forbesnewsbbc.site

Tag: latest tech innovations

  • The best ergonomic mouse for 2025

    The best ergonomic mouse for 2025


    A mouse may seem like a small consideration for your workstation setup. But after you’ve addressed the crucial ergonomics — raising your monitor to eye-level, using the right keyboard and taking frequent breaks throughout your workdays — it’s a good idea to make sure the mouse you use is comfortable as well. People dealing with conditions like carpal tunnel and wrist pain may be interested in finding the best ergonomic mouse for them. Vertical and semi-vertical designs turn your palm towards your midline instead of downwards, creating a handshake position that may feel more natural. Others employ a trackball to minimize the work your shoulder has to do in a day. I tested out more than 20 highly regarded ergonomic mice to come up with recommendations for vertical, semi-vertical, trackball and more, along with advice about the merits of the different ergonomic designs.

    • What to look for in an ergonomic mouse

    • How we test ergonomic mice

    • Best ergonomic mouse for 2025

    • Other ergonomic mice we tested

    Like everything related to ergonomics, the mouse design that works best for you will depend on your body and what you need to do on a typical day. So the shapes, added features and how the mouse communicates with your computer will determine which you should get.

    When we’re talking about ergonomic mice for productivity purposes, it usually refers to mice that look distinctly different from the standard, typically with shapes that tilt your hand towards a more “handshake” position instead of facing your palm downward. A vertical ergonomic mouse has the most severe up-and-down angle, semi-vertical mice split the difference and trackball models stay put on your desk while your thumb controls the movement of the cursor. Gaming mice have an ergonomic category as well, but that simply refers to a mouse with curves designed to fit either the right or left hand. It differentiates those mice from ambidextrous models, which don’t conform to a particular hand.

    Each of three ergonomic mice shapes can help address different concerns. If you’re trying to avoid twisting your forearm, a vertical mouse could be what you need. Clicking a vertical mouse feels more like pinching your finger and thumb together, which could relieve certain other wrist issues as well.

    A semi-vertical mouse feels the most like a traditional computer mouse, with an angle closer to 50 or 60 degrees from your desk. Semi-vertical mouse clicks can feel easier too, since you’re pushing down instead of pinching. Some vertical and semi-vertical mice have an optional flange that supports the heel of your palm. Instead of pivoting on those bones to make your cursor move, your palm and wrist stay aligned and the entire arm controls the motion.

    A trackball mouse can also keep your wrist from bending, as it keeps your forearm planted. My personal struggle is with neck and shoulder tension, so trackballs and very lightweight vertical mice work best for me as their configuration lets me keep my forearm from moving. 

    As this guide focuses on productivity mice, gaming-specific stats like polling rates and IPS values don’t really come into play. (My colleague Jeff Dunn does a good job of explaining those metrics in his gaming mouse review guide.) What matters here are numbers like DPI, or dots per inch, which indicates how sensitive a mouse is. The higher the setting, the faster your cursor will move across the screen. Low DPI settings let you do precision work like pixel-by-pixel editing in Photoshop. All the mice here have at least two and as many as five settings, ranging from 400 to 3,200 DPI. Mice that make it easy to switch from high to low DPI might make sense if you do a lot of detailed work.

    Weight makes a difference in vertical and semi-vertical mice (but not trackballs, since they stay put). A lighter model will be easier to move around, which could put less strain on your wrist and arm. That said, a little weight can make your movements feel more precise. For reference, a featherweight gaming mouse might weigh 45 grams and a large vertical mouse with a flange attached might weigh 140 grams. The latter may feel a little heavy, but if it has smooth feet and is used with a decent mouse pad, it will feel lighter.

    It’s always nice to have easily clickable buttons, but that matters even more when body health is a concern. Pressing hard on a button tenses up my arm and shoulder like nobody’s business. Since it’s an action desk workers perform hundreds or thousands of times a day, it’s essential that it be effortless — nothing ruled out a mouse quicker in my tests than tough buttons.

    All mice have the basics: a right and left button and a scroll wheel. All mice in this guide also have a DPI selector button. Some have other functions such as a scroll wheel that can click with a press or handle horizontal scrolling by tilting the wheel to the right or left. Many also have back and forward buttons for browser windows, and sometimes those two are programmable to perform different functions in other apps.

    More complex mice have additional buttons to customize, typically using a mouse’s proprietary software. Depending on that software, you can set buttons to mute calls, copy and paste, undo and redo, switch tabs and more. Performing multiple functions without extraneous movement is a big plus in ergonomic design. Of course, there are a number of keyboards that let you program multiple functions into specific keys, which cuts down on superfluous movement even more, which you can read about in our ergonomic keyboard guide.

    All the mice here will work with Mac’s operating system as well as Microsoft Windows, and some work with Chrome, Linnux and even iPadOS (though I didn’t test those) as well. They connect in three ways: Wired, via Bluetooth or with a 2.4Ghz wireless dongle. More devices have incorporated USB-C interfaces, but most mice still use USB-A. So if you have a laptop that only sports USB-C ports (looking at you, MacBook), you’ll need an adapter to use a wired or dongle-enabled mouse. You can use a hub or docking station for this purpose, but in testing this guide, I ran into connectivity issues using a wireless USB receiver in a docking station, particularly when there wasn’t a direct and completely clear path between the mouse and receiver. Everything worked far more reliably with just a direct USB-C to A adapter.

    The difference between wireless and Bluetooth is twofold: a wireless dongle connection tends to be quicker to set up. You just plug in the accessory, turn on the mouse (potentially granting permission for the device) and you’re set. For Bluetooth, you need to open the settings menu, activate pairing mode on the mouse, search for the mouse and then click connect. There’s also a bit more latency when using Bluetooth versus a wireless mouse. It’s not something most people will notice doing workaday stuff, but if you plan on playing some Overwatch after hours and want to use the same mouse, you might want to go with the faster, 2.4Ghz route.

    After many hours of research and reading reviews, I gathered just over 20 mice with good claims to ergonomic design to test in my work setup. I mostly tried out mice geared towards a work-from-home or office setting, as opposed to gaming (we have a whole guide dedicated to that topic). I used each mouse for a few hours or a few days, noting how well they felt as well as how they performed. I mostly used a MacBook Pro M1 but verified Windows compatibility with an Asus ROG Strix laptop. For reference, my right hand measures 7.25 inches from the wrist crease to the tip of my middle finger, which is just under average for a man and large for a woman.

    Logitech mice have made many appearances in our guides over the years. In our guide to the best productivity mice, we name the Logitech MX Master 3S the best wireless mouse you can get. As I considered its merits as a mouse, it was indeed an impressive option — it connected flawlessly, has a useful sideways wheel as well as the traditional scroll feature and the thumb rest is a nice touch. But the ergonomics didn’t quite do it for me as it holds your hand in the standard, palm-down, claw-grip position.

    The Logi Lift Vertical is likely one of the more popular ergonomic mice out there. It’s fairly lightweight, has an attractive design with a nice feel to the exterior. The buttons are easy to click and nearly silent. It also connects quickly using either Bluetooth or a dongle. Unfortunately, it doesn’t glide across the mouse pad all that smoothly, and the pinch grip the design requires actually aggregated my wrist. The cursor movements are fairly precise, though I occasionally had trouble getting the cursor to land just where I wanted it. Also, it’s small; my hands are too large for the Lift. Logitech’s Logitech MX Vertical is essentially a larger version, but again, the skinnier shape was uncomfortable in my hands and it was tough to get the cursor to go where I wanted it to.

    The HP 920 ergonomic vertical also has a flange for resting your palm, but it makes the mouse overly heavy to move around. Without it, however, it’s an extremely comfortable mouse with a premium feel, rechargeable battery, and two programmable thumb buttons. Unfortunately, the cursor movement was frustratingly imprecise and didn’t go exactly where I pointed, forcing a number of corrections — and extraneous movement is what we’re trying to avoid in ergonomic setups.

    Apart from the rather loud clicks, I was impressed with the build and performance of the Turtle Beach Pure Air. It’s lightweight, moves smoothly, and has impressively accurate cursor movements. But despite being labeled an ergonomic mouse, it’s particularly light on the ergonomics. There’s a divot for your right thumb, so it can’t be called ambidextrous, but beyond that it’s a pretty standard (albeit quite nice) gaming mouse.

    The PERIMICE-719 from Perixx is a solid mouse with an exterior that feels nice to the touch. It has a comfortable, semi-vertical design, accurate cursor moves and a satisfyingly ratcheted scroll wheel. Plus, it offers reliable connectivity with a wireless dongle and only costs $22. Unfortunately, it was too small for my hand. Only folks with smaller glove sizes (or don’t mind adopting more of a fingertip grip) will be able to get the most out of this one.

    The Anker 2.4G mouse could make a decent budget pick for anyone who doesn’t mind using more of a pinch grip on their peripheral. It’s lightweight and has a precise scroll wheel along with back and forward browser buttons. It’s battery operated, but doesn’t come with batteries and only connects via the included USB radio dongle. I also found the buttons a little harder to press which ultimately eliminated it from the running.  

    This article originally appeared on Engadget at https://www.engadget.com/computing/accessories/best-ergonomic-mouse-120004931.html?src=rss


  • The TechCrunch Cyber Glossary | TechCrunch

    The TechCrunch Cyber Glossary | TechCrunch


    The cybersecurity world is full of jargon and lingo. At TechCrunch, we have been writing about cybersecurity for years, and we frequently use technical terms and expressions to describe the nature of what is happening in the world. That’s why we have created this glossary, which includes some of the most common — and not so common — words and expressions that we use in our articles, and explanations of how, and why, we use them. 

    This is a developing compendium, and we will update it regularly. If you have any feedback or suggestions for this glossary, get in touch.

    An advanced persistent threat (APT) is often categorized as a hacker, or group of hackers, which gains and maintains unauthorized access to a targeted system. The main aim of an APT intruder is to remain undetected for long periods of time, often to conduct espionage and surveillance, to steal data, or sabotage critical systems.

    APTs are traditionally well-resourced hackers, including the funding to pay for their malicious campaigns, and access to hacking tools typically reserved by governments. As such, many of the long-running APT groups are associated with nation states, like China, Iran, North Korea, and Russia. In recent years, we’ve seen examples of non-nation state cybercriminal groups that are financially motivated (such as theft and money laundering) carrying out cyberattacks similar in terms of persistence and capabilities as some traditional government-backed APT groups.

    (See: Hacker)

    An adversary-in-the-middle (AitM) attack, traditionally known as a “man-in-the-middle” (MitM), is where someone intercepts network traffic at a particular point on the network in an attempt to eavesdrop or modify the data as it travels the internet. This is why encrypting data makes it more difficult for malicious actors to read or understand a person’s network traffic, which could contain personal information or secrets, like passwords. Adversary-in-the-middle attacks can be used legitimately by security researchers to help understand what data goes in and out of an app or web service, a process that can help identify security bugs and data exposures.

    The ability to run commands or malicious code on an affected system, often because of a security vulnerability in the system’s software. Arbitrary code execution can be achieved either remotely or with physical access to an affected system (such as someone’s device). In the cases where arbitrary code execution can be achieved over the internet, security researchers typically call this remote code execution. 

    Often, code execution is used as a way to plant a back door for maintaining long-term and persistent access to that system, or for running malware that can be used to access deeper parts of the system or other devices on the same network. 

    (See also: Remote code execution)

    Attribution is the process of finding out and identifying who is behind a cyberattack. There is an often repeated mantra, “attribution is hard,” which is to warn cybersecurity professionals and the wider public that definitively establishing who was behind a cyberattack is no simple task. While it is not impossible to attribute, the answer is also dependent on the level of confidence in the assessment.

    Threat intelligence companies such as CrowdStrike, Kaspersky, and Mandiant, among others, have for years attributed cyberattacks and data breaches to groups or “clusters” of hackers, often referencing groups by a specific codename, based on a pattern of certain tactics, techniques and procedures as seen in previous attacks. Some threat intelligence firms go as far as publicly linking certain groups of hackers to specific governments or their intelligence agencies when the evidence points to it. 

    Government agencies, however, have for years publicly accused other governments and countries of being behind cyberattacks, and have gone as far as identifying — and sometimes criminally charging — specific people working for those agencies.

    A backdoor is a subjective term, but broadly refers to creating the means to gain future access to a system, device, or physical area. Backdoors can be found in software or hardware, such as a mechanism to gain access to a system (or space) in case of accidental lock-out, or for remotely providing technical support over the internet. Backdoors can have legitimate and helpful use cases, but backdoors can also be undocumented, maliciously planted, or otherwise unknown to the user or owner, which can weaken the security of the product and make it more susceptible to hacking or compromise.

    TechCrunch has a deeper dive on encryption backdoors.

    Hackers historically have been categorized as either “black hat” or “white hat,” usually depending on the motivations of the hacking activity carried out. A “black hat” hacker may be someone who might break the law and hack for money or personal gain, such as a cybercriminal. “White hat” hackers generally hack within legal bounds, like as part of a penetration test sanctioned by the target company, or to collect bug bounties finding flaws in various software and disclosing them to the affected vendor. For those who hack with less clearcut motivations, they may be regarded as a “gray hat.” Famously, the hacking group the L0pht used the term gray hat in an interview with The New York Times Magazine in 1999. While still commonly used in modern security parlance, many have moved away from the “hat” terminology. 

    (Also see: Hacker, Hacktivist)

    Botnets are networks of hijacked internet-connected devices, such as webcams and home routers, that have been compromised by malware (or sometimes weak or default passwords) for the purposes of being used in cyberattacks. Botnets can be made up of hundreds or thousands of devices and are typically controlled by a command-and-control server that sends out commands to ensnared devices. Botnets can be used for a range of malicious reasons, like using the distributed network of devices to mask and shield the internet traffic of cybercriminals, deliver malware, or harness their collective bandwidth to maliciously crash websites and online services with huge amounts of junk internet traffic. 

    (See also: Command-and-control server; Distributed denial-of-service)

    A brute-force attack is a common and rudimentary method of hacking into accounts or systems by automatically trying different combinations and permutations of letters and words to guess passwords. A less sophisticated brute-force attack is one that uses a “dictionary,” meaning a list of known and common passwords, for example. A well designed system should prevent these types of attacks by limiting the number of login attempts inside a specific timeframe, a solution called rate-limiting. 

    A bug is essentially the cause of a software glitch, such as an error or a problem that causes the software to crash or behave in an unexpected way. In some cases, a bug can also be a security vulnerability. 

    The term “bug” originated in 1947, at a time when early computers were the size of rooms and made up of heavy mechanical and moving equipment. The first known incident of a bug found in a computer was when a moth disrupted the electronics of one of these room-sized computers.

    (See also: Vulnerability)

    Command-and-control servers (also known as C2 servers) are used by cybercriminals to remotely manage and control their fleets of compromised devices and launch cyberattacks, such as delivering malware over the internet and launching distributed denial-of-service attacks.

