GrapheneOS, the privacy-focused Android fork once exclusive to Google Pixels, is partnering with a major Android OEM to bring its hardened, de-Googled OS to Snapdragon-powered flagship phones. Android Authority reports: Until now, GrapheneOS has been available only on Pixel phones, making Google's flagships popular among privacy enthusiasts, journalists, and, as a Spanish police report suggested earlier this year, even organized crime groups in Catalonia. But that Pixel exclusivity may end by 2026 or 2027. GrapheneOS revealed in a Reddit thread that it has been working with a "major Android OEM" since June 2025 to enable official support for "future versions of their existing models." These devices will reportedly use flagship Snapdragon chips, a notable shift from Google's in-house Tensor processors.

The project explained that only Pixels have met its strict security and update requirements so far. However, the new partnership suggests that another OEM is finally matching those standards. GrapheneOS also hinted that the mysterious partner's devices will be "priced similarly to Pixels" and available globally as part of the brand's standard lineup.

Longtime Slashdot reader Gadi Evron writes: Bruce Schneier and Barath Raghavan say agentic AI is already broken at the core. In their IEEE Security & Privacy essay, they argue that AI agents run on untrusted data, use unverified tools, and make decisions in hostile environments. Every part of the OODA loop (observe, orient, decide, act) is open to attack. Prompt injection, data poisoning, and tool misuse corrupt the system from the inside. The model's strength, treating all input as equal, also makes it exploitable. They call this the AI security trilemma: fast, smart, or secure. Pick two. Integrity isn't a feature you bolt on later. It has to be built in from the start. "Computer security has evolved over the decades," the authors wrote. "We addressed availability despite failures through replication and decentralization. We addressed confidentiality despite breaches using authenticated encryption. Now we need to address integrity despite corruption."

"Trustworthy AI agents require integrity because we can't build reliable systems on unreliable foundations. The question isn't whether we can add integrity to AI but whether the architecture permits integrity at all."

California's Privacy Protection Agency "issued a record fine earlier this month to Tractor Supply," according to an EFF Deeplinks blog post — for "apparently ducking its responsibilities under the California Consumer Privacy Act." Under that law, companies are required to respect California customers' and job applicants' rights to know, delete, and correct information that businesses collect about them, and to opt-out of some types of sharing and use. The law also requires companies to give notice of these rights, along with other information, to customers, job applicants, and others. The CPPA said that Tractor Supply failed several of these requirements. This is the first time the agency has enforced this data privacy law to protect job applicants...

Tractor Supply, which has 2,500 stores in 49 states, will pay for their actions to the tune of $1,350,000 — the largest fine the agency has issued to date. Specifically, the agency said, Tractor Supply violated the law by:

- Failing to maintain a privacy policy that notified consumers of their rights;

- Failing to notify California job applicants of their privacy rights and how to exercise them;

- Failing to provide consumers with an effective mechanism to opt-out of the selling and sharing of their personal information, including through opt-out preference signals such as Global Privacy Control; and

- Disclosing personal information to other companies without entering into contracts that contain privacy protections.


In addition to the fine, the company also must take an inventory of its digital properties and tracking technologies and will have to certify its compliance with the California privacy law for the next four years.
The agency's web site says it "continues to actively enforce California's cutting-edge privacy laws." It's recently issued decisions (and fines) against American Honda Motor Company and clothing retailer Todd Snyder. Other recent actions include:

• Securing a settlement agreement requiring data broker Background Alert — which promoted its ability to dig up "scary" amounts of information about people — to shut down or pay a steep fine.

• Launching the bipartisan Consortium of Privacy Regulators to collaborate with states across the country to implement and enforce privacy laws nationwide.

• Partnering with the data protection authorities in Korea, France, and the United Kingdom to share information and advance privacy protections for Californians.

• The agency has secured more than half a dozen successful enforcement actions against unregistered data brokers following an investigative sweep launched late last year to assess compliance with the Delete Act.

