Here’s hoping the retailers offering tasty Cyber Monday deals that caught your eye aren’t having trouble with Shopify. The ecommerce platform is experiencing some issues. According to a support page, some merchants were having trouble logging into the Shopify platform, which was experiencing outages with the checkout and admin systems. Shopify’s point-of-sale (POS), API and mobile and support systems also saw “degraded performance.”
Editor's note (on December 2 10:35AM ET): The outage appears to have been resolved, with Shopify posting on X at 6:11PM yesterday that it “had a system degradation that has now been mitigated.” The statement further clarified that checkout and storefronts remained online during the outage, while admin interfaces were “temporarily unavailable for some merchants.” Also, the outage “briefly extended to POS but was quickly resolved.”
In an update at 12:39PM ET, Shopify wrote “We are continuing to investigate and apply mitigations for the issues with accessing Admins and POS systems.” It added “Some merchants may also see an issue with POS checkouts, due to not being able to access POS systems.”
At 2:31PM ET, the company posted an update to its status page, saying “We have found and fixed an issue with our login authentication flow, and are seeing signs of recovery for admin and POS login issues now. We are continuing to monitor recovery.” You might start to see some services go back to normal, and it should hopefully not impact your holiday shopping too much.
Shopify said in a blog post just last week that it powers 12 percent of ecommerce in the US. Brands including Netflix, Mattel, Supreme, Glossier and Converse are among those that use the platform.
When asked for more details about the outage, Shopify directed Engadget to its status page as well as a tweet posted at 10AM that read, “We're aware of an issue with Admins impacting selected stores, and are working to resolve it.”
We're aware of an issue with Admins impacting selected stores, and are working to resolve it. For the most up-to-date information, please refer to our status page at https://t.co/TcJj5tJNNW. Thank you for your patience.
Somewhat ironically, that very account posted on November 27 that 56 seconds was the average amount of wait time the prior week and that its team was ready to “keep that pace” for the Black Friday/Cyber Monday shopping rush. It has been hours since the outage was first reported this morning.
Update, December 1 2025, 2:48PM ET: This story has been updated to include Shopify’s latest post about resolving a login authentication issue, as well as its tweet from November 27.
Update, December 2 2025, 10:35AM ET: This story has been updated to include an Editor’s note with the latest on the outage, which seems to mostly have been resolved.
This article originally appeared on Engadget at https://www.engadget.com/big-tech/shopify-was-down-for-much-of-cyber-monday-180958407.html?src=rss
Two more Apple products, specifically Maps and Ads, could be big enough to be designated as gatekeepers under the European Union’s Digital Markets Act (DMA). The EU has announced that it has received notifications from the company that those services meet DMA thresholds. It will now have 45 days to decide whether to designate Apple as a gatekeeper for either of them.
Under DMA rules, services that have 45 million monthly active end users and 10,000 yearly business users in the past three financial years can earn the “gatekeeper” designation. That means to say, they’re considered to have a significant impact on their markets. Apple already has several products with the designation, namely the Safari web browser, the iOS and iPadOS, as well as the App Store. As such, it has to adhere to a strict set of rules for those services and is prohibited from favoring its own products over rivals and from locking users into its ecosystem.
Apple has submitted an official rebuttal and will discuss with the EU why Maps and Ads shouldn’t be designated, according to Reuters. The company said Maps sees very limited usage in the EU compared to its competitors, such as Google Maps. It also denied the Apple Ads is a major player in the bloc’s online advertising industry and said that it has minimal share compared to ad services by Google, Meta, TikTok and even X. “We look forward to further explaining to the European Commission why Apple Maps and Apple Ads should not be designated," Apple said in a statement.
This article originally appeared on Engadget at https://www.engadget.com/big-tech/the-eu-says-apple-maps-may-be-big-enough-to-be-considered-a-dma-gatekeeper-130000965.html?src=rss
Fubo has issued a statement on its latest row with NBCUniversal over a carriage dispute involving NBC's most popular channels. This past Friday, NBCU networks went dark on Fubo across both live and on-demand services. Fubo subscribers trying to watch NBC content were met with a message that read, “We are working hard to bring this channel back. We are currently negotiating with NBCUniversal and are hopeful that we’ll bring this channel back to you soon.”
