The cloud has changed everything. It’s faster, cheaper, and easier to scale than traditional infrastructure. Initially, most companies chose a single cloud provider. That’s no longer enough. Now, nearly 86% of businesses use more than one cloud. This approach—called multi-cloud—lets teams choose the best features from each provider. But it also opens the door to new security risks. When apps, data, and tools are scattered across platforms, managing security gets harder. And in today's world of constant cyber threats, ignoring cloud security is not an option. Let’s walk through real-world challenges and the best ways to protect business data in a multi-cloud environment. 1. Know What You’re Working With Start with visibility. Make a full inventory of the cloud platforms, apps, and storage your business uses. Ask every department—marketing, finance, HR—what tools they’ve signed up for. Many use services without informing IT. This is shadow IT, and it’s risky. Once you have the list, figure out what data lives where. Some workloads are low-risk. Others involve customer records, credit card data, or legal files. Prioritize those. 2. Build a Unified Security Strategy One of the biggest mistakes companies make is treating each cloud provider as a separate system. Every provider has its own rules, tools, and settings. If your security strategy is broken up, gaps will appear. Instead, aim for a single, connected approach. Use the same access rules, encryption standards, and monitoring tools across all clouds. You don’t want different policies on AWS and Azure—it just invites trouble. Tools like centralized dashboards, SIEM (Security Information and Event Management), and SOAR (Security Orchestration, Automation, and Response) help you keep everything in one place. 3. Enforce Strict Access Controls In a multi-cloud world, identity and access control are one of the hardest things to get right. Every platform has its own login system. Without proper integration, mistakes happen. Someone might get more access than they need, or never lose access when they leave the company. Stick to these practices: Use role-based access control. Limit permissions to the bare minimum. Turn on multi-factor authentication. Link logins across platforms using identity federation. The more consistent your access rules are, the easier it is to control who gets in and what they can do. 4. Use the Zero Trust Model Zero Trust means never assume anything is safe. Every user, device, and app must prove itself—every time. Even if a user is on your network, don’t trust them by default. This model reduces risk. It checks each request. It verifies users. And it looks for signs of abnormal behavior, like someone logging in from a new device or country. Zero Trust works well with automation and real-time monitoring. It also forces teams to rethink how data is shared and accessed. 5. Encrypt Data—Always Encryption is a basic but powerful layer of defense. It protects data whether it’s sitting in storage or moving between systems. If attackers get in, encrypted data is useless without the keys. Most cloud platforms offer built-in encryption. But don’t rely only on that. You can manage your own keys with tools like AWS KMS or Azure Key Vault. That gives you more control. To stay safe: Encrypt both at rest and in transit. Avoid default settings. Rotate encryption keys regularly. 6. Monitor in Real Time Security is not a one-time task. You need to watch your systems around the clock. Set alerts for things like large file downloads, unusual logins, or traffic spikes. Centralized monitoring helps a lot. It pulls logs from all your platforms and tools into one place. That way, your security team isn’t flipping between dashboards when something goes wrong. Also, use automation to filter out noise and surface real threats faster. 7. Set Up Regular Audits and Compliance Checks Multi-cloud setups are great for flexibility, but complex when it comes to compliance. Each platform has its own set of controls and certifications. Managing them all can be overwhelming. That’s why audits matter. Run security checks on a regular schedule—monthly, quarterly, or after every major change. Look for misconfigured permissions, missing patches, or unsecured data. And document everything. Also, make sure your tools help meet regulations like GDPR, HIPAA, or PCI DSS. Automated compliance scans can help stay on top of this. 8. Prevent Data Loss with Smart Policies Sensitive data is always at risk. Employees might share it by mistake. Attackers might try to steal it. That’s where Data Loss Prevention (DLP) comes in. DLP tools block unauthorized sharing of personal data, financial records, or internal files. You can create rules like “Don’t send customer SSNs over email” or “Block uploads of credit card data to personal drives.” DLP also supports compliance and helps avoid lawsuits or fines when accidents happen. 9. Automate Where You Can Manual work slows things down, and mistakes happen. That’s why automation is key in cloud security. Automate things like: Patch management Access reviews Backup schedules Security alerts Automation speeds up your response time. It also frees your security team to focus on serious issues, not routine tasks. 10. Centralized Security Control One major downside of multi-cloud isa lack of visibility. If you’re jumping between different tools for each cloud, you miss things. Instead, use a centralized security management system. It collects data from all clouds, shows risk levels, flags issues, and helps you fix them from one place. This unified view makes a huge difference. It helps you react faster and stay ahead of threats. Final Thought Cloud providers have made data storage and computing easier than ever. But with great power comes risk. Using multiple clouds gives more choice, but also more responsibility. Most businesses today are not ready. Only 15% have a mature multi-cloud security plan, says the 2023 Cisco Cyber Security Readiness Index. That means many are exposed. The good news? You can fix this. Start with simple steps. Know what you use. Lock it down. Watch it closely. Keep improving. And above all, treat cloud security not as a technical box to check, but as something critical to your business. Because in today’s world, a single breach can shut you down. And that’s too big a risk to ignore.

Drones Set To Deliver Benefits for Labor-Intensive Industries: Forrester By John P. Mello Jr. June 3, 2025 5:00 AM PT ADVERTISEMENT Quality Leads That Turn Into Deals Full-service marketing programs from TechNewsWorld deliver sales-ready leads. Segment by geography, industry, company size, job title, and more. Get Started Now. Aerial drones are rapidly assuming a key role in the physical automation of business operations, according to a new report by Forrester Research. Aerial drones power airborne physical automation by addressing operational challenges in labor-intensive industries, delivering efficiency, intelligence, and experience, explained the report written by Principal Analyst Charlie Dai with Frederic Giron, Merritt Maxim, Arjun Kalra, and Bill Nagel. Some industries, like the public sector, are already reaping benefits, it continued. The report predicted that drones will deliver benefits within the next two years as technologies and regulations mature. It noted that drones can help organizations grapple with operational challenges that exacerbate risks and inefficiencies, such as overreliance on outdated, manual processes, fragmented data collection, geographic barriers, and insufficient infrastructure. Overreliance on outdated manual processes worsens inefficiencies in resource allocation and amplifies safety risks in dangerous work environments, increasing operational costs and liability, the report maintained. “Drones can do things more safely, at least from the standpoint of human risk, than humans,” said Rob Enderle, president and principal analyst at the Enderle Group, an advisory services firm, in Bend, Ore. “They can enter dangerous, exposed, very high-risk and even toxic environments without putting their operators at risk,” he told TechNewsWorld. “They can be made very small to go into areas where people can’t physically go. And a single operator can operate several AI-driven drones operating autonomously, keeping staffing levels down.” Sensor Magic “The magic of the drone is really in the sensor, while the drone itself is just the vehicle that holds the sensor wherever it needs to be,” explained DaCoda Bartels, senior vice president of operations with FlyGuys, a drone services provider, in Lafayette, La. “In doing so, it removes all human risk exposure because the pilot is somewhere safe on the ground, sending this sensor, which is, in most cases, more high-resolution than even a human eye,” he told TechNewsWorld. “In essence, it’s a better data collection tool than if you used 100 people. Instead, you deploy one drone around in all these different areas, which is safer, faster, and higher resolution.” Akash Kadam, a mechanical engineer with Caterpillar, maker of construction and mining equipment, based in Decatur, Ill., explained that drones have evolved into highly functional tools that directly respond to key inefficiencies and threats to labor-intensive industries. “Within the manufacturing and supply chains, drones are central to optimizing resource allocation and reducing the exposure of humans to high-risk duties,” he told TechNewsWorld. “Drones can be used in factory environments to automatically inspect overhead cranes, rooftops, and tight spaces — spaces previously requiring scaffolding or shutdowns, which carry both safety and cost risks,” he said. “A reduction in downtime, along with no requirement for manual intervention in hazardous areas, is provided through this aerial inspection by drones.” “In terms of resource usage, drones mounted with thermal cameras and tools for acquiring real-time data can spot bottlenecks, equipment failure, or energy leakage on the production floor,” he continued. “This can facilitate predictive maintenance processes and [optimal] usage of energy, which are an integral part of lean manufacturing principles.” Kadam added that drones provide accurate field mapping and multispectral imaging in agriculture, enabling the monitoring of crop health, soil quality, and irrigation distribution. “Besides the reduction in manual scouting, it ensures more effective input management, which leads to more yield while saving resources,” he observed. Better Data Collection The Forrester report also noted that drones can address problems with fragmented data collection and outdated monitoring systems. “Drones use cameras and sensors to get clear, up-to-date info,” said Daniel Kagan, quality manager at Rogers-O’Brien Construction, a general contractor in Dallas. “Some drones even make 3D maps or heat maps,” he told TechNewsWorld. “This helps farmers see where crops need more water, stores check roof damage after a storm, and builders track progress and find delays.” “The drone collects all this data in one flight, and it’s ready to view in minutes and not days,” he added. Dean Bezlov, global head of business development at MYX Robotics, a visualization technology company headquartered in Sofia, Bulgaria, added that drones are the most cost and time-efficient way to collect large amounts of visual data. “We are talking about two to three images per second with precision and speed unmatched by human-held cameras,” he told TechNewsWorld. “As such, drones are an excellent tool for ‘digital twins’ — timestamps of the real world with high accuracy which is useful in industries with physical assets such as roads, rail, oil and gas, telecom, renewables and agriculture, where the drone provides a far superior way of looking at the assets as a whole,” he said. Drone Adoption Faces Regulatory Hurdles While drones have great potential for many organizations, they will need to overcome some challenges and barriers. For example, Forrester pointed out that insurers deploy drones to evaluate asset risks but face evolving privacy regulations and gaps in data standardization. Media firms use drones to take cost-effective, cinematic aerial footage, but face strict regulations, it added, while in urban use cases like drone taxis and cargo transport remain experimental due to certification delays and airspace management complexities. “Regulatory frameworks, particularly in the U.S., remain complex, bureaucratic, and fragmented,” said Mark N. Vena, president and principal analyst with SmartTech Research in Las Vegas. “The FAA’s rules around drone operations — especially for flying beyond visual line of sight [BVLOS] — are evolving but still limit many high-value use cases.” “Privacy concerns also persist, especially in urban areas and sectors handling sensitive data,” he told TechNewsWorld. “For almost 20 years, we’ve been able to fly drones from a shipping container in one country, in a whole other country, halfway across the world,” said FlyGuys’ Bartels. “What’s limiting the technology from being adopted on a large scale is regulatory hurdles over everything.” Enderle added that innovation could also be a hangup for organizations. “This technology is advancing very quickly, making buying something that isn’t instantly obsolete very difficult,” he said. “In addition, there are a lot of drone choices, raising the risk you’ll pick one that isn’t ideal for your use case.” “We are still at the beginning of this trend,” he noted. “Robotic autonomous drones are starting to come to market, which will reduce dramatically the need for drone pilots. I expect that within 10 years, we’ll have drones doing many, if not most, of the dangerous jobs currently being done by humans, as robotics, in general, will displace much of the labor force.” John P. Mello Jr. has been an ECT News Network reporter since 2003. His areas of focus include cybersecurity, IT issues, privacy, e-commerce, social media, artificial intelligence, big data and consumer electronics. He has written and edited for numerous publications, including the Boston Business Journal, the Boston Phoenix, Megapixel.Net and Government Security News. Email John. Leave a Comment Click here to cancel reply. Please sign in to post or reply to a comment. New users create a free account. Related Stories More by John P. Mello Jr. view all More in Emerging Tech

