Lenovo has a convertable T series laptop – with mouse dot

Posted on by

[…] The ThinkPad T14s 2-in-1 is by far the most interesting of the bunch, with a new convertible body that’s similar to Lenovo’s Yoga laptops, and supports the magnetic Yoga Pen stylus. The laptop comes with up to a 14-inch, 400-nit WUXGA touch display, and inside, you can get up to a Intel Core Ultra 7 H or U 200 series chip, 64GB of LPDDR5x RAM and 1TB of storage. If you’re looking for an option without a 360-degree hinge, the ThinkPad T14s Gen 6 and ThinkPad T14 Gen 6 will also now come with either Intel Core Ultra or AMD Ryzen AI Pro chips, up to 32GB of RAM and up to 2TB of storage.

The lightweight ThinkPad X13 Gen 6.
Lenovo

Lenovo describes the new ThinkPad X13 Gen 6 as “one of the lightest ThinkPad designs ever,” at only 2.05 lbs, but that light weight doesn’t mean the laptop misses out on the latest internals. The X13 Gen 6 comes with either a Intel Core Ultra or AMD Ryzen AI Pro chip, up to 64GB of LPDDR5x RAM and your choice of a 41Wh or 54.7Wh battery. The new ThinkPad can also support Wi-Fi 7 and an optional 5G connection, if you want to take it on the go.

[…]

Source: Lenovo is updating its ThinkPad lineup with new chips and form factors at MWC 2025

The Lenovo Solar PC Concept feels like a device whose time has come

Posted on by

You might be surprised to learn that the first laptop with built-in solar panels is nearly 15 years old. But to me, the bigger shock is that with all the recent advancements in photovoltaic cells, manufacturers haven’t revisited this idea more often. But at MWC 2025, Lenovo is changing that with its Yoga Solar PC Concept.

Weighing 2.6 pounds and measuring less than 0.6 inches thick, the Yoga Solar PC Concept is essentially the same size as a standard 14-inch clamshell. And because its underlying design isn’t all that different from Lenovo’s standard Yoga family, it doesn’t skimp on specs either. It features an OLED display, up to 32GB of RAM, a decent-sized 50.2 WHr battery and even a 2MP IR webcam for use with Windows Hello.

However, all those components aren’t nearly as important as the solar cells embedded in its lid. Lenovo says the panels use Back Contact Cell technology so that its mounting brackets and gridlines can be placed on the rear of the cells. This allows the panels to offer up to 24 percent solar energy conversion, which is pretty good as that matches the efficiency you get from many high-end home solar systems. Furthermore, the PC also supports Dynamic Solar Tracking to automatically adjust the cells’ settings to maximize the amount of energy they can gather.

Lenovo says this means the Yoga Solar PC can generate enough juice to play an hour of videos after only 20 minutes in the sun. But what might be more impressive is that even when the laptop is indoors, it can still harvest power from as little as 0.3 watts of light to help top off its battery. Finally, to help you understand how much power it’s gathering, Lenovo created a bespoke app to track how much light the panels absorb.

Unfortunately, Lenovo doesn’t have any plans to turn this concept into a full commercial device

[…]

Source: The Lenovo Solar PC Concept feels like a device whose time has come

PeerAuth – easy way to authenticate a real person

Posted on by

Machine learning has become more and more powerful, to the point where a bad actor can take a photo and a voice recording of someone you know, and forge a complete video recording. See the “OmniHuman-1” model developed by ByteDance:

 

Bad actors can now digitally impersonate someone you love, and trick you into doing things like paying a ransom.

To mitigate that risk, I have developed this simple solution where you can setup a unique time-based one-time passcode (TOTP) between any pair of persons.

This is how it works:

  1. Two people, Person A and Person B, sit in front of the same computer and open this page;
  2. They input their respective names (e.g. Alice and Bob) onto the same page, and click “Generate”;
  3. The page will generate two TOTP QR codes, one for Alice and one for Bob;
  4. Alice and Bob scan the respective QR code into a TOTP mobile app (such as Authy or Google Authenticator) on their respective mobile phones;
  5. In the future, when Alice speaks with Bob over the phone or over video call, and wants to verify the identity of Bob, Alice asks Bob to provide the 6-digit TOTP code from the mobile app. If the code matches what Alice has on her own phone, then Alice has more confidence that she is speaking with the real Bob.

Note that this depends on both Alice’s and Bob’s phones being secure. If somebody steals Bob’s phone and manages to bypass the fingerprint or PIN or facial recognition of Bob’s phone, then all bets are off.

Discussion on Hacker News

Source code of this page on GitHub

Source: PeerAuth

Blue Ghost, a Private U.S. Spacecraft, Successfully Lands on the Moon

Posted on by

Blue Ghost, a NASA-funded lunar lander built and operated by the private U.S. company Firefly Aerospace, has successfully touched down on the moon.

After 45 days in space—and a pulse-pounding semi-autonomous hour-long descent to its landing site—at 3:35 A.M. EST three of the boxy, car-sized spacecraft’s four footpad-tipped legs crunched into the surface of Mare Crisium, a vast and ancient impact basin filled with frozen lava on the moon’s northeastern near side. This marks the second time the U.S. has soft-landed on the moon since the crewed Apollo 17 mission of 1972; the first occurred just over a year ago when another robotic commercial mission, the Odysseus lander from the company Intuitive Machines, made moonfall lopsided but intact in a crater near the lunar south pole.

[…]

Now that it’s on the moon, Blue Ghost is set to spend about two weeks performing a series of scientific and technological studies using a suite of ten experiments provided by NASA as part of the space agency’s Commercial Lunar Payload Services (CLPS) public-private partnership initiative. CLPS is NASA’s effort to save costs by enlisting more than a dozen U.S. firms to ferry cargo and science experiments to the moon, and is tied to the space agency’s ambitious Artemis program meant to return astronauts there later this decade.

[…]

The initiative has funded all three U.S. commercial lunar landing attempts to date, having earmarked up to $2.8 billion for missions through 2028. And its next installment—Intuitive Machines’s Athena lander—is already enroute. Scheduled for a March 6 landing, Athena will target the flat-topped lunar mountain of Mons Mouton just 160 kilometers from the lunar south pole, where it’s planned to function for about ten days.

If all goes well, on March 14 both Blue Ghost and Athena will witness a lunar eclipse as Earth’s shadow briefly passes across the moon. Two days after that, the lunar night will fall, plunging the surface into two weeks of darkness and cold to which both landers will likely succumb.

