Fish, eHarmony, Zoosk or Badoo. "Once installed, a user can leave anonymous comments regarding someone's profile based on dates or interactions gone wrong and those comments can be viewed by other DateAha! users to better inform whether or not the person is a total creep."

And of course, Facebook is testing a new dating app in two more countries, People reports. In order to use the new online dating service, Facebook users will be tasked with creating a new profile that will exist separately from the one that all of your friends and family can see... The dating service will send you suggested matches based "on your preferences, interests, and things you do on Facebook," but the app won't try to make a love connection with any of your Facebook friends (or anybody you have blocked), Facebook promises... You will also have the ability to block or hide anybody -- including specific friends of friends -- from your suggested matches.

The U.S. Supreme Court on Monday refused a request by the Trump administration and the telecommunications industry to wipe away a lower court decision that had upheld Obama-era net neutrality rules aimed at ensuring a free and open internet. The justices' action, however, does not undo the 2017 repeal of the policy. A report adds: The Federal Communications Commission's 2015 order to impose net neutrality rules and strictly regulate broadband was already reversed by Trump's pick for FCC chairman, Ajit Pai. But AT&T and broadband industry lobby groups were still trying to overturn court decisions that upheld the FCC order. A win for the broadband industry could have prevented future administrations from imposing a similarly strict set of rules. The Trump administration supported the industry's case, asking the US Supreme Court to vacate the Obama-era ruling.

But the Supreme Court today said it has denied petitions filed by AT&T and broadband lobby groups NCTA, CTIA, USTelecom, and the American Cable Association. Four of nine justices must agree to hear a case, but only three voted to grant the petitions. Further reading: Reuters and Variety.

Each day, thousands of people from places like Kibera, Africa's largest slum and one of the toughest neighborhoods on earth, commute to an office of Samasource in the east side of Nairobi. The San Francisco-headquartered company occupies four floors of a business park building, with vast banks of computers being used for the job of training data. Google, Microsoft, Salesforce and Yahoo are among the clients of Samasource. What exactly do these people do at Samasource? Its clients won't say, but BBC reports that the "information prepared here forms a crucial part of some of Silicon Valley's biggest and most famous efforts in AI." From the report: [...] Brenda loads up an image, and then uses the mouse to trace around just about everything. People, cars, road signs, lane markings -- even the sky, specifying whether it's cloudy or bright. Ingesting millions of these images into an artificial intelligence system means a self-driving car, to use one example, can begin to "recognise" those objects in the real world. The more data, the supposedly smarter the machine. She and her colleagues sit close -- often too close -- to their monitors, zooming in on the images to make sure not a single pixel is tagged incorrectly. Their work will be checked by a superior, who will send it back if it's not up to scratch. For the fastest, most accurate trainers, the honor of having your name up on one of the many TV screens around the office. And the most popular perk of all: shopping vouchers.

It's the kind of technological progress that will likely never be felt in a place like Kibera. As Africa's largest slum, it has more pressing problems to solve, such as a lack of reliable clean water, and a well-known sanitation crisis. But that's not to say artificial intelligence can't have a positive impact here. We drove to one of Kibera's few permanent buildings, found near a railway line that, on this rainy day, looked thoroughly decommissioned by mud, but has apparently been in regular use since its colonial inception.

Almost exactly a year ago, this building was the dividing line between stone-throwing rioters and the military. Today, it's a thriving hub of activity: a media school and studio, something of a cafeteria, and on the first floor, a room full of PCs. Here, Gideon Ngeno teaches around 25 students the basics of using a personal computer. What's curious about this process is that digital literacy is high, even in Kibera, where smartphones are common and every other shop is selling chargers and accessories, which people buy using the mobile money system MPesa.

In 2011, Iran was able to use Google's search functionality to hack into a secret CIA communication network that was being used to contact agents and informants around the world -- a breach that appears to have triggered the exposure and execution of Agency sources in China and Iran, Yahoo News reported Friday.

