Tag: privacy

I'm never buying another Kindle, and neither should you

I used to think a Kindle was the easiest way to carry a library in my pocket — until my device stopped being built for readers. "I'm never buying another Kindle, and neither should you" isn't just clickbait; it's the honest reaction of someone who’s watched a device I trusted become more about corporate control than quiet, private reading. Recent firmware changes, DRM tweaks, forced updates, and reports of devices becoming effectively useless have made me rethink the whole premise of buying into Amazon’s e-reader ecosystem. (androidauthority.com)

What changed: from thoughtful gadget to locked-down appliance

Kindles pioneered e-ink reading, long battery life, and a genuinely book-like experience. Over the last few years, though, Amazon has tightened the screws: new firmware has introduced stronger DRM, removed features some users relied on, and in certain cases left devices struggling after updates. The result feels less like thoughtful product stewardship and more like product control. (pocket-lint.com)

Forced updates and buggy firmware have bricked or destabilized multiple devices, according to user reports. When a device that once simply displayed text can suddenly fail because of an overzealous update, you stop seeing it as a durable tool and start seeing it as a service tethered to a corporation’s whims. (wired.com)

Why control matters for readers

Reading is a private, low-friction activity. We choose e-readers to remove distractions, extend battery life, and preserve a single-minded focus on the text. That expectation breaks down when:

• The manufacturer can silently push updates that change functionality.
• DRM prevents you from backing up the books you paid for.
• Amazon can remove or alter access to features or formats without meaningful recourse. (pocket-lint.com)

When your books are tied to an ecosystem that can alter device behavior remotely, ownership becomes ambiguous. You may own the hardware, but you don't fully own the reading experience.

Alternatives that respect readers

Not every e-reader treats you like a license holder. Devices and ecosystems like Kobo and Android-based readers (Boox, etc.) prioritize open file formats, library integration, and — in many cases — local management of files. That means you can borrow from libraries, load ebooks directly, and keep local backups without jumping through Amazon-sized hoops. For people who value interoperability and control, these options are more appealing. (laptopmag.com)

Transitioning away from Kindle may involve a learning curve — Calibre and EPUB support are foreign to some Kindle-only users — but the trade-off is a system where your purchases and local files feel genuinely yours.

The DRM problem: more than inconvenience

Amazon’s recent firmware updates introduced stronger DRM layers that make backing up content harder and complicate transferring books between devices. That’s not just inconvenient; it’s a long-term risk. If support for older devices ends (as Amazon recently announced for devices from 2012 and earlier), users can lose features or compatibility overnight, increasing e-waste and effectively forcing upgrades. (pocket-lint.com)

If you value longevity and the ability to archive purchases locally, heavy-handed DRM is a red flag. It means your “library” may vanish into formats and servers you can’t control.

The human cost: frustration, lost time, and distrust

This isn’t abstract. Real readers report waking up to bricked devices, losing access to sideloaded books, or spending hours on support calls that don’t resolve the core problem. That friction chips away at trust. Once the relationship between buyer and device shifts toward paternalistic control, the emotional value of the product drops. People don’t just want features — they want reliability and respect for ownership. (reddit.com)

What Amazon could do (but hasn’t)

There are straightforward, reader-first moves Amazon could make:

• Stop forced updates that can brick devices or remove core features without clear opt-in.
• Provide a robust offline-side-load and backup path for purchased content.
• Limit DRM to the minimum necessary and make archival/export tools available.
• Offer clear, dated support timelines so buyers can make informed choices.

Until Amazon anchors its strategy around reader rights and device longevity, skepticism is rational.

Alternatives and practical next steps

If you’re fed up and thinking of switching, here’s a quick roadmap:

• Try a Kobo if you want straightforward EPUB support and library integration.
• Consider Android-based e-ink devices (Boox, Onyx) if you want apps and flexibility.
• Use Calibre to manage local libraries and maintain backups of any DRM-free files.
• When buying, prefer sellers that clearly state region and support policies to avoid warranty headaches. (laptopmag.com)

These options aren’t perfect, but they foreground user control over corporate convenience.

My take

I still love the idea of a dedicated e-reader: the tactile simplicity, the long battery life, the focus. But a device that can be subtly reshaped by the company behind it — sometimes to the detriment of the user — no longer earns my loyalty. For me, “I’m never buying another Kindle, and neither should you” captures a larger point: buy tools that respect your ownership, not products that treat you as a subscription to be managed.

Closing thoughts

We buy gadgets to make our lives richer, not to become pawns in product strategies. Reading should be low-friction, private, and durable. When a platform that once delivered that experience starts prioritizing control over readers, it’s time to look away and support alternatives that preserve the simple joy of turning a page.

Sources

• I'm never buying another Kindle, and neither should you – Android Authority
  https://www.androidauthority.com/amazon-kindle-2026-3657863/

• Amazon Pulls Support for Perfectly Fine Older Kindles – Wired
  https://www.wired.com/story/amazon-pulls-support-for-perfectly-fine-older-kindles/

• Amazon is making it much harder to remove DRM from Kindle books – Pocket-lint
  https://www.pocket-lint.com/amazon-making-kindle-drm-removal-harder/

• This new Kindle jailbreak uses Amazon's own ads against it – Android Authority
  https://www.androidauthority.com/jailbreak-kindle-adbreak-3609136/

• I switched from a Kindle ereader to Kobo for a week – LaptopMag
  https://www.laptopmag.com/news/amazon-kindle-vs-kobo-clara-bw

Check your smartphone now — these apps are dangerous and should be deleted.

