If you tried hopping on TikTok Sunday, you might have noticed something odd: the app wasn’t working. Outages happen, of course, as anyone who has Verizon can attest. But in the moment, theories were flying left and right. TikTok had just officially moved into U.S. control, leading some to speculate that the outage had something to do with this change in ownership. As one user put it, “TikTok being down days after the people they were forced to sell to take it over does not feel like a coincidence.”

As it happens, it does appear that the changing of the guard was responsible for the outage—just not in the way that some conspiracy theories might suggest. TikTok finally released a statement on X Monday morning, attributing the outage to issues at a U.S. data center. The statement is as follows: “Since yesterday we’ve been working to restore our services following a power outage at a U.S. data center impacting TikTok and other apps we operate. We’re working with our data center partner to stabilize our service. We’re sorry for this disruption and hope to resolve it soon.”

The outage might not be the only thing different about TikTok

For its part, TikTok is very much operational at the moment. If the issue really was just isolated to a power outage at this data center, that data center appears to have patched things up. But that doesn’t mean the company’s reputation is patched up. Users are accusing the app’s new owners of changing the algorithm, complaining of reset For You Pages, irrelevant content in feeds, and AI-generated content. I’ve seen users accuse the app of blocking anti-Trump and anti-ICE content, while comedian Gianmarco Soresi says even some of his non-political TikToks have “zero views,” which he attributes to the ineffectiveness of the people running the app. (I’ve reached out to TikTok for comment on user reports of changes to the algorithm and will update if I hear back.)

We’ll need more time to know whether or not there were serious changes made to TikTok’s algorithm and user feeds in the wake of this sale. But the app is running—at least, for now.

Google is adding Gemini-powered “Suggested times” to Google Calendar, automatically scanning attendees’ calendars to surface the best meeting slots based on availability, work hours, and conflicts. The feature also streamlines rescheduling with one-click alternatives when invitees decline. Digital Trends reports: According to a recent post on the Workspace Updates blog, Gemini in Google Calendar can now help you quickly identify optimal meeting times when creating an event, as long as you have access to the attendees’ calendars. The new “Suggested times” feature scans everyone’s calendars and highlights the best time slots based on availability, working hours, and potential conflicts, eliminating the need to manually check schedules. Google has also made rescheduling simpler. The company explains that if multiple attendees decline your invite, you’ll see a banner in the event showing a time when everyone is available, letting you update the invite with a single click. The feature is being rolled out starting today to eligible Workspace tiers. It will be enabled by default and is expected to reach all eligible users over the next few weeks.

Read more of this story at Slashdot.

I’m something of a treadmill hater. When I do hop on one, it’s only during times when it’s truly unsafe to run outdoors. I know that the treadmill brings all the same physical benefits as running outside (because no, it is not “cheating” on your workout). However, I mourn all the mental perks of spending time outside. That’s why it’s necessary for me to use whatever mental tricks I can to transform a monotonous slog into an actually enjoyable workout. The best part? None of these require special equipment or significant time investment—just small, smart adjustments to your routine. Whatever reason you have for running indoors, here’s how to make the most of your time on the treadmill.

Set your treadmill’s incline to 1%

The treadmill isn’t necessarily easier, but it can sure feel easier. There’s a pervasive myth that the treadmill “moves your feet” and thus makes running easier, but that’s not true.

However, if you do happen to be running at a pace of 7:30 per mile (8.0 mph) or faster, setting the treadmill’s incline to 0.5% or 1% is recommended to mimic outdoor air resistance. For those of us slower than that, the difference is so small as to be meaningless.

Even though I’m not fast enough for it to be an issue, I like to set my treadmill’s incline to 1% because it keeps me engaged mentally. It really is a minor change, and even if it’s “unnecessary,” I appreciate the small challenge to make things feel less boring.

Use a portable fan when running on a treadmill

In my experience, gym fans are unreliable. Overheating is one of the main reasons people quit treadmill workouts early. Indoor running means no natural breeze, so your temperature rises faster than it would outside.

If you can’t find a treadmill with a solid fan nearby (or built-in), use your own portable fan. I like to set it up to hit me at chest level. Trust me, the same effort feels way easier when you’re not overheating.

