An anonymous reader quotes a report from Business Insider: If you think you've been seeing an awful lot more Reddit results lately when you search on Google, you're not imagining things. The internet is in upheaval, and for website owners the rules of "winning" Google Search have never been murkier. Google's generative AI search engine is coming from one direction. It's creeping closer to mainstream deployment and bringing an existential crisis for SEOs and website makers everywhere. Coming from the other direction is an influx of posts from Reddit, Quora, and other internet forums that have climbed up through the traditional set of Google links. Data analysis from Semrush, which predicts traffic based on search ranking, shows that traffic to Reddit has climbed at an impressive clip since August. Semrush estimated that Reddit had over 132 million visitors in August 2023. At the time of publishing, it was projected to have over 346 million visitors in April 2024.

None of this is accidental. For years, Google has been watching users tack on "Reddit" to the end of search queries and finally decided to do something about it. Google started dropping hints in 2022 when it promised to do a better job of promoting sites that weren't just chasing the top of search but were more helpful and human. Last August, Google rolled out a big update to Search that seemed to kick this into action. Reddit, Quora, and other forum sites started getting more visibility in Google, both within the traditional links and within a new "discussions and forums" section, which you may have spotted if you're US-based. The timing of this Reddit bump has led to some conspiracy theories. In February, Google and Reddit announced a blockbuster deal that would let Google train its AI models on Reddit content. Google said the deal, reportedly worth $60 million, would "facilitate more content-forward displays of Reddit information," leading to some speculation that Google promised Reddit better visibility in exchange for the valuable training data. A few weeks later, Reddit also went public.

Steve Paine, marketing manager at Sistrix, called the rise of Reddit "unprecedented." "There hasn't been a website that's grown so much search visibility so quickly in the US in at least the last five years," he told Business Insider. Right now, Reddit ranks high for product searches. Reddit's main competitors are Wikipedia, YouTube, and Fandom, Paine said, and it also competes in "high-value commercial searches," putting it up against Amazon. The "real competitors," he said, are the subreddits that compete with brands on the web. A Google spokesperson told Business Insider that the company is essentially just giving users what they want: "Our research has shown that people often want to learn from others' experiences with a topic, so we've continued to make it easier to find helpful perspectives on Search when it's relevant to a query. Our systems surface content from hundreds of forums and other communities across the web, and we conduct rigorous testing to ensure results are helpful and high quality."

An anonymous reader shares a report: A financially motivated criminal hacking group says it has stolen a confidential database containing millions of records that companies use for screening potential customers for links to sanctions and financial crime. The hackers, which call themselves GhostR, said they stole 5.3 million records from the World-Check screening database in March and are threatening to publish the data online.

World-Check is a screening database used for "know your customer" checks (or KYC), allowing companies to determine if prospective customers are high risk or potential criminals, such as people with links to money laundering or who are under government sanctions.The hackers told TechCrunch that they stole the data from a Singapore-based firm with access to the World-Check database, but did not name the firm. A portion of the stolen data, which the hackers shared with TechCrunch, includes individuals who were sanctioned as recently as this year.

Roku has made two-factor authentication (2FA) mandatory for all users following two credential stuffing attacks that compromised approximately 591,000 customer accounts and led to unauthorized purchases in fewer than 400 cases. The Register reports: Credential stuffing and password spraying are both fairly similar types of brute force attacks, but the former uses known pairs of credentials (usernames and passwords). The latter simply spams common passwords at known usernames in the hope one of them leads to an authenticated session. "There is no indication that Roku was the source of the account credentials used in these attacks or that Roku's systems were compromised in either incident," it said in an update to customers. "Rather, it is likely that login credentials used in these attacks were taken from another source, like another online account, where the affected users may have used the same credentials."

All accounts now require 2FA to be implemented, whether they were affected by the wave of compromises or not. Roku has more than 80 million active accounts, so only a minority were affected, and these have all been issued mandatory password resets. Compromised or not, all users are encouraged to create a strong, unique password for their accounts, consisting of at least eight characters, including a mix of numbers, symbols, and letter cases. [...] Roku also asked users to remain vigilant to suspicious activity regarding its service, such as phishing emails or clicking on dodgy links to rest passwords -- the usual stuff. "In closing, we sincerely regret that these incidents occurred and any disruption they may have caused," it said. "Your account security is a top priority, and we are committed to protecting your Roku account."