You should read that sentence again and then open your phone. Check your apps. Check what permissions they've been allowed. The FBI has just issued a public warning about mobile applications — especially those developed and maintained overseas — that can quietly collect and leak personal data. Check your smartphone now — these apps are dangerous and should be deleted. This is not fearmongering; it's a practical reminder that our pocket computers hold the keys to our contacts, location, photos, messages, and sometimes banking tokens.

Why the FBI warning matters

Over the last few years, governments and security agencies have flagged concerns about certain foreign-developed apps that request broad device permissions, persistently collect data, or route information through infrastructure in countries with different national security laws. The FBI’s recent public service advisory highlights three recurring risks:

• Apps that ask for access to contacts, SMS, storage, and location can harvest data about people who never installed the app.
• Some apps persistently collect information even when they aren’t actively used.
• Apps that host or hide malware can exfiltrate data or enable surveillance.

The advisory doesn’t ban specific mainstream brands by name in every case, but it does nudge users to be extra cautious about apps that maintain infrastructure or data stores in foreign jurisdictions where local laws may compel that data be handed over to state authorities.

Transitioning from awareness to action is the point: if an app on your phone requests sweeping permissions and you don’t trust its origin, treat it as a red flag.

Which apps you should watch for

The FBI’s message is broad rather than a neat list of offenders. That’s intentional: the risk isn’t just one app, it’s a pattern in how some apps behave and where they store data. Still, coverage from security outlets and tech sites highlights common categories to scrutinize:

• Free VPNs and “lite” streaming or downloader apps that ask for device-wide access.
• Lesser-known social or utility apps that request contact lists, SMS, and storage access on install.
• Apps hosted outside official stores (sideloaded APKs on Android) or unofficial versions of popular services.
• Apps that solicit device admin rights, accessibility privileges, or persistent background access.

If an app is obscure, newly published, or from a developer you can’t verify — and it asks for broad permissions — it’s safer to delete it and find a well-reviewed, reputable alternative.

What to do right now

• Open your phone’s Settings and review app permissions. Revoke anything that looks unnecessary (camera, mic, contacts) for apps that shouldn’t need them.
• Uninstall apps you don’t recognize, don’t use, or that you installed outside Apple’s App Store or Google Play.
• Update your OS and apps to the latest versions so security patches are applied.
• Only download apps from official stores and check developer details and reviews.
• Change passwords for sensitive accounts and enable multi-factor authentication where possible.
• If you suspect an app has stolen data or behaved maliciously, reset the device and reach out to your bank or services you use — and file a report with the FBI’s IC3 or your local authorities if you’re in the U.S.

These steps reduce the attack surface and limit persistent data collection even if an app is trying to overreach.

How real is the risk?

A follow-up question is fair: how likely is your app to be an active surveillance tool versus just a privacy-invasive tracker? The answer is: both are possible. Some apps are simply greedy for advertising and analytics data. Others — whether through negligence or design — may process and store data in ways that expose it to foreign legal orders or hostile actors. Security researchers and agencies have repeatedly found malware-laden or trojanized apps on third-party stores and even within official marketplaces.

So while the worst-case scenarios are rarer, the cost of inaction is high: identity theft, account takeover, and privacy compromise. Treating your smartphone like a personal device that needs periodic audits is smart hygiene — not paranoia.

Navigating nuance: don’t throw the baby out with the bathwater

Not every app developed abroad is a threat. Big, reputable companies with clear transparency reports, independent audits, and local presence are different from small, opaque developers. Context matters:

• Look for transparency: where is data stored, how is it encrypted, and what do the privacy policies say?
• Prefer apps with independent security reviews or a track record of responsible disclosure.
• Remember that removing permissions or uninstalling apps may break functionality — weigh that against the information at stake.

In short: be skeptical, not reflexively fearful. Make decisions based on permissions, provenance, and behavior.

My take

Smartphone security is a habit, not a one-off action. The FBI’s advisory is a timely nudge reminding us that convenience often comes with trade-offs. A regular five-minute check of permissions, coupled with a quick uninstall sweep for unused apps, will dramatically improve your safety. We can enjoy modern apps while still insisting they earn our trust.

Final thought: think of your phone like your home — you wouldn’t give a stranger permanent access to your house keys or bathroom drawers. Treat app permissions the same way.

Sources

• FBI Public Service Advisory summarized by Forbes — "FBI Warns iPhone And Android Users—Do Not Install These Apps" (Forbes).
  https://www.forbes.com/sites/zakdoffman/2026/04/04/fbi-warns-iphone-and-android-users-do-not-install-these-apps/

• "FBI warns against using Chinese mobile apps due to privacy risks" (BleepingComputer).
  https://www.bleepingcomputer.com/news/security/fbi-warns-against-using-chinese-mobile-apps-over-to-data-security-risks/

• "Many of the most downloaded… are developed and maintained by foreign companies" (TechRadar coverage of the FBI advisory).
  https://www.techradar.com/pro/security/many-of-the-most-downloaded-and-top-grossing-apps-in-the-united-states-are-developed-and-maintained-by-foreign-companies-fbi-urges-users-not-to-download-chinese-mobile-apps-over-privacy-risks

Hello, Gemma 4: Google’s newest Gemma model is now both open-weight and open-source

Imagine pulling a powerful, multimodal AI down from the cloud and running it on your phone, laptop, or Raspberry Pi — without paying subscription fees or signing an NDA. That's the real-world shift Google just nudged forward: Google's newest Gemma model is now both open-weight and open-source, available under Apache 2.0 and tuned for edge devices and developer ecosystems. This release feels like the moment the slogan “AI for everyone” stops being marketing and starts being practical. (blog.google)

