An anonymous reader quotes a report from TechCrunch: The ransomware gang that hacked into U.S. health tech giant Change Healthcare used a set of stolen credentials to remotely access the company's systems that weren't protected by multifactor authentication (MFA), according to the chief executive of its parent company, UnitedHealth Group (UHG). UnitedHealth CEO Andrew Witty provided the written testimony ahead of a House subcommittee hearing on Wednesday into the February ransomware attack that caused months of disruption across the U.S. healthcare system. This is the first time the health insurance giant has given an assessment of how hackers broke into Change Healthcare's systems, during which massive amounts of health data were exfiltrated from its systems. UnitedHealth said last week that the hackers stole health data on a "substantial proportion of people in America." According to Witty's testimony, the criminal hackers "used compromised credentials to remotely access a Change Healthcare Citrix portal." Organizations like Change use Citrix software to let employees access their work computers remotely on their internal networks. Witty did not elaborate on how the credentials were stolen. However, Witty did say the portal "did not have multifactor authentication," which is a basic security feature that prevents the misuse of stolen passwords by requiring a second code sent to an employee's trusted device, such as their phone. It's not known why Change did not set up multifactor authentication on this system, but this will likely become a focus for investigators trying to understand potential deficiencies in the insurer's systems. "Once the threat actor gained access, they moved laterally within the systems in more sophisticated ways and exfiltrated data," said Witty. Witty said the hackers deployed ransomware nine days later on February 21, prompting the health giant to shut down its network to contain the breach. Last week, the medical firm admitted that it paid the ransomware hackers roughly $22 million via bitcoin. Meanwhile, UnitedHealth said the total costs associated with the ransomware attack amounted to $872 million. "The remediation efforts spent on the attack are ongoing, so the total costs related to business disruption and repairs are likely to exceed $1 billion over time, potentially including the reported $22 million payment made [to the hackers]," notes The Register.

Read more of this story at Slashdot.

Large swathes of Asia are sweltering through a heatwave that has topped temperature records from Myanmar to the Philippines and forced millions of children to stay home from school. From a report: In India, record temperatures have triggered a deadly heatwave and concerns about voter turnout in the nation's marathon election. Extreme heat has also forced Bangladesh to close all schools across the country. Extreme temperatures have also been recorded in Myanmar and Thailand, while huge areas of the Philippines are suffering from a drought. Experts say climate change has made heatwaves more frequent, longer and more intense, while the El Nino weather phenomenon is also driving this year's exceptionally warm weather. Approximate voter turnout data after polls closed on April 26 in India -- when stage two of the nation's seven-stage general election took place -- put voter turnout at 61 per cent. This was lower than the 65 per cent in the first phase, and 68 per cent in the second phase five years ago. Among the states that headed to the polls last week was Kerala in the south, where media reports on April 29 said that at least two people -- a 90-year-old woman and a 53-year-old man -- were suspected to have died of heatstroke. Temperatures in Kerala soared to 41.9 deg C, nearly 5.5 deg C above normal temperatures. At least two people have also died in India's eastern state of Odisha, where temperatures hit 44.9 deg C on April 28 -- the highest recorded in April. In neighbouring Bangladesh, students will continue to stay home this week, after schools across the country were ordered shut on April 29. A two-judge bench of the country's High Court passed an order directing all primary and secondary schools and madrasahs (Islamic schools) nationwide to remain closed till May 5, affecting an estimated 32 million students.

Read more of this story at Slashdot.

The Supreme Court on Tuesday refused to block on free speech grounds a provision of Texas law aimed at preventing minors from accessing pornographic content online. From a report: The justices turned away a request made by the Free Speech Coalition, a pornography industry trade group, as well as several companies. The challengers said the 2023 law violates the Constitution's First Amendment by requiring anyone using the platforms in question, including adults, to submit personal information. One provision of the law, known as H.B. 1181, mandates that platforms verify users' ages by requiring them to submit information about their identities. Although the law is aimed at limiting children's access to sexually explicit content, the lawsuit focuses on how those measures also affect adults. "Specifically, the act requires adults to comply with intrusive age verification measures that mandate the submission of personally identifying information over the internet in order to access websites containing sensitive and intimate content," the challengers wrote in court papers.

