Apple spent $60 billion with American suppliers in 2018

Apple has released an update on its spendings in the U.S. According to the company, Apple is now working with 9,000 different companies in the U.S. Those companies mostly work on hardware components and chipsets for Apple’s devices.

You may remember that Apple announced last year it would spend $390 million to expand Finisar’s production in the U.S. Finisar has been working on a key component for the iPhone and iPad Pro — the TrueDepth camera system.

That investment was part of a commitment to spend $1 billion in U.S.-based companies with its Advanced Manufacturing Fund in order to build new facilities and help manufacturers.

But Apple is already spending much more money with American companies. In 2018 alone, Apple spent $60 billion, which represents a 10 percent increase compared to 2017. The company estimates that it represents around 450,000 jobs.

In addition to Finisar, Apple names a few partners in its announcement — Corning, Cincinnati Test Systems and Broadcom.

Finally, if you take into account everybody working for Apple in one way or another, there are now 2 million people helping Apple as an employee, a contractor, a store manager, a supplier, etc. This number is up from 600,000 in 2011.

Read Full Article

Apple could be working on gaming subscription service

Apple is slowly building a lineup of content subscriptions. According to a report from Cheddar, Apple may also be working on a gaming subscription. Alex Heath managed to get five people to talk about the rumored service.

If Apple goes ahead and launch such a service, users could pay a monthly subscription fee to access a library of games. It’s still unclear how much it would cost and what would be included in the subscription.

Given that many iOS games are now free-to-play games, it’s hard to see how it would work. Apple could choose to focus on paid games and give those games for free as part of the subscription. The company could also give you free coins and perks when it comes to free-to-play games.

Apple has to talk with potential partners to put together the service — that’s probably how Cheddar learned about Apple’s plans. The company isn’t going to develop a bunch games overnight (remember Apple’s Texas Hold ‘Em?). But it could act as a sort of game publisher by promoting and distributing new games in a subscription tier.

Games are by far the most popular category on the App Store. They generate a ton of downloads and revenue. And it sounds like Apple thinks it could generate more revenue by switching to a different business model, beyond the usual 30-percent cut on in-app purchases.

Apple has also been signing deals with TV producers in order to put together a streaming service. The company wants to compete with Netflix and other streaming platforms.

Apple has been working on a magazine subscription service as well. The company acquired Texture back in March 2018 to build the foundation of the service. And that new subscription should launch pretty soon. You can find a landing page for Apple News Magazines in the beta version of iOS 12.2.

And of course, Apple has attracted 56 million subscribers for Apple Music. Now let’s see if the company can replicate the same success with other services.

Read Full Article

Apple’s new developer guidelines signal that scammy subscription apps’ time is up

Apple is sending out a message to app developers: stop tricking users into subscriptions. The company updated its guidelines for mobile developers to more clearly spell out what is and what is not allowed, according to 9to5Mac, which spotted the recent changes. The improved documentation comes at a time when subscriptions are becoming something of a plague on consumers.

Their rapid proliferation is turning everything into a subscription service, which could ultimately see consumers dropping favorite apps because they can’t afford dozens of ongoing payments. But more urgently, Apple’s lax enforcement its rules around subscriptions had allowed shady app developers to financially benefit.

Subscriptions are a big business the app stores, as the industry has begun to shift over to a recurring revenue model instead of one-time purchases within free apps or paid downloads. For developers who continue to improve apps and roll out new features, subscriptions give them the financial means of continuing that work, instead of constantly hunting for new users.

However, not all developers have been playing fair.

As TechCrunch reported last fall, a number of scammers had begun to take advantage of the subscription model in order to trick consumers into recurring payments, in addition to constantly pestering their free users to upgrade.

We found apps that constantly popped up upgrade prompts or hid the “x” to close the prompt’s window, as well as apps that promised free trials that actually converted after a very short period – like three days, for example. Others had intentionally confusing designs where subscription opt-in buttons would say things like “Start” or “Continue” in big text, while the text that explains you’re actually agreeing to a paid subscription is tiny, grayed out, difficult to read, or hidden in some other way.

Apple’s developer guidelines had clearly prohibited fraudulent behavior related to subscriptions, but Apple has now spelled out the details in black-and-white.

As 9to5Mac spotted, updates in Apple’s Human Interface Guidelines and App Store documentation now explicitly state that the monthly subscription price has to be clearly displayed, while information about how much people can save if they opt for longer periods of time, like a year, has to be less prominent.

Messages about free trials have to say how long trials last and what will be charged when the trial ends.

The new documentation has also been clearly organized, and includes screenshots of what a proper subscription sign-up flow should look like, as well as sample text developers can modify for use in their own apps. It even suggests that developers allow customers to manage their subscriptions within their app, rather than requiring them to find the subscriptions section in the App Store.

Today, many customers don’t know how to stop their subscriptions once activated – it takes several steps from the iPhone’s Settings to get into subscriptions, and still a few from within the App Store. (It’s also not that obvious. You tap on your profile icon on the top right of the Home page, then your Apple ID, then scroll down to the bottom of the page. By comparison, you can reveal the “Subscriptions” section with just one tap on Google Play’s left-side hamburger menu.)

