In a move that is bound to piss off more than a couple of publishers, Google is readying to fix the “loophole” that allowed sites to see when you’re browsing in Incognito Mode.Google announced in a blog post on Thursday that the update will arrive with the release of Chrome 76 on July 30.The tip-off to sites that you’re browsing in private mode is an unintended result of Chrome’s FileSystem API, which is disabled in Incognito.If a site searches for the FileSystem API and determines it’s disabled, it can, as Google puts it, “give the user a different experience.”News of this kind of behaviour by websites has been cropping up for years, and it’s a huge pain in the ass if you’re, say, trying to get around a publisher’s paywall.But while it’s kind of a bummer for publishers if they can’t force you to log in, subscribe, or switch to a normal browsing mode, Google notes there are serious circumstances under which Incognito Mode users might need to protect their privacy, including political oppression or domestic abuse.
In Google’s latest blog post, the tech giant has promised to put and end to a loophole in its Chrome web browser that compromised its users' privacy when using its ‘Incognito’ private browsing mode.Currently, websites are able to detect when a user is browsing in Incognito Mode by scanning for the presence of Chrome’s Filesystem API (Application Programming Interface), which is disabled in this mode in order for the user’s browsing activity not to leave traces on their device.A website can assume the user is browsing in Incognito Mode if it receives an error message when checking for the availability of this API.In Chrome 76, which is slated for release on July 30, Google promises that sites scanning for the API will no longer receive the error message.Google claims it “wants you to be able to access the web privately, with the assurance that your choice to do so is private as well”, citing examples of political oppression and domestic abuse as valid reasons for wanting to privately browse the web.As a byproduct of this modification to Chrome’s Incognito Mode, Google acknowledges that sites that use a metered paywall – those offering a finite amount of free articles before having to subscribe, for instance – will no longer be able to detect when people are circumventing the block via private browsing.
15 months of wrangling and Orlando couldn't even begin testing AI cloud tech for population surveillanceOrlando cops have given up using Amazon’s controversial cloud-based facial recognition to monitor CCTV cameras dotted around the Florida city – after a nightmare year of technical breakdowns.After 15 fruitless months of trying to get the thing working properly, with help from Amazon's staffers, the US city's police force cancelled its contract with the web giant."We haven't even established a stream today," the city’s chief information officer Rosa Akhtarkhavari told the Orlando Weekly on Thursday.The plod wanted to feed photos of suspected or known crooks into Amazon Web Services' Rekognition API, and have the backend software automatically search live streams of CCTV footage for occurrences of those faces in real time, allowing officers to know immediately the whereabouts of persons of interest.Amazon techies had apparently visited the city numerous times to work with the police to get the system to work properly.
“The dynamic system will continuously monitor the airspace around an aircraft for the ‘unexpected’ such as other aerial vehicles or changes to airspace (such as a Temporary Flight Restriction/Dynamic Geofence around a police incident),” it writes of the new service.“After identifying a potential conflict, CRS will make the necessary routing adjustments, allowing the drone to maintain an appropriate separation standard between other airspace users or fly around restricted airspace so it can continue safely (and efficiently) to its destination.”The global Conflict Resolution Service (CRS) has two components: Strategic de-confliction, which will launch first, on July 23, letting drone operators submit flight plans to the startup to determine whether there are any conflicts with other previously submitted flight plans, or against ground and airspace geofenced areas available in Altitude Angel’s worldwide data feeds.If a conflict is identified Altitude Angel says its CRS will propose alterations to the take-off time and/or route to “eliminate the conflict” — suggesting, as it puts it “minimally invasive changes to permit the mission to continue unobstructed”.“We’re bringing in commercially available data feeds of every piece of manned air traffic available today.So the tactical service will then supplement that drone on drone collision data [from the Statistical CRS] with drone on manned aviation,” says CEO Richard Parker.