In the meantime, yet another commercial lunar lander—Resilience, built by the Japanese company ispace—will be preparing for its own appointment with destiny, a landing projected for May at a site called Mare Frigoris in the moon’s far north. This would be ispace’s second lunar landing attempt, after its first mission crashed in 2023.

Resilience, also called HAKUTO-R Mission 2, launched to the moon alongside Blue Ghost on a SpaceX Falcon 9 rocket in late February. But unlike other landers the Japanese mission is taking a more leisurely, fuel-saving trajectory to reach its lunar destination. Tallying in Blue Ghost as well, the trio of spacecraft marked the first time in history that three landers were simultaneously bound for the moon.

Deep, Dusty Science—Plus a Lunar Sunset

Blue Ghost’s ten NASA payloads include an experiment to gather and analyze samples of lunar soil, investigations of how hazardous moon dust sticks to—and can be cleared from—various materials, a camera to study space weather and another to monitor the dust kicked-up by the spacecraft’s landing, and more. A retroreflector carried onboard will serve as a target for lasers beamed from Earth, allowing determination of the Earth-moon distance to sub-millimeter precision. And another instrument will seek to detect and use GPS signals from Earth-orbiting satellites as a proof-of-principle for future lunar navigation.

The lander’s farthest-reaching experiments, however, may be those that study the moon’s innards to illuminate new chapters of its 4.5-billion-year-history. According to NASA scientists, Mare Crisium is a region that may be more representative of the moon’s average composition than any site studied by the Apollo astronauts.

One of these inward-looking instruments, dubbed LISTER (short for Lunar Instrumentation for Subsurface Thermal Exploration with Rapidity), is a drill capable of reaching a record-setting 3 meters beneath the lunar surface to measure heat flowing up from within—deep enough to give scientists a better idea of how exactly the moon cooled from a ball of molten rock to the cold, inert world we know today. Another, called the Lunar Magnetotelluric Sounder (LMS), will place electrodes across a roughly 700-square-meter swath of terrain. Its measurements of subtle electric and magnetic currents coursing through the moon can probe more than a thousand kilometers into the interior—two-thirds of the way to the lunar center. Scientists hope that the fresh view of our satellite’s inner composition and structure may also shed light on the deep evolution of other rocky worlds such as Venus, Mars and even Earth.

Blue Ghost can endure the frigid lunar night for several hours, but its most poignant final feat on the moon is planned to occur before night falls, during the lunar sunset. Twilight unfolds slowly on the moon, and as the sun slips behind the lunar limb, its light scatters off dust lofted by electrostatic charges and micrometeoroid impacts in the near-vacuum conditions. This creates something called lunar horizon glow, a phenomenon most notably observed by NASA astronaut Eugene Cernan during Apollo 17, the final mission of the Apollo program. Before it passes into darkness, Blue Ghost will beam its high-definition view of the glow back to Earth, offering a fleeting glimpse of this beautiful and rarely seen lunar wonder.

Source: Blue Ghost, a Private U.S. Spacecraft, Successfully Lands on the Moon | Scientific American

27-Year-Old VB4 EXE turned into Python in minutes (with Claude) – AI-Assisted reverse engineering

Posted on by

Reddit post detailing how someone took a 27-year-old visual basic EXE file, fed it to Claude 3.7, and watched as it reverse-engineered the program and rewrote it in Python.

It was an old Visual Basic 4 program they had written in 1997. Running a VB4 exe in 2024 can be a real yak-shaving compatibility nightmare, chasing down outdated DLLs and messy workarounds. So! OP decided to upload the exe to Claude 3.7 with this request:

“Can you tell me how to get this file running? It’d be nice to convert it to Python.”

Claude 3.7 analyzed the binary, extracted the VB ‘tokens’ (VB is not a fully-machine-code-compiled language which makes this task a lot easier than something from C/C++), identified UI elements, and even extracted sound files. Then, it generated a complete Python equivalent using Pygame.

According to the author, the code worked on the first try and the entire process took less than five minutes – they link to the LLM chat log for proof.

Totally makes sense that this would work, this seems like the first public/viral example of uploading an EXE like this though – we never even thought of doing such a thing!

Old business applications and games could be modernized without needing the original source code (is Delphi also semi-compiled?). Tools like Claude might make decompilation and software archaeology a lot easier: proprietary binaries from dead platforms could get a new life in open-source too…

Archive.org could add a LLM to do this on the fly… interesting times! – Link.

Source: 27-Year-Old EXE becomes Python in minutes (with Claude) – AI-Assisted reverse engineering « Adafruit Industries – Makers, hackers, artists, designers and engineers!

A Nasal Spray for Concussions Shows Early Promise

Posted on by

The best treatment for a hard knock on the head might someday involve a quick sniff of a nasal spray. Researchers have found early evidence in mice that an antibody-based treatment delivered up the nose can reduce the brain damage caused by concussions and more serious traumatic injuries.

Scientists at Mass General Brigham conducted the study, published Thursday in Nature Neuroscience. In brain-injured mice, the experimental spray appeared to improve the brain’s natural acute healing process while also reducing damaging inflammation later on. The findings could lead to a genuine prophylactic against the long-term impacts of traumatic brain injuries and other conditions like stroke, the researchers say.

[…]

Foralumab, developed by the company Tiziana Life Sciences, targets a specific group of proteins that interact with the brain’s immune cells, called CD3. This suppression of CD3, the team’s earlier work has suggested, increases the activity of certain immune cells known as regulatory T cells (Treg). As the name implies, these cells help regulate the brain’s immune response to make sure it doesn’t go haywire.

[…]

n their latest mice study, the researchers found that foralumab—via the increased activity of Treg cells—improved aspects of the brain’s immediate healing from a traumatic injury. The dosed mice’s microglia (the brain’s unique first line of immune defense) became better at eating and cleaning up after damaged cells, for instance. Afterward, the drug also appeared to prevent microglia from becoming chronically inflamed, As a result, relative to mice in a control group, mice treated with foralumab up to three days post-injury experienced greater improvements in their motor function and coordination.