While the existence of clear documentation that better spells out the do’s and don’ts is certainly welcome, the real question now is how well will Apple enforce its rules?

After all, Apple was supposedly not okay with subscription fraud and tricks before, yet its App Store was home to a good handful bad actors – particular in the utilities section.

Of course Apple doesn’t want to develop a reputation for allowing misleading or scammy apps to thrive in its App Store, but it simultaneously benefits when they do.

Although games still account for the majority of App Store spending, non-gaming apps across app stores now account for just over a quarter (26%) of total spend, according to App Annie’s “State of Mobile 2019” report. And that number has increased 18% since 2016, mainly because of in-app subscriptions.

Getting a handle on the proper way to market subscriptions is key. But there’s also the larger question as to whether subscriptions will be a sustainable model in the long run for the developers. There’s a bit too much of a gold rush mentality around subscriptions in today’s App Store, and it’s hard to resist the near-term benefit of money that rolls in monthly.

But as more developers adopt subscriptions, consumers will ultimately have to decide which have value for them. People are already paying for so many subscriptions – both inside and outside the app stores. Streaming video like Netflix, streaming music like Spotify, streaming TV like YouTube TV, subscription boxes like Ipsy, Prime memberships, grocery delivery like Instacart, smart home subscriptions like Ring or Nest, newspapers and magazines and newsletters, and so on. What’s really going to be left for a selfie editor, to-do list or weather app, in the end?

Many consumers are already starting to hit the point where they don’t have much more to spend, and will have to turn some subscriptions off in order to turn others on. Subscription app user bases could then contract, with only core customers remaining paying subscribers, as casual users return to free products – like Apple’s own built-in apps, for example, or free services offered by well-heeled tech giants, like Google.

Apple would do well to advise developers when subscriptions make sense for an app, not just how to implement and design them. Subscriptions should offer a real benefit, not just continued ability to use an app. And there could be cases where a one-time purchase to retain a customer who continually declines to subscribe makes sense, too.

 

 

Read Full Article

China’s smartphone shipments dropped 14 percent in 2018

Smartphone numbers are down all over — but things look especially stark in China these days. Tim Cook cited softened demand in the world’s largest smartphone market as a key factor in its lowered guidance, and Apple is far from alone in feeling the pinch. Today, Canalys reported another large drop in the country for 2018.

The firm says that shipments dropped 14 percent in China for the year. That’s the second year in a row shipments have dropped, following more than half-a-decade of impressive growth, rocketing China to the number one spot, ahead of the U.S. All told, 396 million units were shipped last year, marking the lowest level since 2013.

Domestic companies Huawei and Vivo both managed to grow in that time, hitting first and second place. Oppo and Xiaomi slipped a bit, but managed to hold the second and fourth place positions, respectively. Apple, the sole U.S. representative in the top 5, held onto fifth place, but still dropped 13 percent. The rest of the industry, meanwhile, dropped a staggering 60 percent, year over year.

Much of what’s at play here is a familiar story all over. A matured market means upgrade cycles have slowed down, as more users are choosing to hold onto handsets for long. Even more pronounced, however, is a combination of slowed economic growth and lowered purchasing power in the country.

Read Full Article

The 50 Best Love Songs to Stream on Valentine’s Day

Tailor Your Website Perfectly With Userstack’s User-Agent API

Are visitors getting the most from your website? Do you cater to readers on portable devices, handsets with very small screens, or even TVs?

If not, it’s time you did. Userstack is an API from London-based apilayer that accurately detects the browser and hardware details of your website’s visitors. Here’s what you need to know about userstack and how it can make your website better.

What Can userstack Do for You?

Using the userstack API, you can detect the browser, device details, and operating system of any visitor to your website.

The benefits of this are considerable. For example, you can ensure your visitors receive tailored advertising. Want to publish custom content for readers using a specific type of device (such as an iPhone)? With data from userstack, you can.

This information is gathered thanks to User-Agent strings, information sent from your browser to the destination website.

Essentially, userstack offers an opportunity to perfect the user experience. Visitors will remember this and return, recalling an impressive, tailored experience.

How Much Does userstack Cost?

A free userstack account is available, along with several premium options.

If don’t need more than 10,000 API requests per month, the free option is perfectly suitable. With this, you’ll get device, browser, and operating system detection, plus limited support. It’s a basic package ideal for smaller sites and newcomers.

Not enough? Four other packages are available, from Basic to Enterprise (with business-specific pricing). The Business package of 500,000 API lookups for $49.99 a month provides the best value. This adds unlimited support, crawler detection, bulk lookups, and HTTPS encryption.

Need more lookups? The Business pro option provides a preferred support option, along with 2 million monthly lookups, for $99.99 a month.

Whatever package you choose, note that there is a 20 percent discount for annual payment.

Key userstack Features

Signing up to userstack gives you the opportunity to improve your readers’ (or customers’) experience. The most obvious use for a service like this is to query the User-Agent and deliver content in a format that’s most suitable for the visitor.

To deliver this feature, userstack has a scalable server that’s capable of handling up to several million API requests every day. Along with this, userstack offers accurate system data and seamless integration via the JSON REST API interface.