API blunder exposes data, fix incoming from LenovoLenovo is emitting an emergency firmware patch for Iomega NAS devices after the network-attached storage boxes were discovered inadvertently offering millions of files to the internet via an insecure software interface.Infosec outfits Vertical Structure, based in the Northern Ireland, and WhiteHat Security, headquartered in Silicon Valley, together found and reported the vulnerability to Lenovo, we're told.If you're thinking, wow, Iomega, I didn't know they were still going: EMC bought it in 2008, and in 2013, a Lenovo-EMC joint-venture rebooted the brand as LenovoEMC gear.We're told this file-leaking flaw was discovered last autumn by a Vertical Structure employee who found a strange bunch of files showing up in search results on Shodan.io, a website for finding all sorts of public-facing systems, from bog-standard web servers to power plant equipment and Internet-of-Things gizmos.That means anyone aware of the API and its security shortcomings could have searched Shodan for vulnerable public-facing Iomega NAS drives, and siphoned off strangers' file systems.
Apple has reversed course on its ban of parental control app OurPact, allowing the ousted software to return to the App Store in its original form and without any limitations or restrictions.The move marks an end to a months-long dispute between Apple and a variety of parental control companies affected by Apple’s restrictions.The fact that Apple removed or prevented updates to many of these apps (including OurPact) raised eyebrows because it allegedly stemmed from a sudden change in policy that reclassified the apps as unsafe, due to the technology they relied on for managing kids’ devices.The issue was that these apps were using a suite of tools called MDM, or multi-device management, designed for management of hardware in IT and school environments.It was still allowed on the App Store in a variety of enterprise-level apps after Apple’s rule change, despite using the exact same technology and seemingly putting their users at the same purported risk.Things came to a head right before Apple’s annual WWDC developer gathering, following a story in The New York Times that put a spotlight on the affected parental control app developers.
Both Strava and Relive have made statements on their recent breakup, suggesting that the other was the one that was at fault.According to Relive, they worked with Strava and followed Strava’s recent takedown request – but were blocked from the API nonetheless.Strava said Relive was simply abusing its API.Not through the group’s official API, anyway.If Relive wants to gain access to Strava data from now on, they’ll need to get extra creative.Before now, users would be able to quite easily create an automatically-compiled piece of media based in Relive using their Strava data, GPS, and photos taken during said trip.
Java would get a new graphics rendering pipeline for MacOS based on Apple’s Metal graphics APIs, under a proposal called the Lanai Project, being floated in the OpenJDK community.Engineers from Oracle and JetBrains already have been exploring the Metal APIs, working on proofs of concept and prototypes in the JDK sandbox.Metal was designed as a long-term replacement for OpenGL as a rendering pipeline on Apple platforms, offering better performance and simpler GPU designs.The Java Development Kit and OpenJFX currently use OpenGL, which Apple has deprecated.Currently, if OpenGL is not present in a MacOS system, JDK desktop APIs cannot function and will not start.OpenJFX is in a similar spot.
Android Q features a new API that allows applications to capture audio from other applications.It’s called AudioPlayback Capture API.It enables some important use cases for easier content sharing and accessibility.First of all, live captioning allows to caption or translate the currently playing audio in real time.It allows users to engage with audible content.Even when it’s impossible or inconvenient to do so.
Up from US$ XX Mn estimated for 2018, the global cloud API market is foreseen to reach US$ XX Mn during the next decade.By 2025 end, the market will possibly witness steadfast growth at an impressive CAGR of XX% over the assessment period,” quoted an expert market research analyst from Trends Market Research (TMR).A recently published report by the company, titled “Cloud API Market by 2025” indicates flourishing growth potential of the global market for cloud application programming interface (API).The report, as the title suggests, reflects rapid emergence of the SMEs end-user segment during the next decade.Get More Information at Professional@ https://www.trendsmarketresearch.com/report/sample/3546 The analyst further added, “Growing business dependency on cloud applications and shooting adoption of connectivity devices are collectively favoring the market for cloud API globally.Moreover, rising adoption of micro service-based architecture will play a role in popularizing the implementation of cloud API globally.”SMEs are rapidly embracing mobile and cloud-based platforms for managing their back-end services and applications, which prompts at bright future prospects for the cloud API market.Based on this market observation, it is quite clear that with a growing number of small and medium enterprise launches, the demand for cloud API will prevail progressively.While large enterprises continue to remain the dominant end-user segment with a value beyond US$ XX Bn in 2025, Trends Market Research concludes a higher growth rate for SMEs end-user segment over 2018-2025.Among BFSI, IT and telecommunications, hospitality, healthcare, and media and entertainment, the BFSI sector will maintain the top consumer position in the cloud API market, accounting for over US$ XX Mn in terms of 2025 revenues.Request For Discount Professional@ https://www.trendsmarketresearch.com/report/discount/3546 Among the key platform management providers, integration specialists, pure players, and system integrators operating in the global cloud API marketplace, Microsoft Corporation, Axway Software SA, Accenture, The Hewlett-Packard Company, Oracle Corporation, and IBM Corporation make it to the list.