Read more of this story at Slashdot.

Maciej Pocwierz, a senior software engineer Semantive, writing on Medium: A few weeks ago, I began working on the PoC of a document indexing system for my client. I created a single S3 bucket in the eu-west-1 region and uploaded some files there for testing. Two days later, I checked my AWS billing page, primarily to make sure that what I was doing was well within the free-tier limits. Apparently, it wasn't. My bill was over $1,300, with the billing console showing nearly 100,000,000 S3 PUT requests executed within just one day! By default, AWS doesn't log requests executed against your S3 buckets. However, such logs can be enabled using AWS CloudTrail or S3 Server Access Logging. After enabling CloudTrail logs, I immediately observed thousands of write requests originating from multiple accounts or entirely outside of AWS. Was it some kind of DDoS-like attack against my account? Against AWS? As it turns out, one of the popular open-source tools had a default configuration to store their backups in S3. And, as a placeholder for a bucket name, they used... the same name that I used for my bucket. This meant that every deployment of this tool with default configuration values attempted to store its backups in my S3 bucket! So, a horde of misconfigured systems is attempting to store their data in my private S3 bucket. But why should I be the one paying for this mistake? Here's why: S3 charges you for unauthorized incoming requests. This was confirmed in my exchange with AWS support. As they wrote: "Yes, S3 charges for unauthorized requests (4xx) as well[1]. That's expected behavior." So, if I were to open my terminal now and type: aws s3 cp ./file.txt s3://your-bucket-name/random_key. I would receive an AccessDenied error, but you would be the one to pay for that request. And I don't even need an AWS account to do so. Another question was bugging me: why was over half of my bill coming from the us-east-1 region? I didn't have a single bucket there! The answer to that is that the S3 requests without a specified region default to us-east-1 and are redirected as needed. And the bucket's owner pays extra for that redirected request. The security aspect: We now understand why my S3 bucket was bombarded with millions of requests and why I ended up with a huge S3 bill. At that point, I had one more idea I wanted to explore. If all those misconfigured systems were attempting to back up their data into my S3 bucket, why not just let them do so? I opened my bucket for public writes and collected over 10GB of data within less than 30 seconds. Of course, I can't disclose whose data it was. But it left me amazed at how an innocent configuration oversight could lead to a dangerous data leak! Lesson 1: Anyone who knows the name of any of your S3 buckets can ramp up your AWS bill as they like. Other than deleting the bucket, there's nothing you can do to prevent it. You can't protect your bucket with services like CloudFront or WAF when it's being accessed directly through the S3 API. Standard S3 PUT requests are priced at just $0.005 per 1,000 requests, but a single machine can easily execute thousands of such requests per second.

Read more of this story at Slashdot.

The Biden administration on Tuesday released rules designed to speed up permits for clean energy while requiring federal agencies to more heavily weigh damaging effects on the climate and on low-income communities before approving projects like highways and oil wells. From a report: As part of a deal to raise the country's debt limit last year, Congress required changes to the National Environmental Policy Act, a 54-year-old bedrock law that requires the government to consider environmental effects and to seek public input before approving any project that necessitates federal permits. That bipartisan debt ceiling legislation included reforms to the environmental law designed to streamline the approval process for major construction projects, such as oil pipelines, highways and power lines for wind- and solar-generated electricity. The rules released Tuesday, by the White House Council on Environmental Quality, are intended to guide federal agencies in putting the reforms in place. But they also lay out additional requirements created to prioritize projects with strong environmental benefits, while adding layers of review for projects that could harm the climate or their surrounding communities. "These reforms will deliver smarter decisions, quicker permitting, and projects that are built better and faster," said Brenda Mallory, chair of the council. "As we accelerate our clean energy future, we are also protecting communities from pollution and environmental harms that can result from poor planning and decision making while making sure we build projects in the right places."

