In a blog post today, Google announced that WebGPU is "now enabled by default in Chrome 121 on devices running Android 12 and greater powered by Qualcomm and ARM GPUs," with support for more Android devices rolling out gradually. Previously, the API was only available on Windows PCs that support Direct3D 12, macOS, and ChromeOS devices that support Vulkan. Google says WebGPU "offers significant benefits such as greatly reduced JavaScript workload for the same graphics and more than three times improvements in machine learning model inferences." With lower-level access to a device's GPU, developers are able to enable richer and more complex visual content in web applications. This will be especially apparent with games, as you can see in this demo. Next up: WebGPU for Chrome on Linux.Read more of this story at Slashdot.
According to Reuters, Reddit plans to launch its initial public offering (IPO) in March, "moving forward with a listing it has been eyeing for more than three years." From the report: It would be the first IPO of a major social media company since Pinterest's, opens new tab debut in 2019, and would come as Reddit and its peers face stiff competition for advertising dollars from the likes of TikTok and Facebook. The offering would also test the willingness of some Reddit users to back the company's stock market debut. Reddit, which filed confidentially for its IPO in December 2021, is planning to make its public filing in late February, launch its roadshow in early March, and complete the IPO by the end of March, two of the sources said. The San Francisco-based company, which was valued at about $10 billion in a funding round in 2021, is seeking to sell about 10% of its shares in the IPO, the sources added. It will decide on what IPO valuation it will pursue closer to the time of the listing, according to the sources.Read more of this story at Slashdot.
An anonymous reader quotes a report from Wired: Stablecoins, cryptocurrencies pegged to a stable value like the US dollar, were created with the promise of bringing the frictionless, border-crossing fluidity of Bitcoin to a form of digital money with far less volatility. That combination has proved to be wildly popular, rocketing the total value of stablecoin transactions since 2022 past even that of Bitcoin itself. It turns out, however, that as stablecoins have become popular among legitimate users over the past two years, they were even more popular among a different kind of user: those exploiting them for billions of dollars of international sanctions evasion and scams. As part of itsannual crime report, cryptocurrency-tracing firm Chainalysis today released new numbers on the disproportionate use of stablecoins for both of those massive categories of illicit crypto transactions over the last year. By analyzing blockchains, Chainalysis determined that stablecoins were used in fully 70 percent of crypto scam transactions in 2023, 83 percent of crypto payments to sanctioned countries like Iran and Russia, and 84 percent of crypto payments to specifically sanctioned individuals and companies. Those numbers far outstrip stablecoins' growing overall use -- including for legitimate purposes -- which accounted for 59 percent of all cryptocurrency transaction volume in 2023. In total, Chainalysis measured $40 billion in illicit stablecoin transactions in 2022 and 2023 combined. The largest single category of that stablecoin-enabled crime was sanctions evasion. In fact, across all cryptocurrencies, sanctions evasion accounted for more than half of the $24.2 billion in criminal transactions Chainalysis observed in 2023, with stablecoins representing the vast majority of those transactions. [...] Chainalysis concedes that the analysis in its report excludes some cryptocurrencies like Monero and Zcash that are designed to be harder or impossible to trace with blockchain analysis. It also says it based its numbers on the type of cryptocurrency sent directly to an illicit actor, which may leave out other currencies used in money laundering processes that repeatedly swap one type of cryptocurrency for another to make tracing more difficult. "Whether it's an individual located in Iran or a bad guy trying to launder money -- either way, there's a benefit to the stability of the US dollar that people are looking to obtain," says Andrew Fierman, Chainalysis' head of sanctions strategy. "If you're in a jurisdiction where you don't have access to the US dollar due to sanctions, stablecoins become an interesting play." Fierman points to Nobitex, the largest cryptocurrency exchange operating in the sanctioned country of Iran, as well as Garantex, a notorious exchange based in Russia that has been specifically sanctioned for its widespread criminal use. According to Chainalysis, "Stablecoin usage on Nobitex outstrips bitcoin by a 9:1 ratio, and on Garantex by a 5:1 ratio," reports Wired. "That's a stark difference from the roughly 1:1 ratio between stablecoins and bitcoins on a few nonsanctioned mainstream exchanges that Chainalysis checked for comparison."Read more of this story at Slashdot.
U.S. edutech platform Coursera added a new user every minute on average for its AI courses in 2023, CEO Jeff Maggioncalda said on Thursday, in a clear sign of people upskilling to tap a potential boom in generative AI. Reuters: The technology behind OpenAI's ChatGPT has taken the world by a storm and sparked a race among companies to roll out their own versions of the viral chatbot. "I'd say the real hotspot is generative AI because it affects so many people," he told Reuters in an interview at the World Economic Forum in Davos. Coursera is looking to offer AI courses along with companies that are the frontrunners in the AI race, including OpenAI and Google's DeepMind, Maggioncalda said. Investors had earlier feared that apps based on generative AI might replace ed-tech firms, but on the contrary the technology has encouraged more people to upskill, benefiting companies such as Coursera. The company has more than 800 AI courses and saw more than 7.4 million enrollments last year. Every student on the platform gets access to a ChatGPT-like AI assistant called "Coach" that provides personalized tutoring.Read more of this story at Slashdot.
OpenAI's stated mission is to create the artificial general intelligence, or AGI. Demis Hassabis, the leader of Google's AI efforts, has the same goal. Now, Meta CEO Mark Zuckerberg is entering the race. From a report: While he doesn't have a timeline for when AGI will be reached, or even an exact definition for it, he wants to build it. At the same time, he's shaking things up by moving Meta's AI research group, FAIR, to the same part of the company as the team building generative AI products across Meta's apps. The goal is for Meta's AI breakthroughs to more directly reach its billions of users. "We've come to this view that, in order to build the products that we want to build, we need to build for general intelligence," Zuckerberg tells me in an exclusive interview. "I think that's important to convey because a lot of the best researchers want to work on the more ambitious problems." [...] No one working on AI, including Zuckerberg, seems to have a clear definition for AGI or an idea of when it will arrive. "I don't have a one-sentence, pithy definition," he tells me. "You can quibble about if general intelligence is akin to human level intelligence, or is it like human-plus, or is it some far-future super intelligence. But to me, the important part is actually the breadth of it, which is that intelligence has all these different capabilities where you have to be able to reason and have intuition." He sees its eventual arrival as being a gradual process, rather than a single moment. "I'm not actually that sure that some specific threshold will feel that profound." As Zuckerberg explains it, Meta's new, broader focus on AGI was influenced by the release of Llama 2, its latest large language model, last year. The company didn't think that the ability for it to generate code made sense for how people would use a LLM in Meta's apps. But it's still an important skill to develop for building smarter AI, so Meta built it anyway. External research has pegged Meta's H100 shipments for 2023 at 150,000, a number that is tied only with Microsoft's shipments and at least three times larger than everyone else's. When its Nvidia A100s and other AI chips are accounted for, Meta will have a stockpile of almost 600,000 GPUs by the end of 2024, according to Zuckerberg.Read more of this story at Slashdot.
Microsoft today made Reading Coach, its AI-powered tool that provides learners with personalized reading practice, available at no cost to anyone with a Microsoft account. From a report: As of this morning, Reading Coach is accessible on the web in preview -- a Windows app is forthcoming. And soon (in late spring), Reading Coach will integrate with learning management systems such as Canva, Microsoft says. Reading Coach builds on Reading Progress, a plug-in for the education-focused version of Microsoft Teams, Teams for Education, designed to help teachers foster reading fluency in their students. Inspired by the success of Reading Progress (evidently), Microsoft launched Reading Coach in 2022 as a part of Teams for Education and Immersive Reader, the company's cross-platform assistive service for language and reading comprehension.Read more of this story at Slashdot.
Coinbase said buying cryptocurrency on an exchange was more like collecting Beanie Babies than investing in a stock or bond. From a report: The biggest US crypto exchange made the comparison Wednesday in a New York federal court hearing. Coinbase was arguing for the dismissal of a Securities and Exchange Commission lawsuit accusing it of selling unregistered securities. William Savitt, a lawyer for Coinbase, told US District Judge Katherine Polk Failla that tokens trading on the exchange aren't securities subject to SEC jurisdiction because buyers don't gain any rights as a part of their purchases, as they do with stocks or bonds. "It's the difference between buying Beanie Babies Inc and buying Beanie Babies," Savitt said. The question of whether digital tokens are securities has divided courts.Read more of this story at Slashdot.
