Google is testing a new "Pilot Program" that puts a row of advertisements on the Android TV home screen. XDA Developers, which was the first to report the program, says: "We're currently seeing reports that it has shown up in Sony smart TVs, the Mi Box 3 from Xiaomi, NVIDIA Shield TV, and others." Ars Technica reports: The advertising is a "Sponsored Channel" part of the "Android TV Core Services" app that ships with all Android TV devices. A "Channel" in Android TV parlance means an entire row of thumbnails in the UI will be dedicated to "sponsored" content. Google provided XDA Developers with a statement saying that yes, this is on purpose, but for now it's a "pilot program."

Sony has tersely worded a support page detailing the "Sponsored channel," too. There's no mention here of it being a pilot program. Sony's page, titled "A sponsored channel has suddenly appeared on my TV Home menu," says, "This change is included in the latest Android TV Launcher app (Home app) update. The purpose is to help you discover new apps and contents for your TV." Sony goes on to say, "This channel is managed by Google" and "the Sponsored channel cannot be customized." Sony basically could replace the entire page with a "Deal with it" sunglasses gif, and it would send the same message.

Video games are the next entertainment industry undergoing a major disruption, all the way down to the consoles and controllers. From a report: Details: "In the past, you plunked down $60 at GameStop for a copy of Grand Theft Auto or Madden NFL and played it out -- after which you could trade it in or let it gather dust," the AP reports. "Now, you'll increasingly have the choice of subscribing to games, playing for free or possibly just streaming them over the internet to your phone or TV."

New subscription streaming services represent a massive shift from gaming into the cloud, which will make it easier to access games on any device, including mobile. [...] Gamers wouldn't necessarily have to buy individual games anymore -- they could buy them as part of a larger and potentially cheaper package -- and it means that they wouldn't be limited to expensive hardware devices that only work for certain games.

The Internet Archive has come to the rescue once again. The nonprofit digital library this week unveiled the MySpace Music Dragon Hoard, a collection of 490,000 MP3 files from 2008 to 2010 on the long-abandoned social media site. From a report: While the recovered tracks make up less than one percent of the music lost by some 14 million artists, it is still a sizable cache weighing in at 1.3TB. The lost songs were given to the Internet Archive by an "anonymous academic group" that had downloaded the music over a three year period to study. When the group learned of the data loss last month, it offered all it had to be preserved.

An anonymous reader quotes a report from ZDNet: This week, the Apache Software Foundation has patched a severe vulnerability in the Apache (httpd) web server project that could --under certain circumstances-- allow rogue server scripts to execute code with root privileges and take over the underlying server. The vulnerability, tracked as CVE-2019-0211, affects Apache web server releases for Unix systems only, from 2.4.17 to 2.4.38, and was fixed this week with the release of version 2.4.39. According to the Apache team, less-privileged Apache child processes (such as CGI scripts) can execute malicious code with the privileges of the parent process. Because on most Unix systems Apache httpd runs under the root user, any threat actor who has planted a malicious CGI script on an Apache server can use CVE-2019-0211 to take over the underlying system running the Apache httpd process, and inherently control the entire machine.

"First of all, it is a LOCAL vulnerability, which means you need to have some kind of access to the server," Charles Fol, the security researcher who discovered this vulnerability told ZDNet in an interview yesterday. This means that attackers either have to register accounts with shared hosting providers or compromise existing accounts. Once this happens, the attacker only needs to upload a malicious CGI script through their rented/compromised server's control panel to take control of the hosting provider's server to plant malware or steal data from other customers who have data stored on the same machine. "The web hoster has total access to the server through the 'root' account. If one of the users successfully exploits the vulnerability I reported, he/she will get full access to the server, just like the web hoster," Fol said. "This implies read/write/delete any file/database of the other clients."