[…]

Source: A Nasal Spray for Concussions Shows Early Promise

This Gesture Sensor Is Precise, Cheap, Well-Hidden

Posted on by

In today’s “futuristic tech you can get for $5”, [RealCorebb] shows us a gesture sensor, one of the sci-fi kind. He was doing a desktop clock build, and wanted to add gesture control to it – without any holes that a typical optical sensor needs. After some searching, he’s found Microchip’s MGC3130, a gesture sensing chip that works with “E-fields”, more precise than the usual ones, almost as cheap, and with a lovely twist.

The coolest part about this chip is that it needs no case openings. The 3130 can work even behind obstructions like a 3D-printed case. You do need a PCB the size of a laptop touchpad, however — unlike the optical sensors easy to find from the usual online marketplaces. Still, if you have a spot, this is a perfect gesture-sensing solution. [RealCorebb] shows it off to us in the demo video.

This PCB design is available as gerbers+bom+schematic PDF. You can still order one from the files in the repo.  Also, you need to use Microchip’s tools to program your preferred gestures into the chip. Still, it pays off, thanks to the chip’s reasonably low price and on-chip gesture processing. And, [RealCorebb] provides all the explanations you could need, has Arduino examples for us, links all the software, and even provides some Python scripts! Touch-sensitive technology has been getting more and more steam in hacker circles – for instance, check out this open-source 3D-printed trackpad.

 

Source: This Gesture Sensor Is Precise, Cheap, Well-Hidden

Mozilla updates updated TOS for Firefox and is now more confusing but does not look private

Posted on by

On Wednesday we shared that we’re introducing a new Terms of Use (TOU) and Privacy Notice for Firefox. Since then, we’ve been listening to some of our community’s concerns with parts of the TOU, specifically about licensing. Our intent was just to be as clear as possible about how we make Firefox work, but in doing so we also created some confusion and concern. With that in mind, we’re updating the language to more clearly reflect the limited scope of how Mozilla interacts with user data.

Here’s what the new language will say:

You give Mozilla the rights necessary to operate Firefox. This includes processing your data as we describe in the Firefox Privacy Notice. It also includes a nonexclusive, royalty-free, worldwide license for the purpose of doing as you request with the content you input in Firefox. This does not give Mozilla any ownership in that content. 

In addition, we’ve removed the reference to the Acceptable Use Policy because it seems to be causing more confusion than clarity.

Privacy FAQ

We also updated our Privacy FAQ to better address legal minutia around terms like “sells.” While we’re not reverting the FAQ, we want to provide more detail about why we made the change in the first place.

TL;DR Mozilla doesn’t sell data about you (in the way that most people think about “selling data”), and we don’t buy data about you. We changed our language because some jurisdictions define “sell” more broadly than most people would usually understand that word. Firefox has built-in privacy and security features, plus options that let you fine-tune your data settings.

 

 

The reason we’ve stepped away from making blanket claims that “We never sell your data” is because, in some places, the LEGAL definition of “sale of data” is broad and evolving. As an example, the California Consumer Privacy Act (CCPA) defines “sale” as the “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by [a] business to another business or a third party” in exchange for “monetary” or “other valuable consideration.”

[…]

Source: An update on our Terms of Use

So this legal definition rhymes with what I would expect “sell” to mean. Don’t transfer my data to a third party – even better, don’t collect my data at all.

It’s a shame, as Firefox is my preferred browser, it’s not based on Google’s browser. So I am looking at the Zen browser and the Floorp browser now.

Microsoft begins turning off uBlock Origin and other extensions in Edge

Posted on by

If you use the uBlock Origin extension in Google Chrome or Edge, you should probably start looking for alternative browsers or extensions—either way. A few days ago, users noticed that Google had begun disabling uBlock Origin and other Manifest V2-based extensions as part of the migration to Manifest V3. Now, Microsoft Edge appears to be following suit.

The latest Edge Canary version started disabling Manifest V2-based extensions with the following message: “This extension is no longer supported. Microsoft Edge recommends that you remove it.” Although the browser turns off old extensions without asking, you can still make them work by clicking “Manage extension” and toggling it back (you will have to acknowledge another prompt).

uBlock Origin was turned off message in Edge

At this point, it is not entirely clear what is going on. Google started phasing out Manifest V2 extensions in June 2024, and it has a clear roadmap for the process. Microsoft’s documentation, however, still says “TBD,” so the exact dates are not known yet. This leads to some speculating about the situation being one of “unexpected changes” coming from Chromium. Either way, sooner or later, Microsoft will ditch MV2-based extensions, so get ready as we wait for Microsoft to shine some light on its plans.

Another thing worth noting is that the change does not appear to be affecting Edge’s stable release or Beta/Dev Channels. For now, only Canary versions disable uBlock Origin and other MV2 extensions, leaving users a way to toggle them back on.

[…]

Source: Microsoft begins turning off uBlock Origin and other extensions in Edge – Neowin

e-taste allows you to send flavours in VR

Posted on by

[…] This work reports a bio-integrated gustatory interface, “e-Taste,” to address the underrepresented chemical dimension in current VR/AR technologies. This system facilitates remote perception and replication of taste sensations through the coupling of physically separated sensors and actuators with wireless communication modules. By using chemicals representing five basic tastes

[…]

Gustation, an essential component of the human perceptual system, plays a key role in the overall sensory experience and flavor perception. However, the integration of gustation is currently limited or missing in most AR/VR experiences. […]

The actuator uses an EM minipump to deliver concentration-controlled tastant solutions into the oral cavity. Figure 2AOpens in image viewer shows schematic illustration of the EM actuator consisting of a microfluidic channel and a minipump that includes a polydimethylsiloxane (PDMS) liquid chamber, NdFeB permanent magnets, and a coil placed perpendicular to the magnet (32). The design details and fabrication process of the EM actuator are in figs. S2 and S3. The outlet of the liquid chamber connects to the refillable microfluidic channel embedded with tastant-infused gels (fig. S4). The equivalent circuit of the system appears on the right. A bipolar junction transistor (BJT) serves as an “on/off” switch through a pulse width modulation (PWM) base current received from an ESP32 chip microcontroller. The actuation system uses an NPN-type transistor (2N2222), within which electrons serve as the majority charge carriers.