    (See also: Botnet; Distributed denial-of-service)

    This is a word that can have two meanings depending on the context. Traditionally, in the context of computer science and cybersecurity, crypto is short for “cryptography,” the mathematical field of coding and decoding messages and data using encryption.

    Crypto has more recently also become short for cryptocurrency, such as Bitcoin, Ethereum, and the myriad blockchain-based decentralized digital currencies that have sprung up in the last fifteen years. As cryptocurrencies have grown from a niche community to a whole industry, crypto is now also used to refer to that whole industry and community. 

    For years, the cryptography and cybersecurity community have wrestled with the adoption of this new meaning, going as far as making the phrases “crypto is not cryptocurrency” and “crypto means cryptography” into something that features on its own dedicated website and even T-shirts. 

    Languages change over time depending on how people use words. As such, TechCrunch accepts the reality where crypto has different meanings depending on context, and where the context isn’t clear, then we spell out cryptography, or cryptocurrency. 

    Cryptojacking is when a device’s computational power is used, with or without the owner’s permission, to generate cryptocurrency. Developers sometimes bundle code in apps and on websites, which then uses the device’s processors to complete complex mathematical calculations needed to create new cryptocurrency. The generated cryptocurrency is then deposited in virtual wallets owned by the developer. 

    Some malicious hackers use malware to deliberately compromise large numbers of unwitting computers to generate cryptocurrency on a large and distributed scale.

    The world wide web is the public content that flows across the pipes of the internet, much of what is online today is for anyone to access at any time. The “deep web,” however, is the content that is kept behind paywalls and member-only spaces, or any part of the web that is not readily accessible or browsable with a search engine. Then there is the “dark web,” which is the part of the internet that allows users to remain anonymous but requires certain software (such as the Tor Browser) to access, depending on the part of the dark web you’re trying to access.

    Anonymity benefits those who live and work in highly censored or surveilled countries, but it also can benefit criminals. There is nothing inherently criminal or nefarious about accessing the dark web; many popular websites also offer dark web versions so that users around the world can access their content. TechCrunch has a more detailed explainer on what the dark web is.

    When we talk about data breaches, we ultimately mean the improper removal of data from where it should have been. But the circumstances matter and can alter the terminology we use to describe a particular incident. 

    A data breach is when protected data was confirmed to have improperly left a system from where it was originally stored and usually confirmed when someone discovers the compromised data. More often than not, we’re referring to the exfiltration of data by a malicious cyberattacker or otherwise detected as a result of an inadvertent exposure. Depending on what is known about the incident, we may describe it in more specific terms where details are known.

    (See also: Data exposure; Data leak)

    A data exposure (a type of data breach) is when protected data is stored on a system that has no access controls, such as because of human error or a misconfiguration. This might include cases where a system or database is connected to the internet but without a password. Just because data was exposed doesn’t mean the data was actively discovered, but nevertheless could still be considered a data breach. 

    A data leak (a type of data breach) is where protected data is stored on a system in a way that it was allowed to escape, such as due to a previously unknown vulnerability in the system or by way of insider access (such as an employee). A data leak can mean that data could have been exfiltrated or otherwise collected, but there may not always be the technical means, such as logs, to know for sure.

    Deepfakes are AI-generated videos, audios, or pictures designed to look real, often with the goal of fooling people into thinking they are genuine. Deepfakes are developed with a specific type of machine learning known as deep learning, hence its name. Examples of deepfakes can range from relatively harmless, like a video of a celebrity saying something funny or outrageous, to more harmful efforts. In recent years, there have been documented cases of deepfaked political content designed to discredit politicians and influence voters, while other malicious deepfakes have relied on using recordings of executives designed to trick company employees into giving up sensitive information or sending money to scammers. Deepfakes are also contributing to the proliferation of nonconsensual sexual images.  

    Def Con is one of the most important hacking conferences in the world, held annually in Las Vegas, usually during August. Launched in 1993 as a party for some hacker friends, it has now become an annual gathering of almost 30,000 hackers and cybersecurity professionals, with dozens of talks, capture-the-flag hacking competitions, and themed “villages,” where attendees can learn how to hack internet-connected devices, voting systems, and even aircraft. Unlike other conferences like RSA or Black Hat, Def Con is decidedly not a business conference, and the focus is much more on hacker culture. There is a vendor area, but it usually includes nonprofits like the Electronic Frontier Foundation, The Calyx Institute, and the Tor Project, as well as relatively small cybersecurity companies.

    A distributed denial-of-service, or DDoS, is a kind of cyberattack that involves flooding targets on the internet with junk web traffic in order to overload and crash the servers and cause the service, such as a website, online store, or gaming platform to go down. 

    DDoS attacks are launched by botnets, which are made up of networks of hacked internet-connected devices (such as home routers and webcams) that can be remotely controlled by a malicious operator, usually from a command-and-control server. Botnets can be made up of hundreds or thousands of hijacked devices.

    While a DDoS is a form of cyberattack, these data-flooding attacks are not “hacks” in themselves, as they don’t involve the breach and exfiltration of data from their targets, but instead cause a “denial of service” event to the affected service.

    (See also: Botnet; Command-and-control server)

    Encryption is the way and means in which information, such as files, documents, and private messages, are scrambled to make the data unreadable to anyone other than to its intended owner or recipient. Encrypted data is typically scrambled using an encryption algorithm — essentially a set of mathematical formulas that determines how the data should be encrypted — along with a private key, such as a password, which can be used to unscramble (or “decrypt”) the protected data.

    Nearly all modern encryption algorithms in use today are open source, allowing anyone (including security professionals and cryptographers) to review and check the algorithm to make sure it’s free of faults or flaws. Some encryption algorithms are stronger than others, meaning data protected by some weaker algorithms can be decrypted by harnessing large amounts of computational power.

    Encryption is different from encoding, which simply converts data into a different and standardized format, usually for the benefit of allowing computers to read the data.

    (See also: End-to-end encryption)

    End-to-end encryption (or E2EE) is a security feature built into many messaging and file-sharing apps, and is widely considered one of the strongest ways of securing digital communications as they traverse the internet.

    E2EE scrambles the file or message on the sender’s device before it’s sent in a way that allows only the intended recipient to decrypt its contents, making it near-impossible for anyone — including a malicious hacker, or even the app maker — to snoop inside on someone’s private communications. In recent years, E2EE has become the default security standard for many messaging apps, including Apple’s iMessage, Facebook Messenger, Signal, and WhatsApp. 

    E2EE has also become the subject of governmental frustration in recent years, as encryption makes it impossible for tech companies or app providers to give over information that they themselves do not have access to.

    (See also: Encryption)

    Most modern systems are protected with multiple layers of security, including the ability to set user accounts with more restricted access to the underlying system’s configurations and settings. This prevents these users — or anyone with improper access to one of these user accounts — from tampering with the core underlying system. However, an “escalation of privileges” event can involve exploiting a bug or tricking the system into granting the user more access rights than they should have. 

    Malware can also take advantage of bugs or flaws caused by escalation of privileges by gaining deeper access to a device or a connected network, potentially allowing the malware to spread.

    When we talk about espionage, we’re generally referring to threat groups or hacking campaigns that are dedicated to spying, and are typically characterized by their stealth. Espionage-related hacks are usually aimed at gaining and maintaining stealthy persistent access to a target’s network to carry out passive surveillance, reconnaissance for future cyberattacks, or the long-term collection and exfiltration of data. Espionage operations are often carried out by governments and intelligence agencies, though not exclusively.

    An exploit is the way and means in which a vulnerability is abused or taken advantage of, usually in order to break into a system. 

    (See also: Bug; Vulnerability)

    In general terms, extortion is the act of obtaining something, usually money, through the use of force and intimidation. Cyber extortion is no different, as it typically refers to a category of cybercrime whereby attackers demand payment from victims by threatening to damage, disrupt, or expose their sensitive information. 

    Extortion is often used in ransomware attacks, where hackers typically exfiltrate company data before demanding a ransom payment from the hacked victim. But extortion has quickly become its own category of cybercrime, with many, often younger, financially motivated hackers, opting to carry out extortion-only attacks, which snub the use of encryption in favor of simple data theft.

    (Also see: Ransomware) 

    Forensic investigations involve analyzing data and information contained in a computer, server, or mobile device, looking for evidence of a hack, crime, or some sort of malfeasance. Sometimes, in order to access the data, corporate or law enforcement investigators rely on specialized devices and tools, like those made by Cellebrite and Grayshift, which are designed to unlock and break the security of computers and cellphones to access the data within.

    There is no one single definition of “hacker.” The term has its own rich history, culture, and meaning within the security community. Some incorrectly conflate hackers, or hacking, with wrongdoing. 

    By our definition and use, we broadly refer to a “hacker” as someone who is a “breaker of things,” usually by altering how something works to make it perform differently in order to meet their objectives. In practice, that can be something as simple as repairing a machine with non-official parts to make it function differently as intended, or work even better. 

    In the cybersecurity sense, a hacker is typically someone who breaks a system or breaks the security of a system. That could be anything from an internet-connected computer system to a simple door lock. But the person’s intentions and motivations (if known) matter in our reporting, and guides how we accurately describe the person, or their activity. 

    There are ethical and legal differences between a hacker who works as a security researcher, who is professionally tasked with breaking into a company’s systems with their permission to identify security weaknesses that can be fixed before a malicious individual has a chance to exploit them; and a malicious hacker who gains unauthorized access to a system and steals data without obtaining anyone’s permission.

    Because the term “hacker” is inherently neutral, we generally apply descriptors in our reporting to provide context about who we’re talking about. If we know that an individual works for a government and is contracted to maliciously steal data from a rival government, we’re likely to describe them as a nation-state or government hacker (or, if appropriate, an advanced persistent threat), for example. If a gang is known to use malware to steal funds from individuals’ bank accounts, we may describe them as financially motivated hackers, or if there is evidence of criminality or illegality (such as an indictment), we may describe them simply as cybercriminals.

    And, if we don’t know motivations or intentions, or a person describes themselves as such, we may simply refer to a subject neutrally as a “hacker,” where appropriate.

    (Also see: Advanced persistent threat; Hacktivist; Unauthorized)

    Sometimes, hacking and stealing data is only the first step. In some cases, hackers then leak the stolen data to journalists, or directly post the data online for anyone to see. The goal can be either to embarrass the hacking victim, or to expose alleged malfeasance. 

    The origins of modern hack-and-leak operations date back to the early- and mid-2000s, when groups like el8, pHC (“Phrack High Council”) and zf0 were targeting people in the cybersecurity industry who, according to these groups, had foregone the hacker ethos and had sold out. Later, there are the examples of hackers associated with Anonymous and leaking data from U.S. government contractor HBGary, and North Korean hackers leaking emails stolen from Sony as retribution for the Hollywood comedy, The Interview

    Some of the most recent and famous examples are the hack against the now-defunct government spyware pioneer Hacking Team in 2015, and the infamous Russian government-led hack-and-leak of Democratic National Committee emails ahead of the 2016 U.S. presidential elections. Iranian government hackers tried to emulate the 2016 playbook during the 2024 elections. 

    A particular kind of hacker who hacks for what they — and perhaps the public — perceive as a good cause, hence the portmanteau of the words “hacker” and “activist.” Hacktivism has been around for more than two decades, starting perhaps with groups like the Cult of the Dead Cow in the late 1990s. Since then, there have been several high profile examples of hacktivist hackers and groups, such as Anonymous, LulzSec, and Phineas Fisher. 

    (Also see: Hacker)

    Short for “information security,” an alternative term used to describe defensive cybersecurity focused on the protection of data and information. “Infosec” may be the preferred term for industry veterans, while the term “cybersecurity” has become widely accepted. In modern times, the two terms have become largely interchangeable. 

    Infostealers are malware capable of stealing information from a person’s computer or device. Infostealers are often bundled in pirated software, like Redline, which when installed will primarily seek out passwords and other credentials stored in the person’s browser or password manager, then surreptitiously upload the victim’s passwords to the attacker’s systems. This lets the attacker sign in using those stolen passwords. Some infostealers are also capable of stealing session tokens from a user’s browser, which allow the attacker to sign in to a person’s online account as if they were that user but without needing their password or multi-factor authentication code.

    (See also: Malware)

    Jailbreaking is used in several contexts to mean the use of exploits and other hacking techniques to circumvent the security of a device, or removing the restrictions a manufacturer puts on hardware or software. In the context of iPhones, for example, a jailbreak is a technique to remove Apple’s restrictions on installing apps outside of its “walled garden” or to gain the ability to conduct security research on Apple devices, which is normally highly restricted. In the context of AI, jailbreaking means figuring out a way to get a chatbot to give out information that it’s not supposed to. 

    The kernel, as its name suggests, is the core part of an operating system that connects and controls virtually all hardware and software. As such, the kernel has the highest level of privileges, meaning it has access to virtually any data on the device. That’s why, for example, apps such as antivirus and anti-cheat software run at the kernel level, as they require broad access to the device. Having kernel access allows these apps to monitor for malicious code.

    Malware is a broad umbrella term that describes malicious software. Malware can land in many forms and be used to exploit systems in different ways. As such, malware that is used for specific purposes can often be referred to as its own subcategory. For example, the type of malware used for conducting surveillance on people’s devices is also called “spyware,” while malware that encrypts files and demands money from its victims is called “ransomware.”

    (See also: Infostealers; Ransomware; Spyware)

    Metadata is information about something digital, rather than its contents. That can include details about the size of a file or document, who created it, and when, or in the case of digital photos, where the image was taken and information about the device that took the photo. Metadata may not identify the contents of a file, but it can be useful in determining where a document came from or who authored it. Metadata can also refer to information about an exchange, such as who made a call or sent a text message, but not the contents of the call or the message.

    Multi-factor authentication (MFA) is the common umbrella term for describing when a person must provide a second piece of information, aside from a username and password, to log into a system. MFA (or two-factor; also known as 2FA) can prevent malicious hackers from re-using a person’s stolen credentials by requiring a time-sensitive code sent to or generated from a registered device owned by the account holder, or the use of a physical token or key. 

    Operational security, or OPSEC for short, is the practice of keeping information secret in various situations. Practicing OPSEC means thinking about what information you are trying to protect, from whom, and how you’re going to protect it. OPSEC is less about what tools you are using, and more about how you are using them and for what purpose. 

    For example, government officials discussing plans to bomb foreign countries on Signal are practicing bad OPSEC because the app is not designed for that use-case, and runs on devices that are more vulnerable to hackers than highly restricted systems specifically designed for military communications. On the other hand, journalists using Signal to talk to sensitive sources is generally good OPSEC because it makes it harder for those communications to be intercepted by eavesdroppers.

    (See also: Threat model)

    Also known as “pen-testing,” this is the process where security researchers “stress-test” the security of a product, network, or system, usually by attempting to modify the way that the product typically operates. Software makers may ask for a pen-test on a product, or of their internal network, to ensure that they are free from serious or critical security vulnerabilities, though a pen-test does not guarantee that a product will be completely bug-free.