The United Kingdom is working on legislation that would hold social media executives liable for harmful content distributed on their platforms. The leaked white paper comes less than 24 hours after Australia passed sweeping legislation that threatens huge fines for social media companies and jail for their executives if they fail to rapidly remove "abhorrent violent material" from their platforms. From the report: Under plans expected to be published on Monday, the government will legislate for a new statutory duty of care, to be policed by an independent regulator and likely to be funded through a levy on media companies. The regulator -- likely initially to be Ofcom, but in the longer term a new body -- will have the power to impose substantial fines against companies that breach their duty of care and to hold individual executives personally liable.

The scope of the recommendations is broad. As well as social media platforms such as Facebook and search engines such as Google they take in online messaging services and file hosting sites. Other proposals in the online harm white paper include:

- Government powers to direct the regulator on specific issues such as terrorist activity or child sexual exploitation.
- Annual "transparency reports" from social media companies, disclosing the prevalence of harmful content on their platforms and what they are doing to combat it.
- Co-operation with police and other enforcement agencies on illegal harms, such as incitement of violence and the sale of illegal weapons. "Companies will be asked to comply with a code of practice, setting out what steps they are taking to ensure that they meet the duty of care -- including by designing products and platforms to make them safer, and pointing users who have suffered harm towards support," the report says. "The code of practice is also likely to include the steps companies will be expected to take to combat disinformation, including by using fact-checking services, particularly during election periods, and improving the transparency of political advertising. Regulated firms will be expected to comply with the code of practice -- or explain what other steps they are taking to meet the duty of care. However, many questions are left to the regulator to determine."

Last year, Google announced that YouTube Music would be the company's primary streaming service that would eventually replace Play Music. We have now learned that in anticipation of this change, Google will close the Google Play Artist Hub that musicians use to directly interact with the Play Store. 9to5Google reports: Smaller, indie artists that were not signed by labels could use the Google Play Artist Hub to manage their presence on the Play Store and upload/sell songs. In an email today, Google told these musicians that the Artist Hub is shutting down on April 30th. YouTube Music is cited as the reason by Google: "With the launch of YouTube Music last year, we eventually plan to replace Google Play Music with YouTube Music. In anticipation of this change, we are shutting down the Artist Hub."

This portal allowed smaller artists to directly interact with Google to see statistics, and get paid for streams/purchases. Musicians can still sell their content in the Play Store and have content available for streaming in Play Music, but must now sign-up with a third-party distributor to handle that entire process. At the end of this month, all existing songs and albums uploaded through the Google Play Artist Hub will "no longer appear in the Google Play Store or Google Play Music service (including the paid streaming and free radio service)." Artists that would still like to "make [their] music available for purchase/download" have to republish, with Google providing a list of "YouTube partners," including AWAL, Believe, CD Baby, DistroKid, Stem, and TuneCore.

An anonymous reader quotes a report from Ars Technica: Democrats in the U.S. House of Representatives yesterday rejected Republican attempts to weaken a bill that would restore net neutrality rules. The House Commerce Committee yesterday approved the "Save the Internet Act" in a 30-22 party-line vote, potentially setting up a vote of the full House next week. The bill is short and simple -- it would fully reinstate the rules implemented by the Federal Communications Commission under then-Chairman Tom Wheeler in 2015, reversing the repeal led by FCC Chairman Ajit Pai in 2017.

Commerce Committee Republicans repeatedly introduced amendments that would weaken the bill but were consistently rebuffed by the committee's Democratic majority. "The Democrats beat back more than a dozen attempts from Republicans to gut the bill with amendments throughout the bill's markup that lasted 9.5 hours," The Hill reported yesterday. Republican amendments would have weakened the bill by doing the following: Exempt all 5G wireless services from net neutrality rules; Exempt all multi-gigabit broadband services from net neutrality rules; Exempt from net neutrality rules any ISP that builds broadband service in any part of the U.S. that doesn't yet have download speeds of at least 25Mbps and upload speeds of at least 3Mbps; Exempt from net neutrality rules any ISP that gets universal service funding from the FCC's Rural Health Care Program; Exempt ISPs that serve 250,000 or fewer subscribers from certain transparency rules that require public disclosure of network management practices; and Prevent the FCC from limiting the types of zero-rating (i.e., data cap exemptions) that ISPs can deploy. An additional Republican amendment "would have imposed net neutrality rules but declared that broadband is an information service, [preventing] the FCC from imposing any other type of common-carrier regulations on ISPs," reports Ars Technica. "The committee did approve a Democratic amendment to exempt ISPs with 100,000 or fewer subscribers from the transparency rules, but only for one year."