Private equity firms are increasingly buying hospitals across the US, and when they do, patients suffer, according to two separate reports. Specifically, the equity firms cut corners, slash services, lay off staff, lower quality of care, take on substantial debt, and reduce charity care, leading to lower ratings and more medical errors, the reports collectively find. ArsTechnica: Last week, the financial watchdog organization Private Equity Stakeholder Project (PESP) released a report delving into the state of two of the nation's largest hospital systems, Lifepoint and ScionHealth -- both owned by private equity firm Apollo Global Management. Through those two systems, Apollo runs 220 hospitals in 36 states, employing around 75,000 people. The report found that some of Apollo's hospitals were among the worst in their respective states, based on a ranking by The Lown Institute Hospital Index. The index ranks hospitals and health systems based on health equity, value, and outcomes, PESP notes. The hospitals also have dismal readmission rates and government rankings. The Center for Medicare and Medicaid Services (CMS) ranks hospitals on a one- to five-star system, with the national average of 3.2 stars overall and about 30 percent of hospitals at two stars or below. Apollo's overall average is 2.8 stars, with nearly 40 percent of hospitals at two stars or below. The other report, a study published in JAMA late last month, found that the rate of serious medical errors and health complications increases among patients in the first few years after private equity firms take over. The study examined Medicare claims from 51 private equity-run hospitals and 259 matched control hospitals. Specifically, the study, led by researchers at Harvard University, found that patients admitted to private equity-owned hospitals had a 25 percent increase in developing hospital-acquired conditions compared with patients in the control hospitals. In private equity hospitals, patients experienced a 27 percent increase in falls, a 38 percent increase in central-line bloodstream infections (despite placing 16 percent fewer central lines than control hospitals), and surgical site infections doubled.Read more of this story at Slashdot.
The EU has proposed sweeping changes within the music streaming industry to promote smaller artists and make sure underpaid performers are being fairly compensated. From a report: A resolution to address concerns regarding inadequate streaming royalties for artists and biased recommendation algorithms was adopted by members of the European Parliament (MEPs) on Wednesday, highlighting that no existing EU rules currently apply to music streaming services, despite being the most popular way to consume audio. The proposition was made to ensure European musical works are accessible and avoid being overshadowed by the "overwhelming amount" of content being continually added to streaming platforms like Spotify. MEPs also called for outdated "pre-digital" royalty rates to be revised, noting that some schemes force performers to accept little to no revenue in exchange for greater exposure. Imposing quotas for European musical works is being considered to help promote artists in the EU.Read more of this story at Slashdot.
Apple has updated its long-standing App Store guidelines, giving developers the option to let users make in-app purchases for iOS apps outside of its App Store. But the changes still haven't won over one of the company's longtime critics. From a report: Under the new rules, app developers can provide customers with links to third-party purchase options for their apps, but they must still pay Apple fees of either 12% or 27%. Spotify, one of Apple's biggest critics, isn't a fan of the changes. In a statement, the music streaming service slammed the new rules. "Once again, Apple has demonstrated that they will stop at nothing to protect the profits they exact on the backs of developers and consumers under their app store monopoly," the company said in a statement. "Their latest move in the US -- imposing a 27% fee for transactions made outside of an app on a developer's website -- is outrageous and flies in the face of the court's efforts to enable greater competition and user choice." Tech columnist John Gruber, writing at DaringFireball: Maybe the cynics are right! Let's just concede that they are, and that Apple will only make decisions here that benefit its bottom line. My argument remains that Apple should not be pursuing this plan for complying with the anti-steering injunction by collecting commissions from web sales that initiate in-app. Whatever revenue Apple would lose to non-commissioned web sales (for non-games) is not worth the hit they are taking to the company's brand and reputationa--athis move reeks of greed and avaricea--anor the increased ire and scrutiny of regulators and legislators on the "anti-Big-Tech" hunt. Apple should have been looking for ways to lessen regulatory and legislative pressure over the past few years, and in today's climate that's more true than ever. But instead, their stance has seemingly been "Bring it on." Confrontational, not conciliatory, conceding not an inch. Rather than take a sure win with most of what they could want, Apple is seemingly hell-bent on trying to keep everything. To win in chess all you need is to capture your opponent's king. Apple seemingly wants to capture every last piece on the boarda--aeven while playing in a tournament where the referees (regulators) are known to look askance at blatant poor sportsmanship (greed). Apple's calculus should be to balance its natural desire to book large amounts of revenue from the App Store with policies that to some degree placate, rather than antagonize, regulators and legislators. No matter what the sport, no matter what the letter of the rulebook says, it's never a good idea to piss off the refs.Read more of this story at Slashdot.
Google News is boosting sites that rip-off other outlets by using AI to rapidly churn out content, 404 Media has found. From the report: Google told 404 Media that although it tries to address spam on Google News, the company ultimately does not focus on whether a news article was written by an AI or a human, opening the way for more AI-generated content making its way onto Google News. The presence of AI-generated content on Google News signals two things: first, the black box nature of Google News, with entry into Google News' rankings in the first place an opaque, but apparently gameable, system. Second, is how Google may not be ready for moderating its News service in the age of consumer-access AI, where essentially anyone is able to churn out a mass of content with little to no regard for its quality or originality.Read more of this story at Slashdot.
OpenAI on Thursday announced its first partnership with a higher education institution. Starting in February, Arizona State University will have full access to ChatGPT Enterprise and plans to use it for coursework, tutoring, research and more. From a report: The partnership has been in the works for at least six months, when ASU chief information officer Lev Gonick first visited OpenAI's HQ, which was preceded by the university faculty and staff's earlier use of ChatGPT and other artificial intelligence tools, Gonick told CNBC in an interview. ChatGPT Enterprise, which debuted in August, is ChatGPT's business tier and includes access to GPT-4 with no usage caps, performance that's up to two times faster than previous versions and API credits. With the OpenAI partnership, ASU plans to build a personalized AI tutor for students, not only for certain courses but also for study topics. STEM subjects are a focus and are "the make-or-break subjects for a lot of higher education," Gonick said. The university will also use the tool in ASU's largest course, Freshman Composition, to offer students writing help. ASU also plans to use ChatGPT Enterprise to develop AI avatars as a "creative buddy" for studying certain subjects, like bots that can sing or write poetry about biology, for instance.Read more of this story at Slashdot.
Google researchers say they have evidence that a notorious Russian-linked hacking group -- tracked as "Cold River" -- is evolving its tactics beyond phishing to target victims with data-stealing malware. From a report: Cold River, also known as "Callisto Group" and "Star Blizzard," is known for conducting long-running espionage campaigns against NATO countries, particularly the United States and the United Kingdom. Researchers believe the group's activities, which typically target high-profile individuals and organizations involved in international affairs and defense, suggest close ties to the Russian state. U.S. prosecutors in December indicted two Russian nationals linked to the group. Google's Threat Analysis Group (TAG) said in new research this week that it has observed Cold River ramping up its activity in recent months and using new tactics capable of causing more disruption to its victims, predominantly targets in Ukraine and its NATO allies, academic institutions and non-government organizations. These latest findings come soon after Microsoft researchers reported that the Russia-aligned hacking group had improved its ability to evade detection. In research shared with TechCrunch ahead of its publication on Thursday, TAG researchers say that Cold River has continued to shift beyond its usual tactic of phishing for credentials to delivering malware via campaigns using PDF documents as lures.Read more of this story at Slashdot.
Google has laid off over a thousand employees across various departments since January 10th. CEO Sundar Pichai's message is to brace for more cuts. The Verge: "We have ambitious goals and will be investing in our big priorities this year," Pichai told all Google employees on Wednesday in an internal memo that was shared with me. "The reality is that to create the capacity for this investment, we have to make tough choices." So far, those "tough choices" have included layoffs and reorganizations in Google's hardware, ad sales, search, shopping, maps, policy, core engineering, and YouTube teams. "These role eliminations are not at the scale of last year's reductions, and will not touch every team," Pichai wrote in his memo -- a reference to when Google cut 12,000 jobs this time last year. "But I know it's very difficult to see colleagues and teams impacted." Pichai said the layoffs this year were about "removing layers to simplify execution and drive velocity in some areas." He confirmed what many inside Google have been fearing: that more "role eliminations" are to come. "Many of these changes are already announced, though to be upfront, some teams will continue to make specific resource allocation decisions throughout the year where needed, and some roles may be impacted," he wrote.Read more of this story at Slashdot.
When Microsoft announced it was baking ChatGPT into its Bing search engine last February, bullish analysts declared the move an "iPhone moment" that could upend the search market and chip away at Google's dominance. "The entire search category is now going through a sea change," Chief Executive Officer Satya Nadella said at the time. "That opportunity comes very few times." Almost a year later, the sea has yet to change. Bloomberg: The new Bing -- powered by OpenAI's generative AI technology -- dazzled internet users with conversational replies to queries asked in a natural way. But Microsoft's search engine ended 2023 with just 3.4% of the global search market, according to data analytics firm StatCounter, up less than 1 percentage point since the ChatGPT announcement. Bing has long struggled for relevance and attracted more mockery than recognition over the years as a serious alternative to Google. Multiple rebrandings and redesigns since its 2009 debut did little to boost Bing's popularity. A month before Microsoft infused the search engine with generative AI, people were spending 33% less time using it than they had 12 months earlier, according to SensorTower. The ChatGPT reboot at least helped reverse those declines. In the second quarter of 2023, US monthly active users more than doubled year over year to 3.1 million, according to a Bloomberg Intelligence analysis of SensorTower mobile app data. Overall, users were spending 84% more time on the search engine, the data show. By year-end, Bing's monthly active users had increased steadily to 4.4 million, according to SensorTower.Read more of this story at Slashdot.