An anonymous reader quotes a report from TechCrunch: Dropout's Dungeons & Dragons actual play show, Dimension 20, is getting pretty close to selling out a 19,000-seat venue just hours after ticket sales opened to the general public. To the uninitiated, it may seem absurd to go to a massive sports arena and watch people play D&D. As one Redditor commented, "This boggles my mind. When I was playing D&D in the early eighties, I would have never believed that there was a future where people would watch live D&D at Madison Square Garden. It's incomprehensible to me." It is indeed bizarre, albeit fun. But in this monumental moment for the actual play genre, the triumph is eclipsed by the biggest frustration that links sports, music and now D&D fans: Ticketmaster. As Federal Trade Commission chair Lina Khan said amid the Taylor Swift-Ticketmaster scandal, the company's failures "ended up converting more Gen Zers into anti-monopolists overnight than anything [she] could have done."

In the case of Taylor Swift's Eras tour, fans were upset because demand was so high that Ticketmaster's system couldn't handle the traffic. For Dimension 20, the culprit is Ticketmaster's dynamic pricing. As more people try to buy tickets, the price of the tickets increase. About an hour after the Madison Square Garden tickets went on sale, the few dozen upper bowl tickets left were $800. Three hours after, these tickets are around $330, which is still very inflated. "Went onto the presale, tickets were $500+ for the worst ones, we assumed they were scalpers and that the actual sale today would have normal priced tickets $2000 for the lower bowl!? I know it's not dropout setting the price but wow is that a LOT of cash," a Redditor posted. And as a commenter astutely pointed out, thanks to dynamic pricing, Ticketmaster itself is actually the scalper. Of course, Dimension 20 fans are frustrated, especially since the show's content is overtly anti-capitalist. Despite the pricing debacle, the demand for the show is a great sign for both actual play shows and the creator economy at large.

An anonymous reader quotes a report from The Verge: Google says it will start removing links to California news websites in a "short term test for a small percentage of California users." The move is in response to the pending California Journalism Preservation Act (CJPA), which would require Google to pay a fee for linking Californians to news articles. "If passed, CJPA may result in significant changes to the services we can offer Californians and the traffic we can provide to California publishers," Jaffer Zaidi, Google VP of global news partnerships, wrote in a blog post announcing the decision. "The testing process involves removing links to California news websites, potentially covered by CJPA, to measure the impact of the legislation on our product experience." Zaidi adds that Google will also pause "further investments in the California news ecosystem," referring to initiatives like Google News Showcase, product and licensing programs for news organizations, and the Google News Initiative. A study (PDF) conducted in 2023 estimates that Google would owe U.S. publishers around $10 to 12 billion annually if the Journalism Competition and Preservation Act, a national bill, is passed.

An anonymous reader quotes a report from Ars Technica: Starting today, home Internet and mobile broadband providers in the US are required to display consumer labels with information on prices, speeds, and data allowances. "Today's nationwide launch of the Broadband Consumer Labels means internet service providers are now required to display consumer-friendly labels at the point of sale," the Federal Communications Commission said (PDF). "Labels are required for all standalone home or fixed Internet service or mobile broadband plans. Providers must display the label -- not simply an icon or link to the label -- in close proximity to an associated plan's advertisement."

The labels are required now for providers with at least 100,000 subscribers, while ISPs with fewer customers have until October 10, 2024, to comply. "If a provider is not displaying their labels or has posted inaccurate information about its fees or service plans, consumers can file a complaint with the FCC Consumer Complaint Center," an agency webpage says. The October 10 date will also bring an additional requirement that providers "make the labels machine-readable to enable third parties to more easily collect and aggregate data for the purpose of creating comparison-shopping tools for consumers," the FCC said.

The FCC issued a consumer advisory telling broadband users what to look for in the labels. Labels should include the monthly price, state whether it is an introductory rate, the amount of time that an introductory rate applies, and the price after any introductory rate expires. The labels must include any additional monthly charges, one-time fees, early termination fees, and taxes. Speed information should include typical download speed, upload speed, and latency. For data caps, the labels should state how much data is included with the monthly price and how much consumers have to pay for additional usage. Labels should also include links to information on discounts and service bundles, network management practices, and privacy policies.