US Attorney General Jeff Sessions announced charges Thursday against Chinese and Taiwan companies for theft of an estimate $8.75 billion worth of trade secrets from US semiconductor giant Micron. From a report: Sessions said the case was the latest in a series that are part of a state-backed program by Beijing to steal US industrial and commercial secrets. "Taken together, these cases and many others like them paint a grim picture of a country bent on stealing its way up the ladder of economic development and doing so at American expense," Session said. "This behavior is illegal. It is wrong. It is a threat to our national security. And it must stop." The indictment released in the US district court in San Jose, California alleges that Chinese state-owned Fujian Jinhua Integrated Circuit Co. and privately owned United Microelectronics Corporation of Taiwan, along with three UMC executives, conspired to steal Micron trade secrets to help UMC and Fujian Jinhua develop DRAM chips used in many computer processors. It said the three Taiwanese men -- Stephen Chen Zhengkun, He Jianting and Kenny Wang Yungming -- all previously worked at Micron and stole its technology when they joined UMC with the express purpose of transferring it to Fujian Jinhua, a two-year-old firm. Chen was originally a top executive at Micron, then moved to lead UMC, and subsequently became president of Fujian Jinhua.

Flickr announced a handful of updates to its platform and business model today -- the first major changes since SmugMug acquired the photo-hosting community from Oath earlier this year. From a report: Arguably the most interesting -- and welcome -- facet of today's announcement is that Flickr will no longer require users to sign-in with their Yahoo account credentials. However, not all the news is good -- those with free accounts will no longer have 1 terabyte of storage for all their photos. Many people speculated about what would happen to the formerly Yahoo-owned image-hosting platform when Yahoo became part of Verizon's family in 2017. While Verizon bundled AOL and Yahoo under the Oath banner, Flickr started shedding features and services, and its future did not look bright. But Flickr still claims north of 100 million monthly users, which is why SmugMug came a-callin' in April. In short, Flickr still holds a lot of potential if managed correctly.

Fast-forward to today, and Flickr has now revealed its new model for free and Pro-account users. Ditching Yahoo accounts from the log-in page will almost the most welcome part of today's news for millions, and as SmugMug notes in its announcement, it is among the most requested changes it has had since it took over Flickr. The change won't take affect until January, 2019, however, so for now a Yahoo account is still mandatory.

Yahoo has agreed to pay $50 million in damages and provide two years of free credit-monitoring services to 200 million people whose email addresses and other personal information were stolen as part of the biggest security breach in history. "The restitution hinges on federal court approval of a settlement filed late Monday in a 2-year-old lawsuit seeking to hold Yahoo accountable for digital burglaries that occurred in 2013 and 2014, but weren't disclosed until 2016," reports ABC News. From the report: Claims for a portion of the $50 million fund can be submitted by any eligible Yahoo accountholder who suffered losses resulting from the security breach. The costs can include such things as identity theft, delayed tax refunds or other problems linked to having had personal information pilfered during the Yahoo break-ins. The fund will compensate Yahoo accountholders at a rate of $25 per hour for time spent dealing with issues triggered by the security breach, according to the preliminary settlement. Those with documented losses can ask for up to 15 hours of lost time, or $375. Those who can't document losses can file claims seeking up to five hours, or $125, for their time spent dealing with the breach. Yahoo accountholders who paid $20 to $50 annually for a premium email account will be eligible for a 25 percent refund.

The free credit monitoring service from AllClear could end up being the most valuable part of the settlement for most accountholders. The lawyers representing the accountholders pegged the retail value of AllClear's credit-monitoring service at $14.95 per month, or about $359 for two years -- but it's unlikely Yahoo will pay that rate. The settlement didn't disclose how much Yahoo had agreed to pay AllClear for covering affected accountholders.

Germany is backing a global minimum tax rate as Europe looks to levy tax notably on U.S. tech giants. "Europe is trying to devise a strategy to tax profits from the likes of Google, Amazon, Facebook, Apple and digital platforms such as YouTube and Airbnb which currently manage to keep fiscal exposure to a bare minimum," reports Yahoo News. From the report: "We need a minimum tax rate valid globally which no state can get out of (applying)," Scholz, a social democrat in conservative Chancellor Angela Merkel's coalition government, told the "Welt am Sonntag" weekly. Digital platforms "aggravate a problem which we know well from globalization and which we are trying to counter -- the shifting of profits to fiscally beneficial regions," said Scholz. Scholz explained he had launched an initiative designed to help states react to so-called fiscal dumping in support of embryonic OECD plans designed to fight tax transparency and cross-border tax evasion. "We require coordinated mechanisms which prevent the displacement of revenues to tax havens," said Scholz. A March proposal by the Commission includes introducing a tax as a bridge measure until such time as the OECD can roll out a measure which can be applied globally.