Why this matters now

For years, the most capable models have lived behind corporate APIs and closed licenses. That created a gulf: cutting-edge capabilities for companies that could pay and constrained experimentation for everyone else. Gemma 4 chips away at that gap by shipping weights and tooling that developers can use, modify, and redistribute under a familiar open-source license. The result is faster innovation, more competition, and a broader base of people who can build with frontier AI. (eweek.com)

• It’s multimodal: text, images, and edge variants support audio and video patterns.
• It’s licensed permissively: Apache 2.0 removes many enterprise/legal frictions.
• It’s optimized for the edge: small variants target phones and other local devices. (blog.google)

What Gemma 4 brings to the table

Gemma 4 is a family rather than a single model. Google released several sizes — from lightweight E2B/E4B edge models to more capable 31B dense and 26B MoE variants — so developers can pick performance, latency, and cost trade-offs that fit their projects. The family is built on research from the Gemini line, but the emphasis here is on practical, runnable models for real systems. (blog.google)

Performance highlights include strong reasoning and multimodal understanding for models in their class, and benchmarks show Gemma 4’s 31B variant punching well above its weight on some tasks. More importantly, Google released Gemma 4 with day-one support across major inference engines and ecosystems — Hugging Face, Ollama, llama.cpp, NVIDIA NIM, vLLM, and more — so you don’t need proprietary tooling to get started. (build.nvidia.com)

How to try Gemma 4 (quick guide)

If you want to tinker, here are straightforward paths people are already using:

• Hugging Face: models and model cards are available in Google’s Gemma collection for immediate download and use with Transformers-based tooling. (huggingface.co)
• Google AI Studio and Edge Gallery: run the larger models in cloud dev environments or test edge variants on Android via Google’s developer apps. (blog.google)
• Local runtimes: community ports and quantized builds run on llama.cpp, Ollama, and other local engines — making phone-based, offline experiences viable. (huggingface.co)

Transitions between cloud and edge are smoother here because of the model sizes and pre-built engine integrations. Expect rapid community releases for quantized GGUF builds and optimized kernels in the next few days — the open-weight moment invites that energy.

The open-weight vs. open-source nuance

A quick clarification: "open-weight" has been used by model makers to mean the raw weights are available, but not all training data, training code, or full architecture details are published. Gemma 4 distinguishes itself by being released under Apache 2.0, a permissive license, and by shipping day-one ecosystem support — moving it closer to what practitioners reasonably call "open-source" in practical terms. That doesn’t mean every research artifact is public, but it does mean you can build, redistribute, and commercialize in ways you typically could with other Apache-licensed projects. (blog.google)

The developer opportunity and the risk landscape

Open weights democratize experimentation. Startups will be able to iterate on custom fine-tunes, on-device assistants will gain local intelligence, and defenders of privacy can architect systems that never send user data to third-party servers. This is a big win for builders and privacy-minded products. (techspot.com)

But with openness comes responsibility. Wider access means easier misuse and faster propagation of unvetted variants. Google and the community will need to keep working on guardrails, robust moderation tooling, and responsibly labeled checkpoints. The release also re-energizes debates about transparency in training data, provenance, and the ethics of model redistribution.

The broader tech context

Gemma 4 arrives into a field that has rapidly normalized large open-family releases. Other major players have pushed open-weight models in the past year, and the ecosystem has grown rich with quantization tools, inference optimizers, and hardware-specific kernels. Gemma 4's Apache licensing plus day-one integration with major runtimes could accelerate an already fast-moving open model marketplace. Expect more on-device AI experiences, new SaaS products built on local inference, and robust community forks. (techcrunch.com)

Final thoughts

My take: releasing Gemma 4 under Apache 2.0 is an inflection point. It lowers the bar for powerful, private, and portable AI, while re-centering developers in the innovation loop. The next few months will show whether community governance and responsible-release practices keep pace with the technical leaps. For now, we have a legitimately practical, high-quality open model family to explore — and that’s worth celebrating.

Sources

• Google DeepMind — Gemma 4: Our most capable open models to date. https://blog.google/innovation-and-ai/technology/developers-tools/gemma-4/ (blog.google)
• Hugging Face — Welcome Gemma 4: Frontier multimodal intelligence on device. https://huggingface.co/blog/gemma4 (huggingface.co)
• Yahoo / Mashable coverage — Google launches Gemma 4, a new open-source model: How to try it. https://tech.yahoo.com/ai/gemini/articles/google-launches-gemma-4-open-222148736.html (tech.yahoo.com)
• NVIDIA NIM model card — Gemma-4-31B IT Model by Google. https://build.nvidia.com/google/gemma-4-31b-it/modelcard (build.nvidia.com)

Hook: Fitbit gets hungrier — and thirstier — for your data

Today’s Fitbit update is more than a fresh coat of paint. The Fitbit Public Preview adds food & water logging, joining a broader app redesign and AI-powered personal health coach that Google has been rolling out in preview form. If you’ve been watching the gradual migration of Fitbit into Google’s ecosystem, this is one of those moments where the product starts to feel like the future Google described — and also like the kind of change that will stir conversation among longtime users.

What just landed in the Public Preview

• The app now includes built-in food logging and water tracking so users can set calorie targets, log meals, and track hydration directly in the Fitbit app.
• The Public Preview — originally focused on Premium subscribers and select Android users — is expanding access so free-tier users can try the redesigned interface and these nutrition features.
• This expands a broader push: the redesigned app pairs a Material 3-inspired UI with a Gemini-powered “personal health coach” that uses your activity, sleep, and (now) nutrition data to give suggestions.