"California Governor Gavin Newsom signed the 'California Opt Me Out Act', which will require web browsers to include an easy, universal way for users to opt out of data collection and sales," reports the blog 9to5Mac: [The law] requires browsers to provide a clear, one-click mechanism for Californians to opt out of data sharing across websites. The bill reads: "A business shall not develop or maintain a browser that does not include functionality configurable by a consumer that enables the browser to send an opt-out preference signal to businesses with which the consumer interacts through the browser...." Californians will need patience, though, as the law doesn't take effect until January 1, 2027.
Americans in some states — including California, Texas, Colorado, New Jersey and Maryland — "have the option to make those opt-out demands automatic whenever they surf the web," reports the Washington Post. "But they can only do so if they use small browsers that voluntarily offer that option, such as DuckDuckGo, Firefox and Brave. What's new in California's law is that all browsers must give people the same option." That means soon in California, just using Google's Chrome, Apple's Safari and Microsoft's Edge can command companies not to sell your data or pass it along for ad targeting... It's an imperfect but potent and simple way to flex privacy rights — and becomes even more powerful with another simple privacy measure in California. Starting on January 1, California residents can fill out an online form once to completely and repeatedly wipe their data from hundreds of data brokers that package your personal information for sale.
But their article also suggests other ways readers can "try a one-click privacy option now."

• "[S]ome national companies respect one-click privacy opt-out requests from everyone... This happens automatically if you use DuckDuckGo and Brave. You need to change a setting with Firefox."

• "Download Privacy Badger: The software from the Electronic Frontier Foundation, a consumer privacy advocacy group, works in the background to order websites not to sell information they're collecting about you."

• "Use Permission Slip from Consumer Reports. Give the app basic information, and it will help you do much of the legwork to tell companies not to sell your information or to delete it, if you have the right to do so."

I uploaded a photo on my phone to Microsoft's "OneDrive" file-hosting app — and there was a surprise waiting under Privacy and Permissions. "OneDrive uses AI to recognize faces in your photos..."

And...

"You can only turn off this setting 3 times a year."



If I moved the slidebar for that setting to the left (for "No"), it moved back to the right, and said "Something went wrong while updating this setting." (Apparently it's not one of those three times of the year.)

The feature is already rolling out to a limited number of users in a preview, a Microsoft publicist confirmed to Slashdot. (For the record, I don't remember signing up for this face-recognizing "preview".) But there's a link at the bottom of the screen for a "Microsoft Privacy Statement" that leads to a Microsoft support page, which says instead that "This feature is coming soon and is yet to be released." And in the next sentence it's been saying "Stay tuned for more updates" for almost two years...

A Microsoft publicist agreed to answer Slashdot's questions...

Apple is finalizing a deal to acquire the team and computer vision technology of Prompt AI. CNBC reports: Leadership at Prompt told employees of the pending transaction at an all-hands meeting on Thursday and said that those who don't end up joining Apple will be paid a reduced salary, and encouraged to apply for open roles at the company, according to audio that was accessed by CNBC.

Prompt was founded in 2023 and raised a $5 million seed round that year led by AIX and Abstract Ventures. Co-founders include CEO Tete Xiao, a notable AI researcher with a Phd in computer science from UC Berkeley, and President Trevor Darrell who was a founder of the Berkeley Artificial Intelligence Research (BAIR) lab. Investors will get paid some money in the deal but "won't be made whole," executives said in the meeting. Prompt employees were asked to refrain from mentioning Apple until further notice while searching for other jobs or updating friends and family on their situation.

Prompt's flagship app, Seemour, connects to home security cameras, adding sophisticated capabilities. The technology helps cameras detect specific people, pets and other animals or objects around a household, and to send alerts and text-based descriptions of unusual activity or answer questions about what's been happening in front of the camera. Xiao told employees at the meeting that while Prompt AI's technology and the Seemour app were working well, the business model wasn't. The company is retiring the Seemour app, and plans to inform users their data will be deleted and privacy protected, executives said.

An anonymous reader quotes a report from Ars Technica: Apple yesterday announced a plan to comply with a Texas age verification law and warned that changes required by the law will reduce privacy for app users. "Beginning January 1, 2026, a new state law in Texas -- SB2420 -- introduces age assurance requirements for app marketplaces and developers," Apple said yesterday in a post for developers. "While we share the goal of strengthening kids' online safety, we are concerned that SB2420 impacts the privacy of users by requiring the collection of sensitive, personally identifiable information to download any app, even if a user simply wants to check the weather or sports scores."

