It’s January 9th. A GoFundMe campaign launched two years ago by Damar Hamlin to fundraise for his community ballooned to nearly $9 million following his dramatic on-field cardiac arrest. Hamlin’s contract, like most in the NFL, is not guaranteed. 

Spotlight is off next week to observe Rev. Martin Luther King, Jr. Day.Today’s Spotlight is 866 words — about 3minutes to read.

Spotlight On … LastPass

The LastPass hack we told you about last August was more severe than originally claimed, and some cybersecurity experts say that the company is improperly downplaying the risk.

LastPass now acknowledges that it was hacked in August and November. In late August, it reported that its code had been stolen, but that no customer action was required.

Another breach occurred in November.  One month later, LastPass acknowledged the November hack used information from the August hack, but said “the majority of customers” still didn’t have to do anything. because customers who followed their “suggested” best practices would be fine.

Multiple security researchers disagree, stating that hackers can build profiles of individuals using LastPass user data and that passwords used on the service were not as secure as random passwords would be. Further, LastPass was not requiring passwords to follow the company’s password strength recommendations.

We stopped recommending and using LastPass in 2019 after its third security breach in four years. It was apparent that the company, acquired in 2015, was in trouble. The company acknowledged two subsequent  vulnerabilities, one each in 2020 and 2021.

Researchers and competitors also question LastPass’ claim that guessing a master password would take millions of years. An 11-character password can be guessed in about 25 minutes if humans don’t use random characters and only use familiar words and acronyms, claims 1Password executive Jeffrey Goldberg.

Other voices:

“I would consider all those managed passwords compromised,” the NYT quotes one researcher as saying.

A senior engineer on Yahoo’s security team told Wired, “I used to support LastPass. I recommended it for years and defended it publicly in the media … But things change.”

Your next steps: Get a free BitWarden account or 1Password paid account. Your password manager should select and store your passwords. Use two-factor authentication everywhere possible in addition to a randomly generated password. Passkeys are coming, but they won’t available on every service and with every device.

Interested in passkeys?  See our November 21 Spotlight.

  3 More Stories to Know

1) Anker’s Eufy device unit continues to fight exposés in The Verge about misrepresentations regarding camera data. The Verge claims that Eufy deleted ten privacy promises on its website instead of answering questions about how security camera footage is stored.

2) German government officials met with Twitter owner Elon Musk last week regarding Twitter’s previous commitment to remove disinformation from its site. Twitter and other Big Tech companies must do so by mid-June to comply with new laws.

3) Big Tech companies continue to face action from regulatory authorities.

Epic Games – the Fortnite game developer agreed to pay $520 million in December to settle FTC complaints about child privacy requirements and tricking players into paying for upgrades.

Meta – agreed to pay $725 million to settle a lawsuit regarding illegal data sharing with Cambridge Analytica. Separately, Meta was fined $414 million by European regulators last week for allowing ads based upon user activity.

Amazon – avoided fines, but must comply with a seven year agreement governing how it interacts with third party sellers on the site to settle EU antitrust complaints.

Trends & Spends

Did That Really Happen? — Orange Dots on iPhones

An orange dot showing on the top right of an iPhone display indicates that a running application has microphone access, not that “someone is listening to you right now” as a viral post claims. Snopes explains the alarmist take on a nice privacy feature.

Following Up — ChatGPT and Bing

We wrote about ChatGPT before the holidays and have been having a blast testing it since then. Now there’s word that Microsoft is preparing to enhance its Bing search engine with the technology. Three years ago, Microsoft invested $1 billion in Open AI, the organization that created ChatGPT.

Protip — How to Use 1Password

The best primer on how to start using 1Password was published by the New York Times last summer. There are screenshots, how-tos, and tips. 

Screening Room — France’s Loto

Science Fiction World — Fast Food Automat

McDonald’s is testing a restaurant where ordering is done via kiosk or online and the food is served via robotics. The concept is only at one location near Fort Worth for now, and food continues to be prepared by humans. 