Why this matters: nutrition and hydration are two of the largest behavioral levers for health outcomes. Bringing those logs into Fitbit’s new coaching experience is an obvious next step — it helps the AI see the whole picture, not just steps and sleep.

Why the timing and the rollout matter

Google started previewing the AI-powered Personal Health Coach last year, first to Premium users and a limited set of devices. The rollout has been gradual: Android users saw the earliest access, then iOS, and now more people on the free tier are being invited into the Public Preview.

That phased approach is pragmatic. It lets Google collect feedback, quiet bugs, and iterate on features that touch sensitive user data — especially when the product starts to take in things like nutrition entries and (in other recent previews) medical records or continuous glucose monitor data.

Still, phased rollouts create friction: some users will see new nutrition and water screens immediately; others will wait days or weeks. And historically, Fitbit’s food/water logging has been a touchy subject for users when it’s buggy or when sync behavior with third-party apps breaks.

The redesign: not just cosmetics

• Material 3 visuals, smoother animations, and a reorganized home experience aim to make daily logging simpler.
• The Personal Health Coach (Gemini-based) turns logs into conversational guidance: it can suggest adjustments, summarize patterns, and help set targets.
• Beyond nutrition, Google is adding resilience and sleep improvements, and plans to let eligible users link clinical records for a fuller health snapshot.

Put simply: Fitbit now wants to be both the place you record what you do and the place that explains what it means. That double role increases the product’s value — and the stakes.

What users should watch for

• Data continuity: If you have historic food and water entries, confirm those sync correctly. Some preview users historically reported migration hiccups after big app updates.
• Privacy and permissions: New features that ingest nutrition, hydration, and (in other previews) medical data mean you should double-check which Google/Fitbit account type is linked and which permissions you’ve granted.
• Feature parity: The Public Preview sometimes exposes a UI before all back-end pieces are in place. Expect some functionality to behave differently or appear later.
• Integration with third-party food trackers: If you rely on MyFitnessPal, Lose It!, or a smart scale to feed Fitbit, watch whether those integrations continue to sync smoothly.

A quick user checklist

• Update the Fitbit app to the latest version from your app store.
• Open Settings → Profile → Join Public Preview (if available) to get access.
• Back up or note important historical data if you depend on it daily.
• Review app permissions and the account linked to Fitbit (Google vs. legacy Fitbit account).

The broader picture

This update is a predictable but meaningful step in Fitbit’s evolution under Google. AI coaching without context is limited; nutrition and hydration bring context. Google is clearly aiming to stitch together device data, user-entered behavior, and — at times — clinical data to create a more personalized experience.

But that integration raises familiar trade-offs: convenience versus control, helpful nudges versus surprising recommendations, and the long-standing tension between new platform design and the muscle memory of long-term users. Some will love having one place to log a meal and ask an AI why their readiness score dropped; others will bemoan changes to workflows that used to be simple and reliable.

My take

I’m encouraged by Fitbit bringing food and water logging into the Public Preview — the product only becomes useful if it measures the things that actually move the needle. That said, Google will need to keep listening. Small quality-of-life details (quick add buttons, barcode scanning, consistent units for water, and reliable third-party sync) often determine whether people actually keep logging.

If Google gets those details right and keeps the privacy guardrails clear, this could be one of the stronger examples of practical, helpful AI in wellness. If not, it’ll feel like a shiny interface on top of the same old friction.

Sources

• Fitbit Public Preview adds food & water logging, more as app redesign comes to free users — 9to5Google
  https://9to5google.com/2026/03/31/fitbit-app-redesign-free/

• New Fitbit features for tracking medical records, sleep and metabolic health — Google Blog
  https://blog.google/products-and-platforms/devices/fitbit-personal-health-coach-updates-2026/

Hook: A new line at the starting gate

Imagine stepping up to an Olympic start line knowing that, to qualify, you will be asked to give a cheek swab or saliva sample — not for doping, but to prove your sex. The International Olympic Committee’s new policy requiring genetic testing for anyone seeking entry into women’s events has just shifted the finish line for fairness, privacy and human dignity. This post digs into what the IOC announced, why genetic testing is at the center of the debate, and what it could mean for athletes and sport as we head toward the 2028 Los Angeles Games.

Why genetic testing for women's events matters now

The IOC announced a policy, taking effect for the 2028 Summer Games, that limits eligibility for the female category to “biological females,” determined by a one-time genetic screen that looks for the SRY gene (a Y‑chromosome marker linked to male sex development). The move follows similar steps by some international federations — notably World Athletics — that have already reintroduced chromosome or gene screening for female-category eligibility.

This is not just a technical tweak. It touches on history (sex‑testing stretches back to the mid-20th century), law (national executive orders and federation rules), science (how sex and variation are defined biologically), and ethics (privacy and discrimination concerns). Transition words matter here: consequently, many athletes, advocates and scientists are asking whether this is fair, feasible, or even legally sound.

Quick takeaways

• The IOC requires a one‑time genetic test (SRY gene screen) for athletes wishing to compete in women’s events beginning with the 2028 Olympics.
• Several international sports bodies have already moved toward chromosome or gene-based eligibility checks; this is part of a broader trend.
• The policy raises complex scientific, privacy and human-rights issues — especially for intersex athletes and those with differences of sex development (DSD).
• Expect legal challenges, federation-level confusion, and practical enforcement questions before Los Angeles 2028.

How the policy works and the science behind it

In plain terms, the genetic test the IOC plans to use screens for the SRY gene — a DNA segment typically located on the Y chromosome that plays a central role in directing male sex development in utero. A positive SRY result is treated as evidence of “biological male” for eligibility purposes; a negative result would allow entry into the female category.