The Texas App Store Accountability Act requires app stores to verify users' ages and imposes restrictions on those under 18. Apple said that developers will have "to adopt new capabilities and modify behavior within their apps to meet their obligations under the law." Apple's post noted that similar laws will take effect later in 2026 in Utah and Louisiana. Google also recently announced plans for complying with the three state laws and said the new requirements reduce user privacy. "While we have user privacy and trust concerns with these new verification laws, Google Play is designing APIs, systems, and tools to help you meet your obligations," Google told developers in an undated post.

The Utah law is scheduled to take effect May 7, 2026, while the Louisiana law will take effect July 1, 2026. The Texas, Utah, and Louisiana "laws impose significant new requirements on many apps that may need to provide age appropriate experiences to users in these states," Google said. "These requirements include ingesting users' age ranges and parental approval status for significant changes from app stores and notifying app stores of significant changes."

An anonymous reader shares a report: A website set up by an unknown Dane over the course of one weekend in August is giving a massive headache to those trying to pass a European bill aimed at stopping child sexual abuse material from spreading online.

The website, called Fight Chat Control, was set up by Joachim, a 30-year-old software engineer living in Aalborg, Denmark. He made it after learning of a new attempt to approve a European Union proposal to fight child sexual abuse material (CSAM) -- a bill seen by privacy activists as breaking encryption and leading to mass surveillance.

The site lets visitors compile a mass email warning about the bill and send it to national government officials, members of the European Parliament and others with ease. Since launching, it has broken the inboxes of MEPs and caused a stir in Brussels' corridors of power. "We are getting hundreds per day about it," said Evin Incir, a Swedish Socialists and Democrats MEP, of the email deluge.

Amazon will be adding facial recognition to its camera-equipped Ring doorbells for the first time in December, according to the Washington Post.

"While the feature will be optional for Ring device owners, privacy advocates say it's unfair that wherever the technology is in use, anyone within sight will have their faces scanned to determine who's a friend or stranger." The Ring feature is "invasive for anyone who walks within range of your Ring doorbell," said Calli Schroeder, senior counsel at the consumer advocacy and policy group Electronic Privacy Information Center. "They are not consenting to this." Ring spokeswoman Emma Daniels said that Ring's features empower device owners to be responsible users of facial recognition and to comply with relevant laws that "may require obtaining consent prior to identifying people..."

Other companies, including Google, already offer facial recognition for connected doorbells and cameras. You might use similar technology to unlock your iPhone or tag relatives in digital photo albums. But privacy watchdogs said that Ring's use of facial recognition poses added risks, because the company's products are embedded in our neighborhoods and have a history of raising social, privacy and legal questions... It's typically legal to film in public places, including your doorway. And in most of the United States, your permission is not legally required to collect or use your faceprint. Privacy experts said that Ring's use of the technology risks crossing ethical boundaries because of its potential for widespread use in residential areas without people's knowledge or consent.

You choose to unlock your iPhone by scanning your face. A food delivery courier, a child selling candy or someone walking by on the sidewalk is not consenting to have their face captured, stored and compared against Ring's database, said Adam Schwartz, privacy litigation director for the consumer advocacy group Electronic Frontier Foundation. "It's troubling that companies are making a product that by design is taking biometric information from people who are doing the innocent act of walking onto a porch," he said.
Ring's spokesperson said facial recognition won't be available some locations, according to the article, including Texas and Illinois, which passed laws fining companies for collecting face information without permission. But the Washington Post heard another possible worst-case scenario from Calli Schroeder, senior counsel at the consumer advocacy and policy group Electronic Privacy Information Center: databases of identified faces being stolen by cyberthieves, misused by Ring employees, or shared with outsiders such as law enforcement.

Amazon says they're "reuniting lost dogs through the power of AI," in their announcement this week, thanks to "an AI-powered community feature that enables your outdoor Ring cameras to help reunite lost dogs with their families... When a neighbor reports a lost dog in the Ring app, nearby outdoor Ring cameras automatically begin scanning for potential matches."

