Soft Audits Hard Consequences - Newest Article

This is my latest article, “Soft Audits, Hard Consequences: The Danger of Soft Audits”, published in Big Data Quarterly and co-authored with Don Sullivan. At LicenseFortress, we’re seeing an increasing number of companies reach out to us after inadvertently triggering formal audits—simply by answering what seemed like harmless vendor questions. These “soft audits” can lead to serious consequences…

While others spend 18 months struggling with PCI DSS compliance, our clients achieve certification in 90 days.

🚀 How we accelerate your compliance journey:

Automated gap analysis & remediation roadmaps

Pre-configured security templates for your industry

Dedicated compliance experts (not junior consultants)

Real-time monitoring & continuous compliance

Guaranteed audit readiness or we fix it free

Result: 300% faster compliance, 50% lower costs, 100% audit success rate.

Stop letting compliance slow down your growth. Let's discuss your fast-track to PCI DSS certification.

Powered by Itio Innovex

#PCICompliance #ComplianceExperts #DataSecurity #PaymentCompliance

China’s Rare Earth Export Controls: What Manufacturers Must Know

China’s new rare earth export controls are reshaping global manufacturing supply chains. In this short clip, Certivo CEO Kunal Chopra explains the real-world impact on procurement, pricing, and supplier reliability.

👉 Longer lead times — +30 to 45 days in procurement cycles 👉 Price volatility — Up to 200% cost spikes on key materials 👉 Heavier documentation — Composition, origin & processing info required 👉 Supplier uncertainty — Even trusted partners now face disruptions

📱 Watch this short clip: https://youtube.com/shorts/4dstdWn581k

🎥 Full podcast episode: https://youtu.be/teq9bXymluc

🔗 Rare Earth Compliance Help: https://www.certivo.com/solutions

🌐 Visit Certivo: https://www.certivo.com/

Risk Management Solutions

Protect your business with Cedar Rose's integrated risk management solutions. Comprehensive tools for identifying and mitigating threats.

Why Organizations Need SaaS Management Platforms (SMPs) for Effective SaaS Portfolio Management

View On WordPress

Automate Your License Management With Insurance Software Solutions

Say goodbye to manual tracking and spreadsheets. Our insurance license management software automates and simplifies the entire process, saving you time and reducing errors.

So, let me try and put everything together here, because I really do think it needs to be talked about.

Today, Unity announced that it intends to apply a fee to use its software. Then it got worse.

For those not in the know, Unity is the most popular free to use video game development tool, offering a basic version for individuals who want to learn how to create games or create independently alongside paid versions for corporations or people who want more features. It's decent enough at this job, has issues but for the price point I can't complain, and is the idea entry point into creating in this medium, it's a very important piece of software.

But speaking of tools, the CEO is a massive one. When he was the COO of EA, he advocated for using, what out and out sounds like emotional manipulation to coerce players into microtransactions.

"A consumer gets engaged in a property, they might spend 10, 20, 30, 50 hours on the game and then when they're deep into the game they're well invested in it. We're not gouging, but we're charging and at that point in time the commitment can be pretty high."

He also called game developers who don't discuss monetization early in the planning stages of development, quote, "fucking idiots".

So that sets the stage for what might be one of the most bald-faced greediest moves I've seen from a corporation in a minute. Most at least have the sense of self-preservation to hide it.

A few hours ago, Unity posted this announcement on the official blog.

Effective January 1, 2024, we will introduce a new Unity Runtime Fee that’s based on game installs. We will also add cloud-based asset storage, Unity DevOps tools, and AI at runtime at no extra cost to Unity subscription plans this November. We are introducing a Unity Runtime Fee that is based upon each time a qualifying game is downloaded by an end user. We chose this because each time a game is downloaded, the Unity Runtime is also installed. Also we believe that an initial install-based fee allows creators to keep the ongoing financial gains from player engagement, unlike a revenue share.

Now there are a few red flags to note in this pitch immediately.

Unity is planning on charging a fee on all games which use its engine.

This is a flat fee per number of installs.

They are using an always online runtime function to determine whether a game is downloaded.

There is just so many things wrong with this that it's hard to know where to start, not helped by this FAQ which doubled down on a lot of the major issues people had.

I guess let's start with what people noticed first. Because it's using a system baked into the software itself, Unity would not be differentiating between a "purchase" and a "download". If someone uninstalls and reinstalls a game, that's two downloads. If someone gets a new computer or a new console and downloads a game already purchased from their account, that's two download. If someone pirates the game, the studio will be asked to pay for that download.

Q: How are you going to collect installs? A: We leverage our own proprietary data model. We believe it gives an accurate determination of the number of times the runtime is distributed for a given project. Q: Is software made in unity going to be calling home to unity whenever it's ran, even for enterprice licenses? A: We use a composite model for counting runtime installs that collects data from numerous sources. The Unity Runtime Fee will use data in compliance with GDPR and CCPA. The data being requested is aggregated and is being used for billing purposes. Q: If a user reinstalls/redownloads a game / changes their hardware, will that count as multiple installs? A: Yes. The creator will need to pay for all future installs. The reason is that Unity doesn’t receive end-player information, just aggregate data. Q: What's going to stop us being charged for pirated copies of our games? A: We do already have fraud detection practices in our Ads technology which is solving a similar problem, so we will leverage that know-how as a starting point. We recognize that users will have concerns about this and we will make available a process for them to submit their concerns to our fraud compliance team.

This is potentially related to a new system that will require Unity Personal developers to go online at least once every three days.

Starting in November, Unity Personal users will get a new sign-in and online user experience. Users will need to be signed into the Hub with their Unity ID and connect to the internet to use Unity. If the internet connection is lost, users can continue using Unity for up to 3 days while offline. More details to come, when this change takes effect.

