Google managers manage to rile a Canadian government committee, GitHub rolls out plans to improve security and a robot lawyer is being sued by a real-life lawyer. Which one wins?
Welcome to Hashtag Trending for Monday, March 13th
I’m your host Jim Love, CIO of IT World Canada and TechNewsDay in the US – here’s today’s top tech news stories.
A Canadian federal government committee pushed back against Google’s claims that “Google was only conducting an experiment” when it blocked up to four per cent of Canadians access to the search engine, in what the company referred to as just one of “many thousands of tests it runs.”
Google is unhappy with the Canadian government’s proposed legislation bill C-18, which threatens to force platforms like Meta and Alphabet Inc.’s Google to negotiate commercial deals and pay news publishers for their content. But it denied that its recent experiments in blocking up to four per cent of Canadian’s access were a direct threat – claiming that they were part of a routine test.
Indicating their disbelief, the legislators on the committee took the step of forcing the Google representatives to go under oath for the remainder of their testimony.
As reported in IT World Canada, trivializing the so-called tests appeared to further upset the committee members – one of whom pointed out that a sample of four per cent means that up to 1.2 million Canadians could have been affected by these tests.
“Today, we find out that four per cent of the population had their democratic rights put to the side. You might have Google tested me, I might be one of the 1.2 million that all of a sudden I can’t get to do a Google search. Is that fair for me? Or other Canadians? I don’t think that’s fair. You’re a $1.3 trillion company. And I think you’ve over exceeded your boundaries,” said Opposition Conservative MP Kevin Waugh.
Google’s representative also denied claims, made by a Bloq Quebecois member, who claimed that the Canadian Association of Journalists and Unifor Media Council that media workers have been disproportionately affected by these tests, Martin Champoux from Bloc Quebecois pointed out.
In a follow up, a Saturday story in Reuters indicated that Google had announced that it would end availability of news content for Canadians on its platforms if the country’s Online News Act passes in its current form.
The final form of the legislation is not yet settled Canadian government is facing its own internal issues with the proposed legislation with small publishers arguing that it doesn’t go far enough to protect them. And with the government being in a minority position, the opinions of the other parties in parliament will have to be considered carefully.
So between Google threatening if any action is taken it will cut us off and the pressure for perhaps even greater action from others – expect the conflict and the drama to continue on this issue.
Source: IT World Canada
Elon Musk promised on February 21st that the algorithm for Twitter would be “made open source in the next week.” That has not yet happened.
The algorithm is the code that rules how content is ranked on the platform. That ranking influence who sees the content and can vastly make a difference in how big an audience any post receives.
Musk himself has been accused of manipulating the algorithm to ensure that his own tweets get a much larger audience. This story was featured in an article in the Silicon Valley blog “The Platformer” We covered that story earlier and a link to it is in the notes of for this episode as well at itworldcanada.com/podcasts
So what is holding back Musk from outsourcing the Twitter code? According to a recent article in The Register, after cutting more than two thirds of Twitter staff, Musk simply doesn’t have the software developers and engineers with the knowledge to do this.
That same article quoted Twitter’s former open source lead, Will Norris:
When I joined, there were already a number of large modernization efforts underway that had big open source components. The Pants build system was being replaced by Bazel. Work was happening to prepare to eventually replace Apache Aurora and Mesos with Kubernetes. And, we were already some of the largest users of Apache Kafka, Hadoop, and Scala. We also had a custom fork of the JVM [Java Virtual Machine], which we hoped to eventually open source. There was a lot of amazing work happening, and they successfully hired really good people from those communities to work on those projects.
And then 2022 happened :-\
Norris continued: “Most of the key people that were working on open source at Twitter have left. All of the engineers that I worked with on open source are gone.”
In short, Musk can’t open-source Twitter’s code because he literally doesn’t have the people who know how.
Would making the algorithm open source be a positive for Twitter? Would it dispel the rumours that Musk has put his “thumb on the scale” and manipulated the algorithm? Would it lead to improvements? Would it help Twitter hold its audience against the open source competitor Mastidon or some of the other new rivals like former Twitter CEO Jack Dorsey’s or Meta’s rumoured new Twitter replacement? We might never know.
Source: The Register
Meanwhile GitHub, the largest developer hosting site in the world is saying that I plans to roll out two factor authentication over the next nine months.
GitHub is used by the vast majority of technology development companies as a place to store, work on and eventually promote their code into production systems. Microsoft, who purchased GitHub last year is pushing for this move to two factor authentication in advance of the US government’s new National Security Strategy which aims to put more responsibility onto software development companies for the security their code.
The repository is a key weak point in the development process. If any threat actor could successful get access to a code repository, they could conceivably introduce malware which could be propagated to any company that got the new code – that could be one company or in the case of what is termed a “supply chain attack” – it could be many companies or organizations including governments.