[…]

Liquid flows through the channel during the “on” state and stops temporarily during the “off” state, allowing interaction with the hydrogels with tastants. Adjusting the duty cycle controls the time that the liquid takes to traverse the microfluidic channel, thereby regulating the concentrations of taste chemicals in the resulting solution. A larger interval time (t) between pulses corresponds to a longer period of the liquid contacting the gels, increasing the resulting concentration of tastants in the delivered solutions

[…]

the variations in concentrations of five taste-related chemicals (H+, Mg2+, Na+, glucose, and glutamate) in the resulting solutions

[…]

Field testing involves healthy, consenting volunteers instrumented with devices to examine the human perception dimension of the e-Taste system within envisioned application scenarios in the real world. In the first case, assisted by the e-Taste system, it becomes feasible for individuals to share the taste experience of food remotely (Fig. 5AOpens in image viewer). Figure 5BOpens in image viewer illustrates an example of transmitting the taste of beverage: When a person immerses the sensor patch in a cup of lemonade near the Golden Gate Bridge (San Francisco, CA, USA), the system uploads the captured concentration data to the IoT platform. The actuator located at the campus of The Ohio State University (Columbus, OH, United States) subsequently downloads the data, guiding to replicate a liquid with the same taste profile. For the remote control and instruction, the entire duration includes the latency (0.3 and 1.4 s for the short- and long-range process, respectively; fig. S26), the sensor response time (~10 s), and an optional signal stabilization time after the response reaches the plateau.

[…]

The result confirms the high accuracy of the system in replicating taste sensations, effectively mimicking the sourness levels encountered in real-world scenarios.[…] demonstrates an accuracy rate of 70%, indicating that testers can distinguish different sour intensities in the liquids generated by the system. Increasing the training time and providing customized concentration categorization based on individual differences could potentially enhance the accuracy for future applications.

[…]

During the mixed taste recognition test, subjects interact with a multichannel e-Taste system in a “digital cup” geometry (movie S4). The experiment uses five food options: lemonade, cake, fried egg, fish soup, and coffee.

[…]

the recognition outcomes when users taste replicated solutions (sample size: 6, accuracy: 86.7%)

[…]

 

Source: A sensor-actuator–coupled gustatory interface chemically connecting virtual and real environments for remote tasting | Science Advances

Payday from hell as several Brit banks report major outages

Posted on by

The UK is full of unhappy workers that are unable to manage their payday cash amid online service outages at a host of major banks.

Downdetector indicates trouble at Lloyds Bank, Halifax, TSB, Nationwide, First Direct, Bank of Scotland, and Barclays, although the latter’s woes appear to have been resolved since the surge of complaints earlier today.

The same can’t be said for the others, however, which all continue to report glitches via their service status pages.

Across the board, the outages seem to be related to web and mobile banking, with the root cause unclear.

[…]

Unlike the other banks whose customers can’t access their online banking platforms, those who use Nationwide can still access their accounts and move money around seamlessly, provided the money is going into other Nationwide accounts under their control.

All affected customers are still able to use their debit and credit cards at ATMs and in shops.

The Financial Conduct Authority (FCA), the UK’s finance regulator, published a post-CrowdStrike report in October, saying it noticed an upward trend of third-party related outages hitting UK banks since the beginning of 2023.

[…]

Today’s outage comes weeks after Barclays suffered a weekend-long service wobble, that reportedly left at least one customer homeless as a result.

Source: Payday from hell as several Brit banks report major outages • The Register

Citigroup erroneously credited client account with $81tn in ‘near miss’ due to really atrocious UI

Posted on by
Citigroup credited a client’s account with $81tn when it meant to send only $280, an error that could hinder the bank’s attempt to persuade regulators that it has fixed long-standing operational issues.
The erroneous internal transfer, which occurred last April and has not been previously reported, was missed by both a payments employee and a second official assigned to check the transaction before it was approved to be processed at the start of business the following day.
A third employee detected a problem with the bank’s account balances, catching the payment 90 minutes after it was posted. The payment was reversed several hours later, according to an internal account of the event seen by the Financial Times and two people familiar with the event.
No funds left Citi, which disclosed the “near miss” to the Federal Reserve and Office of the Comptroller of the Currency, according to another person with knowledge of the matter.
[…]
A total of 10 near misses — incidents when a bank processes the wrong amount but is ultimately able to recover the funds — of $1bn or greater occurred at Citi last year, according to an internal report seen by the FT. The figure was down slightly from 13 the previous year. Citi declined to comment on this broader set of events.
Near misses do not need to be reported to regulators, meaning there is no comprehensive public data on how often these incidents occur across the sector. Several former regulators and bank risk managers said near misses of greater than $1bn were unusual across the US bank industry.
The series of near misses at Citi highlights how the Wall Street bank is struggling to repair its operational troubles nearly five years after it mistakenly sent $900mn to creditors engaged in a contentious battle over the debt of cosmetics group Revlon.
Citi’s mistaken Revlon payout led to the ousting of then-chief executive Michael Corbat, big fines and the imposition of regulatory consent orders requiring it to fix the issues.
[…]
Citi’s $81tn near miss in April was due to an input error and a back-up system with a cumbersome user interface, according to people familiar with the incident.
[…]
Citi’s technology team instructed the payments processing employee to manually input the transactions into a rarely used back-up screen. One quirk of the program was that the amount field came pre-populated with 15 zeros, which the person inputting a transaction needed to delete, something that did not happen.

Source: Citigroup erroneously credited client account with $81tn in ‘near miss’

Ultrathin films are revolutionizing electrical conductivity

Posted on by

What if your electronic devices could adapt on the fly to temperature, pressure, or impact? Thanks to a new breakthrough in downsizing quantum materials, that idea is becoming a reality.

In an article published this month in Applied Physics Express, a multi-institutional research team led by Osaka University announced that they have successfully synthesized an ultrathin vanadium dioxide film on a flexible substrate, in a way that preserves the film’s electrical properties.

Vanadium dioxide is well known in the scientific community for its ability to transition between conductor and insulator phases at nearly room temperature. This phase transition underpins smart and adaptable electronics that can adjust to their environment in real time. But there is a limit to how thin vanadium dioxide films can be, because making a material too small affects its ability to conduct or insulate electricity.

“Ordinarily, when a film is placed on a hard substrate, strong surface forces interfere with the atomic structure of the film and degrade its conductive properties,” explains Boyuan Yu, lead author of the study.

To overcome this limitation, the team prepared their films on two-dimensional hexagonal boron nitride (hBN) crystals; hBN is a highly stable soft material that does not have strong bonds with oxides and thus does not excessively strain the film or spoil its delicate structure.

“The results are truly surprising,” says Hidekazu Tanaka, senior author. “We find that by using this soft substrate, the material structure is very nearly unaffected.”

