An anonymous reader shared this report from Neowin: Offline Windows activation has been possible to do using the phone. However, it looks like Microsoft has quietly killed off that method as users online have found that they are no longer able to activate the OS using it... [As documented by Windows user Ben Kleinberg on his YouTube channel], Now when trying to activate the OS by attempting to call the phone number for Microsoft Product Activation, an automated voice response says the following: "Support for product activation has moved online. For the fastest and most convenient way to activate your product, please visit our online product activation portal at aka.ms/aoh"

If you are wondering, that link takes users to the Microsoft Product Activation Portal for online activation. Thus it appears that offline ways to activate Windows may no longer be available even though the official support documentation by the company may not reflect it yet.

Three decades after RFC 1883 promised to future-proof the internet by expanding the available pool of IP addresses from around 4.3 billion to over 340 undecillion, IPv6 has yet to achieve the dominance its creators envisioned. Data from Google, APNIC and Cloudflare analyzed by The Register shows less than half of all internet users rely on IPv6 today.

"IPv6 was an extremely conservative protocol that changed as little as possible," APNIC chief scientist Geoff Huston told The Register. "It was a classic case of mis-design by committee." The protocol's lack of backward compatibility with IPv4 meant users had to choose one or run both in parallel. Network address translation, which allows thousands of devices to share a single public IPv4 address, gave operators an easier path forward. Huston adds: "These days the Domain Name Service (DNS) is the service selector, not the IP address," Huston told The Register. "The entire security framework of today's Internet is name based and the world of authentication and channel encryption is based on service names, not IP addresses."

"So folk use IPv6 these days based on cost: If the cost of obtaining more IPv4 addresses to fuel bigger NATs is too high, then they deploy IPv6. Not because it's better, but if they are confident that they can work around IPv6's weaknesses then in a largely name based world there is no real issue in using one addressing protocol or another as the transport underlay." But calling IPv6 a failure misses the point. "IPv4's continued viability is largely because IPv6 absorbed that growth pressure elsewhere -- particularly in mobile, broadband, and cloud environments," said John Curran, president and CEO of the American Registry for Internet Numbers. "In that sense, IPv6 succeeded where it was needed most." Huawei has sought 2.56 decillion IPv6 addresses and Starlink appears to have acquired 150 sextillion.

An anonymous reader quotes a report from Cyber Press: A newly uncovered Chinese threat group, DarkSpectre, has been linked to one of the most widespread browser-extension malware operations to date, compromising more than 8.8 million users of Chrome, Edge, Firefox, and Opera over the past seven years. According to research by Koi.ai, the group operates three interconnected campaigns: ShadyPanda, GhostPoster, and a newly identified one named The Zoom Stealer, forming a single, strategically organized operation.

DarkSpectre's structure differs from that of ordinary cybercrime operations. The group runs separate but interconnected malware clusters, each with distinct goals. The ShadyPanda campaign, responsible for 5.6 million infections, focuses on long-term user surveillance and e-commerce affiliate fraud. Its extensions have appeared legitimate for years, offering new tab pages and translation utilities, before secretly downloading malicious configurations from command-and-control servers such as jt2x.com and infinitynewtab.com. Once activated, they inject remote scripts, hijack search results, and track browsing activity.

The second campaign, GhostPoster, spreads via Firefox and Opera extensions that conceal malicious payloads in PNG images via steganography. After lying dormant for several days, the extensions extract and execute JavaScript hidden within images, enabling stealthy remote code execution. This campaign has affected over one million users and relies on domains like gmzdaily.com and mitarchive.info for payload delivery.

The most recent discovery, The Zoom Stealer, exposes around 2.2 million users to corporate espionage. These extensions masquerade as productivity tools or video downloaders while secretly harvesting corporate meeting links, credentials, and speaker profiles from more than 28 video conferencing platforms, including Zoom, Microsoft Teams, and Google Meet. The extensions use real-time WebSocket connections to exfiltrate data to Firebase databases, such as zoocorder.firebaseio.com, and to Google Cloud functions, such as webinarstvus.cloudfunctions.net.