Coffee Break —  Chrono Quest

Chrono Quest gives players three tries to place six historical events in chronological order. Like Wordle, everyone gets the same quiz, and unlike Wordle, streaks continue if you miss a day. 

Sign of the Times

Good Monday Morning

It’s December 19. Chanukah began last night at sundown, Christmas is next Sunday, and Kwanzaa is one week from today. Whatever you celebrate, I wish you peace and happiness now and always. Spotlight won’t publish during this holiday period and returns on January 9.

Today’s Spotlight is 670 words — about 4minutes to read.

 Spotlight On … Online Accessibility

People with disabilities continue to encounter obstacles in modern online life.

In response to complaints by more than one thousand individuals that they were charged waiting fees when needing more time to enter a vehicle, the Justice Department settled a lawsuit with Uber. In the end, more than 65,000 people were affected.

Barriers to access or prohibitively high prices can also affect disabled people. Instead spending hundreds of dollars for accessible joysticks and controllers, Andreas and Oskar Karlsson helped 8BitDo develop video game controllers that cost $35.

Almost all websites: The most alarming online accessibility trend deals with websites. Ninety-six percent of the top one million websites had accessibility errors, according to one trade group. That includes issues like improper contrast settings, broken buttons, and links that do not work with screen readers.

Sen. Bob Casey (D-PA) last week released a report identifying federal agencies as non-compliant sites, including Veteran’s Administration sites vital to people with disabilities. Casey highlighted a VA pharmacy and drug abuse website containing more than 6,400 accessibility errors.

Get help here:  The GSA runs the Section 508 website that helps organizations understand their legal online accessibility requirements and offers free tools like color contrast analyzers. 

 3 More Stories to Know

1) Airbnb removed 4,000 property hosts this year for violating nondiscrimination laws. The service removed more than 5,000 last year out of more than 4 million hosts worldwide.

2)  TikTok edged closer to a national ban after the U.S. Senate voted unanimously Wednesday to pass a bill prohibiting the app on federal devices. Nineteen governors have also banned the app on their states’ devices.

3) Microsoft signed a 10 year $2.8 billion cloud computing deal with the London Stock Exchange and has taken a 4% equity stake in that exchange. Google signed a similar deal with the Chicago Exchange in 2021 and made a $1 billion equity investment.

Trends & Spends

Did That Really Happen? — Ex-Marine Whelan Punitively Discharged

Following the release of two-time Olympian and WNBA star Brittney Griner from a Russian prison, many conservative media outlets accused the administration of choosing to leave a “highly decorated Marine” as a Russian prisoner.

The details of the prisoner swap negotiation aren’t public, but Snopes uncovered that former US Marine Paul Whelan received a bad conduct discharge in 2008 following a special court martial proceeding that convicted him of multiple crimes including larceny, check fraud, and dereliction of duty.

Following Up — Juice Jacking

The FCC is reminding travelers to avoid using public USB charging stations in airports or at hotels this holiday season because those jacks can compromise your device with malware. Among the agency’s hints about “juice jacking”:  carry your own plug and charging cable and use an electrical outlet.

Protip — Apple’s New Security Feature

Protect your iCloud data with iOS’ new software update that allows you to encrypt the information so that only you (not even Apple) can access it. The Wirecutter shows you how.

Screening Room — A Last Holiday Tearjerker

Science Fiction World — No GPS Needed

Ship and submarine crews can look forward to a day when GPS is no longer needed for navigation. A French research team has invented a 3D quantum accelerometer that uses lasers and atoms to measure movement in three dimensions. At worst, the system functions as backup for a vessel that loses its GPS signal.

Coffee Break —  Sturdy Gingerbread Houses

Thrillist has your back if you need to venture into gingerbread house construction this week. One hint: use a “royal runny icing made with egg whites and confectioners sugar.”