By performing precise spectroscopy measurements, the team was able to confirm that the phase transition temperature of their vanadium dioxide layers remained essentially unchanged, even at thicknesses as thin as 12 nm.

“This discovery significantly improves our ability to manipulate quantum materials in practical ways,” says Yu. “We have gained a new level of control over the transition process, which means we can now tailor these materials to specific applications like sensors and flexible electronics.”

Given that quantum materials like vanadium dioxide play a crucial role in the design of microsensors and devices, this discovery could pave the way for functional and adaptable electronics that can be attached anywhere. The research team is currently working on such devices, as well as exploring ways to incorporate even thinner films and substrates.

Source: Powering the future — ultrathin films are revolutionizing electrical conductivity | ScienceDaily

Apple’s Find My exploit lets hackers track any Bluetooth device

Posted on by

As explained by the researchers in a blog post, they have essentially found a way to turn any device such as a phone or laptop into an AirTag “without the owner ever realizing it.” After that, hackers could remotely track the location of that device.

[…]

Although AirTag was designed to change its Bluetooth address based on a cryptographic key, the attackers developed a system that could quickly find keys for Bluetooth addresses. This was made possible by using “hundreds” of GPUs to find a key match. The exploit called “nRootTag” has a frightening success rate of 90% and doesn’t require “sophisticated administrator privilege escalation.”

In one of the experiments, the researchers were able to track the location of a computer with an accuracy of 10 feet, which allowed them to trace a bicycle moving through the city. In another experiment, they reconstructed a person’s flight path by tracking their game console.

“While it is scary if your smart lock is hacked, it becomes far more horrifying if the attacker also knows its location. With the attack method we introduced, the attacker can achieve this,” said one of the researchers.

Find My coming to South Korea

The researchers informed Apple about the exploit in July 2024 and recommended that the company update its Find My network to better verify Bluetooth devices. Although the company has publicly acknowledged the support of the George Mason team in discovering the exploit, Apple is yet to fix it (and hasn’t provided details of how it will do so). […] For now, they advise users to never allow unnecessary access to the device’s Bluetooth when requested by apps, and of course, always keep their device’s software updated.

Source: Apple’s Find My exploit lets hackers track any Bluetooth device

EA just released source code for a bunch of old Command and Conquer games, and added Steam Workshop support to some more

Posted on by

[…]EA’s announced that it’s releasing the source code for a bunch of old C&C games and—here’s the bit where I, as a man who enjoys modding but is also very lazy, gets excited—adding Steam Workshop support to a few more.

The games getting a source code release are Command & Conquer (Tiberian Dawn), Red Alert, C&C Renegade, and C&C Generals and Zero Hour. They’re being released under the GPL license, meaning folks can mix, match, and redistribute them to their hearts’ content without EA lawyers smashing down the door. You can find them all on EA’s Github page.

As for the Steam Workshop? That’s getting switched on for C&C Renegade, C&C Generals and Zero Hour, C&C 3 Tiberium Wars and Kane’s Wrath, and C&C 4 Tiberium Twilight (they can’t all be winners). EA’s also gone and “updated all the Mission Editor and World Builder tools so you can publish maps directly to the Steam Workshop.”

Plus, it’s putting out a modding support pack that “contains the source Xml, Schema, Script, Shader and Map files for all the games that use the SAGE engine.”

[…]

Source: EA just released source code for a bunch of old Command and Conquer games, and added Steam Workshop support to bangers like C&C 3: Tiberium Wars | PC Gamer

Measles Outbreak in Texas Turns Deadly so dumbass anti vax Parents Scramble for Shots

Posted on by

The measles outbreak in Texas has now turned deadly. Texas and federal health officials have just reported the first deaths attributed to the still-growing outbreak, which has sickened over a hundred people.

The Texas Department of State Health Services reported the tragic death of an unvaccinated “school-aged” child Wednesday morning. In the first cabinet meeting of the second Trump Administration held Wednesday afternoon, Robert F. Kennedy Jr., the new U.S. Health and Human Services (HHS) secretary, stated that two deaths from measles have occurred so far, though he provided no further details. At least 124 cases and 18 hospitalizations have been documented so far, and even vaccine-hesitant families in the region are now rushing to get their measles shots.

The measles outbreak has been ongoing since at least mid-January. It’s largely affected people living in Mennonite communities along the rural South Plains region of western Texas, many of whom are unvaccinated against the highly contagious virus. Health officials have previously attributed the low vaccination rate in these communities mostly to a lack of interaction with the wider health care system, rather than to an explicit anti-vaccination attitude among residents.

A week ago, with only 48 cases reported, the measles outbreak had already become the largest seen in the state in nearly 30 years. Dozens more cases have been documented since, in both western Texas and a bordering county of New Mexico, and officials fear that hundreds of residents have or will ultimately become infected. The fatality reported by the Texas Department of State Health Services is the first measles death documented in the U.S. since 2015.

While this outbreak may not be tied to the anti-vaccination movement, it has convinced some people in the area to change their minds about the value of the highly effective measles vaccine—which is taken in combination with vaccines for mumps and rubella. Vaccine-hesitant parents in Lubbock County, one of the areas hit hard by the outbreak, have reportedly started to send their children to get their shots. Lubbock County is also where the child who died from measles was hospitalized.

“We’ve vaccinated multiple kids that have never been vaccinated before, some from families that didn’t believe in vaccines,” Katherine Wells, director of public health at Lubbock’s health department, told NBC News Tuesday.

In the U.S., measles has been locally eliminated for over two decades. But outbreaks can still occur, particularly in places with vaccination rates below the herd immunity threshold (around 94% of a population). Worldwide, measles remains a major public health threat. In 2023, an estimated 10 million cases of measles were reported worldwide, up 20% from the previous year, as well as over 100,000 deaths that year. Measles infection is also thought to sap people’s immune memory to other common infections.

Source: Measles Outbreak in Texas Turns Deadly as Parents Scramble for Shots

Shadow of Mordor’s Nemesis system is locked behind a patent until 2036 – you can patent that an enemy remembers you and your fights with him, apparently

Posted on by

Warner Bros Discovery recently shut down a trio of game studios, including the well-regarded Monolith Productions. This has put one of the coolest game mechanics of the 2010s in limbo. Middle-earth: Shadow of Mordor’s excellent Nemesis system is locked behind a patent owned by Warner Bros all the way until 2036, according to reporting by Eurogamer.