It's unclear whether this requirement will be attached to any and all Unity games, though it would explain how they're theoretically able to track "the number of installs", and why the methodology for tracking these installs is so shit, as we'll discuss later.

Unity claims that it will only leverage this fee to games which surpass a certain threshold of downloads and yearly revenue.

Only games that meet the following thresholds qualify for the Unity Runtime Fee: Unity Personal and Unity Plus: Those that have made $200,000 USD or more in the last 12 months AND have at least 200,000 lifetime game installs. Unity Pro and Unity Enterprise: Those that have made $1,000,000 USD or more in the last 12 months AND have at least 1,000,000 lifetime game installs.

They don't say how they're going to collect information on a game's revenue, likely this is just to say that they're only interested in squeezing larger products (games like Genshin Impact and Honkai: Star Rail, Fate Grand Order, Among Us, and Fall Guys) and not every 2 dollar puzzle platformer that drops on Steam. But also, these larger products have the easiest time porting off of Unity and the most incentives to, meaning realistically those heaviest impacted are going to be the ones who just barely meet this threshold, most of them indie developers.

Aggro Crab Games, one of the first to properly break this story, points out that systems like the Xbox Game Pass, which is already pretty predatory towards smaller developers, will quickly inflate their "lifetime game installs" meaning even skimming the threshold of that 200k revenue, will be asked to pay a fee per install, not a percentage on said revenue.

[IMAGE DESCRIPTION: Hey Gamers!

Today, Unity (the engine we use to make our games) announced that they'll soon be taking a fee from developers for every copy of the game installed over a certain threshold - regardless of how that copy was obtained.

Guess who has a somewhat highly anticipated game coming to Xbox Game Pass in 2024? That's right, it's us and a lot of other developers.

That means Another Crab's Treasure will be free to install for the 25 million Game Pass subscribers. If a fraction of those users download our game, Unity could take a fee that puts an enormous dent in our income and threatens the sustainability of our business.

And that's before we even think about sales on other platforms, or pirated installs of our game, or even multiple installs by the same user!!!

This decision puts us and countless other studios in a position where we might not be able to justify using Unity for our future titles. If these changes aren't rolled back, we'll be heavily considering abandoning our wealth of Unity expertise we've accumulated over the years and starting from scratch in a new engine. Which is really something we'd rather not do.

On behalf of the dev community, we're calling on Unity to reverse the latest in a string of shortsighted decisions that seem to prioritize shareholders over their product's actual users.

I fucking hate it here.

-Aggro Crab - END DESCRIPTION]

That fee, by the way, is a flat fee. Not a percentage, not a royalty. This means that any games made in Unity expecting any kind of success are heavily incentivized to cost as much as possible.

[IMAGE DESCRIPTION: A table listing the various fees by number of Installs over the Install Threshold vs. version of Unity used, ranging from $0.01 to $0.20 per install. END DESCRIPTION]

Basic elementary school math tells us that if a game comes out for $1.99, they will be paying, at maximum, 10% of their revenue to Unity, whereas jacking the price up to $59.99 lowers that percentage to something closer to 0.3%. Obviously any company, especially any company in financial desperation, which a sudden anchor on all your revenue is going to create, is going to choose the latter.

Furthermore, and following the trend of "fuck anyone who doesn't ask for money", Unity helpfully defines what an install is on their main site.

While I'm looking at this page as it exists now, it currently says

The installation and initialization of a game or app on an end user’s device as well as distribution via streaming is considered an “install.” Games or apps with substantially similar content may be counted as one project, with installs then aggregated to calculate the Unity Runtime Fee.

However, I saw a screenshot saying something different, and utilizing the Wayback Machine we can see that this phrasing was changed at some point in the few hours since this announcement went up. Instead, it reads:

The installation and initialization of a game or app on an end user’s device as well as distribution via streaming or web browser is considered an “install.” Games or apps with substantially similar content may be counted as one project, with installs then aggregated to calculate the Unity Runtime Fee.

Screenshot for posterity:

That would mean web browser games made in Unity would count towards this install threshold. You could legitimately drive the count up simply by continuously refreshing the page. The FAQ, again, doubles down.

Q: Does this affect WebGL and streamed games? A: Games on all platforms are eligible for the fee but will only incur costs if both the install and revenue thresholds are crossed. Installs - which involves initialization of the runtime on a client device - are counted on all platforms the same way (WebGL and streaming included).

And, what I personally consider to be the most suspect claim in this entire debacle, they claim that "lifetime installs" includes installs prior to this change going into effect.

Will this fee apply to games using Unity Runtime that are already on the market on January 1, 2024? Yes, the fee applies to eligible games currently in market that continue to distribute the runtime. We look at a game's lifetime installs to determine eligibility for the runtime fee. Then we bill the runtime fee based on all new installs that occur after January 1, 2024.

Again, again, doubled down in the FAQ.

Q: Are these fees going to apply to games which have been out for years already? If you met the threshold 2 years ago, you'll start owing for any installs monthly from January, no? (in theory). It says they'll use previous installs to determine threshold eligibility & then you'll start owing them for the new ones. A: Yes, assuming the game is eligible and distributing the Unity Runtime then runtime fees will apply. We look at a game's lifetime installs to determine eligibility for the runtime fee. Then we bill the runtime fee based on all new installs that occur after January 1, 2024.

That would involve billing companies for using their software before telling them of the existence of a bill. Holding their actions to a contract that they performed before the contract existed!

Okay. I think that's everything. So far.

There is one thing that I want to mention before ending this post, unfortunately it's a little conspiratorial, but it's so hard to believe that anyone genuinely thought this was a good idea that it's stuck in my brain as a significant possibility.