Read more of this story at Slashdot.

Walmart isn't making enough money off its new health centers, so it decided to close up shop. From a report: The retail giant announced today that it'll shutter all 51 health centers it opened up across five states since 2019. Walmart is also getting rid of its virtual care program after acquiring telehealth provider MeMD in 2021. "We determined there is not a sustainable business model for us to continue," Walmart said in an announcement today. "This is a difficult decision, and like others, the challenging reimbursement environment and escalating operating costs create a lack of profitability that make the care business unsustainable for us at this time," Walmart said today. It's an about-face from last year when Walmart said it planned to double its number of health clinics and expand into two new states in 2024.

Read more of this story at Slashdot.

One of Europe's most wanted cyber criminals has been jailed for attempting to blackmail 33,000 people whose confidential therapy notes he stole. From a report: Julius Kivimaki obtained them after breaking into the databases of Finland's largest psychotherapy company, Vastaamo. After his attempt to extort the company failed, he emailed patients directly, threatening to reveal what they had told their therapists. At least one suicide has been linked to the case, which has shocked the country. Kivimaki has been sentenced to six years and three months in prison. In terms of the number of victims, his trial was the biggest criminal case in Finnish history. One of them gave their reaction to the BBC. "The main thing is that this absolutely empathy-lacking, ruthless criminal gets a prison sentence," said Tiina Parrika. "After this there rise thoughts about how short the conviction is, when reflected against the number of victims," she added. "But, that's the Finnish law and I must accept that."

Read more of this story at Slashdot.

theodp writes: Reports of the death of Bill Gates' influence at Microsoft have been greatly exaggerated: "Publicly, [Bill] Gates has been almost entirely out of the picture at Microsoft since 2021, following allegations that he had behaved inappropriately toward female employees. In fact, Business Insider has learned, Gates has been quietly orchestrating much of Microsoft's AI revolution from behind the scenes. Current and former executives say Gates remains intimately involved in the company's operations -- advising on strategy, reviewing products, recruiting high-level executives, and nurturing Microsoft's crucial relationship with Sam Altman, the cofounder and CEO of OpenAI. In early 2023, when Microsoft debuted a version of its search engine Bing turbocharged by the same technology as ChatGPT, throwing down the gauntlet against competitors like Google, Gates, executives said, was pivotal in setting the plan in motion. While Nadella might be the public face of the company's AI success [...] Gates has been the man behind the curtain."[...] "Today, Gates remains close with Altman, who visits his home a few times a year, and OpenAI seeks his counsel on developments. There's a 'tight coupling' between Gates and OpenAI, a person familiar with the relationship said. 'Sam and Bill are good friends. OpenAI takes his opinion and consult overall seriously.' OpenAI spokesperson Kayla Wood confirmed OpenAI continues to meet with Gates."

Read more of this story at Slashdot.

Eight prominent U.S. newspapers owned by investment giant Alden Global Capital are suing OpenAI and Microsoft for copyright infringement, in a complaint filed Tuesday in the Southern District of New York. From a report: Until now, the Times was the only major newspaper to take legal action against AI firms for copyright infringement. Many other news publishers, including the Financial Times, the Associated Press and Axel Springer, have instead opted to strike paid deals with AI companies for millions of dollars annually, undermining the Times' argument that it should be compensated billions of dollars in damages. The lawsuit is being filed on behalf of some of the most prominent regional daily newspapers in the Alden portfolio, including the New York Daily News, Chicago Tribune, Orlando Sentinel, South Florida Sun Sentinel, San Jose Mercury News, Denver Post, Orange County Register and St. Paul Pioneer Press.

Read more of this story at Slashdot.

Apple has confirmed reports [video link] of a software glitch causing some iPhone alarms to fail to play a sound.

Read more of this story at Slashdot.