Other uses include delivering a platform-specific link to the appropriate mobile app. Need some extra security for your site? Subscriptions also include spambot detection and crawler prevention services.

Getting Started With userstack

You can sign up for a free account at userstack.com. See the window on the right side of the home page? This demonstrates the API in action.

Take a moment to look at this, and you’ll see that it’s displaying the User-Agent information from your own browser!

Here you’ll find information pertaining to the browser and operating system, OS vendor, type of computer, and browser version and engine.

Sign up to gain access to the Account Dashboard. Here you’ll find the API Access key (for running userstack on your site), along with details about your chosen plan.

The userstack Quick Start

To ease you in, userstack has made everything straightforward.

In addition to the API key (which you should keep safe, but can reset if required via the account dashboard), userstack provides two API endpoints:

• Single Lookup: use HTTP GET to look up any User-Agent string
• Bulk Lookup: use HTTP POST to look up multiple strings

A Base URL is also provided. With this, you can make a simple API request:

https://api.userstack.com/detect

? access_key = YOUR_API_ACCESS_KEY

& ua = Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36

Check the userstack site for other API requests you can use, each with their own specific results.

Using userstack on Your Website

If you’re new to using APIs and interrogating the User-Agent information, you’re probably not too sure about how userstack can benefit you.

In its simplest terms, the code can be embedded in your HTML, or in a separate JavaScript file.

Get started by wrapping the code in JavaScript <script> tags in your HTML. At this stage, either include the commands inline, or link to a dedicated JavaScript file elsewhere on the server.

The results of the User-Agent string can help you to target content to a particular subsection of users. You can also ensure that people using older browsers and hardware can still read your site, by providing pages for them with more basic stylesheets.

Not using JavaScript on your site? Don’t worry: you can implement userstack’s API in other languages. PHP, Python, Nodejs, JQuery, Go, and Ruby examples are all are provided on the site for your convenience.

Userstack: The Secure User-Agent String Lookup You Need

Admittedly a service like userstack isn’t for every website. You might not need advanced APIs, and be happy with the information you can glean from Google Analytics.

But to make the most of User-Agent information, userstack is ideal, and it’s free to get started.

Interested in signing up for userstack and employing it on your site? Some JavaScript expertise is useful, but if you’re new to scripting, our guide to JavaScript and how it works should help.

Read the full article: Tailor Your Website Perfectly With Userstack’s User-Agent API

Read Full Article

Left Mouse Button Not Working? 7 Tips on How to Fix It

How annoying is it when your left mouse button stops working? You change the batteries, bang it on your desk a few times, and curse at the technology gods—but it’s to no avail.

It doesn’t have to be this way. There are steps you can take to get your left mouse button working again. Here are seven of the most common fixes.

1. Fix a Corrupted User Profile

You need to establish whether the problem is unique to your user account or a system-wide issue.

Make a temporary new local account by navigating to Start > Settings > Accounts > Family and Other Users> Add Someone Else to This PC. The app will ask you for the new user’s sign-in details and name.

Log into the new profile. Is left-click working? If so, your primary user account has probably become corrupted.

Try copying all your user data to a new profile. You need at least three profiles (your new one, your corrupted one, and one extra) on your machine to undertake this process.

Log onto the extra one. All the following steps need to be done from the “spare” account.

Firstly, open File Explorer and ensure both the hidden files and folders and the protected operating system files are viewable. If you cannot see them, go to View > Options > View and make the necessary adjustments.

Next, navigate to C:\Users\[Corrupted Username] and select all the files except Ntuser.dat, Ntuser.dat.log, and Ntuser.ini. Copy the files and paste them into C:\Users\[New Username].

Finally, log off and sign into your new account. Once you’ve verified everything is working, you can delete the spare account and the corrupted account.

2. Check for Corrupted Windows Data

If you still couldn’t use the left mouse button on your new profile, it’s indicative that something has gone wrong within Windows itself. One of the most common culprits is a corrupted Windows Update.

To test for the presence of corrupted Windows files, you need to run PowerShell (by right-click on the Start menu and select it from the list).

Next, you need to run the System File Checker tool.

Type sfc /scannow and press Enter. You’ll see one of three results:

1. Windows did not find any integrity violations.
2. Windows Resource Protection found corrupt files and repaired them.
3. Windows Resource Protection found corrupt files but was unable to fix some (or all) of them.

In the case of the last, type DISM /Online /Cleanup-Image /RestoreHealth and press Enter. PowerShell will re-download any corrupted files. It could take a long time, so be patient.

3. Delete Recently Installed Apps and Drivers

Have you recently installed any new apps and software? It could be the reason that left click is not working. Similarly, a program update might have caused the issue.

Right-click on the Start menu and open Programs and Features. Delete any apps that you’ve recently installed, any apps that have recently received automatic updates, and any apps you no longer use. Restart your machine and see if the problem is solved.

In a comparable vein, lots of users have pointed to errant drivers causing the problem. The most common culprit appears to be printer drivers.

Delete your existing drivers by heading to Start > Settings > Devices > Printers and Scanners. Click on the printer you want to delete, and hit Remove.