“We are enforcing multi-factor authentication for all users in the partner tenants and adopting secure application model for their API integration with Microsoft”Microsoft has confirmed that it will introduce mandatory Multi-Factor Authentication (MFA) for its Cloud Solution Provider (CSP) programme and other partners.A Microsoft spokesperson told Computer Business Review that: “We are introducing new mandatory security requirements for the partners participating in the Cloud Solution Provider (CSP) program, Control Panel Vendors, and Advisor partners.”” This includes enforcing multi-factor authentication for all users in the partner tenants and adopting secure application model for their API integration with Microsoft.”Microsoft expects the policy change will be rolled out over the coming months.They say that they have informed partners of the changes and will begin enforcement soon.
Another day, another appalling Internet of S**t security flawSmart home company Zipato hardcoded the same private SSH key into every one of its hubs, leaving its system open to hacking, researchers revealed this week.The eggheads at security shop Black Marble demonstrated in a blog post how that flaw, combined with two related vulnerabilities, allows them to access the hub and devices connected to it.The upshot: they can open your front door with a laptop.Zipato's controller, which used the z-wave wireless standard, had two security holes in its API – local and remote - that the researchers was able to exploit.Combined with the somewhat baffling decision to hardcode the same private SSH key into every hub that provides root access to the device, and you have a recipe for disaster.
Jigsaw — an Alphabet arm focused on cybersecurity and geopolitical issues, like an API that identifies toxic language online — has a toxic internal work culture of its own, according to a Motherboard report on Tuesday.Female employees at Jigsaw have been the subject of sexist remarks by executives and discriminated against by leadership, according to the report.The climate for women at Jigsaw has gotten so bad, the report noted, that a support group, made up of current and former employees, has been formed to help women who want to leave the company.Read the full Motherboard story here.Jigsaw — an Alphabet arm focused on cybersecurity and geopolitical issues, like an API that identifies toxic language online —has cultivated a toxic internal work culture of its own, according to Motherboard report on Tuesday.Female employees at Jigsaw have been the subject of sexist remarks by executives and discriminated against by leadership, according to the report, which cites more than 12 current and former employees.
According to a new market research report” Telecom API Market by Type of API (SMS, MMS, & RCS, WebRTC, Payment, M2M & IoT, Content Delivery, Location, ID/SSO & Subscriber), User Type (Enterprise, Partner, Internal, Long Tail), and Region - Global Forecast to 2021", published by MarketsandMarkets™, The global telecom Application Programming Interface (API) market size is estimated to grow from USD 93.69 Billion in 2016 to USD 231.86 Billion by 2021, at a Compound Annual Growth Rate (CAGR) of 19.87%.The objectives of the Telecom API Market report are to define, describe, and forecast the telecom API market size on the basis of types of APIs, user types, and regions.Based on the types of API, the location API is the fastest growing market that helps in driving the market during the forecast period.Browse and in-depth TOC on “Telecom API Market”35 - Tables52 - Figures119 - Pages Ask for PDF Brochure @ https://www.marketsandmarkets.com/pdfdownloadNew.asp?id=257220042Improving telecom API user experience, monetization of telecom operator services, rising demand for advanced telecom services over the internet, and increasing adoption of M2M devices among end-users are some of the driving factors of the telecom API market.SMS, MMS, and RCS APIs to play a key role in the telecom API market by 2021The Short Message Service (SMS), Multimedia Messaging Service (MMS), and Rich Communication Services (RCS) APIs segment has the largest market share in the telecom API market during the forecast period.The market share is expected to grow because of the increasing need for monetization of telecom carrier services and significance of improving mobile app developer experience.Interactive Voice Response (IVR)/voice store and voice control API has the second largest market share during the forecast period due to the increasing adoption of M2M devices among end-users.Increasing adoption of IoT will drive the global telecom marketIncreasing adoption of IoT drives the global telecom API market.The partner developer enables solution developers to access their different APIs and use these APIs to develop applications and extension of these applications to build and develop solutions