    Phishing is a type of cyberattack where hackers trick their targets into clicking or tapping on a malicious link, or opening a malicious attachment. The term derives from “fishing,” because hackers often use “lures” to convincingly trick their targets in these types of attacks. A phishing lure could be attachment coming from an email address that appears to be legitimate, or even an email spoofing the email address of a person that the target really knows. Sometimes, the lure could be something that might appear to be important to the target, like sending a forged document to a journalist that appears to show corruption, or a fake conference invite for human rights defenders. There is an often cited adage by the well-known cybersecurity influencer The Grugq, which encapsulates the value of phishing: “Give a man an 0day and he’ll have access for a day, teach a man to phish and he’ll have access for life.”

    (Also see: Social engineering)

    Ransomware is a type of malicious software (or malware) that prevents device owners from accessing its data, typically by encrypting the person’s files. Ransomware is usually deployed by cybercriminal gangs who demand a ransom payment — usually cryptocurrency — in return for providing the private key to decrypt the person’s data.

    In some cases, ransomware gangs will steal the victim’s data before encrypting it, allowing the criminals to extort the victim further by threatening to publish the files online. Paying a ransomware gang is no guarantee that the victim will get their stolen data back, or that the gang will delete the stolen data.

    One of the first-ever ransomware attacks was documented in 1989, in which malware was distributed via floppy disk (an early form of removable storage) to attendees of the World Health Organization’s AIDS conference. Since then, ransomware has evolved into a multibillion-dollar criminal industry as attackers refine their tactics and hone in on big-name corporate victims.

    (See also: Malware; Sanctions)

    Remote code execution refers to the ability to run commands or malicious code (such as malware) on a system from over a network, often the internet, without requiring any human interaction from the target. Remote code execution attacks can range in complexity but can be highly damaging when vulnerabilities are exploited.

    (See also: Arbitrary code execution)

    Cybersecurity-related sanctions work similarly to traditional sanctions in that they make it illegal for businesses or individuals to transact with a sanctioned entity. In the case of cyber sanctions, these entities are suspected of carrying out malicious cyber-enabled activities, such as ransomware attacks or the laundering of ransom payments made to hackers.

    The U.S. Treasury’s Office of Foreign Assets Control (OFAC) administers sanctions. The Treasury’s Cyber-Related Sanctions Program was established in 2015 as part of the Obama administration’s response to cyberattacks targeting U.S. government agencies and private sector U.S. entities.

    While a relatively new addition to the U.S. government’s bureaucratic armory against ransomware groups, sanctions are increasingly used to hamper and deter malicious state actors from conducting cyberattacks. Sanctions are often used against hackers who are out of reach of U.S. indictments or arrest warrants, such as ransomware crews based in Russia.

    A sandbox is a part of a system that is isolated from the rest. The goal is to create a protected environment where a hacker can compromise the sandbox, but without allowing further access to the rest of the system. For example, mobile applications usually run in their own sandboxes. If hackers compromise a browser, for example, they cannot immediately compromise the operating system or another app on the same device. 

    Security researchers also use sandboxes in both physical and virtual environments (such as a virtual machine) to analyze malicious code without risking compromising their own computers or networks.

    SIM swapping is a type of attack where hackers hijack and take control of a person’s phone number, often with the goal of then using the phone number to log into the target’s sensitive accounts, such as their email address, bank account, or cryptocurrency wallet. This attack exploits the way that online accounts sometimes rely on a phone number as a fallback in the event of losing a password.

    SIM swaps often rely on hackers using social engineering techniques to trick phone carrier employees (or bribing them) into handing over control of a person’s account, as well as hacking into carrier systems.

    Social engineering is the art of human deception, and encompasses several techniques a hacker can use to deceive their target into doing something they normally would not do. Phishing, for example, can be classified as a type of social engineering attack because hackers trick targets into clicking on a malicious link or opening a malicious attachment, or calling someone on the phone while pretending to be their employer’s IT department.

    Social engineering can also be used in the real world, for example, to convince building security employees to let someone who shouldn’t be allowed to enter the building. Some call it “human hacking” because social engineering attacks don’t necessarily have to involve technology. 

    (Also see: Phishing)

    A broad term, like malware, that covers a range of surveillance monitoring software. Spyware is typically used to refer to malware made by private companies, such as NSO Group’s Pegasus, Intellexa’s Predator, and Hacking Team’s Remote Control System, among others, which the companies sell to government agencies. In more generic terms, these types of malware are like remote access tools, which allows their operators — usually government agents — to spy and monitor their targets, giving them the ability to access a device’s camera and microphone or exfiltrate data. Spyware is also referred to as commercial or government spyware, or mercenary spyware.

    (See also: Stalkerware)

    Stalkerware is a kind of surveillance malware (and a form of spyware) that is usually sold to ordinary consumers under the guise of child or employee monitoring software but is often used for the purposes of spying on the phones of unwitting individuals, oftentimes spouses and domestic partners. The spyware grants access to the target’s messages, location, and more. Stalkerware typically requires physical access to a target’s device, which gives the attacker the ability to install it directly on the target’s device, often because the attacker knows the target’s passcode. 

    (See also: Spyware)

    What are you trying to protect? Who are you worried about that could go after you or your data? How could these attackers get to the data? The answers to these kinds of questions are what will lead you to create a threat model. In other words, threat modeling is a process that an organization or an individual has to go through to design software that is secure, and devise techniques to secure it. A threat model can be focused and specific depending on the situation. A human rights activist in an authoritarian country has a different set of adversaries, and data, to protect than a large corporation in a democratic country that is worried about ransomware, for example. 

    (See also: Operational security)

    When we describe “unauthorized” access, we’re referring to the accessing of a computer system by breaking any of its security features, such as a login prompt or a password, which would be considered illegal under the U.S. Computer Fraud and Abuse Act, or the CFAA. The Supreme Court in 2021 clarified the CFAA, finding that accessing a system lacking any means of authorization — for example, a database with no password — is not illegal, as you cannot break a security feature that isn’t there. 

    It’s worth noting that “unauthorized” is a broadly used term and often used by companies subjectively, and as such has been used to describe malicious hackers who steal someone’s password to break in through to incidents of insider access or abuse by employees. 

    A virtual private network, or VPN, is a networking technology that allows someone to “virtually” access a private network, such as their workplace or home, from anywhere else in the world. Many use a VPN provider to browse the web, thinking that this can help to avoid online surveillance.

    TechCrunch has a skeptics’ guide to VPNs that can help you decide if a VPN makes sense for you. If it does, we’ll show you how to set up your own private and encrypted VPN server that only you control. And if it doesn’t, we explore some of the privacy tools and other measures you can take to meaningfully improve your privacy online.

    A vulnerability (also referred to as a security flaw) is a type of bug that causes software to crash or behave in an unexpected way that affects the security of the system or its data. Sometimes, two or more vulnerabilities can be used in conjunction with each other — known as “vulnerability chaining” — to gain deeper access to a targeted system. 

    (See also: Bug; Exploit)

    Malicious attacks can sometimes be categorized and described by the amount of user interaction that malware, or a malicious hacker, needs in order to achieve successful compromise. One-click attacks refer to the target having to interact only once with the incoming lure, such as clicking on a malicious link or opening an attachment, to grant the intruder access. But zero-click attacks differ in that they can achieve compromise without the target having to click or tap anything. Zero-clicks are near-invisible to the target and are far more difficult to identify. As such, zero-click attacks are almost always delivered over the internet, and are often reserved for high-value targets for their stealthy capabilities, such as deploying spyware.

    (Also see: Spyware)

    A zero-day is a specific type of security vulnerability that has been publicly disclosed or exploited but the vendor who makes the affected hardware or software has not been given time (or “zero days”) to fix the problem. As such, there may be no immediate fix or mitigation to prevent an affected system from being compromised. This can be particularly problematic for internet-connected devices. 

    (See also: Vulnerability)

    First published on September 20, 2024.


  • Best deals under $100 on tech this week: huge savings on tablets, headphones, and home security

    Best deals under $100 on tech this week: huge savings on tablets, headphones, and home security


    In today’s world, $100 might not seem like much, but it can still buy you some handy tech to make your life easier. From budget-friendly tablets for streaming your favorite shows to good headphones for enjoying your favorite music, there are plenty of great options available.

    Plus, with the growing demand for tech that keeps you connected, now’s a great time to pick up a power bank or a charging station to keep your devices ready to go. And if you’ve been thinking about smart home gadgets, and investing in a home security system, now might be the time to jump on this bandwagon (before recession gets the better of your neighbor and they steal yet another of your Amazon packages).  

    Top 3 deals under a hundred bucks on tech this week

    Nothing Ear (a) earbuds with ChatGPT now $30 off at Amazon

    $30 off (28%)

    Nothing’s Ear (a) earbuds feature HNC (hybrid noise cancellation), an amazing 42.5 hours of playtime, ChatGPT integration, and a very stylish-looking design. The offers is for the black and white color options. These are a good pair of affordable earbuds and you better act fast as the deal is time limited.


    Buy at Amazon

    Anker MagSafe Wireless Charging Station now with a $36 discount

    $36 off (32%)

    The Anker MagGo 3-in-1 Wireless Charging Station is MagSafe compatible, making it the perfect home charging solution for Apple users with multiple devices. Thanks to its Qi2 certification, it also supports Android phones and smartwatches. With 15W of wireless charging power, it delivers fast and convenient charging for all your gadgets. Act fast — this deal won’t last long!


    Buy at Amazon

    Ring Doorbell with Ring Indoor Cam now $60 off at Amazon

    $60 off (43%)

    You can save big on this Ring home camera system deal by getting two devices instead of one. These are the Ring Doorbell and 2nd Gen Ring Indoor Cam. Both of these models offer a long-lasting built-in battery, FullHD ultra-wide video recording, and live view with two-way talk. The Ring Doorbell comes in Satin Nickel or Venetian Bronze color options.


    Buy at Amazon

    Best tablet deals under $100 this week

    The Amazon Fire HD 10 (2023) is now available at a discounted price on the Amazon store. This deal features the 3GB RAM and 32GB storage variant. If you find that 32GB isn’t enough for your needs, you can upgrade to the 64GB storage option for just $10 more, also at a fantastic discount. This tablet boasts a vibrant Full HD 10.1-inch display and an impressive battery life of up to 13 hours, making it an ideal choice for binge-watching your favorite shows or seamlessly browsing the web. The more compact 8-inch Fire HD tablet is currently seeing a nice discount as well.

    Amazon’s newest Fire HD 10 tablet now $40 off

    $40 off (30%)

    The Amazon Fire HD 10 (2023) is now seeing a drop in price on the brand’s store. The offer is for the 3GB of RAM 32GB of storage version. If that’s too small of a storage for you, for only $10 more you can get the 64GB of storage version at a similar discount. This device features a good Full HD 10.1-inch display and a battery that lasts up to 13 hours, making it perfect for watching videos or browsing the web.


    Buy at Amazon

    Amazon’s newest Fire HD 8 now $35 less

    $35 off (35%)

    If you’re looking for a more compact or a less-expensive tablet, then the Amazon Fire HD 8 (2024) is a good option. This offer is for the 3GB of RAM 32GB of storage version in black. For $30 more you can get the 64GB of storage variant too.


    Buy at Amazon

    Best headphones and speaker deals under $100 this week

    Nothing’s Ear (a) earbuds are now available at a fantastic price! These earbuds feature cutting-edge hybrid noise cancellation (HNC) technology, an impressive 42.5 hours of playtime, and seamless ChatGPT integration for ultimate convenience. Choose from stylish black or white color options. With their sleek design and affordable price point, these earbuds are a must-have for any tech lover. Hurry, as this deal is time-limited! 

    Nothing Ear (a) earbuds with ChatGPT now $30 off at Amazon

    $30 off (27%)

    The Nothing Ear (a) earbuds offer Hybrid Noise Cancellation (HNC), an impressive 42.5 hours of playtime, ChatGPT integration, and a sleek, stylish design. This deal is available for both the black and white color options. With great performance at an affordable price, these earbuds are a fantastic choice — but act fast, as the offer is time-limited!


    Buy at Amazon

    Soundcore Liberty 4 now $30 off at Amazon

    $30 off (30%)

    The Soundcore Liberty 4 is another budget-friendly pair of earbuds with hybrid noise cancellation. They can last up to 50 hours of playback time and feature wireless charging. Also, they come in many trendy color versions, including Navy Blue, Pastel Pink, and Light Blue.


    Buy at Amazon

    The Soundcore Liberty 4 are also seeing a nice drop in price. These earbuds feature hybrid noise cancellation and deliver an immersive audio experience with an excellent 50 hours of playback time on a single charge. They also offer wireless charging for hassle-free use. With a variety of trendy colors to choose from, including Navy Blue, Pastel Pink, and Light Blue, you can easily find a pair that matches your style.

    Sony WH-CH720N headphones now with a $52 discount at Amazon

    $52 off (35%)

    A very sleek-looking pair of over ear headphones is seeing a major drop in price. This Sony WH-CH720N deal is for the White and Pink color options of the noise cancelling headphones. They offer Amazon Alexa integration, excellent audio output, and a long-lasting battery. Hurry up, as this is a limited time deal.


    Buy at Amazon

    JBL Flip 6 – one of the most popular speakers now $30 off

    $30 off (23%)

    The JBL Flip 6 portable bluetooth speaker has made a name for itself in the last couple of years as one of the best in its category when it comes to audio quality and strength, battery life, design and reliability. The Flip 6 is IPX7 waterproof and offers 12 hours of playtime. It also comes in many fashionable color options, like Camo, Teal, and Red. This is another deal that is time limited, so act fast!


    Buy at Amazon

    Sony’s sleek and stylish WH-CH720N over-ear headphones are now available at a significant discount! Choose from two White and Pink color options that combine classic looks with functionality. These noise-cancelling headphones come equipped with Amazon Alexa integration, delivering excellent audio output, along with a long-lasting battery.

    The JBL Flip 6 has established itself as a top contender in the portable Bluetooth speaker market, known for exceptional audio quality, durability, and reliability. With an impressive IPX7 waterproof rating, you can take the Flip 6 anywhere without worrying about spills or splashes. Enjoy up to 12 hours of playtime on a single charge, making it the perfect companion for any adventure. This speaker is available in a range of stylish color options, including Camo, Teal, and Red. Grab your JBL Flip 6 speaker before the deal is gone!

    Best power bank and charger deals under $100 this week

    You can now upgrade your charging game with the Anker MagGo 3-in-1 Wireless Charging Station at a lower-than-usual price. This accessory is designed to seamlessly integrate with all your Apple devices thanks to its Apple MagSafe compatibility. The MagGo is a versatile station certified with Qi2 technology, making it an excellent choice for Android phones and smartwatches as well. Experience rapid charging with 15W of wireless power, ensuring your devices stay topped off quickly and conveniently. 