Today, Fubo said it has been engaged in good-faith negotiations with NBCUniversal to renew a content agreement for its networks. Fubo said that NBCU's demands, however, would harm its customers, and that the streaming company has not agreed to the proposed terms.
"NBCU is spinning off some of their cable networks into a new company called Versant on Jan 1, 2026. Despite them not being worth the cost to Fubo subscribers, Fubo offered to distribute Versant channels for one year. NBCU wants Fubo to sign a multi-year deal — well past the time the Versant channels will be owned by a separate company. NBCU wants Fubo subscribers to subsidize these channels," the statement reads.
The statement goes on to accuse NBCU of discriminating against Fubo and its subscribers by allowing YouTube TV and Amazon Prime Video to integrate Peacock into the popular streaming services, while not extending the same rights to Fubo. In a blog post yesterday, Fubo said the terms on pricing and packaging being offered by NBCUniversal were "egregiously above those offered to other distributors."
"Fubo has chosen to drop NBCUniversal programming despite being offered the same terms agreed to by hundreds of other distributors. Unfortunately, this is par for the course for Fubo — they’ve dropped numerous networks in recent years at the expense of their customers, who continue to lose content," an NBCUniversal spokesperson told Engadget when asked to comment on Fubo's accusations.
The company also pointed to ten major drops that Fubo has incurred over the past five years including Discovery networks and AMC. A full list of channels that are still dark on Fubo can be found here.
This article originally appeared on Engadget at https://www.engadget.com/entertainment/streaming/fubo-accuses-nbcuniversal-of-egregious-demands-amid-carriage-dispute-193515241.html?src=rss
A VPN, or virtual private network, is a tool you can use to protect your identity online, change your virtual location, evade censorship, check out foreign streaming services and more. They mostly take the form of commercially available subscription apps, often so simple to operate that all you need to do is press a button to turn them on and off.
While using a VPN is easy in practice, there's a lot going on under the hood. Knowing what's really happening can help you decide which VPN is right for you, then use it more effectively once you've got it. In this guide, I'm going to delve into what a VPN really is, how it works and what you might need one for.
If this article convinces you that you need a VPN — and I hope it does! — I curate a collection of the best VPN deals that I update at least once a week. Head over there to get your VPN shopping started.
What is a VPN?
The name "virtual private network" comes from the initial use of the technology to access restricted networks from off-site — if you work remotely, you probably still use a VPN this way. Those are corporate VPNs, though, from providers like Cisco. Here, we're talking about commercial VPNs sold for individual use.
These services came about when people realized that if you connected to the public internet through a VPN, every server you contacted would see the VPN server instead of your personal computer. The VPN effectively becomes a mask that interacts with the web on your behalf. That's the simple principle underlying every commercial VPN you've seen advertised.
Sam Chapman for Engadget
VPNs like Proton VPN and ExpressVPN operate servers in various locations around the world. When you use their apps, you've got access to all the servers in their network. After you connect, communications between your device and your chosen server are encrypted so nobody can trace your activities back to you. This is called tunneling, and is the main difference between a full VPN and a simple proxy server.
How does a VPN work?
Questions like the above can get into the weeds fast, so I'll be oversimplifying here. VPNs handle encryption in two steps. First, they establish a secure tunnel to your computer or phone, then they send information through it.
The first step — establishing the connection — is called a handshake. It uses asymmetric encryption, where each party has a public and a private key. In a handshake, two parties use public keys to confirm that they are who they say they are, then exchange the keys they'll use for simpler symmetric encryption.
Sam Chapman for Engadget
Once the handshake has confirmed the path between your device and the VPN server, the tunnel is complete. From then on until you disconnect, every packet of data you send will be encrypted before it leaves your device and not decrypted until it reaches the VPN. The same is true in the other direction. Website requests and other data sent between the VPN and your internet service provider (ISP) will not be encrypted, but that's OK — without the information on the first step, it's impossible to identify you behind the VPN.
This is a complicated process, but VPNs use sets of instructions called VPN protocols to run through it near-instantly. A VPN protocol covers encryption and transit using several sets of ciphers. The most common protocols these days are OpenVPN, WireGuard and IKEv2/IPSec, though many VPN services have their own proprietary protocols as selling points.
What are the benefits of using a VPN?