Improve your form when running on a treadmill

Staring at the console could be killing your running form. When you look down at the display, your neck tilts forward, your shoulders round, and your stride shortens.

Instead, pick a spot on the wall ahead of you—roughly the same spot you’d look at when running outside. Check your stats with quick glances rather than sustained staring. A lot of the times, I cover the display with a towel during speed work to avoid the temptation. Your posture will improve dramatically, and you might find running feels more natural.

Keep your hands off the handrails

The purpose of your treadmill run is to mimic natural walking and running strides as best you can. Holding onto the handrail can throw that off. Using the handrails transfers the workload meant for your legs and core into your upper body. If you feel the need to hold onto the handrails, it’s not the end of the world. But if it makes your workout significantly easier, think about what that likely means for the amount of work you’re putting into—and getting out of—your run.

Use music to better pace yourself on the treadmill

I love crafting a playlist that also works as a pacing mechanism. Songs have a tempo measured in beats per minute (BPM), and your running cadence (steps per minute) responds subconsciously to music tempo.

Although there is no single “perfect” cadence, most runners fall around 160-180 steps per minute. Match your playlist to your target pace: slower songs for warm-ups and recovery, 150-160 BPM for easy runs, and 170-180 BPM for tempo work. Spotify even has running playlists organized by BPM. If nothing else, a good playlist will keep you motivated on such a monotonous machine.

Play the “descending intervals” mental game

Running hard intervals when you’re already tired is tough. Flip the script with descending intervals: Start with your longest, hardest effort when you’re fresh, then gradually decrease the interval length.

For example: Five minutes hard, two minutes easy, then four minutes hard, two minutes easy, working down to one minute hard. Psychologically, this can feel much more manageable because each interval is easier than the last. You’re essentially creating momentum that carries you through the workout, rather than dreading increasingly difficult efforts.

Visualize a virtual route while running on the treadmill

Combat treadmill boredom by mentally running a familiar outdoor route. Close your eyes briefly (only if you’re comfortable and safe doing so) and visualize running through your neighborhood, a favorite trail, or even a dream destination.

Take this further by matching your treadmill workout to the actual route profile. If there’s a hill three miles into your usual run, increase the incline at the corresponding time on your treadmill. You could even use Google Maps street view before your workout to refresh your memory. For me, this mental trick makes time pass faster and maintains the connection between indoor and outdoor running.

Motivate yourself with negative splits

Running negative splits on the treadmill—where your second half is faster than your first—is a classic race-oriented goal. Start your run at a comfortable pace, then increase speed by 0.1-0.2 mph every 5-10 minutes.

This approach works because it forces you to start conservatively, preventing the common mistake of burning out early. It also means you finish strong, and hey, that could help create a positive psychological association with treadmill running. More importantly, if you do have a race on the horizon, this type of workout trains your body to maintain energy for when it matters most.

Practice using the treadmill’s emergency stop feature

Most people either ignore the safety clip entirely or fumble with it ineffectively. Practice your emergency stop before you need it. While walking slowly, pull the clip intentionally to see how the treadmill responds. Knowing exactly what happens when you pull it means you won’t panic if you stumble. Hopefully you won’t need to use it, but this little practice could prevent a serious injury.

Do a post-workout incline stretch

Here’s my recovery hack of the day: After your run, leave the treadmill at a 10-15% incline, turn it off, and use it for calf and Achilles stretches. Stand on the belt with your toes elevated and heels dropped down. The incline creates the perfect angle for a deep, effective stretch.

Hold for 30 seconds on each leg. This takes advantage of equipment you already have and addresses the tight calves that plague many treadmill runners. It’s convenient, effective, and helps prevent the dreaded treadmill-induced stiffness.

The bottom line

The treadmill doesn’t have to be a “necessary evil.” With these hacks, you can make indoor running safer, more effective, and genuinely more enjoyable. And who knows? Maybe one day I’ll finally appreciate the unique benefits the treadmill offers: consistent pacing, controlled conditions, and the ability to execute very specific workouts regardless of weather.