U.S. authorities gathered information about Huawei through secret surveillance that they plan to use in a case accusing the Chinese telecom equipment maker of sanctions-busting and bank fraud, prosecutors said on Thursday. From a report: Assistant U.S. Attorney Alex Solomon said at a hearing in federal court in Brooklyn that the evidence, obtained under the U.S. Foreign Intelligence Surveillance Act (FISA), would require classified handling. The government notified Huawei in a court filing on Thursday of its intent to use the information, saying it was "obtained or derived from electronic surveillance and physical search," but gave no details. The United States has been pressuring other countries to drop Huawei from their cellular networks, worried its equipment could be used by Beijing for spying. The company says the concerns are unfounded. Brian Frey, a former federal prosecutor who is not involved in the Huawei case, said FISA surveillance, which requires a warrant from a special court, is generally sought in connection with suspected espionage.

Prince Harry, Duke of Sussex, is calling for the ban of popular battle royale game "Fortnite." The prominent member of the British royal family visited a YMCA in West London and spoke to mental health experts about addictive games and social media, saying that the latter is more addictive than drugs or alcohol. From a report: "[Fortnite] shouldn't be allowed," he said. "Where is the benefit of having it in your household? It's created to addict, an addiction to keep you in front of a computer for as long as possible. It's so irresponsible. It's like waiting for the damage to be done and kids turning up on your doorsteps and families being broken down." He also suggested that social media is "more addictive than alcohol and drugs." Further reading: Fortnite Creator Sees Epic Games Becoming as Big as Facebook, Google; and 'Fortnite' May be a Virtual Game, But It's Having Real-life, Dangerous Effects.

Following the release of Visual Studio 2019 for Windows and Mac platforms, Microsoft today is releasing a snap version of Visual Studio Code. A report adds: No, the source-code editor is not the Windows-maker's first snap -- it also released one for Skype, for instance. "As of today, Visual Studio Code is available for Linux as a snap, providing seamless auto-updates for its users. Visual Studio Code, a free, lightweight code editor, has redefined editors for building modern web and cloud applications, with built-in support for debugging, task running, and version control for a variety of languages and frameworks," says Canonical. Joao Moreno, Software Development Engineer, Microsoft Visual Studio Code offers the following statement: "The automatic update functionality of snaps is a major benefit. It is clear there is a thriving community around snaps and that it is moving forward at great pace. The backing of Canonical ensures our confidence in its ongoing development and long-term future."

Microsoft has announced that starting with the Windows 10 May 2019 Update, which will hit general availability late next month, users will no longer be forced to install new Windows 10 feature updates as they become available. From a report: This comes after feedback from users who have had countless issues with updates breaking programs, losing files, and installing at inconvenient times. Microsoft has been working hard to improve Windows Update, and while the system is better than it was at launch in 2015, it's still not perfect. Now, users will have the option to not have to deal with feature updates when they are released.

What Microsoft is doing here is splitting Windows Update in two. The normal "check for updates" button will now only function for security and monthly patches. Feature updates now get their own area in Windows Update where the user can initiate the download and install process for the latest feature update available. If the user doesn't want to initiate that process, they don't have to. The user will be alerted that a new feature update is available every now and then, but at no point will the user be forced to install that update, as long as the version of Windows 10 they're currently running is still in support.

