[B] 気候変動運動の動きの変化

1 month 4 weeks ago
気候科学者たちが検証して、彼らが構成するIPCC(International Panel on Climate Change、国連の一部)なる組織の意向が気候変動の権威と見做されてきた。その組織が、数年ごとに発表する検証レポートA-5 (2014年)の一部RCP8.5では、現在から2100年ぐらいまでに大幅なCO2増大(現在の380ppmから1200ppm)が見込められるので、それに基づいた激烈な温度変化/気候変動の予測、それの人類への影響などを発表した。(落合栄一郎)
日刊ベリタ

Weekly Report: Apache Camelに複数の脆弱性

1 month 4 weeks ago
Apache Camelには、複数の脆弱性があります。これらの脆弱性のうち一部の脆弱性について概念実証コードが公開されていることを確認しています。この問題は、当該製品を修正済みのバージョンに更新することで解決します。詳細は、開発者が提供する情報を参照してください。

Broken Promises: RIP Instagram’s End-to-End Encrypted DMs

1 month 4 weeks ago

Last week, Instagram ended its opt-in, and therefore rarely used, end-to-end encryption feature. Years after publicly promising to provide the privacy protections of end-to-end encryption across its platforms by default, it instead gave up on that technical challenge. Now, we've all lost an option for safer conversations on one of the biggest social media platforms in the world.

In an announcement in 2023, Meta bragged about how it had successfully encrypted Messenger, and teased that Instagram was in progress. Even before then, they’d talked about how important encryption was in Messenger and Instagram in a white paper published in 2022, stating: 

We want people to have a trusted private space that’s safe and secure, which is why we’re taking our time to thoughtfully build and implement e2ee by default across Messenger and Instagram DMs.

So where did the reversal come from? In a statement, Meta claimed that, “Very few people were opting in to end-to-end encrypted messaging in DMs.” This isn’t all that surprising, as turning it on was an optional four-step process that few people knew about. Defaults matter, and Meta’s choice to blame people for failing to opt into this feature is proof of how much. In that same statement, the company pointed people to WhatsApp for access to encrypted messaging. Yet if Meta truly wanted people to have a trusted private space to communicate, it would meet them everywhere they are: on WhatsApp, on Messenger, and on Instagram.

But at least Meta was straightforward about the fact that it will not continue to support or work on this feature. That's rare. Most tech company promises aren’t broken explicitly, they just remain undelivered long enough to be forgotten. 

This is particularly disappointing as other companies take even bigger swings, like Google and Apple working together to implement end-to-end encryption over Rich Communication Services (RCS), and Signal’s continued work to make its app simpler and easier to use for everyone.

Meta abandoning this principle is disheartening, especially as we are still waiting for other promised features from the company, like end-to-end encryption in Facebook Messenger group messages. Instead of blaming users for not using these sorts of features and then abandoning the promise of delivery, Meta—and other tech companies—should start by enabling strong privacy protective features by default.

Thorin Klosowski