An anonymous reader quotes a report from the BBC: Google has agreed to pay $68 million to settle a lawsuit claiming it secretly listened to people’s private conversations through their phones. […] the lawsuit claimed Google Assistant would sometimes turn on by mistake — the phone thinking someone had said its activation phrase when they had not — and recorded conversations intended to be private. They alleged the recordings were then sent to advertisers for the purpose of creating targeted advertising. The proposed settlement was filed on Friday in a California federal court, and requires approval by US District Judge Beth Labson Freeman.

The claim has been brought as a class action lawsuit rather than an individual case — meaning if it is approved, the money will be paid out across many different claimants. Those eligible for a payout will have owned Google devices dating back to May 2016. But lawyers for the plaintiffs may ask for up to one-third of the settlement — amounting to about $22 million in legal fees. The tech firm also denied any wrongdoing, as well as claims that it “recorded, disclosed to third parties, or failed to delete, conversations recorded as the result of a Siri activation” without consent.

Read more of this story at Slashdot.

Google has agreed to a $68 million settlement regarding claims that its voice assistant inappropriately spied on smartphone users. Plaintiffs claimed that the company’s Google Assistant platform began listening to them after it misheard conversations that sounded like its wake words. The suit argued that private information that Google Assistant shouldn’t have heard was then used to deliver those individuals targeted ads. 

Reuters reported that Google denied wrongdoing in the suit, but according to court papers, the company agreed to a settlement in order to avoid the risk and costs of litigating the issue. The preliminary class action settlement was filed on Friday and now awaits approval from U.S. District Judge Beth Labson Freeman.

Google has been transitioning away from the Google Assistant platform in the past year, replacing it with its Gemini tool. Not that AI chatbots should be trusted as paragons of privacy either.

Apple faced a very similar allegations around its Siri voice assistant in 2019; that class-action suit ended in a $95 million settlement in January 2025. Not sure if a reward of $20 per device feels sufficient when these companies are accidentally overhearing deeply personal conversations and details, but that’s how the justice system shakes out some times.

This article originally appeared on Engadget at https://www.engadget.com/big-tech/google-agrees-to-68-million-settlement-in-voice-assistant-privacy-lawsuit-222405727.html?src=rss

Impersonation scams are everywhere: bad actors are constantly trying to convince you that they represent organizations like LinkedIn, PayPal, your bank, the FBI, the FTC, and the IRS as they look to steal your money and information. When it comes to phishing schemes, which typically try to trick you into handing over sensitive data or account credentials via malicious links, tech brands are (perhaps not surprisingly) among the most commonly spoofed.

A recent report from Check Point Research found that Microsoft was imitated in nearly a quarter of all branded phishing attempts in Q4 of last year—nearly double the next most-impersonated company.

The most popular brands for phishing scams

According to researchers, tech companies and social networks are consistently among the most popular brands for impersonators running phishing scams, with the following share in the final quarter of last year:

1. Microsoft: 22%

2. Google: 13%

3. Amazon: 9%

4. Apple: 8%

5. Facebook (Meta): 3%

6. PayPal: 2%

7. Adobe: 2%

8. Booking: 2%

9. DHL: 1%

10. LinkedIn: 1%

While you should always be on guard for common phishing tactics, it’s wise to be especially wary of unsolicited communication from any of the companies listed—especially if that communication is related to account security and/or urges you to click a link. We’ve covered at least one campaign involving nearly every brand here, all of which are known and largely trusted among users, making them prime targets for these types of scams. Check Point notes that stolen Microsoft and Google credentials are particularly valuable because they’re widely used in day-to-day workflows.

Common phishing tactics

Broadly speaking, a phishing scam starts with an email, text, or social media message that appears to be from a legitimate source. It likely asks you to update or verify personal information—often related to a payment or account security—with a link to what appears to be the company’s website or login page. Of course, this link leads instead to a spoofed version of that site designed to harvest your credentials, credit card number, bank details, or other personal data, which scammers can then use for identity theft, account takeover, or purchase fraud.

Note that while the above methods are among the most common, phishing can also happen via phone call, voicemail, and malicious browser pop-ups.

