Sometimes a week is so upsetting you just have to find joy in the unexpected. Take this huge-ass pumpkin, for example.

Steve Geddes of Boscawen, New Hampshire just made U.S. history by growing a pumpkin so large it surpassed the record for largest pumpkin in America.

Congrats, sir!

SEE ALSO: Little girl dancing in front of Michael Myers to the ‘Halloween’ theme is peak fall

As The Boston Globe reported, Geddes presented his 2,528-pound pumpkin at the Deerfield Fair this week, where he wound up taking first place in a contest for heaviest pumpkin and winning $6,000 in prize money.

Here are some photos of the very large pumpkin for your enjoyment.

Woody Lancaster, the northeast representative for the Great Pumpkin Commonwealth, confirmed to The Boston Globe that not only did Geddes have the largest pumpkin at the fair this year, but he’s officially grown the largest pumpkin ever grown in North America.

Geddes now holds the U.S. record for heaviest pumpkin, beating the previous record of 2,363 pounds, but he also came remarkably close to the record for heaviest pumpkin in THE WORLD.

Mathias Willemijns of Belgium set the current world record for heaviest pumpkin back in Oct. 2016 with one that weighed a whopping 2,624 pounds, according to the Guinness World Records. But don’t worry Geddes, the world’s second largest pumpkin is still hella impressive and you’ve set the bar even higher for pumpkins in the United States.

If you want to see the pumpkin for yourself, head on over to the fair — which runs until Sept. 30 — and make your way to the fruit and vegetable building.

Long live autumn and long live pumpkins so ridiculously large they’d make Charlie Brown and the people of Halloweentown jealous.

The terms of service we hurriedly agreed to keep coming back to haunt us.

Last Thursday, the Wall Street Journal reported that Google confirmed previous reports about the far-reaching access third-party apps can have to Gmail users’ accounts and personal emails.

When you download an app, it might request access to your Gmail account. But what you might not realize when you grant access is that these apps may analyze your Gmail data — including the content of your emails — for their product, and potentially for targeting ads. Apps are also allowed to share your information with third parties, as long as Google determines that it adequately discloses that to users. The Journal previously reported that “hundreds” of apps can scan the email of “millions” of users.

Google says it reviews apps to make sure they are clearly communicating what they have access to. But unless Gmail users are diligent, security experts that Mashable spoke with say the policy potentially exposes people in ways they may have not consented to or understood. 

SEE ALSO: Facebook isn’t the only one with too much of your data. Just ask Google and Amazon.

Several experts said that app developers’ access to user data is more than just potentially creepy or invasive, though. Giving an app access to your Gmail can expose received emails as well as sent emails. So, because the policy could expose both your and your friends’ data, app access to Gmail could create a security risk similar to the mechanism that allowed for Facebook’s Cambridge Analytica scandal. 

In that instance, a researcher used a third-party app, downloaded by 270,000 people, to gather data on all 87 million Facebook users in their friend networks, and then sold the data to a company (Cambridge Analytica) that used it to engage in political advertising. So, similarly, if you happen to send an email to a Gmail user who has given an app permission to read their emails, not only can that app see your correspondence and information — but a further removed third party can also see your emails, without you having ever given consent to either party.

“I do not see what is to prevent this type of access to be abused and misused in a similar way to Cambridge Analytica,” Brian Honan, a cybersecurity consultant for major banking companies who used to work with Europol, said. “Third-party apps with access to peoples’ accounts can expose a lot of personal data about those persons which could be used to target subsequent adverts or messages to them.”

The policy

In a letter, Google reportedly told Congress that when Gmail users grant apps access to their accounts, they may — perhaps inadvertently, if they do not read the terms closely enough — allow these apps to harvest their personal information. Apps can then use what people talk about in their emails, along with demographic and other information, to target their advertising. Google lays out the policy here.

Further, under Gmail’s rules, developers are then allowed to share Gmail users’ data with still other external parties. Google says that it vets the apps, and allows this data sharing as long as it determines that the developers are adequately disclosing the activity. 