However, biology is messier than a binary test result. There are naturally occurring variations — such as androgen insensitivity, mosaicism, or conditions like Swyer syndrome — that complicate neat classification. Importantly, the presence or absence of SRY is not the whole story when it comes to physical performance, hormone levels, or athletic advantage.

Consequently, critics point out that a single genetic marker is an imperfect proxy for athletic fairness and that blanket screens risk excluding or stigmatizing athletes with rare but legitimate biological differences.

The practical and ethical ripple effects

• Privacy and medical confidentiality: Genetic testing collects highly sensitive data. Who stores it, who can access it, and how long it is kept are immediate concerns.
• Impact on intersex athletes: Many intersex variations would be conflated with unfairness by a blunt SRY screen, yet those athletes often have no competitive advantage or may already face medical scrutiny.
• Legal and human-rights challenges: National laws and international human-rights frameworks could collide with federation rules. Expect court cases and appeals.
• Administrative burden: Federations and national Olympic committees must implement testing logistics, appeals processes, and adjudication mechanisms — a complicated, costly enterprise.
• Sporting fairness vs. inclusion: Supporters argue the policy protects fairness for cisgender women; opponents argue it institutionalizes exclusion and harms vulnerable athletes.

Where this policy sits in a broader landscape

This IOC decision didn’t appear in isolation. Over the past few years, several sports governing bodies have tightened policies around transgender athletes and DSD, with some reintroducing chromosome testing. Political pressures and national directives have also pushed changes — for example, national executive orders and letters from political figures urging stricter rules for the 2028 Olympics.

Still, the international sports community has historically relied on federations to set eligibility rules. The IOC’s move to set a universal genetic requirement creates a new central standard, but it will collide with different legal systems, cultural expectations, and scientific opinions around the world.

What to watch between now and Los Angeles 2028

• Legal challenges and appeals: Cases could reach national courts or sport’s arbitration bodies.
• Implementation details: Who will conduct tests, how results are verified, and what appeals look like are all open questions.
• Federation responses: Some sports may add sport-specific rules; others might push back or seek exemptions.
• Public and athlete reaction: Protests, athlete statements, and media scrutiny will shape public perception and policy adjustments.

My take

Athletics is inherently about finely measured edges — fractions of a second, centimeters, grams of force. But not every edge should be decided by a DNA test. Reintroducing genetic screening as a universal prerequisite for competing in women’s events is understandable from a certain fairness‑first perspective, yet it leans on an oversimplified view of sex and performance. The result risks penalizing intersex athletes, violating medical privacy, and putting sports bodies in the untenable position of policing biology rather than performance.

A better path would combine careful, evidence‑based sport-specific rules with robust privacy protections and individualized review processes. Biology is complicated; policy should reflect that complexity rather than defaulting to blunt screening.

Final thoughts

The IOC’s genetic‑testing requirement marks a major inflection point in modern sport. It forces us to ask: what do we mean by fairness, who gets to decide, and what price are we willing to pay to preserve one set of values over another? Between now and the 2028 Games, expect fierce debate, legal wrangling, and difficult human stories. Whatever unfolds, the decision underscores that sport remains a mirror for our broader social conflicts — and that answers grounded in science, compassion and clear legal guardrails will matter more than ever.

Sources

• Transgender women athletes banned from female Olympic events by new IOC policy — Associated Press.
  https://apnews.com/article/520cd9cee152a312767a667acf77dbc8

• Olympic committee moves to require genetic testing for all female competitors ahead of Los Angeles Games — CyclingNews.
  https://www.cyclingnews.com/pro-cycling/womens-cycling/olympic-committee-moves-to-require-genetic-testing-for-all-female-competitors-ahead-of-los-angeles-games/

• World Athletics to require chromosome testing of athletes in women's track and field — Associated Press (March 2025 background).
  https://apnews.com/article/0f0b2baf22d5bac94f326534bd48061d

• NPR coverage and background on U.S. and Olympic policies regarding transgender athletes (reporting and analysis).
  https://www.npr.org/ (search: "U.S. Olympic and Paralympic officials bar transgender women from Olympic women's sports")

A pleasant surprise in your toolbar: Firefox now has a free built‑in VPN with 50GB monthly data limit

Firefox just got a privacy upgrade that’s hard to ignore: a free, built‑in VPN that gives users up to 50GB of monthly traffic. This addition lands in Firefox 149 and is delivered as a browser‑level VPN — no separate app required — which makes privacy easier for casual users and gives power users another tool in their kit. (firefox.com)

Why this matters now

Browsers have become battlegrounds for user trust. As adtech and cross‑site tracking grow more sophisticated, companies like Mozilla are trying to regain ground by leaning into privacy features. Adding a built‑in VPN is a clear, visible signal: Firefox isn’t just blocking trackers — it’s offering to hide your IP and mask location from sites you visit. Mozilla’s rollout of this feature with Firefox 149 marks a shift from optional, paid VPN products toward making privacy a default, discoverable browser capability. (firefox.com)

• It’s a browser‑only VPN — it protects web traffic inside Firefox, not all traffic on your machine. (ghacks.net)
• The free tier caps usage at 50GB per month, enough for typical browsing, light streaming, and everyday anonymity. (firefox.com)
• The rollout is phased by region, and account sign‑in may be required to track the 50GB usage. (firefox.com)

