Technologies

Tech Companies Need to Be Held Accountable for Security, Experts Say

All that tech may look cool, but it also needs to be secure.

It’s easy to get caught up in the flashy and futuristic tech rolled out at CES. Where else are you going to see flying cars, toilet sensors that test your pee and so, so many robots?

That all may seem incredibly cool, but that new tech, which is often collecting oodles of personal data from untold numbers of consumers, highlights the need for tech companies to make security and privacy a priority and build it in from the get-go.

Often, when it comes to tech design, data protection concerns are pushed to the back burner in favor of exciting new features, keeping costs low, and getting the tech to market as fast as possible, Jen Easterly, director of the US Cybersecurity and Infrastructure Security Agency, said during a CES panel.

That’s partially due to a lack of accountability from both the government and the public in general.

«We don’t seem to be recognizing that as a fundamental safety issue,» Easterly said, adding that while companies have lots of incentives to make products cheaply and quickly, there isn’t a lot out there to entice them to make them safe.

That, unfortunately, puts the burden of securing technology on consumers, who are least able to understand cyberthreats and defend themselves against them, Easterly said.

CrowdStrike CEO George Kutz, speaking on the CES panel, said average people shouldn’t have to think about security beyond the most basic of levels.

When consumers buy a piece of tech, such as a home security camera, they should get some kind of guarantee that it’ll be secure and supported with software updates for a certain amount of time, say five years, Kutz said. After that, they might be on their own, but they won’t have to think about it in the meantime.

«Until there’s some level of oversight and regulation and, you know, some sort of sensible practice in how people purchase these things and how they look at security as a differentiator, you’re going to have the same situations occur over and over,» Kurtz said.

Dan Berte, head of internet of things research for Bitdefender, said it wouldn’t be asking a lot for tech companies to secure and support their products for at least a few years.

Berte’s team spent much of the last year dissecting vulnerabilities in several brands of internet-connected cameras. They discovered security problems in several products, which they then reported to the companies, but he said it was a battle to get many of those companies to acknowledge and fix those problems.

«I think responsibility should be required by law — that you provide instant patching and support for three years, especially if a vulnerability is reported,» Berte said in an interview with CNET.

Companies that fail to do this should be fined, and repeat offenders should have their products pulled from the market, he said.

If nothing else, tech companies should be required to be transparent with consumers about what their technology contains in terms of security protections, just like how food makers are required to list ingredients in their products, Eastery said.

That way people will have a better chance at making smart choices about what kinds of tech they bring into their homes. That transparency also could push tech companies to put more emphasis on securing their products by default, she said.

«Technology companies are actually pushing and trying to get there, but from a consumer perspective we really need to be demanding better safety in our products,» Easterly said.

Technologies

These Are the Chatbots We’re Using Most, and How We’re Using Them

A Menlo Ventures report finds 91% of AI users have a default artificial intelligence assistant they turn to for their AI tasks.

If you have a particular AI tool that you tend to try first when you have an artificial intelligence task on deck, you’re not alone. According to a new survey, 91% of people who use AI have a favorite tool they try first, whether it’s ChatGPT, Gemini, Alex or something else.

A Menlo Ventures survey of 5,000 adults found that this so-called «default tool dynamic» means that most people using AI have chosen a general AI tool they’ll try first for every job, even if it’s not necessarily the best tool for the job.

In the report, ChatGPT is the AI assistant that tops default tools, with 28% of respondents choosing it first. It’s followed by Google’s Gemini at 23%, Meta AI and Amazon’s Alexa, both at 18%, and Apple’s Siri at 16%. Other tools including Claude, Grok and Perplexity collectively make up another 33%.

Some of that, Menlo Ventures says, is «first-mover advantage,» with tools like ChatGPT having built up a following by being the first to offer some chatbot and image-generation features. But, the company warns, «that position is not guaranteed,» with challengers moving fast.

«The consumer market for [large language models] is still nascent and far from saturated,» the report says, «leaving ample room for product innovation to shift market share over time.»

Some of the most common ways people are using these AI tools include composing emails and other writing support, researching topics of interest and managing to-do lists, according to Menlo Ventures.

Overall, 61% of Americans have used AI in the last six months and nearly 1 in 5, 19%, rely on it daily, the report says.

Technologies

It’s Not Too Late to Claim a Part of Fortnite’s $245 Million Settlement. Learn How to File

The FTC has extended the deadline to file a claim for compensation from unintended in-game Fortnite purchases.

It’s been a good week for Fortnite gamers who felt cheated by accidental in-game purchases. The Federal Trade Commission announced it was distributing $126 million in compensation to 969,173 claimants this week, and it also extended the time to file a claim — the process had previously ended on Jan. 10, 2025.

Games who were charged by Fortnite for unwanted purchases between January 2017 and September 2022 who haven’t already filed now have until July 9, 2025, to participate in the settlement by filing a claim. The FTC says that since December, 629,344 payments went out to players who made those in-game purchases and who filed a valid claim by Oct. 8, 2024. The average payout was about $114 per customer and totaled $72 million.

In the settlement, the FTC concluded that Fortnite’s developer and publisher, Epic Games, used design tricks known as dark patterns to make in-game sales. «Fortnite’s counterintuitive, inconsistent, and confusing button configuration led players to incur unwanted charges based on the press of a single button,» the agency said in its March 2023 announcement.

The FTC has more money left, so it’s extending the claim deadline

The FTC apparently still has about $47 million left to distribute from the settlement. On June 25, the agency posted a notice alerting those who haven’t yet filed that they now have until July 9, to submit a claim at ftc.gov/fortnite.

The Fortnite settlement applies to anyone who was charged for in-game currency for items they did not want to purchase between January 2017 and September 2022; if a child made credit card charges without a parent’s knowledge between January 2017 and November 2018; or if an account was locked after a charge was disputed between January 2017 and September 2022.

Those filing must be 18 or older; minors can ask a parent or guardian to complete the form on their behalf.

One CNET staffer received his PayPal deposit (for $95.98) from a Fortnite claim in January, a pleasant surprise since he had forgotten about the settlement.

Epic’s Fortnite is wildly popular, especially with teens; in one game event last year, 44.7 million players participated on a single day. But the free-to-play game relies on players buying Battle Passes and other items with V-Bucks, the in-game currency.

Like other games-as-platforms that have a large audience of young people, such as Roblox, Fortnite has evolved on how to make its game secure for young people and to ensure that payments aren’t being generated without the player’s authorization.

How can I file a Fortnite claim?

When you visit the FTC’s Epic Games/Fortnite page to file a claim, you will be asked if you received a notification email from the FTC with a claim number. If you have a claim number, select Yes, click Next, then provide your claim number and solve a CAPTCHA test to submit your claim.

If you didn’t receive a notification or can no longer find your claim number, you can apply for a Fortnite claim using your Epic account ID. If you’re not sure of your Epic account ID, follow these steps from the Epic Games support page.

When and how will I receive my money from the FTC?

Eligible claims submitted by Oct. 8, 2024, and January have already started receiving payments. The FTC has not specified when money for new claims filed by July 9 will be distributed.

During the claims process on the FTC site, you will be able to specify whether you’d like to be paid with a check or via PayPal. Checks must be cashed within 90 days, and PayPal payments must be accepted within 30 days. For questions about your payment, you can call a claims support hotline at 1-800-915-0880 or email admin@fortniterefund.com.

Will filing a claim against Epic Games affect my Fortnite account?

According to the FTC, filing a claim will not affect the status of a player’s Fortnite account. For more information, see the FTC’s Fortnite refunds FAQ.