    Another great deal for under $100 is the Baseus Blade 65W Power Bank, which is a stylish power bank that combines sleek design with functionality, featuring an LED battery percentage display. With an impressive 12,000mAh capacity, it can fully recharge your smartphone up to three times, making it an essential companion for on-the-go charging. Experience lightning-fast charging speeds of up to 65W, perfect for powering not only smartphones but also laptops. Equipped with two USB-C ports and two USB-A ports, you can charge multiple devices simultaneously with ease.

    Anker MagSafe Wireless Charging Station now with a $36 discount

    $36 off (32%)

    The Anker MagGo 3 in 1 Wireless Charging station is Apple MagSafe compatible, making it the home charging choice for consumers that own a plethora of Apple devices. With Qi2 wireless charging certification, it is also suitable for Android phones and smartwatches. With 15W of wireless charging power, it will top off the battery of your devices both quickly and conveniently. Grab it before the deal expires!


    Buy at Amazon

    Baseus Blade 65W 12,000mAh Power Bank now $30 less at Walmart

    $69
    79

    $99
    99

    $30 off (30%)

    Baseus’ Blade 65W power bank offers sleek design, an LED battery percentage display, and a 12,000mAh capacity, which is enough to top off a modern smartphone’s battery up to three times. With 65W of charging speed, it will charge your devices quickly, including laptops. It has two USB-C and two USB-A charging ports.


    Buy at Walmart

    Jackery Explorer 100 Plus now a whole $60 off on Amazon

    $60 off (40%)

    This compact and portable power station is more affordable than ever. Featuring a 31,000mAh obattery, the Jackery Explorer 100 Plus is the perfect camping companion or your hero in power outage situations. It features two 100W USB-C ports and a single 18W USB-A. It can top off your phone’s battery up to six times and your laptops up to two. You can spend $80 more and include a 40W solar panel to your purchase.


    Buy at Amazon

    The Jackery Explorer 100 Plus is now more affordable than ever! Get ready for your next adventure or unexpected power outage with its robust 31,000mAh battery capacity. This compact and portable power station is your ultimate camping companion or emergency backup. Equipped with two powerful 100W USB-C ports and an 18W USB-A port, the Explorer 100 Plus can recharge your smartphone up to six times and your laptop up to two times, ensuring you stay connected no matter where you are. Plus, for just $80 more, you can enhance your purchase with a 40W solar panel, making it the perfect eco-friendly charging solution. 

    Best home tech deals under $100 this week

    Google’s TV Streamer 4K is one of the top devices in its class and it now costs less than usual! Gain access to over 800 free TV channels and all the latest streaming apps, ensuring you never run out of content to enjoy. With stunning 4K HDR video output that supports Dolby Vision and Dolby Atmos, you’ll be treated to quality visuals and immersive sound. Please note that the HDMI 2.1 cable required for connecting to your TV is not included in the box, so you need to purchase it separately.

    Google TV Streamer 4K with Voice Search remote now $21 off

    $21 off (21%)

    Google’s TV Streamer 4K is one of the best in its category of devices. It can give you access to more than 800 free TV channels and all the current streaming apps. It offers 4K HDR video output with Dolby Vision and Dolby Atmos, which means it is capable of amazing video quality. Keep in mind that the HDMI 2.1 cable that is required to connect it to your TV isn’t included in the box.


    Buy at Amazon

    LEVOIT Air Purifier with HEPA filter now $10 less at Amazon

    $10 off (10%)

    The LEVOIT Air Purifier is perfect for people with allergies, including ones to pets. It can cover up to 1,095 of square feet thanks to its 56W high torque motor. It is a very compact device with an active carbon filter, touch controls, and plenty of working modes. This deal will expire soon, so you better hit the buy button now.


    Buy at Amazon

    The LEVOIT Air Purifier is an essential device for allergy sufferers, including pet owners. Capable of purifying spaces of up to an impressive 1,095 square feet, this clever gadget  features a robust 56W high-torque motor that gets the job done efficiently. Designed with a compact footprint, the LEVOIT Air Purifier is equipped with an active carbon filter, user-friendly touch controls, and multiple working modes to suit your living habits.

    Ring Doorbell with Ring Indoor Cam now $60 off at Amazon

    $60 off (43%)

    You can save big on this Ring home camera system deal by getting two devices instead of one. These are the Ring Doorbell and 2nd Gen Ring Indoor Cam. Both of these models offer a long-lasting built-in battery, FullHD ultra-wide video recording, and live view with two-way talk. The Ring Doorbell comes in Satin Nickel or Venetian Bronze color options.


    Buy at Amazon

    Add two more Ring Indoor cameras and save $30 more on Amazon

    $30 off (30%)

    If a single indoor camera isn’t enough for your home space, you can grab two more at $30 off at Amazon. Once again, we are talking about the 2nd Gen Ring Indoor Cam model. It can record videos in 1080p and has night vision, perfect for filming your cat’s night escapades. Meow.


    Buy at Amazon

    eufy Security SoloCam S220 now for half its price on Amazon

    $65 off (50%)

    What about filming outside your house? Amazon’s got you covered with this incredible eufy Security SoloCam S220 deal. With a built-in solar panel, you shouldn’t have to charge this outdoor camera ever. Offering 2K video recording and featuring IP67 water-resistance with Night Vision, the eufy Security SoloCam S220 will let you have a greater peace of mind than a guard dog.


    Buy at Amazon

    An amazing deal on home security features both the Ring Doorbell and the 2nd Gen Ring Indoor Cam! By purchasing this bundle on Amazon, you’ll enjoy incredible savings and quality surveillance for your property. Both Ring devices come equipped with a long-lasting built-in battery, Full HD ultra-wide video recording, and live view capabilities with two-way talk, making it easy to keep an eye on your home from anywhere. Plus, the Ring Doorbell is available in stylish Satin Nickel or Venetian Bronze color options to complement your home’s aesthetic. Add two more indoor cameras and save even more!Considering outdoor surveillance as well? You’re in luck! Amazon is currently offering an outstanding deal on the eufy Security SoloCam S220, designed to keep watch over your home effortlessly. Equipped with a built-in solar panel, you won’t have to worry about charging this outdoor camera ever again. Enjoy high-quality 2K video recording and rest easy knowing this device is built to last with IP67 water resistance and impressive Night Vision capabilities. With the eufy Security SoloCam S220, you’ll gain peace of mind greater than even the most dedicated guard dog can give you.


    Iskren, a tech journalist at PhoneArena, has been passionate about technology since his childhood, sparked by his early experiences with phones like the Ericsson T28 and Sony Ericsson P910i. After earning a bachelor’s degree in Media and Journalism, he turned his fascination with smartphones into a career, with a particular interest in Apple and Motorola. Outside of his tech pursuits, Iskren enjoys watching TV series, movies, driving, and has a deep passion for cars and Formula 1. He looks forward to the future of mobile tech, particularly the potential of rollable smartphones.

    Read the latest from Iskren Gaidarov


  • Feature,/features,,features, Coverage | Laptop Mag

    Feature,/features,,features, Coverage | Laptop Mag


    If you think AI is mostly memes and marketing fluff, you’re not alone. Intel’s Robert Hallock was equally skeptical at one point in time. Now, he’s betting that AI, the quiet kind, will be the key to Intel unlocking the kind of power, performance, and battery life truly befitting a next-generation laptop.

    In a conversation encompassing everything from ethical AI cocoa farming to the futility of the F1 key, and the rollercoaster ride that is the Gartner Hype Cycle, Hallock shines a light on Intel’s AI ambitions, unpacks the challenges ahead, and offers a counterpoint to the hunt for AI’s killer app… All 450 and counting of them.

    An interview with Intel’s Robert Hallock

    An interview with

    Intel Vice President and General Manager of Client AI and Technical Marketing Robert Hallock
    An interview with

    Robert Hallock

    Robert is a senior director of technical marketing at Intel for Core processors and technologies. Prior to joining Intel, Robert spent 12 years in Client and Graphics at AMD, most recently as the director of product and technology marketing for Ryzen processors. Robert has also been a PC hardware reviewer, journalist, and technical writer. He moonlights as a designer of high-performance aftermarket automotive components and is a lifelong PC enthusiast.

    What’s your role in AI?


  • 11 high-end outdoor jackets that prove performance gear can be pure luxury

    11 high-end outdoor jackets that prove performance gear can be pure luxury


    Have you ever wondered how much it would cost you to buy the best jackets from all the top-tier brands? I often wonder myself, so I went ahead and collected the single most expensive options from all brands worth considering, from Moncler and Arc’teryx to Vollebak and Canada Goose.

    But because it wouldn’t be helpful just to list a bunch of expensive coats, I went ahead and collected an alternative from each brand you might want to consider, in case your budget doesn’t quite stretch to seven and a half grand parkas.


  • Best wireless keyboards 2025: Top Bluetooth and USB models reviewed

    Best wireless keyboards 2025: Top Bluetooth and USB models reviewed


    In 2025, there’s no reason you can’t have a wireless keyboard. From the most complex mechanical boards to the sleekest designer models to the flashiest gamer planks, and everything in between, there are options aplenty for wireless excellence. That even includes keyboards for budget buyers — you can find a great pick in every category for well under three-digit prices.

    I’ve spent hours and hours using each model, banging away on product reviews, surfing the web, and keeping up on social media to bring you a list of the very best wireless keyboards around.

    While there’s no one-size-fits-all keyboard, these recommendations aim to help you make an informed decision based on your own personal needs. After you’ve perused our best picks, be sure to check out our buying advice at the end to help you learn what to look for when shopping for a wireless keyboard.

    Logitech MX Keys S Wireless Keyboard – Best overall wireless desktop keyboard 

    Logitech MX Keys S Wireless Keyboard - Best overall wireless desktop keyboard 

    Pros

    • Great typing experience
    • Customizable keys
    • Long battery life
    • Auto-dimming backlight

    Cons

    • No height adjustment
    • Wireless can get choppy in crowded environments

    Price When Reviewed:

    $109.99


    Best Prices Today:

    Amazon


    $97.30

    Why I like the Logitech MX Keys S

    Logitech’s top-of-the-line keyboard design returns in an S variant, this time with an updated Bolt multi-device receiver and a new auto-adjusting backlight feature. The typing experience is as good as it was in the original model, and it’s even a tiny bit cheaper, so this upgrade is a win-win if you like your keyboards thin and stylish.

    Just be aware that dozens of Bluetooth devices in the vicinity might bog it down. If you prefer your Logitech boards a little more clicky-clacky, check out the MX Mechanical variant. This design is also available in a smaller “60%” model — see below.

    Who should buy the Logitech MX Keys S

    If you want one of the most stylish keyboards around that isn’t mechanical, and one that effortlessly works with multiple devices, this is it. The MX Keys is also shockingly quiet, so it’s a good choice for crowded offices. But it you want a longer, more traditional key travel or an ergonomic layout, there are better options out there.

    Read our full

    Logitech MX Keys S Keyboard review

    Keychron B1 Pro (or B6 Pro) – Best budget wireless keyboard

    Keychron B1 Pro (or B6 Pro) - Best budget wireless keyboard

    Pros

    • Great value
    • Programming options
    • Long battery life

    Price When Reviewed:

    $39.99


    Best Prices Today:

    Best Buy


    $39.99

    Why I like the Keychron B1 Pro

    Logitech’s keyboards are great, but they often command high prices, especially at the top end. If you’re looking for something that has nearly all the same features but is much more affordable, check out the B1 Pro from Keychron (or its bigger brother, the full-sized B6 Pro). For less than half of the price, you get an almost identical stylish design, plus more programming options. The only thing it’s lacking is a backlight.

    Who should buy the Keychron B1 Pro

    If you’re not a fan of mechanical designs and you want something slim, quiet, and good-looking, and you don’t want to pay triple digits, this is the perfect fit. Bluetooth and 2.4GHz wireless support means easy switching between multiple devices, though it’s not quite as seamless as Logitech’s Flow software.

    Read our full

    Keychron B1 Pro keyboard review

    Corsair K65 Plus Wireless – Best wireless gaming keyboard

    Corsair K65 Plus Wireless - Best wireless gaming keyboard

    Pros

    • Solid hardware
    • Great value for wireless
    • Tons of customization options 

    Cons

    • No wrist rest
    • Slightly awkward default layout

    Price When Reviewed:

    $159.99

    Why I like the K65 Plus Wireless

    Corsair has been improving its designs for the last couple of years, incorporating more premium features and customization options. And it all comes together in the vastly redesigned K65 Plus, and does so at a shockingly low price. 

    This keyboard combines the popular 75% form factor, high-speed, multi-device wireless, high-quality switches, and hot-swappable key sockets, with Corsair’s typically good gaming pedigree. The result is a keyboard that does a lot, for a lot of users, for a relatively low price. 

    While the K65 skips a couple of exotic features like adjustable actuation or an OLED screen, and it doesn’t include a wrist rest in the box, it nails just about every other facet of design. It’s simply the best gaming keyboard you can get at the moment.

    Who should buy the K65 Plus Wireless

    Anyone who wants a high-quality keyboard with tons of options for customization, both hardware and software, will be pleased with this design. It also has some excellent bonuses, like PBT keycaps and a dedicated button for turning RGB on (or off, if you want maximum battery life). 

    The 75% form factor isn’t for everyone — you’ll have to look elsewhere, or wait for Corsair to offer more models, if you want a different format. It’s also considerably less “flashy” than other gaming keyboards, and doesn’t offer the heft and quality of a metal body.

    Read our full

    Corsair K65 Plus Wireless keyboard review

    Logitech Keys To Go 2 – Best wireless keyboard for travel

    Logitech Keys To Go 2 - Best wireless keyboard for travel

    Pros

    • High mechanical quality
    • Slim and portable
    • Compatible with most devices

    Cons

    • Keys feel slightly cramped
    • No physical support for mobile and tablet
    • Battery change requires chisel

    Price When Reviewed:

    $79.99

    Why I like the Logitech Keys To Go 2

    Logitech’s first try at the Keys To Go design was uninspiring, a flat, fabric-covered slab that was more of a tablet cover than a keyboard. The second-gen design is an improvement in every way, a fully functional conventional keyboard that’s super-slim and comes with an integrated protective cover that can add a little angle to your typing. With three years of battery life and multi-device pairing, it’s a great companion to any keyboard or phone.

    Who should buy the Logitech Keys To Go 2

    Mobile-focused typists and road warriors will love this little sliver of a keyboard, which can fit into places even the MX Keys Mini and Apple Magic Keyboard can’t. Even so, it manages to fit a 75 percent layout in there, with a full function row (and a few squished keys outside the alphanumerics). It’s also not a bad deal at $80 retail.

    There are some comfort compromises here. If you need a tiny, super-light keyboard with some more key travel, I’d go with the Lofree Edge. But for those who need the absolutely tiniest keyboard that’s still usable, Logitech has it covered.