Apple has poached dozens of AI experts from Google and has created a secretive European laboratory in Zurich, as the tech giant builds a team to battle rivals in developing new AI models and products. From a report: According to a Financial Times analysis of hundreds of LinkedIn profiles as well as public job postings and research papers, the $2.7tn company has undertaken a hiring spree over recent years to expand its global AI and machine learning team. The iPhone maker has particularly targeted workers from Google, attracting at least 36 specialists from its rival since it poached John Giannandrea to be its top AI executive in 2018. While the majority of Apple's AI team work from offices in California and Seattle, the tech group has also expanded a significant outpost in Zurich. Professor Luc Van Gool from Swiss university ETH Zurich said Apple's acquisitions of two local AI start-ups -- virtual reality group FaceShift and image recognition company Fashwell -- led Apple to build a research laboratory, known as its "Vision Lab," in the city.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Ahead of its annual GitHub Universe conference in San Francisco early this fall, GitHub announced Copilot Workspace, a dev environment that taps what GitHub describes as "Copilot-powered agents" to help developers brainstorm, plan, build, test and run code in natural language. Jonathan Carter, head of GitHub Next, GitHub's software R&D team, pitches Workspace as somewhat of an evolution of GitHub's AI-powered coding assistant Copilot into a more general tool, building on recently introduced capabilities like Copilot Chat, which lets developers ask questions about code in natural language. "Through research, we found that, for many tasks, the biggest point of friction for developers was in getting started, and in particular knowing how to approach a [coding] problem, knowing which files to edit and knowing how to consider multiple solutions and their trade-offs," Carter said. "So we wanted to build an AI assistant that could meet developers at the inception of an idea or task, reduce the activation energy needed to begin and then collaborate with them on making the necessary edits across the entire corebase." Given a GitHub repo or a specific bug within a repo, Workspace -- underpinned by OpenAI's GPT-4 Turbo model -- can build a plan to (attempt to) squash the bug or implement a new feature, drawing on an understanding of the repo's comments, issue replies and larger codebase. Developers get suggested code for the bug fix or new feature, along with a list of the things they need to validate and test that code, plus controls to edit, save, refactor or undo it. The suggested code can be run directly in Workspace and shared among team members via an external link. Those team members, once in Workspace, can refine and tinker with the code as they see fit. Perhaps the most obvious way to launch Workspace is from the new "Open in Workspace" button to the left of issues and pull requests in GitHub repos. Clicking on it opens a field to describe the software engineering task to be completed in natural language, like, "Add documentation for the changes in this pull request," which, once submitted, gets added to a list of "sessions" within the new dedicated Workspace view. Workspace executes requests systematically step by step, creating a specification, generating a plan and then implementing that plan. Developers can dive into any of these steps to get a granular view of the suggested code and changes and delete, re-run or re-order the steps as necessary. "Since developers spend a lot of their time working on [coding issues], we believe we can help empower developers every day through a 'thought partnership' with AI," Carter said. "You can think of Copilot Workspace as a companion experience and dev environment that complements existing tools and workflows and enables simplifying a class of developer tasks ... We believe there's a lot of value that can be delivered in an AI-native developer environment that isn't constrained by existing workflows."

Read more of this story at Slashdot.

Richard Speed reports via The Register: NASA's optical communications demonstration has hit 25 Mbps in a test transmitting engineering data back to Earth from 140 million miles (226 million kilometers) away. The payload is riding aboard the Psyche probe, which is headed for an asteroid of the same name. On December 11, when the spacecraft was 19 million miles (30 million kilometers) away, it reached 267 Mbps, which NASA described as "comparable to broadband internet download speeds." However, as Psyche has continued on its trajectory, the distances have become greater, and the rate at which data can be transmitted and received has tumbled. At 140 million miles, the project's goal was to reach a lofty 1 Mbps. Instead, engineers managed to get 25 Mbps out of the demonstration. Earlier demonstrations tested the technology using preloaded data, such as a cat video. The latest experiment used a copy of engineering data also sent via Psyche's radio transmitter. "We downlinked about 10 minutes of duplicated spacecraft data during a pass on April 8," said Meera Srinivasan, the project's operations lead at NASA's Jet Propulsion Laboratory (JPL) in Southern California. "Until then, we'd been sending test and diagnostic data in our downlinks from Psyche. This represents a significant milestone for the project by showing how optical communications can interface with a spacecraft's radio frequency comms system." The demonstrator is only along for the ride -- Psyche uses conventional radio technology for its mission. However, the demonstration does point to the potential for higher-bandwidth communications in future projects.