An anonymous reader quotes a report from Wired: As more companies ramp up development of artificial intelligence systems, they are increasingly turning to graphics processing unit (GPU) chips for the computing power they need to run large language models (LLMs) and to crunch data quickly at massive scale. Between video game processing and AI, demand for GPUs has never been higher, and chipmakers are rushing to bolster supply. In new findings released today, though, researchers are highlighting a vulnerability in multiple brands and models of mainstream GPUs -- including Apple, Qualcomm, and AMD chips -- that could allow an attacker to steal large quantities of data from a GPU's memory. The silicon industry has spent years refining the security of central processing units, or CPUs, so they don't leak data in memory even when they are built to optimize for speed. However, since GPUs were designed for raw graphics processing power, they haven't been architected to the same degree with data privacy as a priority. As generative AI and other machine learning applications expand the uses of these chips, though, researchers from New York -- based security firm Trail of Bits say that vulnerabilities in GPUs are an increasingly urgent concern. "There is a broader security concern about these GPUs not being as secure as they should be and leaking a significant amount of data," Heidy Khlaaf, Trail of Bits' engineering director for AI and machine learning assurance, tells WIRED. "We're looking at anywhere from 5 megabytes to 180 megabytes. In the CPU world, even a bit is too much to reveal." To exploit the vulnerability, which the researchers call LeftoverLocals, attackers would need to already have established some amount of operating system access on a target's device. Modern computers and servers are specifically designed to silo data so multiple users can share the same processing resources without being able to access each others' data. But a LeftoverLocals attack breaks down these walls. Exploiting the vulnerability would allow a hacker to exfiltrate data they shouldn't be able to access from the local memory of vulnerable GPUs, exposing whatever data happens to be there for the taking, which could include queries and responses generated by LLMs as well as the weights driving the response. In their proof of concept, as seen in the GIF below, the researchers demonstrate an attack where a target -- shown on the left -- asks the open source LLM Llama.cpp to provide details about WIRED magazine. Within seconds, the attacker's device -- shown on the right -- collects the majority of the response provided by the LLM by carrying out a LeftoverLocals attack on vulnerable GPU memory. The attack program the researchers created uses less than 10 lines of code. [...] Though exploiting the vulnerability would require some amount of existing access to targets' devices, the potential implications are significant given that it is common for highly motivated attackers to carry out hacks by chaining multiple vulnerabilities together. Furthermore, establishing "initial access" to a device is already necessary for many common types of digital attacks. The researchers did not find evidence that Nvidia, Intel, or Arm GPUs contain the LeftoverLocals vulnerability, but Apple, Qualcomm, and AMD all confirmed to WIRED that they are impacted. Here's what each of the affected companies had to say about the vulnerability, as reported by Wired: Apple: An Apple spokesperson acknowledged LeftoverLocals and noted that the company shipped fixes with its latest M3 and A17 processors, which it unveiled at the end of 2023. This means that the vulnerability is seemingly still present in millions of existing iPhones, iPads, and MacBooks that depend on previous generations of Apple silicon. On January 10, the Trail of Bits researchers retested the vulnerability on a number of Apple devices. They found that Apple's M2 MacBook Air was still vulnerable, but the iPad Air 3rd generation A12 appeared to have been patched.Qualcomm: A Qualcomm spokesperson told WIRED that the company is "in the process" of providing security updates to its customers, adding, "We encourage end users to apply security updates as they become available from their device makers." The Trail of Bits researchers say Qualcomm confirmed it has released firmware patches for the vulnerability.AMD: AMD released a security advisory on Wednesday detailing its plans to offer fixes for LeftoverLocals. The protections will be "optional mitigations" released in March.Google: For its part, Google says in a statement that it "is aware of this vulnerability impacting AMD, Apple, and Qualcomm GPUs. Google has released fixes for ChromeOS devices with impacted AMD and Qualcomm GPUs."Read more of this story at Slashdot.
In an opinion piece for the Guardian, American journalist and author John R. MacArthur discusses the alarming decline in reading skills among American youth, highlighted by a Department of Education survey showing significant drops in text comprehension since 2019-2020, with the situation worsening since 2012. While remote learning during the pandemic and other factors like screen-based reading are blamed, a new study by Columbia University suggests that reading on paper is more effective for comprehension than reading on screens, a finding not yet widely adopted in digital-focused educational approaches. From the report: What if the principal culprit behind the fall of middle-school literacy is neither a virus, nor a union leader, nor "remote learning"? Until recently there has been no scientific answer to this urgent question, but a soon-to-be published, groundbreaking study from neuroscientists at Columbia University's Teachers College has come down decisively on the matter: for "deeper reading" there is a clear advantage to reading a text on paper, rather than on a screen, where "shallow reading was observed." [...] [Dr Karen Froud] and her team are cautious in their conclusions and reluctant to make hard recommendations for classroom protocol and curriculum. Nevertheless, the researchers state: "We do think that these study outcomes warrant adding our voices ... in suggesting that we should not yet throw away printed books, since we were able to observe in our participant sample an advantage for depth of processing when reading from print." I would go even further than Froud in delineating what's at stake. For more than a decade, social scientists, including the Norwegian scholar Anne Mangen, have been reporting on the superiority of reading comprehension and retention on paper. As Froud's team says in its article: "Reading both expository and complex texts from paper seems to be consistently associated with deeper comprehension and learning" across the full range of social scientific literature. But the work of Mangen and others hasn't influenced local school boards, such as Houston's, which keep throwing out printed books and closing libraries in favor of digital teaching programs and Google Chromebooks. Drunk on the magical realism and exaggerated promises of the "digital revolution," school districts around the country are eagerly converting to computerized test-taking and screen-reading programs at the precise moment when rigorous scientific research is showing that the old-fashioned paper method is better for teaching children how to read. Indeed, for the tech boosters, Covid really wasn't all bad for public-school education: "As much as the pandemic was an awful time period," says Todd Winch, the Levittown, Long Island, school superintendent, "one silver lining was it pushed us forward to quickly add tech supports." Newsday enthusiastically reports: "Island schools are going all-in on high tech, with teachers saying they are using computer programs such as Google Classroom, I-Ready, and Canvas to deliver tests and assignments and to grade papers." Terrific, especially for Google, which was slated to sell 600 Chromebooks to the Jericho school district, and which since 2020 has sold nearly $14bn worth of the cheap laptops to K-12 schools and universities. If only Winch and his colleagues had attended the Teachers College symposium that presented the Froud study last September. The star panelist was the nation's leading expert on reading and the brain, John Gabrieli, an MIT neuroscientist who is skeptical about the promises of big tech and its salesmen: "I am impressed how educational technology has had no effect on scale, on reading outcomes, on reading difficulties, on equity issues," he told the New York audience. "How is it that none of it has lifted, on any scale, reading? ... It's like people just say, "Here is a product. If you can get it into a thousand classrooms, we'll make a bunch of money.' And that's OK; that's our system. We just have to evaluate which technology is helping people, and then promote that technology over the marketing of technology that has made no difference on behalf of students ... It's all been product and not purpose." I'll only take issue with the notion that it's "OK" to rob kids of their full intellectual potential in the service of sales -- before they even get started understanding what it means to think, let alone read.Read more of this story at Slashdot.
With NASA's Artemis moon program now targeting September 2025 for its Artemis 2 mission and September 2026 for Artemis 3, some members of Congress are concerned about the potential repercussions, particularly with China's growing ambitions in lunar exploration. "For the United States and its partners not to be on the moon when others are on the moon is unacceptable," said Mike Griffin, former NASA administrator. "We need a program that is consistent with that theme. Artemis is not that program. We need to restart it, not keep it on track." Space.com reports: The U.S. House of Representatives' Committee on Science, Space and Technology held a hearing about the new Artemis plan today (Jan. 17), and multiple members voiced concern about the slippage. "I remind my colleagues that we are not the only country interested in sending humans to the moon," Committee Chairman Frank Lucas (R-OK) said in his opening remarks. "The Chinese Communist Party is actively soliciting international partners for a lunar mission -- a lunar research station -- and has stated its ambition to have human astronauts on the surface by 2030," he added. "The country that lands first will have the ability to set a precedent for whether future lunar activities are conducted with openness and transparency, or in a more restricted manner." The committee's ranking member, California Democrat Zoe Lofgren (D-CA), voiced similar sentiments. "Let me be clear: I support Artemis," she said in her opening remarks. "But I want it to be successful, especially with China at our heels. And we want to be helpful here in the committee in ensuring that Artemis is strong and staying on track as we look to lead the world, hand-in-hand with our partners, in the human exploration of the moon and beyond." Several other committee members stressed that the new moon race is part of a broader competition with China, and that coming in second could imperil U.S. national security. "It's no secret that China has a goal to surpass the United States by 2045 as global leaders in space. We can't allow this to happen," Rich McCormick (R-GA) said during the hearing. "I think the leading edge that we have in space technology will protect the United States -- not just the economy, but technologies that can benefit humankind." And Bill Posey (R-FL) referred to space as the "ultimate military high ground," saying that whoever leads in the final frontier "will control the destiny of this Earth."Read more of this story at Slashdot.