The Nemesis system was featured in both 2014’s Shadow of Mordor and the follow-up Middle-earth: Shadow of War. Simply put, it’s a gameplay mechanic in which enemies remember previous encounters with the protagonist. These antagonists, typically orcs in the LOTR games, would use these humiliating memories to fuel their thirst for revenge as they rose through the ranks. This mechanic also worked both ways, so enemies would remember besting you in a previous encounter.

It was the best part of those two titles and Monolith had planned on bringing back the mechanic for a now-cancelled Wonder Woman game. Now the system is lying unused, locked behind a patent vault in David Zaslav’s mega-yacht or whatever. Gigantic multinational corporations are awesome!

To view this content, you’ll need to update your privacy settings. Please click here and view the “Content and social-media partners” setting to do so.

Warner Bros Discovery patented the system in 2016, which you can read right here. The patent is active until 2036, so long as the company keeps up with the associated fees. It’s worth noting that in the nine years since patenting the system, it’s only been used in a single game. That’s Shadow of War, which came out in 2017 and was already in development when Warner Bros went ahead with the patent.

It remains to be seen if Warner Bros Discovery will do anything with the Nemesis system. It had nine years of heavy game development to make use of it across its entire IP portfolio, but didn’t. In that time period, plenty of Batman games and Hogwarts Legacy all came out. Those would have surely benefited from the unique mechanic. Oh well.

WB will still focus some resources on game development, but the company’s efforts will be primarily spent on four franchises. These include Harry Potter, Mortal Kombat, the DC universe and Game of Thrones. Three of those four seem like good fits for the Nemesis system to me.

Source: Shadow of Mordor’s innovative Nemesis system is locked behind a patent until 2036

Patents stifle innovation yet again.

After Snowden and now Trump, Europe  Finally begins to worry about US-controlled clouds

Posted on by

In a recent blog post titled “It is no longer safe to move our governments and societies to US clouds,” Bert Hubert, an entrepreneur, software developer, and part-time technical advisor to the Dutch Electoral Council, articulated such concerns.

“We now have the bizarre situation that anyone with any sense can see that America is no longer a reliable partner, and that the entire large-scale US business world bows to Trump’s dictatorial will, but we STILL are doing everything we can to transfer entire governments and most of our own businesses to their clouds,” wrote Hubert.

Hubert didn’t offer data to support that statement, but European Commission stats shows that close to half of European enterprises rely on cloud services, a market led by Amazon, Microsoft, Google, Oracle, Salesforce, and IBM – all US-based companies.

While concern about cloud data sovereignty became fashionable back in 2013 when former NSA contractor Edward Snowden disclosed secrets revealing the scope of US signals intelligence gathering and fled to Russia, data privacy worries have taken on new urgency in light of the Trump administration’s sudden policy shifts.

In the tech sphere those moves include removing members of the US Privacy and Civil Liberties Oversight Board that safeguards data under the EU-US Data Privacy Framework, alleged flouting of federal data rules to advance policy goals. Europeans therefore have good reason to wonder how much they can trust data privacy assurances from US cloud providers amid their shows of obsequious deference to the new regime.

And there’s also a practical impetus for the unrest: organizations that use Microsoft Office 2016 and 2019 have to decide whether they want to move to Microsoft’s cloud come October 14, 2025, when support officially ends. Microsoft is encouraging customers to move to Microsoft 365 which is tied to the cloud. But that looks riskier now than it did under less contentious transatlantic relations.

The Register spoke with Hubert about his concerns and the situation in which Europe now finds itself.

[…]

Source: Europe begins to worry about US-controlled clouds • The Register

It was truly unbelievable that EU was using US cloud in the first place for many reasons ranging from technical to cost to privacy but they just keep blundering on.

Ron Wyden asks for rules about knowing whether you own your digital purchases

Posted on by

Sen. Ron Wyden (D-OR) has sent a letter to Federal Trade Commission (FTC) chair Andrew Ferguson urging the FTC to require that companies admit when you’re not really buying an ebook or video game.

Wyden’s letter, shared with The Verge, requests guidance to “ensure that consumers who purchase or license digital goods can make informed decisions and understand what ownership rights they are obtaining.”

Wyden wants the guidance to include how long a license lasts, what circumstances might expire or revoke the license, and if a consumer can transfer or resell the license. The letter also calls for the information “before and at the point of sale” in a way that’s easily understandable. “To put it simply, prior to agreeing to any transaction, consumers should understand what they are paying for and what is guaranteed after the sale,” Wyden says.

[…]

Source: Ron Wyden asks for rules about whether you own your digital purchases | The Verge

You Should Download Your Kindle E-Books Now, Before It’s Too Late

Posted on by

This week, Amazon is eliminating the “Download & Transfer via USB” option for Kindle users. If you own a vast library and hope to take your reading elsewhere, this may be your last opportunity.

Amazon has stated in a note on users’ library management page that, starting Wednesday, Feb. 26, it was eliminating “Download & Transfer via USB. All Kindle e-book owners will be restricted to downloading Kindle books via WiFi. The former option was one of the last loopholes readers could use to take their proprietary Kindle format e-books off Amazon’s closed ecosystem. This deposited files in the AZW3 format, and there are more tricks for disabling DRM with those files than with the more modern KFX format. The USB download option also backed up Kindle books in case something happened to your device or your Amazon account.

There are a growing number of non-Amazon e-book brands, like Bookshop.org, but the issue is Amazon uses its market dominance to source exclusive deals, both in audiobooks and e-books. Considering that, we suggest you do your best to download your current library before it’s too late. If you want to send your e-book library to your computer, go to Amazon first, then click Accounts & Lists. Scroll to Content Library, then click on Books. Click on the “More actions” option for the book you want to download, then select the Download & transfer via USB button.

When they’re downloaded to your PC, you may be able to convert them to other viable reading formats. “Download & Transfer via USB” is a known hack in the Kindle community, used to remove the DRM locks on some older e-book formats. So, if you want to lend your friend an e-book like you would any paperback, this was one of the few ways to do so without dealing with Amazon’s arcane subscription infrastructure.

[…]

As the Kindle terms of service make it clear, owning any Kindle content means you own a “license” for that e-book, not the e-book itself. You only have a right to view the content “solely through Kindle software” and only on “supported devices specified in the Kindle store.” Some open-source apps like Calibre can read most e-book formats, and if you download your books now, you can use them to read your Kindle library without Amazon’s blessing.