Sign of the Times

Good Monday Morning

It’s December 12. Wednesday is the 10th anniversary of the massacre at Sandy Hook. Those murdered children would be busy talking about driver’s licenses and school dances right now. Learn how to join the vigil and protest outside the NRA at 10 a.m. Wednesday if you’re in the DC area.

Today’s Spotlight is 895 words — about 4 ½ minutes to read.

Spotlight On … ChatGPT

As technology continues to advance, chatbots have become an increasingly useful tool for businesses and organizations looking to improve customer service and streamline their operations. One of the key factors in the success of chatbots is the use of large language models to train them. These models allow chatbots like ChatGPT to understand and respond to a wide range of human inputs, making them a valuable asset for many different applications.

1. Customer service: One of the most common uses for chatbots trained on large language models is customer service. By using these chatbots, businesses can provide quick and accurate responses to customer inquiries, helping to resolve issues and improve the overall customer experience. This can be especially useful for handling common questions or issues that may arise, allowing customer service representatives to focus on more complex tasks.
2. Order processing and tracking: Another common use for chatbots trained on large language models is in the processing and tracking of orders. By using these chatbots, businesses can automate many of the tasks associated with order fulfillment, such as verifying information and updating customers on the status of their orders. This can help to improve efficiency and reduce the workload of human staff, allowing them to focus on more important tasks.
3. Personal assistants: In recent years, chatbots trained on large language models have also been used as personal assistants. These chatbots can assist with a wide range of tasks, such as scheduling appointments, setting reminders, and providing information on a variety of topics. This can be especially useful for individuals who may have difficulty managing their own schedules or who need help with daily tasks.

Overall, chatbots like ChatGPT that are trained on large language models are a valuable tool for businesses and individuals alike. By leveraging the power of these models, chatbots can provide quick and accurate responses to a wide range of inputs, making them a valuable asset for many different applications.

P.S. ChatGPT wrote this. Here is a link to a short video showing you how amazingly fast ChatGPT writes.

3 More Stories to Know

1) Epson announced that it will no longer make laser printers after 2026. The company says that inkjet printers are more eco-friendly.

2)  TikTok is continuing negotiations with the Biden administration regarding ways that the company can continue operating in the U.S. FBI director Christopher Wray has made multiple public statements about TikTok which he calls it a threat to national security.

3) San Francisco’s Board of Supervisors quickly reversed their decision that would have allowed law enforcement agencies to use robots armed with lethal weapons in hazardous conditions.

Trends & Spends

Trends and Spends has the week off because Google published its Year in Search feature that includes global searches in multiple categories as well as a drop down to show top searches in individual countries.

Did That Really Happen? — Electric Bike Graveyard

A hoax photo purports to show an electric bike dump in France filled with abandoned bikes whose owners didn’t want to pay for replacement batteries.

Snopes did some great research (read it here) and discovered that the bikes were in China and had been abandoned by a company going out of business.

Following Up — Log4j Exploits Continue

We wrote extensively about the Log4j hacks that occurred last December. At the time, government and large organizations warned that hackers would attempt to exploit this vulnerability affecting hundreds of millions of devices.  Last week, security firm Arctic Wolf disclosed that more than 800 of its commercial customers had been targeted using this exploit during 2022.

Protip — A Chrome Browser Setting to Save Memory

For years, Google Chrome’s browser has suffered from overusing memory that caused it to slow down or even stop. Now the company has released a new version with a feature called “Memory Saver”. Read about how you can install it now ahead of its rollout date in a few weeks.

Screening Room — Uber Eats’ New Guarantee & the NFL’s OBJ

Science Fiction World — Smart Bandages

There’s news about an international group of researchers who have created a smart bandage that uses microelectronics that transmit data wirelessly and report back to medical teams on the amount of healing, presence of certain cells, or infection.

Coffee Break — The World Cup of Microsoft Excel

Mama, your boy can finally be an international competitor. We told you last year about the Excel Championships. This delightful article in The Atlantic takes a close look at this year’s spreadsheet championship complete with TV coverage on ESPN 3.

Sign of the Times