Amazon calls it an example of their vision for "tools that make it easier for neighbors to look out for each other, and create safer, more connected communities." They're also 10x zoom, enhanced low-light performance, 2K and 4K resolutions, and "advanced AI tuning" for video...

Researchers have unveiled two new hardware-based attacks, Battering RAM and Wiretap, that break Intel SGX and AMD SEV-SNP trusted enclaves by exploiting deterministic encryption and physical interposers. Ars Technica reports: In the age of cloud computing, protections baked into chips from Intel, AMD, and others are essential for ensuring confidential data and sensitive operations can't be viewed or manipulated by attackers who manage to compromise servers running inside a data center. In many cases, these protections -- which work by storing certain data and processes inside encrypted enclaves known as TEEs (Trusted Execution Enclaves) -- are essential for safeguarding secrets stored in the cloud by the likes of Signal Messenger and WhatsApp. All major cloud providers recommend that customers use it. Intel calls its protection SGX, and AMD has named it SEV-SNP.

Over the years, researchers have repeatedly broken the security and privacy promises that Intel and AMD have made about their respective protections. On Tuesday, researchers independently published two papers laying out separate attacks that further demonstrate the limitations of SGX and SEV-SNP. One attack, dubbed Battering RAM, defeats both protections and allows attackers to not only view encrypted data but also to actively manipulate it to introduce software backdoors or to corrupt data. A separate attack known as Wiretap is able to passively decrypt sensitive data protected by SGX and remain invisible at all times.

Meta will begin using data from AI chatbot conversations and other AI-powered products to fuel targeted advertising across Facebook and Instagram, with no way to opt out. The policy change, effective December 16, excludes users in South Korea, the UK, and the EU due to stricter privacy laws. TechCrunch reports: If a user chats with Meta AI about hiking, for example, the company may show ads for hiking gear. However, Meta spokesperson Emil Vazquez tells TechCrunch that the privacy update is broader than just Meta AI and applies to the company's other AI offerings. That means Meta may use data from AI features in its Ray-Ban Meta smart glasses -- including voice recordings, pictures, and videos analyzed with AI -- to further target its ad products.

Meta may also use data from its new AI-video feed, Vibes, and its AI image generation product, Imagine. Conversations with Meta AI will only influence ads on Facebook and Instagram if a user is logged into the same account across products. [...] Meta says the company has "no plans imminently" to put ads in its AI products, though CEO Mark Zuckerberg has suggested they may be coming in the future.

The UK government has issued a new order to Apple to create a backdoor into its cloud storage service, this time targeting only British users' data, despite US claims that Britain had abandoned all attempts to break the tech giant's encryption. Financial Times: The UK Home Office demanded in early September that Apple create a means to allow officials access to encrypted cloud backups, but stipulated that the order applied only to British citizens' data, according to people briefed on the matter.

A previous technical capability notice (TCN) issued in January sought global access to encrypted user data. That move sparked a diplomatic clash between the UK and US governments and threatened to derail the two nations' efforts to secure a trade agreement.

In February, Apple withdrew its most secure cloud storage service, iCloud Advanced Data Protection, from the UK. "Apple is still unable to offer Advanced Data Protection in the United Kingdom to new users," Apple said on Wednesday. "We are gravely disappointed that the protections provided by ADP are not available to our customers in the UK given the continuing rise of data breaches and other threats to customer privacy." It added: "As we have said many times before, we have never built a back door or master key to any of our products or services and we never will."

Starting in November, Venmo and PayPal users will finally be able to send money directly to each other, ending years of workarounds despite Venmo being owned by PayPal. TechCrunch reports: This change means that PayPal users will now be able to find Venmo users by inputting their phone numbers, and later, their email addresses. If you don't want PayPal users to be able to find you, you can update your settings in the Venmo app by navigating to Settings - Privacy - Find me... and while you're at it, you might as well default your Venmo transactions to private via Settings > Privacy. You'll thank me in the long run.