Read more of this story at Slashdot.

Jules Roscoe reports via 404 Media: Russia has replaced Wikipedia with a state-sponsored encyclopedia that is a clone of the original Russian Wikipedia but which conveniently has been edited to omit things that could cast the Russian government in poor light. Real Russian Wikipedia editors used to refer to the real Wikipedia as Ruwiki; the new one is called Ruviki, has "ruwiki" in its url, and has copied all Russian-language Wikipedia articles and strictly edited them to comply with Russian laws. The new articles exclude mentions of "foreign agents," the Russian government's designation for any person or entity which expresses opinions about the government and is supported, financially or otherwise, by an outside nation. [...] Wikimedia RU, the Russian-language chapter of the non-profit that runs Wikipedia, was forced to shut down in late 2023 amid political pressure due to the Ukraine war. Vladimir Medeyko, the former head of the chapter who now runs Ruviki, told Novaya Gazeta Europe in July that he believed Wikipedia had problems with "reliability and neutrality." Medeyko first announced the project to copy and censor the 1.9 million Russian-language Wikipedia articles in June. The goal, he said at the time, was to edit them so that the information would be "trustworthy" as a source for all Russian users. Independent outlet Bumaga reported in August that around 110 articles about the war in Ukraine were missing in full, while others were severely edited. Ruviki also excludes articles about reports of torture in prisons and scandals of Russian government representatives. [...] Graphic designer Constantine Konovalov calculated the number of characters changed between Wikipedia RU and Ruviki articles on the same topics, and found that there were 205,000 changes in articles about freedom of speech; 158,000 changes in articles about human rights; 96,000 changes in articles about political prisoners; and 71,000 changes in articles about censorship in Russia. He wrote in a post on X that the censorship was "straight out of a 1984 novel." Interestingly, the Ruviki article about George Orwell's 1984 entirely omits the Ministry of Truth, which is the novel's main propaganda outlet concerned with governing "truth" in the country.

Read more of this story at Slashdot.

Zeke sends us a C# snippet from an extract-transform-load process his company uses. It's… special.

private void ResizeColumn(string table, string column, int minSize) { if(null == _connection) return; string sqlReadSize = "SELECT DATA_LENGTH,DATA_TYPE,DATA_PRECISION,DATA_SCALE FROM USER_TAB_COLS WHERE TABLE_NAME = '" + table.ToUpper() + "' AND COLUMN_NAME = '" + column.ToUpper() + "'"; string data_length = ""; string data_type = ""; string data_precision = ""; string data_scale = ""; string sizeInfo = minSize.ToString(); IDataReader r = null; try { r = _connection.DbAccessor.ExecuteSqlText.ExecuteReader(sqlReadSize); if(null != r && r.Read()) { if(!r.IsDBNull(0)) data_length = Convert.ToString(r[0]); if(!r.IsDBNull(1)) data_type = Convert.ToString(r[1]); if(!r.IsDBNull(2)) data_precision = Convert.ToString(r[2]); if(!r.IsDBNull(3)) data_scale = Convert.ToString(r[3]); r.Close(); r = null; } } catch(Exception ex) { System.Diagnostics.Debug.WriteLine(ex.Message); return; } finally { if(null != r) { r.Close(); r = null; } } if(data_type == "NUMBER") { return; } if(data_type == "DATE") { return; } if(data_type == "CLOB") { return; } if(data_type == "BLOB") { return; } if(minSize <= Convert.ToInt32(data_length)) { return; } string sqlAlterSize = "ALTER TABLE " + table + " modify " + column.ToUpper() + " " + data_type + "(" + sizeInfo + ")"; try { _connection.DbAccessor.ExecuteSqlText.ExecuteScalar(sqlAlterSize); } catch(Exception ex) { System.Diagnostics.Debug.WriteLine(ex.Message); return; } }

Let's trace through this. We start by failing silently if the database connection hasn't been initialized, which is sure to make debugging a real treat. Then we prepare a string-concatenated query into the databases's data dictionary, opening up a lovely SQL injection attack (which, in their defense, I don't expect the inputs to this function to be user driven, but still).