An anonymous reader quotes a report from BleepingComputer: Have I Been Pwned has added almost 71 million email addresses associated with stolen accounts in the Naz.API dataset to its data breach notification service. The Naz.API dataset is a massive collection of 1 billion credentials compiled using credential stuffing lists and data stolen by information-stealing malware. Credential stuffing lists are collections of login name and password pairs stolen from previous data breaches that are used to breach accounts on other sites. Information-stealing malware attempts to steal a wide variety of data from an infected computer, including credentials saved in browsers, VPN clients, and FTP clients. This type of malware also attempts to steal SSH keys, credit cards, cookies, browsing history, and cryptocurrency wallets. The stolen data is collected in text files and images, which are stored in archives called "logs." These logs are then uploaded to a remote server to be collected later by the attacker. Regardless of how the credentials are stolen, they are then used to breach accounts owned by the victim, sold to other threat actors on cybercrime marketplaces, or released for free on hacker forums to gain reputation amongst the hacking community. The Naz.API is a dataset allegedly containing over 1 billion lines of stolen credentials compiled from credential stuffing lists and from information-stealing malware logs. It should be noted that while the Naz.API dataset name includes the word "Naz," it is not related to network attached storage (NAS) devices. This dataset has been floating around the data breach community for quite a while but rose to notoriety after it was used to fuel an open-source intelligence (OSINT) platform called illicit.services. This service allows visitors to search a database of stolen information, including names, phone numbers, email addresses, and other personal data. The service shut down in July 2023 out of concerns it was being used for Doxxing and SIM-swapping attacks. However, the operator enabled the service again in September. Illicit.services use data from various sources, but one of its largest sources of data came from the Naz.API dataset, which was shared privately among a small number of people. Each line in the Naz.API data consists of a login URL, its login name, and an associated password stolen from a person's device, as shown [here]. "Here's the back story: this week I was contacted by a well-known tech company that had received a bug bounty submission based on a credential stuffing list posted to a popular hacking forum," explained Troy Hunt, the creator of Have I Been Pwned, in blog post. "Whilst this post dates back almost 4 months, it hadn't come across my radar until now and inevitably, also hadn't been sent to the aforementioned tech company." "They took it seriously enough to take appropriate action against their (very sizeable) user base which gave me enough cause to investigate it further than your average cred stuffing list." To check if your credentials are in the Naz.API dataset, you can visit Have I Been Pwned.Read more of this story at Slashdot.
"The ambient light sensors present in most mobile devices can be accessed by software without any special permissions, unlike permissions required for accessing the microphone or the cameras," writes longtime Slashdot reader BishopBerkeley. "When properly interrogated, the data from the light sensor can reveal much about the user." IEEE Spectrum reports: While that may not seem to provide much detailed information, researchers have already shown these sensors can detect light intensity changes that can be used to infer what kind of TV programs someone is watching, what websites they are browsing or even keypad entries on a touchscreen. Now, [Yang Liu, a PhD student at MIT] and colleagues have shown in a paper in Science Advances that by cross-referencing data from the ambient light sensor on a tablet with specially tailored videos displayed on the tablet's screen, it's possible to generate images of a user's hands as they interact with the tablet. While the images are low-resolution and currently take impractically long to capture, he says this kind of approach could allow a determined attacker to infer how someone is using the touchscreen on their device. [...] "The acquisition time in minutes is too cumbersome to launch simple and general privacy attacks on a mass scale," says Lukasz Olejnik, an independent security researcher and consultant who has previously highlighted the security risks posed by ambient light sensors. "However, I would not rule out the significance of targeted collections for tailored operations against chosen targets." But he also points out that, following his earlier research, the World Wide Web Consortium issued a new standard that limited access to the light sensor API, which has already been adopted by browser vendors. Liu notes, however, that there are still no blanket restrictions for Android apps. In addition, the researchers discovered that some devices directly log data from the light sensor in a system file that is easily accessible, bypassing the need to go through an API. The team also found that lowering the resolution of the images could bring the acquisition times within practical limits while still maintaining enough detail for basic recognition tasks. Nonetheless, Liu agrees that the approach is too complicated for widespread attacks. And one saving grace is that it is unlikely to ever work on a smartphone as the displays are simply too small. But Liu says their results demonstrate how seemingly harmless combinations of components in mobile devices can lead to surprising security risks.Read more of this story at Slashdot.
According to Axios, former Meta chief operating officer Sheryl Sandberg plans to leave Meta's board of directors after holding a seat for the past 12 years. From the report: "With a heart filled with gratitude and a mind filled with memories, I let the Meta board know that I will not stand for reelection this May," Sandberg wrote In a Facebook post announcing her departure. "After I left my role as COO, I remained on the board to help ensure a successful transition," Sandberg said. Acknowledging CEO Mark Zuckerberg's leadership, Sandberg said he and Meta's current leadership team "have proven beyond a doubt that the Meta business is strong and well-positioned for the future, so this feels like the right time to step away." "I will always be grateful to Mark for believing in me and for his partnership and friendship; he is that truly once-in-a-generation visionary leader and he is equally amazing as a friend who stays by your side through the good times and the bad," Sandberg added. She also expressed gratitude to her colleagues and teammates at Meta as well as Meta's board members. Sandberg left the company she helped build as an executive in September 2022 after 14 years. She remained on Meta's board following her departure, a seat she held for the past 12 years. In announcing her departure, Sandberg said she aimed to focus on more philanthropic work. In the time since leaving the company as an executive, she has focused more her time on her women's leadership philanthropy, Lean In. More recently, Sandberg has also focused on the conversation around rape and sexual violence as a weapon of war, particularly as it pertains to the Israel-Hamas conflict. Axios notes that Meta's revenue "grew 43,000% from $272 million in 2008 to nearly $118 billion in 2021" under Sandberg's business leadership.Read more of this story at Slashdot.
A U.S. Court of Appeals said Apple will again be barred from selling the Apple Watch Series 9 and Ultra 2 beginning Thursday. These models both contain a blood oxygen sensor that infringes on the intellectual property of medical device company Masimo. "The court order Wednesday did not rule on Apple's effort to overturn a U.S. International Trade Commission ban on the company selling the affected watches in the United States," notes CNBC. "But it lifted an injunction that had blocked the ban from taking effect while that appeal is pending." From the report: In December, Apple chose to briefly remove the affected watches from its online and retail stores, though retailers with those devices in stock may still sell them. Earlier this week, court filings suggested that Apple had received approval from U.S. Customs for a modified version of its Apple Watches that lack the blood oxygen feature and therefore no longer infringe on Masimo's intellectual property. It could open a path for a modified Apple Watch to return to U.S. store shelves.Read more of this story at Slashdot.
Since launching in 2007, Harmonix's Rock Band has released over 2,800 DLC songs to keep its rhythm game fresh. Now, Harmonix has announced the last of the series' releases will arrive on January 25, "marking the end of a nearly 16-year era in music gaming history," reports Ars Technica. From the report: Previously purchased DLC songs will still be playable in Rock Band 4, Harmonix's Daniel Sussman writes in an announcement post. Rock Band 4 live services, including online play, will also continue as normal, after online game modes for earlier Rock Band games were finally shut down in late 2022. "Taking a longer look back, I see the Rock Band DLC catalog as a huge achievement in persistence and commitment," Sussman writes. "Over the years we've cleared, authored and released nearly 3,000 songs as DLC and well over 3,000 if you include all the game soundtracks. That's wild." [...] While official support for Rock Band DLC is finally ending, the community behind Clone Hero just recently hit an official Version 1.0 release for their PC-based rhythm game that's compatible with many guitars, drums, keyboards, gamepads, and adapters used in Rock Band and other console rhythm games (microphones excluded). While that game doesn't come with anything like Rock Band's list of officially licensed song content, it's not hard to find a bevy of downloadable, fan-made custom Clone Hero tracks with a little bit of searching. Since shortly after its acquisition by Epic in 2021, Harmonix has been working on "Fortnite Festival," the incredibly Rock Band-esque mini-game embedded in Epic's Fortnite "metaverse." Sussman writes that a "rotating selection" of free-to-play songs will continue to cycle through that game mode, and that support for Rock Band 4 instruments will be coming to Fortnite in the future as well (peripheral-maker PDP looks like it will be getting in on the Fortnite guitar act as well). As for the last few weeks of Rock Band DLC offerings, Sussman writes that Harmonix is planning "some tear jerkers that sum up our feelings about this moment."Read more of this story at Slashdot.