PayPal announced that it would broaden its network of payment systems in July, starting with Venmo, but the companies did not confirm the date of the update until now. This collection of partnerships, which PayPal has named PayPal World, will also work with Mercado Pago, NPCI International Payments Limited, and Tenpay Global. This will help users send money internationally without barriers and fees. Combined, Venmo and PayPal have 2 billion global users, according to PayPal.

alternative_right shares a report from 404 Media: Critics of YouTuber Ethan Klein are pushing back on subpoenas that would reveal their identities as part of an ongoing legal fight between Klein and his detractors. Klein is a popular content creator whose YouTube channel has more than 2 million subscribers. He's also involved in a labyrinthine personal and legal beef with three other content creators and the moderators of a subreddit that criticizes his work. Klein filed a legal motion to compel Discord and Reddit to reveal the identities of those moderators, a move their lawyers say would put them in harm's way and stifle free speech on the internet forever.

[...] On July 31, a judge allowed Klein's lawyers to file a subpoena with Reddit and Discord that would reveal the identities of the people running r/h3snark and an associated Discord server. On September 22, lawyers for the defendants filed a motion to quash the subpoenas. "On its face, the Action is about copyright infringement," the latest filing said. "At its heart, however, the Action is about stifling criticism and seeking retribution by unmasking individuals for perceived reputational harms TEI [Klein's production company] attributes to [John Doe moderators] unrelated to TEI's intellectual property rights." [...]

The anonymity of places like Reddit and Discord grant a layer of protection to people seeking to critique power. This case could set a dangerous precedent, the lawyers believe. "If the court allows TEI's Subpoenas, it would enable TEI to impose a considerable price on Does' use of the vehicle of anonymous speech -- including public exposure, real risks of retaliation and actual harm, and the financial and other burdens of defending the Action," the filing said. The filing added: "Very few would-be commentators are prepared to bear costs of this magnitude. So, when word gets out that the price tag of criticizing Ethan is this high -- that speech will disappear. But that is precisely what Ethan Klein wants."

The FCC mistakenly published a 163-page PDF containing detailed schematics for Apple's upcoming iPhone 16e, despite Apple explicitly requesting indefinite confidentiality to protect trade secrets. AppleInsider reports: A cover letter is also distributed alongside the schematics, addressed to the FCC and dated September 16, 2024. The letter from Apple is a request for the confidential treatment of documents that are filed with the FCC. [...] The letter from Apple requests a series of documents are withheld from public viewing "indefinitely." The justification is that they contain "confidential and proprietary trade secrets" that are not disclosed to the public post-release, due to giving competitors an "unfair advantage."

The list of documents, Apple states, includes: Block Diagrams, Electrical Schematic Diagrams, Technical Descriptions, Product Specifications, Antenna Locations, Tune-Up Procedure, and Software Security Description. Other documents, such as external and internal photographs, shots of the test setup, and the user manual, are deemed to be less damaging and have "short-term confidentiality" requirements. In those cases, Apple asks for short-term confidentiality for 180 days after the equipment authorization is granted by the FCC.

"Swiss voters have backed plans for electronic identity cards by a wafer-thin margin," reports the Guardian, "in the second nationwide vote on the issue." In a referendum on Sunday, 50.4% of voters supported an electronic ID card, while 49.6% were against, confounding pollsters who had forecast stronger support for the "yes" vote. Turnout was 49.55%, higher than expected... [V]oters rejected an earlier version of the e-ID in 2021, largely over objections to the role of private companies in the system. In response to these concerns, the Swiss state will now provide the e-ID, which will be optional and free of charge... To ensure security the e-ID is linked to a single smartphone, users will have to get a new e-ID if they change their device... An ID card containing biometric data — fingerprints — will be available from the end of next year.

Critics of the e-ID scheme raised data protection concerns and said it opened the door to mass surveillance. They also fear the voluntary scheme will become mandatory and disadvantage people without smartphones. The referendum was called after a coalition of rightwing and data-privacy parties collected more than 50,000 signatures against e-ID cards, triggering the vote.
"To further ease privacy concerns, a particular authority seeking information on a person — such as proof of age or nationality, for example — will only be able to check for those specific details," notes the BBC: Supporters of the Swiss system say it will make life much easier for everyone, allowing a range of bureaucratic procedures — from getting a telephone contract to proving you are old enough to buy a bottle of wine — to happen quickly online. Opponents of digital ID cards, who gathered enough signatures to force another referendum on the issue, argue that the measure could still undermine individual privacy. They also fear that, despite the new restrictions on how data is collected and stored, it could still be used to track people and for marketing purposes.
The BBC adds that the UK government also announced plans earlier this week to introduce its own digital ID, "which would be mandatory for employment. The proposed British digital ID would have fewer intended uses than the Swiss version, but has still raised concerns about privacy and data security."