How to protect against branded phishing attacks

As we mentioned, just because you generally trust a company doesn’t mean you should blindly trust all communication from it. If you receive a message that is unprompted, sounds urgent, and is unrelated to any recent action on your part (such as a login attempt or bill payment), do not engage with it. Don’t click any links, open any attachments, or respond directly. Look out for typos and other errors, including the original sender—though as scammers have found ways to appear verified, this isn’t always an obvious red flag.

If you’re unsure about the contents of the message, go directly to the website or app and log in to see any legitimate alerts. A password manager offers an extra layer of security here, as it’ll protect you from entering credentials on a spoofed page.

Finally, enable a strong, phishing-resistant form of multi-factor authentication everywhere you can, and especially for high-use and high-value accounts like Microsoft and Google. If your credentials are compromised, threat actors won’t have that additional factor to utilize them.

The chair of a federal vaccine advisory panel under anti-vaccine Health Secretary Robert F. Kennedy Jr. made his stance clear on vaccines in a podcast last week—and that stance was so alarming that the American Medical Association was compelled to respond with a scathing statement.

Kirk Milhoan, who was named chair of the Advisory Committee on Immunization Practices for the Centers for Disease Control and Prevention in December, appeared on the aptly named podcast “Why Should I Trust You.” In the hour-long interview, Milhoan made a wide range of comments that have concerned medical experts and raised eyebrows.

Early into the discussion, Milhoan, a pediatric cardiologist, declared, “I don’t like established science,” and that “science is what I observe.” He lambasted the evidence-based methodology that previous ACIP panels used to carefully and transparently craft vaccine policy.

Read full article

Comments

I am a self-professed AI skeptic. I have yet to really find much of a need for all these AI-powered assistants, as well as many AI-powered features. The most useful applications in my view are subtle—the rest seem better suited for shareholders than actual people.

And yet, the AI believers have a new tool they’re very excited about, which is now all over my feeds: Clawdbot. Could this agentic AI assistant be the thing that makes me a believer as well? Spoiler alert: probably not.

What is Clawdbot?

If you’re deep in the online AI community, you probably already know about Clawbot. For the rest of us, here’s the gist: Clawdbot is a “personal AI assistant” designed to run locally on your devices, as opposed to cloud-based options. (Think ChatGPT, Gemini, or Claude.) In fact, Clawdbot runs any number of AI models, including those from Anthropic, OpenAI, Google, xAI, and Perplexity. While you can run Clawdbot on Mac, Linux, and Windows, many online are opting to install the bot on dedicated Mac mini setups, leading to one part of the assistant’s virality.

But there are other AI assistants that can be run locally—one thing that makes Clawdbot unique is that you communicate with it through chat apps. Which app you use is up to you, as Clawdbot works with apps like Discord, Google Chat, iMessages, Microsoft Teams, Signal, Telegram, WebChat, and WhatsApp. The idea is that you “text” Clawdbot as you would a friend or family member, but it acts as you’d expect an AI assistant to—except, maybe more so.

That’s because, while Clawdbot can certainly do the things an AI bot like ChatGPT can, it’s meant more for agentic tasks. In other words, Clawdbot can do things for you, all while running in the background on your devices. The bot’s official website advertises that it can clear your inbox, send emails, manage your calendar, and check you in for flights—though power users are pushing the tool to do much more.

Clawdbot works with a host of apps and services you might use yourself. That includes productivity apps like Apple Notes, Apple Reminders, Things 3, Notion, Obsidian, Bear Notes, Trello, GitHub; music apps like Spotify, Sonos, and Shazam; smart home apps like Philips Hue, 8Sleep, and Home Assistant; as well as other major apps like Chrome, 1Password, and Gmail. It can generate images, search the web for GIFs, see your screen, take photos and videos, and check the weather. Based on the website alone, it has a lengthy résumé.

The last big point here is that Clawdbot has an advertised “infinite” memory. That means the bot “remembers” every interaction you’ve ever had with it, as well as all the actions it’s taken on your behalf. In theory, you could use Clawdbot to build apps, run your home, or manage your messages, all within the context of everything you’ve done before. In that, it’d really be the closest thing to a “digital assistant” we’ve seen on this scale. These assistants have been mostly actionable—you ask the bot what you want to know or what you want done, and it (hopefully) acts accordingly. But the ideal version of Clawdbot would do all those things for you without you needing to ask.