An anonymous reader quotes a report from the Guardian: France intends to follow Australia and ban social media platforms for children from the start of the 2026 academic year. A draft bill preventing under-15s from using social media will be submitted for legal checks and is expected to be debated in parliament early in the new year. The French president, Emmanuel Macron, has made it clear in recent weeks that he wants France to swiftly follow Australia's world-first ban on social media platforms for under-16s, which came into force in December. It includes Facebook, Snapchat, TikTok and YouTube.

Le Monde and France Info reported on Wednesday that a draft bill was now complete and contained two measures: a ban on social media for under-15s and a ban on mobile phones in high schools, where 15- to 18-year-olds study. Phones have already been banned in primary and middle schools. The bill will be submitted to France's Conseil d'Etat for legal review in the coming days. Education unions will also look at the proposed high-school ban on phones. The government wants the social media ban to come into force from September 2026.

Le Monde reported the text of the draft bill cited "the risks of excessive screen use by teenagers," including the dangers of being exposed to inappropriate social media content, online bullying, and altered sleep patterns. The bill states the need to "protect future generations" from dangers that threaten their ability to thrive and live together in a society with shared values. Earlier this month, Macron confirmed at a public debate in Saint Malo that he wanted a social media ban for young teenagers. He said there was "consensus being shaped" on the issue after Australia introduced its ban.

"The more screen time there is, the more school achievement drops the more screen time there is, the more mental health problems go up," he said. He used the analogy of a teenager getting into a Formula One racing car before they had learned to drive. "If a child is in a Formula One car and they turn on the engine, I don't want them to win the race, I just want them to get out of the car. I want them to learn the highway code first, and to ensure the car works, and to teach them to drive in a different car."

The fight over net neutrality saw another turbulent year in 2025, as federal protections that seemed poised for a comeback in 2024 were first struck down by a court and then preemptively removed by the Trump administration's FCC without a chance for public comment.

The removal, The Verge summarizes in a report, was part of Chairman Brendan Carr's "Delete, Delete, Delete" initiative targeting what the agency deems unnecessary regulations. Federal net neutrality rules have now been on and off for 15 years, passing under Obama in 2010, returning in 2015, getting overturned in 2017, and briefly revived in 2024 before courts struck them down again.

Matt Wood, vice president of policy and general counsel at nonprofit Free Press, told The Verge that ISPs often feel little financial impact from these rules. "A lot of their complaints about the supposed 'burdens' from these rules are really just ideological in nature," Wood said. States have filled the void.

California's 2018 law remains the nation's gold standard, and Maine passed a bipartisan bill in June. John Bergmayer, legal director at Public Knowledge, said state-level laws and the threat of new ones "has kept some of the worst outcomes in check."

The National Telecommunications and Information Administration is now pressuring states to exempt ISPs from net neutrality laws to remain eligible for broadband infrastructure funding. Chao Jun Liu of the Electronic Frontier Foundation summed up the year's pattern: "ISPs just want to do whatever they want to do with no limits and nobody telling them how to do it."

Finnish authorities on Wednesday seized a vessel suspected of severing an undersea telecommunications cable that connects Helsinki to Tallinn by dragging its anchor across the Gulf of Finland, the latest in a string of infrastructure incidents that have put Baltic Sea nations on edge since Russia's 2022 invasion of Ukraine.

Police are investigating the case as aggravated criminal damage and have not disclosed the ship's name, nationality or details about its crew. The cable belongs to Finnish telecoms group Elisa. Estonia's justice ministry reported that a second telecoms cable connecting the two countries -- owned by Sweden's Arelion -- also went down on Wednesday. This follows Finland's December 2024 boarding of the Russian-linked oil tanker Eagle S, which investigators said damaged a power cable and multiple telecoms links using the same anchor-dragging method. A Finnish court in October dismissed criminal charges against the Eagle S crew after prosecutors failed to prove intent.

AI-generated video tools like OpenAI's Sora will make individual content creators "far, far, far less valuable" as social media platforms shift toward algorithmically generated content tailored to each viewer, according to Michael Mignano, a partner at venture capital firm Lightspeed and who cofounded the podcasting platform Anchor before Spotify acquired it.

Speaking on a podcast, Mignano described a future where content is generated instantaneously and artificially to suit the viewer. The TikTok algorithm is powerful, he said, but it still requires human beings to make content -- and there's a cost to that. AI could drive those costs down significantly. Mignano called this shift the "death of the creator" in a post, acknowledging it was "devastating" but arguing it marked a "whole new chapter for the internet."