The color of nostalgia Endangered classic Mac plastic color returns as 3D-printer filament Mac fan paid $900 to color-match iconic Apple beige-gray "Platinum" plastic for everyone. Benj Edwards – Jun 4, 2025 6:13 pm | 3 The Mac SE, released in 1987, was one of many classic Macs to use the "Platinum" color scheme. Credit: Apple / Polar Filament The Mac SE, released in 1987, was one of many classic Macs to use the "Platinum" color scheme. Credit: Apple / Polar Filament Story text Size Small Standard Large Width * Standard Wide Links Standard Orange * Subscribers only   Learn more On Tuesday, classic computer collector Joe Strosnider announced the availability of a new 3D-printer filament that replicates the iconic "Platinum" color scheme used in classic Macintosh computers from the late 1980s through the 1990s. The PLA filament (PLA is short for polylactic acid) allows hobbyists to 3D-print nostalgic novelties, replacement parts, and accessories that match the original color of vintage Apple computers. Hobbyists commonly feed this type of filament into commercial desktop 3D printers, which heat the plastic and extrude it in a computer-controlled way to fabricate new plastic parts. The Platinum color, which Apple used in its desktop and portable computer lines starting with the Apple IIgs in 1986, has become synonymous with a distinctive era of classic Macintosh aesthetic. Over time, original Macintosh plastics have become brittle and discolored with age, so matching the "original" color can be a somewhat challenging and subjective experience. A close-up of "Retro Platinum" PLA filament by Polar Filament. Credit: Polar Filament Strosnider, who runs a website about his extensive vintage computer collection in Ohio, worked for years to color-match the distinctive beige-gray hue of the Macintosh Platinum scheme, resulting in a spool of hobby-ready plastic by Polar Filament and priced at $21.99 per kilogram. According to a forum post, Strosnider paid approximately $900 to develop the color and purchase an initial 25-kilogram supply of the filament. Rather than keeping the formulation proprietary, he arranged for Polar Filament to make the color publicly available. "I paid them a fee to color match the speaker box from inside my Mac Color Classic," Strosnider wrote in a Tinkerdifferent forum post on Tuesday. "In exchange, I asked them to release the color to the public so anyone can use it." A spool of "Retro Platinum" PLA filament by Polar Filament. Credit: Polar Filament The development addresses a gap in the vintage computing community, where enthusiasts sometimes struggle to find appropriately colored materials for restoration projects and new accessories. The new filament is an attempt to replace previous options that were either expensive, required international shipping, or had consistency issues that Strosnider described as "chalky." The 1.75 mm filament works with standard 3D printers and is compatible with automated material systems used in some newer printer models. On Bluesky, Strosnider encouraged buyers to "order plenty, and let them know you want them to print it forever" to ensure continued production of the specialty color. Extruded nostalgia The timing of the filament's release coincides with growing interest in 3D-printed cases and accessories for vintage computer hardware. One example is the SE Mini desktop case, a project by "GutBomb" that transforms Macintosh SE and SE/30 logic boards into compact desktop computers that can connect to modern displays. The case, designed to be 3D-printed in multiple pieces and assembled, represents the type of project that benefits from color-accurate filament. A 3D-printed "SE Mini" desktop case that allows using a vintage compact Mac board in a new enclosure. Credit: Joe Strosnider The SE Mini case requires approximately half a spool of filament and takes a couple of days to print on consumer 3D printers. Users can outfit the case with modern components, such as Pico PSUs and BlueSCSI storage devices, while maintaining the classic Macintosh appearance. Why create new "retro" devices? Because it's fun, and it's a great way to merge technology's past with the benefits of recent tech developments. Projects like the Platinum PLA filament, the SE Mini case, and the dedication of hobbyists like Strosnider ensure that appreciation for Apple's computers of yore will continue for decades. Benj Edwards Senior AI Reporter Benj Edwards Senior AI Reporter Benj Edwards is Ars Technica's Senior AI Reporter and founder of the site's dedicated AI beat in 2022. He's also a tech historian with almost two decades of experience. In his free time, he writes and records music, collects vintage computers, and enjoys nature. He lives in Raleigh, NC. 3 Comments

Published June 4, 2025 10:00am EDT close Windows bug leaves computer Wi-Fi vulnerable to hackers Kurt "CyberGuy" Knutsson explains how to keep your Windows computer safe and the security risks of online retail giant Temu. NEWYou can now listen to Fox News articles! Hackers are no longer targeting only tech giants or hospitals. Any business that collects valuable personal information, such as names, phone numbers, email addresses or even basic financial details, is now a target.Companies that rely heavily on third-party vendors or outsourced customer support are even more at risk, especially if they are not particularly strong in the technology sector.German retailer Adidas learned this the hard way. The company recently confirmed a data breach involving one of its external partners, and although it has acknowledged the issue, many important details are still missing. A hacker at work (Kurt "CyberGuy" Knutsson)Adidas confirms vendor breach: Here’s what we knowAdidas has officially acknowledged that a third-party vendor suffered a breach, resulting in unauthorized access to consumer data. In a public notice titled "Data Security Information," the company revealed that a "third-party customer service provider" had been compromised. While the brand was initially silent on the scope, it had already been reported earlier this month that customers in Turkey and Korea had received breach notifications.MASSIVE DATA BREACH EXPOSES 184 MILLION PASSWORDS AND LOGINSAdidas posted this information on both its German and English websites. However, no specific region or number of affected individuals has been confirmed. The company’s statement did clarify that no payment information, such as credit card details, nor passwords were included in the breach. Instead, it involved contact details submitted by users to Adidas’ help desk in the past.Data obtained reportedly includes names, phone numbers, email addresses and dates of birth. While this might seem limited compared to financial data, this type of information can be exploited for phishing scams and identity theft.  An Adidas sign (Kurt "CyberGuy" Knutsson)What Adidas told customers after the breachIn the wake of the breach, Adidas began notifying potentially affected customers directly. The company's email to customers below aimed to reassure recipients and clarify what information was involved. Here is the full text of the notification sent to affected individuals.Dear customer,We are writing to inform you of an issue that we recently became aware of which may have impacted some of your data.What happenedadidas recently learned that an unauthorized external party gained access to certain customer data through a third-party customer service provider.What information was involvedThe affected data does not contain passwords, credit card or any other payment-related information. Nor have any Social Security numbers been impacted.It mainly consists of contact information relating to customers who had contacted our customer service help desk in the past. This may have included one or more of the following: name, email address, telephone number, gender and/or birth date.What we are doing Privacy and the security of your data is our priority. Upon becoming aware of this incident, adidas took proactive and immediate steps to investigate and contain the incident. This includes further enhancing security measures and resetting passwords for customer service accounts.What you can doWe are currently unaware of any harm (such as identity theft or fraud) being caused to our customers as a result of this incident. There are no immediate steps that you need to take. Although, as always, please remain vigilant and look out for any suspicious messages. As a reminder, adidas will never directly contact you to ask that you provide us with financial information, such as your credit card details, bank account information or passwords.Who you can contactIf you have any questions, then please contact our Customer Service team at https://www.adidas.com/us/helpWe apologise for any inconvenience caused by this incident.adidas TeamWhat Adidas hasn’t said about the vendor hackDespite the official acknowledgment, several questions remain unanswered. Adidas has yet to clarify whether this is a single breach affecting multiple regions or several separate incidents. The lack of transparency around the name of the third-party vendor and the absence of concrete numbers or locations for affected users has created frustration among observers and possibly among customers themselves.The earlier regional reports from Turkey and Korea might suggest that this incident was either global in scale or that similar third-party vendors were independently targeted. In either case, the company's current handling of the situation has left room for speculation. Adidas claims it is in the process of informing potentially affected customers, but it has not detailed the method or timeline for this outreach.We reached out to adidas for a comment, and a representative referred us to this statement on their website. In part, the company said, "We remain fully committed to protecting the privacy and security of our consumers, and sincerely regret any inconvenience or concern caused by this incident."GET FOX BUSINESS ON THE GO BY CLICKING HERE An Adidas shoe (Kurt "CyberGuy" Knutsson)6 critical steps to take after the Adidas data breachIf you think you were affected or just want to be cautious, here are some steps you can take right now to stay safe from the Adidas data breach:1. Scrub your data from the internet using a personal data removal service: The more exposed your personal information is online, the easier it is for scammers to use it against you. Following the Adidas breach, consider removing your information from public databases and people-search sites. Check out my top picks for data removal services here.Get a free scan to find out if your personal information is already out on the web.2. Watch out for phishing scams and use strong antivirus software: With access to your email and phone number, Adidas attackers can craft convincing phishing emails pretending to be from healthcare providers or banks. These emails might include malicious links designed to install malware or steal login information. To defend yourself, use a strong antivirus program. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.3. Safeguard against identity theft and use identity theft protection: Hackers now have access to high-value information from the Adidas breach. This makes you a prime target for identity theft. You might want to consider investing in identity theft protection, which can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. Signing up for identity theft protection gives you 24/7 monitoring, alerts for unusual activity and support if your identity is stolen. See my tips and best picks on how to protect yourself from identity theft.4. Set up fraud alerts: Requesting fraud alerts notifies creditors that they need extra verification before issuing credit in your name. You can request fraud alerts through any one of the three major credit bureaus; they’ll notify the others. This adds another layer of protection without completely freezing access to credit.5. Change passwords and use a password manager: Update passwords on any accounts tied to compromised data. Use unique passwords that are hard to guess and let a password manager do the heavy lifting by generating secure ones for you. Reused passwords are an easy target after breaches. Consider password managers for convenience and security. Get more details about my best expert-reviewed password managers of 2025 here.6. Be wary of social engineering attacks: Hackers may use stolen details like names or birthdates from breaches in phone scams or fake customer service calls designed to trick you into revealing more sensitive info. Never share personal details over unsolicited calls or emails. Social engineering attacks rely on trust, and vigilance is key.Kurt’s key takeawayThe Adidas breach shows that even companies with decades of brand equity and a massive global footprint are not immune to lapses in data security. It underscores the need for companies to go beyond basic compliance and actively evaluate the cybersecurity standards of every partner in their ecosystem. Consumers are becoming increasingly aware of the trade-offs they make when sharing their personal information, and brands that fail to meet this moment may find their reputations eroding faster than they expect.CLICK HERE TO GET THE FOX NEWS APPShould retailers be penalized for neglecting basic cybersecurity practices? Let us know by writing us atCyberguy.com/Contact.For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.Ask Kurt a question or let us know what stories you'd like us to cover.Follow Kurt on his social channels:Answers to the most-asked CyberGuy questions:New from Kurt:Copyright 2025 CyberGuy.com. All rights reserved. Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Few companies in the history of capitalism have amassed as much wealth and influence as Meta.A global superpower in the information space, Meta — the parent company of Facebook, Instagram, WhatsApp, and Threads — has a market cap of $1.68 trillion at the time of writing, which for a rough sense of scale is more than the gross domestic product of Spain.In spite of its immense influence, none of its internal algorithms can be scrutinized by public watchdogs. Its host country, the United States, has largely turned a blind eye to its dealings in exchange for free use of Meta's vast surveillance capabilities.That lack of oversight coupled with Meta's near-omnipresence as a social utility has had devastating consequences throughout the world, manifesting in crises like the genocide of Muslims in Myanmar, or the systemic suppression of Palestinian rights organizations.How do you uncover the harms caused by one of the most powerful companies on earth? In the case of public violence, the evidence isn't hard to trace. However, Meta's unprecedented corporate dynasty also creates less obvious harms, which scores of scholars, researchers, and journalists are devoting entire careers to uncovering.One prominent group of said investigators is GLAAD, the Gay & Lesbian Alliance Against Defamation, which recently released its annual report on social media safety, privacy, and expression for LGBTQ people.The report notes that Meta has undergone a "particularly extreme" ideological shift over the past year, adding harmful exceptions to its content moderation policies while disproportionately suppressing LGBTQ users and their content. The tech giant has also failed to give LGBTQ users sovereignty over their own personal data, which it collects, analyzes, and wields to generate huge profits.While Meta collects all of our data — from which it draws over 95 percent of its revenue — the practice is particularly harmful to LGBTQ users, who then have to contend with algorithmic biases, non-consensual outing, harassment, and in some countries state oppression."It's a dangerous time, certainly for trans people, who as a minority have been so ridiculously maligned, but also a dangerous time for gay people, openly bi[sexual] people, people who are different in any way," says Sarah Roberts, a UCLA professor and Director of the Center for Critical Internet Inquiry.To address these shortcomings and the dangers they introduce, GLAAD made a number of recommendations. One key suggestion was to improve moderation "by providing training for all content moderators focused on LGBTQ safety, privacy and expression." The media advocacy group doesn't mince words, adding that "AI systems should be used to flag for human review, not for automated removals."However, it doesn't look like Meta got the message.Weeks after GLAAD issued its findings, internal Meta documents leaked to NPR revealed the company's plan to hand 90 percent of its privacy and integrity reviews over to "artificial intelligence."This will impact nearly every new feature introduced to its platforms, where human moderators would typically evaluate new features for risks to privacy and safety, and the wellbeing of user groups like minors, immigrants, and LGBTQ people.Meta's internal risk assessment is an already opaque process, and Roberts notes that government attempts at risk oversight, like the EU's Digital Services Act, are likewise a labyrinth of filings which are largely dictated by the social media companies themselves. AI, chock full of biases and prone to errors — as admitted by Meta's own AI chief — is certain to make the situation even worse.Earlier this week, meanwhile, the Wall Street Journal revealed Meta's plans to fully automate advertising via the company's generative AI software, which will allow advertisers to "fully create and target ads" directly, with no human in the loop.This includes hyper-personalized ads, writes the WSJ, "so that users see different versions of the same ad in real time, based on factors such as geolocation."Data hoarders like Meta — which track you even when you're not using its platforms — have long been able to profile LGBTQ users based on gender identify and sexual orientation, including those who aren't publicly out.Removing any human from these already sinister practices serves to streamline operations and distance Meta from its own actions — "we didn't out gay users living under an oppressive government," the company can say, "even if our AI did." It's no coincidence that Meta had already disbanded its "Responsible AI" team as early as 2023.At the root of these decisions — Meta CEO Mark Zuckerberg's right wing turn notwithstanding — is the calculated drive to maximize revenue."If there's no reason to rigorously moderate harmful content, then why pay so many content moderators? Why engage researchers to look into the circulation of this kind of content?" observes Roberts. "There ends up being a real cost savings there.""One of the things I've always said is that content moderation of social media is not primarily about protecting people, it's about brand management," she told Futurism. "It's about the platform managing its brand in order to make the most hospitable environment for advertisers."Sometimes these corporate priorities line up with progressive causes, like LGBTQ user safety or voter registration. But when they don't, Roberts notes, "dollars are dollars.""We are looking at multibillion-dollar companies, the most capitalized companies in the world, who have operated with impunity for many, many years," she said. "How do you convince them that they should care, when other powerful sectors are telling them the opposite?"Share This Article

Photo credit: Checkwitch Poiron Architects Discover Montessori School, a project by Checkwitch Poiron Architects, consists of a 10-classroom Montessori farming school on the Agricultural Land Reserve outside of Nanaimo, on Vancouver Island. The client was committed to the idea of sustainability embedded in the Montessori principles of interconnectedness, citizenship and minimalism. Photo credit: Checkwitch Poiron Architects The zoning required that the site be easily returnable to farm use and more specifically precluded the use of a concrete slab on grade. This led Checkwitch Poiron Architects to identify low carbon construction as an achievable sustainable target. The budget was limited, and as such, all design decisions considered the implications on cost, schedule and carbon footprint. This included an analysis of various foundation strategies, including concrete piers and helical piles, prepared by structural engineers Fast and Epp with life cycle analysis by Introba. Photo credit: Checkwitch Poiron Architects The design uses recycled Douglas Fir floorboards as exterior cladding, and interior corridors are lined with Hemlock tiles using waste diverted from a lumber mill. The mechanical consultant (Introba) used the correlation between low precipitation levels and low school use during summer months to design one of the first rainwater catchment systems in British Columbia to be certified for commercial use. Photo credit: Checkwitch Poiron Architects This project demonstrates how low-carbon and sustainable construction can be achieved, despite budget limitations, by identifying opportunities and the use of practical, cost efficient design. Discover Montessori recently achieved CAGBC Zero Carbon Building Standard Certification, was the Overall Winner of the Vancouver Island Commercial Building Awards, and was awarded the BC Embodied Carbon Award for Large Buildings by the Carbon Leadership Forum (CLF). Photo credit: Checkwitch Poiron Architects The project also incorporates water-saving design strategies and collects rainwater for potable water use, as the first project of this kind approved in BC. Photo credit: Checkwitch Poiron Architects Technical Sheet: Location: Nanaimo, BC Client: Discover Montessori Size: 12,492 sf Status: Completed 2023 The post Discover Montessori School achieves CAGBC Zero Carbon certification appeared first on Canadian Architect.

ExpressVPN is good at its job. It's easy to be skeptical of any service with a knack for self-promotion, but don't let ExpressVPN's hype distract you from the fact that it keeps its front-page promise of "just working." Outside of solid security, the two best things ExpressVPN offers are fast speeds and a simple interface. Our tests showed only a 7% average drop in download speed and a 2% loss of upload speed, worldwide. And while the lack of extra features may frustrate experienced users, it makes for a true set-and-forget VPN on any platform. This isn't to say ExpressVPN is without flaws — it's nearly bereft of customization options and it's notably more expensive than its competition — but it beats most VPNs in a head-to-head matchup. For this review, we followed our rigorous 10-step VPN testing process, exploring ExpressVPN's security, privacy, speed, interfaces and more. Whether you read straight through or skip to the sections that are most important for you, you should come away with all the information you need to decide whether to subscribe. Editors' note: We're in the process of rebooting all of our VPN reviews from scratch. Once we do a fresh pass on the top services, we'll be updating each review with a rating and additional comparative information. Table of contents Findings at a glance Installing, configuring and using ExpressVPN ExpressVPN speed test: Very fast averages ExpressVPN security test: Checking for leaks How much does ExpressVPN cost? ExpressVPN side apps and bundles Close-reading ExpressVPN's privacy policy Can ExpressVPN change your virtual location? Investigating ExpressVPN's server network Extra features of ExpressVPN ExpressVPN customer support options ExpressVPN background check: From founding to Kape Technologies Final verdict Findings at a glance Category Notes Installation and UI All interfaces are clean and minimalist, with no glitches and not enough depth to get lost in Windows and Mac clients are similar in both setup and general user experience Android and iOS are likewise almost identical, but Android has a nice-looking dark mode Speed Retains a worldwide average of 93% of starting download speeds Upload speeds average 98% of starting speeds Latency rises with distance, but global average stayed under 300 ms in tests Security OpenVPN, IKEv2 and Lightway VPN protocols all use secure ciphers Packet-sniffing test showed working encryption We detected no IP leaks Blocks IPv6 and WebRTC by default to prevent leaks Pricing Base price: $12.95 per month or $99.95 per year Lowest prepaid rate: $4.99 per month Can save money by paying for 28 months in advance, but only once per account 30-day money-back guarantee Bundles ExpressVPN Keys password manager and ID alerts included on all plans Dedicated IP addresses come at an extra price ID theft insurance, data removal and credit scanning available to new one-year and two-year subscribers for free 1GB eSIM deal included through holiday.com Privacy policy No storage of connection logs or device logs permitted The only risky exceptions are personal account data (which doesn't leave the ExpressVPN website) and marketing data (which the policy says should be anonymized) An independent audit found that ExpressVPN's RAM-only server infrastructure makes it impossible to keep logs Virtual location change Successfully unblocked five international Netflix libraries, succeeding on 14 out of 15 attempts Server network 164 server locations in 105 countries 38% of servers are virtual, though most virtual locations are accessed through physical servers within 1,000 miles A large number of locations in South America, Africa and central Asia Features Simple but effective kill switch Can block ads, trackers, adult sites and/or malware sites but blocklists can't be customized Split tunneling is convenient but unavailable on iOS and modern Macs Aircove is the best VPN router, albeit expensive Customer support Setup and troubleshooting guides are organized and useful, with lots of screenshots and videos Live chat starts with a bot but you can get to a person within a couple minutes Email tickets are only accessible from the mobile apps or after live chat has failed Background check Founded in 2009; based in the British Virgin Islands Has never been caught selling or mishandling user data Turkish police seized servers in 2017 but couldn't find any logs of user activity Owned by Kape Technologies, which also owns CyberGhost and Private Internet Access A previous CIO formerly worked on surveillance in the United Arab Emirates; no evidence of shady behavior during his time at ExpressVPN Windows Version 12 leaked some DNS requests when Split Tunneling was active Installing, configuring and using ExpressVPN This section focuses on how it feels to use ExpressVPN on each of the major platforms where it's available. The first step for any setup process is to make an account on expressvpn.com and buy a subscription. Windows Once subscribed, download the Windows VPN from either expressvpn.com or the Microsoft Store, then open the .exe file. Click "Yes" to let it make changes, wait for the install, then let your computer reboot. Including the reboot, the whole process takes 5-10 minutes, most of it idle. To finish, you'll need your activation code, which you can find by going to expressvpn.com and clicking "Setup" in the top-right corner. You can install ExpressVPN's Windows app from the Microsoft store, but we found the website more convenient. Sam Chapman for Engadget Extreme simplicity is the watchword for all ExpressVPN's designs. The Windows client's launch panel consists of three buttons and less than ten words. You can change your location or let the app pick a location for you — the "Smart Location" is the server with the best combination of being nearby and unburdened. Everything else is crammed into the hamburger menu at the top left. Here, in seven tabs, you'll find the Network Lock kill switch, the four types of content blockers, the split tunneling menu and the option to change your VPN protocol. You can also add