A few days ago it was reported that Unity's CEO sold 2,000 shares of his own company.

On September 6, 2023, John Riccitiello, President and CEO of Unity Software Inc (NYSE:U), sold 2,000 shares of the company. This move is part of a larger trend for the insider, who over the past year has sold a total of 50,610 shares and purchased none.

I would not be surprised if this decision gets reversed tomorrow, that it was literally only made for the CEO to short his own goddamn company, because I would sooner believe that this whole thing is some idiotic attempt at committing fraud than a real monetization strategy, even knowing how unfathomably greedy these people can be.

So, with all that said, what do we do now?

Well, in all likelihood you won't need to do anything. As I said, some of the biggest names in the industry would be directly affected by this change, and you can bet your bottom dollar that they're not just going to take it lying down. After all, the only way to stop a greedy CEO is with a greedier CEO, right?

(I fucking hate it here.)

And that's not mentioning the indie devs who are already talking about abandoning the engine.

[Links display tweets from the lead developer of Among Us saying it'd be less costly to hire people to move the game off of Unity and Cult of the Lamb's official twitter saying the game won't be available after January 1st in response to the news.]

That being said, I'm still shaken by all this. The fact that Unity is openly willing to go back and punish its developers for ever having used the engine in the past makes me question my relationship to it.

The news has given rise to the visibility of free, open source alternative Godot, which, if you're interested, is likely a better option than Unity at this point. Mostly, though, I just hope we can get out of this whole, fucking, environment where creatives are treated as an endless mill of free profits that's going to be continuously ratcheted up and up to drive unsustainable infinite corporate growth that our entire economy is based on for some fuckin reason.

Anyways, that's that, I find having these big posts that break everything down to be helpful.

Epic Systems, a lethal health record monopolist

Epic Systems makes the dominant electronic health record (EHR) system in America; if you're a doctor, chances are you are required to use it, and for every hour a doctor spends with a patient, they have to spend two hours doing clinically useless bureaucratic data-entry on an Epic EHR.

How could a product so manifestly unfit for purpose be the absolute market leader? Simple: as Robert Kuttner describes in an excellent feature in The American Prospect, Epic may be a clinical disaster, but it's a profit-generating miracle:

https://prospect.org/health/2024-10-01-epic-dystopia/

At the core of Epic's value proposition is "upcoding," a form of billing fraud that is beloved of hospital administrators, including the "nonprofit" hospitals that generate vast fortunes that are somehow not characterized as profits. Here's a particularly egregious form of upcoding: back in 2020, the Poudre Valley Hospital in Ft Collins, CO locked all its doors except the ER entrance. Every patient entering the hospital, including those receiving absolutely routine care, was therefore processed as an "emergency."

In April 2020, Caitlin Wells Salerno – a pregnant biologist – drove to Poudre Valley with normal labor pains. She walked herself up to obstetrics, declining the offer of a wheelchair, stopping only to snap a cheeky selfie. Nevertheless, the hospital recorded her normal, uncomplicated birth as a Level 5 emergency – comparable to a major heart-attack – and whacked her with a $2755 bill for emergency care:

https://pluralistic.net/2021/10/27/crossing-a-line/#zero-fucks-given

Upcoding has its origins in the Reagan revolution, when the market-worshipping cultists he'd put in charge of health care created the "Prospective Payment System," which paid a lump sum for care. The idea was to incentivize hospitals to provide efficient care, since they could keep the difference between whatever they spent getting you better and the set PPS amount that Medicare would reimburse them. Hospitals responded by inventing upcoding: a patient with controlled, long-term coronary disease who showed up with a broken leg would get coded for the coronary condition and the cast, and the hospital would pocket both lump sums:

https://pluralistic.net/2024/06/13/a-punch-in-the-guts/#hayek-pilled

The reason hospital administrators love Epic, and pay gigantic sums for systemwide software licenses, is directly connected to the two hours that doctors spent filling in Epic forms for every hour they spend treating patients. Epic collects all that extra information in order to identify potential sources of plausible upcodes, which allows hospitals to bill patients, insurers, and Medicare through the nose for routine care. Epic can automatically recode "diabetes with no complications" from a Hierarchical Condition Category code 19 (worth $894.40) as "diabetes with kidney failure," code 18 and 136, which gooses the reimbursement to $1273.60.

Epic snitches on doctors to their bosses, giving them a dashboard to track doctors' compliance with upcoding suggestions. One of Kuttner's doctor sources says her supervisor contacts her with questions like, "That appointment was a 2. Don’t you think it might be a 3?"

Robert Kuttner is the perfect journalist to unravel the Epic scam. As a journalist who wrote for The New England Journal of Medicine, he's got an insider's knowledge of the health industry, and plenty of sources among health professionals. As he tells it, Epic is a cultlike, insular company that employs 12.500 people in its hometown of Verona, WI.

The EHR industry's origins start with a GW Bush-era law called the HITECH Act, which was later folded into Obama's Recovery Act in 2009. Obama provided $27b to hospitals that installed EHR systems. These systems had to more than track patient outcomes – they also provided the data for pay-for-performance incentives. EHRs were already trying to do something very complicated – track health outcomes – but now they were also meant to underpin a cockamamie "incentives" program that was supposed to provide a carrot to the health industry so it would stop killing people and ripping off Medicare. EHRs devolved into obscenely complex spaghetti systems that doctors and nurses loathed on sight.