An anonymous reader quotes a report from MIT Technology Review: Google DeepMind has created an AI system that can solve complex geometry problems. It's a significant step towards machines with more human-like reasoning skills, experts say. Geometry, and mathematics more broadly, have challenged AI researchers for some time. Compared with text-based AI models, there is significantly less training data for mathematics because it is symbol driven and domain specific, says Thang Wang, a coauthor of the research, which is published in Nature today. Solving mathematics problems requires logical reasoning, something that most current AI models aren't great at. This demand for reasoning is why mathematics serves as an important benchmark to gauge progress in AI intelligence, says Wang. DeepMind's program, named AlphaGeometry, combines a language model with a type of AI called a symbolic engine, which uses symbols and logical rules to make deductions. Language models excel at recognizing patterns and predicting subsequent steps in a process. However, their reasoning lacks the rigor required for mathematical problem-solving. The symbolic engine, on the other hand, is based purely on formal logic and strict rules, which allows it to guide the language model toward rational decisions. These two approaches, responsible for creative thinking and logical reasoning respectively, work together to solve difficult mathematical problems. This closely mimics how humans work through geometry problems, combining their existing understanding with explorative experimentation. DeepMind says it tested AlphaGeometry on 30 geometry problems at the same level of difficulty found at the International Mathematical Olympiad, a competition for top high school mathematics students. It completed 25 within the time limit. The previous state-of-the-art system, developed by the Chinese mathematician Wen-Tsun Wu in 1978, completed only 10. "This is a really impressive result," says Floris van Doorn, a mathematics professor at the University of Bonn, who was not involved in the research. "I expected this to still be multiple years away." DeepMind says this system demonstrates AI's ability to reason and discover new mathematical knowledge. "This is another example that reinforces how AI can help us advance science and better understand the underlying processes that determine how the world works," said Quoc V. Le, a scientist at Google DeepMind and one of the authors of the research, at a press conference.Read more of this story at Slashdot.
Cancer deaths in the United States are falling, with four million deaths prevented since 1991, according to the American Cancer Society's annual report. At the same time, the society reported that the number of new cancer cases had ticked up to more than two million in 2023, from 1.9 million in 2022. The New York Times: Cancer remains the second leading cause of death in the United States, after heart disease. Doctors believe that it is urgent to understand changes in the death rate, as well as changes in cancer diagnoses. The cancer society highlighted three chief factors in reduced cancer deaths: declines in smoking, early detection and greatly improved treatments. Breast cancer mortality is one area where treatment had a significant impact. In the 1980s and 1990s, metastatic breast cancer "was regarded as a death sentence," said Donald Berry, a statistician at the University of Texas MD Anderson Cancer Center and an author of a new paper on breast cancer with Sylvia K. Plevritis of Stanford University and other researchers (several authors of the paper reported receiving payments from companies involved in cancer therapies). The paper, published Tuesday in JAMA, found that the death rate from breast cancer had fallen to 27 per 100,000 women in 2019 from 48 per 100,000 in 1975. That includes metastatic cancer, which counted for nearly 30 percent of the reduction in the breast cancer death rate. Breast cancer treatment has improved so much that it has become a bigger factor than screening in saving lives, said Ruth Etzioni, a biostatistician at the Fred Hutchinson Cancer Center. Death rates have even declined among women in their 40s, who generally did not have regular mammograms, said Dr. Mette Kalager, a professor of medicine at the University of Oslo and Oslo University Hospital, "indicating a substantial effect of treatment," she said.Read more of this story at Slashdot.
An anonymous reader quotes a report from Ars Technica: OpenAI may finally have to answer for ChatGPT's "hallucinations" in court after a Georgia judge recently ruled against the tech company's motion to dismiss a radio host's defamation suit (PDF). OpenAI had argued that ChatGPT's output cannot be considered libel, partly because the chatbot output cannot be considered a "publication," which is a key element of a defamation claim. In its motion to dismiss, OpenAI also argued that Georgia radio host Mark Walters could not prove that the company acted with actual malice or that anyone believed the allegedly libelous statements were true or that he was harmed by the alleged publication. It's too early to say whether Judge Tracie Cason found OpenAI's arguments persuasive. In her order denying OpenAI's motion to dismiss, which MediaPost shared here, Cason did not specify how she arrived at her decision, saying only that she had "carefully" considered arguments and applicable laws. There may be some clues as to how Cason reached her decision in a court filing (PDF) from John Monroe, attorney for Walters, when opposing the motion to dismiss last year. Monroe had argued that OpenAI improperly moved to dismiss the lawsuit by arguing facts that have yet to be proven in court. If OpenAI intended the court to rule on those arguments, Monroe suggested that a motion for summary judgment would have been the proper step at this stage in the proceedings, not a motion to dismiss. Had OpenAI gone that route, though, Walters would have had an opportunity to present additional evidence. To survive a motion to dismiss, all Walters had to do was show that his complaint was reasonably supported by facts, Monroe argued. Failing to convince the court that Walters had no case, OpenAI's legal theories regarding its liability for ChatGPT's "hallucinations" will now likely face their first test in court. "We are pleased the court denied the motion to dismiss so that the parties will have an opportunity to explore, and obtain a decision on, the merits of the case," Monroe told Ars. "Walters sued OpenAI after a journalist, Fred Riehl, warned him that in response to a query, ChatGPT had fabricated an entire lawsuit," notes Ars. "Generating an entire complaint with an erroneous case number, ChatGPT falsely claimed that Walters had been accused of defrauding and embezzling funds from the Second Amendment Foundation." "With the lawsuit moving forward, curious chatbot users everywhere may finally get the answer to a question that has been unclear since ChatGPT quickly became the fastest-growing consumer application of all time after its launch in November 2022: Will ChatGPT's hallucinations be allowed to ruin lives?"Read more of this story at Slashdot.
Samsung announced it's working on a smart ring, describing it as a "powerful and accessible" health and wellness device. The Verge reports: Outside of a brief video showing off what the Galaxy Ring looks like, Samsung didn't share much more about the ring. The company didn't say when the device is coming out or what it might cost, for example. [...] Given today's focus on AI features for Samsung's new Galaxy smartphones, I'm guessing that Samsung will tout some AI-powered tools for the Galaxy Ring at some point, too. Hopefully Samsung doesn't wait too long to share more.Read more of this story at Slashdot.
Samsung announced its new flagship Galaxy S24 smartphone lineup today, with loads of new artificial intelligence features. CNBC reports: For Samsung's top-tier S24 Ultra, which is the company's biggest of the three devices and comes with punchier specs and features, Samsung is using a version of Qualcomm's latest Snapdragon Series 8 Gen 3 optimized for Galaxy. The company is using a mix of Qualcomm systems-on-chips (SoCs) and its own Exynos chipset for its S24 and S24+ models. [...] The Samsung Galaxy S24 Ultra is the main event for most tech gadget enthusiasts -- and, for the most part, it isn't a whole lot different to the Galaxy S23 Ultra looks-wise. That's because Samsung isn't changing an awful lot with the hardware. It still comes in the same size as its predecessor -- the display is 6.8 inches, measured diagonally, though the phone is flatter this time round. The S23 Ultra had more curvature to it. The big upgrade to the external hardware with this model is that it's cased in titanium, so it's a lot sturdier than the S23 Ultra. The main difference this time round is what's inside: Samsung is going big on artificial intelligence. A key focus for Samsung, like other smartphone makers, now is on "on-demand" AI -- or, the ability to carry out AI workloads directly on a device, rather than over the cloud. Samsung said its new Galaxy S24 Ultra will come with a bunch of new AI features, a lot of which is being powered by Qualcomm's Snapdragon 8 Gen 3 chipset for mobile, which is tailored for AI devices. One feature Samsung's loading into the Galaxy S24 range is the ability to circle locations or items a user is directing their camera at, or on a picture they've taken, and then look up results on what those things are. So, for instance, if you see a landmark or a shoe you want to buy, you can make a circle around that object and then the AI shows you appropriate results on Google. Another feature Samsung touted is the ability to use AI to edit photos. So users can edit reflections out of pictures they've taken, for instance if you took a picture of yourself in front of a window. Or you can move a person from one side of the room to another by dragging them from left to right. Samsung also showcased live transcription features with its latest smartphones. When calling someone who's speaking in French, for instance, a user can pull up a transcription that's being fed through to them in real time. You can also record a conversation between two people and get it transcribed, while the AI assigns a label to each person speaking, similar to transcription products like Otter AI. Samsung is also incorporating AI watermarking into these features, helping to combat misinformation and copyright infringement. "So when a Galaxy S24 user uses AI to modify a photo, Samsung will keep a log of what was changed with AI and store it in the metadata," reports CNBC. "It'll also have an icon in the bottom left corner to show that the image has been edited using AI, kind of like a watermark."Read more of this story at Slashdot.