shortcuts to various websites, useful if you regularly use your VPN for the same online destinations. To sum up, there's almost nothing here to get in the way: no delays, no snags, no nested menus to get lost in. It may be the world's most ignorable VPN client. That's not a bad thing at all. Mac ExpressVPN's app for macOS is almost identical in design to its Windows app. The process for downloading and setting it up is nearly the same too. As on Windows, it can be downloaded from the App Store or sideloaded directly from the expressvpn.com download center. Only a few features are missing and a couple others have been added. Split tunneling is gone (unless you're still on a macOS lower than 11), and you won't see the Lightway Turbo setting. ExpressVPN recommends some servers, but it's easy to search the whole list. Sam Chapman for Engadget Mac users do gain access to the IKEv2 protocol, along with the option to turn off automatic IPv6 blocking — Windows users have to leave it blocked at all times. Almost every website is still accessible via IPv4, but it's useful if you do need to access a specific IPv6 address while the VPN is active. Android Android users can download ExpressVPN through the Google Play Store. Open the app, sign in and you're ready to go. The Android app has a very nice dark-colored design, only slightly marred by an unnecessary information box about how long you've used the VPN this week. ExpressVPN's Android app puts a little more information on the screen than it needs to, but still runs well. Sam Chapman for Engadget There's a large button for connecting. Clicking on the server name takes you to a list of locations. On this list, you can either search or scroll and can choose individual locations within a country that has more than one. We connected to as many far-flung server locations as we could, but not a single one took longer than a few seconds. The options menu is organized sensibly, with no option located more than two clicks deep. You will see a couple of options here that aren't available on desktop, the best of which is the ability to automatically connect to your last-used ExpressVPN server whenever your phone connects to a non-trusted wifi network. There are also a few general security tools: an IP address checker, DNS and WebRTC leak testers and a password generator. These are also available on the website, but here, they're built into the app. With the exception of the latter, we'd recommend using third-party testing tools instead — even a VPN with integrity has an incentive to make its own app look like it's working. iPhone and iPad You can only install ExpressVPN's iOS app through the app store. During setup, you may need to enter your password to allow your phone to use VPN configurations. Otherwise, there are no major differences from the Android process. ExpressVPN looks good on iPhone and iPad. Sam Chapman for Engadget The interface is not quite as pleasing as the dark-mode Android app, but it makes up for that by cutting out some of the clutter. The tabs and features are similar, though split tunneling and shortcuts are absent. Also, both mobile apps make customer support a lot more accessible than their desktop counterparts — plus, mobile is the only way to send email support tickets. Browser extension ExpressVPN also includes browser extensions for Firefox and Chrome. These let you connect, disconnect and change server locations without leaving your browser window. It's nice, but not essential unless you have a very specific web browser flow you like. ExpressVPN speed test: Very fast averages Connecting to a VPN almost always decreases your speed, but the best VPNs mitigate the drop as much as possible. We used Ookla's speed testing app to see how much of your internet speed ExpressVPN preserves. For this test, we emphasized the locations ExpressVPN uses for most of its virtual servers, including the Netherlands, Brazil, Germany and Singapore. Some terms before we start: Latency, measured in milliseconds (ms), is the time it takes one data packet to travel between your device and a web server through the VPN. Latency increases with distance. It's most important for real-time tasks like video chatting and online gaming. Download speed, measured in megabits per second (Mbps), is the amount of information that can download onto your device at one time — such as when loading a web page or streaming a video. Upload speed, also measured in Mbps, is the amount of information your device can send to the web at once. It's most important for torrenting, since the amount of data you can seed determines how fast you can download in exchange. The table below shows our results. We conducted this on Windows, using the automatic protocol setting with the Lightway Turbo feature active — a recent ExpressVPN addition that keeps speed more consistent by processing connections in parallel. Server location Latency (ms) Increase factor Download speed (Mbps) Percentage dropoff Upload speed (Mbps) Percentage dropoff Portland, Oregon, USA (unprotected) 18 -- 58.77 -- 5.70 -- Seattle, Washington, USA (best server) 26 1.4x 54.86 6.7% 5.52 3.2% New York, NY, USA 156 8.7x 57.25 2.6% 5.57 2.3% Amsterdam, Netherlands 306 17x 53.83 8.4% 5.58 2.1% São Paulo, Brazil 371 20.6x 53.82 8.4% 5.65 0.9% Frankfurt, Germany 404 22.4x 55.71 5.2% 5.67 0.5% Singapore, Singapore 381 21.2x 52.76 10.2% 5.64 1.0% Average 274 15.2x 54.71 6.9% 5.61 1.6% These are extremely good results. ExpressVPN is a winner on both download and upload speed. No matter where we went in the world, we never lost more than about 7% of our download speeds, and upload lost an astoundingly low average of 2%. This suggests that ExpressVPN deftly distributes its user load between servers to eliminate bottlenecks. This Ookla speedtest shows you can still get fast internet while connected to ExpressVPN -- our unprotected speeds are around 58 Mbps. Sam Chapman for Engadget The latency numbers look worse, but the rise in the table is less sharp than we projected. Ping length depends far more on distance than download speed does, so we expect it to shoot up on servers more than 1,000 miles from our location. Keeping the average below 300 ms, as ExpressVPN does here, is a strong showing. ExpressVPN security test: Checking for leaks A VPN's core mission is to hide your IP address and make you untraceable online. Our task in this section is to figure out if ExpressVPN can carry out this mission every time you connect. While we can't be 100% certain, the tests we'll run through below have led us to believe that ExpressVPN is currently leak-proof. Available VPN protocols A VPN protocol is like a common language that a VPN server can use to mediate between your devices and the web servers you visit. If a VPN uses outdated or insecure protocols, or relies on unique protocols with no visible specs or source code, that's a bad sign. Not all protocols are available on all apps, but Mac has the full range. Sam Chapman for Engadget ExpressVPN gives you a selection of three protocols: IKEv2, OpenVPN and Lightway. The first two are solid choices that support the latest encryption algorithms. OpenVPN has been fully open-source for years and is the best choice if privacy is your goal. While IKEv2 started life as a closed project by Microsoft and Cisco, ExpressVPN uses an open-source reverse-engineering, which is both better for privacy and quite fast. Lightway is the odd one out, a protocol you'll only find on ExpressVPN, though its source code is available on Github. It's similar to WireGuard, in that both reach for faster speeds and lower processing demands by keeping their codebases slim. However, Lightway was recently rewritten in Rust to better protect the keys stored in its memory. Ultimately, you can't go wrong with any of ExpressVPN's protocol options. 99% of the time, your best choice will be to set the controls to Automatic and let the VPN decide which runs best. Testing for leaks ExpressVPN is one of the best services, but it's not leak-proof (as you can read in the Background Check below). Luckily, checking for DNS leaks is a simple matter of checking your IP address before and after connecting to a VPN server. If the new address matches the VPN server, you're good; if not, your VPN is leaking. First, we checked the Windows app with split tunneling active to ensure the flaw really had been patched. We tested several servers and didn't find any leaks, which suggests the patch worked, though leaks were rare even before ExpressVPN fixed the vulnerability. We checked our IP while connected to the virtual India location, which is run from a physical server in Singapore. Don't worry -- it still looks like India to streaming services. Sam Chapman for Engadget In fact, we didn't find any leaks on any ExpressVPN server we tested on any platform. Though questions remain about iOS, as you'll see later in this section, that's a problem on Apple's end that even the best VPNs can do very little about for now. The most common cause of VPN leaks is the use of public DNS servers to connect users to websites, which can mistakenly send browsing activity outside the VPN's encrypted tunnel. ExpressVPN avoids the risks of the public system by installing its own DNS resolvers on every server. This is the key factor behind its clean bill of health in our leak testing. Two other common flaws can lead to VPN leaks: WebRTC traffic and IPv6. The former is a communication protocol used in live streaming and the latter is a new IP standard designed to expand domain availability. Both are nice, but currently optional, so ExpressVPN automatically blocks both to ensure there's no opportunity for leaks to arise. One note about VPN security on iOS: it's a known and continuing problem that iOS VPNs do not prevent many online apps from communicating with Apple directly, outside the VPN tunnel. This risks leaking sensitive data, even with Lockdown Mode active in iOS 16. A blog post by Proton VPN shares a workaround: connect to a VPN server, then turn Airplane Mode on and off again to end all connections that were active before you connected to the VPN. Testing encryption We finished up our battery of security tests by checking out ExpressVPN's encryption directly. Using WireShark, a free packet sniffer, we inspected what it looks like when ExpressVPN transmits data from one of its servers to the internet. The screenshot below shows a data stream encrypted with Lightway UDP. After connecting to ExpressVPN, HTTP packets were rendered unreadable while in transit. Sam Chapman for Engadget That lack of any identifiable information, or even readable information, means encryption is working as intended. We repeated the test several times, always getting the same result. This left us satisfied that ExpressVPN's core features are working as intended. How much does ExpressVPN cost? ExpressVPN subscriptions cost $12.95 per month. Long-term subscriptions can bring the monthly cost down, but the great deals they offer tend to only last for the first billing period. A 12-month subscription costs $99.95 and includes three months for free with your first payment, costing a total of $6.67 per month. The bonus disappears for all subsequent years, raising the monthly cost to $8.33. You can also sign up for 28 months at a cost of $139.72, but this is also once-only — ExpressVPN can only be renewed at the $99.95 per year level. There are two ways to test ExpressVPN for free before making a financial commitment. Users on iOS and Android can download the ExpressVPN app without entering any payment details and use it free for seven days. On any platform, there's a 30-day money-back guarantee, which ExpressVPN has historically honored with no questions asked. You will have to pay before you can use it, though. In our opinion, ExpressVPN's service is solid enough that it's worth paying extra. Perhaps not this much extra, but that depends on what you get out of it. We recommend using the 30-day refund period and seeing how well ExpressVPN works for you. If it's a VPN you can enjoy using, that runs fast and unblocks everything you need, that's worth a server's weight in gold. ExpressVPN side apps and bundles ExpressVPN includes some special features that work mostly or wholly separate from its VPN apps. Some of these come free with a subscription, while others add an extra cost. Every subscription includes the ExpressVPN keys password manager. This is available under its own tab on the Android and iOS apps. On desktop, you'll need to download a separate extension from your browser's store, then sign in using your account activation code. It's available on all Chromium browsers, but not Firefox. Starting in 2025, new subscribers get an eSIM plan through holiday.com, a separate service linked to ExpressVPN. The baseline 1GB holiday eSIM plans last for 5 days and can apply to countries, regions, or the entire world (though it's not clear whether the package deal applies to the regional and global plans). Longer-term plans include larger eSIM plans. You can add a dedicated IP address to your ExpressVPN subscription for an additional cost per month. A dedicated IP lets you use the same IP address every time you connect to ExpressVPN. You can add the address to whitelists on restricted networks, and you're assured to never be blocked because of someone else's bad activity on a shared IP. Unlike many of its competitors, ExpressVPN doesn't currently offer antivirus or online storage services, but there is a comprehensive bundle of ID protection tools called Identity Defender. We haven't reviewed any of these products in detail, but here's a list for reference: ID Alerts will inform you if any of your sensitive information is leaked or misused online. It's free with all plans, but you'll have to enter your personal information on your ExpressVPN account page or a mobile app. ID Theft Insurance grants up to $1 million in identity theft reimbursement and comes free with new ExpressVPN one-year or two-year subscriptions. It's not yet available to those who subscribed before it launched in October 2024. Data