that are more sophisticated for clients.The North American region is expected to contribute the largest market share in the telecom API marketNorth Americais expected to hold the largest market share in the telecom API market during the forecast period.The increasing innovative developments and technological advancements are benefiting all the stakeholders present in the telecom API ecosystem in this region.The major vendors in the telecom API market are Vodafone Group PLC (London, U.K.), Twilio, Inc. (California, U.S.), Alcatel-Lucent (Boulogne-Billancourt, France), AT, Inc. (Texas, U.S.) Telefonica (Madrid, Spain), Apigee Corporation (California, U.S.), Orange S.A. (Paris, France), Verizon Communications, Inc. (New York, U.S.), Xura, Inc. (Massachusetts, U.S.), Nexmo, Inc. (California, U.S.), Fortumo (Tartu, Estonia), LocationSmart (California, U.S.), Tropo, Inc. (California, U.S.), and Aspect Software (Massachusetts, U.S.).Browse Complete Press Release @ https://www.marketsandmarkets.com/PressReleases/telecom-api.aspKey questionsWhich are the substitute products and how big is the threat from them?Which are the top use cases where telecom API can be implemented for revenue generation through new advancements such as artificial intelligence, IoT, and cloud computing?What are the potential opportunities in the adjacent markets?What should be your go-to-market strategy to expand the reach into developing countries across APAC, MEA, and Latin America?About MarketsandMarkets™MarketsandMarkets™ provides quantified B2B research on 30,000 high growth niche opportunities/threats which will impact 70% to 80% of worldwide companies’ revenues.
Currencloud, the provider of an API and service for cross-boarder payments that is used by a host of fintechs and larger companies, including most recently Visa, has closed the first part of closing in on Series E funding.According to sources, the 7 year old London headquartered company announced internally that it was closing in on new funding round a few weeks ago, while a recent regulatory filing reveals that the Series E totals just shy of £32 million in Series E shares so far.However, I understand that this is just tranche one, and that additional Series E funding will follow within the next 2-3 months when the round will be officially announced.Tranche one also consists of two slightly different share prices as it sees earlier debt financing converted into equity.With regards to who is backing Currencycloud’s Series E, one source tells me Goldman Sachs is in the running and is possibly leading the round.Existing investor GV (previously Google Ventures) is said to me following on.
Google is locking down API access to Gmail data (and later, Drive data) soon, and some of your favorite third-party apps might find themselves locked out of your Google account data.Google's OAuth APIs have been around for years as a way for apps to get access to and control your Google data.For years this was purely an agreement between the user and the developer—the app would say what it wanted access to, and the user could deny or allow it.Only "appropriate" access will be allowed for some APIs, strict data-handling rules will be enacted, and access to APIs would be limited to "only the information necessary to implement your application."It sounds like Google will also be subjecting all of these apps to human review, app-store style.Don’t trust OAuth: Why the “Google Docs” worm was so convincing
Google recently re-aligned their priorities, brought a lot of Kotlin, keeping Java by its side, using Java API for all web development procedures.It has endless try-catch blocks, null-unsafety, NullPointerExceptions and lack of extendability.Java can also create issues with the Android API design.Its syntax is very complex and long code is prone to errors.Android App Development services adopted Kotlin to make usual programming an enjoyable and relaxing experience.Further, it features a variation of a switch statement that allows matching on arbitrary expressions.
A platform-as-a-service company is only as good as its APIs, and Shopify has dozens of them.While REST isn’t going away, much of the internal development interest will be focused on GraphQL, and the company is placing a great emphasis on ensuring its most popular external endpoints are available via GraphQL.This isn’t the most perfect metaphor, but it’s a bit like going to work, and your manager announcing that instead of English, the lingua franca of the office was now Afrikaans or French.Sure, they’re still human-comprehendible languages.Helping me out is Avi Flombaum, Co-founder and Chief Innovation Officer at Flatiron School, a WeWork company.The use of GraphQL allows Shopify to empower developers on their platform to make their own decisions about things like design and performance which are critical in highly competitive mobile retail environments.