An anonymous reader shares a report: Fortnite maker Epic Games is not happy about how Apple intends to comply with a district court's injunction that permitted app developers to direct users to their own websites and payment platforms -- a court order that came into effect following the Supreme Court's decision to not hear the Apple antitrust case, leaving the current ruling to stand. Though Apple had largely won the case, as the court decided it was not a monopolist, a judge ruled that app makers should be able to steer their customers to the web from links or buttons inside their apps, something that forced Apple to change its App Store rules. But Apple's compliance doesn't give app makers the victory they had hoped, as the tech giant aims to still charge commissions on purchases made outside of apps -- a decision Epic aims to challenge in court. According to statements made by Epic Games CEO Tim Sweeney, shared on X, Apple's "bad-faith" compliance undermines the judge's order that would have allowed buttons or external links "in addition to [in-app purchases.]" The Ninth Circuit District Court had ruled on one count of out ten in favor of Epic in its decision, finding that Apple violated California's Unfair Competition law. The decision meant Apple had to remove the "anti-steering" clause from its agreement with App Store developers. This clause for years had prevented app developers from directing their customers to other ways to pay for in-app purchases or subscriptions from inside their apps, leading to confusing screens or broken features, where customers would have to figure out on their own how to make the necessary purchases from the developer's website.Read more of this story at Slashdot.
Amazon is revamping its Alexa voice assistant as it prepares to launch a new paid subscription plan this year, Business Insider reported Wednesday, citing internal documents and people familiar with the matter. But the change is causing internal conflict and may lead to further delay, the report added. From the report: Tentatively called "Alexa Plus," the paid version of Alexa is intended to offer more conversational and personalized AI technology, said one of the documents obtained by Business Insider. The team is working towards a June 30 launch deadline, and has been testing the underlying voice technology, dubbed "Remarkable Alexa," with 15,000 external customers, these people said. But the quality of the new Alexa's answers is still falling short of expectations, often sharing inaccurate information, external tests have found. Amazon is now going through a major overhaul of Alexa's technology stack to address this issue, though the team is experiencing some discord.Read more of this story at Slashdot.
It's hard to think of a more self-explanatory feature than Circle to Search: it does exactly what it sounds like it does. You circle something on your phone screen, tap a button, and voila! A page full of Google search results telling you about the thing you circled. The Verge: The new feature is launching on five phones to start -- the three members of Samsung's brand-new Galaxy S24 series, as well as Google's Pixel 8 and 8 Pro -- before it comes to other "select, premium" Android phones. Well, maybe it does need a little explaining. If the feature sounds familiar, you might be thinking of Google Lens, which is similar. But instead of opening up the Google app, you can use Circle to Search anywhere on your device. Just long-press the home button if you're using three-button navigation -- or the navigation handle if you're using gesture nav -- and it will appear on top of whatever app or screen you're currently using. You can circle, highlight, or tap a subject, including text as well as images.Read more of this story at Slashdot.
samleecole writes: A food delivery robot company instructed a public university to promote its service on campus with photographs and video featuring only students who "have a healthy-looking BMI," [body mass index] according to emails and documents I obtained via a public records request. The emails also discuss how ordering delivery via robot should become a "habit" for a "captured" customer base of students on campus. These highly specific instructions show how universities around the country are going to extreme lengths to create a welcoming environment on campus for food delivery robots that sometimes have trouble crossing the street and need traffic infrastructure redesigned for them in order to navigate campus, a relatively absurd cache of public records obtained by 404 Media reveals.Read more of this story at Slashdot.
Verizon is writing down the value of its business services division by $5.8 billion, a sign of the company's declining enterprise operations. From a report: The wireless carrier said in a filing Wednesday that the non-cash goodwill impairment charge was due to "secular declines, as well as continuing competitive and macroeconomic pressure." As a result of the impairment, Verizon said the balance of its business unit was $1.7 billion at the end of 2023. The decline is tied to the telecommunications giant's legacy wireline operations, which provide fixed-line communications services for businesses, through copper or fiber wires. This segment has seen demand drop considerably as its mobile business service has surged. Verizon's wireline business revenue fell 8.1% through the third quarter and is likely to stay muted in 2024, according to Bloomberg Intelligence.Read more of this story at Slashdot.
Fujitsu has apologized for its role in the British Post Office scandal, acknowledging that its buggy accounting software contributed to the wrongful prosecutions of hundreds of postal employees. From a report: "Fujitsu would like to apologize for our part in this appalling miscarriage of justice," Paul Patterson, co-CEO of Fujitsu's European division, said in a hearing held by the UK Parliament's Business and Trade Committee. "We were involved from the very start. We did have bugs and errors in the system and we did help the Post Office in their prosecutions of the sub-postmasters. For that we are truly sorry." The committee hearing focused on possible compensation for victims of what has been called "the worst miscarriage of justice in British history." Patterson said that Fujitsu has "a moral obligation" to contribute to the compensation for victims. A BBC report explains that between 1999 and 2015, "more than 900 sub-postmasters and postmistresses were prosecuted for theft and false accounting after money appeared to be missing from their branches, but the prosecutions were based on evidence from faulty Horizon software. Some sub-postmasters wrongfully went to prison, many were financially ruined. Some have since died."Read more of this story at Slashdot.
Google will tweak online search results to give comparison sites more prominence, the company said in a blogpost on Wednesday, as it outlined efforts to comply with new EU tech rules that could hit revenues for some companies. Reuters: Under the European Union's Digital Markets Act (DMA), which the company will have to comply with by March 7, Google is obligated to treat rival services and products the same way as it treats its own when it ranks them in search results. It is also required to allow business users to access the data that they generate when using Google's platform.Read more of this story at Slashdot.
An anonymous reader shares a report: India has warned tech companies that it is prepared to impose bans if they fail to take active measures against deepfake videos, a senior government minister said, on the heels of warning by a well-known personality over a deepfake advertisement using his likeness to endorse a gaming app.Read more of this story at Slashdot.
Speaking of cyber attacks, JPMorgan Chase is targeted by hackers trying to infiltrate its systems 45 billion times a day -- twice the rate at which it was attacked a year earlier -- the bank's head of asset and wealth management has said. FT: Speaking at Davos on Wednesday, Mary Erdoes said the bank spent $15bn on technology every year and employed 62,000 technologists, with many focused solely on combating the rise in cyber crime. "We have more engineers than Google or Amazon. Why? Because we have to," she said. "The fraudsters get smarter, savvier, quicker, more devious, more mischievous." Western lenders have suffered a surge in cyber attacks in the past two years, which has been partly blamed on Russian hackers acting in response to sanctions placed on the country and its banks following its full-scale invasion of Ukraine. But the use of artificial intelligence by cyber criminals has also increased the number of incidents and level of sophistication of attacks.Read more of this story at Slashdot.
An increase in cyber attacks on the healthcare sector is jeopardising patient safety, and prompting some governments to publish new cyber security standards. From a report: Publicly disclosed global cyber security breaches between January and September last year showed that the healthcare sector suffered more attacks (241) than any other sector, ahead of government (147), and information technology including software, hardware and IT services (91), according to research by Omdia, a technology research provider. The most common type of cyber breach in healthcare was hacking, followed by supply chain attacks, "phishing" (where cyber criminals pose as legitimate organisations to trick people into disclosing passwords and payment details), and "ransomware," in which hackers use malicious software -- "malware" -- to encrypt data until the victim pays a ransom to unlock it. "The healthcare sector is such a tempting target [for cyber security criminals] because ... you can put lives at risk," says James Lewis, a cyber security expert at the Center for Strategic and International Studies, a US think-tank. The UK's National Health Service has been hit by significant ransomware attacks. In 2017, the "WannaCry" attack is estimated to have cost the NHS $116.3mn and caused the cancellation of 19,000 patient appointments. Another hacking, in 2022, took down the non-emergency 111 service, and disrupted management systems for mental health services and emergency prescriptions.Read more of this story at Slashdot.
Paul Copplestone, co-founder of Supabase, writing in a blog post: On February 1st 2024, AWS will start charging for IPv4 addresses. This will cost $0.005 per hour -- around $4 month. A more accurate title for this post would be "Brace yourself, IPv4 is leaving," because I can't imagine many companies will pay to keep using the IPv4 address. While $4 is relatively small for an individual, my hypothesis is that AWS is a foundational layer to many infrastructure companies, like Supabase -- we offer a full EC2 instance for every Postgres database, so this would add millions to our AWS bill. Infrastructure companies on AWS have a few choices:1. Pass on the cost to the customer.2. Provide a workaround (for example, a proxy).3. Only offer IPv6 and hope the world will catch up.Read more of this story at Slashdot.