Gmail itself ended the practice of using the content of people’s emails for ad targeting in July 2017. But it has apparently kept the ability in place for outside parties — so long as users “consent.”

Experts say this portion of Gmail’s app developer policy is concerning for several reasons, on the fronts of both security and privacy.

“Without technical controls built in, app vendors are going to get to wherever they can within the platform, and within user accounts,” Rebecca Herold, a top information security expert and consultant to multi-national corporations, who is also known as “The Privacy Professor,” said. “That’s what the apps are designed to do, to gather data. These companies need to build a more rigorous set of controls to prevent that from happening.”

Security

The most straightforward problem with Gmail’s policy is the security vulnerabilities it could open users up to.

“All of these third-parties have been vetted by Google, but the reality is that every company is vulnerable to data breaches,” said Gary Davis, McAfee’s chief consumer security evangelist. “The more an individual or company shares personal data, the greater the likelihood of that information falling into malicious hands.”

“From a cybersecurity aspect, you don’t know how well those third-party apps have been vetted by Google”

Google stresses that it carefully reviews apps and employs sophisticated malware-detecting filtering technology. And, if you’re downloading an app from Google Play or the App Store, the chances of encountering a malicious app are low (though still possible). But people can and do download apps outside of these ecosystems. 

In those cases, Google’s data-collecting policy could allow for malicious apps to gain access to and undermine people’s accounts — especially on Android. Herold noted that some of the app policies allow for apps to “inject information, edit, and upload” in your account, which could lead to malware sending spam emails on your behalf. And access to personal emails could enable bad actors to craft more convincing and targeted phishing emails. 

“Google claims to have processes and systems in place to identify and remove malicious apps from its store, but despite these measures, malicious apps still are found regularly in the store,” Honan said.

“From a cybersecurity aspect, you don’t know how well those third-party apps have been vetted by Google,” said Herold.

The privacy onus

While malicious apps may pose a security risk, legitimate apps that simply want to use your data for advertising may actually be the larger issue.

Currently, the technology industry is undergoing a shift in who bears the responsibility for securing a user’s privacy. Up until this point, the onus to protect one’s privacy has been on users — which reflects Gmail’s current policy with app developers.

But thanks to the General Data Protection Regulation (GDPR) in Europe, the practice of making people consent to giving away their data by burying consent in terms and conditions is coming under scrutiny. Gmail’s own policy change about not parsing emails for the sake of advertising data reflects this sea change. And Google recently prompted its users to more proactively review security settings.

But the company’s stance toward apps that have access to email reflects an outdated, and vulnerable, approach to privacy.

“It seems like a lazy way for them to address this,” Herold said. “They’re trying to push off responsibility to those who use Gmail instead of Google taking active steps to actually secure Gmail and limit what third-party apps can actually do.”

Currently, when people download an app, they may consent to giving that app access to their Gmail accounts — and inadvertently allow apps to read their emails, and provide their data to other companies. The way that people grant permission may be clear and forthright, especially if it takes place in a Google ecosystem. But the ways that people give consent vary from device to device, and from app to app. That means that Gmail is technically covered, from a legal standpoint. But hasty app-downloaders who rush through permissions might not be.

SEE ALSO: Google Search gets a slew of new features on its 20th anniversary

Currently, Gmail users can review and revoke access to apps at myaccount.google.com. But McAfee’s Davis says that Google should make it easier for users to control who has access to their data within Gmail.

“The most significant part of this really boils down to individual preference,” Davis said. “In our busy lives many people value the ability to have ads served up that align with their individual needs. However, there are also many people who feel this is a breach of their privacy. Allowing Gmail users to opt in or out in a more visible way could help support the needs of consumers from both ends of the spectrum.”

Cambridge Analytica: Gmail edition?

What made Cambridge Analytica such a large-scale disaster was the ripple effect. Only about 270,000 people downloaded the app. But those people gave researcher Aleksandr Kogan access to data about all of their Facebook friends, which means he ultimately had data on 87 million people. 