    Read our full

    Logitech Keys-to-Go 2 review

    Logitech Casa – Best all-in-one travel option

    Logitech Casa - Best all-in-one travel option

    Pros

    • Clever, aesthetically pleasing design
    • Excellent battery life
    • Range of remappable keys
    • Makes working-from-home more ergonomic

    Cons

    • Not travel friendly
    • Expensive

    Price When Reviewed:

    $179.99


    Best Prices Today:

    Amazon


    $179.99

    B&H


    $179.99

    Best Buy


    $179.99

    Lenovo USA


    $179.99

    Logitech US Canada and Mexico


    $179.99

    Why I like the Logitech Casa

    If you need something a little more comprehensive for your travel needs, Logitech’s Casa might just hit the spot. It’s a keyboard and touchpad set that also comes in a swanky bento-style case, which doubles as a stand that significantly elevates your laptop. As an all-in-one solution for those who want to set up an office-style workstation on the go, it’s a pretty neat little package.

    It is on the pricey side, though — for the same price you could get a laptop stand, keyboard, and touchpad and save a bit of dough, albeit without the neat travel-friendly design.

    Who should buy the Logitech Casa

    If you can’t stand typing on your laptop but you prefer a touchpad to a mouse, then this is the perfect package for you. It’s also surprisingly stylish in its all-in-one case, which folds down into a portfolio for grab-and-go convenience.

    The option to raise your laptop screen may appeal, though there are easier ways to do that on the go. There are certainly cheaper ways to do all three.

    Read our full

    Logitech Casa Pop-Up Desk review

    Keychron Q Max series – Best high-end mechanical keyboard

    Keychron Q Max series - Best high-end mechanical keyboard

    Pros

    • Tons of features
    • Excellent typing
    • Improved 2.4GHz wireless
    • Endless customization

    Cons

    • No adjustable feet
    • No wrist rest

    Price When Reviewed:

    $229.99


    Best Prices Today:

    Amazon


    $229.99

    Why I like the Keychron Q Max series

    For the last couple of years Keychron has been absolutely killing it with its high-end Q series. These mechanical boards make features previously available only via building your own or spending a fortune on a boutique design available to everyone, like full aluminum bodies, gasket-mounted PCBs, and easy, open-source programming with VIA. They’re about as good as you can get for a standard design.

    The Q Max series takes these designs and shores up their one weakness: reliance on Bluetooth. While Q Max keyboards have multi-device Bluetooth available, they’re also packing standard 2.4GHz wireless with a USB dongle, making them ideal for use with a hefty desktop PC (and they even do alright as gaming boards).

    With a wide variety of layouts like the TKL-sized Q3 Max above, there’s a keyboard in this series for just about anyone, including split “ergonomic” designs. They’re fantastic as stand-alone purchases, or bases for your custom dream build with replacement switches and keycaps.

    Who should buy the Keychron Q Max Series

    If you’re ready to step up to a premium mechanical keyboard design, one of these Q Max models should be at the top of your list. At the time of writing they’re available in full-size with number pad, TKL, 75%, 65%, and compact “1800” sizes, plus oddball Alice and left-handed models. There’s even a Happy Hacking Keyboard clone version, all of which come with hot-swap switch sockets and RGB lighting.

    They’re great on their own with no extra mods, with the only real downside being so-so stabilizers. But you can swap those out too if you’re okay with opening the case, and the rest of the board is just as customizable. They can be custom-programmed, too, so both newbies and veterans are welcome.

    Keychron’s high-end boards are on the pricey side, even if they aren’t as expensive as the boutique builds they’re inspired by, so bargain hunters should hunt somewhere else. And while they offer 2.4GHz wireless and wired options for gamers, the lack of game-specific software features means that there are better choices if you want to slay first and type later.

    Read our full

    Keychron Q3 Max keyboard review

    Keydous NJ80-AP – Best typing experience

    Keydous NJ80-AP - Best typing experience

    Pros

    • Amazing typing experience
    • High-quality parts
    • Bluetooth and 2.4GHz wireless
    • Long battery life

    Cons

    • Clunky software
    • Plastic case
    • A bit heavy

    Price When Reviewed:

    $150


    Best Prices Today:

    Amazon


    $135

    Why I like the Keydous NJ80-AP

    Keychron gets the recommendation for an all-around mechanical keyboard. But if what you really want is a fantastic “thocky” typing feel right out of the box, then this unassuming little keyboard is the best I’ve ever tested. It does this with a lot of high-quality components, like PBT keycaps, a brass plate, premium stabilizers, and lots of internal sound dampening. But the big magic is in the switches.

    Keydous went with exotic, high-end switches from Kailh to make the NJ80-AP and its stablemates stand out. These “Blueberry Ice Cream” BOX switches have a ridiculous name, but with soft POM plastic housing, reinforced stems, and a factory-lubed sliding mechanism, they feel amazing. They’re the best I’ve ever seen come standard on a keyboard, and that includes boards that cost twice as much as this one.

    The NJ80-AP also offers both Bluetooth and dongle-based wireless, RGB lighting, an aluminum volume wheel — all the standards from a high-end mechanical design. Its plastic case and fiddly, proprietary programming software are a disappointment, but for satisfying typing out of the box, it’s simply the best around.

    Who should buy the Keydous NJ80-AP

    If you’re looking for a standard design with absolutely amazing typing, look no further. The NJ80-AP delivers, and if you want something bigger or (slightly) smaller, the same features are available in 65% and compact “1800” layouts (full number pad, slightly squished). Just make sure to order the one with those fancy switches.

    But on the other hand, the software leaves a lot to be desired, and you can get keyboards with better all-metal bodies or faster wireless by spending a little more. And if you really want to go all out, you can get most of the way towards the high-quality typing of this board by ordering the same switches online and putting them in another board with hot-swap capability.

    It’ll cost a lot — Keydous designs are on the cheap side of the high end — but if you’re dropping more than three digits on a keyboard anyway, it’s a legitimate option.

    Read our full

    Keydous NJ80-AP wireless mechanical keyboard review

    K780 Multi-Device Wireless Keyboard – Best full-size multi-device option

    K780 Multi-Device Wireless Keyboard - Best full-size multi-device option

    Pros

    • Works with all major platforms
    • Can toggle between three paired devices
    • Quiet keys with great travel

    Cons

    • Not built for portability

    Price When Reviewed:

    $79.99

    Why I like the Logitech K780

    If you like the convenience of a Bluetooth keyboard that can switch among different devices, but don’t require the compact layout of the MX Keys Mini, Logitech’s K780 Multi-Device Wireless Keyboard promises to be the one keyboard to rule all your computing gizmos. Indeed, it’s fully compatible with Windows, Mac OS, Chrome OS, Android, and iOS for fast and effortless switching between your computer, smartphone, and tablet.

    It also costs a good deal less than the MX Keys Mini, and offers a roomy layout with a numpad. The integrated device stand is especially good for phones and tablets up to about ten inches in size — like the standard iPad Air. Anything bigger might need its own separate stand. That makes this an excellent companion for a multi-device desk…though it doesn’t exactly pack away well.

    Who should buy the Logitech K780

    If you’re constantly switching between a PC and a phone or other mobile gadget, this keyboard is exactly what you’re looking for. The dedicated keys for switching gadgets and the integrated stand make it an excellent way to save time and space on your desk.

    Read our full

    K780 Multi-Device Wireless Keyboard review

    Logitech Ergo K860 – Best ergonomic wireless keyboard

    Logitech Ergo K860 - Best ergonomic wireless keyboard

    Pros

    • Curved and split ergonomic design
    • Comfortable wrist support
    • Palm raise feature lets you adjust height for sitting or standing

    Cons

    • Requires some time to get used to split design
    • Expensive

    Price When Reviewed:

    $129.99


    Best Prices Today:

    B&H


    $103.95

    Best Buy


    $119.99

    Lenovo USA


    $129.99

    Logitech US Canada and Mexico


    $129.99

    Adorama


    $149.99

    Why I like the Logitech Ergo K860

    Logitech’s Ergo K860 has finally conquered our skepticism about awkward ergonomic keyboards. In the course of our review, there was a marked improvement in typing comfort and reduced muscle tension, all without sacrificing productivity to a steep learning curve.

    It’s a little expensive compared to a conventional wireless keyboard, but if you’re struggling with comfort, the K860 is the only ergonomic keyboard we’d heartily recommend. If you need a more compact, affordable version of Logitech’s curvy keyboard design, check out the Wave Keys instead.

    Who should buy the Logitech Ergo K860

    Ergonomic keyboards aren’t the easiest to find, especially with big, comfy integrated wrist rests. Among major vendors it’s basically this design and the Microsoft Ergonomic Keyboard, which is wired. So if the split, angled layout with low-profile keys is what you want, the K860 is the best game in town.

    If you aren’t trained in strict home row-style typing (index fingers on F and J, et cetera), the split layout may cause a headache. Try the Wave Keys instead if you want bigger, more responsive individual keys and a continuous layout that still has a comfy wrist rest integrated into the design.

    Read our full

    Logitech Ergo K860 review

    What to know about wireless keyboards

    In our keyboard evaluation process we look at everything from build quality to typing experience to customization options and bundled software. We use the heck out of a keyboard before rendering a verdict. To learn all the ins and outs of our review process see our article on how we test keyboards.

    In addition to that, here are answers to some of the most common questions about wireless keyboards. Our answers could help with your keyboard purchase.

    What’s the difference between a Bluetooth keyboard and a wireless keyboard?

    Wireless keyboards connect to a PC in one of two ways: via Bluetooth or a USB receiver. Wireless keyboards that connect via a USB receiver or dongle can only connect to a computer or device if it has a USB port. Bluetooth connectivity on the other hand does not require any dongle or extra receiver and can therefore easily connect to other Bluetooth-enabled devices without the need for any ports. Additionally, Bluetooth keyboards tend to cost a little more but also offer longer battery life.

    While shopping, you may find that older devices do not support Bluetooth. However, if you need a keyboard to work across different platforms on newer devices, a Bluetooth-enabled model is the way to go.

    Do wireless keyboards need special batteries?

    Usually wireless keyboards are powered using either rechargeable or disposable batteries. Wireless keyboards with rechargeable batteries will just need to be plugged into an external power source such as a computer or wall outlet when the battery is low. Otherwise, wireless keyboards with disposable batteries will need those batteries to be replaced when they die. The most common types of batteries these keyboards use will be either AA or AAA alkaline batteries.

    Can a laptop be used with a wireless keyboard?

    Yes, you can use a wireless keyboard with a laptop without issue. Depending on whether you are using a wireless USB dongle keyboard or a Bluetooth keyboard, you just need to connect to the laptop and then you are good to go. This is true if you wish to connect a wireless keyboard to your tablet or 2-in-1, as well.

    Are wireless keyboards good for gaming?

    Wireless keyboards are a fantastic option for most people, but they have a few limitations when it comes to gaming. Wireless keyboards can produce some slight latency issues between the keystroke being made and it being registered by your computer. This lag can be especially frustrating when playing games that require fast reaction times or in competitive environments — the latency may in some instances lead to a competitive disadvantage.

    That being said, wireless technologies have improved immensely in recent years and any lag or interference issues are becoming extremely rare with the latest technology. Most casual gamers will be just fine with a wireless keyboard — opt for 2.4GHz wireless over Bluetooth for the most reliable results. You can minimize interference issues by keeping other wireless devices away from your wireless keyboard, as well.


  • We stepped into IQM’s quantum lab to witness a new computing frontier

    We stepped into IQM’s quantum lab to witness a new computing frontier


    “The Future is Here,” declares a glowing neon sign at the entrance to IQM’s quantum data centre in Munich. It’s a bold claim — but one the Finland-based startup is determined to fulfil.

    To the right of the entrance sign stands a hefty, metal blue door. My host, physicist Frank Deppe, IQM’s head of quantum processing unit (QPU) technology, ushers me inside.

    Opened last year as part of IQM’s European expansion, the facility hosts six state-of-the-art superconducting quantum computers — used for the company’s own research and offered as a cloud-based service to scientists around the globe.

    IQM-data-centre-munich-sion-geschwindt-thenextweb
    IQM’s Munich quantum data centre. Credit: Siôn Geschwindt
    IQM-data-centre-munich-sion-geschwindt-thenextweb

    My initial impression is the sound — a low, steady purr punctuated by a bizarre rhythmic pumping noise. That, I would later discover, was the heartbeat of a quantum computer.  

    From Shark Tank to Tinder Swindler

    TNW Conference 2025 combines the latest breakthroughs in tech, the startup ecosystem & enterprise innovation

    The centrepiece of the data centre, though, is the cryostats — the golden chandelier-like structures that have become synonymous with quantum computing in the public imagination. 

    Cryostats are made up of an intricate system of gold-plated brass and copper wiring that channels microwave signals down to the QPU or “chip,” which sits right at the bottom of the chandelier. These microwave pulses allow scientists to control and manipulate the qubits on the chip, and, in turn, run algorithms to perform quantum calculations. 

    IQM-quantum-computer-thenextweb-sion-geschwindt
    Intricate wiring inside the cryostat channels microwave pulses down to the quantum chip. Credit: Siôn Geschwindt
    IQM-quantum-computer-thenextweb-sion-geschwindt

    For all this to work, however, superconducting quantum computers need to be cooled to close to absolute zero (or -273.15 degrees Celsius). That makes machines like these among the coldest places in the known universe.

    Qubits, which are the basic units of information in a quantum computer, are incredibly sensitive — to heat, vibration, stray particles, or electromagnetic signals. Even the slightest disturbance can cause errors or wipe out information entirely, says Frank, gesturing around us as if he can see the waves and particles flying around the room.   

    At ultra-cold temperatures, however, superconducting materials lose all electrical resistance, allowing qubits to maintain their delicate quantum properties. But ultra-cold isn’t enough — qubits also need near-perfect isolation from other particles in the air. That’s why cryostats are placed in a thick metal vacuum chamber, which helps to shield the qubits from interference.

    IQM-cyrostat-closed-quyantum-computer
    When operational, the cryostat is locked inside a super-cooled, vacuum chamber, which makes machines like this among the coldest places in the known universe. Credit: Siôn Geschwindt
    IQM-cyrostat-closed-quyantum-computer

    Each machine is supported by some serious industrial hardware. One of the largest pieces of equipment in the lab is the cryogenics system. Comprising a network of compressors, tanks, pumps, and pipes, its job is to transfer liquid helium to super-cool the cryostat. The helium compressor produces the distinctive rhythmic sound of a quantum computer — the cryostat itself is completely silent.

    Then there are the servers, placed beside each cryostat. They provide the precise control and support infrastructure that allows delicate quantum systems to operate effectively. They also produce the specific microwave pulses required to keep the qubits stable. 

    Yes, even the quantum computers of the future will need classical computers to function, Frank says. 