It appears that a nearly eight-year-long battle by the FCC to require internet companies to display information on the costs, fees, and speeds of their broadband services is finally over. From a report: Starting on Wednesday, all but the smallest ISPs will be required to publish broadband "nutrition labels" on all of their plans, the regulator announced. [...] Each label will include monthly broadband prices, introductory rate details, data allowances, broadband speeds, and links to find out about any available discounts or service bundles. Links to network management practices and privacy policies should be listed as well.

It's the world's most widely used vulnerability database, reports SC Magazine, offering standards-based data on CVSS severity scores, impacted software and platforms, contributing weaknesses, and links to patches and additional resources.

But "there is a growing backlog of vulnerabilities" submitted to America's National Vulnerability Database and "requiring analysis", according to a new announcement from the U.S. Commerce Department's National Institute of Standards. "This is based on a variety of factors, including an increase in software and, therefore, vulnerabilities, as well as a change in interagency support." From SC Magazine: According to NIST's website, the institute analyzed only 199 of 3370 CVEs it received last month. [And this month another 677 came in — of which 24 have been analyzed.]

Other than a short notice advising it was working to establish a new consortium to improve the NVD, NIST had not provided a public explanation for the problems prior to a statement published [April 2]... "Currently, we are prioritizing analysis of the most significant vulnerabilities. In addition, we are working with our agency partners to bring on more support for analyzing vulnerabilities and have reassigned additional NIST staff to this task as well."

NIST, which had its budget cut by almost 12% this year by lawmakers, said it was committed to continuing to support and manage the NVD, which it described as "a key piece of the nation's cybersecurity infrastructure... We are also looking into longer-term solutions to this challenge, including the establishment of a consortium of industry, government and other stakeholder organizations that can collaborate on research to improve the NVD," the statement said. "We will provide more information as these plans develop..."

A group of cybersecurity professionals have signed an open letter to Congress and Commerce Secretary Gina Raimondo in which they say the enrichment issue is the result of a recent 20% cut in NVD funding.
The article also cites remarks from NVD program manager Tanya Brewer (reported by Infosecurity Magazine) from last week's VulnCon conference on plans to establish a NVD consortium. "We're not going to shut down the NVD; we're in the process of fixing the current problem. And then, we're going to make the NVD robust again and we'll make it grow."

Thanks to Slashdot reader spatwei for sharing the article.

An anonymous reader quotes a report from 404 Media: Last week, Ernie Smith, the publisher of the website Tedium, got a "copyright infringement notice" from a law firm called Commonwealth Legal: "We're reaching out on behalf of the Intellectual Property division of a notable entity, in relation to an image connected to our client," it read. [...] In this case, though, the email didn't demand that the photo be taken down or specifically threaten a lawsuit. Instead, it demanded that Smith place a "visible and clickable link" beneath the photo in question to a website called "tech4gods" or the law firm would "take action." Smith began looking into the law firm. And he found that Commonwealth Legal is not real, and that the images of its "lawyers" are AI generated.

The threat to "activate the case No. 86342" is obviously nonsense. Beyond that, Commonwealth Legal's website looks generic and is full of stock photos, though I've seen a lot of generic template websites for real law firms. All of its lawyers have vacant, thousand-yard stares that are commonly generated by websites like This Person Does Not Exist, none of them come up in any attorney or LinkedIn searches, and the only reverse image search results for them are for a now-broken website called Generated.Photos, which offered a service to "use AI to generate people online that don't exist, change clothing and modify face and body traits. Download generated people in different postures." "All of the faces scanned were likely AI generated, most likely by a Generative Adversarial Network (GAN) model," Ali Shahriyari, cofounder and CTO of the AI detection startup Reality Defender told 404 Media. Commonwealth Legal's listed address is the fourth floor of a one-story building that looks nothing like the image on its website, and both of its phone numbers are disconnected. No one responded to the contact form that I filled out. Smith realized that what's happening here isn't a copyright enforcement or copyright trolling attempt at all. Instead, it's a backlink SEO scam, where a website owner tries to improve their Google ranking by asking, paying, or threatening someone to link to their website.