Removal scans for your information in data brokerages and automatically requests that it be deleted. It's also free with one-year and two-year plans. Credit Scanner is only available for United States users. It monitors your activity on the three credit bureaus so you can quickly spot any suspicious transactions. The Identity Defender features are currently only available to new ExpressVPN customers in the US. Close-reading ExpressVPN's privacy policy Although we worry that the consolidation of VPN brands under the umbrella of Kape Technologies (ExpressVPN's parent company) will make the industry less competitive, we don't believe it's influencing ExpressVPN to take advantage of its users' privacy. To confirm, and get a full sense of what sort of privacy ExpressVPN promises its users, we set out to read ExpressVPN's privacy policy in detail. It's long, but thankfully aimed at casual users instead of lawyers. You can see it for yourself here. In the introduction, ExpressVPN states that it does not keep either activity logs (such as a user's browsing history while connected to the VPN) or connection logs (such as the duration of a user's session and their IP address, which can be used to extrapolate browsing activity). It then specifies the seven types of data it's legally allowed to collect: Data used to sign up for an account, such as names, emails and payment methods. VPN usage data which is aggregated and can't be traced to any individual. Credentials stored in the ExpressVPN Keys password manager. Diagnostic data such as crash reports, which are only shared upon user request. IP addresses authorized for MediaStreamer, which is only for streaming devices that don't otherwise support VPN apps. Marketing data collected directly from the app — a "limited amount" that's kept anonymous. Data voluntarily submitted for identity theft protection apps. Of those seven exceptions, the only ones that count as red flags are account data and marketing data. Both categories are highly personal and could be damaging if mishandled. Fortunately, complying with subpoenas is not one of the allowed uses listed for either data category, nor does the policy let ExpressVPN sell the data to other private parties. The only really annoying thing here is that if you ask ExpressVPN to delete your personal data, you won't be able to use your account from then on. You aren't even eligible for a refund in this case, unless you're within 30 days of your initial subscription. As for marketing data, ExpressVPN collects device fingerprints and location data when you sign up for an account on its website. The privacy policy also claims this is anonymized, as its "systems are engineered to decouple such data from personally identifiable information." Audits corroborate this, as we'll see in the next section. So, while it would be better if ExpressVPN didn't collect any personal data at all, its practices don't appear to pose a risk to anything you do while using the VPN — just the ExpressVPN website. Privacy audits VPN providers often get third-party accounting firms to audit their privacy policies. The idea is that a well-known firm won't mortgage its reputation to lie on behalf of a VPN, so their results can be trusted. For the last several years, ExpressVPN has had KPMG look over its privacy policy and relevant infrastructure (see "TrustedServer" below). KPMG's most recent report, completed in December 2023 and released in May 2024, found that ExpressVPN had enough internal controls in place that users could trust its privacy policy. The report is freely available to read. This is a very good sign, though we're looking out for a more up-to-date audit soon. TrustedServer "TrustedServer" is a marketing term ExpressVPN uses for its RAM-only server infrastructure. RAM-only servers have no hard drives for long-term storage and return to a standard disk image with every reboot. This makes it theoretically impossible to store user activity logs on them, even if ExpressVPN wanted to do that. The KPMG audit, linked above, reports that TrustedServer works as advertised. Between its many clean privacy audits and the Turkish server incident in 2017, we're prepared to say ExpressVPN is a private VPN, in spite of its aggravating exception for marketing. Can ExpressVPN change your virtual location? Next, we tested whether ExpressVPN can actually convince websites that you're somewhere other than your real location. Our security tests have already proven it can hide your IP address, but it takes more than leak-proofing to fool streaming sites these days — Netflix and the others have gotten very good at combing through metadata to sniff out proxy users. The process for testing this is a lot like how we handled the DNS leak tests: try several different servers and see if we get caught. We checked five sample locations outside the U.S. to see if we a) got into Netflix and b) saw different titles in the library. The results are below. Server Location Unblocked Netflix? Library changed? Canada Y Y United Kingdom Y (second try; Docklands failed) Y Slovakia Y Y India Y Y (different from UK library) Australia Y Y In fifteen tests, ExpressVPN slipped up only once. Docklands, the UK server it chose as the fastest, wasn't able to access Netflix. We switched to a server labeled simply "London" and unblocked it without issue. ExpressVPN can change your virtual location so you can explore the wonderful world of K-drama. Sam Chapman for Engadget All the other locations got us access to an alternate Netflix library on the first try. We even checked whether the India server, which is physically located in the UK, showed us different videos than the UK servers. It did, which makes us even more confident that ExpressVPN's virtual locations are airtight. Investigating ExpressVPN's server network ExpressVPN users can connect to a total of 164 server locations in 105 countries and territories. These locations are reasonably well distributed across the globe, but as with all VPNs, there's a bias toward the northern hemisphere. There are 24 locations in the U.S. alone and a further 66 in Europe. That isn't to say users in the Global South get nothing. ExpressVPN has IP addresses from nine nations in South America (Argentina, Brazil, Bolivia, Chile, Colombia, Ecuador, Peru, Uruguay and Venezuela) and six in Africa (Algeria, Egypt, Ghana, Kenya, Morocco and South Africa). The network even includes Kazakhstan, Uzbekistan and Mongolia, impressive since central Asia may be the region most often shafted by VPNs. However, many of these servers have virtual locations different from their real ones. For those of you choosing a server based on performance instead of a particular IP address, ExpressVPN's website has a helpful list of which servers are virtual. The bad news is that it's a big chunk of the list. A total of 63 ExpressVPN locations are virtual, or 38% of its entire network. To reduce the sting, ExpressVPN takes care to locate virtual servers as close to their real locations as possible. Its virtual locations in Indonesia and India are physically based in Singapore. This isn't always practical, leading to some awkwardness like operating a Ghana IP address out of Germany. But it helps ExpressVPN perform better in the southern hemisphere. Extra features of ExpressVPN Compared to direct competitors like NordVPN and Surfshark, ExpressVPN doesn't have many special features. It's aimed squarely at the casual market and will probably disappoint power users. Having said that, what they do include works well. In this section, we'll run through ExpressVPN's four substantial features outside its VPN servers themselves. Network Lock kill switch "Network Lock" is the name ExpressVPN gives to its kill switch (though it's called "Network Protection" on mobile). A VPN kill switch is a safety feature that keeps you from broadcasting outside the VPN tunnel. If it ever detects that you aren't connected to a legitimate ExpressVPN server, it cuts off your internet access. You won't be able to get back online until you either reconnect to the VPN or disable Network Lock. ExpressVPN's kill switch is called Network Lock on desktop, and Network Protection on mobile (Android pictured) Sam Chapman for Engadget This is important for everyone, not just users who need to hide sensitive traffic. The recently discovered TunnelVision bug theoretically allows hackers to set up fake public wi-fi networks through which they redirect you to equally fake VPN servers, which then harvest your personal information. It's unlikely, but not impossible, and a kill switch is the best way to prevent it — the switch always triggers unless you're connected to a real server in the VPN's network. Like most of ExpressVPN's features, all you can do with Network Lock is turn it on and off. You can also toggle whether you'll still be able to access local devices while the kill switch is blocking your internet — this is allowed by default. Threat manager, ad blocker and parental controls ExpressVPN groups three tools under the heading of "advanced protection" — Threat Manager, an ad blocker and parental controls. Threat Manager consists of two checkboxes: one that blocks your browser from communicating with activity tracking software and one that blocks a list of websites known to be used for malware. Check any of these boxes to use the pre-set blocklists whenever you're connected to ExpressVPN. Sam Chapman for Engadget You can't customize the lists, so you're limited to what ExpressVPN considers worthy of blocking. They share their sources on the website. While the lists are extensive and open-source, they rely on after-the-fact reporting and can't detect and block unknown threats like a proper antivirus. The adblock and parental control options work the same way: check a box to block everything on the list, uncheck it to allow everything through. In tests, the ad blocker was nearly 100% effective against banner ads, but failed to block any video ads on YouTube or Netflix. The parental control option blocks a list of porn sites. It's an easy option for concerned parents, but only works while ExpressVPN is connected. As such, it's meant to be used in conjunction with device-level parental controls that prevent the child from turning off or uninstalling the VPN client. Split tunneling Sometimes, you'll find it helpful to have your device getting online through two different IP addresses at once — one for your home services and one for a location you're trying to spoof. That's where split tunneling is helpful: it runs some apps through the VPN while leaving others unprotected. This can also improve your speeds, since the VPN needs to encrypt less in total. You can configure split tunneling through either a blocklist or an allowlist. Sam Chapman for Engadget ExpressVPN includes split tunneling on Windows, Android and Mac (though only on versions 10 and below). You can only split by app, not by website, but it's still pretty useful. For example, you can have BitTorrent handling a heavy download in the background while you use your browser for innocuous activities that don't need protecting. ExpressVPN Aircove router By now, it should be clear that we find ExpressVPN to be a highly reliable but often unexceptional VPN service. However, there's one area in which it's a clear industry leader: VPN routers. ExpressVPN Aircove is, to our knowledge, the only router with a built-in commercial VPN that comes with its own dashboard interface. Usually, installing a VPN on your router requires tinkering with the router control panel, which turns off all but the most experienced users — not to mention making it a massive pain to switch to a new server location. Aircove's dashboard, by contrast, will be instantly familiar to anyone who already knows how to use an ExpressVPN client. It even allows different devices in your home to connect to different locations through the router VPN. Aircove's biggest drawback is its price. Currently retailing at $189 (not including an ExpressVPN subscription), it's around three times more expensive than an aftermarket router fitted with free VPN firmware. Some of you might still find the convenience worth the one-time payment. ExpressVPN customer support options ExpressVPN's written help pages are some of the best on the market. Its live chat is more of a mixed bag, and complex questions may cause delays. However, it is at least staffed with human agents who aim to reply accurately, rather than resolve your ticket as quickly as possible. You can directly access both live chat and email from ExpressVPN's mobile apps (on desktop, you'll have to go to the website). Sam Chapman for Engadget We approached ExpressVPN's support features with a simple question: "If I requested that ExpressVPN delete all my personal data, would I be able to get a refund for my unused subscription time?" (Remember from the Privacy Policy section that submitting a full deletion request also cancels your ExpressVPN account.) Our first stop was expressvpn.com/support, the written support center and FAQ page. It's divided into setup guides, troubleshooting, account management and information on each of ExpressVPN's products. The setup guides are excellent, including screenshots and clearly written steps; each one includes a video guide for those who learn better that way. Troubleshooting is just as good — no videos, but the same standards of clarity and usefulness prevail. The section starts with general problems, then delves into specific issues you might face on each operating system. Each article clearly derives from a real customer need. The live support experience To get answers on our refund question, we visited the account management FAQs. This section stated that the refund policy only applies within 30 days of purchase. Pretty clear-cut, but we still wanted an answer on our special case, so we contacted live chat by clicking the button at the bottom-right of every FAQ page. Live chat is in the bottom-right corner of every page of expressvpn.com. Sam Chapman for Engadget Live chat starts with an AI assistant, which is not