An anonymous reader quotes a report from Ars Technica: Last week, Austria-based Swarovski Optik introduced the AX Visio 10x32 binoculars, which the company says can identify over 9,000 species of birds and mammals using image recognition technology. The company is calling the product the world's first "smart binoculars," and they come with a hefty price tag -- $4,799. "The AX Visio are the world's first AI-supported binoculars," the company says in the product's press release. "At the touch of a button, they assist with the identification of birds and other creatures, allow discoveries to be shared, and offer a wide range of practical extra functions." The binoculars, aimed mostly at bird watchers, gain their ability to identify birds from the Merlin Bird ID project, created by Cornell Lab of Ornithology. As confirmed by a hands-on demo conducted by The Verge, the user looks at an animal through the binoculars and presses a button. A red progress circle fills in while the binoculars process the image, then the identified animal name pops up on the built-in binocular HUD screen within about five seconds. In 2014, a famous xkcd comic strip titled Tasks depicted someone asking a developer to create an app that, when a user takes a photo, will check whether the user is in a national park (deemed easy due to GPS) and check whether the photo is of a bird (to which the developer says, "I'll need a research team and five years"). The caption below reads, "In CS, it can be hard to explain the difference between the easy and the virtually impossible." It's been just over nine years since the comic was published, and while identifying the presence of a bird in a photo was solved some time ago, these binoculars arguably go further by identifying the species of the bird in the photo (it also keeps track of location due to GPS). While apps to identify bird species already exist, this feature is now packed into a handheld pair of binoculars.Read more of this story at Slashdot.
In a new paper published in the journal Science Progress, author Joseph Merz argues that climate issues are symptoms of ecological overshoot, driven by exploited human behaviors such as overconsumption, waste, and population growth. The paper emphasizes the need to change societal norms and behaviors through various means, including using marketing and media strategies to promote sustainable living, rather than solely focusing on technological or policy solutions. The Guardian reports: Merz and colleagues believe that most climate "solutions" proposed so far only tackle symptoms rather than the root cause of the crisis. This, they say, leads to increasing levels of the three "levers" of overshoot: consumption, waste and population. They claim that unless demand for resources is reduced, many other innovations are just a sticking plaster. "We can deal with climate change and worsen overshoot," says Merz. "The material footprint of renewable energy is dangerously underdiscussed. These energy farms have to be rebuilt every few decades -- they're not going to solve the bigger problem unless we tackle demand." "Overshoot" refers to how many Earths human society is using up to sustain -- or grow -- itself. Humanity would currently need 1.7 Earths to maintain consumption of resources at a level the planet's biocapacity can regenerate. Where discussion of climate often centers on carbon emissions, a focus on overshoot highlights the materials usage, waste output and growth of human society, all of which affect the Earth's biosphere. "Essentially, overshoot is a crisis of human behavior," says Merz. "For decades we've been telling people to change their behavior without saying: 'Change your behavior.' We've been saying 'be more green' or 'fly less', but meanwhile all of the things that drive behavior have been pushing the other way. All of these subtle cues and not so subtle cues have literally been pushing the opposite direction -- and we've been wondering why nothing's changing." The paper explores how neuropsychology, social signaling and norms have been exploited to drive human behaviors which grow the economy, from consuming goods to having large families. The authors suggest that ancient drives to belong in a tribe or signal one's status or attract a mate have been co-opted by marketing strategies to create behaviors incompatible with a sustainable world. "People are the victims -- we have been exploited to the point we are in crisis. These tools are being used to drive us to extinction," says the evolutionary behavioral ecologist and study co-author Phoebe Barnard. "Why not use them to build a genuinely sustainable world?" Just one-quarter of the world population is responsible for nearly three-quarters of emissions. The authors suggest the best strategy to counter overshoot would be to use the tools of the marketing, media and entertainment industries in a campaign to redefine our material-intensive socially accepted norms. "We're talking about replacing what people are trying to signal, what they're trying to say about themselves. Right now, our signals have a really high material footprint -- our clothes are linked to status and wealth, their materials sourced from all over the world, shipped to south-east Asia most often and then shipped here, only to be replaced by next season's trends. The things that humans can attach status to are so fluid, we could be replacing all of it with things that essentially have no material footprint -- or even better, have an ecologically positive one."Read more of this story at Slashdot.
An anonymous reader quotes a report from TechCrunch: The Apple-versus-Beeper saga is not over yet it seems, even though the iMessage-on-Android Beeper Mini was removed from the Play Store last week. Now, Apple customers who used Beeper's apps are reporting that they've been banned from using iMessage on their Macs -- a move Apple may have taken to disable Beeper's apps from working properly, but ultimately penalizes its own customers for daring to try a non-Apple solution for accessing iMessage. The latest follows a contentious game of cat-and-mouse between Apple and Beeper, which Apple ultimately won. [...] According to users' recounting of their tech support experiences with Apple, the support reps are telling them their computer has been flagged for spam, or for sending too many messages - even though that's not the case, some argued. This has led many Beeper users to believe this is how Apple is flagging them for removal from the iMessage network. One Beeper customer advised others facing this problem to ask Apple if their Mac was in a "throttled status" or if their Apple ID was blocked for spam to get to the root of the issue. Admitting up front that third-party software was to blame would sometimes result in the support rep being able to lift the ban, some noted. The news of the Mac bans was earlier reported by Apple news site AppleInsider and Times of India, and is being debated on Y Combinator forum site Hacker News. On the latter, some express their belief that the retaliation against Apple's own users is justified as they had violated Apple's terms, while others said that iMessage interoperability should be managed through regulation, not rogue apps. Far fewer argued that Apple is exerting its power in an anticompetitive fashion here.Read more of this story at Slashdot.
Apple has announced several new experiences launching with their upcoming Vision Pro spatial computing headset, including 3D content from Disney Plus. "Other apps announced with Vision Pro support include ESPN, MLB, PGA Tour, Max, Discovery Plus, Amazon Prime Video, Paramount Plus, Peacock, Pluto TV, Tubi, Fubo, Crunchyroll, Red Bull TV, IMAX, TikTok, and MUBI," reports The Verge, noting that Netflix's existing app "will work unmodified on Apple's new headset." From the report: The announcement lists some of the movies that will be in 3D, and naturally, Avatar: The Way of Water is among them. But Vision Pro owners will also get 3D versions of movies like Avengers: Endgame, Star Wars: The Force Awakens, and Encanto. The movies will be available to rent through the Apple TV app, and the company says that anyone who has already bought the movies will now get 3D versions without paying extra. Otherwise, "more titles, including those available exclusively to Disney Plus subscribers, will be announced at a later date." Among the four screening environments for Disney Plus subscribers, one is called the Disney Plus Theater, which the company says takes inspiration from Hollywood's El Capitan Theatre, as well as others based on Pixar's Monsters, Inc., the fictional Avengers Tower from Marvel Avengers films, and one set in the cockpit of a landspeeder sitting in Star Wars' Tatooine desert. Besides Disney content, Apple mentioned the Apple TV app will have some free "immersive entertainment" that includes Alicia Keys: Rehearsal Room and a film from Planet Earth producers called Prehistoric Planet Immersive. The $3,499 Vision Pro headset will start shipping on February 2nd. Pre-orders begin January 19th at 8AM ET.Read more of this story at Slashdot.
Uber is shutting down alcohol delivery service Drizly three years after the company acquired it for $1.1 billion. Axios reports: Drizly was always a bit of an odd match for Uber, in that it didn't hire or contract its own delivery workers. Instead, Drizly provided backend tech that let local liquor stores provide their own deliveries. The bigger issue, however, might have been cybersecurity. Drizly in 2020 confirmed a hack that exposed information on around 2.5 million customers. What it didn't say, however, was that the company had been aware of the security flaw for two years without fixing it. That information was discovered by the Federal Trade Commission, after Uber's acquisition of Drizly, and led to an FTC order that restricted the types of customer information that Drizly could collect and retain. "After three years of Drizly operating independently within the Uber family, we've decided to close the business and focus on our core Uber Eats strategy of helping consumers get almost anything -- from food to groceries to alcohol -- all on a single app," said Pierre-Dimitri Gore-Coty, Uber's SVP of delivery. "We're grateful to the Drizly team for their many contributions to the growth of the BevAlc delivery category as the original industry pioneer."Read more of this story at Slashdot.