But there was one group that loved EHRs: hospital administrators and the private companies offering Medicare Advantage plans (which also benefited from upcoding patients in order to soak Uncle Sucker):

https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8649706/

The spread of EHRs neatly tracks with a spike in upcharging: "from 2014 through 2019, the number of hospital stays billed at the highest severity level increased almost 20 percent…the number of stays billed at each of the other severity levels decreased":

https://oig.hhs.gov/oei/reports/OEI-02-18-00380.pdf

The purpose of a system is what it does. Epic's industry-dominating EHR is great at price-gouging, but it sucks as a clinical tool – it takes 18 keystrokes just to enter a prescription:

https://jamanetwork.com/journals/jamanetworkopen/fullarticle/2729481

Doctors need to see patients, but their bosses demand that they satisfy Epic's endless red tape. Doctors now routinely stay late after work and show up hours early, just to do paperwork. It's not enough. According to another one of Kuttner's sources, doctors routinely copy-and-paste earlier entries into the current one, a practice that generates rampant errors. Some just make up random numbers to fulfill Epic's nonsensical requirements: the same source told Kuttner that when prompted to enter a pain score for his TB patients, he just enters "zero."

Don't worry, Epic has a solution: AI. They've rolled out an "ambient listening" tool that attempts to transcribe everything the doctor and patient say during an exam and then bash it into a visit report. Not only is this prone to the customary mistakes that make AI unsuited to high-stakes, error-sensitive applications, it also represents a profound misunderstanding of the purpose of clinical notes.

The very exercise of organizing your thoughts and reflections about an event – such as a medical exam – into a coherent report makes you apply rigor and perspective to events that otherwise arrive as a series of fleeting impressions and reactions. That's why blogging is such an effective practice:

https://pluralistic.net/2021/05/09/the-memex-method/

The answer to doctors not having time to reflect and organize good notes is to give them more time – not more AI. As another doctor told Kuttner: "Ambient listening is a solution to a self-created problem of requiring too much data entry by clinicians."

EHRs are one of those especially hellish public-private partnerships. Health care doctrine from Reagan to Obama insisted that the system just needed to be exposed to market forces and incentives. EHRs are designed to allow hospitals to win as many of these incentives as possible. Epic's clinical care modules do this by bombarding doctors with low-quality diagnostic suggestions with "little to do with a patient’s actual condition and risks," leading to "alert fatigue," so doctors miss the important alerts in the storm of nonsense elbow-jostling:

https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5058605/

Clinicians who actually want to improve the quality of care in their facilities end up recording data manually and keying it into spreadsheets, because they can't get Epic to give them the data they need. Meanwhile, an army of high-priced consultants stand ready to give clinicians advise on getting Epic to do what they need, but can't seem to deliver.

Ironically, one of the benefits that Epic touts is its interoperability: hospitals that buy Epic systems can interconnect those with other Epic systems, and there's a large ecosystem of aftermarket add-ons that work with Epic. But Epic is a product, not a protocol, so its much-touted interop exists entirely on its terms, and at its sufferance. If Epic chooses, a doctor using its products can send files to a doctor using a rival product. But Epic can also veto that activity – and its veto extends to deciding whether a hospital can export their patient records to a competing service and get off Epic altogether.

One major selling point for Epic is its capacity to export "anonymized" data for medical research. Very large patient data-sets like Epic's are reasonably believed to contain many potential medical insights, so medical researchers are very excited at the prospect of interrogating that data.

But Epic's approach – anonymizing files containing the most sensitive information imaginable, about millions of people, and then releasing them to third parties – is a nightmare. "De-identified" data-sets are notoriously vulnerable to "re-identification" and the threat of re-identification only increases every time there's another release or breach, which can used to reveal the identities of people in anonymized records. For example, if you have a database of all the prescribing at a given hospital – a numeric identifier representing the patient, and the time and date when they saw a doctor and got a scrip. At any time in the future, a big location-data breach – say, from Uber or a transit system – can show you which people went back and forth to the hospital at the times that line up with those doctor's appointments, unmasking the person who got abortion meds, cancer meds, psychiatric meds or other sensitive prescriptions.

The fact that anonymized data can – will! – be re-identified doesn't mean we have to give up on the prospect of gleaning insight from medical records. In the UK, the eminent doctor Ben Goldacre and colleagues built an incredible effective, privacy-preserving "trusted research environment" (TRE) to operate on millions of NHS records across a decentralized system of hospitals and trusts without ever moving the data off their own servers:

https://pluralistic.net/2024/03/08/the-fire-of-orodruin/#are-we-the-baddies

The TRE is an open source, transparent server that accepts complex research questions in the form of database queries. These queries are posted to a public server for peer-review and revision, and when they're ready, the TRE sends them to each of the databases where the records are held. Those databases transmit responses to the TRE, which then publishes them. This has been unimaginably successful: the prototype of the TRE launched during the lockdown generated sixty papers in Nature in a matter of months.

Monopolies are inefficient, and Epic's outmoded and dangerous approach to research, along with the roadblocks it puts in the way of clinical excellence, epitomizes the problems with monopoly. America's health care industry is a dumpster fire from top to bottom – from Medicare Advantage to hospital cartels – and allowing Epic to dominate the EHR market has somehow, incredibly, made that system even worse.

Naturally, Kuttner finishes out his article with some antitrust analysis, sketching out how the Sherman Act could be brought to bear on Epic. Something has to be done. Epic's software is one of the many reasons that MDs are leaving the medical profession in droves.

Epic epitomizes the long-standing class war between doctors who want to take care of their patients and hospital executives who want to make a buck off of those patients.

Tor Books as just published two new, free LITTLE BROTHER stories: VIGILANT, about creepy surveillance in distance education; and SPILL, about oil pipelines and indigenous landback.