4. Delete and Reinstall Your Antivirus

Something as straightforward uninstalling and reinstalling your antivirus suite could solve your issues.

Occasionally, they detect false positives or black-flag harmless processes. Panda Anti-Virus seems to pop up more often than most. If you’re using Panda, this could be your problem.

Before you completely uninstall and reinstall, you can soft-test whether this is the issue. Disconnect from the internet and temporarily disable any third-party security suites. You can also try booting into Safe Mode to exclude software issues.

5. Hard Reset Your Computer

Performing a hard reset is not good practice and should be done sparingly. That said, many users have reported that it fixes a non-functioning left mouse button.

It is easy to do a hard reset (also known as a hard crash). If you’re on a desktop without a battery, pull out the power lead. If you’re on a laptop, pull the power cord and the battery. In both cases, you need to be logged into a user account on the PC before executing the reset.

6. Update Mouse Drivers

It’s prudent to make sure your mouse drivers are always up-to-date. If the left click key press isn’t working, you definitely need to check them.

Right-click on the Start Menu and then choose Device Manager. Don’t worry: you can also use the right-click button to make your selection.

Next, use your keyboard arrows to scroll down to your mouse entry and press Enter. The Properties window will open.

Use Tab and the arrow keys to navigate to the Driver tab and select Update Drivers. Windows will take care of the rest.

7. Enable ClickLock

What if everything is working except drag-and-drop? If you’ve already worked through the six fixes and you’re still encountering the issue, you can temporarily enable ClickLock.

ClickLock lets you drag-and-drop files and folders using single mouse clicks, rather than having to hold down the left mouse button physically.

To turn it on, go to Start > Settings > Devices > Mouse > Related Settings > Additional Mouse Settings.

The Mouse Properties window will pop up. At the bottom of the Buttons tab, you’ll see the ClickLock options. Put a tick in the checkbox to enable it. Clicking on Settings will allow you to customize your ClickLock preferences.

Is the Mouse Button Still Not Working?

Did none of these fixes work? You did remember to check the batteries, didn’t you?

Of course, your mouse itself might be faulty. Try using a wired mouse and see if the problem vanishes. And remember, it’s always worth thoroughly cleaning your mouse. Dust can quickly build-up inside its electronic components.

If you’d still like to learn more, check out our article on how to fix your Windows 10 mouse issues.

Read the full article: Left Mouse Button Not Working? 7 Tips on How to Fix It

Read Full Article

8 Coding Challenges and Competitions That May Lead to Money or Jobs

As a programmer which one of the choices would you prefer? Mailing endless resumes while waiting for that one call, or participating in a live coding challenge to test your skill sets?

That’s where competitive programming through contests and challenges can open more doors. The good news is that top tier companies have become enthusiasts. So start tracking these coding challenges for money or jobs and grab that career breakthrough today.

1. HackerRank

Leading Companies Hiring: Adobe, Booking.com, Dell, LinkedIn, RedHat, Uber

HackerRank boasts of 5 million developers who have sweated over 21 million code challenges so far. The platform assesses skills with a steady stream of contests on algorithms, machine learning, or artificial intelligence.

HackerRank has four core areas: Practice, Compete, Job, and Leaderboard.

Solve the code challenges in the Compete section and apply for jobs via HackerRank.

Just want to have fun? HackerRank also runs regular hackathons with cash prizes along with sponsored competitions from major technology companies.

Bookmark: Upcoming contests on HackerRank

2. TopCoder

Leading Companies Hiring: IBM, Google, eBay, SoftBank, Nvidia

TopCoder is one of the world’s leading crowdsourcing platforms for anything related to visual design, code development, and data science projects. The TopCoder community takes on challenges from some of the world’s leading brands. The site holds online and local coding contests across multiple cities.

Head to the competitive programming homepage and prepare for your match. Different contests can have different prizes. And there’s a good chance that clients who select winners will pick them up for jobs too.

Bookmark: TopCoder Challenges

3. HackerEarth

Leading Companies Hiring: ThoughtWorks, Amazon, Accenture, Walmart Labs, IBM, Intuit.

In 2018, HackerEarth hosted the first International Women’s Hackathon to grand success. This was a women-only event meant to close the gender gap in the computer sciences. The women developers designed apps and tools around four themes—women’s health and safety, economic freedom, social impact, innovation.

If the same event is held this year, then expect the registration to open soon. Last year, the top prize winning team walked away with $2500 and industry recognition. Keep an eye on the link below for this hackathon for women, and other contests through the year too.

Bookmark: HackerEarth Challenges

4. Skillenza

Leading Companies Hiring: Amazon, Bosch, ThoughtWorks, Societe Generale.

Skillenza is another competitive programming and hiring platform that has come out of India. Here you can part of a specific community while pitting your skills against the best. Companies can form their own page and tap into these communities to run their coding challenges.

As a coder, you can highlight your achievements in the contests and attract the right company for a job.

Bookmark: Skillenza Challenge

5. Codewars

Leading Companies Hiring: Apple, Andela, Accenture.

