@xriskology Curious what you think about these arguments: https://t.co/r2juAA3Jqb
Essentially: energy use / emissions from your personal use of AI round to 0 relative to your heat/ac/food/car etc. At global scale it's still negligible (he says AI = 0.07% of global emissions last year).
@robleathern This didn't get much media attention, but Meta broke Android sandboxing to track users' web browsing and connect it to their Facebook profiles without their knowledge or consent: https://t.co/ENUsndS5ZV
Meta and Russian Yandex engaged in unprecedented internet tracking practices, likely illegal with EU data protection law. Companies designed tracking systems that exploited Android's localhost socket permissions to create covert communication channels between websites and native mobile apps, bypassing Android's app sandboxing protections. Android allows any app with internet permission to listen on localhost ports without user consent, and web browsers can access these localhost interfaces. When users visit websites containing Meta Pixel or Yandex Metrica scripts, the JavaScript tracking code sends data directly to specific localhost ports (Meta uses UDP ports 12580-12585 via WebRTC, Yandex uses TCP ports 29009-30103 via HTTP). Facebook, Instagram, and Yandex apps run background services that actively listen on these predetermined ports to receive tracking data, then link this anonymous web activity to authenticated user accounts and transmit the combined data to company servers.
This technique affects billions of Android users and renders privacy protections like incognito mode, VPNs, and cookie clearing completely ineffective. Meta Pixel attempted localhost communications on over 17,000 of the top 100,000 websites, with 78% doing so without user consent. The method allows comprehensive profile building linking anonymous browsing to real identities, tracking everything from shopping to sensitive site visits. It also creates vulnerabilities where malicious apps could eavesdrop on browsing history by listening on the same localhost ports.
This surveillance operated without disclosure. Following public disclosure, Meta immediately ceased the practice and removed related code while browser vendors scrambled to implement protections.
The practice violates multiple GDPR and ePrivacy principles. The technique transforms supposedly anonymous first-party cookies into cross-site tracking identifiers without explicit consent, violating ePrivacy Directive requirements for cookie consent and GDPR's lawful basis for processing. By secretly linking web browsing to app-based identities, it constitutes undisclosed profiling that undermines user expectations and data minimization principles. This is a material for max #GDPR fine. https://t.co/ktHWwllWr4
@VanLathan Great list, some new stuff for me to check out. Humbly suggest that you add 404 Media, nobody is investigating big tech and writing BIG stories like them today.
https://t.co/8cuZqL45q8
@AlecStapp This is disingenuous. Antitrust (i.e. Robinson-Patman) doesn't prevent volume discounts. It prevents chains from wielding their size to get preferential pricing, exclusivity, priority access to high-demand products, etc., and making it impossible for local shops to compete.
@AlecStapp It's called predatory pricing. What happens to chain store prices after they undercut independent shops out of business? Ask the small towns where Wal-Mart showed up in the 00's.
This myopic focus on price is why we stopped enforcing antitrust and allowed food deserts to emerge.
Meta and Russian Yandex engaged in unprecedented internet tracking practices, likely illegal with EU data protection law. Companies designed tracking systems that exploited Android's localhost socket permissions to create covert communication channels between websites and native mobile apps, bypassing Android's app sandboxing protections. Android allows any app with internet permission to listen on localhost ports without user consent, and web browsers can access these localhost interfaces. When users visit websites containing Meta Pixel or Yandex Metrica scripts, the JavaScript tracking code sends data directly to specific localhost ports (Meta uses UDP ports 12580-12585 via WebRTC, Yandex uses TCP ports 29009-30103 via HTTP). Facebook, Instagram, and Yandex apps run background services that actively listen on these predetermined ports to receive tracking data, then link this anonymous web activity to authenticated user accounts and transmit the combined data to company servers.
This technique affects billions of Android users and renders privacy protections like incognito mode, VPNs, and cookie clearing completely ineffective. Meta Pixel attempted localhost communications on over 17,000 of the top 100,000 websites, with 78% doing so without user consent. The method allows comprehensive profile building linking anonymous browsing to real identities, tracking everything from shopping to sensitive site visits. It also creates vulnerabilities where malicious apps could eavesdrop on browsing history by listening on the same localhost ports.
This surveillance operated without disclosure. Following public disclosure, Meta immediately ceased the practice and removed related code while browser vendors scrambled to implement protections.
The practice violates multiple GDPR and ePrivacy principles. The technique transforms supposedly anonymous first-party cookies into cross-site tracking identifiers without explicit consent, violating ePrivacy Directive requirements for cookie consent and GDPR's lawful basis for processing. By secretly linking web browsing to app-based identities, it constitutes undisclosed profiling that undermines user expectations and data minimization principles. This is a material for max #GDPR fine. https://t.co/ktHWwllWr4
Government decisions not to enforce antitrust law, to let privacy law to wither on the vine, to expand IP to give FB a weapon to slay interoperable rivals - these all created the enshittogenic environment that allowed the careless people who run Facebook to stop caring.
115/
One day we are going to wake up, after years of the consistent and pernicious pollution of critical information ecosystems, and deeply regret this era of thoughtless LLM deployment.
A devastating loss of accuracy, clarity and conciseness -- for what?
Google’s scale advantage fuels a powerful feedback loop of different network effects that ensure a “perpetual scale and quality deficit” for rivals that locks in Google’s advantage.
https://t.co/4ccso1I50E
Crucially, Meta's new Content Library API (replacing CrowdTangle) is for academic researchers only. No journalists. No election officials. No civil society groups or independent researchers.
Not a good precedent for what DSA Article 40 compliance will look like.
CrowdTangle helps researchers track disinformation, but Meta will close it down before the US election. The tool's cofounder, Brandon Silverman, says it's time to force companies to share data. https://t.co/9v87fy7Kpb
European Elections will be the first test of Digital Services Act. Next week, Brussels unveils binding rules for election disinformation. Risk of fines of up to 6% of global turnover. This will be about disinformation, deepfakes, so on. Fast take-down actions to be mandatory.
An excellent summary of the difficulties and issues involved in feed-ranking and content moderation from one of the most senior & talented DS out there. If you want to understand why your timeline looks like it does, have a read