    An example of the classical electronics cabinet required run one of IQM's quantum computers. Credit: IQM
    An example of the classical electronics cabinet required run one of IQM’s quantum computers. Credit: IQM
    An example of the classical electronics cabinet required run one of IQM's quantum computers. Credit: IQM

    I was amazed by the extraordinary amount of infrastructure needed to power a quantum chip barely larger than my fingernail. But all that tech is essential — it protects the fragile qubits while still allowing for their manipulation. 

    “You need to isolate qubits from the environment — but still control them,” says Frank. “That’s the engineering paradox of quantum computing.” 

    Tapping into the subatomic world of quantum mechanics — with phenomena such as superposition and entanglement — to perform useful calculations is one of the toughest challenges in modern science. It’s baffled researchers for decades. But now, after years of steady progress, we’re closer than ever to potentially world-changing applications — and the payoffs could be huge.

    Towards quantum advantage

    The quantum computers of the future are expected to solve problems that are far beyond the reach of today’s most powerful supercomputers — a point known as “quantum advantage.” These machines could simulate complex molecules for drug discovery, design new materials from the atomic level up, and revolutionise logistics and finance by cracking massive optimisation problems. They could also break all internet encryption on what is known as Q-Day — so there are risks, too.

    However, most experts agree that we’ll need a 1 million-qubit system and beyond to make those sorts of calculations — and that’s still a long way off.

    We’re currently in what is known as the Noisy Intermediate-Scale Quantum (NISQ) era, where we have small quantum computers that can run real experiments but are still too “noisy” and error-prone to do anything truly groundbreaking.

    IQM’s quantum processors currently range from six to 50 qubits. Next year, it’s set to release a larger 54 to 150-qubit system called Radiance, which it says will “pave the way” to quantum advantage — when a quantum computer can solve a problem no classical computer can). The company hopes to produce a 1 million-qubit system by 2033. 

    One of IQM's quantum cryostats. Credit: IQM
    One of IQM’s open cryostats. The chip is housed behind the metal cylinder right at the bottom of the chandelier. Credit: IQM
    One of IQM's quantum cryostats. Credit: IQM

    Headquartered in Helsinki, IQM has built a business based on helping researchers train on and navigate smaller systems before larger ones become commercially available. Using these machines, scientists can already explore quantum algorithms, develop hardware, and prototype solutions for specific problems such as climate modelling or drug discovery. 

    Founded in 2018, IQM has raised $210mn to date, making it Europe’s second best-funded quantum computing company. According to Bloomberg, the startup is also in talks to raise over $200mn in fresh capital, which would bring its total to over $400mn. In June, the company’s co-founder and CEO, Jan Goetz, will share his vision of Europe’s quantum future at TNW Conference.

    Located in Finland’s thriving quantum startup ecosystem, IQM has built over 30 full-stack quantum computers to date at its facility in Espoo, west of the capital, Helsinki. This site also houses Europe’s only private quantum chip factory. 

    Inés De Vega, vice president of innovation at IQM, tells TNW that its quantum processors have “similar, if not better, performance in terms of fidelities” than IBM, often considered the world leader in quantum technology. Fidelity refers to the accuracy with which a quantum computer can perform operations on qubits without introducing errors — a critical metric for building reliable and scalable quantum systems. 

    IQM-Quantum-Fabrication-Facility-Finland-00
    IQM’s headquarters in Espoo, Finland, is home to Europe’s only quantum chip fabrication facility. Credit: IQM
    IQM-Quantum-Fabrication-Facility-Finland-00

    While IQM is one of Europe’s most prominent quantum startups, it’s far from alone. There are currently 122 quantum computing companies on the continent, with a combined value of almost $13bn, according to Dealroom data.  

    UK-based Quantinuum is the best-funded, having raised $647 million at a $5bn valuation. Instead of using super-cooled superconducting circuits, Quantinuum develops trapped-ion quantum computers, which use electrically charged atoms controlled by lasers for qubits. Other European big shots include French startup Pasqal and the UK’s Oxford Quantum Circuits. 

    In the US, tech giants such as IBM, Google, Amazon, Microsoft, and Intel, plus well-funded startups like PsiQuantum, are all racing to scale up their own quantum computers and reduce error rates. 

    Globally, more than 30 governments have pledged over $40bn in public funding for quantum technologies, set to be deployed over the next decade.

    Both the private and public sectors are chasing the holy grail: a fault-tolerant quantum computer — one powerful and stable enough to run complex algorithms with minimal errors. IQM aims to get there by 2030, according to its publicly available roadmap.

    IQM’s estimate is on the optimistic side. In February, Google’s CEO Sundar Pichai said he believes “practically useful” quantum computers are five-to-10 years away. A month earlier, Nvidia’s Jensen Huang suggested we’re still at least 15 years out — a comment that sent quantum stocks tumbling.

    Truth is, no one knows exactly when we’ll get there. But one thing is clear: reaching the quantum finish line will demand years of experimentation, iteration, and engineering breakthroughs. That work is already underway in labs such as IQM’s, where the boundaries of physics are being pushed, one qubit at a time.

    At TNW Conference on June 19, IQM CEO and co-founder Jan Goetz will join Elvira Shishenina, senior director at Quantinuum, and Tom Henriksson, general partner at OpenOcean, for a panel discussion titled “Quantum Race: Can Europe Secure Leadership in Quantum?” Tickets for the event are now on sale. Use the code TNWXMEDIA2025 at the check-out to get 30% off the price tag.


  • NOV CIO fused AI and Zero Trust to slash threats by 35x

    NOV CIO fused AI and Zero Trust to slash threats by 35x


    Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More

    National Oilwell Varco (NOV) is undergoing a sweeping cybersecurity transformation under CIO Alex Philips, embracing a Zero Trust architecture, strengthening identity defenses and infusing AI into security operations. While the journey is not complete, the results, by all accounts, are dramatic – a 35-fold drop in security events, the elimination of malware-related PC reimaging and millions saved by scrapping legacy “appliance hell” hardware.

    VentureBeat recently sat down (virtually) for this in-depth interview where Philips details how NOV achieved these outcomes with Zscaler’s Zero Trust platform, aggressive identity protections and a generative AI “co-worker” for its security team.

    He also shares how he keeps NOV’s board engaged on cyber risk amid a global threat landscape where 79% of attacks to gain initial access are malware-free, and adversaries can move from breach to break out in as little as 51 seconds.

    Below are excerpts of Philips’ recent interview with VentureBeat:

    VentureBeat: Alex, NOV went “all in” on Zero Trust a number of years ago – what were the standout gains?

    Alex Philips: When we started, we were a traditional castle-and-moat model that wasn’t keeping up. We didn’t know what Zero Trust was, we just knew that we needed identity and conditional access at the core of everything. Our journey began by adopting an identity-driven architecture on Zscaler’s Zero Trust Exchange and it changed everything. Our visibility and protection coverage dramatically increased while simultaneously experiencing a 35x reduction in the number of security incidents. Before, our team was chasing thousands of malware incidents; now, it’s a tiny fraction of that. We also went from reimaging about 100 malware-infected machines each month to virtually zero now. That’s saved a considerable amount of time and money. And since the solution is cloud-based, Appliance hell is gone, as I like to say.

    The zero trust approach now gives 27,500 NOV users and third parties policy-based access to thousands of internal applications, all without exposing those apps directly to the internet.

    We were then able to take an interim step and re-architect our network to take advantage of internet-based connectivity vs. legacy expensive MPLS. “On average, we increased speed by 10–20x, reduced latency to critical SaaS apps, and slashed cost by over 4x… Annualized savings [from network changes] have already achieved over $6.5M,” Philips has noted of the project.

    VB: How did shifting to zero trust actually reduce the security noise by such an enormous factor?

    Philips: A big reason is that our internet traffic now goes through a Security Service Edge (SSE) with full SSL inspection, sandboxing, and data loss prevention. Zscaler peers directly with Microsoft, so Office 365 traffic got faster and safer – users stopped trying to bypass controls because performance improved. After being denied SSL inspection with on-prem equipment, we finally got legal approval to decrypt SSL traffic since the cloud proxy does not give NOV access to spy on the data itself. That means malware hiding in encrypted streams started getting caught before hitting endpoints. In short, we shrunk the attack surface and let good traffic flow freely. Fewer threats in meant fewer alerts overall.

    John McLeod, NOV’s CISO, concurred that the “old network perimeter model doesn’t work in a hybrid world” and that an identity-centric cloud security stack was needed. By routing all enterprise traffic through cloud security layers (and even isolating risky web sessions via tools like Zscaler’s Zero Trust Browser), NOV dramatically cut down intrusion attempts. This comprehensive inspection capability is what enabled NOV to spot and stop threats that previously slipped through, slashing incident volumes by 35x.

    VB: Were there any unforeseen benefits to adopting Zero Trust you didn’t initially expect?

    Alex Philips: Yes, our users actually preferred the cloud-based Zero Trust experience over legacy VPN clients, so adoption was simple and gave us unprecedented agility for mobility, acquisitions, and even what we like to call “Black Swan Events”. For example, when COVID-19 hit, NOV was already prepared! I told my leadership team if all 27,500 of our users needed to work remotely, our IT systems could handle it. My leadership was stunned and our company kept moving forward without missing a beat.

    VB: Identity-based attacks are on the rise – you’ve mentioned staggering stats about credential theft. How is NOV fortifying identity and access management?

    Philips: Attackers know it’s often easier to log in with stolen credentials than to drop malware. In fact, 79% of attacks to gain initial access in 2024 were malware-free, relying on stolen credentials, AI-driven phishing, and deepfake scams, according to recent threat reports. One in three cloud intrusions last year involved valid credentials. We’ve tightened identity policies to make those tactics harder.

    For example, we integrated our Zscaler platform with Okta for identity and conditional access checks. Our conditional access policies verify devices have our SentinelOne antivirus agent running before granting access, adding an extra posture check. We’ve also drastically limited who can perform password or MFA resets. No single admin should be able to bypass authentication controls alone. This separation of duties prevents an insider or compromised account from simply turning off our protections.

    VB: You mentioned finding a gap even after disabling a user’s account. Can you explain?

    Philips: We discovered that if you detect and disable a compromised user’s account, the attacker’s session tokens might still be active. It isn’t enough to reset passwords; you have to revoke session tokens to truly kick out an intruder. We’re partnering with a startup to create near real-time token invalidation solutions for our most commonly used resources. Essentially, we want to make a stolen token useless within seconds. A Zero Trust architecture helps because everything is re-authenticated through a proxy or identity provider, giving us a single choke point to cancel tokens globally. That way, even if an attacker grabs a VPN cookie or cloud session, they can’t move laterally because we’ll kill that token fast.

    VB: How else are you securing identities at NOV?

    Philips: We enforce multi-factor authentication (MFA) almost everywhere and monitor for abnormal access patterns. Okta, Zscaler, and SentinelOne together form an identity-driven security perimeter where each login and device posture is continuously verified. Even if someone steals a user password, they still face device checks, MFA challenges, conditional access rules, and the risk of instant session revocation if anything seems off. Resetting a password isn’t enough anymore — we must revoke session tokens instantly to stop lateral movement. That philosophy underpins NOV’s identity threat defense strategy.

    VB: You’ve also been an early adopter of AI in cybersecurity. How is NOV leveraging AI and generative models in the SOC?

    Philips: We have a relatively small security team for our global footprint, so we must work smarter. One approach is bringing AI “co-workers” into our security operations center (SOC). We partnered with SentinelOne and started using their AI security analyst tool—an AI that can write and run queries across our logs at machine speed. It’s been a game changer, allowing analysts to ask questions in plain English and get answers in seconds. Instead of manually crafting SQL queries, the AI suggests the next query or even auto-generates a report, which has dropped our mean time to respond.

    We’ve seen success stories where threat hunts are performed up to 80% faster using AI assistants. Microsoft’s own data shows that adding generative AI can reduce incident mean time to resolution by 30%. Beyond vendor tools, we’re also experimenting with internal AI bots for operational analytics, using OpenAI foundational AI models to help non-technical staff quickly query data. Of course, we have data protection guardrails in place so these AI solutions don’t leak sensitive information.

    VB: Cybersecurity is no longer just an IT issue. How do you engage NOV’s board and executives on cyber risk?

    Philips: I made it a priority to bring our board of directors along on our cyber journey. They don’t need the deep technical minutiae, but they do need to understand our risk posture. With generative AI exploding, for example, I briefed them on both the advantages and risks early on. That education helps when I propose controls to prevent data leaks—there’s already alignment on why it’s necessary.

    The board views cybersecurity as a core business risk now. They’re briefed on it at every meeting, not just once a year. We’ve even run tabletop exercises with them to show how an attack would play out, turning abstract threats into tangible decision points. That leads to stronger top-down support.

    I make it a point to constantly reinforce the reality of cyber risk. Even with millions invested in our cybersecurity program, the risk is never fully eliminated. It is not if we will have an incident, but when.

    VB: Any final advice, based on NOV’s journey, for other CIOs and CISOs out there?

    Philips: First, recognize that security transformation and digital transformation go hand in hand. We couldn’t have moved to the cloud or enabled remote work so effectively without Zero Trust, and the business cost savings helped fund security improvements. It truly was a “win, win, win.”

    Second, focus on the separation of duties in identity and access. No one person should be able to undermine your security controls—myself included. Small process changes like requiring two people to change MFA for an exec or highly privileged IT staff, can thwart malicious insiders, mistakes, and attackers.

    Lastly, embrace AI carefully but proactively. AI is already a reality on the attacker side. A well-implemented AI assistant can multiply your team’s defense, but you must manage the risks of data leakage or inaccurate models. Make sure to merge AI output with your team’s skill to create an AI-infused “brAIn”.

    We know the threats keep evolving, but with zero trust, strong identity security and now AI on our side, it helps give us a fighting chance.



  • AI has grown beyond human knowledge, says Google’s DeepMind unit

    AI has grown beyond human knowledge, says Google’s DeepMind unit


    abstract ai concept

    worawit chutrakunwanit/Getty Images

    The world of artificial intelligence (AI) has recently been preoccupied with advancing generative AI beyond simple tests that AI models easily pass. The famed Turing Test has been “beaten” in some sense, and controversy rages over whether the newest models are being built to game the benchmark tests that measure performance.

    The problem, say scholars at Google’s DeepMind unit, is not the tests themselves but the limited way AI models are developed. The data used to train AI is too restricted and static, and will never propel AI to new and better abilities. 

    In a paper posted by DeepMind last week, part of a forthcoming book by MIT Press, researchers propose that AI must be allowed to have “experiences” of a sort, interacting with the world to formulate goals based on signals from the environment.

    Also: With AI models clobbering every benchmark, it’s time for human evaluation

    “Incredible new capabilities will arise once the full potential of experiential learning is harnessed,” write DeepMind scholars David Silver and Richard Sutton in the paper, Welcome to the Era of Experience.

    The two scholars are legends in the field. Silver most famously led the research that resulted in AlphaZero, DeepMind’s AI model that beat humans in games of Chess and Go. Sutton is one of two Turing Award-winning developers of an AI approach called reinforcement learning that Silver and his team used to create AlphaZero. 