Similarly, apps that have received permission to access a person’s inbox see their whole inbox — not just the emails written by the one person who gave consent for access. That means these apps could have access to the emails and contact information of whoever an individual corresponds with. They might not get access to all the profile data, as with Cambridge Analytica, but they would still be able to learn people’s names, emails, and other personal information.

Herold thinks that building in specific controls to safeguard people’s informations should fall to Gmail, rather than just relegating privacy policy to dense legal agreements.

“Internet companies need to have preventive security controls built into their platform so they can block access to specific areas of their users accounts,” Herold said. “Facebook didn’t do that. Their contract left their infrastructure wide open, and it sounds like Google’s doing that too.”

And with Cambridge Analytica, Kogan was technically not allowed to share his data with additional parties. But with Gmail, this is acceptable — as long as apps disclose what they’re doing.

“The biggest distinction is transparency,” Davis said. “Gmail developers are required to be transparent with how they use Gmail data, whereas the issue with the Cambridge Analytica scandal was a lack of understanding of who had access to what data.”

That monitoring and transparency process should protect Gmail users. But only if they have actually taken the time to read what they’ve consented to. 

And, as long as nothing goes wrong.

“The problem with depending on contractual requirements is that they’re not information security controls in and of themselves,” Herold said. “From a privacy standpoint, you have no idea what those apps might be accessing, taking, and using elsewhere. The unknown is the biggest risk.”

I have a lot of smart home devices, but I’ve never had one quite as “fire and forget” as the Dyson Pure Cool air purifier. After the initial setup, I so rarely go into its controls or app that I have to remind myself of how they work.

The Pure Cool (model TP04) resembles one of Dyson’s larger Cool fans. It has the similar hollow oblong shape, with the base pulling in air, then pushing it out of the upper “shell” via the company’s bladeless Air Multiplier tech. The main differences are the Pure Cool is taller, heavier to accommodate the filters and other tech in the base, and white in color.

SEE ALSO: The best tips and tools to get the most out of Netflix

The current generation is an evolution of Dyson’s first-gen Pure Cool air purifier. It costs $549 ($50 more than the previous version), and the upgrades mostly amount to a new and improved filter system (unfortunately incompatible with the first-gen device) and a versatile LCD indicator in front. Also, for when you want the improved air quality but not the cooling effect of a fan, there’s a setting that will push air out the sides, not the front.

Dyson says the filters should last you about a year, assuming the Pure Cool is operating about 12 hours a day. A replacement set will set you back about $80.

I’ve lived with the Dyson Pure Cool for a few months now, and I can say that of all the connected gear in my house, it’s the device that’s frustrated me the least. In Auto mode, the purifier generally just takes care of itself and leaves you alone while it does its job. And on the lowest fan setting (which is what it was on most of the time), it’s so quiet you don’t even notice it.

Justification for an air purifier

Let’s back up a bit. An air purifier isn’t quite as much of a staple as other home appliances (like air conditioners or even humidifiers), so why should you even consider one?

If you live in an area with semi-permanent smog (like many major cities in Southeast Asia), the answer is pretty obvious. But even for less grimy areas, like my town in Northern New Jersey, there are benefits. Pollen season can flare up allergies, and in the winter it’s not unusual to go days or even weeks without opening a window. Not to mention many areas in North America suffer from regular wildfires, whose resulting smoke can seriously mess up air quality over large regions.

OK, so there’s a good chance you’ll benefit from an air purifier. But how do you know it’s doing anything? This is why Dyson turned the Pure Cool into one of the company’s only real “smart” devices. An air purifier shouldn’t just push out clean air blindly — it needs sensors to continuously gauge the quality of the air so it can make adjustments or even turn itself off.

On top of that, it should have some idea of the overall air quality outside. Dyson gets that data from unspecified third parties, and the accompanying app vividly shows what the air’s like both inside and outside your home on a single screen with stark colors. The visually friendly, informative app is one of the best features of the Pure Cool, a nice example of what a good smart-device app should be.