It’s not just fans talking about Clawdbot

Not everyone is psyched about Clawdbot, though. Take this user, who jokes that, after four messages, the bot made a reservation, then, after six messages, was able to send a calendar invite, only to cost $87 in Opus 4.7 tokens. This user came up with a story (at least I hope it’s a story) where they give Clawdbot access to their stock portfolio and tasked it with making $1 million without making mistakes. After thousands of reports, dozens of strategies, and many scans of X posts, it lost everything. “But boy was it beautiful.”

I particularly like this take, which reads: “[I’ve] made a tragic discovery using [Clawdbot.] [There] simply aren’t that many tasks in my personal life that are worth automating.” There are also some jabs from what appear to be anti-AI users, like this one, that imagines a Clawdbot user with no job living in their parent’s basement, asking the bot to do their tasks for the day.

As with all things AI, there are many thoughts, opinions, and criticisms here, especially considering how viral this new tool is. But the main critique seems to be that Clawdbot requires a lot (in terms of hardware, power, and privacy) without really offering much in return. Sure, it can do things for you, but do you really need a bot booking your plane tickets, or combing through your emails? The answer to that, I suppose, is up to each of us, but the “backlash,” if you can call it that, is likely coming from people who would answer “no.”

How to try Clawdbot

If you want to try Clawdbot, you’ll likely need to have some technical experience first. You can get started from Clawdbot’s official github page, as well as Clawdbot’s “Getting started” guide. According to this page, you’ll begin by running the Clawdbot onboarding wizard, which will set you up with the gateway, workspace, channels, and skills. This works on Mac, Linux, and Windows, and while you won’t need a Mac mini, it seems to be what the Clawdbot crowd is running with.

Full disclosure: Clawdbot and its setup go beyond my expertise, and I will not be installing it on my devices. However, if you have the knowledge to follow these instructions, or the will to learn, the developer has the steps listed in the links above.

How secure is Clawdbot?

While I likely wouldn’t install Clawdbot on my device anyway, the privacy and security implications here definitely keep me away.

The main issue with Clawdbot is that it has full control and access over whichever device you run it on, as well as any of the software that is running therein. That makes sense, on the surface: How is an agentic AI supposed to do things on your behalf if it does have access to the apps and hardware necessary for execution?

But the inherent security risk with any program like this involves prompt injection. Bad actors could sneak their own AI prompts into otherwise innocent sites and programs. When your bot crawls the text as it completes your task, it intercepts the prompt, and, thinking it’s from you, executes that prompt instead. It’s the main security flaw with AI browsers, and it could affect something like Clawdbot, too. And since you’ve given Clawdbot control over your entire computer and everything in it…yikes. Bad actors could manipulate Clawdbot to theoretically send DMs to anyone they like, run malicious programs, read and write files on your computer, trick Clawdbot into accessing your private data, and learn about your hardware for further cyber attacks.

In Clawdbot’s case, these prompt injections could come from a number of sources. They could come from messages via bad actors through the chat apps you communicate through Clawdbot, they could come from the browsers you use to access the internet, and they could come from plugins you run on various programs, to name a few possibilities.

Clawdbot does have a security guide on its site that walks you through ways to shore up your defenses while using Clawdbot. The developer admits that running an AI agent with shell access on your machine is “spicy,” that this is both a product and an experiment, and that there is no “perfectly secure” setup. That said, there are security features built in here that serve a purpose and attempt to limit who can access Clawdbot, where Clawdbot can go, and what Clawdbot can do. That could involve locking down DMs, viewing links and attachments as “hostile” by default, reducing high-risk tools, and running modern AI models that have better protections against prompt injection.