too hard to get past — just ask it a question it can't answer, then click "Transfer to an Agent." We got online with (what claimed to be) a human in less than a minute. Answering the question took longer and involved an uncomfortable 10-minute silence, but we did get a clear verdict from a real person: refunds are within 30 days only, no matter what. If the live chat agent can't answer your question, you'll be redirected to open an email support ticket. Annoyingly, there's no way to go directly to email support through the website or desktop apps, though mobile users have the option to skip directly there. ExpressVPN background check: From founding to Kape Technologies ExpressVPN launched in 2009, which makes it one of the oldest consumer VPNs in continual operation. In more than 15 years of operation, it's never been caught violating its own privacy policy, though its record isn't free of more minor blemishes. Headquarters in the British Virgin Islands Founders Dan Pomerantz and Peter Burchhardt registered the company in the British Virgin Islands from the start to take advantage of that territory's favorable legal environment for online privacy. The BVIs have no law requiring businesses to retain data on their users, and the process for extraditing data is famously difficult, requiring a direct order from the highest court. In 2021, the BVI implemented the Data Protection Act (DPA) [PDF link], which prevents companies based in the territory from accessing data on their users anywhere in the world. It's a great privacy law in theory, modeled on best-in-class legislation in the EU. However, we couldn't find any evidence that its supervising authority — the Office of the Information Commissioner — has a leader or staff. In other words, while ExpressVPN is not legally required to log any data on its users, there's technically nobody stopping them from doing so. Whether you trust the jurisdiction depends on whether you trust the company itself. Let's see what the other evidence says. Security and privacy incidents Two significant incidents stand out from ExpressVPN's 16-year history. In 2017, when Andrei Karlov, Russia's ambassador to Turkey, was shot to death at an art show. Turkish police suspected someone had used ExpressVPN to mask their identity while they deleted information from social media accounts belonging to the alleged assassin. To investigate, they confiscated an ExpressVPN server to comb for evidence. They didn't find anything. A police seizure is the best possible test of a VPN's approach to privacy. The provider can't prepare beforehand, fake anything, or collude with investigators. The Turkey incident is still one of the best reasons to recommend ExpressVPN, though eight years is a long time for policy to change. The second incident began in March 2024, when a researcher at CNET informed ExpressVPN that its version 12 for Windows occasionally leaked DNS requests when users enabled the split tunneling feature. While these users remained connected to an ExpressVPN server, their browsing activity was often going directly to their ISP, unmasked. The bug only impacted a few users, and to their credit, ExpressVPN sprang into action as soon as they learned about it. The team had it patched by April, as confirmed by the researcher who initially discovered the vulnerability. But while their quick and effective response deserves praise, it's still a mark against them that a journalist noticed the bug before they did. Kape Technologies ownership and management questions In 2021, an Israeli-owned, UK-based firm called Kape Technologies purchased a controlling interest in ExpressVPN. In addition to ExpressVPN, privately held Kape owns CyberGhost, Private Internet Access, and Zenmate (before it merged into CyberGhost). As shown on its website, it also owns Webselenese, publisher of VPN review websites WizCase and vpnMentor, which poses an apparent conflict of interest. When reached for comment, a representative for ExpressVPN said that "ExpressVPN does not directly engage with, nor seek to influence, the content on any Webselenese site," and pointed us to disclosure statements on the websites in question — here's one example. Even so, it's a good reminder not to take VPN reviews at face value without knowing who's behind them (Engadget is owned by Yahoo, which does not own any VPNs). Diving deeper into the background of Kape's ownership will lead you to owner Teddy Sagi. Go back far enough, and you'll see he did prison time in Israel and was mentioned in the Pandora Papers, among other things. More recently, headlines about the billionaire have focused more his businesses in the online gambling and fintech arenas, as well as his real estate ventures. An ExpressVPN representative told us that "Kape's brands continue to operate independently," and our investigation bore that out — we couldn't find any proof that Kape or Sagi have directly attempted to influence ExpressVPN's software or daily operations. Closer to the immediate day-to-day operations of ExpressVPN was the company's employment of Daniel Gericke as CTO from 2019 through 2023. During that time, the US Justice Department announced it had fined Gericke and two others for their previous employment on a surveillance operation called Project Raven, which the United Arab Emirates (UAE) used to spy on its own citizens. The revelation prompted a public response from ExpressVPN defending its decision to hire Gericke, arguing that "[t]he best goalkeepers are the ones trained by the best strikers." ExpressVPN's representative confirmed that the company still stands by that linked statement. Gericke parted ways with ExpressVPN in October 2023, per his LinkedIn profile. While we don't know what we don't know, we can say that ExpressVPN has not notably changed its public-facing security and privacy policies during the time it's been connected to Kape, Sagi, or Gericke. In the end, how much ExpressVPN's history matters to you is a personal choice. If you object to any current or past actions by Kape Technologies or Teddy Sagi, there are other premium VPN options you might prefer. If you need more information to make up your mind, we recommend reading through CNET's 2022 deep dive on ExpressVPN's corporate history. Final verdict ExpressVPN is the VPN we most often recommend to beginners. It takes zero training to use, and consistently gets past filters on streaming sites. It also runs in the background with virtually no impact. If anything is worth the high price of admission, it's the excellent speeds distributed evenly across the worldwide server network. However, for certain specific cases, ExpressVPN may not be the best choice. There's no way to set up your own server locations, like NordVPN offers, and no double VPN connections, like you can build for yourself on Surfshark. Its corporate background is more suspect than the entities backing Proton VPN, and unlike Mullvad, ExpressVPN doesn't work in China — it's so well-known that the government targets its servers specifically. We suggest going with ExpressVPN for general online privacy, for spoofing locations in your home country while traveling, or if you regularly need to unblock sites in other countries. That encompasses 19 of every 20 users, which is fine by us, as ExpressVPN is a great service. It's just more of a reliable old screwdriver than a multi-tool. This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/vpn/expressvpn-review-2025-fast-speeds-and-a-low-learning-curve-160052884.html?src=rss

When the computer or phone you’re using right now blinks its last blink and you drop it off for recycling, do you know what happens? At the recycling center, powerful magnets will pull out steel. Spinning drums will toss aluminum into bins. Copper wires will get neatly bundled up for resale. But as the conveyor belt keeps rolling, tiny specks of valuable, lesser-known materials such as gallium, indium, and tantalum will be left behind. Those tiny specks are critical materials. They’re essential for building new technology, and they’re in short supply in the U.S. They could be reused, but there’s a problem: Current recycling methods make recovering critical minerals from e-waste too costly or hazardous, so many recyclers simply skip them. Sadly, most of these hard-to-recycle materials end up buried in landfills or get mixed into products like cement. But it doesn’t have to be this way. New technology is starting to make a difference. As demand for these critical materials keeps growing, discarded electronics can become valuable resources. My colleagues and I at West Virginia University are developing a new technology to change how we recycle. Instead of using toxic chemicals, our approach uses electricity, making it safer, cleaner, and more affordable to recover critical materials from electronics. How much e-waste are we talking about? Americans generated about 2.7 million tons of electronic waste in 2018, according to the latest federal data. Including uncounted electronics, the U.S. recycles only about 15% of its total e-waste, suggests a survey by the United Nations. Even worse, nearly half the electronics that people in Northern America sent to recycling centers end up shipped overseas. They often land in scrapyards, where workers may use dangerous methods like burning or leaching with harsh chemicals to pull out valuable metals. These practices can harm both the environment and workers’ health. That’s why the Environmental Protection Agency restricts these methods in the U.S. The tiny specks matter Critical minerals are in most of the technology around you. Every phone screen has a super-thin layer of a material called indium tin oxide. LEDs glow because of a metal called gallium. Tantalum stores energy in tiny electronic parts called capacitors. All of these materials are flagged as “high risk” on the U.S. Department of Energy’s critical materials list. That means the U.S. relies heavily on these materials for important technologies, but their supply could easily be disrupted by conflicts, trade disputes, or shortages. Right now, just a few countries, including China, control most of the mining, processing, and recovery of these materials, making the U.S. vulnerable if those countries decide to limit exports or raise prices. These materials aren’t cheap, either. For example, the U.S. Geological Survey reports that gallium was priced between $220 to $500 per kilogram in 2024. That’s 50 times more expensive than common metals like copper, at $9.48 per kilogram in 2024. Revolutionizing recycling with microwaves At West Virginia University’s Department of Mechanical, Materials, and Aerospace Engineering, I and materials scientist Edward Sabolsky asked a simple question: Could we find a way to heat only specific parts of electronic waste to recover these valuable materials? If we could focus the heat on just the tiny specks of critical minerals, we might be able to recycle them easily and efficiently. The solution we found: microwaves. This equipment isn’t very different from the microwave ovens you use to heat food at home, just bigger and more powerful. The basic science is the same: Electromagnetic waves cause electrons to oscillate, creating heat. In our approach, though, we’re not heating water molecules like you do when cooking. Instead, we heat carbon, the black residue that collects around a candle flame or car tailpipe. Carbon heats up much faster in a microwave than water does. But don’t try this at home; your kitchen microwave wasn’t designed for such high temperatures. In our recycling method, we first shred the electronic waste, mix it with materials called fluxes that trap impurities, and then heat the mixture with microwaves. The microwaves rapidly heat the carbon that comes from the plastics and adhesives in the e-waste. This causes the carbon to react with the tiny specks of critical materials. The result: a tiny piece of pure, sponge-like metal about the size of a grain of rice. This metal can then be easily separated from leftover waste using filters. So far, in our laboratory tests, we have successfully recovered about 80% of the gallium, indium, and tantalum from e-waste, at purities between 95% and 97%. We have also demonstrated how it can be integrated with existing recycling processes. Why the Department of Defense is interested Our recycling technology got its start with help from a program funded by the Defense Department’s Advanced Research Projects Agency, or DARPA. Many important technologies, from radar systems to nuclear reactors, depend on these special materials. While the Department of Defense uses less of them than the commercial market, they are a national security concern. We’re planning to launch larger pilot projects next to test the method on smartphone circuit boards, LED lighting parts, and server cards from data centers. These tests will help us fine-tune the design for a bigger system that can recycle tons of e-waste per hour instead of just a few pounds. That could mean producing up to 50 pounds of these critical minerals per hour from every ton of e-waste processed. If the technology works as expected, we believe this approach could help meet the nation’s demand for critical materials. How to make e-waste recycling common One way e-waste recycling could become more common is if Congress held electronics companies responsible for recycling their products and recovering the critical materials inside. Closing loopholes that allow companies to ship e-waste overseas, instead of processing it safely in the U.S., could also help build a reserve of recovered critical minerals. But the biggest change may come from simple economics. Once technology becomes available to recover these tiny but valuable specks of critical materials quickly and affordably, the U.S. can transform domestic recycling and take a big step toward solving its shortage of critical materials. Terence Musho is an associate professor of engineering at West Virginia University. This article is republished from The Conversation under a Creative Commons license. Read the original article.