In an email to Business Insider, Mignano wrote that quality will win out. "Platforms will no longer reward humans posting the same old, tried and true formats and memes," he wrote. "True uniqueness of image, likeness, and creativity will be the only viable path for human-created content."

An anonymous reader shares a report: Chinese social media users criticized two key government policies, rare signs of public dissent in the country where the internet is heavily censored. The death of the former head of China's one-child policy agency -- which for decades forced women to carry out abortions and sterilizations -- sparked criticism of the demographic effort, with one netizen lamenting the "children who were lost."

Others, meanwhile, criticized Beijing's leadership over its ongoing row with Tokyo, sparked by Japanese Prime Minister Sanae Takaichi saying her country could intervene to defend Taiwan in a potential Chinese attack on the self-ruled island, which Beijing claims as its own.

Goldman Sachs, in a note this week, via India Dispatch: There are various reasons that explains this: (i) A large part of the global education spend goes towards formal education (schools, colleges and universities), which are typically either run by governments or are not-for-profit institutions;

(ii) It is difficult to replicate education quality at scale in our view, since most teachers would have a different pedagogy, and thus standardization is harder to achieve vs that in other internet categories;

(iii) Education is fragmented - it includes various fields (schools, undergrad courses, medicine, engg, management, etc.), each with their own curriculum, and the same being vastly different across countries globally; this makes scalability difficult beyond a few certain specializations and regions.

Additionally, we believe the ability for online education to capture a sizable value share of supplemental education is limited since the perceived value of offline, including that from community, in-person engagement and doubt solving, rigour, etc., is typically higher.

However, we note that before China's double reduction policy in 2021, TAL and EDU had market caps of up to US$50 bn; these companies were mostly domestic focused and on the K-12 tutoring segment, which has large volumes. Similarly in India, Byju's reached a peak valuation of US$20 bn+ (link; again, focused on K-12), before issues around governance etc. impacted the business.

An anonymous reader quotes a report from the Associated Press: The State Department announced Tuesday it was barring five Europeans it accused of leading efforts to pressure U.S. tech firms to censor or suppress American viewpoints. The Europeans, characterized by Secretary of State Marco Rubio as "radical" activists and "weaponized" nongovernmental organizations, fell afoul of a new visa policy announced in May to restrict the entry of foreigners deemed responsible for censorship of protected speech in the United States. "For far too long, ideologues in Europe have led organized efforts to coerce American platforms to punish American viewpoints they oppose," Rubio posted on X. "The Trump Administration will no longer tolerate these egregious acts of extraterritorial censorship."

The five Europeans were identified by Sarah Rogers, the under secretary of state for public diplomacy, in a series of posts on social media. [...] The five Europeans named by Rogers are: Imran Ahmed, chief executive of the Centre for Countering Digital Hate; Josephine Ballon and Anna-Lena von Hodenberg, leaders of HateAid, a German organization; Clare Melford, who runs the Global Disinformation Index; and former EU Commissioner Thierry Breton, who was responsible for digital affairs. Rogers in her post on X called Breton, a French business executive and former finance minister, the "mastermind" behind the EU's Digital Services Act, which imposes a set of strict requirements designed to keep internet users safe online. This includes flagging harmful or illegal content like hate speech. She referred to Breton warning Musk of a possible "amplification of harmful content" by broadcasting his livestream interview with Trump in August 2024 when he was running for president.

An anonymous reader quotes a report from TechCrunch: Across Uzbekistan, a network of about a hundred banks of high-resolution roadside cameras continuously scan vehicles' license plates and their occupants, sometimes thousands a day, looking for potential traffic violations. Cars running red lights, drivers not wearing their seatbelts, and unlicensed vehicles driving at night, to name a few. The driver of one of the most surveilled vehicles in the system was tracked over six months as he traveled between the eastern city of Chirchiq, through the capital Tashkent, and in the nearby settlement of Eshonguzar, often multiple times a week. We know this because the country's sprawling license plate-tracking surveillance system has been left exposed to the internet.