Take on Codewars to crack a few job related “katas”. A “kata” is a specific coding exercise to hone your language or framework-specific skills. The “katas” are created by the community of users. Solve these and graduate through the ranks in the community. And maybe, you will catch the eye of a headhunter.

Codewars is free but Codewars Red is a subscription platform with more features and benefits (for instance, go ad-free and get more server resources for your programs) to anyone looking to upskill.

Bookmark: Codewars is a part of Qualified. The latter is a SaaS platform which companies can use to hire the best talent.

6. Coderbyte

Leading Companies Hiring: Deloitte, PWC, HBO, LogMeIn.

Do you have an upcoming job interview or coding bootcamp? Coderbyte gives you coding challenges and modular courses to prepare with. For instance, you can take the 12 tutorials to study programming and algorithm questions asked in previous Google interviews. Then practice the theory with coding challenges that go from easy to difficult.

The coding challenges cover 10 programming languages. In the end, check your answers against the official solutions and also the best solutions from users. This comparison helps you benchmark your skills against the best practices in the industry.

Bookmark: Coderbyte challenges

7. CodeChef

Leading Companies Hiring: AWS, Samsung, Alibaba Cloud.

Codechef is a not-for-profit competitive coding platform from India. But it has fostered a global community of developers who use the practice problems and contests on the site. Codechef runs three contests in a month called Long Challenge, Cook-off, and Lunchtime. Long Challenges run for ten days while the other two are briefer. Use the CodeChef IDE and choose from 35+ programming languages to take part.

Cash prizes for these coding contests go up to $700 for the global community and may include other freebies too. Snackdown 2019 is the global multi-round programming contest you could start preparing for right now.

Bookmark: Upcoming contests

8. CodinGame

Leading Companies Hiring: Warner Bros, EA, Nintendo, Adobe, Bank of America

This could be the most “fun” coding (and hiring) site on this list. Instead of solving coding problems, you get to write code for a game and test it out with other coders. Think of it as a game-based hackathon. Start on an online IDE where you get a mission statement. All solo and multiplayer coding games are turn-based. At every turn, your program gets new inputs and you must code to output the correct action.

Try it out without an account. More than 25+ programming languages are supported. Crack the puzzles or the sponsored puzzles via the link below to land your dream job with the companies that are looking for the high achievers.

Bookmark: Sponsored coding puzzles

A Few More Coding Challenges for Money or Jobs

The eight on this list will keep you busy. But here are a few more to keep you on the cutting edge.

• LeetCode
• Codeforces
• Kaggle (For Data Science)
• Hewlett Packard Code Wars
• Challenge.gov
• InterviewBit
• Programmr

Be a Warrior and Start to Code

Coding contests are like open markets. Don’t think of them only as gladiatorial arenas but also as real-life schools where you can learn from the instant feedback on your mistakes. Companies have adopted these contests as hiring platforms to get the best and save costs. No wonder, big tech names have their own match ups like the annual Code Jam, Microsoft’s Imagine Cup, and the Facebook Hacker Cup.

At the end of the day, these challenges give you another way to practice your coding skills. As the last coder standing, you could walk away with a cash bounty, a career, or just more brain cells.

Read the full article: 8 Coding Challenges and Competitions That May Lead to Money or Jobs

Read Full Article

What Is a VPN Connection and How Does It Work?

If you take your online privacy seriously, there’s a good chance you use a VPN connection. They offer a layer of privacy that’s unattainable if you access the web directly through your ISP’s servers.

However, despite their increasing popularity, not many people know how a VPN works; what is happening behind the scenes?

Let’s look at what a VPN connection is and explain how a VPN works.

VPN Meaning

VPN stands for Virtual Private Network.

What Is a VPN?

It is easiest to think of a VPN as a secure tunnel between two parts of the web. In the same way that nothing on the outside could see what you’re doing in a secret tunnel under a mountain, nobody else on the web will be able to see what is happening in your private VPN tunnel.

On a more technical level, a VPN is a connection method that brings a vast number of additional security benefits, especially to anyone using a public connection such as in a hotel, airport, or library.

A VPN can be installed on a specific browser, a desktop or laptop, a smartphone, or a router.

How Does VPN Work?

When you connect to the web without a VPN, your traffic is flowing freely an in an unencrypted form from your machine to your ISP’s servers. From there, it goes to servers around the world. At all times, it is vulnerable to man-in-the-middle attacks, snooping, and other security threats.

If you use a VPN, your traffic is encrypted by the VPN app on your computer or smartphone before it even leaves your device.

From there, it goes to your ISP’s server, and then your VPN’s server. When it reaches the VPN server, the traffic is decrypted and passed on to the broader web. It also uses your VPN’s IP address. In many cases, users can choose the physical location of the VPN server they are using.

Types of VPN Protocols

Several types of VPN protocol exist. Not all providers support all the protocols. Some of the most popular VPN protocols include:

• IPsec: Internet Protocol Security (IPsec) was created for use with IPv6. It encrypts traffic by encapsulating an IP packet inside an IPsec packet.
• SSL/TLS: Transport Layer Security (SSL/TLS) can tunnel all the traffic on a network through a VPN connection. It is used in the OpenVPN project.
• SSH: Secure Shell (SSH) VPNs use tunneling to add security to intra-network links.
• SSTP: Microsoft Secure Socket Tunneling Protocol (SSTP) uses Point-to-Point Protocol (PPP) tunnels to send traffic via an SSL 3.0 channel.