Smart TVs, take note Breaking down why Apple TVs are privacy advocates’ go-to streaming device Using the Apple TV app or an Apple account means giving Apple more data, though. Scharon Harding – Jun 1, 2025 7:35 am | 22 Credit: Aurich Lawson | Getty Images Credit: Aurich Lawson | Getty Images Story text Size Small Standard Large Width * Standard Wide Links Standard Orange * Subscribers only   Learn more Every time I write an article about the escalating advertising and tracking on today's TVs, someone brings up Apple TV boxes. Among smart TVs, streaming sticks, and other streaming devices, Apple TVs are largely viewed as a safe haven. "Just disconnect your TV from the Internet and use an Apple TV box." That's the common guidance you'll hear from Ars readers for those seeking the joys of streaming without giving up too much privacy. Based on our research and the experts we've consulted, that advice is pretty solid, as Apple TVs offer significantly more privacy than other streaming hardware providers. But how private are Apple TV boxes, really? Apple TVs don't use automatic content recognition (ACR, a user-tracking technology leveraged by nearly all smart TVs and streaming devices), but could that change? And what about the software that Apple TV users do use—could those apps provide information about you to advertisers or Apple? In this article, we'll delve into what makes the Apple TV's privacy stand out and examine whether users should expect the limited ads and enhanced privacy to last forever. Apple TV boxes limit tracking out of the box One of the simplest ways Apple TVs ensure better privacy is through their setup process, during which you can disable Siri, location tracking, and sending analytics data to Apple. During setup, users also receive several opportunities to review Apple's data and privacy policies. Also off by default is the boxes' ability to send voice input data to Apple. Most other streaming devices require users to navigate through pages of settings to disable similar tracking capabilities, which most people are unlikely to do. Apple’s approach creates a line of defense against snooping, even for those unaware of how invasive smart devices can be. Apple TVs running tvOS 14.5 and later also make third-party app tracking more difficult by requiring such apps to request permission before they can track users. "If you choose Ask App Not to Track, the app developer can’t access the system advertising identifier (IDFA), which is often used to track," Apple says. "The app is also not permitted to track your activity using other information that identifies you or your device, like your email address." Users can access the Apple TV settings and disable the ability of third-party apps to ask permission for tracking. However, Apple could further enhance privacy by enabling this setting by default. The Apple TV also lets users control which apps can access the set-top box's Bluetooth functionality, photos, music, and HomeKit data (if applicable), and the remote's microphone. "Apple’s primary business model isn’t dependent on selling targeted ads, so it has somewhat less incentive to harvest and monetize incredible amounts of your data," said RJ Cross, director of the consumer privacy program at the Public Interest Research Group (PIRG). "I personally trust them more with my data than other tech companies." What if you share analytics data? If you allow your Apple TV to share analytics data with Apple or app developers, that data won't be personally identifiable, Apple says. Any collected personal data is "not logged at all, removed from reports before they’re sent to Apple, or protected by techniques, such as differential privacy," Apple says. Differential privacy, which injects noise into collected data, is one of the most common methods used for anonymizing data. In support documentation (PDF), Apple details its use of differential privacy: The first step we take is to privatize the information using local differential privacy on the user’s device. The purpose of privatization is to assure that Apple’s servers don't receive clear data. Device identifiers are removed from the data, and it is transmitted to Apple over an encrypted channel. The Apple analysis system ingests the differentially private contributions, dropping IP addresses and other metadata. The final stage is aggregation, where the privatized records are processed to compute the relevant statistics, and the aggregate statistics are then shared with relevant Apple teams. Both the ingestion and aggregation stages are performed in a restricted access environment so even the privatized data isn’t broadly accessible to Apple employees. What if you use an Apple account with your Apple TV? Another factor to consider is Apple's privacy policy regarding Apple accounts, formerly Apple IDs. Apple support documentation says you "need" an Apple account to use an Apple TV, but you can use the hardware without one. Still, it's common for people to log into Apple accounts on their Apple TV boxes because it makes it easier to link with other Apple products. Another reason someone might link an Apple TV box with an Apple account is to use the Apple TV app, a common way to stream on Apple TV boxes. So what type of data does Apple harvest from Apple accounts? According to its privacy policy, the company gathers usage data, such as "data about your activity on and use of" Apple offerings, including "app launches within our services...; browsing history; search history; [and] product interaction." Other types of data Apple may collect from Apple accounts include transaction information (Apple says this is "data about purchases of Apple products and services or transactions facilitated by Apple, including purchases on Apple platforms"), account information ("including email address, devices registered, account status, and age"), device information (including serial number and browser type), contact information (including physical address and phone number), and payment information (including bank details). None of that is surprising considering the type of data needed to make an Apple account work. Many Apple TV users can expect Apple to gather more data from their Apple account usage on other devices, such as iPhones or Macs. However, if you use the same Apple account across multiple devices, Apple recognizes that all the data it has collected from, for example, your iPhone activity, also applies to you as an Apple TV user. A potential workaround could be maintaining multiple Apple accounts. With an Apple account solely dedicated to your Apple TV box and Apple TV hardware and software tracking disabled as much as possible, Apple would have minimal data to ascribe to you as an Apple TV owner. You can also use your Apple TV box without an Apple account, but then you won't be able to use the Apple TV app, one of the device's key features. Data collection via the Apple TV app You can download third-party apps like Netflix and Hulu onto an Apple TV box, but most TV and movie watching on Apple TV boxes likely occurs via the Apple TV app. The app is necessary for watching content on the Apple TV+ streaming service, but it also drives usage by providing access to the libraries of many (but not all) popular streaming apps in one location. So understanding the Apple TV app’s privacy policy is critical to evaluating how private Apple TV activity truly is. As expected, some of the data the app gathers is necessary for the software to work. That includes, according to the app's privacy policy, "information about your purchases, downloads, activity in the Apple TV app, the content you watch, and where you watch it in the Apple TV app and in connected apps on any of your supported devices." That all makes sense for ensuring that the app remembers things like which episode of Severance you're on across devices. Apple collects other data, though, that isn't necessary for functionality. It says it gathers data on things like the "features you use (for example, Continue Watching or Library)," content pages you view, how you interact with notifications, and approximate location information (that Apple says doesn't identify users) to help improve the app. Additionally, Apple tracks the terms you search for within the app, per its policy: We use Apple TV search data to improve models that power Apple TV. For example, aggregate Apple TV search queries are used to fine-tune the Apple TV search model. This data usage is less intrusive than that of other streaming devices, which might track your activity and then sell that data to third-party advertisers. But some people may be hesitant about having any of their activities tracked to benefit a multi-trillion-dollar conglomerate. Data collected from the Apple TV app used for ads By default, the Apple TV app also tracks "what you watch, your purchases, subscriptions, downloads, browsing, and other activities in the Apple TV app" to make personalized content recommendations. Content recommendations aren't ads in the traditional sense but instead provide a way for Apple to push you toward products by analyzing data it has on you. You can disable the Apple TV app's personalized recommendations, but it's a little harder than you might expect since you can't do it through the app. Instead, you need to go to the Apple TV settings and then select Apps > TV > Use Play History > Off. The most privacy-conscious users may wish that personalized recommendations were off by default. Darío Maestro, senior legal fellow at the nonprofit Surveillance Technology Oversight Project (STOP), noted to Ars that even though Apple TV users can opt out of personalized content recommendations, "many will not realize they can." Apple can also use data it gathers on you from the Apple TV app to serve traditional ads. If you allow your Apple TV box to track your location, the Apple TV app can also track your location. That data can "be used to serve geographically relevant ads," according to the Apple TV app privacy policy. Location tracking, however, is off by default on Apple TV boxes. Apple's tvOS doesn't have integrated ads. For comparison, some TV OSes, like Roku OS and LG's webOS, show ads on the OS's home screen and/or when showing screensavers. But data gathered from the Apple TV app can still help Apple's advertising efforts. This can happen if you allow personalized ads in other Apple apps serving targeted apps, such as Apple News, the App Store, or Stocks. In such cases, Apple may apply data gathered from the Apple TV app, "including information about the movies and TV shows you purchase from Apple, to serve ads in those apps that are more relevant to you," the Apple TV app privacy policy says. Apple also provides third-party advertisers and strategic partners with "non-personal data" gathered from the Apple TV app: We provide some non-personal data to our advertisers and strategic partners that work with Apple to provide our products and services, help Apple market to customers, and sell ads on Apple’s behalf to display on the App Store and Apple News and Stocks. Apple also shares non-personal data from the Apple TV with third parties, such as content owners, so they can pay royalties, gauge how much people are watching their shows or movies, "and improve their associated products and services," Apple says. Apple's policy notes: For example, we may share non-personal data about your transactions, viewing activity, and region, as well as aggregated user demographics[,] such as age group and gender (which may be inferred from information such as your name and salutation in your Apple Account), to Apple TV strategic partners, such as content owners, so that they can measure the performance of their creative work [and] meet royalty and accounting requirements. When reached for comment, an Apple spokesperson told Ars that Apple TV users can clear their play history from the app. All that said, the Apple TV app still shares far less data with third parties than other streaming apps. Netflix, for example, says it discloses some personal information to advertising companies "in order to select Advertisements shown on Netflix, to facilitate interaction with Advertisements, and to measure and improve effectiveness of Advertisements." Warner Bros. Discovery says it discloses information about Max viewers "with advertisers, ad agencies, ad networks and platforms, and other companies to provide advertising to you based on your interests." And Disney+ users have Nielsen tracking on by default. What if you use Siri? You can easily deactivate Siri when setting up an Apple TV. But those who opt to keep the voice assistant and the ability to control Apple TV with their voice take somewhat of a privacy hit. According to the privacy policy accessible in Apple TV boxes' settings, Apple boxes automatically send all Siri requests to Apple's servers. If you opt into using Siri data to "Improve Siri and