According to Justin Cappos, a professor of computer science at NYU quoted in an article in Tech Republic “Inserting code into an organization is one of the worst kinds of attacks someone can do. So protecting the way in which people are working on code, which today often means working on code through GitHub, is really key. To the extent that they are making it harder for attackers to do this, is a huge positive,”
GitHub is also offering new forms of two factor authentication including time-based passwords, SMS validation but all the way up to security keys including physical security keys such as Yubikey and others. But GitHub is urging its users to adopt security keys as a higher standard of authentication.
This coincides with the recommendations of the National Institute for Science and Technology, or NIST, which many regard as the reference point for security standards. NIST no longer recommends simple two factor authentication such as SMS messaging, citing that they are too easy to compromised.
“The strongest methods widely available are those that support the WebAuthn secure authentication standard,” said GitHub in its announcement. “These methods include physical security keys as well as personal devices that support technologies such as Windows Hello or Face ID/Touch ID.”
This is a major rollout and will be done in stages prioritizing customers where the impact of a breach would have the greatest effect. Customers will first get warnings and then face increasing restrictions over time before being blocked from usage until they get the two-factor authentication in place. The slow rollout would also make it easier for GitHub to make adjustments as needed before scaling to larger and larger groups over the course of this year.
Source: TechRepublic
HP is taking some criticism when a fairly recent update was found to force users to only use “authentic” HP cartridges. In fairness, other companies such as EPSON have also employed a similar strategy.
The updates, which were first introduced in 2016 are referred to as “dynamic security” and are part of an authentication process that the company says will “protect the quality of our customer experience, maintain the integrity of our printing systems and maintain the integrity of our intellectual property.”
HP has taken a lot of criticism and even been subject to some class action lawsuits. In 2020, HP reached a settlement in a class-action lawsuit that the plaintiff’s claimed “serves no legitimate business purpose” and “blindsides customers who were never warned that the update would strip them of their ability to buy less expensive supplies for their printers.”
While HP offered some relief, it appears that, perhaps that as printing revenues slide, HP is again trying, as the Verge stated, “to lock users into their ecosystem.”
Will this protect revenue? Or will it alienate and anger current customers.
One Reddit user complained, “instead of displaying a bypassable message that indicates HP can’t guarantee the quality of their print, now the printers won’t accept third-party cartridges at all.” That situation, was causing at least one user to rethink their choice of printer. One tech writer proclaimed. “I’m seriously considering switching to another printer brand if I don’t have the option to use third-party ink in the future.”
Source: The Verge
And finally – a “real” lawyer is threatening to take an “AI lawyer” to court.
The service “Do Not Pay” which advertises itself as an advocate for those who feel they should not be required to pay a bill or even a fine has drawn a threat of a potential lawsuit for the use of an AI advisor.
The company has been quite advanced in its adoption and use of AI. It reportedly has successfully used AI to negotiate reductions in costs for users. It made headlines when it offered a payment to anyone that would use its AI service in a courtroom trial – and it was subsequently forced to back down when it was threatened with an legal action when it attempted to have its AI lawyer used in defence of a traffic violation.
Despite the threats, the publicity has no doubt been great for the company which is reported to be presenting itself as a robot lawyer and the company has been able to back away before any lasting legal consequences.
That is until March 3rd when it found itself facing a class action lawsuit filed by Chicago-based law firm Edelson. The complaint argues, “Unfortunately for its customers, DoNotPay is not actually a robot, a lawyer, nor a law firm. DoNotPay does not have a law degree, is not barred in any jurisdiction, and is not supervised by any lawyer.”
The lawsuit was filed on behalf of a customer who said he’d used DoNotPay to draft various legal documents including demand letters, a small claims court filing, and a job discrimination complaint. The customer claims that they thought they were getting the services of an actual lawyer and that they had gotten “substandard results.”
DoNotPay told the online blog the Insider, who broke the story that: “DoNotPay respectfully denies the false allegations.” It added: “We will defend ourselves vigorously.”
Do you think they….nah, the wouldn’t. They wouldn’t use their AI lawyer to defend this claim. Or would they?
Those are the top tech news stories for today
Links to these stories can be found in the article posted on itworldcanada.com/podcasts. You can also find more great stories and more in-depth coverage in itworldcanada.com or in the US at Technewsday.com
Hashtag Trending goes to air five days a week with a daily newscast and we have a special weekend edition with an interview featuring an expert in some aspect of technology that is making the news.
We’re always happy to hear from you, you can find me on LinkedIn, Mastodon, Twitter or just leave a comment under the article for this podcast at ITWorldCanada.com/podcasts.
Thanks to you who have written to me, I take every piece of advice and treasure your comments.
I’m your host Jim Love – Have a Marvelous Monday!