Although the above process happens mostly in the background, it does tax your internet connection a little. The best VPNs keep impacts to a minimum, but you may notice a drop in speed, plus higher latencies when connecting to servers far away. So, what benefits do you get in exchange for all that?
Anonymity
The first and biggest boon is near-total anonymity. In 2021, the Federal Trade Commission (FTC) put out a comprehensive report on everything your ISP knows about you — confirming that nearly every ISP gets a second profit stream from selling information on your online activities. In essence, they're making you pay them for the right to hose your own privacy. But a VPN lets you strike back.
Since you connect to the VPN server before your ISP ever clocks you (let alone your destination websites), your computer and modem broadcast no information about who you really are. Anyone can see what you're doing, but they'll only see the VPN server doing it. And hiding your IP address is vital — lots of people (not just ISPs) can deduce a shocking amount about you with no other information, including your real location.
Prevent ISP speed throttling
Speed isn't normally one of the benefits of a VPN, but in some specific cases, you might get faster internet. ISPs occasionally throttle the speeds of certain users they perceive as using too much bandwidth. This can happen to you, whether or not the charge is accurate. Using a VPN can get around the slowdown, since the ISP can't identify you to throttle you. Just note you still can't go faster than your unprotected internet speed.
Public Wi-Fi safety
A VPN can also keep you safe when using public Wi-Fi. On an unsecured Wi-Fi network — the sort you often find in cafes, hotel lobbies and other public buildings — hackers can spy on you through various vulnerabilities, or even set up fake networks (called "rogue hotspots") to capture your information. If your connection with the network is encrypted, the criminal's window of opportunity slams shut.
Get around content blocks and firewalls
The other most important thing a VPN can do is to change your virtual location. IP addresses are keyed to specific locations — some to countries or regions, and some to networks as small as one building. Authorities can use this to restrict internet access on the networks they control. This can vary in scale, from your school or workplace blocking certain content, all the way up to the nation-level firewalls in China, Saudi Arabia and other countries.
Remember, though, that your internet goes to the VPN before it goes anywhereelse. If your school's internet blocks some sites, you could get on a VPN server and the school's firewall won't know you're connecting from inside. This even works with countries (though not always). By connecting to a server outside the sphere of oppression, you can organize activism online even when the government doesn't want you to.
Sam Chapman for Engadget
Of course, you can also use this trick for fun by checking out other countries' streaming libraries, viewing local exclusive events or protecting you while you download a torrent file. The key takeaway is that VPNs are versatile, and can be used for casual entertainment, life-and-death anonymity or both at once.
Will a VPN keep me completely safe online?
VPNs are a huge positive for individual privacy rights, but just having one doesn't mean you can ignore your online safety. It's better to think of VPNs as one part of a comprehensive strategy.
A VPN keeps you anonymous, prevents you from being tracked and changes your location to bypass censorship. However, it can't directly protect you from downloading malware, falling for a phishing scam, oversharing information on social media, using an easily guessed password or getting your phone stolen in real life.
There's one key difference between threats a VPN can prevent and those it can't: A VPN only protects you from being spied on without your consent. If all you're doing is browsing on a network, a VPN keeps you concealed. But today's malefactors have all sorts of tricks to get you to give your consent. Websites spam message windows until you click "allow cookies." Hackers send phishing emails and make you click links that download malware. And so on.
Can VPNs be trusted?
There's also one other critical point. Even if a VPN keeps you completely anonymous, the VPN itself can still tie your identity to what you do online. That's why VPNs all claim to have "strict no-logging policies" or something similar — they're promising not to abuse their access.
Naturally, some do anyway. A VPN can be sued if it breaks its own privacy policy, but many escape liability by leaving just enough leeway that they technically aren't in violation. The best way to determine if you can trust a VPN is to look at its history. How long has it been operating? Has it ever mishandled or profited off customer data in that time? On the other hand, has it ever been raided by police who then found nothing, bolstering its claim to not keep logs?
An excerpt from the privacy policy of Private Internet Access.
Sam Chapman for Engadget
Some of the most trustworthy VPNs take technical steps to guarantee that they aren't logging user activity. Many use RAM-only or diskless servers that automatically delete any logs. Proton VPN goes even farther, using full-disk encryption to render any logs unreadable (even if they did exist). These services back their claims up with independent audits from reliable firms.