That’s why we suggest you also check Libby, a library app that connects with local libraries and allows you to get in line to download and read e-books for a set period (and yes, this does support your local library). Don’t forget to check out Project Gutenberg if you’re trying to find a classic title in EPUB format. If all you want is DRM-free literature, try e-Books.com.

Source: You Should Download Your Kindle E-Books Now, Before It’s Too Late

Under: You don’t own what you buy.

DIY Open-Source Star Tracker Gets You Those Great Night Shots can also be bought

Posted on by

What does one do when frustrated at the lack of affordable, open source portable trackers? If you’re [OG-star-tech], you design your own and give it modular features that rival commercial offerings while you’re at it.

What’s a star tracker? It’s a method of determining position based on visible stars, but when it comes to astrophotography the term refers to a sort of hardware-assisted camera holder that helps one capture stable long-exposure images. This is done by moving the camera in such a way as to cancel out the effects of the Earth’s rotation. The result is long-exposure photographs without the stars smearing themselves across the image.

Interested? Learn more about the design by casting an eye over the bill of materials at the GitHub repository, browsing the 3D-printable parts, and maybe check out the assembly guide. If you like what you see, [OG-star-tech] says you should be able to build your own very affordably if you don’t mind 3D printing parts in ASA or ABS. Prefer to buy a kit or an assembled unit? [OG-star-tech] offers them for sale.

Frustration with commercial offerings (or lack thereof) is a powerful motive to design something or contribute to an existing project, and if it leads to more people enjoying taking photos of the night sky and all the wonderful things in it, so much the better.

Source: DIY Open-Source Star Tracker Gets You Those Great Night Shots | Hackaday

Google pulls plug on Ad blockers such as uBlock Origin by killing Manifest v2

Posted on by

Google’s purge of Manifest v2-based extensions from its Chrome browser is underway, as many users over the past few days may have noticed.

Popular content-blocking add-on (v2-based) uBlock Origin is now automatically disabled for many in the ubiquitous browser as it continues the V3 rollout.

[…]

According to the company, Google’s decision to shift to V3 is all in the name of improving its browser’s security, privacy, and performance. However, the transition to the new specification also means that some extensions will struggle due to limitations in the new API.

In September 2024, the team behind uBlock Origin noted that one of the most significant changes was around the webRequest API, used to intercept and modify network requests. Extensions such as uBlock Origin extensively use the API to block unwanted content before it loads.

[…]

Ad-blockers and privacy tools are the worst hit by the changes, and affected users – because let’s face it, most Chrome users won’t be using an ad-blocker – can switch to an alternative browser for something like the original experience, or they can switch to a different extension which is unlikely to have the same capabilities.

In its post, uBlock recommends a move to Firefox and use of the extension uBlock Origin, a switch to a browser that will support Manifest v2

[…]

Source: Google continues pulling the plug on Manifest v2 • The Register

Generative AI’s Impact on Cybersecurity – Q&A With an Expert

Posted on by

In the ever-evolving landscape of cybersecurity, the integration of generative AI has become a pivotal point of discussion. To delve deeper into this groundbreaking technology and its impact on cybersecurity, we turn to renowned cybersecurity expert Jeremiah Fowler. In this exclusive Q&A session with vpnMentor, Fowler sheds light on the critical role that generative AI plays in safeguarding digital environments against evolving threats.

[…]

Not long ago, it was far easier to identify a phishing attempt, but now that they have AI at their disposal, criminals can personalize their social engineering attempts using realistic identities, well-written content, or even deepfake audio and video. And, as AI models become more intelligent, it will become even harder to distinguish human- from AI-generated content, making it harder for potential victims to detect a scheme.

[…]

There are numerous examples of generative AI being used in recent cyberattacks. The Voice of SecOps report released by Deep Instinct found that 75% of security professionals surveyed saw an increase in cyberattacks in 2023, and that 85% of all attacks that year were powered by generative AI.

[…]

Currently, several malicious generative AI solutions are available on the Dark Web. Two examples of malicious AI tools designed for cybercriminals to create and automate fraudulent activities are FraudGPT and WormGPT. These tools can be used by criminals to easily conduct realistic phishing attacks, carry out scams, or generate malicious code. FraudGPT specializes in generating deceptive content while WormGPT focuses on creating malware and automating hacking attempts.

These tools are extremely dangerous and pose a very serious risk because they allow unskilled criminals with little or no technical knowledge to launch highly sophisticated cyberattacks. With a few command prompts, perpetrators can easily increase the scale, effectiveness, and success rate of their cybercrimes.

[…]

According to the 2023 Microsoft Digital Defense Report, researchers identified several cases where state actors attempted to access and use Microsoft’s AI technology for malicious purposes. These actors were associated with various countries, including Russia, China, Iran, and North Korea. Ironically, each of these countries have strict regulations governing cyberspace, and it would be highly unlikely to conduct large-scale attacks without some level of government oversight. The report noted that malicious actors used generative AI models for a wide range of activities such as spear-phishing, hacking, phishing emails, investigating satellite and radar technologies, and targeting U.S. defense contractors.
Hybrid disinformation campaigns — where state actors or civilian groups combine humans and AI to create division and conflict — have also become a serious risk. There is no better example of this than the Russian troll farms. […]

Earlier this year, fake X (formerly Twitter) accounts — which were actually Russian bots pretending to be real people from the U.S. — were programmed to post pro-Trump content generated by ChatGPT. The whole thing came to a head in June 2024, when the pre-programmed posts started reflecting error messages due to lack of payment.

 

This screenshot shows a translated tweet from X indicating that a bot using ChatGPT was out of credits.

A few months later, the U.S. Department of Justice announced that Russian state media had been paying American far-right social media influencers as much as 10 million USD to echo narratives and messages from the Kremlin in yet another hybrid disinformation campaign.

[…]

The trepidation regarding AI’s role in creating security threats is very real, but some time-tested advice is still valid — keeping software updated, applying patches where needed, and having endpoint security for all connected devices can go a long way. However, as AI becomes more advanced, it will likely make it easier for criminals to identify and exploit more complex vulnerabilities. So, I highly recommend implementing network segmentation too — by isolating individual sections, organizations can effectively limit the spread of malware or restrict unauthorized access to the entire network.

Ultimately, the most important thing is to have continuous monitoring and investigate all suspicious activity.