Dictation," Apple will store your audio data. If you opt out, audio data won't be stored, but per the policy: In all cases, transcripts of your interactions will be sent to Apple to process your requests and may be stored by Apple. Apple TV boxes also send audio and transcriptions of dictation input to Apple servers for processing. Apple says it doesn't store the audio but may store transcriptions of the audio. If you opt to "Improve Siri and Dictation," Apple says your history of voice requests isn't tied to your Apple account or email. But Apple is vague about how long it may store data related to voice input performed with the Apple TV if you choose this option. The policy states: Your request history, which includes transcripts and any related request data, is associated with a random identifier for up to six months and is not tied to your Apple Account or email address. After six months, you request history is disassociated from the random identifier and may be retained for up to two years. Apple may use this data to develop and improve Siri, Dictation, Search, and limited other language processing functionality in Apple products ... Apple may also review a subset of the transcripts of your interactions and this ... may be kept beyond two years for the ongoing improvements of products and services. Apple promises not to use Siri and voice data to build marketing profiles or sell them to third parties, but it hasn't always adhered to that commitment. In January, Apple agreed to pay $95 million to settle a class-action lawsuit accusing Siri of recording private conversations and sharing them with third parties for targeted ads. In 2019, contractors reported hearing private conversations and recorded sex via Siri-gathered audio. Outside of Apple, we've seen voice request data used questionably, including in criminal trials and by corporate employees. Siri and dictation data also represent additional ways a person's Apple TV usage might be unexpectedly analyzed to fuel Apple's business. Automatic content recognition Apple TVs aren't preloaded with automatic content recognition (ACR), an Apple spokesperson confirmed to Ars, another plus for privacy advocates. But ACR is software, so Apple could technically add it to Apple TV boxes via a software update at some point. Sherman Li, the founder of Enswers, the company that first put ACR in Samsung TVs, confirmed to Ars that it's technically possible for Apple to add ACR to already-purchased Apple boxes. Years ago, Enswers retroactively added ACR to other types of streaming hardware, including Samsung and LG smart TVs. (Enswers was acquired by Gracenote, which Nielsen now owns.) In general, though, there are challenges to adding ACR to hardware that people already own, Li explained: Everyone believes, in theory, you can add ACR anywhere you want at any time because it's software, but because of the way [hardware is] architected... the interplay between the chipsets, like the SoCs, and the firmware is different in a lot of situations. Li pointed to numerous variables that could prevent ACR from being retroactively added to any type of streaming hardware, "including access to video frame buffers, audio streams, networking connectivity, security protocols, OSes, and app interface communication layers, especially at different levels of the stack in these devices, depending on the implementation." Due to the complexity of Apple TV boxes, Li suspects it would be difficult to add ACR to already-purchased Apple TVs. It would likely be simpler for Apple to release a new box with ACR if it ever decided to go down that route. If Apple were to add ACR to old or new Apple TV boxes, the devices would be far less private, and the move would be highly unpopular and eliminate one of the Apple TV's biggest draws. However, Apple reportedly has a growing interest in advertising to streaming subscribers. The Apple TV+ streaming service doesn't currently show commercials, but the company is rumored to be exploring a potential ad tier. The suspicions stem from a reported meeting between Apple and the United Kingdom's ratings body, Barb, to discuss how it might track ads on Apple TV+, according to a July report from The Telegraph. Since 2023, Apple has also hired several prominent names in advertising, including a former head of advertising at NBCUniversal and a new head of video ad sales. Further, Apple TV+ is one of the few streaming services to remain ad-free, and it's reported to be losing Apple $1 billion per year since its launch. One day soon, Apple may have much more reason to care about advertising in streaming and being able to track the activities of people who use its streaming offerings. That has implications for Apple TV box users. "The more Apple creeps into the targeted ads space, the less I’ll trust them to uphold their privacy promises. You can imagine Apple TV being a natural progression for selling ads," PIRG's Cross said. Somewhat ironically, Apple has marketed its approach to privacy as a positive for advertisers. "Apple’s commitment to privacy and personal relevancy builds trust amongst readers, driving a willingness to engage with content and ads alike," Apple's advertising guide for buying ads on Apple News and Stocks reads. The most private streaming gadget It remains technologically possible for Apple to introduce intrusive tracking or ads to Apple TV boxes, but for now, the streaming devices are more private than the vast majority of alternatives, save for dumb TVs (which are incredibly hard to find these days). And if Apple follows its own policies, much of the data it gathers should be kept in-house. However, those with strong privacy concerns should be aware that Apple does track certain tvOS activities, especially those that happen through Apple accounts, voice interaction, or the Apple TV app. And while most of Apple's streaming hardware and software settings prioritize privacy by default, some advocates believe there's room for improvement. For example, STOP's Maestro said: Unlike in the [European Union], where the upcoming Data Act will set clearer rules on transfers of data generated by smart devices, the US has no real legislation governing what happens with your data once it reaches Apple's servers. Users are left with little way to verify those privacy promises. Maestro suggested that Apple could address these concerns by making it easier for people to conduct security research on smart device software. "Allowing the development of alternative or modified software that can evaluate privacy settings could also increase user trust and better uphold Apple's public commitment to privacy," Maestro said. There are ways to limit the amount of data that advertisers can get from your Apple TV. But if you use the Apple TV app, Apple can use your activity to help make business decisions—and therefore money. As you might expect from a device that connects to the Internet and lets you stream shows and movies, Apple TV boxes aren't totally incapable of tracking you. But they're still the best recommendation for streaming users seeking hardware with more privacy and fewer ads. Scharon Harding Senior Technology Reporter Scharon Harding Senior Technology Reporter Scharon is a Senior Technology Reporter at Ars Technica writing news, reviews, and analysis on consumer gadgets and services. She's been reporting on technology for over 10 years, with bylines at Tom’s Hardware, Channelnomics, and CRN UK. 22 Comments

Estimating the time required to complete a task is riddled with pitfalls.Let’s start with two key concepts you must understand — after managing and designing projects for over 20 years, I’ve seen these patterns play out again and again.Hofstadter’s lawHofstadter’s law is a self-referential adage about time that goes like this:“It always takes longer than you expect, even when you take into account Hofstadter’s law.”This law highlights how difficult it is to accurately estimate the time required to complete complex tasks. Its recursive nature reflects the widespread experience that, no matter how complex a task appears, calculating the time needed is hard, even with our best efforts. (See the header image.)Why is that?Optimism biasThe main reason stems from the tendency known as optimism bias — the inclination to be overly optimistic and thus overestimate favorable outcomes. In fact, we tend to overestimate our own abilities as well.It’s worth noting that this bias is actually quite necessary for humans: without it, we wouldn’t take risks, start businesses, or grow. However, when it comes to estimation, it can seriously backfire. This phenomenon naturally leads to…Planning fallacyOverly optimistic forecasts about the outcomes of plans are almost everywhere. Daniel Kahneman and Amos Tversky introduced the term planning fallacy to describe how we consistently underestimate the necessary resources (money, time) when planning complex projects. This phenomenon pushes us toward optimistic planning. Unsurprisingly, we’re much more realistic when reviewing someone else’s plan.In short:We overestimate favorable outcomes and our abilities, and we underestimate the required resources and constraints.What can we do?As I mentioned earlier, I’ll share how I personally handle this. The phenomenon is not new, and there are countless methods available.2x + 15 ruleFor smaller tasks (~1–20 hours), I use this technique. I look at the task, estimate the number of hours, double it, and add 15 minutes. The extra 15 minutes is to get started and immerse yourself in the task. Most of the time, it works quite well and is incredibly simple.Hofstadter multiplierMy teammates track and record the actual time spent on tasks, which is useful for several reasons. First, it helps everyone gain experience with how long typical tasks take, which they can then compare to their own estimates, improving their estimation skills. Second, you can determine your own — or a particular person’s — so-called Hofstadter multiplier. We’re all different, so this is a more advanced, personalized version of the 2x + 15 rule.Complex projectsThe earlier solutions work well for simpler tasks, but complex projects require additional considerations. But first, it’s important to clarify one question:How much energy can you, or do you want to, invest in the estimate/proposal?From there, more questions arise:Is it a rough indicative proposal or a detailed, itemized one?What inputs, expertise, and professionals are needed for the estimate?Is all necessary information available?How much capacity do you have (if any) for the estimation and/or execution?Do you realistically have a chance of winning the work? :)Your answers to these questions will influence the path you choose.Going back to the planning fallacy for a moment: it can be mitigated by involving a third party or by relying on real data from similar past projects.That’s why it’s crucial to keep precise records of the time spent on every task so that the data is available later.You will log the time for every task. — Obi-Wan KenobiMoving on…In an ideal world, the best approach is for the team that will actually execute the project to estimate it together. But consider how much it costs if a 4–5 person team individually reviews and interprets the materials, discusses them together, collects missing information, breaks down the project into items, and estimates each one using some method. It’s incredibly time-consuming and expensive.Therefore, as a substitute, it’s good to have an experienced person who’s seen many projects and/or to rely on actual hours from similar past projects. In this case, you only need to account for the differences and unknowns (the risks) at the time of the proposal. Estimation becomes much simpler, faster, and cheaper.For indicative proposals, I almost always use this latter method, with one important addition: always assume a ±20% variation.Whoa, be careful!It may seem like you’ve done something similar before, but hidden behind the scenes are major differences. This can lead to nasty surprises if you rely on data from nearly similar projects. In such cases, it’s wise to consult multiple external teams to benchmark the work. This helps refine the estimate and creates a healthy competitive environment.And when a detailed, itemized proposal is necessary… There’s no shortcut: you’ll need to apply a methodology. I won’t even attempt to cover this topic here, as there are entire books written about the relevant methodologies.FinallyI’ve been in the product design profession for over 20 years, and I often play the game where, after hearing the requirements, I throw out a number almost off the top of my head. It works surprisingly often, but of course, I wouldn’t even call it indicative. Still, it’s fun.Estimating time for complex projects was originally published in UX Collective on Medium, where people are continuing the conversation by highlighting and responding to this story.