Bottom line: A VPN is no substitute for common sense, threat awareness and a suite of strong security tools. It'll work best alongside a password manager, virus scanner and two-factor authentication.
Are VPNs legal?
VPNs are legal in every free country on Earth. While the UK recently suggested that a VPN ban was "on the table" to enforce its age verification laws, and the US states of Wisconsin and Michigan are considering bans in various forms, no democracy has yet outlawed VPN usage.
The countries that do ban VPNs are the ones you'd probably expect — those with deep-rooted internet censorship regimes that VPN use might threaten. Belarus, Iraq, Myanmar, North Korea and Turkmenistan have made all VPNs illegal. In China, Russia, the United Arab Emirates, Oman, Uganda and Iran, only state-approved VPNs are permitted, and services that get approved tend to have government backdoors.
Other countries heavily restrict VPNs without banning them altogether, including Turkey and Pakistan. In India, VPNs are legal, but the law requires them to keep logs of user activities. The law's passage in 2022 led many VPNs to pull their servers from India and replace them with virtual locations.
Finally, there are countries like Egypt where using a VPN is legal, but you'll face extra penalties if you're caught using one to commit a crime. Also, it should go without saying, but VPNs don't make crime legal. If something is illegal without a VPN, it's illegal with a VPN, even if VPNs themselves are allowed in your state and country.
Are VPNs free?
Some of them are, but many of them are dangerous. If you've just been faced with a new threat to your online freedom — like, say, the UK's new age restriction laws — it can be tempting to jump to a free VPN to solve the problem quickly.
But free VPNs are easy to hack together, and app stores rarely probe them for violations before listing them. I frequently see free VPNs that either don't work, track you for ad sales or even sneak malware onto your computer. Another big problem is that many of these shovelware VPNs are all secretly run by the same monolithic entities.
Sam Chapman for Engadget
The best free VPNs are free plans offered by paid services. With subscription fees supporting the free tier, you don't need to worry that the real money comes from selling your information to advertisers. Proton VPN, hide.me, Windscribe, TunnelBear and PrivadoVPN all fall into this category. None of them show you ads, but they're all restricted in other ways, whether by the amount you can use the VPN per month, the speeds you'll get or the servers you can access.
Do I need a VPN?
If you use the internet — which you must, if you're reading this — you'll benefit from a VPN. To determine what you'll need it for, though, ask yourself the following questions. If you answer yes to any of them, think about subscribing to a VPN to address the problem in question.
Do you feel strongly about whether your ISP and other third parties can see what you do online and use that information for profit?
Do you live in a place where the law prevents you from freely using the internet and/or forbids certain platforms?
Have online freedoms been temporarily suspended in your country because of unrest?
Are you planning to travel to a country with restrictive internet laws?
Do you normally use the internet on a network that restricts access to certain sites?
Do you use the internet for any tasks that would risk your own safety or someone else's if exposed?
Do you often get online through public Wi-Fi networks or networks without passwords?
Are you concerned that your ISP is throttling your internet speeds?
Do you want to watch TV shows and movies that aren't available in your country on the streaming services you're subscribed to?
Do you want to watch events that are limited to specific regions, such as local sports?
Do you enjoy looking in various regions for better deals on products you want?
Are you an online gamer concerned about doxxing and/or DDoS attacks from sore losers?
Different VPNs have features that make them better at various tasks from the lists above. However, the providers on my best VPN list are good at just about everything. Proton VPN is my favorite for its balance of speed, design and anonymity, but ExpressVPN is another excellent choice if you're willing to pay more for fantastic ease of use. Surfshark is the fastest VPN I've tested this year, while NordVPN has a great set of features.
This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/vpn/what-is-a-vpn-and-what-can-you-do-with-one-161549146.html?src=rss
Google is getting ready to spend $40 billion to increase its data center footprint in Texas. In an announcement posted on its website, Google said it's planning to build more infrastructure for its cloud and artificial intelligence operations in the state. The plans call for three new data centers, one in Armstrong County and two in Haskell County, according to Google.
According to a press release from Texas Governor Greg Abbott, this is Google's largest investment in any US state. The tech giant's investment in the Lone Star State dates back to 2019, when it built a data center in Midlothian, Texas. Google later expanded its presence in the state with the development of another data center in Red Oak, bringing the company's total investment into Texas to $2.7 billion. According to Google, the latest $40 billion investment will be made through 2027.
