 Germany on Monday opened an investigation against Apple over anti-competition practices, making the iPhone maker the fourth US tech giant to be hit by such probes. The antitrust authority had in recent weeks opened similar investigations against Amazon, Google, and Facebook under a new law that took effect in January giving regulators more powers to rein in big tech companies. The watchdog said it has initiated the first stage of the probe to determine if Apple has "cross-market significance". "An ecosystem extending across different markets can be one indication of such a position held by a company," said the authority. "Such positions of power can make it very hard for other companies to counter it." Andreas Mundt, who heads the Federal Cartel Office, said his service will look at whether Apple has established such a digital ecosystem across several markets around the iPhone with its proprietary operating system iOS. "A key focus of the investigation will be the operation of the App Store because in many cases, it empowers Apple to have an influence on the business activities of third parties," he added. An Apple spokesperson underlined the company's contribution to the employment market in Germany, saying its iOS app economy supported 250,000 jobs. "We look forward to discussing our approach with the FCO and having an open dialogue about any of their concerns," said the spokesperson in a statement. Following the first stage of the probe, the cartel office said it might then look at other specific issues after it received complaints from "several companies against potential anti-competitive practices." This included a complaint against the company's alleged tracking restrictions of users in connection with the introduction of the iOS 14.5 operating system. It added that complaints had also been filed by app developers disputing the usage of Apple's system for in-app purchases. Germany's tougher stance against the digital giants came after new EU draft legislation unveiled in December aimed at curbing the power of the internet behemoths that could shake up the way Silicon Valley can operate in the 27-nation bloc. The push to tighten legislation comes as big tech companies are facing increasing pressure around the globe, including in the United States, where Google and Facebook are facing antitrust suits. Besides looking at the reach of the companies, scrutiny often extends to privacy issues. In its investigation targeting Google, for instance, the German cartel office said it was examining if consumers who wish to use the search engine giant's services "have sufficient choice as to how Google will use their data". The multinationals are also facing a crackdown from Western governments seeking to claw back taxes which they fear had been channeled unfairly into tax havens. Germany and France have joined calls from the United States to impose a global minimum corporate tax of at least 15 percent, a move that targets multinationals like Amazon and Google. Follow this thread on OUR FORUM.  A weakness in the algorithm used to encrypt cellphone data in the 1990s and 2000s allowed hackers to spy on some internet traffic, according to a new research paper. The paper has sent shockwaves through the encryption community because of what it implies: The researchers believe that the mathematical probability of the weakness being introduced on accident is extremely low. Thus, they speculate that a weakness was intentionally put into the algorithm. After the paper was published, the group that designed the algorithm confirmed this was the case. Researchers from several universities in Europe found that the encryption algorithm GEA-1, which was used in cellphones when the industry adopted GPRS standards in 2G networks, was intentionally designed to include a weakness that at least one cryptography expert sees as a backdoor. The researchers said they obtained two encryption algorithms, GEA-1 and GEA-2, which are proprietary and thus not public, "from a source." They then analyzed them and realized they were vulnerable to attacks that allowed for decryption of all traffic. When trying to reverse-engineer the algorithm, the researchers wrote that (to simplify), they tried to design a similar encryption algorithm using a random number generator often used in cryptography and never came close to creating an encryption scheme as weak as the one actually used: "In a million tries we never even got close to such a weak instance," they wrote. "This implies that the weakness in GEA-1 is unlikely to occur by chance, indicating that the security level of 40 bits is due to export regulations."Researchers dubbed the attack "divide-and-conquer," and said it was "rather straightforward." In short, the attack allows someone who can intercept cellphone data traffic to recover the key used to encrypt the data and then decrypt all traffic. The weakness in GEA-1, the oldest algorithm developed in 1998, is that it provides only 40-bit security. That's what allows an attacker to get the key and decrypt all traffic, according to the researchers.A spokesperson for the organization that designed the GEA-1 algorithm, the European Telecommunications Standards Institute (ETSI), admitted that the algorithm contained a weakness, but said it was introduced because the export regulations at the time did not allow for stronger encryption."We followed regulations: we followed export control regulations that limited the strength of GEA-1," a spokesperson for ETSI told Motherboard in an email.Håvard Raddum, one of the researchers who worked on the paper, summed up the implications of this decision in an email to Motherboard. Raddum and his colleagues found that GEA-1's successor, GEA-2 did not contain the same weakness. In fact, the ETSI spokesperson said that when they introduced GEA-2 the export controls had been eased. Still, the researchers were able to decrypt traffic protected by GEA-2 as well with a more technical attack, and concluded that GEA-2 "does not offer a high enough security level for today's standards," as they wrote in their paper. Lukasz Olejnik, an independent cybersecurity researcher and consultant who holds a computer science PhD from INRIA, told Motherboard that "this technical analysis is sound, and the conclusions as to the intentional weakening of the algorithm rather serious." The good news is that GEA-1 and GEA-2 are not widely used anymore after cellphone providers adopted new standards for 3G and 4G networks. The bad news is that even though ETSI prohibited network operators from using GEA-1 in 2013, the researchers say that both GEA-1 and GEA-2 persist to this day because GPRS is still used as a fallback in certain countries and networks. "In most countries, [the risk is] not very high, and significantly lower risk than at the start of the 2000’s since GEA-3 and GEA-4 are used today," Raddum said. "But handsets still support GEA-1. Scenarios where a mobile phone today can be tricked into using GEA-1 exist." You can always get better informed when yu visit OUR FORUM.