Tech4Gods.com is a gadget review website run by a man named Daniel Barczak, whose content is "complemented by AI writing assistants." In this case, the photo that Smith had "infringed" was a photo downloaded from the royalty free, free-to-use website Unsplash, which 404 Media also sometimes uses. The image was not taken by Barczak, and has nothing to do with him, he told me in an email: "I certainly don't own any images on the web," he said. The original photographer did not respond to a request for comment sent through Unsplash. Barczak told me that he had been previously buying backlinks to his website for SEO, but said he wasn't aware of who was doing this or why. "I have no idea; it certainly has nothing to do with me," he said. "However, recently, someone has been building spammy links against my site that I have been dealing with." "I have mastered on-page SEO, but unfortunately, I buy links due to a lack of time," he added. "In the past, I had a bad link builder. I wonder if it's him going mad at me for letting him go It's hard to say the web is massive, and everyone can link whenever they want." Link building is an SEO strategy devised to get outside websites to link to your website. He added that "bad links may damage [the site's] profile in Google's eyes." In this case, however, the "lawyers" were threatening a well-established tech blogger, and a link from Tedium would likely be treated as a positive in the search algorithm's eyes.

An anonymous reader shares a PC Gamer report: PCI Express 7.0 is coming. But don't feel as though you need to start saving for a new motherboard anytime soon. The PCI-SIG has just released the 0.5 version, with the final version set for release in 2025. That means supporting devices are not likely to land until 2026, with 2027-28 likely to be the years we see a wider rollout. PCIe 7.0 will initially be far more relevant to the enterprise market, where bandwidth-hungry applications like AI and networking will benefit. Anyway, it's not like the PC market is saturated with PCIe 5.0 devices, and PCIe 6.0 is yet to make its way into our gaming PCs.

PCI Express bandwidth doubles every generation, so PCIe 7.0 will deliver a maximum data rate up to 128 GT/s. That's a whopping 8x faster than PCIe 4.0 and 4x faster than PCIe 5.0. This means PCIe 7.0 is capable of delivering up to 512GB/s of bi-directional throughput via a x16 connection and 128GB/s for an x4 connection. More bandwidth will certainly be beneficial for CPU to chipset links, which means multiple integrated devices like 10G networking, WiFi 7, USB 4, and Thunderbolt 4 will all be able to run on a consumer motherboard without compromise. And just imagine what all that bandwidth could mean for PCIe 7.0 SSDs. In the years to come, a PCIe 7.0 x4 SSD could approach sequential transfer rates of up to 60GB/s. We'll need some serious advances in SSD controller and NAND flash technologies to see speeds in that range, but still, it's an attractive proposition. Further reading: PCIe 7.0 first official draft lands, doubling bandwidth yet again.

Telegram is enhancing its platform for businesses with the introduction of Telegram Business, offering specialized features like customizable start pages, business hours, and chat management tools, while also initiating an ad-revenue sharing model for public channels with at least 1,000 subscribers. "As a whole, the features could introduce competition into a market where Meta's apps like Messenger, Instagram and WhatsApp have a hold on business communication," reports TechCrunch. From the report: The features arrived just a couple of weeks after Telegram founder Pavel Durov told the Financial Times in an interview that he expected the app, which now has over 900 million users, to become profitable by 2025. Telegram Business is clearly part of that push, leading up to a future IPO, as it's an offering that requires users to subscribe to the paid Premium version to access. Telegram Premium is a bundle of upgraded features that cost $4.99 per month on iOS and Android and is also available as a three-month, six-month or one-year plan.

Telegram Business will likely give Premium another bump as it offers tools and features that can be used by business customers without needing to know how to code. For instance, businesses can choose to display their hours of operation and location on a map, and greet customers with a customized start page for empty chats where they can choose the text and sticker users see before beginning a conversation. Similar to features available on WhatsApp, Telegram Business will offer "quick replies," which are shortcuts to preset messages that support formatting, links, media, stickers and files.

Businesses can also set their own custom greeting messages for customers who engage with the company for the first time, and they can specify a period after which the greeting would be shown again. They can manage their availability using away messages while the business is closed or the owner is on vacation. Plus, the businesses can categorize their chats using colored labels based on what chat folders they're in, like delivery, claim, orders, VIP, feedback, or any others that make sense for them. In addition, businesses can create links to chat that will instantly open a Telegram chat with a request to take an action like tracking an order or reserving a table, among other things. Business customers can also add Telegram bots, including those from other tools or AI assistants, to answer messages on their behalf. The company said more features will roll out to Telegram Business in future updates.