    The approach the two scholars advocate builds upon reinforcement learning and the lessons of AlphaZero. It’s called “streams” and is meant to remedy the shortcomings of today’s large language models (LLMs), which are developed solely to answer individual human questions.

    deepmind-2025-uses-of-reinforcement-learning

    Google DeepMind

    Silver and Sutton suggest that shortly after AlphaZero and its predecessor, AlphaGo, burst on the scene, generative AI tools, such as ChatGPT, took the stage and “discarded” reinforcement learning. That move had benefits and drawbacks. 

    Also: OpenAI’s Deep Research has more fact-finding stamina than you, but it’s still wrong half the time

    Gen AI was an important advance because AlphaZero’s use of reinforcement learning was restricted to limited applications. The technology couldn’t go beyond “full information” games, such as Chess, where all the rules are known. 

    Gen AI models, on the other hand, can handle spontaneous input from humans never before encountered, without explicit rules about how things are supposed to turn out. 

    However, discarding reinforcement learning meant, “something was lost in this transition: an agent’s ability to self-discover its own knowledge,” they write.

    Instead, they observe that LLMs “[rely] on human prejudgment”, or what the human wants at the prompt stage. That approach is too limited. They suggest that human judgment “imposes “an impenetrable ceiling on the agent’s performance: the agent cannot discover better strategies underappreciated by the human rater.

    Not only is human judgment an impediment, but the short, clipped nature of prompt interactions never allows the AI model to advance beyond question and answer. 

    “In the era of human data, language-based AI has largely focused on short interaction episodes: e.g., a user asks a question and (perhaps after a few thinking steps or tool-use actions) the agent responds,” the researchers write.

    “The agent aims exclusively for outcomes within the current episode, such as directly answering a user’s question.” 

    There’s no memory, there’s no continuity between snippets of interaction in prompting. “Typically, little or no information carries over from one episode to the next, precluding any adaptation over time,” write Silver and Sutton. 

    Also: The AI model race has suddenly gotten a lot closer, say Stanford scholars

    However, in their proposed Age of Experience, “Agents will inhabit streams of experience, rather than short snippets of interaction.”

    Silver and Sutton draw an analogy between streams and humans learning over a lifetime of accumulated experience, and how they act based on long-range goals, not just the immediate task.

    “Powerful agents should have their own stream of experience that progresses, like humans, over a long time-scale,” they write.

    Silver and Sutton argue that “today’s technology” is enough to start building streams. In fact, the initial steps along the way can be seen in developments such as web-browsing AI agents, including OpenAI’s Deep Research. 

    “Recently, a new wave of prototype agents have started to interact with computers in an even more general manner, by using the same interface that humans use to operate a computer,” they write.

    The browser agent marks “a transition from exclusively human-privileged communication, to much more autonomous interactions where the agent is able to act independently in the world.”

    Also: The Turing Test has a problem – and OpenAI’s GPT-4.5 just exposed it

    As AI agents move beyond just web browsing, they need a way to interact and learn from the world, Silver and Sutton suggest. 

    They propose that the AI agents in streams will learn via the same reinforcement learning principle as AlphaZero. The machine is given a model of the world in which it interacts, akin to a chessboard, and a set of rules. 

    As the AI agent explores and takes actions, it receives feedback as “rewards”. These rewards train the AI model on what is more or less valuable among possible actions in a given circumstance.

    The world is full of various “signals” providing those rewards, if the agent is allowed to look for them, Silver and Sutton suggest.

    “Where do rewards come from, if not from human data? Once agents become connected to the world through rich action and observation spaces, there will be no shortage of grounded signals to provide a basis for reward. In fact, the world abounds with quantities such as cost, error rates, hunger, productivity, health metrics, climate metrics, profit, sales, exam results, success, visits, yields, stocks, likes, income, pleasure/pain, economic indicators, accuracy, power, distance, speed, efficiency, or energy consumption. In addition, there are innumerable additional signals arising from the occurrence of specific events, or from features derived from raw sequences of observations and actions.”

    To start the AI agent from a foundation, AI developers might use a “world model” simulation. The world model lets an AI model make predictions, test those predictions in the real world, and then use the reward signals to make the model more realistic. 

    “As the agent continues to interact with the world throughout its stream of experience, its dynamics model is continually updated to correct any errors in its predictions,” they write.

    Also: AI isn’t hitting a wall, it’s just getting too smart for benchmarks, says Anthropic

    Silver and Sutton still expect humans to have a role in defining goals, for which the signals and rewards serve to steer the agent. For example, a user might specify a broad goal such as ‘improve my fitness’, and the reward function might return a function of the user’s heart rate, sleep duration, and steps taken. Or the user might specify a goal of ‘help me learn Spanish’, and the reward function could return the user’s Spanish exam results.

    The human feedback becomes “the top-level goal” that all else serves.

    The researchers write that AI agents with those long-range capabilities would be better as AI assistants. They could track a person’s sleep and diet over months or years, providing health advice not limited to recent trends. Such agents could also be educational assistants tracking students over a long timeframe.

    “A science agent could pursue ambitious goals, such as discovering a new material or reducing carbon dioxide,” they offer. “Such an agent could analyse real-world observations over an extended period, developing and running simulations, and suggesting real-world experiments or interventions.”

    Also: ‘Humanity’s Last Exam’ benchmark is stumping top AI models – can you do any better?

    The researchers suggest that the arrival of “thinking” or “reasoning” AI models, such as Gemini, DeepSeek’s R1, and OpenAI’s o1, may be surpassed by experience agents. The problem with reasoning agents is that they “imitate” human language when they produce verbose output about steps to an answer, and human thought can be limited by its embedded assumptions. 

    “For example, if an agent had been trained to reason using human thoughts and expert answers from 5,000 years ago, it may have reasoned about a physical problem in terms of animism,” they offer. “1,000 years ago, it may have reasoned in theistic terms; 300 years ago, it may have reasoned in terms of Newtonian mechanics; and 50 years ago, in terms of quantum mechanics.”

    The researchers write that such agents “will unlock unprecedented capabilities,” leading to “a future profoundly different from anything we have seen before.” 

    However, they suggest there are also many, many risks. These risks are not just focused on AI agents making human labor obsolete, although they note that job loss is a risk. Agents that “can autonomously interact with the world over extended periods of time to achieve long-term goals,” they write, raise the prospect of humans having fewer opportunities to “intervene and mediate the agent’s actions.” 

    On the positive side, they suggest, an agent that can adapt, as opposed to today’s fixed AI models, “could recognise when its behaviour is triggering human concern, dissatisfaction, or distress, and adaptively modify its behaviour to avoid these negative consequences.”

    Also: Google claims Gemma 3 reaches 98% of DeepSeek’s accuracy – using only one GPU

    Leaving aside the details, Silver and Sutton are confident the streams experience will generate so much more information about the world that it will dwarf all the Wikipedia and Reddit data used to train today’s AI. Stream-based agents may even move past human intelligence, alluding to the arrival of artificial general intelligence, or super-intelligence.

    “Experiential data will eclipse the scale and quality of human-generated data,” the researchers write. “This paradigm shift, accompanied by algorithmic advancements in RL [reinforcement learning], will unlock in many domains new capabilities that surpass those possessed by any human.”

    Silver also explored the subject in a DeepMind podcast this month.




  • Resist, eggheads! Universities are not as weak as they have chosen to be.

    Resist, eggheads! Universities are not as weak as they have chosen to be.



    The wholesale American cannibalism of one of its own crucial appendages—the world-famous university system—has begun in earnest. The campaign is predictably Trumpian, built on a flagrantly pretextual basis and executed with the sort of vicious but chaotic idiocy that has always been a hallmark of the authoritarian mind.

    At a moment when the administration is systematically waging war on diversity initiatives of every kind, it has simultaneously discovered that it is really concerned about both “viewpoint diversity” and “antisemitism” on college campuses—and it is using the two issues as a club to beat on the US university system until it either dies or conforms to MAGA ideology.

    Reaching this conclusion does not require reading any tea leaves or consulting any oracles; one need only listen to people like Vice President JD Vance, who in 2021 gave a speech called “The Universities are the Enemy” to signal that, like every authoritarian revolutionary, he intended to go after the educated.

    “If any of us want to do the things that we want to do for our country,” Vance said, “and for the people who live in it, we have to honestly and aggressively attack the universities in this country.” Or, as conservative activist Christopher Rufo put it in a New York Times piece exploring the attack campaign, “We want to set them back a generation or two.”

    The goal is capitulation or destruction. And “destruction” is not a hyperbolic term; some Trump aides have, according to the same piece, “spoken privately of toppling a high-profile university to signal their seriousness.”

    Consider, in just a few months, how many battles have been launched:

    • The Trump administration is now snatching non-citizen university students, even those in the country legally, off the streets using plainclothes units and attempting to deport them based on their speech or beliefs.
    • It has opened investigations of more than 50 universities.
    • It has threatened grants and contracts at, among others, Brown ($510 million), Columbia ($400 million), Cornell ($1 billion), Harvard ($9 billion), Penn ($175 million), and Princeton ($210 million).
    • It has reached a widely criticized deal with Columbia that would force Columbia to change protest and security policies but would also single out one academic department (Middle Eastern, South Asian, and African Studies) for enhanced scrutiny. This deal didn’t even get Columbia its $400 million back; it only paved the way for future “negotiations” about the money. And the Trump administration is potentially considering a consent decree with Columbia, giving it leverage over the school for years to come.
    • It has demanded that Harvard audit every department for “viewpoint diversity,” hiring faculty who meet the administration’s undefined standards.
    • Trump himself has explicitly threatened to revoke Harvard’s tax-exempt nonprofit status after it refused to bow to his demands. And the IRS looks ready to do it.
    • The government has warned that it could choke off all international students—an important diplomatic asset but also a key source of revenue—at any school it likes.
    • Ed Martin—the extremely Trumpy interim US Attorney for Washington, DC—has already notified Georgetown that his office will not hire any of that school’s graduates if the school “continues to teach and utilize DEI.”

    What’s next? Project 2025 lays it out for us, envisioning the federal government getting heavily involved in accreditation—thus giving the government another way to bully schools—and privatizing many student loans. Right-wing wonks have already begun to push for “a never-ending compliance review” of elite schools’ admissions practices, one that would see the Harvard admissions office filled with federal monitors scrutinizing every single admissions decision. Trump has also called for “patriotic education” in K–12 schools; expect similar demands of universities, though probably under the rubrics of “viewpoint discrimination” and “diversity.”

    Universities may tell themselves that they would never comply with such demands, but a school without accreditation and without access to federal funds, international students, and student loan dollars could have trouble surviving for long.

    Some of the top leaders in academia are ringing the alarm bells. Princeton’s president, Christopher Eisgruber, wrote a piece in The Atlantic warning that the Trump administration has already become “the greatest threat to American universities since the Red Scare of the 1950s. Every American should be concerned.”

    Lee Bollinger, who served as president of both the University of Michigan and Columbia University, gave a fiery interview to the Chronicle of Higher Education in which he said, “We’re in the midst of an authoritarian takeover of the US government… We cannot get ourselves to see how this is going to unfold in its most frightening versions. You neutralize the branches of government; you neutralize the media; you neutralize universities, and you’re on your way. We’re beginning to see the effects on universities. It’s very, very frightening.”

    But for the most part, even though faculty members have complained and even sued, administrators have stayed quiet. They are generally willing to fight for their cash in court—but not so much in the court of public opinion. The thinking is apparently that there is little to be gained by antagonizing a ruthless but also chaotic administration that just might flip the money spigot back on as quickly as it was shut off. (See also: tariff policy.)

    This academic silence also comes after many universities course-corrected following years of administrators weighing in on global and political events outside a school’s basic mission. When that practice finally caused problems for institutions, as it did following the Gaza/Israel fighting, numerous schools adopted a posture of “institutional neutrality” and stopped offering statements except on core university concerns. This may be wise policy, but unfortunately, schools are clinging to it even though the current moment could not be more central to their mission.

    To critics, the public silence looks a lot like “appeasement”—a word used by our sister publication The New Yorker to describe how “universities have cut previously unthinkable ‘deals’ with the Administration which threaten academic freedom.” As one critic put it recently, “still there is no sign of organized resistance on the part of universities. There is not even a joint statement in defense of academic freedom or an assertion of universities’ value to society.”

    Even Michael Roth, the president of Wesleyan University, has said that universities’ current “infatuation with institutional neutrality is just making cowardice into a policy.”

    Appeasing narcissistic strongmen bent on “dominance” is a fool’s errand, as is entering a purely defensive crouch. Weakness in such moments is only an invitation to the strongman to dominate you further. You aren’t going to outlast your opponent when the intended goal appears to be not momentary “wins” but the weakening of all cultural forces that might resist the strongman. (See also: Trump’s brazen attacks on major law firms and the courts.)

    As an Atlantic article put it recently, “Since taking office, the Trump administration has been working to dismantle the global order and the nation’s core institutions, including its cultural ones, to strip them of their power. The future of the nation’s universities is very much at stake. This is not a challenge that can be met with purely defensive tactics.”

    The temperamental caution of university administrators means that some can be poor public advocates for their universities in an age of anger and distrust, and they may have trouble finding a clear voice to speak with when they come under thundering public attacks from a government they are more used to thinking of as a funding source.

    But the moment demands nothing less. This is not a breeze; this is the whirlwind. And it will leave a state-dependent, nationalist university system in its wake unless academia arises, feels its own power, and non-violently resists.

    Fighting back

    Finally, on April 14, something happened: Harvard decided to resist in far more public fashion. The Trump administration had demanded, as a condition of receiving $9 billion in grants over multiple years, that Harvard reduce the power of student and faculty leaders, vet every academic department for undefined “viewpoint diversity,” run plagiarism checks on all faculty, share hiring information with the administration, shut down any program related to diversity or inclusion, and audit particular departments for antisemitism, including the Divinity School. (Numerous Jewish groups want nothing to do with the campaign, writing in an open letter that “our safety as Jews has always been tied to the rule of law, to the safety of others, to the strength of civil society, and to the protection of rights and liberties for all.”)

    If you think this sounds a lot like government control, giving the Trump administration the power to dictate hiring and teaching practices, you’re not alone; Harvard president Alan Garber rejected the demands in a letter, saying, “The university will not surrender its independence or relinquish its constitutional rights. Neither Harvard nor any other private university can allow itself to be taken over by the federal government.”

    The Trump administration immediately responded by cutting billions in Harvard funding, threatening the university’s tax-exempt status, and claiming it might block international students from attending Harvard.

    Perhaps Harvard’s example will provide cover for other universities to make hard choices. And these are hard choices. But Columbia and Harvard have already shown that the only way you have a chance at getting the money back is to sell whatever soul your institution has left.

    Given that, why not fight? If you have to suffer, suffer for your deepest values.