Still, the whole affair is too risky for me, especially considering I’m not sure I really want an AI assistant in the first place. I think companies believe we want to offload tasks like calendars, messages, and creation to bots, to save us time from menial to-do lists. Maybe some do, but I don’t. I want to know who is reaching out to me and why, and not trust an AI to decide what messages are worth my attention. I want to write my own emails and know what events I have on my own calendar. I also want access to my own computer. Maybe some people trust AI enough to handle all these things for them—if it makes me a luddite to feel the opposite, so be it.

The Trump administration is planning to use AI to write federal transportation regulations, ProPublica reported on Monday, citing the U.S. Department of Transportation records and interviews with six agency staffers. From the report: The plan was presented to DOT staff last month at a demonstration of AI’s “potential to revolutionize the way we draft rulemakings,” agency attorney Daniel Cohen wrote to colleagues. The demonstration, Cohen wrote, would showcase “exciting new AI tools available to DOT rule writers to help us do our job better and faster.”

Discussion of the plan continued among agency leadership last week, according to meeting notes reviewed by ProPublica. Gregory Zerzan, the agency’s general counsel, said at that meeting that President Donald Trump is “very excited about this initiative.” Zerzan seemed to suggest that the DOT was at the vanguard of a broader federal effort, calling the department the “point of the spear” and “the first agency that is fully enabled to use AI to draft rules.” Zerzan appeared interested mainly in the quantity of regulations that AI could produce, not their quality. “We don’t need the perfect rule on XYZ. We don’t even need a very good rule on XYZ,” he said, according to the meeting notes. “We want good enough.” Zerzan added, “We’re flooding the zone.”

These developments have alarmed some at DOT. The agency’s rules touch virtually every facet of transportation safety, including regulations that keep airplanes in the sky, prevent gas pipelines from exploding and stop freight trains carrying toxic chemicals from skidding off the rails. Why, some staffers wondered, would the federal government outsource the writing of such critical standards to a nascent technology notorious for making mistakes? The answer from the plan’s boosters is simple: speed. Writing and revising complex federal regulations can take months, sometimes years. But, with DOT’s version of Google Gemini, employees could generate a proposed rule in a matter of minutes or even seconds, two DOT staffers who attended the December demonstration remembered the presenter saying.

Read more of this story at Slashdot.

From the Department of Bizarre Anomalies: Microsoft has suppressed an unexplained anomaly on its network that was routing traffic destined to example.com—a domain reserved for testing purposes—to a maker of electronics cables located in Japan.

Under the RFC2606—an official standard maintained by the Internet Engineering Task Force—example.com isn’t obtainable by any party. Instead it resolves to IP addresses assigned to Internet Assiged Names Authority. The designation is intended to prevent third parties from being bombarded with traffic when developers, penetration testers, and others need a domain for testing or discussing technical issues. Instead of naming an Internet-routable domain, they are to choose example.com or two others, example.net and example.org.

Misconfig gone, but is it fixed?

Output from the terminal command cURL shows that devices inside Azure and other Microsoft networks have been routing some traffic to subdomains of sei.co.jp, a domain belonging to Sumitomo Electric. Most of the resulting text is exactly what’s expected. The exception is the JSON-based response. Here’s the JSON output from Friday:

Read full article

Comments

Google is rolling out a Gemini feature that could turn out to be pretty useful for many folks. It’s a Google Calendar tool that can help figure out the best time to schedule a meeting, taking into account attendees’ schedules. When creating a meeting, you can click the “Suggested times” option and Gemini will look at the availability that people have marked on their calendar and potential conflicts. You’ll then be able to choose from a list of suggested time slots.

But the time you pick may not work for everyone. So if multiple people decline the meeting invite, you can reschedule by going to the event. You’ll see a time when everyone is available and you can quickly update the invite.

There are a few catches here. Naturally, this will only work properly when meeting organizers have access to attendees’ calendars. It’s also limited to paid users who are on Google Workspace Business (Standard and Plus) and Enterprise (Standard and Plus) plans, as well as those with the Google AI Pro for Education add-on. The feature is available now on Rapid Release domains and it’ll start rolling out to Scheduled Release domains on February 2.

This article originally appeared on Engadget at https://www.engadget.com/ai/google-aims-to-take-the-sting-out-of-scheduling-meetings-with-a-new-gemini-feature-204853761.html?src=rss