The Guardian reports: The referendum came soon after the UK government announced plans for a digital ID card, which would sit in the digital wallets of smartphones, using state-of-the-art encryption. More than 1.6 million people have signed a petition opposing e-ID cards, which would be mandatory for people working in the UK by 2029.
Thanks to long-time Slashdot reader schwit1 for sharing the news.

Tim Berners-Lee writes in a new article in the Guardian that "Somewhere between my original vision for web 1.0 and the rise of social media as part of web 2.0, we took the wrong path Today, I look at my invention and I am forced to ask: is the web still free today? No, not all of it. We see a handful of large platforms harvesting users' private data to share with commercial brokers or even repressive governments. We see ubiquitous algorithms that are addictive by design and damaging to our teenagers' mental health. Trading personal data for use certainly does not fit with my vision for a free web. On many platforms, we are no longer the customers, but instead have become the product. Our data, even if anonymised, is sold on to actors we never intended it to reach, who can then target us with content and advertising...

We have the technical capability to give that power back to the individual. Solid is an open-source interoperable standard that I and my team developed at MIT more than a decade ago. Apps running on Solid don't implicitly own your data — they have to request it from you and you choose whether to agree, or not. Rather than being in countless separate places on the internet in the hands of whomever it had been resold to, your data is in one place, controlled by you. Sharing your information in a smart way can also liberate it. Why is your smartwatch writing your biological data to one silo in one format? Why is your credit card writing your financial data to a second silo in a different format? Why are your YouTube comments, Reddit posts, Facebook updates and tweets all stored in different places? Why is the default expectation that you aren't supposed to be able to look at any of this stuff? You generate all this data — your actions, your choices, your body, your preferences, your decisions. You should own it. You should be empowered by it...

We're now at a new crossroads, one where we must decide if AI will be used for the betterment or to the detriment of society. How can we learn from the mistakes of the past? First of all, we must ensure policymakers do not end up playing the same decade-long game of catchup they have done over social media. The time to decide the governance model for AI was yesterday, so we must act with urgency. In 2017, I wrote a thought experiment about an AI that works for you. I called it Charlie. Charlie works for you like your doctor or your lawyer, bound by law, regulation and codes of conduct. Why can't the same frameworks be adopted for AI? We have learned from social media that power rests with the monopolies who control and harvest personal data. We can't let the same thing happen with AI.
Berners-Lee also says "we need a Cern-like not-for-profit body driving forward international AI research," arguing that if we muster the political willpower, "we have the chance to restore the web as a tool for collaboration, creativity and compassion across cultural borders.

"We can re-empower individuals, and take the web back. It's not too late."

Berners-Lee has also written a new book titled This is For Everyone.

"We've decided to support image-based search," announced the product manager for Firefox Search. Powered by the AI-driven Google Lens search technology, they promise the new feature offers "a frictionless, fast, and a curiosity-sparking way to (as Google puts it) 'search what you see'." With just a right-click on any image, you'll be able to:

- Find similar products, places, or objects
- Copy, translate, or search text from images
- Get inspiration for learning, travel, or shopping

Look for the new "Search Image with Google Lens" option in your right-click menu (tagged with a NEW badge at first). This is a desktop-only feature, and it will start gradually rolling out worldwide. Note: Google must be set as your default search engine for this feature to appear.

We'll be listening closely to your feedback as we roll it out. Some of the things we're wondering about:

Does the placement in the context menu align with your expectations?
Would you prefer the option to choose your visual search provider?
Where else would you like entry points to visual search (e.g. when you open a new tab, in the address bar, on mobile devices, etc.)

We can't wait to hear your thoughts as the rollout begins!
Some thoughts from WebProNews: Mozilla emphasizes that this is an opt-in feature, giving users control over activation, which aligns with the company's longstanding commitment to privacy and user agency.