Google isn't the only major tech company developing more AI infrastructure in the US. Earlier this year, NVIDIA announced plans to build manufacturing space for AI supercomputers in Houston and Dallas. More recently, Meta said it would invest $600 billion to build AI data centers across the US without specifying which states.
This article originally appeared on Engadget at https://www.engadget.com/big-tech/google-plans-to-invest-40-billion-towards-building-data-centers-in-texas-183056066.html?src=rss
Amazon is making its satellite communication network a bit more official with a rebrand. The company has announced that Project Kuiper will now be called "Amazon Leo," a nod to the fact that its network is composed of satellites in low Earth orbit.
Project Kuiper's journey to becoming a proper Amazon brand has been a long one. The company introduced the project in 2019 with the goal of offering internet in regions without a reliable connection, through a proposed constellation of over 3,000 satellites that could blanket 95 percent of the global population in high-speed internet. That constellation has yet to fully take shape, however. In the years following the Project Kuiper reveal, Amazon launched prototype satellites, detailed plans for a space laser mesh network and showed off the antennas customers will use to connect to its network, but it didn't actually launch the first 27 satellites in its constellation until April 2025.
In comparison, its competitor Starlink has had a much faster expansion. SpaceX launched the Starlink satellite internet service in beta in 2020, and has rapidly expanded it since then. Now SpaceX has a deal with T-Mobile for satellite-enabled texting, and has struck up partnerships with airlines to test or offer internet connection on flights. Rebranding Project Kuiper to Leo suggests Amazon is finally ready to think about its satellite network as a product in its own right, but the company still has some catching up to do.
Amazon hasn't shared a date for when its satellite internet service will be widely available for personal and commercial use, but you can sign-up on the Amazon Leo website to receive updates as the company works towards launch.
This article originally appeared on Engadget at https://www.engadget.com/science/space/amazon-rebrands-its-starlink-competitor-to-amazon-leo-214453569.html?src=rss
WhatsApp is following in the footsteps of fellow Meta-owned companies, Instagram and Facebook. The European Commission will give WhatsApp's open channels the designation of Very Large Online Platform (VLOP) under the Digital Services Act (DSA), Bloomberg reports. The Commission has yet to make a public announcement on the matter, but has reportedly told Meta.
This label gives the EU greater regulatory power over WhatsApp in areas such as content moderation and data sharing. WhatsApp will also need to conduct an annual independent audit and have transparent advertising practices, among other mandates.
The new label isn't exactly a surprise. In February, WhatsApp announced that it had averaged about 46.8 million EU users in the second half of 2024. The DSA states that the VLOP designation should be given when a platform exceeds 45 million monthly EU users.
This designation will strictly be for WhatsApp's open channels feature. Individual messaging should not be impacted in any way and should remain private between the parties involved. Alongside Facebook and Instagram, WhatsApp joins companies such as Amazon, Google and ByteDance in the VLOP designation.
This article originally appeared on Engadget at https://www.engadget.com/big-tech/whatsapp-will-reportedly-face-further-eu-regulation-150037042.html?src=rss
There's a fundamental question you can ask of both the internet and real life: "How do I enjoy my time here without taking unnecessary risks?" In grass-touching meatspace, you can cut out processed foods, carry pepper spray and avoid skydiving without a partner.
But the best methods for staying safe online aren't as intuitive. The internet is a massive town square where people are constantly bellowing deeply personal facts about themselves. It's no surprise that it's become a breeding ground for scams, theft and other criminal activity.
Given the breadth of dangers, it may feel easier to throw up your hands and say that whatever happens will happen. I'm here to tell you, though, that cybersecurity doesn't have to be complex, difficult or time-consuming. You don't need to be a hacker to foil a hacker — you only have to take advantage of simple tips and free apps designed to make you safer online. Whether you commit to all 12 detailed here or only focus on one, you'll be much more secure for it.
1. Install security updates immediately
One of the most important things you can do to ensure your digital security is to install all software updates as soon as they become available on your devices. When you see the notification, don't wait — train yourself to download the update immediately.