If you'd like an essay-formatted version of this post to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

https://pluralistic.net/2024/10/02/upcoded-to-death/#thanks-obama

Image: Flying Logos (modified) https://commons.wikimedia.org/wiki/File:Over_$1,000,000_dollars_in_USD_$100_bill_stacks.png

CC BY-SA 4.0 https://creativecommons.org/licenses/by-sa/4.0/deed.en

in general I think some of the anti-copyright stuff on here overplays its hand by saying "copyright never binds the behavior of large companies" (it's pretty well known in tech that using a 'weird' license on your software is a good way to make sure bigcorps never touch it because their compliance department will get headaches) or, I dunno, there's the implication I see sometimes that reuploading someone else's work without attribution is chiefly bad because it's a labor issue and so would go away under post-capitalism (if I repost someone's art without credit I think that's just a general asshole move)

I think a better track would be that many things are asshole behavior but shouldn't be illegal and the good things that would come out of copyright abolishment are worth the bad things

also frankly speaking some of it is written in the general "online Tumblr marxist smug tone" that I think is unpleasant and turns people off. i'm certainly no stranger to smugposting but there's a reason I make all my shitty asshole posts unrebloggable

Over the past couple of decades, a number of US government officials have left their roles for lucrative jobs at tech companies. Plenty of tech executives have also departed to take leadership positions inside federal agencies. But four experts who track the federal workforce tell WIRED they were stunned last week by a development unlike any other they could recall: The Department of Treasury internally announced that Tom Krause had been appointed its fiscal assistant secretary, but that he would simultaneously continue his job as CEO of the company Cloud Software Group.

Krause is now in charge of both a sensitive government payment system and a company that has millions of dollars’ worth of active contracts with various federal agencies through distribution partners, according to a WIRED review of searchable spending records. The Department of Treasury alone accounts for a dozen ongoing contracts tied to Krause’s company that are together valued between $7.3 million to $11.8 million. These include licenses for the data visualization tool ibi WebFocus and purchases of systems called Citrix NetScaler that help manage traffic to apps. (Some publicly posted procurement records do not break out contract details, so actual figures may be even higher.)

Critics have expressed concern about the alleged conflicts of interest posed by Krause’s decision to keep his role in the private sector. Cloud Software could benefit from extending its federal contracts or securing additional ones, though there is no public evidence that Krause has done anything improper with his dual roles. Existing federal regulations also bar actual and apparent unjust favoritism in contracting. “Public trust in those safeguards is nonnegotiable,” says Scott Amey, general counsel at the Project on Government Oversight, a nonpartisan watchdog group.

As Krause moves forward with two jobs, he could have to potentially navigate not only contracting conflicts, but also dueling crises. “What would happen if a Citrix emergency emerges at the same time as Treasury obligations?” says Jeff Hauser, founder and executive director of the Revolving Door Project, which researches federal appointees. “Generally, the thicket of restrictions on full-time employees would make a CEO role impossible in an administration which took adherence to ethics laws seriously.”

Krause, the Treasury Department, and Cloud Software didn’t respond to requests for comment. Cloud Software investors also didn’t respond to a request for comment.

The Treasury Department has told Congress that Krause is a “special government employee”—a type of temporary role—that is supposed to be held to “the same ethical standards of privacy, confidentiality, conflicts of interest assessment, and professionalism of other government employees.” In a foreword to a code of conduct policy posted on Cloud Software’s website, Krause states, “Cloud Software Group is committed to ensuring that its business is conducted ethically, in compliance with the law, and according to its values of integrity, honesty and respect.”

Krause is among a group of several dozen veteran tech executives, mid-level tech operations managers, and fresh-out-of-school software coders who have been recently installed across a series of federal agencies under the auspices of the self-styled Department of Government Efficiency. DOGE’s authority is being challenged by some Democratic state attorneys general. In the meantime, its representatives have been carrying out an order from President Donald Trump to cut costs and modernize technology across the government.

There is some precedent for corporate executives to simultaneously work in the US government. When the US was at war in the early 1900s, the federal government recruited business leaders to fill key posts. They retained their private sector jobs and wages; the government pitched in a $1 annual salary to the executives who became known as “dollar-a-year men.” Congress later raised concerns that some of them had engaged in self-dealing.

Since then, other executives have continued to retain their jobs as they serve on government boards and commissions, typically in a part-time capacity. But maintaining a day-to-day operational role in both the federal government and at a corporation is now virtually unheard of, says David E. Lewis, a political scientist who wrote a book on appointed government bureaucrats. “Most persons in regular executive positions divest themselves of private interests before government service,” he says.

Trump, according to his company, has handed management of his businesses, including hotels and golf courses, to his children for the duration of his presidency (though he reportedly still takes meetings that have raised questions among ethics experts). Musk, who is CEO of Tesla and SpaceX and has oversight of four other companies, including X and Neuralink, has been a vocal figure in DOGE’s operations, but the White House has said he’s not actually in charge—without specifying who is leading the project. Some of the other individuals associated with DOGE are otherwise unemployed, have taken leave, or maintain dual roles but at lower levels than chief executive.

Krause is the only Trump administration official identified so far as being a CEO and a day-to-day decisionmaker inside one particular agency. After years of working as an executive at chip companies, Krause joined Florida-based Cloud Software Group in 2022. The company was created that year as part of a private-equity-backed acquisition of Citrix, followed by a merger with Tibco, another tech company. At the time, Citrix was saddled with an extensive amount of debt and generating essentially stagnant revenues, and while Tibco had not recently publicly disclosed its finances, analysts had considered the company’s outlook to be “negative.”

The US government, including state and local agencies, is expected to spend $287 billion on technology this year, or about 14 percent of overall US tech spending, according to Forrester, a research and advisory company. Whether DOGE’s efforts to boost the quality and efficiency of federal IT systems will lead that spending to increase or decrease isn’t clear. So far, DOGE has both tried to purchase emerging technologies and moved to cancel some existing contracts. But Krause’s inside access could potentially provide an advantage to Cloud Software at a pivotal moment for the company.