    Fare forward

    “Resistance” does not mean a refusal to change, a digging in, a doubling down. No matter what part of the political spectrum you inhabit, universities—like most human institutions—are “target-rich environments” for complaints. To see this, one has only to read about recent battles over affirmative action, the Western canon, “legacy” admissions, the rise and fall of “theory” in the humanities, Gaza/Palestine protests, the “Varsity Blues” scandal, critiques of “meritocracy,” mandatory faculty “diversity statements,” the staggering rise in tuition costs over the last few decades, student deplatforming of invited speakers, or the fact that so many students from elite institutions cannot imagine a higher calling than management consulting. Even top university officials acknowledge there are problems.

    Famed Swiss theologian Karl Barth lost his professorship and was forced to leave Germany in 1935 because he would not bend the knee to Adolf Hitler. He knew something about standing up for one’s academic and spiritual values—and about the importance of not letting any approach to the world ossify into a reactionary, bureaucratic conservatism that punishes all attempts at change or dissent. The struggle for knowledge, truth, and justice requires forward movement even as the world changes, as ideas and policies are tested, and as cultures develop. Barth’s phrase for this was “Ecclesia semper reformanda est”—the church must always be reformed—and it applies just as well to the universities where he spent much of his career.

    As universities today face their own watershed moment of resistance, they must still find ways to remain intellectually curious and open to the world. They must continue to change, always imperfectly but without fear. It is important that their resistance not be partisan. Universities can only benefit from broad-based social support, and the idea that they are fighting “against conservatives” or “for Democrats” will be deeply unhelpful. (Just as it would be if universities capitulated to government oversight of their faculty hires or gave in to “patriotic education.”)

    This is difficult when one is under attack, as the natural reaction is to defend what currently exists. But the assault on the universities is about deeper issues than admissions policies or the role of elite institutions in American life. It is about the rule of law, freedom of speech, scientific research, and the very independence of the university—things that should be able to attract broad social and judicial support if schools do not retreat into ideology.

    Why it matters

    Ars Technica was founded by grad students and began with a “faculty model” drawn from universities: find subject matter experts and turn them loose to find interesting stories in their domains of expertise, with minimal oversight and no constant meetings.

    From Minnesota Bible colleges to the halls of Harvard, from philosophy majors to chemistry PhDs, from undergrads to post-docs, Ars has employed people from a wide range of schools and disciplines. We’ve been shaped by the university system, and we cover it regularly as a source of scientific research and computer science breakthroughs. While we differ in many ways, we recognize the value of a strong, independent, mission-focused university system that, despite current flaws, remains one of America’s storied achievements. And we hope that universities can collectively find the strength to defend themselves, just as we in the media must learn to do.

    The assault on universities and on the knowledge they produce has been disorienting in its swiftness, animus, and savagery. But universities are not starfish, flopping about helplessly on a beach while a cruel child slices off their arms one by one. They can do far more than hope to survive another day, regrowing missing limbs in some remote future. They have real power, here and now. But they need to move quickly, they need to move in solidarity, and they need to use the resources that they have, collectively, assembled.

    Because, if they aren’t going to use those resources when their very mission comes under assault, what was the point of gathering them in the first place?

    Here are a few of those resources.

    Money

    Cash is not always the most important force in human affairs, but it doesn’t hurt to have a pile of it when facing off against a feral US government. When the government threatened Harvard with multiyear cuts of $9 billion, for instance, it was certainly easier for the university to resist while sitting on a staggering $53 billion endowment. In 2024, the National Association of College and University Business Officers reported that higher ed institutions in the US collectively have over $800 billion in endowment money.

    It’s true that many endowment funds are donor-restricted and often invested in non-liquid assets, making them unavailable for immediate use or to bail out university programs whose funding has been cut. But it’s also true that $800 billion is a lot of money—it’s more than the individual GDP of all but two dozen countries.

    No trustee of this sort of legacy wants to squander an institution’s future by spending money recklessly, but what point is there in having a massive endowment if it requires your school to become some sort of state-approved adjunct?

    Besides, one might choose not to spend that money now only to find that it is soon requisitioned regardless. People in Trump’s orbit have talked for years about placing big new taxes on endowment revenue as a way of bringing universities to heel. Trump himself recently wrote on social media that Harvard “perhaps” should “lose its Tax Exempt Status and be Taxed as a Political Entity if it keeps pushing political, ideological, and terrorist inspired/supporting “Sickness?” Remember, Tax Exempt Status is totally contingent on acting in the PUBLIC INTEREST!”

    So spend wisely, but do spend. This is the kind of moment such resources were accumulated to weather.

    Students

    Fifteen million students are currently enrolled in higher education across the country. The total US population is 341 million people. That means students comprise over 4 percent of the total population; when you add in faculty and staff, higher education’s total share of the population is even greater.

    So what? Political science research over the last three decades looked at nonviolent protest movements and found that they need only 3.5 percent of the population to actively participate. Most movements that hit that threshold succeed, even in authoritarian states. Higher ed alone has those kinds of numbers.

    Students are not a monolith, of course, and many would not participate—nor should universities look at their students merely as potential protesters who might serve university interests. But students have been well-known for a willingness to protest, and one of the odd features of the current moment has been that so many students protested the Gaza/Israel conflict even though so few have protested the current government assault on the very schools where they have chosen to spend their time and money. It is hard to say whether both schools and their students are burned out from recent, bruising protests, or whether the will to resist remains.

    But if it does, the government assault on higher education could provoke an interesting realignment of forces: students, faculty, and administrators working together for once in resistance and protest, upending the normal dynamics of campus movements. And the numbers exist to make a real national difference if higher ed can rally its own full range of resources.

    Institutions

    Depending on how you count, the US has around 4,000 colleges and universities. The sheer number and diversity of these institutions is a strength—but only if they can do a better job working together on communications, lobbying, and legal defenses.

    Schools are being attacked individually, through targeted threats rather than broad laws targeting all higher education. And because schools are in many ways competitors rather than collaborators, it can be difficult to think in terms of sharing resources or speaking with one voice. But joint action will be essential, given that many smaller schools are already under economic pressure and will have a hard time resisting government demands, losing their nonprofit status, or finding their students blocked from the country or cut off from loan money.

    Plenty of trade associations and professional societies exist within the world of higher education, of course, but they are often dedicated to specific tasks and lack the public standing and authority to make powerful public statements.

    Faculty/alumni

    The old stereotype of the out-of-touch, tweed-wearing egghead, spending their life lecturing on the lesser plays of Ben Jonson, is itself out of touch. The modern university is stuffed with lawyers, data scientists, computer scientists, cryptographers, marketing researchers, writers, media professionals, and tech policy mavens. They are a serious asset, though universities sometimes leave faculty members to operate so autonomously that group action is difficult or, at least, institutionally unusual. At a time of crisis, that may need to change.

    Faculty are an incredible resource because of what they know, of course. Historians and political scientists can offer context and theory for understanding populist movements and authoritarian regimes. Those specializing in dialogue across difference, or in truth and reconciliation movements, or in peace and conflict studies, can offer larger visions for how even deep social conflicts might be transcended. Communications professors can help universities think more carefully about articulating what they do in the public marketplace of ideas. And when you are on the receiving end of vindictive and pretextual legal activity, it doesn’t hurt to have a law school stuffed with top legal minds.

    But faculty power extends beyond facts. Relationships with students, across many years, are a hallmark of the best faculty members. When generations of those students have spread out into government, law, and business, they make a formidable network.

    Universities that realize the need to fight back already know this. Ed Martin, the interim US Attorney for the District of Columbia, attacked Georgetown in February and asked if it had “eliminated all DEI from your school and its curriculum?” He ended his “clarification” letter by claiming that “no applicant for our fellows program, our summer internship, or employment in our office who is a student or affiliated with a law school or university that continues to teach and utilize DEI will be considered.”

    When Georgetown Dean Bill Treanor replied to Martin, he did not back down, noting Martin’s threat to “deny our students and graduates government employment opportunities until you, as Interim United States Attorney for the District of Columbia, approve of our curriculum.” (Martin himself had managed to omit the “interim” part of his title.) Such a threat would violate “the First Amendment’s protection of a university’s freedom to determine its own curriculum and how to deliver it.”

    There was no “negotiating” here, no attempt to placate a bully. Treanor barely addressed Martin’s questions. Instead, he politely but firmly noted that the inquiry itself was illegitimate, even under recent Supreme Court jurisprudent and Trump Department of Education policy. And he tied everything in his response to the university’s mission as a Jesuit school committed to “intellectual, ethical, and spiritual understanding.”

    The letter’s final paragraph, in which Treanor told Martin that he expected him to back down from his threats, opened with a discussion of Georgetown’s faculty.

    Georgetown Law has one of the preeminent faculties in the country, fostering groundbreaking scholarship, educating students in a wide variety of perspectives, and thriving on the robust exchange of ideas. Georgetown Law faculty have educated world leaders, members of Congress, and Justice Department officials, from diverse backgrounds and perspectives.

    Implicit in these remarks are two reminders:

    1. Georgetown is home to many top legal minds who aren’t about to be steamrolled by a January 6 defender whose actions in DC have already been so comically outrageous that Sen. Adam Schiff has placed a hold on his nomination to get the job permanently.
    2. Georgetown faculty have good relationships with many powerful people across the globe who are unlikely to sympathize with some legal hack trying to bully their alma mater.

    The letter serves as a good reminder: Resist with firmness and rely on your faculty. Incentivize their work, providing the time and resources to write more popular-level distillations of their research or to educate alumni groups about the threats campuses are facing. Get them into the media and onto lecture hall stages. Tap their expertise for internal working groups. Don’t give in to the caricatures but present a better vision of how faculty contribute to students, to research, and to society.

    Real estate

    Universities collectively possess a real estate portfolio of land and buildings—including lecture halls, stages, dining facilities, stadiums, and dormitories—that would make even a developer like Donald Trump salivate. It’s an incredible resource that is already well-used but might be put toward purposes that meet the moment even more clearly.

    Host more talks, not just on narrow specialty topics, but on the kinds of broad-based political debates that a healthy society needs. Make the universities essential places for debate, discussion, and civic organizing. Encourage more campus conferences in summer, with vastly reduced rates for groups that effectively aid civic engagement, depolarization, and dialogue across political differences. Provide the physical infrastructure for fruitful cross-party political encounters and anti-authoritarian organizing. Use campuses to house regional and national hubs that develop best practices in messaging, legal tactics, local outreach, and community service from students, faculty, and administrators.

    Universities do these things, of course; many are filled with “dialogue centers” and civic engagement offices. But many of these resources exist primarily for students; to survive and thrive, universities will need to rebuild broader social confidence. The other main criticism is that they can be siloed off from the other doings of the university. If “dialogue” is taken care of at the “dialogue center,” then other departments and administrative units may not need to worry about it. But with something as broad and important as “resistance,” the work cannot be confined to particular units.

    With so many different resources, from university presses to libraries to lecture halls, academia can do a better job at making its campuses useful both to students and to the surrounding community—so long as the universities know their own missions and make sure their actions align with them.

    Athletics

    During times of external stress, universities need to operate more than ever out of their core, mission-driven values. While educating the whole person, mentally and physically, is a worthy goal, it is not one that requires universities to submit to a Two Minutes Hate while simultaneously providing mass entertainment and betting material for the gambling-industrial complex.

    When up against a state that seeks “leverage” of every kind over the university sector, realize that academia itself controls some of the most popular sports competitions in America. That, too, is leverage, if one knows how to use it.

    Such leverage could, of course, be Trumpian in its own bluntness—no March Madness tournament, for instance, so long as thousands of researchers are losing their jobs and health care networks are decimated and the government is insisting on ideological control over hiring and department makeup. (That would certainly be interesting—though quite possibly counterproductive.)

    But universities might use their control of NCAA sporting events to better market themselves and their impact—and to highlight what’s really happening to them. Instead, we continue to get the worst kinds of anodyne spots during football and basketball games: frisbee on the quad, inspiring shots of domes and flags, a professor lecturing in front of a chalkboard.

    Be creative! But do something. Saying and doing nothing—letting the games go on without comment as the boot heel comes down on the whole sector, is a complete abdication of mission and responsibility.

    DOD and cyber research

    The Trump administration seems to believe that it has the only thing people want: grant funding. It seems not even to care if broader science funding in the US simply evaporates, if labs close down, or if the US loses its world-beating research edge.

    But even if “science” is currently expendable, the US government itself relies heavily on university researchers to produce innovations required by the Department of Defense and the intelligence community. Cryptography, cybersecurity tools, the AI that could power battlefield drone swarms—much of it is produced by universities under contract with the feds. And there’s no simple, short-term way for the government to replace this system.

    Even other countries believe that US universities do valuable cyber work for the federal government; China just accused the University of California and Virginia Tech of aiding in an alleged cyberattack by the NSA, for instance.

    That gives the larger universities—the one who often have these contracts—additional leverage. They should find a way to use it.

    Medical facilities

    Many of the larger universities run sprawling and sophisticated health networks that serve whole communities and regions; indeed, much of the $9 billion in federal money at issue in the Harvard case was going to Harvard’s medical system of labs and hospitals.

    If it seems unthinkable to you that the US government would treat the health of its own people as collateral damage in a war to become the Thought Police, remember that this is the same administration that has already tried to stop funds to the state of Maine—funds used to “feed children and disabled adults in schools and care settings across the state”—just because Maine allowed a couple of transgender kids to play on sports teams. What does the one have to do with the other? Nothing—except that the money provides leverage.

    But health systems are not simply weapons for the Trump administration to use by refusing or delaying contracts, grants, and reimbursements. Health systems can improve people’s lives in the most tangible of ways. And that means they ought to be shining examples of community support and backing, providing a perfect opportunity to highlight the many good things that universities do for society.

    Now, to the extent that these health care systems in the US have suffered from the general flaws of all US health care—lack of universal coverage leading to medical debt and the overuse of emergency rooms by the indigent, huge salaries commanded by doctors, etc.—the Trump war on these systems and on the universities behind them might provide a useful wake-up call from “business as usual.” Universities might use this time to double down on mission-driven values, using these incredible facilities even more to extend care, to lower barriers, and to promote truly public and community health. What better chance to show one’s city, region, and state the value of a university than massively boosting free and easy access to mental and physical health resources? Science research can be esoteric; saving someone’s body or mind is not.

    Conclusion

    This moment calls out for moral clarity and resolve. It asks universities to take their mission in society seriously and to resist being co-opted by government forces.

    But it asks something of all of us, too. University leaders will make their choices, but to stand strong, they need the assistance of students, faculty, and alumni. In an age of polarization, parts of society have grown skeptical about the value of higher education. Some of these people are your friends, family, and neighbors. Universities must continue to make changes as they seek to build knowledge and justice and community, but those of us no longer within their halls and quads also have a part to play in sharing a more nuanced story about the value of the university system, both to our own lives and to the country.

    If we don’t, our own degrees may be from institutions that have become almost unrecognizable.