Not all software updates are about security, but the ones that are form your best line of defense against technical hacks. When developers discover a flaw that can be exploited, they ship an update to fix it. By the time the flaw gets patched, chances are very high that hackers also know about it, so any time lost means you could be the next to get exploited.
As you go down this list, you'll learn that cybersecurity threats are less technical than you think. To counter the ones that are, however, there's nothing more important you can do than install security updates.
2. Use strong passwords
Weak, easily guessed passwords are one of the most frequent causes of data breaches and malware attacks. If a password is one of the ten or so most common, an attacker may be able to guess it with no other information. If it's connected to you — your birthday, say, or mother's maiden name — it may be guessable from information anyone can look up online.
Even if your password is a random string of characters, it might still be guessable if it's too short. Hackers can use programs to guess all possible combinations and try each one on a target account. The longer a password is, the more exponentially difficult it is to guess.
SEAN GLADWELL via Getty Images
That means you need passwords that are both long and meaningless to you. You might rightly complain that these are bastards to remember, but you're in luck: password managers can do that for you. A password manager app or browser extension can create passwords when you need them, store them securely and fill them in automatically. All you have to remember is the one master password that unlocks all the others.
3. Set up two-factor authentication
Even the strongest password might get revealed through no fault of your own, like if it's stored without encryption and leaked in a data breach. That's why it helps to have two-factor authentication (2FA), also known as multi-factor authentication (MFA), as a second secure layer on every account.
You probably already know 2FA as the irritating extra step that makes you go get your phone — but that's not the only way to do it. Many apps, including Google and Apple, now let you log in through passkeys. These not only don't require you to enter a code or password, but use asymmetric encryption, sharing credentials between your device and the service that runs the passkeys. It's a lot quicker for you, and leaves nothing to steal.
4. Back everything up
Ransomware and its cousins are a growth industry within the cybercrime economy. These attacks corrupt your files or lock you out of them until you pay a fee to get them back. The easiest way to foil a ransomware attack, or to clear any other kind of malware off a device, is to restore the entire system from the most recent backup.
To make sure you actually have a backup, experts recommend the 3-2-1 rule: three different backups, on two different types of storage, with at least one physically distant from the main system. For example, you could have one backup on another device in your house, one in the cloud and one on a portable hard drive. Automatic backup services can save disk images for you at set intervals so you don't have to remember to do it yourself.
5. Learn to spot social engineering
Despite all the technobabble flying around the cybersecurity world, a great many scams and hacks are accomplished through methods a 19th-century con artist would recognize. Scammers pose as experts or authority figures to gain your trust, and use frightening language to bypass your critical thinking. Ticking clocks, emotional manipulation and fake identities are all in the toolbox.
Alex Cristi via Getty Images
Take phishing, in which hackers trick you into giving up your information willingly. A typical phishing email might pose as a bank, credit bureau or other authoritative service. In red letters, it may demand your bank password or social security number to immediately fix an irregularity with your account. Other common approaches include warning you about speeding tickets you never incurred or sending receipts for subscriptions you never bought.
Social engineering attacks are constantly evolving, but they often fall back on the same strategies. The best way to foil them is to take a deep breath every time you receive a frightening email or text message, then research it in detail: look up the email address, check the visual design to make sure the sender is who they claim to be, and ask yourself if there's any way the message could be true. I highly recommend working through this phishing quiz — it's tough, but fair, and extremely educational.
6. Always check links before clicking
This is a companion to the previous tip. Social engineering scams don't always try to get you to give up information yourself. They also get you to click on links that put secret malware on your device — like keyloggers that watch you type your passwords or ransomware programs that corrupt your files.
If you're ever not sure about an email attachment or a link you're being asked to click, copy the link (without opening it) and paste it into a URL checker like this one from NordVPN. These free tools can tell you if a link is associated with any known malware domains.
Sam Chapman for Engadget
You can also mouse over any link, then look at the bottom-left of your browser to see what URL it will take you to. If an email is from your bank, any links within it should go to your bank's website. If it's going anywhere else, especially to an unidentifiable string of characters, be suspicious.
A related tip is to never copy and paste something into your URL bar if you aren't absolutely sure of what it will do. Social engineering doesn't always get you to click the link — sometimes attackers leave it un-hyperlinked so mousing over it doesn't reveal anything. This also goes for the command modules on desktop and laptop computers. In a recent documented attack, hackers convinced AI chatbots to suggest a command that gave them root access to the victim's device. Never copy-paste anything into the command window without verifying it first, especially if an AI told you to do it.