We run the query and populate local variables with the results- local string variables. The source data in the database is numeric (this is, by the by, an Oracle database)- so we just discard that and convert it to strings.

There's a lovely bonus of a double-close- they close the reader in the try portion and the finally portion, instead of just using the finally. More fun, they also do the useless null assignment that people who don't understand garbage collection often do.

Then, we check the type of the column in question. If it's a number, a date, a CLOB or a BLOB, we do nothing. This is really fun because there are plenty of built-in datatypes that don't have a size field, but aren't included here- TIMESTAMP for example, expects fractional seconds precision, not a size. We won't change the size of a NUMBER (which takes precision and scale), but will change the precision of a FLOAT.

What they really wanted was to just change the sizes of CHAR, NCHAR, VARCHAR2, and NVARCHAR2s. But instead of saying that, they opted to try and come at it the back way around, and created a method that's almost certain to create explosions at some point.

Finally, they execute an ALTER TABLE command to do the update. Any failures are treated as a debugging issue, which again, is going to be great when you're trying to decide why this failed in production.

Not only is the method horrible, but it's also unnecessary. Once upon a time, someone recognized that they needed to hold text fields of arbitrary lengths and configured all the text columns to be 4000 bytes (the default maximum size in Oracle), which was much larger than any of the input data.

[Advertisement] Keep the plebs out of prod. Restrict NuGet feed privileges with ProGet. Learn more.

An anonymous reader quotes a report from Reuters: Energy ministers from the Group of Seven (G7) major democracies reached a deal to shut down their coal-fired power plants in the first half of the 2030s, in a significant step towards the transition away from fossil fuels. "There is a technical agreement, we will seal the final political deal on Tuesday," said Italian energy minister Gilberto Pichetto Fratin, who is chairing the G7 ministerial meeting in Turin. On Tuesday the ministers will issue a final communique detailing the G7 commitments to decarbonize their economies. Pichetto said the ministers were also pondering potential restrictions to Russian imports of liquefied natural gas to Europe which the European Commission is due to propose in the short-term. The agreement on coal marks a significant step in the direction indicated last year by the COP28 United Nations climate summit to phase out fossil fuels, of which coal is the most polluting. Italy last year produced 4.7% of its total electricity through a handful of coal-fired stations. Rome currently plans to turn off its plants by 2025, except on the island of Sardinia where the deadline is 2028. In Germany and Japan coal has a bigger role, with the share of electricity produced by the fuel higher than 25% of total last year. "This is another nail in the coffin for coal," said Dave Jones, Ember's Global Insights program director. "The journey to phase out coal power has been long: it's been over seven years since the UK, France, Italy, and Canada committed to phase out coal power, so it's good to see the United States and especially Japan at last be more explicit on their intentions." "The problem is that whilst coal power has already been falling, gas power has not. G7 nations already promised to 'fully or predominantly' decarbonize their power sectors by 2035, and that would mean phasing out not only coal by 2035 but also gas. Coal might be the dirtiest, but all fossil fuels need to be ultimately phased out." Further reading: Countries Consider Pact To Reduce Plastic Production By 40% in 15 Years

Read more of this story at Slashdot.