Over the past couple of years, Cloud Software has laid off thousands of people and faced accusations that it potentially became lax with cybersecurity. Cloud Software’s most well-known offering, Citrix, enables groups of workers to access data and run apps that are located on a remote machine. But increasing adoption of tools that can operate on any device has chipped away at some of Citrix’s dominance, according to Will McKeon-White, senior analyst for infrastructure and operations at Forrester. There are other options now, he says, including from Microsoft and smaller companies such as Island.

Cloud Software’s Tibco program, which helps workers automate tasks such as adding a new user to multiple internal databases, is often mentioned in the wrong sort of conversations these days, according to David Mooter, a Forrester principal analyst. “They tend to come up more when somebody wants to abandon them,” he says.

That said, some Cloud Software services are more affordable than alternatives for governments, and they also are better suited for the older infrastructure used by some agencies. Last year appears to have been one of Citrix’s best in a long time financially, says Shannon Kalvar, a research director for enterprise systems management and other areas at IDC. One reason for the upswing is that Citrix has put more emphasis on catering to the feature demands of its largest customers, including governments.

Clarification on Eclipsed Sounds Voice Database Licenses With Regards to Voice-Changing Algorithms

Thank you for your ongoing support of Eclipsed Sounds voice databases. Due to increased inquiries over the last few weeks, we wanted to re-clarify the license agreement for Eclipsed Sounds Synthesizer V Studio voice databases with regards to voice changing algorithms.

Voice conversion algorithms may be used to change the output of Eclipsed Sounds vocals. However, this is only allowed when the voices you are converting to are in the following categories:

Your own voice

Voice samples or voice conversion databases with explicit permission for conversion

A licensed voice conversion database

You may only use audio from Eclipsed Sounds voices of which you are a licensed user in this way.

You may not use the output of Eclipsed Sounds vocals as part of creating voice changing models. Meaning, we prohibit any voice conversion usage that converts audio "to" the sound of our voices, even if combined with other voices. This does not include Voice-to-MIDI conversion.

When using voice conversion algorithms with Eclipsed Sounds voices, our voice databases as well as the voice used in the conversion should be credited explicitly in some manner on social media or website-based releases outside of streaming services to avoid misleading conversions. 

Eclipsed Sounds voices or audio released by Eclipsed Sounds also may not be used in the creation of other vocal synthesizers, such as text-to-speech vocals. Existing misuse before this notice was released will not be actively pursued unless re-uploaded after this release. Please consider removing instances of misuse if this applies to you. We want to keep ethical usage completely open for users, so please note that all algorithms not designed to mimic the timbre or pitch of other voices - including effects like vocoders, filters, etc., and editing software like Melodyne and VocalShifter - are still completely acceptable based on our license and are not prohibited in this message.

Please understand that these clarifications are to prevent misuse and impersonation, as well as to encourage ethical usage of voice changers. Please help us ensure an ethical future in vocal synthesis, as well as the protection of our voice providers’ vocals, by collaborating with us in ensuring compliance with these terms.

Thank you for your support and understanding in this matter.

Universalaigroup.com review Trading Platform

When choosing a forex broker, traders look for security, reliability, and user experience. Nobody wants to risk their money with an unregulated or questionable platform. That’s why today, we’re taking a deep dive into universalaigroup.com reviews, analyzing its regulation, reputation, trading conditions, and user feedback.

A good broker isn’t just about flashy promises—it needs a strong foundation, proper licensing, positive trader reviews, and a seamless trading experience. So, does universalaigroup.com review check all the right boxes? Let’s find out. We’re going to break it down, step by step.

Universalaigroup.com Trading Platform: Versatility and Convenience

The trading platform offered by universalaigroup.com reviews includes a variety of options to suit different trading needs:

WebTrader Platform – A browser-based platform that allows users to trade without downloading software. This is a flexible option, ideal for those who prefer quick access from different devices.

Tablet Trader – Designed for tablets, this platform ensures smooth trading on larger touchscreens, making it convenient for traders who want mobility without compromising usability.

Mobile Trader – A smartphone-optimized platform, allowing users to trade on the go. This is particularly useful for those who want to monitor the market and execute trades anytime, anywhere.

Having multiple platform options like these indicates that universalaigroup.com review is catering to both professional and casual traders. A strong web-based and mobile infrastructure is a good sign of legitimacy because unreliable brokers often neglect user-friendly trading solutions. Would a broker that isn’t serious about its clients invest in such a well-rounded platform? We think not!

Universalaigroup.com: A Strong Foundation from the Start

One of the key indicators of a legitimate broker is the consistency between its establishment date and the date of domain registration. For universalaigroup.com reviews, the domain was purchased on December 7, 2020, while the company itself was officially established in 2022.

This alignment is crucial. Why? Because when a broker secures its domain well before launching, it shows a well-thought-out business plan rather than a hastily created operation. Scammers often set up domains at the last minute, trying to make a quick profit before disappearing. But here, we see a timeline that makes sense—the company took the time to prepare, build its infrastructure, and enter the market strategically.

Universalaigroup.com: Strong Regulatory Backing

One of the most important aspects when evaluating a broker’s legitimacy is its regulation. universalaigroup.com reviews operates under the FCA (Financial Conduct Authority), a top-tier regulatory body known for its strict standards and investor protection measures.

The FCA license isn’t easy to obtain. It requires brokers to meet rigorous financial requirements, ensure fair trading conditions, and implement strict anti-money laundering measures. Only companies with a transparent business model and financial stability get this approval. And what does this tell us? A broker under FCA regulation isn’t just legal—it’s one of the most secure options in the industry.