Security researcher Anurag Sen, who discovered the security lapse, found the license plate surveillance system exposed online without a password, allowing anyone access to the data within. It's not clear how long the surveillance system has been public, but artifacts from the system show that its database was set up in September 2024, and traffic monitoring began in mid-2025. The exposure offers a rare glimpse into how such national license plate surveillance systems work, the data they collect, and how they can be used to track the whereabouts of any one of the millions of people across an entire country. The lapse also reveals the security and privacy risks associated with the mass monitoring of vehicles and their owners, at a time when the United States is building up its nationwide array of license plate readers, many of which are provided by surveillance giant Flock.

A federal judge blocked Texas' app store age-verification law, ruling it likely violates the First Amendment by forcing platforms to gate speech and collect data in an overly broad way. The law was set to go into effect on January 1, 2026. The Verge reports: In an order granting a preliminary injunction on the Texas App Store Accountability Act (SB 2420), Judge Robert Pitman wrote that the statute "is akin to a law that would require every bookstore to verify the age of every customer at the door and, for minors, require parental consent before the child or teen could enter and again when they try to purchase a book." Pitman has not yet ruled on the merits of the case, but his decision to grant the preliminary injunction means he believes its defenders are unlikely to prevail in court.

Pitman found that the highest level of scrutiny must be applied to evaluate the law under the First Amendment, which means the state must prove the law is "the least restrictive means of achieving a compelling state interest." The judge found this is not the case and that it wouldn't even survive intermediate scrutiny, because Texas has so far failed to prove that its goals are connected to its methods. Since Texas already has a law requiring age verification for porn sites, Pitman said that "only in the vast minority of applications would SB 2420 have a constitutional application to unprotected speech not addressed by other laws." Though Pitman acknowledged the importance of safeguarding kids online, he added, "the means to achieve that end must be consistent with the First Amendment. However compelling the policy concerns, and however widespread the agreement that the issue must be addressed, the Court remains bound by the rule of law." "The Texas App Store Accountability Act is the first among a series of similar state laws to face a legal challenge, making the ruling especially significant, as Congress considers a version of the statute," notes The Verge. "The laws, versions of which also passed in Utah and Louisiana, aim to impose age verification standards at the app store level, making companies like Apple and Google responsible for transmitting signals about users' ages to app developers to block users from age-inappropriate experiences."

"The state can still appeal the ruling with the Fifth Circuit Court of Appeals, which has a history of reversing blocks on internet regulations."

An anonymous reader quotes a report from Ars Technica: CBS cannot contain the online spread of a "60 Minutes" segment that its editor-in-chief, Bari Weiss, tried to block from airing. The episode, "Inside CECOT," featured testimonies from US deportees who were tortured or suffered physical or sexual abuse at a notorious Salvadoran prison, the Center for the Confinement of Terrorism. "Welcome to hell," one former inmate was told upon arriving, the segment reported, while also highlighting a clip of Donald Trump praising CECOT and its leadership for "great facilities, very strong facilities, and they don't play games."

Weiss controversially pulled the segment on Monday, claiming it could not air in the US because it lacked critical voices, as no Trump officials were interviewed. She claimed that the segment "did not advance the ball" and merely echoed others' reporting, NBC News reported. Her plan was to air the segment when it was "ready," insisting that holding stories "for whatever reason" happens "every day in every newsroom." But Weiss apparently did not realize that the "Inside CECOT" would still stream in Canada, giving the public a chance to view the segment as reporters had intended.

Critics accusing CBS of censoring the story quickly shared the segment online Monday after discovering that it was available on the Global TV app. Using a VPN to connect to the app with a Canadian IP address was all it took to override Weiss' block in the US, as 404 Media reported the segment was uploaded to "to a variety of file sharing sites and services, including iCloud, Mega, and as a torrent," including on the recently revived file-sharing service LimeWire. It's currently also available to stream on the Internet Archive, where one reviewer largely summed up the public's response so far, writing, "cannot believe this was pulled, not a dang thing wrong with this segment except it shows truth." "Yo what," joked Reddit user Howzitgoin, highlighting only the word "LimeWire." Another user responded, "man, who knew my nostalgia prof pic would become relevant again, WTF."

"Bringing back LimeWire to illegally rip copies of reporting suppressed by the government is definitely some cyberpunk shit," a Bluesky user wrote.