7. Don't overshare
Over the last two decades, lots of us have gotten into the habit of dumping all sorts of personal information on social media. This trend has supercharged the scam economy. It may seem harmless to broadcast the names of your kids or the dates you'll be on vacation, but every piece of data you put into the world makes it easier for a stranger to get hooks into you.
For example, "grandparent scams" are on the rise right now. Grifters contact a target, usually a senior, pretending to be their grandchild. They'll claim to be in a crisis and need money fast. The more information they have on their target, the more convincing their tale of woe will be. Social media is a prime place to study a potential victim.
Oversharing can also be a compounding problem. If you use weak passwords, your public information can be used to guess your credentials or answer your security questions. So, if you don't have a password manager yet, think twice before you engage with that quiz post on Facebook that asks for the name of your childhood pet.
8. Use a VPN
I'm a big booster of virtual private networks (VPNs), but it's important to be realistic about what they can and can't do. Even the best VPNs aren't total cybersecurity solutions — you can't just set one and assume you're safe forever. A VPN can't protect you if you use easily guessed passwords, for example, or click on a malware link. It's about hiding your identity, not making you invulnerable.
So what can a VPN do? In short, it replaces your IP address (a fingerprint that identifies you online) with another IP address, belonging to a server owned by the VPN. The VPN server does business with the internet on your behalf, while its conversations with your device are encrypted so it can't be traced back to you.
Sam Chapman for Engadget
This means no third party can connect your online actions with your real-world identity. Nobody will be harvesting data on the websites you visit to sell to advertisers, nor building a file on you that an unscrupulous government might misuse. VPNs also protect you from fake public Wi-Fi networks set up by cybercriminals — even if a hacker tricks you with a man-in-the-middle attack, they can't do much without your real IP address.
Many top VPNs, including my top pick Proton VPN, include ad blockers that can also keep cookies and tracking pixels from latching onto you. So, even if a VPN can't do everything, you'll be far safer and more private with one than without one. If you don’t want to pay for a new subscription right now, I've also compiled a list of the best free VPNs that are actually safe to use.
9. Run regular virus scans
The most important time to look for malware is when you're downloading a file from the internet. Not only can unwanted apps hitch rides on seemingly safe files, but links can start downloads in secret, even if you don't think they're meant to be downloading anything. A solid antivirus program can catch malware as it arrives on your system, and if it's uncertain, can lock suspicious files in quarantine until it knows whether they're safe or not.
Dedicated antivirus apps are sometimes even capable of catching malware that hasn't been seen or used yet. AV software uses machine learning to identify the common patterns of malware, filtering out new viruses that behave like old ones.
But what about malware that's already gotten through the perimeter? An antivirus app can also check your computer at set intervals in search of unwanted apps, including those that might be masquerading as system files. Windows computers now come pre-installed with Windows Defender, which is enough to handle most of these tasks, but I recommend at least one anti-malware program on any device.
10. Use email maskers and private search engines
If you're concerned about your information being misused or mishandled, remember that the less you put out into the world, the less danger you're in. Keeping your private data off social media is one important step, but there are other ways your data gets disseminated — and other options for responding.
For example, you often need an email address to sign up for an online account. If you use your real email, your contact information is now floating around online, increasing the chance of someone using it to scam you (or at least adding you to mailing lists you never signed up for). To stay safe, use an email masker. These services give you a fake email address you can use to create accounts, which automatically forwards messages to your real address.
Sam Chapman for Engadget
Search engines, especially Google, are also notorious for building profiles on users by watching the terms they search for. You can dodge that by switching to a private search engine like DuckDuckGo, which doesn't track anything you do — it's funded by non-targeted ad sales on its search results pages, not by selling your data to brokers.
11. Use a data removal service
Speaking of data brokers: unfortunately, if you've been on the internet at any point in the last 10 years without taking intense precautions, your data is probably in the hands of at least one business that makes money by hoarding and selling it. These data brokers range from public-facing, people-search sites to private backend dealers.