Yet, for industry observers, this partnership with Google raises intriguing questions about competitive dynamics in the browser space, where Firefox has historically positioned itself as an independent alternative to Chrome... This move comes at a time when browsers are increasingly becoming platforms for AI-driven enhancements, as evidenced by recent updates in competitors like Microsoft's Edge, which integrates Copilot AI. Mozilla's decision to leverage Google Lens rather than developing an in-house solution could be seen as a pragmatic step to accelerate feature parity, especially given Firefox's smaller market share. Insiders note that by tapping into established technologies, Mozilla can focus resources on core strengths like privacy protections, potentially attracting users disillusioned with data-heavy ecosystems... While mobile users might feel left out, the phased rollout over the next few weeks allows for feedback loops through community channels, a hallmark of Mozilla's open-source ethos.

Data from similar integrations in other browsers suggests visual search can boost engagement by 15-20%, per industry reports, though Mozilla has not disclosed specific metrics yet... Looking ahead, Mozilla's strategy appears geared toward incremental innovations that bolster user retention without alienating its privacy-focused base. If successful, this could help Firefox claw back some ground against Chrome's dominance, estimated at over 60% market share. For now, the feature's gradual deployment invites ongoing dialogue, underscoring Mozilla's community-driven model in an industry often criticized for top-down decisions.

MacStadium's inaugural CIO survey shows Apple devices gaining major ground in U.S. enterprises, with 96% of CIOs expecting Mac fleets to expand in the next two years and Macs already representing an average of 65% of enterprise endpoints. "The results show rapid Mac deployment across US business in the last two years, with 93% of CIOs claiming increased use, and 59% claiming a significant increase in use of all Apple devices," adds Computerworld. From the report: "As the adoption of Apple hardware continues to rise with both consumers and business users, and Apple Silicon is emerging as a secure and energy-efficient option for AI workloads, Apple is turning its sights to the enterprise," [MacStadium CEO Ken Tacelli] said in an interview. Among the specifics:

- 93% of CIOs report increased Apple device usage over the past two years.
- 45% of CIOs describe their leadership's view of Macs as a strategic investment, reflecting growing executive-level buy-in.
- The top drivers for Apple adoption are security and privacy (59%), employee preference (59%), and hardware performance (54%).
- Perhaps most importantly, 65% of CIOs say Macs are easier to manage than Windows or Linux devices.

In addition to those factors, the unique technical capabilities of Apple's kit (53%) play a role. Businesses are buying Macs because they're cheaper to run, last longer, allow employees to be more productive, and are both more private and more secure. The survey also shows that AI has become a leading reason to choose Macs. Apple Silicon is highly performant and energy efficient, enabling Macs to run on-device, secure AI, and to access cloud-based AI services.

Abu Dhabi's MGX (chaired by Sheikh Tahnoon bin Zayed Al Nahyan) is set to take a 15% stake in TikTok's U.S. business after Donald Trump signed an executive order Thursday night brokering a deal that puts the social media company under U.S. ownership. "Larry Ellison's Oracle, the private equity group Silver Lake and Abu Dhabi's MGX will control roughly 45% of TikTok US," adds The Guardian. "Overall, American companies are expected to control just over 65% of the company, with Trump also naming the personal computer pioneer Michael Dell and Rupert Murdoch's Fox as other investors." From the report: "[TikTok US] will be majority-owned and controlled by United States persons and will no longer be controlled by any foreign adversary," Trump said. "We have American investors taking it over, running it [who are] highly sophisticated, including Larry Ellison. Great investors, the biggest. They don't get bigger. This is going to be American-operated all the way."

TikTok's Chinese owner, ByteDance, will retain a 19.9% stake in the US operation. China has not publicly made clear whether it will approve the deal, although Trump said that he "had a good talk" with the Chinese president, Xi Jinping, who "gave us the go-ahead."

JD Vance, the US vice-president, said the deal valued TikTok US at $14 billion. "There was some resistance on the Chinese side," Vance said. "But the fundamental thing that we wanted to accomplish is that we wanted to keep TikTok operating but we wanted to make sure that protected Americans' data privacy as required by law." He added: "This deal really does mean that Americans can use TikTok, but actually use it with more confidence than in the past. Because their data is going to be secure and it's not going to be used as a propaganda weapon against our fellow citizens."