"We need a champion against the darkness," a Reddit commenter echoed. "I side with LimeWire."

In the late 1980s, Merriam-Webster's Collegiate Dictionary sat on the New York Times best-seller list for 155 consecutive weeks and eventually sold 57 million copies, a figure believed to be second only to the Bible in the United States -- but those days are thoroughly gone. Stefan Fatsis's new book "Unabridged: The Thrill of (and Threat to) the Modern Dictionary" chronicles what Louis Menand describes in The New Yorker as "a losing struggle" for legacy dictionaries to survive in the internet age.

The profession has been decimated: an estimated 200 full-time lexicographers worked in the US 25 years ago, and Fatsis believes that number is "probably closer to thirty" today. "By the time I finished this book," Fatsis writes, "it wasn't clear how long flesh-bone-and-blood lexicographers would be needed to chronicle the march of the English language."

Merriam-Webster is now owned by Encycloaedia Britannica, another print-era giant that stopped publishing physical volumes in 2012. The company's free website draws about a billion page views annually, but the content has shifted dramatically -- word games, trending slang and ads dominate rather than lexicographic depth. The scale of the challenge facing dictionaries is staggering. One study of digitized library books found the English lexicon grew from about 600,000 words in 1950 to over a million by 2000, and concluded that 52% of English words in printed books are "lexical dark matter" that appears in no standard reference work.

China has unveiled new rules to rein in aggressive pricing tactics by online platforms, prohibiting e-commerce operators from forcing merchants to offer discounts or setting different prices based on user demographics without consent. The 29-article regulation -- jointly issued over the weekend by the National Development and Reform Commission, State Administration for Market Regulation (SAMR), and Cyberspace Administration of China -- lays out detailed compliance requirements that target several long-standing pain points as competition among internet giants has often eroded the rights of both consumers and merchants.

To restore merchant autonomy on pricing, the rules ban platform operators from leveraging their dominant scale to impose "lowest price" agreements. Platforms are prohibited from using traffic throttling, search ranking demotions, or algorithm penalties to pressure merchants into predatory price-cutting or exclusive pricing arrangements.

"In the lead up to its Switch 2 console release, Nintendo updated its user agreement," writes the Free Software Foundation, warning that Nintendo now claims "broad authority to make consoles owned by its customers permanently unusable."

"Under Nintendo's most aggressive digital restrictions management (DRM) update to date, game console owners are now required to give Nintendo the unilateral right to revoke access to games, security updates, and the Internet, at its sole discretion." The new agreement states: "You acknowledge that if you fail to comply with [Nintendo's restrictions], Nintendo may render the Nintendo Account Services and/or the applicable Nintendo device permanently unusable in whole or in part...."

There are probably other reasons that Nintendo has and will justify bricking game consoles, but here are some that we have seen reported:

— "Tampering" with hardware or software in pretty much any way;
— Attempting to play a back-up game;
— Playing a "used" game; or
— Use of a third-party game or accessory...


Nintendo's promise to block a user from using their game console isn't just an empty threat: it has already been wielded against many users. For example, within a month of the Switch 2's release, one user unknowingly purchased an open-box return that had been bricked, and despite functional hardware, it was unusable for many games. In another case, a user installing updates for game cartridges purchased via a digital marketplace had their console disabled. Though it's unclear exactly why they were banned, it's possible that the cartridge's previous owner made a copy and an online DRM check determined that the current and previous owner's use were both "fraudulent." The user only had their console released through appealing to Nintendo directly and providing evidence of their purchase, a laborious process.

Nintendo's new console banning spree is just one instance of the threat that nonfree software and DRM pose to users. DRM is but one injustice posed by nonfree software, and the target of the FSF's Defective by Design campaign. Like with all software, users ought to be able to freely copy, study, and modify the programs running on their devices. Proprietary software developers actively oppose and antagonize their users. In the case of Nintendo, this means punishing legitimate users and burdening them with proving that their use is "acceptable." Console users shouldn't have to tread so carefully with a console that they own, and should they misstep, beg Nintendo to allow them to use their consoles again.