 Facebook will soon begin testing ads inside its Oculus Quest virtual reality system. In the coming weeks, ads will start appearing inside the Resolution Games title Blaston as well as two other unnamed apps. Facebook will later expand the system based on user feedback, saying it aims to create a “self-sustaining platform” for VR development. Facebook introduced ads on the Oculus mobile app last month, and it’s used limited Oculus data to target Facebook advertising since 2019, but this is its first major foray into putting ads inside the Oculus VR platform itself. “Once we see how this test goes and incorporate feedback from developers and the community, we’ll provide more details on when ads may become more broadly available across the Oculus platform and in the Oculus mobile app,” the company said in a blog post. As on Facebook’s non-VR apps, you can block specific posts or companies from appearing in ad slots. And Facebook says it’s not changing how it collects or analyzes user information. It says that some of the most sensitive data — like raw images from Oculus headset cameras and weight or height information from Oculus Move fitness tracking — remains solely on users’ devices. Also, Facebook says it has “no plans” to target ads based on movement data or recordings from its voice assistant. A Facebook spokesperson says the system will use information from your Facebook profile, as well as “whether you’ve viewed content, installed, activated, or subscribed to an Oculus app, added an app to your cart or wishlist, if you’ve initiated checkout or purchased an app on the Oculus platform, and lastly, whether you’ve viewed, hovered, saved, or clicked on an ad within a third-party app.” As shown above, users can click an ad and either open it or save the link for later. The former option will launch a landing page in the Oculus Quest’s web browser, and the latter will save the ad in the Quest in-VR experience and Oculus mobile app’s Explore sections. Developers will get a share of the revenue from ads in their apps, but Facebook isn’t publicly revealing the percentage. Facebook is leaving its future roadmap open-ended. The spokesperson says Facebook hasn’t determined, for instance, whether ads could eventually appear inside your Oculus Home experience. Facebook also isn’t yet identifying the other apps using advertisements, although it will list additional names in the coming weeks. The first ads look like standard boxes inside game interfaces, but Facebook’s blog post says it’s exploring other options as well. “We’re currently investing in unobtrusive ads as a new way for developers to build businesses — and though we’re not quite ready to test them yet, we’re also exploring new ad formats that are unique to VR,” it says. VR has arguably been an advertising medium for years, with countless film and TV promotional tie-ins as well as novelty experiences from companies like McDonald’s and Ikea. But ad-supported VR apps are using a different model that more closely resembles that of the mobile and web ecosystem. Letting developers integrate advertising could create a greater incentive to work within Facebook’s official ecosystem rather than distributing through sideloading options like SideQuest. Facebook says ads are part of an attempt to figure out profitable business options in the growing but often difficult field of VR app development. “This is a key part of ensuring we’re creating a self-sustaining platform that can support a variety of business models that unlock new types of content and audiences. It also helps us continue to make innovative AR/VR hardware more accessible to more people,” says the blog post. Facebook currently dominates consumer VR with its Oculus Quest 2 headset — which, at $299, is one of the cheapest options on the market. It’s also acquired the studios behind several major VR games, including rhythm game Beat Saber and the battle royale title Population: One. While it may face renewed competition from a second-generation Sony PlayStation VR headset next year, at least one VR company has retreated from consumer hardware in part because of Facebook’s influence: Vive creator HTC, which has called Facebook’s low-cost consumer headsets “artificially subsidized” by the company’s advertising-focused business model. Vists OUR FORUM for more. |
Latest Articles
|