The Federal Trade Commission (FTC) has a new way to combat the impersonation scams that it says cost people $1.1 billion last year alone. Effective today, the agency's rule "prohibits the impersonation of government, businesses, and their officials or agents in interstate commerce." The rule also lets the FTC directly file federal court complaints to force scammers to return money stolen by business or government impersonation. From a report: Impersonation scams are wide-ranging -- creators are on the lookout for fake podcast invites that turn into letting scammers take over their Facebook pages via a hidden "datasets" URL, while Verge reporters have been impersonated by criminals trying to steal cryptocurrency via fake Calendly meeting links.

Linus Media Group was victimized by a thief who pretended to be a potential sponsor and managed to take over three of the company's YouTube channels. Some scams can also be very intricate, as in The Cut financial columnist Charlotte Cowles' story of how she lost a shoebox holding $50,000 to an elaborate scam involving a fake Amazon business account, the FTC, and the CIA. (See also: gift card scams.) The agency is also taking public comment until April 30th on changes to the rule that would allow it to also target impersonation of individuals, such as through the use of video deepfakes or AI voice cloning. That would let it take action against, say, scams involving impersonations of Elon Musk on X or celebrities in YouTube ads. Others have used AI for more sinister fraud, such as voice clones of loved ones claiming to be kidnapped.

An anonymous reader shares a report: Generative AI search engine Perplexity, which claims to be a Google competitor and recently snagged a $73.6 million Series B funding from investors like Jeff Bezos, is going to start selling ads, the company told ADWEEK. Perplexity uses AI to answer users' questions, based on web sources. It incorporates videos and images in the response and even data from partners like Yelp. Perplexity also links sources in the response while suggesting related questions users might want to ask.

These related questions, which account for 40% of Perplexity's queries, are where the company will start introducing native ads, by letting brands influence these questions, said company chief business officer Dmitry Shevelenko. When a user delves deeper into a topic, the AI search engine might offer organic and brand-sponsored questions. Perplexity will launch this in the upcoming quarters, but Shevelenko declined to disclose more specifics. While Perplexity touts on its site that search should be "free from the influence of advertising-driven models," advertising was always in the cards for the company. "Advertising was always part of how we're going to build a great business," said Shevelenko.

Poland has fined Amazon close to $8 million for misleading consumers about the conclusion of sales contracts on its online marketplace. The sanction "also calls out the e-commerce giant for deceptive design elements which may inject a false sense of urgency into the purchasing process and mislead shoppers about elements like product availability and delivery dates," reports TechCrunch. From the report: The country's consumer and competition watchdog, the UOKiK, has been looking into complaints about Amazon's sales practices since September 2021, following complaints from shoppers, including some who did not receive their purchases. The authority opened a formal investigation into Amazon's practices in February 2023. Wednesday's sanction is the conclusion of that probe. The UOKiK found consumers who ordered products on Amazon could have their purchases subsequently cancelled by the tech giant as it does not treat the moment of purchase as the conclusion of a sales contract, despite sending consumers confirmation of their order -- even after consumers have paid for the product. For Amazon, the conclusion of a sales contract only occurs once it has sent information about the actual shipment. [...]

Its enforcement also calls out Amazon for using deceptive design to encourage shoppers to click buy by presenting misleading information about product availability and delivery windows -- such as by listing how many items were in stock to be purchased and providing a countdown clock to order an item in order to get it on a particular delivery date. Its investigation found Amazon does not always meet these deadlines for orders, nor ship products immediately as they may be out of stock despite claims to the contrary shown to consumers. "Amazon treats the data it provides on availability and shipping date as indicative but the way it is presented does not indicate this," the UOKiK noted, adding: "Consumers can only find out about this in the terms of sale on the platform."