An anonymous reader quotes a report from Search Engine Land: Google said today that it is suing SerpApi, accusing the company of bypassing security protections to scrape, harvest, and resell copyrighted content from Google Search results. The allegations: Google said SerpApi:

-Circumvented Google's security measures and industry-standard crawling controls.
-Ignored website directives that specify whether content can be accessed.
-Used cloaking, rotating bot identities, and large bot networks to scrape content at scale.
-Took licensed content from Search features, including images and real-time data, and resold it for profit.

What Google is saying. "Stealthy scrapers like SerpApi override [crawling] directives and give sites no choice at all," Google wrote, calling the alleged scraping "brazen" and "unlawful." Google said SerpApi's activity "increased dramatically over the past year." [...] If Google wins, reliable SERP data could become harder to get, more expensive, or both -- especially for teams that rely on tools powered by services like SerpApi. As AI already reduces clicks and transparency, Google now appears intent on making it even harder for brands to understand how Search works, how they appear in results, and how to measure success.

The White House says it's investigating how a personal-finance YouTuber's livestream briefly appeared on the White House's official live video page. The creator says he has no idea how his video ended up there. The Associated Press reports: The livestream appeared for at least eight minutes late Thursday on whitehouse.gov/live, where the White House usually streams live video of the president speaking. It's unclear if the website was breached or the video was linked accidentally by someone in the government. The White House said in a statement that it was "aware and looking into what happened." The video that appeared on the government-run website featured some of a more than two-hour livestream from Matt Farley, who posts as @RealMattMoney, as he answered financial questions.

Farley told The Associated Press on Friday that he had no idea what happened and learned about it after the fact. He said he had not been contacted by the government and didn't have any theories about how his livestream ended up on the website. He joked that he hoped President Donald Trump and his youngest son, Barron Trump, "are watching my streams and taking advice."

"Had I known it would have been on the White House website, I probably would have had other things to talk about than personal finance," Farley said. When asked what other things he would discuss, Farley responded with a laugh and said: "What would you talk about with the world for eight minutes if you had an opportunity? I'm just some guy making YouTube videos about stocks."

An anonymous reader quotes a report from KrebsOnSecurity: Direct navigation -- the act of visiting a website by manually typing a domain name in a web browser -- has never been riskier: A new study finds the vast majority of "parked" domains -- mostly expired or dormant domain names, or common misspellings of popular websites -- are now configured to redirect visitors to sites that foist scams and malware. When Internet users try to visit expired domain names or accidentally navigate to a lookalike "typosquatting" domain, they are typically brought to a placeholder page at a domain parking company that tries to monetize the wayward traffic by displaying links to a number of third-party websites that have paid to have their links shown.

A decade ago, ending up at one of these parked domains came with a relatively small chance of being redirected to a malicious destination: In 2014, researchers found (PDF) that parked domains redirected users to malicious sites less than five percent of the time -- regardless of whether the visitor clicked on any links at the parked page. But in a series of experiments over the past few months, researchers at the security firm Infoblox say they discovered the situation is now reversed, and that malicious content is by far the norm now for parked websites. "In large scale experiments, we found that over 90% of the time, visitors to a parked domain would be directed to illegal content, scams, scareware and anti-virus software subscriptions, or malware, as the 'click' was sold from the parking company to advertisers, who often resold that traffic to yet another party," Infoblox researchers wrote in a paper published today.

Merriam-Webster crowned "slop" its 2025 Word of the Year, reflecting growing public awareness and and fatigue around low-quality, AI-generated content flooding the internet. "It's such an illustrative word," said Greg Barlow, Merriam-Webster's president. "It's part of a transformative technology, AI, and it's something that people have found fascinating, annoying and a little bit ridiculous." The Associated Press reports: "Slop" was first used in the 1700s to mean soft mud, but it evolved more generally to mean something of little value. The definition has since expanded to mean "digital content of low quality that is produced usually in quantity by means of artificial intelligence." In other words, "you know, absurd videos, weird advertising images, cheesy propaganda, fake news that looks real, junky AI-written digital books," Barlow said. "Words like 'ubiquitous,' 'paradigm,' 'albeit,' 'irregardless,' these are always top lookups because they're words that are on the edge of our lexicon," Barlow said. "'Irregardless' is a word in the dictionary for one reason: It's used. It's been used for decades to mean 'regardless.'"

The announcement can be found here.