Steven J. Vaughan-Nichols, writing for ComputerWorld : Of course, at one time, to get any work done with a computer, you first had to learn a lot, about computers, operating systems, commands and more. Eventually, "friendly" became the most important adverb in computing circles, and we've reached the point in user-friendliness that people don't even talk about it anymore. Today, Google has shown with its Chrome OS that most of us can pretty much do anything we need to do on a computer with just a web browser. But Google's path is not Microsoft's path. Instead, it's moving us first to Windows as desktop as a service (DaaS) via Microsoft Managed Desktop (MMD). This bundles Windows 10 Enterprise, Office 365 and Enterprise Mobility + Security and cloud-based system management into Microsoft 365 Enterprise.

The next step, Windows Virtual Desktop, enables companies to virtualize Windows 7 and 10, Office 365 ProPlus apps and other third-party applications on Azure-based virtual machines. If all goes well, you'll be able to subscribe to Windows Virtual Desktop this fall. Of course, Virtual Desktop is a play for business users -- for now. I expect Virtual Desktop to be offered to consumers in 2020. By 2025, Windows as an actual desktop operating system will be a niche product. Sound crazy? Uh, you do know that Microsoft already really, really wants you to "rent" Office 365 rather than buy Office 2019, don't you?

But what about games, you say? We'll always have Windows for games! Will we? Google, with its Google Stadia gaming cloud service, is betting we're ready to move our games to the cloud as well. It's no pipe dream. Valve has been doing pretty well for years now with its Steam variation on this theme. So where is all this taking us? I see a world where the PC desktop disappears for all but a few. Most of us will be writing our documents, filling out our spreadsheets and doing whatever else we now do on our PCs via cloud-based applications on smart terminals running Chrome OS or Windows Lite. If you want a "real" PC, your choices are going to be Linux or macOS.

WhatsApp announced this week that it is rolling out changes to its messaging app to give users more control over how they engage with groups, thereby addressing one of the most pronounced privacy issues on the platform. From a report: The Facebook-owned service said users will now have an option to control who can add them to groups. Users can choose between Nobody, My Contacts (people whose phone numbers they have saved in their phone), and Everyone -- assuming they don't have any reservations about random people adding them to different groups. To add someone who has restricted access, users will be required to send a private message to the person with an invite link. That individual can then decide whether they wish to join the group through the invite link, which will be active for 72 hours.

Microsoft, which already offers one of the biggest bug bounty programs, said today it is increasing the payouts it makes and the time it takes to push the payments. From a report: A key change in policy is that Microsoft will no longer wait until a fix has been produced for a bug until making a payout -- now the only requirement is that a bug can be reproduced. This is thanks in part to a partnership with HackerOne. [...] The maximum bounty has increased from $15,000 to $50,000 for the Windows Insider Preview bounty and from $15K to $20K for the Microsoft Cloud Bounty.

The pilots of a doomed Ethiopian Airlines jet followed all of Boeing's recommended procedures when the plane started to nose dive but still couldn't save it, according to findings from a preliminary report released Thursday by the Ethiopian government. From a report: The plane crashed just six minutes after taking off from Addis Ababa, killing all 157 people on board. The report, based on flight data and cockpit voice recorders on the Boeing 737 Max 8, was not released in full. Boeing declined to comment pending its review of the report on the March 10 crash. The Max 8 has been under scrutiny since a Lion Air flight crashed off the coast of Indonesia under similar circumstances in October. Thursday's revelations raise questions about repeated assertions by Boeing and U.S. regulators that pilots could regain control in some emergencies by following steps that include turning off an anti-stall system designed specifically for the Max, known by its acronym, MCAS. Investigators are looking into the role of MCAS, whose functions include automatically lowering the plane's nose to prevent an aerodynamic stall. The Max has been grounded worldwide pending a software fix that Boeing is rolling out, which still needs to be approved by the Federal Aviation Administration and other regulators. Further reading: Flawed Analysis, Failed Oversight: How Boeing, FAA Certified the Suspect 737 MAX Flight Control System.