Brokers without strong oversight often operate in the shadows, avoiding strict compliance rules. But universalaigroup.com review has passed the high standards of one of the toughest regulators. If there was ever a sign of trustworthiness in the forex world, this is it.

Universalaigroup.com: What Do Traders Say?

A broker’s reputation is best reflected in its user reviews. universalaigroup.com review has a Trustpilot rating of 3.9, with 6 reviews so far.

Now, let’s break it down. While a rating of 4.0 or higher is considered excellent in the trading industry, a 3.9 is still close and shows a generally positive sentiment. But what really matters is the number of reviews. Since there are only 6 reviews, the score isn’t fully representative yet. Why? Because early reviews can fluctuate significantly with just a few ratings.

Here’s the key takeaway: a developing broker with a near-4-star rating is a good sign. As more traders use the platform, we’ll get an even clearer picture. For now, this suggests that traders have had a mostly positive experience, which is a solid indicator of trustworthiness.

Is universalaigroup.com review a Legit Broker?

After thoroughly analyzing universalaigroup.com reviews, the evidence strongly points to its legitimacy. Let’s quickly recap why:

✅ Domain History Aligns with Legitimacy – The domain was purchased two years before the company’s official launch, signaling a well-planned business rather than a rushed scam. ✅ Regulated by FCA – One of the most respected financial regulators, ensuring transparency, security, and fair trading conditions. ✅ Decent Trustpilot Rating – With a 3.9-star score, the early feedback from users suggests a mostly positive trading experience. As more traders leave reviews, this will give us an even clearer picture. ✅ Multiple Trading Platforms – From WebTrader to Mobile and Tablet trading, the broker offers flexibility for different types of traders. ✅ Fast Deposits and Withdrawals – Transactions are instant or take just a few hours, with zero commission fees, which is a major plus. ✅ User-Friendly Support and App – The app is available on App Store with a solid 4.8-star rating, proving its reliability for mobile trading.

Would an unreliable broker go through the trouble of obtaining an FCA license, investing in user-friendly technology, and ensuring seamless payment options? We highly doubt it. universalaigroup.com review presents itself as a serious and trustworthy platform for traders looking for a regulated and flexible forex experience.

Solarystone.com Trading Platform

Choosing a trustworthy and reliable broker is essential for any trader. In this brand review, we’ll explore Solarystone.com review, a broker that’s been making waves in the trading world. We’ll take a closer look at important factors such as its licensing, customer reviews, available trading platforms, and more. By diving into these details, we aim to give you a clear picture of whether Solarystone.com reviews is the right fit for your trading journey. Let’s explore!

Versatility in Trading Platforms Offered by Solarystone.com

When it comes to trading, Solarystone.com review offers a range of platforms to cater to the needs of different traders. Whether you're at your desk, on the go, or prefer using a tablet, Solarystone ensures that you have a convenient option available for trading.

WebTrader Platform: This platform is accessible directly from your browser, meaning there’s no need to download any software. It's ideal for traders who want to get started quickly and access their accounts from anywhere with an internet connection. The WebTrader platform is typically well-designed for ease of use and is often optimized for a smooth user experience with quick access to all essential trading tools.

Tablet Trader: The tablet platform is another great option for traders who prefer the mobility and convenience of using a tablet. Whether you’re traveling or simply prefer a larger screen than a mobile device, this platform allows you to manage your trades with ease. It gives a perfect balance between accessibility and functionality, ensuring that tablet users can trade as efficiently as desktop users.

Mobile Trading App: For those who are always on the move, Solarystone also offers a mobile trading application. Available for download on smartphones, it allows traders to manage their accounts, place trades, and access essential tools from anywhere. Whether you're on a break or commuting, the mobile app ensures that you never miss an opportunity. With this platform, you're always connected, and trading is just a tap away.

By offering these three platforms, Solarystone.com reviews ensures that no matter your preferred device or location, you can trade without any hassle. The diversity of options reflects the broker’s dedication to providing flexibility, which is crucial in today’s fast-paced trading environment. Whether you’re sitting at a desk or on the go, you’ll always have access to the trading tools you need.

Creation Date and Domain Purchase

An essential factor when evaluating the legitimacy of any online broker is the relationship between the creation date of the brand and the domain purchase date. In the case of Solarystone.com review, the domain was purchased on November 11, 2021, which is in line with the brand’s establishment date.

This means the broker has ensured that the domain was registered at or around the same time as the brand was officially created, which is a key indicator of its authenticity. If the domain was purchased before the brand's inception, that could raise questions about the legitimacy of the operation. However, in this case, everything aligns perfectly.

License and Regulation

When it comes to assessing the legitimacy of a broker, the type and authority of the license it holds is a crucial factor. Solarystone.com reviews holds a High Authority license, which is one of the most significant markers of reliability and trustworthiness in the financial services industry.

This type of license indicates that the broker is subjected to strict regulations by a recognized authority. Licensed brokers are required to meet high standards of conduct, which include transparency, security of client funds, and adherence to industry best practices. Brokers with this level of regulation are typically included in lists of legal and trustworthy brokers, ensuring that they operate within the boundaries of the law.

This is a clear sign that Solarystone takes compliance seriously and operates under a recognized and respected financial authority. This looks like a strong argument for its legitimacy, and it’s an essential factor when considering whether to trust a broker with your funds. It offers confidence that your trading activities are protected and regulated by established rules.

Trustpilot Reviews and Reputation

One of the most powerful indicators of a broker’s legitimacy is the feedback it receives from real users. Solarystone.com reviews has a solid reputation on Trustpilot, with a high average rating of 4.4 stars, based on over 2,900 reviews. This is a significant marker of trust, as it reflects positive feedback from a large number of users who have shared their experiences.

