Apple to begin do-it-yourself repair program for iPhones, Macs next year

(www.cnet.com)

A new program, called Self Service Repair, will allow customers to buy parts from Apple for their products and perform repairs at home. Apple said it will also publish repair manuals online and offer tools to buy at the same prices authorized repair technicians pay.

The move marks a significant shift for the tech giant, which has historically restricted access to parts and repair manuals, as well as diagnostic and calibration apps, to its "authorized repair programs." Without Apple-sanctioned ways to repair devices, some users have turned to experts on YouTube and at companies like iFixit to learn how to acquire parts and perform repairs on their own.

Advocates have increasingly pressured Apple and other companies to open their service manuals, parts and tools to the public. More than a dozen states, including Apple's home in California, have considered laws supporting right-to-repair laws. And earlier this year, President Joe Biden issued an executive order calling on the Federal Trade Commission to investigate the issue.

Baby steps surely, but this is huge for Right to Repair especially coming from Apple, who was fighting this for decades.

Regulation works!

Raspberry Pi Zero 2 W on sale now at $15 USD

(www.raspberrypi.com)

Priced at $15, Raspberry Pi Zero 2 W uses the same Broadcom BCM2710A1 SoC die as the launch version of Raspberry Pi 3, with Arm cores slightly down-clocked to 1GHz, bundled into a single space-saving package alongside 512MB of LPDDR2 SDRAM. The exact performance uplift over Zero varies across workloads, but for multi-threaded sysbench it is almost exactly five times faster.

And yes, I went ahead and ordered it, looks fun!

Amazon Astro: privacy nightmare

(www.vice.com)

Developers who worked on Astro say the versions of the robot they worked on did not work well.

"Astro is terrible and will almost certainly throw itself down a flight of stairs if presented the opportunity. The person detection is unreliable at best, making the in-home security proposition laughable," a source who worked on the project said. "The device feels fragile for something with an absurd cost. The mast has broken on several devices, locking itself in the extended or retracted position, and there's no way to ship it to Amazon when that happens."

"They're also pushing it as an accessibility device but with the masts breaking and the possibility that at any given moment it'll commit suicide on a flight of stairs, it's, at best, absurdist nonsense and marketing and, at worst, potentially dangerous for anyone who'd actually rely on it for accessibility purposes," the source said.

Do. Not. Buy. This.

Period.

Framework laptop: Cory Doctorow's thoughts

(pluralistic.net)

Then I saw Ifixit's teardown of a Framework laptop. They described a computer whose hardware was fully user-maintainable/upgradeable. The system opens with six "captive" screws (they stay in the case) and then every component can be easily accessed.

There's no tape. There's no glue. Every part has a QR code that you can shoot with your phone to go to a service manual that has simple-to-follow instructions for installing, removing and replacing it. Every part is labeled in English, too!

The screen is replaceable. The keyboard is replaceable. The touchpad is replaceable. Removing the battery and replacing it takes less than five minutes. The computer actually ships with a screwdriver.

All this, without sacrificing size or power – it's so similar to a Macbook that a friend who came over for dinner (and who knows about my feelings about proprietary Apple hardware) expressed shock that I'd switched to a Macbook!

The Framework laptop has great reparability and customization. Exciting to see how it evolves over time although it does look promising here that if they keep this up, I might get one of these.

The Linux Foundation and other companies are putting in millions to help secure open-source software we all rely on

(www.zdnet.com)

Once your project is approved, progress reports are made approximately once a month. These must include:

A stable URL of a publicly accessible post (e.g., a blog or archived mailing list post) describing what you did that month.
> The post must briefly describe what has been accomplished using the funding since the last invoice. > Include its date and hyperlinks to details. If git commits were involved, include hyperlinks to them. Make it easy for technical people to learn details (e.g., via hyperlinks).
Also briefly describe why this work is important or link to such description(s), for someone who is not intimately familiar with it. Some readers may see your post out of context.
> Give credit, similar to National Public Radio. (e.g., "This work to <X> was [partially] funded by the OpenSSF, Google, and The Linux Foundation.") Thanking others is always polite. We also want people to consider funding OSS security as normal.
> Publicly provide an identifier (a personal name, pseudonym, or project name) of who's doing the work. This simplifies referring to the work. You do not need to reveal your personal name(s) publicly, though you're welcome to do so.

This is a hugely important development in the security side of things.

The SLS rocket won't fly until 2022 at the earliest

(arstechnica.com)

However, a source said the best-case scenario for launching the Artemis 1 mission is spring of next year, with summer being the more realistic target for a test flight of the heavy lift rocket and Orion spacecraft. The space agency is already running about two months behind internal targets for testing and integrating the rocket at Kennedy Space Center, and the critical pre-flight tests remain ahead.

NASA's Kathryn Hambleton acknowledged that the space agency has seen schedule slips. "The agency continues to monitor the rise of COVID cases in the Kennedy area, which, combined with other factors such as weather and first time operations, is impacting our schedule of operations," she said. "Moving step by step, we are progressing toward launch while keeping our team as safe as possible."

"This rocket is coming in at the cost of what not only what we estimated in the NASA Authorization act, but less,” Nelson said at the time. “The cost of the rocket over a five- to six-year period in the NASA authorization bill was to be no more than $11.5 billion.” Later, he went further, saying, "If we can't do a rocket for $11.5 billion, we ought to close up shop."