What Firefox’s built‑in VPN actually does

This is a browser‑level proxy that routes your Firefox web requests through Mozilla’s VPN backend, obfuscating your IP address and encrypting the connection between the browser and the VPN server. It’s not a system‑wide VPN, so apps outside Firefox (like games, email clients, or torrent clients) won’t use it. That makes it less of a catch‑all privacy tool, but also simpler and less intrusive for users who mainly want private browsing without installing extra software. (ghacks.net)

The practical tradeoffs:

• Pros: Quick setup, no third‑party client, easy to toggle, and generous 50GB monthly allowance for a free offering. (firefox.com)
• Cons: Browser‑only protection, potential performance variance depending on server load, and limitations compared with paid, system‑wide VPNs. (ghacks.net)

How Mozilla’s move fits the larger browser landscape

Mozilla isn’t inventing the wheel here — other browsers (Opera, Vivaldi, Brave) have offered integrated VPN/proxy features for years. But Mozilla brings something different: a long track record of privacy messaging and an independent non‑profit ethos that many users trust. That trust matters, because "free VPN" has a fraught history; shady providers have been caught collecting data or inserting trackers under the guise of privacy. Mozilla’s approach—integrated, account‑managed usage and transparency about how usage is measured—aims to avoid those pitfalls. (techradar.com)

At the same time, the move looks strategic. With Firefox’s global market share small compared to Chromium‑based rivals, a high‑profile privacy feature gives Mozilla a marketing hook to woo users who prioritize privacy but don’t want to fiddle with extensions or third‑party services. (techradar.com)

Practical tips if you want to try it

If you see the feature in your Firefox toolbar or settings, here’s how to treat it:

• Sign in with your Mozilla account if prompted — the account tracks the 50GB allowance. (firefox.com)
• Remember it’s browser‑only: if you need system‑level privacy (e.g., protecting a torrent client or a game), keep using a full VPN app. (ghacks.net)
• Expect gradual rollout: not every Firefox 149 install will see the VPN right away; Mozilla is enabling it by region and in phases. (firefox.com)

Safety and privacy: what to ask before trusting any “free VPN”

A free VPN can be a huge convenience, but privacy is not just about a locked padlock icon. When evaluating the new Firefox option, consider:

• Logging policy: what connection metadata is recorded and for how long? Mozilla has historically published transparency details for services; look for those statements. (theregister.com)
• Who runs the servers? Some privacy services partner with third parties for infrastructure. Knowing the operator helps when assessing jurisdiction and data risks. (ghacks.net)
• Is the protection audited? Independent audits and technical writeups increase confidence in a VPN’s claims. (theregister.com)

The user experience — a quick read

The beauty of a built‑in, browser‑level VPN is simplicity. Toggle it on, surf with a masked IP, and the browser handles the rest. For many users, that will be "good enough" privacy without extra installs or subscription signups. For power users, it won’t replace a full VPN, but it’s a welcome tool in the privacy toolbox. And the 50GB monthly cap is far more generous than many free VPNs’ paltry allowances, making the feature practical for real use. (firefox.com)

My take

Mozilla’s built‑in VPN is a smart, pragmatic step. It lowers the barrier to stronger browsing privacy and aligns with Firefox’s brand. It also signals a shift in how browsers compete: not just on speed or features, but on trust and default protections. If you’re an occasional user who wants better privacy without complexity, this is worth exploring. If your needs include system‑wide traffic or heavy streaming and downloads, keep a dedicated VPN on standby.

Sources

• Firefox 149.0 Release Notes — Firefox (Mozilla).
  https://www.firefox.com/en-US/firefox/149.0beta/ (firefox.com)

• Mozilla is experimenting with a free, built‑in VPN in Firefox — TechRadar.
  https://www.techradar.com/vpn/vpn-services/mozilla-is-experimenting-with-a-free-built-in-vpn-in-firefox-but-you-might-not-be-able-to-try-it-yet (techradar.com)

• Mozilla recruits beta testers for a built‑in Firefox VPN — The Register.
  https://www.theregister.com/2025/10/14/mozilla_firefox_vpn_beta/ (theregister.com)

When a favorite Chrome extension gets flagged for malware — what just happened?

Google has just blocked one of our favorite Chrome extensions for apparently containing malware. That’s the headline Android Authority ran — and it landed in many inboxes with a familiar mix of annoyance and unease. Extensions that once made browsing breezier are suddenly disabled, users are left confused, and developers are scrambling to explain themselves.

This post walks through what happened, why extensions go rogue, and what you should do right now if Chrome has flagged an add‑on you rely on.

What the alert actually means

When Chrome flags an extension as malicious, Google isn’t making a cosmetic change — it’s saying the extension may perform harmful behavior (exfiltrate data, inject code, hijack settings, or silently redirect traffic). Chrome can automatically disable or block an extension if Safe Browsing or Google’s security systems detect suspicious activity, or if outside researchers publish evidence of abuse.

A flagged extension can be:

• an originally benign project that was sold or hijacked, then updated with malicious code;
• a deliberately malicious extension that slipped past review; or
• an extension that suddenly behaves in a risky way after adding new permissions or remote scripts.