[…]

One recent example of self-evolving malware that uses AI to constantly rewrite its code is called “BlackMamba“. This is a proof of concept AI-enhanced malware. It was created by researchers from HYAS Labs to test how far it can go. BlackMamba was able to avoid being identified by most sophisticated cybersecurity products, including the leading EDR (Endpoint Detection and Response).

Generative AI is also being used to enhance evasion techniques or generate malicious content. For example, Microsoft researchers were able to get nearly every major AI model to bypass their own restrictions for creating harmful or illegal content. In June 2024, Microsoft published details about what they named “Skeleton Key” — a multi-step process that eventually gets the AI model to provide prohibited content. Additionally, AI-generated tools can bypass traditional cybersecurity defenses (like CAPTCHA) that are intended to filter bot traffic so that (theoretically) only humans can access accounts or content.

Criminals are also using Generative AI to enhance their phishing and social engineering scams.

[…]

The most well-known case to date happened in Hong Kong in early 2024. Criminals used deepfake technology to create a video showing a company’s CEO requesting the CFO to transfer $24.6 million USD. Since there was nothing that suggested that the video was not authentic, the CFO unknowingly transferred the money to the criminals.

[…]

Although AI cannot — and should not — fully replace the human role in the incident response process, it can assist by automating detection, triage, containment, and recovery tasks. Any tools or actions that help reduce response times will also limit the damage caused by cyber incidents. Organizations should integrate these technologies into their security operations and be prepared for AI-enhanced cyberthreats because it is no longer a matter of “if it happens” but “when it happens”.

Generative AI can help cybersecurity by creating realistic risk scenarios for both training and penetration testing.

[…]

what are the future risks of AI providers having vulnerabilities or data exposures?

According to researchers at Wiz they found 2 non-password protected databases that contained just under 1 million records. AI models will generate a massive amount of data and that needs to be stored somewhere. It makes sense that you would have a database full of learning content, monitoring and error logs, and chat responses, theoretically this should have been segregated from the administrative production environment or have additional access controls to prevent an unauthorized intrusion. This vulnerability allowed researchers to access administrative and operational data and the fact that anyone with an Internet connection could have potentially manipulated commands or code scripts should be a major concern to the DeepSeek organization and its users. Additionally, exposing secret keys or other internal access credentials is an open invitation for disaster and what I would consider a worse case scenario. This is a prime example of how important it will be for AI developers to secure and protect the data of their users and the internal backend code of their products.

[…]

Source: Generative AI’s Impact on Cybersecurity – Q&A With an Expert

Bybit Loses $1.5B in Hack of single cold wallet

Posted on by

Cryptocurrency exchange Bybit has experienced $1.46 billion worth of “suspicious outflows,” according to blockchain sleuth ZachXBT.

The wallet in question appears to have sent 401,346 ETH ($1.1 billion) as well as several other iterations of staked ether (stETH) to a fresh wallet, which is now liquidating mETH and stETH on decentralized exchanges, etherscan shows. The wallet has sold around $200 million worth of stETH so far.

[…]

Bybit CEO Ben Zhou wrote on X that a hacker “took control of the specific ETH cold wallet and transferred all the ETH in the cold wallet to this unidentified address.”

“Please rest assured that all other cold wallets are secure. All withdrawals are normal,” he added.

“My sources confirm it’s a security incident,” ZachXBT added on Telegram.

$1.46 billion would equate to the largest cryptocurrency hack of all time in dollar terms, with $470 million being lost in the Mt Gox Hack, $530 million in the 2018 hack of CoinCheck, and $650 million in the Ronin Bridge exploit.

BTC and ETH dropped more than 1.5% and 2%, respectively, following the transfers.

Source: Bybit Loses $1.5B in Hack but Can Cover Loss, CEO Confirms

So we find out a few things:

Bybit security staff are absolute idiots:

  • keeping that amount of currency in ONE wallet
  • having that wallet connected to the internet

These guys are rolling on so much money they are like a small country and can cover losses like these quite easily.

Apple Says ‘No’ to UK Backdoor Order, Will Just Disable E2E Cloud Encryption Instead

Posted on by

Good work, Britain. Owners of Apple devices in the United Kingdom will be a little less safe moving forward as the company pulls its most secure end-to-end (E2E) encryption from the country. The move is in response to government demands there that Apple build a backdoor into its iCloud encryption feature that would allow law enforcement to access the cloud data of any iPhone user around the world under the guise of national security.

[…]

Following Apple’s decision to pull E2E cloud encryption from the UK, the company on Friday told Bloomberg that “enhancing the security of cloud storage with end-to-end encryption is more urgent than ever before” and that it “remains committed to offering our users the highest level of security for their personal data and are hopeful that we will be able to do so in the future in the United Kingdom.”

The UK order asked Apple for access to global user data under the country’s Investigatory Powers Act, a law that grants officials the authority to compel companies to remove encryption under a “technical capability notice.”

[…]

“Security officials asked not only that Apple allow the UK government access to UK residents’ encrypted cloud storage, but that the UK government get access to any Apple user’s encrypted cloud storage,” said David Ruiz, an online privacy expert at Malwarebytes. “To demand access to the world’s data is such a brazen, imperialist maneuver that I’m surprised it hasn’t come from, well, honestly, the US. This may embolden other countries, particularly those in the ‘Five Eyes,’ to make a similar demand of Apple.” Ruiz questioned what this means for the UK’s privacy guarantees with the US.

Law enforcement is always looking for new ways to conduct surveillance under the guise of protecting the public—Edward Snowden famously revealed a dragnet of surveillance created after 9/11 that pulled in data on individuals domestic and abroa. But once the genie is taken out of the proverbial bottle, it is hard to put it back, and the capabilities can end up in the wrong hands. Police already have access to plenty investigative powers, privacy advocates say, and the public should be very cautious about giving them more that could be ripe for abuse.

[…]

With today’s move, Apple is essentially saying that it would rather pull the E2E encryption altogether and inform customers they will be less safe, rather than build an open door for the UK government. It is a shrewd, gigachad move by Apple even though consumers there will no longer have the same amount of security as others around the globe. iCloud encryption is important as the service has in the past been a target of hackers who penetrated the accounts of celebrities to steal their nudes and post them online in a scandal that was called “the Fappening.”

[…]

Source: Apple Says ‘No’ to UK Backdoor Order, Will Disable E2E Cloud Encryption Instead

So, no security or privacy for those in the UK then.