Crypto company Tether announced Monday that it has invested $200 million to acquire a majority stake in brain-computer interface company Blackrock Neurotech via its venture capital division Tether Evo. [The firm is not related to the asset management giant BlackRock.] CoinDesk reports: Blackrock Neurotech develops medical devices that are powered by brain signals and aims to help people impacted by paralysis and neurological disorders. The investment will fund the roll-out and commercialization of the medical devices and also for research and development purposes, the press release said. Tether is the company behind USDT, the largest stablecoin with a market cap of $110 billion. Recently, Tether established four divisions to expand beyond stablecoin issuance. "Tether has long believed in nurturing emerging technologies that have transformative capabilities, and the Brain-Computer-Interfaces of Blackrock Neurotech have the potential to open new realms of communication, rehabilitation, and cognitive enhancement," Paolo Ardoino, CEO of Tether, said in a statement.

Read more of this story at Slashdot.

ReneR writes: A major T2 Linux milestone has been released, shipping with full support for 25 CPU architectures and several C libraries, as well as restored support for Intel IA-64 Itanium. Additionally, many vintage X.org DDX drivers were fixed and tested to work again, as well as complete support for the latest KDE 6 and GNOME 46. T2 is known for its sophisticated cross compile support and support for nearly all existing CPU architectures: Alpha, Arc, ARM(64), Avr32, HPPA(64), IA64, M68k, MIPS(64), Nios2, PowerPC(64)(le), RISCV(64), s390x, SPARC(64), and SuperH x86(64). T2 is an increasingly popular choice for embedded systems and virtualization. It also still supports the Sony PS3, Sgi, Sun and HP workstations, as well as the latest ARM64 and RISCV64 architectures. The release contains a total of 5,140 changesets, including approximately 5,314 package updates, 564 issues fixed, 317 packages or features added and 163 removed, and around 53 improvements. Usually most packages are up-to-date, including Linux 6.8, GCC 13, LLVM/Clang 18, as well as the latest version of X.org, Mesa, Firefox, Rust, KDE 6 and GNOME 46! More information, source and binary distribution are open source and free at T2 SDE.

Read more of this story at Slashdot.

As reported by Bloomberg (paywalled), Apple's iPadOS will need to abide by EU's DMA rules, as it is now designated as a gatekeeper alongside the Safari web browser, iOS operating system and the App Store. "Apple now has six months to ensure full compliance of iPadOS with the DMA obligations," reads the EU's blog post about the change. Engadget reports: What does Apple have to do to ensure iPadOS compliance? According to the DMA, gatekeepers are prohibited from favoring their own services over rivals and from locking users into the ecosystem. The software must also allow third parties to interoperate with internal services, which is why third-party app stores are becoming a thing on iPhones in Europe. The iPad, presumably, will soon follow suit. In other words, the DMA is lobbing some serious stink bombs into Apple's walled garden. In a statement published by Forbes, Apple said it "will continue to constructively engage with the European Commission" to ensure its designated services comply with the DMA, including iPadOS. "iPadOS constitutes an important gateway on which many companies rely to reach their customers," wrote Margrethe Vestager, Executive Vice-President in charge of competition policy at the European Commission. "Today's decision will ensure that fairness and contestability are preserved also on this platform."

Read more of this story at Slashdot.

An anonymous reader quotes a report from Business Insider: WeWork has a new plan to get out of bankruptcy -- and it doesn't involve Adam Neumann, who wants to acquire the flexible office provider he created. WeWork announced Monday that it has raised $450 million in equity funding, which it could use to emerge from Chapter 11. The company also said it has a plan in place to "eliminate all of its $4 billion of outstanding, prepetition debt obligations." A vote on the plan -- which has support from the owners of most of WeWork's debt -- is scheduled for May 30, according to Bloomberg. The majority of the funding -- $337 million, to be exact -- would come from Cupar Grimmond, and SoftBank would still own a stake in the company, according to the outlet. But Neumann, who has recently expressed interest in purchasing WeWork for more than $500 million, doesn't plan to go down without a fight. "After misleading the court for weeks, WeWork finally admitted it is trying to sell the company to a group led by Yardi for far less than we are continuing to propose," Susheel Kirpalani, an attorney for Neumann's new real estate startup Flow Global, told Business Insider in a statement, adding, "so we anticipate there will be robust objections to confirming this plan."

Read more of this story at Slashdot.