Data brokers are poorly regulated and lax about safety. The longer one has your personal information, the more likely it is to leak. The good news is that most brokers (though not all of them) are legally required to delete your data if you ask them to.
However, there are a lot of data brokers out there, and they really want to keep your data. Each one makes opting out harder than uninstalling a Norton product — and hundreds of them may have files on you. To make the process easier, you can use a data removal service like DeleteMe or Surfshark VPN's partner service Incogni.
12. Practice physical security
Let's close out the list by getting a little old school. I've already discussed how many online scams depend on classic con artistry to work. By the same token, physical infiltration and smash-and-grab tactics still pose a threat to cybersecurity.
It doesn't take too much imagination to see how this could work. If you leave your laptop or phone unattended in public, for example, someone might insert a flash drive that loads malware onto the system. In one illustrative case, a thief in the Minneapolis area would loiter in bars, watch people unlock their phones, then steal those phones and unlock them himself.
I'm not saying you need to be paranoid every second you're in public. Just use the same level of caution you'd use to protect your car. Lock your phone with a biometric key so only you can open it, and make sure not to leave any device lying around if it can access your online accounts. And at work, be careful not to let anyone into a secure area if they don't have the proper credentials.
This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/12-steps-you-can-take-right-now-to-be-safer-online-130008335.html?src=rss
Meta said on Friday that it's investing $600 billion in US infrastructure and jobs by 2028. Although the announcement is light on specifics (and heavy on standard Big Tech self-congratulation), it sounds like much of it will go toward AI data centers.
"At Meta, we're focused on creating the next generation of AI products and building personal superintelligence for everyone," the company wrote. "Data centers are crucial to reaching these goals and helping America maintain its technological edge."
If you feel like this isn't the first you've heard of Meta and $600 billion in US spending, you're right. That's the figure Mark Zuckerberg gave during a September White House dinner with Big Tech CEOs. But more memorable was the hot-mic moment later captured between Zuckerberg and President Trump. "Sorry, I wasn't ready," the Meta CEO said to the president, referring to his $600 billion pledge. "I wasn't sure what number you wanted to go with."
Meta's announcement today includes figures intended to bolster its claim to be a champion of US infrastructure. The company says that, since 2010, its data centers have "supported over 30,000 skilled trade jobs and 5,000 operational jobs." Meta adds that it's currently bringing over $20 billion to US subcontractors.
As for the "superintelligence" mention, it also surfaced when Zuckerberg announced data center investments in July. That term typically refers to a hypothetical point at which AI surpasses human cognitive abilities. (Steve Wozniak, Geoffrey Hinton and others want it banned until it’s proven safe and controllable.) The company views its AI glasses as a central part of that future. Zuckerberg said in July that anyone without them may eventually suffer from a "pretty significant cognitive disadvantage."
This article originally appeared on Engadget at https://www.engadget.com/ai/meta-says-it-will-invest-600-billion-in-the-us-with-ai-data-centers-front-and-center-195000377.html?src=rss
Google released Gemini’s Deep Research feature in March, a few months after unveiling the tool, giving you the capability to ask the AI chatbot to create comprehensive reports on complex topics. Deep Research uses sources from the web to write reports for you, but now a new update also allows it to pull information from your Gmail, Docs, Drive and Chat. Google says it’s one of the tool’s most requested features, and you’ll be able to take advantage of it in Gemini, even if you’re not paying for a subscription.
With Google’s latest update, Deep Research is now able to use your emails, all the Slides, Docs, Sheets and PDFs in your Drive, as well your chat history as references. That translates to a more personalized report, since Gemini wouldn’t just be using sources from the web. If you ask it to write a marketing analysis for you, for instance, it will take into account your notes, any document your team has written or any back-and-forth between you and your colleagues on email. It can cross-reference information from your account with public data to make, say, comparison spreadsheets for competitor analysis.
Take note that you will be able to control which Google service to link to, if you’re uneasy about giving Gemini access to all your information. When you click on the Deep Research tool in Gemini, you’ll see a drop-down menu where you can tick on Search, Gmail, Drive and Chat individually. At the moment, the feature is only available on desktop, but it will make its way to mobile devices “in the coming days.”
This article originally appeared on Engadget at https://www.engadget.com/google-gemini-can-now-do-deep-research-on-your-gmail-and-drive-data-143000300.html?src=rss