Purity in design

The design of the purifier isn’t bad either. The hollow-tower shape is signature Dyson, but the choice of glossy white for the top shell is a departure from the company’s Hot and Cool fans, which lean toward bolder colors like purple and blue. However, the white gives more than a hint of the device’s medical intent. “Pure” is definitely an apt descriptor. (Dyson also sells a smaller desktop version with a circular fan, the $449 DP04.)

One look at the silver base, and you know this thing is serious business. Inside is all the filter, sensor, and smart tech, and there’s a small circular display that’s capable of showing an impressive amount of information — not just about the purifier operation, but also current and recent air quality.

What I really like is how the Dyson Pure Cool breaks down exactly what might be contaminating your air and how far it is from the ideal. By default, the screen shows overall air quality on a graph with clearly marked green, yellow, and red areas. The worse the air, the higher on the graph you’ll be, and the harder the Pure Cool needs to work to get you back in the green.

If you press the “i” button on the remote, the screen will break down, one at a time, the four factors that contribute to the overall air quality. The first two tell you the levels of microscopic particles, first on the PM2.5 scale (basically particles 2.5 microns wide or smaller) and second on the PM 10 scale (~10 microns). The third tells you the concentration of VOCs (volatile organic compounds), potentially dangerous chemicals like benzene. Finally, it shows how much nitrogen dioxide (NO2), which can contribute to diseases like asthma, is in the air.

The info gets 10x better when you fire up the Dyson Link app (iOS and Android), which serves as the central hub for the company’s smart products (although there are only two, the Pure Cool and the Eye robot vacuum). Where the purifier’s indicator shows just basic screens with some pictographs, the app shows you detailed graphs for each factor along with temperature and humidity over time. (The purifier indicator can show the current temp. And humidity, but not on a graph.) There’s also lots of extra info, just a finger-tap away, to help interpret the graphs you’re looking at.

Superior app

Dyson really scored in designing this app. The home screen is simple, but it can also be dramatic if there’s a big difference in air quality between indoors and outdoors. The screen shows your house as a solid color and the surrounding air as a lighter one, both using the intuitive color coding of green, yellow, red to indicate quality. If one is green and the other is yellow (or worse, red), your eye knows something is amiss very, very quickly.

The app also replicates all the buttons of the remote control, so you don’t need to worry about hunting it down every time you want to do something. Moreover, you can control your air purifier from anywhere — par for the course when you’re talking about smart devices, sure, but still notable.

The feature that makes the Pure Cool truly effortless is the scheduler. Marked by the on-the-nose clock icon in the corner, it lets you set up specific times for the purifier to run, and which settings to use. For example, if know the air quality around your house tends to get worse later in the evening (as is the case for me), you might set it to turn on at dusk, with the fan on a relatively high setting.

Generally, though, when I had the Pure Cool on, I kept it on Auto mode, which automatically picks the fan speed based on what the air quality is. The scheduler lets you break down the Pure Cool’s operation hour by hour, for every day of the week, if you want to.

You can set the fan speed at a level from 1-10. At lower settings the fan is whisper quiet, to the point where I was comfortable leaving it on in my bedroom all night long. However, it does tend to get loud on the higher end. That might discourage you from leaving the fan in Auto mode at night, but there’s a saving grace: Night Mode, which keeps the fan from ever going above level four, even when it’s in auto mode.

Air master

Once I’d mastered these settings, the Pure Cool became the least needy of all my smart home gadgets. Even when I unplugged it and moved it from room to room, it remembered all its settings and generally took care of itself. Even the most benign kitchen gadget will bother you with a firmware update from time to time. About the most annoying thing the Dyson did was occasionally get a bit loud.

Did Pure Cool do its job? I could point to the large archive of graphs in the app to show that it did, but mostly I’d point to my peace of mind. It’s not like wildfires rage outside my home on a regular basis, but I do take seriously the air my family is breathing on a daily basis. While nothing can guarantee good health, the Dyson Pure Cool at least gives you one less thing to worry about.

MacOS Mojave is finally here.

Desktop Stacks, Dark Mode, and new applications (Stocks, News, and Home) are clearly the headline features of Mojave. But there’s lots more under the hood if you know where to look.