Researchers and security outlets have tracked these scenarios repeatedly over the last two years, with large removal waves and coordinated campaigns affecting millions of users. (thehackernews.com)

How this keeps happening: the typical playbook

The pattern repeats:

• An extension gains users by solving a real problem (tab management, ad blocking, screenshots, VPN, etc.).
• Attackers either buy the extension or compromise the developer account (phishing is common).
• The attacker pushes an update that adds remote code, surveillance, credential theft, or monetization tricks (redirects, injected ads, affiliate theft).
• The extension continues to run in users’ browsers until researchers spot the activity and publicize it, or Google’s detection systems act first. (arstechnica.com)

Ownership transfer is a recurring trigger. Sold projects may ship with new code or hidden remote config endpoints that let a new maintainer change behavior at will. That makes “once‑trusted” extensions suddenly dangerous overnight. Recent analyses show attackers increasingly using remote rule endpoints to hide payloads until after an update is approved. (thehackernews.com)

This popular Chrome extension just got flagged for malware

Let’s return to the Android Authority story line: this popular Chrome extension just got flagged for malware. The headline matters because it signals something broader — it’s rarely about one tiny project and more often about the underlying systemic weaknesses in extension distribution and review.

When a widely used extension is disabled:

• hundreds of thousands (or millions) of users can be affected immediately;
• removal from the Web Store doesn’t necessarily uninstall the extension from users’ machines — though Chrome can auto‑disable it; and
• the reputational damage to the original developer (if they weren’t at fault) can be severe. Examples from past incidents include The Great Suspender and other well‑known tools that were removed after ownership changes and abuse claims. (androidcentral.com)

What to do if Chrome flags one of your extensions

If Chrome disables an extension and labels it “malicious” or “flagged”:

1. Don’t panic. Assume the extension could be compromised and follow cleanup steps.
2. Open chrome://extensions and confirm which extension is disabled. Note the exact name and developer listed.
3. Remove the extension from Chrome (click Remove). This helps prevent any further browser‑level activity.
4. Clear site data and cookies for sites you use with that extension, and change passwords for accounts you accessed while the extension was installed — especially if the extension had access to page content or form fields.
5. Run a system scan with an up‑to‑date antivirus or anti‑malware tool; some malicious extensions attempt to pull additional payloads.
6. If you used the extension for passwords, wallets, or sensitive tokens, follow platform‑specific recovery steps (revoke tokens, rotate API keys, and check wallet backup seeds).
7. Follow reputable coverage (security vendors, major tech outlets) for updates on whether the developer restored a clean version or the extension was permanently removed. (malwarebytes.com)

Why automatic blocking helps — and where it falls short

Automatic blocking prevents fresh victims quickly, which is a win. Google’s ability to remotely disable harmful extensions is a blunt but effective emergency brake.

However, it’s not perfect:

• Detection lags and false negatives occur; some malicious behavior is subtle.
• Remote scripts can be rotated or obfuscated so the malicious behavior appears only for certain users.
• Users who installed an extension from outside the Web Store or those who keep old V2 manifests may remain exposed.

Security researchers keep finding extension campaigns that harvest chat logs, screenshots, or credentials — sometimes at massive scale. That’s why independent researchers (Koi Security, Malwarebytes, The Hacker News and others) still play a vital role in discovery and public pressure. (thehackernews.com)

Practical habits to reduce risk

A few habits will lower your exposure without killing your browser workflow:

• Install extensions only from verified developers and check user counts and reviews.
• Limit permissions: avoid extensions that demand broad "read and change all data on websites you visit" unless that’s essential.
• Prefer open‑source extensions with visible code/history on GitHub — you’ll have more transparency if something changes hands.
• Use a dedicated browser profile for risky tools (or for work vs. casual browsing) so a compromised extension has narrower reach.
• Keep Chrome updated and periodically review installed extensions for lesser‑used items you can remove. (cybernews.com)

What this means for the extension ecosystem

We’re witnessing a market correction of sorts: extensions are useful because they run with deep privileges, and that same power makes them attractive to attackers. The solution won’t be a single fix — it will require better developer identity controls, stricter review for ownership transfers, clearer permissions UX for users, and continued vigilance from the security community.

Until then, expect headlines like Android Authority’s to keep coming. Each one is a reminder that convenience and safety are a tradeoff, and that the safest browser is the informed one.

Final thoughts

Seeing a beloved extension get flagged is jarring, but it’s also a sign the system (researchers + vendors + platform defenders) is working. Treat the alert as an invitation to clean up and tighten practices: remove unused extensions, rotate sensitive credentials, and keep a skeptical eye on any tool that suddenly requests expansive permissions or changes ownership.

We should also push for better safeguards around extension transfer and for clearer signals in the Chrome Web Store about developer provenance. Those changes would blunt this problem at scale — and make it a little less dramatic the next time “this popular Chrome extension just got flagged for malware” shows up in your feed.

A few helpful reads

• The Hacker News — Chrome Extension Turns Malicious After Ownership Transfer. (thehackernews.com)
• Malwarebytes — Millions of people spied on by malicious browser extensions. (malwarebytes.com)
• Android Central — Popular extension The Great Suspender removed for malware (example of a past high‑profile case). (androidcentral.com)

Sources

• Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft — The Hacker News.
  https://thehackernews.com/2026/03/chrome-extension-turns-malicious-after.html

• Millions of people spied on by malicious browser extensions in Chrome and Edge — Malwarebytes Blog.
  https://www.malwarebytes.com/blog/news/2025/07/millions-of-people-spied-on-by-malicious-browser-extensions-in-chrome-and-edge

• Popular extension The Great Suspender has been removed from the Chrome Store for malware — Android Central.
  https://www.androidcentral.com/great-suspender-flagged-malware-taken-chrome-webstore

• Over half a million VKontakte accounts hijacked using malicious Chrome extensions — TechRadar.
  https://www.techradar.com/pro/security/over-half-a-million-vkontakte-accounts-hijacked-using-malicious-chrome-extensions

Listening to a Planet: When Technology Lets the Earth Speak

The first time you slow down to listen to a forest or stand beside the ocean at night, you get a sense that the world is making music you didn't write. New technology enables us to perceive sounds beyond human hearing range, and that simple fact is changing how we think about our place on the planet. These tools—underwater hydrophones, infrasound arrays, dense acoustic sensors and machine listening—are widening our ears and nudging us toward a humbler, more relational way of living on Earth.