What Does a VPN Do?

A VPN can perform many different functions for many different types of user.

Remote Access

VPNs first arose due to the need for people to access networks remotely and securely. Some of the first users were businesses with multiple branches or off-site employees.

Those original benefits still exist today. Millions of people use a company-provided VPN to access internal networks and servers.

Privacy and Online Security

Because of the way VPNs work, users were quick to realize that the technology also had colossal privacy and security benefits.

Not all VPNs offer the same features. However, if you use one of the market-leading paid VPN services (like ExpressVPN or CyberGhost), you should benefit from most of the following:

• Encryption: Almost all commercial VPN services encrypt your web traffic data. It means your information is unreadable to any hackers or malicious apps that are snooping on your network data.
• Hidden IP Address: To outsiders, your computer appears to have the IP address of the VPN servers. Many companies collect vast amounts of data based on IP addresses, so removing your own address drastically increases your anonymity.
• No Logging: Some VPNs will not log any of your browsing data. It means that if a government comes looking for information, there is nothing to hand over. Be aware, however, not all VPNs dispose of logs, and some have intentionally vague privacy policies.

Circumnavigate Blocked Sites

Data shutdown in Zimbabwe. Most people using a VPN.

Praying for peace and a Govt that cares for the people.#shutdownZim

— Fadzayi Mahere ?? (@advocatemahere) January 15, 2019

Websites are frequently blocked on certain networks. For example, your employee might not let people log onto Facebook while in work, your school probably blocks adult content, and in extreme cases, governments have prevented access to some sites across entire countries.

A VPN will let you access any blocked sites. The tunnel we spoke about earlier provides your machine with a way to break through a network’s restrictions and freely access the internet from your VPN server’s location.

Geo-Blocked Content

The final significant thing a VPN does is to provide access to geo-blocked sites. It’s a feature that’s especially useful for cord cutters and expats who want to watch video content from their home country.

VPNs that specialize in unlocking geo-blocked content will typically have hundreds of servers in dozens of countries around the world to provide flexibility to users.

(Note: Several leading streaming services theoretically restrict access from VPNs by blocking known VPN IP address, leading to a never-ending game of cat and mouse.

What a VPN Cannot Do

VPNs are great, but they’re far from being a one-size-fits-all online security solution—they can’t do everything.

Block Cookies

There are other ways that companies can track you around the web. One of the most common ways is to use cookies.

A VPN cannot block cookies. It means that organizations such as Facebook, Amazon, and Google will still be able to monitor you.

(Note: There are lots of different types of cookies you should be aware of.)

Make You Entirely Anonymous

VPNs are not a guarantee of online anonymity. Firstly, they can go offline unexpectedly or suffer from DNS leaks, both of which could expose your data to snoopers, ISPs, and governments without warning.

Secondly, although your ISP no longer has a copy of your browsing data, your VPN provider now has a copy. As such, you are placing a lot of trust in the provider not to use it for undesirable purposes.

For a better level of online anonymity, you should consider using the Tor network instead.

Protect You Against Malware

A VPN connection has no anti-virus properties. You still need to run one of the best anti-virus suites to protect yourself from the threats you’ll inevitably come across while surfing the web.

And remember, some malware has the ability to switch off your VPN without your permission, rendering it entirely useless.

Should You Choose a Paid or Free VPN?

In truth, you should never use a free VPN. As is always the case with free stuff online, you become the product. It’s an issue we saw repeatedly when we looked at the best free VPN providers.

Instead, make sure you sign up for a reputable, reliable, and secure paid VPN provider. There are lots of great paid VPNs you can choose from.

Image Credit: prykhodov/Depositphotos

Read the full article: What Is a VPN Connection and How Does It Work?

Read Full Article

7 Apple Pencil Accessories You Absolutely Need to Own

Biff Tannen

Biff Tannen

As Clegg appears in Brussels, Facebook tightens controls on political ads, opens Dublin control center ahead of European elections

Facebook continues to feel the heat over its role in how people communicate — and more importantly, miscommunicate — globally, so today in Europe it redoubled its efforts to counter critics by rolling out new controls specifically around election misinformation ahead of European Parliament elections this spring.

It unveiled its latest efforts to fight “fake news”, with a new system of controls around the placement of political ads, as well as a new set of human-staffed operations centers in Dublin and Singapore to monitor how localised political news is distributed on the social network — both coming in March. Then, to coincide with the new efforts, it presented its new head of global communications — Nick Clegg, a former politician — in his first public speech since taking office.

The bigger hope for Facebook is that today’s two developments will be viewed as evidence that it is making active efforts to set things aright after a series of moves that have soured people’s opinions of the social network. Facebook continues to see a lot of scrutiny in the region over how it has handled its WhatsApp acquisition, its role in the Brexit referendum, larger privacy violations and more, and as it continues to grow, the concern for Facebook is that it could start to see regulatory actions that could curtail growth longer term.