More than a decade later, NASA has spent more than $20 billion to reach the launch pad. And Nelson is no longer a US Senator—he is the administrator of the space agency. The shop remains open.

Welp, more delays and I hope it still happens but it's not looking good if it continues.

Samsung kills the cameras on the Galaxy Z Fold 3 if you unlock the bootloader

(www.xda-developers.com)

Knox is the security suite on Samsung devices, and any modifications to the device will trip it, void your warranty, and disable Samsung Pay permanently. Now, losing all the Knox-related security features is one thing, but having to deal with a broken camera is a trade-off that many will be unwilling to make. But that’s exactly what you’ll have to deal with if you wish to unlock the bootloader on the Galaxy Z Fold 3.

According to XDA Senior Members 白い熊 and ianmacd, the final confirmation screen during the bootloader unlock process on the Galaxy Z Fold 3 mentions that the operation will cause the camera to be disabled. Upon booting up with an unlocked bootloader, the stock camera app indeed fails to operate, and all camera-related functions cease to function, meaning that you can’t use facial recognition either. Anything that uses any of the cameras will time out after a while and give errors or just remain dark, including third-party camera apps.

This is the very first time I have heard that a manufacturer just outright kills the camera when the bootloader is unlocked. I know Sony degrades the camera quality if it's unlocked but not like this. I can expect future Samsung phones like the S and A series do the same.

OnlyFans will ban adult content in October

(www.vice.com)

Nude photos and videos will still be allowed, "provided they’re consistent with OnlyFans’ policy," the company told Bloomberg.

“In order to ensure the long-term sustainability of our platform, and the [sic] continue to host an inclusive community of creators and fans, we must evolve our content guidelines,” OnlyFans told Bloomberg. The decision was made because of pressure from banking partners and payment processors.

This news follows a report from Axios that claims leaked documents reveal OnlyFans' struggle to draw investors, despite being on track to make $12.5 billion in gross value next year.

OnlyFans is far from the only platform where adult content creators can sell videos and images. Pornhub, ManyVids, and FanCentro are just some of the other internet platforms that offer similar services. However, OnlyFans's brand recognition has exploded in popularity over the pandemic, on the back of these adult content creators, who will have to rebuild these audiences on other platforms.

Welp, OnlyFans just did something even worse than when Tumblr did it. And this is going to get people killed. Amongst the ones to blame for the continued assault of online adult content are payment processors (Visa and Mastercard), banks, lawmakers (SESTA-FOSTA), Media figures (Nicholas Carlson of the NYT), and VCs. These groups determine if anyone and businesses can survive and the amount of power is just ugh. This will hurt marginalized people indeed.

Mastercard becomes the first payment company to completely phase out magnetic stripes as they'll do so by 2033 although the transition will happen by 2024 in the EU and in 2027 in the US

(www.theverge.com)

Magnetic stripes were a huge improvement over the flatbed imprinting machines (aka “knuckle-busters”) that cashiers used to have to use to record card details. But in the 1990s the global EMV chip standard was introduced, which paved the way for cardholder details to be held more securely on small integrated circuit chips embedded into cards. Nowadays, 86 percent of in-person card transactions globally use EMV chips. These are typically authenticated using a PIN, but biometric fingerprint authentication is also emerging as a more secure alternative.

Interestingly, the US hasn’t adopted EMV chips to the same extent as the rest of the world. Last year, the percentage of in-person card transactions using the technology in the country was lower at around 73 percent, despite efforts to encourage adoption. The US has historically been an outlier for a number of reasons, including its size and low fraud rates.

Although chip cards are being positioned as the successor to magnetic stripes, Mastercard notes that contactless payments, which can be made by either a card or digitally using most modern smartphones, have exploded in popularity during the pandemic. The amount of contactless transactions have increased by 1 billion in the first quarter of this year compared to last year, it says. Globally 45 percent of in-person checkout transactions in the second quarter of the year were contactless.

By 2029, no new cards distributed by Mastercard will have this so the US needs to step up their tap and chip game.

Top US Catholic Church official resigns after a Catholic media site obtained his alleged Grindr app and phone location data from an undisclosed data broker

(arstechnica.com)

In what appears to be a first, a public figure has been ousted after de-anonymized mobile phone location data was publicly reported, revealing sensitive and previously private details about his life.

Monsignor Jeffrey Burrill was general secretary of the US Conference of Catholic Bishops (USCCB), effectively the highest-ranking priest in the US who is not a bishop, before records of Grindr usage obtained from data brokers was correlated with his apartment, place of work, vacation home, family members' addresses, and more. Grindr is a gay hookup app, and while apparently none of Burrill’s actions were illegal, any sort of sexual relationship is forbidden for clergy in the Catholic Church. The USCCB goes so far as to discourage Catholics from even attending gay weddings.

Burrill’s case is “hugely significant,” Alan Butler, executive director of the Electronic Information Privacy Center, told Ars. “It’s a clear and prominent example of the exact problem that folks in my world, privacy advocates and experts, have been screaming from the rooftops for years, which is that uniquely identifiable data is not anonymous.”

It has finally happened. "Anonymized" data is the biggest myth there is since it really doesn't exist.

To give you a idea on why "anonymized" data is bullshit, here's a Vice article on the rise of the de-anonymization industry, where companies buy pseudonymized datasets with mobile advertising IDs and unmask the identities of people in the datasets. And it's all legal.

It's very clear that we need laws to protect people from these abuses since anyone can be next, even BIPOC, LGBTQIA, and other marginalized people.