While Amazon does offer a delivery guarantee -- offering a refund if items do not ship within the stated time -- the authority found it failed to provide consumers with information about the rules of this service before placing an order. It only offers details at the order summary stage. And then only "if the consumer decides to read the subsequent links specifying delivery details." Shoppers who did not follow the link to read more may not have been aware of their right to apply for and receive a refund from Amazon if there is a delay in shipment. It also found the e-commerce giant failed to provide information about the "Delivery Guarantee" in the purchase confirmation sent to shoppers. Amazon said it will appeal the fine. The company also writes: "Fast and reliable delivery across a wide selection of products is a top priority for us, and Amazon.pl has millions of items available with fast and free Prime delivery. Since launching Amazon.pl in 2021, we have continuously invested and worked hard to provide customers with a clear, reliable delivery promise at check out, and while the vast majority of our deliveries arrive on time, customers can contact us in the rare event that they experience a delay or order cancellation, and we will make it right.

Over the last year, we have collaborated with the Office of Competition and Consumer Protection (UOKiK), and proposed multiple voluntary amendments to continue to improve the customer experience on Amazon.pl. We strictly follow legal standards in all countries where we operate and we strongly disagree with the assessment and penalty issued by the UOKiK. We will appeal this decision."

"If you've ever jokingly wondered if your search or viewing history is going to 'put you on some kind of list,' your concern may be more than warranted," writes Mashable : In now unsealed court documents reviewed by Forbes, Google was ordered to hand over the names, addresses, telephone numbers, and user activity of Youtube accounts and IP addresses that watched select YouTube videos, part of a larger criminal investigation by federal investigators.

The videos were sent by undercover police to a suspected cryptocurrency launderer... In conversations with the bitcoin trader, investigators sent links to public YouTube tutorials on mapping via drones and augmented reality software, Forbes details. The videos were watched more than 30,000 times, presumably by thousands of users unrelated to the case. YouTube's parent company Google was ordered by federal investigators to quietly hand over all such viewer data for the period of Jan. 1 to Jan. 8, 2023...
"According to documents viewed by Forbes, a court granted the government's request for the information," writes PC Magazine, adding that Google was asked "to not publicize the request." The requests are raising alarms for privacy experts who say the requests are unconstitutional and are "transforming search warrants into digital dragnets" by potentially targeting individuals who are not associated with a crime based simply on what they may have watched online.
That quote came from Albert Fox-Cahn, executive director at the Surveillance Technology Oversight Project, who elaborates in Forbes' article. "No one should fear a knock at the door from police simply because of what the YouTube algorithm serves up. I'm horrified that the courts are allowing this."

Thanks to long-time Slashdot reader schwit1 for sharing the article.

An anonymous reader shared this report from The Register: Chinese spies exploited a couple of critical-severity bugs in F5 and ConnectWise equipment earlier this year to sell access to compromised U.S. defense organizations, UK government agencies, and hundreds of other entities, according to Mandiant.

The Google-owned threat hunters said they assess, "with moderate confidence," that a crew they track as UNC5174 was behind the exploitation of CVE-2023-46747, a 9.8-out-of-10-CVSS-rated remote code execution bug in the F5 BIG-IP Traffic Management User Interface, and CVE-2024-1709, a path traversal flaw in ConnectWise ScreenConnect that scored a perfect 10 out of 10 CVSS severity rating.

UNC5174 uses the online persona Uteus, and has bragged about its links to China's Ministry of State Security (MSS) — boasts that may well be true. The gang focuses on gaining initial access into victim organizations and then reselling access to valuable targets... Just last month, Mandiant noticed the same combination of tools, believed to be unique to this particular Chinese gang, being used to exploit the ConnectWise flaw and compromise "hundreds" or entities, mostly in the U.S. and Canada. Also between October 2023 and February 2024, UNC5174 exploited CVE-2023-22518 in Atlassian Confluence, CVE-2022-0185 in Linux kernels, and CVE-2022-3052, a Zyxel Firewall OS command injection vulnerability, according to Mandiant.

These campaigns included "extensive reconnaissance, web application fuzzing, and aggressive scanning for vulnerabilities on internet-facing systems belonging to prominent universities in the U.S., Oceania, and Hong Kong regions," the threat intel team noted.
More details from The Record. "One of the strangest things the researchers found was that UNC5174 would create backdoors into compromised systems and then patch the vulnerability they used to break in. Mandiant said it believes this was an 'attempt to limit subsequent exploitation of the system by additional unrelated threat actors attempting to access the appliance.'"