For centuries humans treated sound as something primarily for human use: conversation, music, warning cries. But the planet has been talking long before us—seismic groans, whale songs, ice creaks, insect choruses—most of it outside our audible range. Today’s listening technologies translate those vibrations into forms we can perceive and analyze. The effect is partly scientific (new data about ecosystems) and partly existential (a different story about who “speaks” on Earth).

Why it matters: a new sensory perspective

When we translate low-frequency infrasound, ultrasonic clicks, or the spectral richness of an underwater soundscape into audible forms, we gain a vantage point not only for research but for empathy. Scientists use these signals to track whale migrations, detect earthquakes, monitor volcanic unrest, and even infer the health of coral reefs and forests. But beyond practical uses, these translations let people experience how nonhuman life and large-scale Earth processes occupy time and space.

That matters because our policy debates and moral imaginations are shaped by perception. If decision-makers and the public can hear the slow rumble of glaciers or the layered chorus of a healthy reef, those phenomena stop being abstract data points and become visceral realities. Sound becomes a bridge between scientific knowledge and public feeling.

New technology enables us to perceive sounds beyond human hearing range

• Hydrophones brought whale song and ocean noise into public consciousness decades ago, but modern networks and better microphones make continuous, high-fidelity listening possible.
• Infrasound arrays and seismic-acoustic coupling reveal events too low for our ears but crucial for understanding storms, volcanic eruptions, and human-made disturbances.
• Machine listening and AI let researchers parse hours of recordings, classify species by call, and detect subtle changes in the acoustic ecology that would be invisible otherwise.

Together, these technologies form a new kind of sensory infrastructure: distributed, data-rich, and persistent. They don’t just capture rare moments; they map long-term patterns.

Where this is already showing value

• Conservation: Passive acoustic monitoring identifies species presence and behavior without intrusive observation. For whales and other cryptic animals, sound is often the best real-time indicator.
• Disaster detection: Infrasound and low-frequency monitoring can provide early signals for volcanic explosions, glacier calving, or landslides—events that move faster than visual monitoring networks sometimes can.
• Urban planning and quiet protection: Acoustic maps reveal the loss of quiet spaces and the invasion of human-made noise into previously silent habitats. That helps prioritize conservation and design quieter infrastructure.
• Cultural and artistic engagement: Sound artists and educators use translated Earth sounds to build empathy and curiosity—turning scientific signals into narratives that people can feel.

These use cases show both pragmatic benefits and cultural shifts: listening becomes a policy tool, a research method, and an aesthetic practice.

Challenges and caveats

• Interpretation is hard. A recorded sound doesn’t automatically tell you intent or ecological significance. Contextual data (location, time, complementary sensors) remain essential.
• Bias and access: Most monitoring happens where researchers have funding. That risks concentrating "listening power" on certain regions while leaving others under-monitored.
• Privacy and ethics: Acoustic networks in human-dominated landscapes raise surveillance concerns. Distinguishing human voices from other sounds and ensuring appropriate use of recordings must be part of deployment plans.
• Data overload: Continuous listening generates huge datasets. Machine learning helps, but training models requires careful curation and transparency.

A responsible listening practice pairs technological capability with ethical frameworks and equitable deployment.

The cultural ripple: what listening does to us

Listening to translated Earth sounds has an unusual effect: it slows us. Hearing a glacier calve in slow, low frequencies or the layered rush of a rainforest at dawn changes temporal scale—sudden human events sit differently against geologic and ecological durations. That re-scaling is political: it can shift debates from short-term convenience to long-term stewardship.

It also challenges human exceptionalism. When seas, wind, and soil are legible as “voices,” policy conversations must reckon with a more-than-human chorus. That doesn’t give animals or landscapes literal legal speaking rights by itself, but it makes it harder to treat ecosystems as silent resources.

Common questions, briefly

• Will this replace other ecological methods? No. Acoustic data complements visual surveys, satellite imagery, and community knowledge. Each method offers distinct strengths.
• Are these sounds reliable evidence? They’re robust signals when combined with careful analysis and corroborative data. Sound is a sensor, not a verdict.
• Who owns acoustic data? This is evolving. Open-data approaches promise broad scientific gains, but stewardship, consent (for recordings near communities), and clear governance are essential.

My take

Listening is more than a technical upgrade; it is a change in attention. New technology enables us to perceive sounds beyond human hearing range, and with that perception comes a new responsibility. The planet’s signals can guide safer infrastructure, better conservation, and richer cultural experiences—but only if we pair technical ingenuity with ethical governance and a willingness to let nonhuman voices reshape our priorities.

If we move from extraction to attention—if policy-makers, scientists, artists, and communities adopt listening as a shared practice—we may find more humane and sustainable ways to inhabit this noisy, speaking planet.

Sources

• "Decoding The Hidden World Of Nonhuman Sound, With New Biotech" — Science Friday.
  https://www.sciencefriday.com/articles/sounds-life-excerpt/

• "Tuning in to the world of nonhuman sound: Q&A with author Karen Bakker" — Mongabay.
  https://news.mongabay.com/2022/10/tuning-in-to-the-world-of-nonhuman-sound-qa-with-author-karen-bakker/

• "Listening To The Creatures Of The World" — Noema Magazine.
  https://www.noemamag.com/a-parliament-of-earthlings/