In the world of online trading, a 4.4 rating is impressive. The Trustpilot platform allows users to rate their experiences, and brokers with high ratings generally have a strong track record of customer satisfaction. Moreover, a large number of reviews—like the 2,900 reviews that Solarystone has—further enhances its credibility. The volume of positive feedback not only shows that the broker is trusted by many, but also that it has consistently met the expectations of a large user base.

Final Thoughts on Solarystone.com review

After examining all the key aspects of Solarystone.com review, it’s clear that this broker takes significant steps to establish itself as a legitimate and trustworthy platform for traders. The alignment of the domain purchase date with the brand's creation, coupled with a High Authority license, speaks to its transparency and commitment to operating within the rules. Additionally, the impressive Trustpilot rating of 4.4 stars, supported by a large number of reviews, further reinforces its positive reputation among users.

Solarystone also provides multiple trading platforms, ensuring that traders can access their accounts conveniently from a web platform, tablet, or mobile app. With a wide range of payment methods, fast deposit and withdrawal times, and solid customer support, it’s easy to see why this broker is gaining popularity.

Overall, based on the information reviewed, Solarystone.com reviews appears to be a reliable and legitimate broker, offering a robust platform for traders looking for flexibility and security in their online trading experience.

Top  Benefits of Using ServiceNow for IT Asset Management

Managing IT assets effectively is more than just keeping a list of computers and software. For many organizations, it's about having full control and visibility over everything the IT department owns—from laptops and servers to software licenses and cloud resources. ServiceNow is one of the top tools businesses are using today to bring order and insight into their IT environments. Here's why so many IT teams rely on ServiceNow for IT Asset Management (ITAM), and what benefits it brings to the table.

1. A Central Place to Manage All IT Assets

One of the main problems IT teams face is having information spread out across different tools. Often, details about devices or software are kept in spreadsheets, emails, or outdated systems, which causes confusion and errors. ServiceNow solves this by bringing everything together in one easy-to-access location.

When everything is in one spot, it not easier to know what assets you have, where they are, who is using them, and how they are working. This clear overview helps avoid buying unnecessary items, misplacing equipment, or missing important software renewal dates.

2. Complete Lifecycle Tracking

IT assets have a lifespan—from the moment they’re requested or purchased to the day they’re retired or disposed of. ServiceNow asset management tracks each step automatically. Whether it’s assigning a laptop to a new hire, monitoring software usage, or marking devices for disposal, ServiceNow keeps it all organized.

This helps IT teams stay ahead of hardware replacements, license renewals, and warranty expirations, avoiding surprise costs or downtime.

3. Better Cost Control

When assets aren’t tracked properly, businesses often spend more than they need to—buying duplicate software, keeping unused licenses active, or failing to return leased equipment. ServiceNow asset management helps identify where money is being wasted.

Businesses can reassign licenses that are not being used because it tracks how software is used. Also, it facilitates planning by highlighting potential future expenses, making budget management simpler.

4. Seamless Integration with IT Operations

What sets ServiceNow apart from standalone servicenow asset management tools is its tight integration with IT Service Management . That means when a support ticket comes in, IT staff can instantly see which device or software the user is talking about, along with its history.

This connection between ITAM and ITSM reduces resolution time and improves the quality of service. It also keeps teams from working in silos, which is a common problem in larger organizations.

5. Automating Repetitive Tasks

ServiceNow makes it easy to handle repetitive tasks by using automation. For instance, when a new employee joins, the system can automatically assign equipment, set up necessary programs, and update the records—saving time and avoiding mistakes.

It also helps with everyday processes like getting approvals, renewing software, or moving equipment between users. This allows IT staff to spend more time on important projects instead of being stuck with manual paperwork.

6. Stronger Security and Compliance

Unauthorized or outdated devices are frequently security flaws in a business. By monitoring which assets are being used and their present state, ServiceNow assists in identifying these problems early. Teams can be informed of end-of-life hardware, unpatched software, and unsupported operating systems.

ServiceNow also aids in proving compliance for businesses in regulated sectors. With only a few clicks, you can access usage reports, audit trails, and evidence of license ownership.

7. Customizable Reporting and Dashboards

Knowing what you have is one thing—making sense of it is another. ServiceNow includes flexible reporting tools that help teams to visualize asset data in meaningful ways. Dashboards can show  license expirations, asset health, usage patterns, and financial impact.

These insights help decision-makers see the bigger picture and take action quickly when something isn’t adding up.

8. Scalability That Grows With Your Business

Whether you're a mid-sized company or a large enterprise, ServiceNow scales to fit your needs. As your asset base grows—maybe through acquisitions or cloud expansion—ServiceNow can keep up without missing a beat. It’s built for growth, and it’s cloud-based, which means you won’t be stuck maintaining the tool yourself.

Its flexibility also means it can adapt to how your organization works. You can create custom workflows, define asset types, and adjust processes without needing a team of developers.

servicenow IT Asset Management is no longer just a back-office task—it’s central to controlling costs, improving service, and reducing risk. ServiceNow gives organizations a powerful, integrated way to manage their assets from end to end. By combining automation, visibility, and flexibility, IT teams will make smarter decisions and work more efficiently.

If you're still relying on spreadsheets or old tracking systems to manage your IT assets, it may be a good time to explore how servicenow asset management can simplify the process.

Streamline Your Insurance Compliance with InsureComply Software

Discover the power of InsureComply, the premier software designed to manage insurance compliance licensing software effortlessly. Ensure full regulatory compliance, reduce manual errors, and save time with our all-in-one platform.