The political ad checks that Facebook announced today will see the company launch tools to improve transparency around political ads. Those buying ads will see more scrutiny about their backgrounds, to make sure they are authorized to purchase ads.

Then for every ad that does get placed, users can click on them to find out more about the company or organization making the posting, including about the budget and demographics about the reach of the ad. All of this will be kept in a library that will also be searchable by the public for up to seven years after an ad runs.

These tools will also be rolled out in other markets like Ukraine, Israel and India ahead of their national elections, and it comes alongside other policies that Facebook has put in place over recent weeks: for example, in Nigeria it’s forbidding election advertising to be purchased by foreign entities.

In addition to this, Facebook is expanding its approach to localising its response in the form of election security operations centers, or war rooms as they’re being called by some (including us). The first of these was established around the time of elections in Brazil last year, based out of Facebook’s HQ in Menlo Park, and it carried on work in the US Midterm elections.

Now Facebook is localising the concept and establishing two new centers in Dublin and Singapore, to “allow our global teams to better work across regions in the run-up to elections.” The aim of these is to track fake news, hate speech and voter suppression, and the idea will be to assemble teams that will work with other groups at the company in areas like threat intelligence, data science, engineering, research, community operations and legal.

Potentially meant to bolster the release of the news about the new election measures, Clegg’s appearance in Brussels — at a Facebook-sponsored event — unfortunately wasn’t very strong, underpinned as it was by fairly predictable pronouncements.

Clegg defended Facebook against criticism that it should be subject to the same scrutiny and responsibility as the media: “It’s raucous and unpredictable,” he said of Facebook. He did acknowledge Facebook’s shortcomings and said it’s now in a period of change. (Clegg’s known far and wide for his earnest apologies.)

He also defended the company against any negative readings of its intention to unify the back ends of its various messaging apps — while essentially confirming the the company’s desire to do so in the process.

“It’s much more simple than the heated language suggests,” he said. “What Zuckerberg says that is people are increasingly using different apps and it’s a simple view that over time, people will want to send messages from one to the other. That’s it!” See, nothing to worry about, right?

There may be some positive benefits, such as all apps taking on the encryption that is currently only a part of WhatsApp. However, it remains to be seen how linking up apps that have been built differently would work, and what other tradeoffs we will see in exchange for being able to send an Instagram snap to our WhatsApp contact a little quicker.

Asked if he was worried about being a “Brexit enabler”, Clegg curtly answered no and moved along.

Asked which technology was most worrisome for him in the future, and he named deep fakes. “We’re doing work to figure out what our defenses are against this, but that is a very worrying fact where reality and fiction bleed into each other,” he said. That could also be said about Facebook and its approach overall.

Read Full Article

Google and IAB ad category lists show “massive leakage of highly intimate data”, GDPR complaint claims

Male impotence, substance abuse, right-wing politics, left-wing politics, sexually transmitted diseases, cancer, mental health.

Those are just a few of the advertising labels that Google’s adtech infrastructure routinely sticks to Internet users as it watches and tracks what they do online in order to target them with behavioral ads.

Intimate and highly sensitive inferences such as these are then systematically broadcast and shared with what can be thousands of third party companies, via the real-time ad auction broadcast process which powers the modern programmatic online advertising system. So essentially you’re looking at the rear-end reality of how creepy ads work.

This practice is already the target of a legal complaint in Europe, filed under the bloc’s General Data Protection Regulation (GDPR).

The real-time bidding (RTB) complaint, which was lodged last fall by Dr Johnny Ryan of private browser Brave; Jim Killock, previously director of the Open Rights Group; and Michael Veale, a data and policy researcher at University College London, alleges “wide-scale and systemic breaches of the data protection regime by Google and others” in the behavioral advertising industry.

It argues the personalized ad industry has “spawned a mass data broadcast mechanism” which gathers “a wide range of information on individuals going well beyond the information required to provide the relevant adverts”; and also that it “provides that information to a host of third parties for a range of uses that go well beyond the purposes which a data subject can understand, or consent or object to”.

“There is no legal justification for such pervasive and invasive profiling and processing of personal data for profit,” the complaint asserts.

The individuals filing the complaints have now submitted additional evidence showing lists of ad categories used by Google and online ad industry association, the Internet Advertising Bureau (IAB), that they say show sensitive inferences are systematically made.

The documents, reviewed by TechCrunch, are supplementary evidence for the two original complaints filed with the UK’s ICO and the Irish DPC last year.

The complaint action has also now been joined by Polish anti-surveillance NGO, the Panoptykon Foundation — which has notifies its local DPA of what it describes as “massive GDPR infringement”.

“Ad auction systems are obscure by design,” said Katarzyna Szymielewicz, president of the NGO in a statement. “Lack of transparency makes it impossible for users to exercise their rights under GDPR. There is no way to verify, correct or delete marketing categories that have been assigned to us, even though we are talking about our personal data. IAB and Google have to redesign their systems to fix this failure.”