SEE ALSO: 5 features of macOS Mojave that will level up your Mac experience

We’ve been digging through macOS 10.14 since the first beta dropped in June, and here are 10 features that will will make all the difference in your Mac experience.

1. Dynamic Desktop

Alongside Dark Mode, which darkens the dock, menu bar, and application windows (that support the mode) to a white-on-black layout, there’s also a new option for the image in your desktop background: Dynamic Desktop. Visually, it’s very cool: the lighting in the picture will change throughout the day to reflect your Mac’s current time, even darkening from morning to night. There are only two different Dynamic Desktop designs with the initial release of Mojave, but now you can get more.

2. MacOS software updates are now in Settings

MacOS updates have been arriving through the Mac App Store for for the past few years, but that’s changing with Mojave. There’s nothing really wrong with that system, but it’s not how iOS works, not to mention other platforms (like Windows 10), which put system updates in Settings.

Mojave moves system software updates to a new panel in System Preferences, which, to a lot of people, will make more sense. It’s a straightforward interface and will make it easier to find those critical updates.

3. Favicons in Safari

It’s not like favicons are new, but Apple has finally added support for them in Safari tabs in Mojave. Even though Apple is late to the game with rolling out this support, interested users will need to enable it. It’s also hidden in Safari Preferences and is not prompted at first launch after updating.

Navigate to preferences in Safari, then click Tabs and turn on “Show website icons in tabs.” Once on, you will see favicons from your website on the tabs. It makes it easy to know which tab is which thanks to the visual cue when you have many open.

4. Autofill security codes

Companies and services are continuing to push users to enable two-factor authentication, which makes accounts more secure. With this feature turned on for a specific service (e.g. Twitter), a code will arrive via an SMS message. You then need to go to Messages and copy the code over.

However, in macOS Mojave, it will now auto suggest to fill the code into the respective spot, meaning you shouldn’t have to do all that copy-and-pasting anymore. It’s a simple feature, but one that will undoubtedly come in handy. There’s also an equivalent autofill feature in iOS 12.

5. Emoji selector in Mail

A few years back an emoji in an email might have been seen as childish or inappropriate. In 2018, it’s practically expected.

MacOS Mojave puts an emoji selector feature built into Mail. This allows for quick and easy access to the all the emojis macOS offers. You can also search by keyword to find the one you’re looking for, and the menu automatically populates with the most frequently used symbols.

6. More control over permissions

In recent iterations of iOS and macOS, Apple has begun to ramp up security — both behind the scenes and in plain sight. Mojave allows for individual microphone and camera access, in addition to more granular permissions for applications across the board. With hacking and security being in the news on a daily basis, it’s nice to have minute control.

7. Siri can help with passwords

If you use iCloud Keychain, Apple’s built-in password manager, there’s now a more natural way to access the secure information.

Just ask Siri to show you your password, and it will pull preferences in Safari. You then enter your password or confirm access with Touch ID, which will open a window with all your saved logins. Once this window is unlocked, you can search by app or service to see the password or copy it for easy pasting.

8. Updated UI for FaceTime

Group FaceTime and the incredible ability to video call with up 32 people at once isn’t in Mojave at launch. But at least we get a redesign of the FaceTime user interface.

A new toolbar will appear in the bottom left-hand corner of the FaceTime window allowing you to mute the microphone, shut the camera off, enter full screen, hang up, or open a sidebar. The sidebar will likely be useful for group calls, when they arrive, as you can see who is in the chat.

9. Full metadata in Finder

Alongside the Gallery View in Finder, Apple now lets you see more about your files. 

Specifically for imagery shot on your iPhone or from a professional camera, you now have access to the metadata, and what you see in the summary is customizable. Now you can include things like lens type, aperture, and color type — a big deal to many photographers and photo editors.

10. More accent colors

Apple has always let users switch between two accent colors within macOS: graphite and blue. The accent is the color used for things like the menu drop-down icon, tick boxes, and buttons. For those who really like to customize their Mac experience, it’s a very nice feature to have.

Mojave now includes eight accent colors. The new ones joining the original graphite and blue are purple, pink, red, orange, yellow, and green.