Apple has launched a new "Documentation" page to its website that provides links to user guides, repair manuals, tech specs, software downloads, and more for a variety of its products. MacRumors reports: Some of this information was previously found across separate pages on Apple's website, and it has now been combined in one place for convenient access. The page includes categories for the Mac, iPhone, iPad, iPod, Vision Pro, Apple Watch, Apple TV, AirPods, HomePod, displays like the Studio Display and Pro Display XDR, accessories like the Apple Pencil and Magic Keyboard, and software. There is also a search tool on the page that provides links to support documents and other relevant information based on the keywords entered.

Motorola's 2024 Moto G Power impresses with its soft-touch back and contoured edges at a $300 price point, despite an underwhelming camera and LCD panel. Except one thing: the bloatware. The Verge: Scroll through the app drawer and you'll see a handful of automatically downloaded "folders." They are not folders; they are apps. I first encountered them on last year's Moto G Stylus 5G, and I hate them very much. There are three main offenders -- Shopping, Entertainment, and GamesHub -- and each of these apps acts as a little hub. Icons for apps that you have legitimately downloaded will appear in the corresponding "folder." You'll also find tons of other suggested apps to download -- pages and pages of them! Apps as far as the eye can see!

Dismissing the suggested apps section replaces it with a "Discover" section. In the shopping app, it invites you to "Unlock the power of shopping" with links to buy stuff like kitschy Easter decor from TJ Maxx. Mercifully, there's a toggle to hide this section. These apps are all made by a company called Swish, and you can't opt out of downloading any of them during the setup process. You can (and should!) opt out of downloading a third-party lock screen from a different service called Glance. The more I dig into the software on this phone, the more I hate it. The preinstalled weather app is festooned with ads and even more suggested apps, plus pithy insights like "Gotta love air conditioning at these high levels of humidity." If you tap the option to remove ads, a pop-up asks you to pay $4 for 1Weather Pro.

Epic Games, which makes the popular video game "Fortnite," on Wednesday accused Apple of violating an injunction governing its lucrative App Store, and asked a U.S. judge to hold Apple in contempt and end its "sham" compliance. From a report: A September 2021 injunction by U.S. District Judge Yvonne Gonzalez Rogers in Oakland, California, let developers provide links and buttons that direct consumers to other means to pay for digital content.

In a filing with the California court, Epic alleged that Apple is in "blatant violation" of that injunction, despite the Cupertino, California-based company's assurance in a Jan. 16 court notice that it had "fully complied." Epic said Apple has imposed new rules and a new 27% fee on developers for some purchases, which taken together make the links "commercially unusable." The Cary, North Carolina-based developer also said Apple continues to "categorically prohibit" buttons, and still forbids some apps from telling users they have other purchasing options.

Jess Weatherbed reports via The Verge: Midjourney says it has banned Stability AI staffers from using its service, accusing employees at the rival generative AI company of causing a systems outage earlier this month during an attempt to scrape Midjourney's data. Midjourney posted an update to its Discord server on March 2nd that acknowledged an extended server outage was preventing generated images from appearing in user galleries. In a summary of a business update call on March 6th, Midjourney claimed that "botnet-like activity from paid accounts" -- which the company specifically links to Stability AI employees -- was behind the outage.

According to Midjourney user Nick St. Pierre on X, who listened to the call, Midjourney said that the service was brought down because "someone at Stability AI was trying to grab all the prompt and image pairs in the middle of a night on Saturday." St. Pierre said that Midjourney had linked multiple paid accounts to an individual on the Stability AI data team. In its summary of the business update call on March 6th (which Midjourney refers to as "office hours"), the company says it's banning all Stability AI employees from using its service "indefinitely" in response to the outage. Midjourney is also introducing a new policy that will similarly ban employees of any company that exercises "aggressive automation" or causes outages to the service.

St. Pierre flagged the accusations to Stability AI CEO Emad Mostaque, who replied on X, saying he was investigating the situation and that Stability hadn't ordered the actions in question. "Very confusing how 2 accounts would do this team also hasn't been scraping as we have been using synthetic & other data given SD3 outperforms all other models," said Mostaque, referring to the Stable Diffusion 3 AI model currently in preview. He claimed that if the outage was caused by a Stability employee, then it was unintentional and "obviously not a DDoS attack." Midjourney founder David Holz responded to Mostaque in the same thread, claiming to have sent him "some information" to help with his internal investigation.