Ravi Naik, partner at ITN Solicitors, who is working with the complainants, also added in a statement: “Panoptykon’s submissions add to the increasing focus on real time bidding. The complaint builds on our work before the UK ICO and Irish DPC. We foresee a cascade of complaints to follow across Europe, and fully expect an EU-wide regulatory response”.

The three content taxonomy documents that have been submitted as evidence include one used by Google and two compiled by the IAB to provide publishers with lists of ad categories.

The pair make the lists available online for publishers to download, though there’s no suggestion general Internet users are encouraged to take a look at how their online activity is sliced and diced into ad categories in order that their attention can be sold off to the highest bidder.

And while plenty of the ad categories look harmless enough — hatchback cars, pets, poetry, and so on — others, such as the ones we’ve flagged above, can be highly intimate and/or sensitive.

In Europe such sensitive data categories constitute what’s considered special category personal data — which refers to the most sensitive types of personal data, including medical information, political affiliation, religious or philosophical views, sexuality and information revealing racial or ethnic origin.

Multiple types of this special category data appear to be included in the content taxonomy lists we’ve reviewed.

Under GDPR, processing special category data generally requires explicit consent from users — with only very narrow exceptions, such as for protecting the vital interests of the data subjects (and, well, trying to sell Viagra isn’t going to qualify).

The original complaints argue that Internet users are unlikely to be aware such labels are being routinely stuck on them, let alone how widely their personal data is being shared with third parties participating in programatic ad auctions that rely on scale for the system to function.

The RTB process does not offer Internet users an opportunity to consent to each and every personal data transaction. If it did, web browsers would be swamped with creepy requests to process intimate information about them from scores of unfamiliar companies. And there’s no reason to think people would be okay with that.

“The speed at which RTB occurs means that such special category data may be disseminated without any consent or control over the dissemination of that data. Given that such data is likely to be disseminated to numerous organisations who would look to amalgamate such data with other data, extremely intricate profiles of individuals can be produced without the data subject’s knowledge, let alone consent,” the group write in their original complaint filing.

“The industry facilitates this practice and does not put adequate safeguards in place to ensure the integrity of that personal (and special category) data. Further, individuals are unlikely to know that their personal data has been so disseminated and broadcast unless they are somehow able to make effective subject access requests to a vast array of companies. It is not clear whether those organisations have a record of compliance with such requests. Without action by regulators, it is impossible to ensure industry-wide compliance with data protection regulations.”

They cite a New Economics Foundation’s estimate which suggests ad auction companies broadcast intimate profiles about an average UK internet user 164 times per day, adding: “Tracking IDs and other personally specific information are not actually necessary for ad targeting but allow you to be reidentified and profiled every day.”

Here’s a few more highly sensitive labels that are being attached to web users’ identities and shared with potentially thousands of bidding ad companies: Special needs kids, endocrine and metabolic diseases, birth control, infertility, diabetes, Islam, Judaism, disabled sports, bankruptcy.

These categories come from v2 of the IAB’s content taxonomy.

The group has also submitted v1 of the IAB’s taxonomy as evidence, and this includes other disturbingly intimate categories — including a category for ‘incest/abuse support’.

The IAB claims to have depreciated the v1 list but the complainants say it’s still being used in the IAB’s latest ad auctioning system.

We’ve reached out to the IAB for comment.

Filing this new evidence, the complainants argue it underlines “the unreasonable degree of intimacy of the personal data broadcast in ad auctions”.

“The evidence we file today illustrates that the IAB and Google ad auction system can broadcast remarkably intimate details about what you watch, listen to, and read online. ‘Special category’ personal data like this enjoys special protections in the GDPR. I believe this raises the stakes of our complaint,” Brave’s Ryan told TechCrunch.

“Actors in this ecosystem are keen for the public to think they are dealing in anonymous, or at the very least non-sensitive data, but this simply isn’t the case. Hugely detailed and invasive profiles are routinely and casually built and traded as part of today’s real-time bidding system, and this practice is treated though it’s a simple fact of life online. It isn’t: and it both needs to and can stop,” added Veale in a statement.

The original IAB lists can be downloaded as a spreadsheet here (see tab 2 for the v1 list; and tab 1 for v2). While PDF versions of the IAB lists with special category and sensitive data highlighted can be viewed here (v1) and here (v2).

Google’s original document can be downloaded here from developers.Google.com. (A marked up version highlighting the special category data is also available from Brave here.)

We’ve also reached out to Google for comment on the latest development in the complaint.

After being sent the category lists for review, an ICO spokesperson told us: “The ICO and our partner authorities on the European Data Protection Board are already engaged on various issues relating to Google and we are engaging with the industry more widely. We are considering the concerns that have been raised with us.”

The agency has made online behavioral advertising a key priority, noting in its Technology Strategy that it’s probing web and cross device tracking, and citing examples including device fingerprinting, browser fingerprinting and canvas fingerprinting.

“This is likely to continue as more devices connect to the internet (IoT, vehicles etc) and as individuals use more devices for their online activities,” it writes in the strategy document. “These new online tracking capabilities are becoming more common and pose much greater risks in terms of systematic monitoring and tracking of individuals, including online behavioural advertising. The intrusive nature of the technologies in combination drives the case for this to be a priority area.”

Read Full Article