An LG washing machine owner discovered that his smart home appliance was uploading an average of 3.66GB of data daily. "Concerned about the washer's internet addiction, Johnie forced the device to go cold turkey and blocked it using his router UI," reports Tom's Hardware. From the report: Johnie's initial screenshot showed that on a chosen day, the device uploaded 3.57GB and downloaded about 100MB, and the data traffic was almost constant. Meanwhile, according to the Asus router interface screenshot, the washing machine accounted for just shy of 5% of Johnie's internet traffic daily. The LG washing machine owner saw the fun in his predicament and joked that the device might use Wi-Fi for "DLCs (Downloadable Laundry Cycles)." He wasn't entirely kidding: The machine does download presets for various types of apparel. However, the lion's share of the data transferred was uploaded. Working through the thread, we note that Johnie also pondered the possibility of someone using his washing machine for crypto mining. "I'd gladly rent our LPU (Laundry Processing Unit) by the hour," he quipped. Again, there was the glimmer of a possibility that there could be truth behind this joke. Another social media user highlighted a history of hackers taking over LG smart-connected appliances. The SmartThinQ home appliances HomeHack vulnerability was patched several weeks after being made public. A similar modern hack might use the washing machine's computer resources as part of a botnet. Taking control of an LG washing machine as part of a large botnet for cryptocurrency mining or nefarious networking purposes wouldn't be as far-fetched as it sounds. Large numbers of relatively low-power devices can be formidable together. One of the more innocent theories regarding the significant data uploads suggested laundry data was being uploaded to LG so it could improve its LLM (Large Laundry Model). It sought to do this to prepare for the launch of its latest "AI washer-dryer combo" at CES, joked Johnie. For now, it looks like the favored answer to the data mystery is to blame Asus for misreporting it. We may never know what happened with Johnie, who is now running his LG washing machine offline. Another relatively innocent reason for the supposed high volume of uploads could be an error in the Asus router firmware. In a follow-up post a day after his initial Tweet, Johnie noted "inaccuracy in the ASUS router tool," with regard to Apple iMessage data use. Other LG smart washing machine users showed device data use from their router UIs. It turns out that these appliances more typically use less than 1MB per day.Read more of this story at Slashdot.
Apple has announced changes to its U.S. App Store, allowing developers to link to alternative payment methods, "provided that the app also offer purchases through Apple's own In-App Purchase system," reports 9to5Mac. The change comes in light of the Supreme Court declining to hear Apple's appeal in its legal battle with Epic Games. From the report: The guideline says that developers can apply for an entitlement that allows them to include buttons or links directing users to out-of-app purchasing mechanisms: "Developers may apply for an entitlement to provide a link in their app to a website the developer owns or maintains responsibility for in order to purchase such items. Learn more about the entitlement. In accordance with the entitlement agreement, the link may inform users about where and how to purchase those in-app purchase items, and the fact that such items may be available for a comparatively lower price. The entitlement is limited to use only in the iOS or iPadOS App Store on the United States storefront. In all other storefronts, apps and their metadata may not include buttons, external links, or other calls to action that direct customers to purchasing mechanisms other than in-app purchase." According to Apple, the link to an alternative payment platform can only be displayed on "one app page the end user navigates to (not an interstitial, modal, or pop-up), in a single, dedicated location on such page, and may not persist beyond that page." Apple has provided templates that developers can use for communicating with customers about alternative in-app payment systems [...]. Apple has also confirmed that it will charge a commission on purchases made through alternative payment platforms. This commission will be 12% for developers who are a member of the App Store Small Business Program and 27% for other apps. The commission will apply to "purchases made within seven days after a user taps on an External Purchase Link and continues from the system disclosure sheet to an external website." Apple says developers will be required to provide accounting of qualifying out-of-app purchases and remit the appropriate commissions. [...] However, Apple also says that collecting this commission will be "exceedingly difficult and, in many cases, impossible." [...] The other anti-steering change that Apple is required to make is to allow developers to communicate with customers outside of their apps about alternative purchasing options, such as via email. Apple made this change in 2021 as part of its settlement of a class-action lawsuit brought on by small developers.Read more of this story at Slashdot.
An anonymous reader quotes a report from 404 Media: Google search really has been taken over by low-quality SEO spam, according to a new, year-long study by German researchers (PDF). The researchers, from Leipzig University, Bauhaus-University Weimar, and the Center for Scalable Data Analytics and Artificial Intelligence, set out to answer the question "Is Google Getting Worse?" by studying search results for 7,392 product-review terms across Google, Bing, and DuckDuckGo over the course of a year. They found that, overall, "higher-ranked pages are on average more optimized, more monetized with affiliate marketing, and they show signs of lower text quality ... we find that only a small portion of product reviews on the web uses affiliate marketing, but the majority of all search results do." They also found that spam sites are in a constant war with Google over the rankings, and that spam sites will regularly find ways to game the system, rise to the top of Google's rankings, and then will be knocked down. "SEO is a constant battle and we see repeated patterns of review spam entering and leaving the results as search engines and SEO engineers take turns adjusting their parameters," they wrote. They note that Google, Bing, and DuckDuckGo are regularly tweaking their algorithms and taking down content that is outright spam, but that, overall, this leads only to "a temporary positive effect." "Search engines seem to lose the cat-and-mouse game that is SEO spam," they write. Notably, Google, Bing, and DuckDuckGo all have the same problems, and in many cases, Google performed better than Bing and DuckDuckGo by the researchers' measures. The researchers warn that this rankings war is likely to get much worse with the advent of AI-generated spam, and that it genuinely threatens the future utility of search engines: "the line between benign content and spam in the form of content and link farms becomes increasingly blurry -- a situation that will surely worsen in the wake of generative AI. We conclude that dynamic adversarial spam in the form of low-quality, mass-produced commercial content deserves more attention."Read more of this story at Slashdot.
Version 9.0 of Wine, the free and open-source compatibility layer that lets you run Windows apps on Unix-like operating systems, has been released. "Highlights of Wine 9.0 include an experimental Wayland graphics driver with features like basic window management, support for multiple monitors, high-DPI scaling, relative motion events, as well as Vulkan support," reports 9to5Linux. From the report: The Vulkan driver has been updated to support Vulkan 1.3.272 and later, the PostScript driver has been reimplemented to work from Windows-format spool files and avoid any direct calls from the Unix side, and there's now a dark theme option on WinRT theming that can be enabled in WineCfg. Wine 9.0 also adds support for many more instructions to Direct3D 10 effects, implements the Windows Media Video (WMV) decoder DirectX Media Object (DMO), implements the DirectShow Audio Capture and DirectShow MPEG-1 Video Decoder filters, and adds support for video and system streams, as well as audio streams to the DirectShow MPEG-1 Stream Splitter filter. Desktop integration has been improved in this release to allow users to close the desktop window in full-screen desktop mode by using the "Exit desktop" entry in the Start menu, as well as support for export URL/URI protocol associations as URL handlers to the Linux desktop. Audio support has been enhanced in Wine 9.0 with the implementation of several DirectMusic modules, DLS1 and DLS2 sound font loading, support for the SF2 format for compatibility with Linux standard MIDI sound fonts, Doppler shift support in DirectSound, Indeo IV50 Video for Windows decoder, and MIDI playback in dmsynth. Among other noteworthy changes, Wine 9.0 brings loader support for ARM64X and ARM64EC modules, along with the ability to run existing Windows binaries on ARM64 systems and initial support for building Wine for the ARM64EC architecture. There's also a new 32-bit x86 emulation interface, a new WoW64 mode that supports running of 32-bit apps on recent macOS versions that don't support 32-bit Unix processes, support for DirectInput action maps to improve compatibility with many old video games that map controller inputs to in-game actions, as well as Windows 10 as the default Windows version for new prefixes. Last but not least, the kernel has been updated to support address space layout randomization (ASLR) for modern PE binaries, better memory allocation performance through the Low Fragmentation Heap (LFH) implementation, and support memory placeholders in the virtual memory allocator to allow apps to reserve virtual space. Wine 9.0 also adds support for smart cards, adds support for Diffie-Hellman keys in BCrypt, implements the Negotiate security package, adds support for network interface change notifications, and fixes many bugs. For a full list of changes, check out the release notes. You can download Wine 9.0 from WineHQ.Read more of this story at Slashdot.
According to Bloomberg, China's chip import value dropped significantly by 15.4% in 2023, from $413 billion to $349 billion. "Chip sales were down across the board in 2023 thanks to a weakening global economy, but China's chip imports indicate that its economy might be in trouble," reports Tom's Hardware. "The country's inability to import cutting-edge silicon is also certainly a factor in its decreasing chip imports." From the report: In 2022, the value of chip imports to China stood at $413 billion, and in 2023 the country only imported chips worth a total of $349 billion, a 15.4% decrease in value. That a drop happened at all isn't surprising; even TSMC, usually considered to be one of the most advanced fabbing corporation in the world, saw its sales decline by 4.5%. However, a 15.4% decrease in shipments is much more significant, and indicates China has particular issues other than weaker demand across the world. China's ongoing economic issues, such as its high deflation could play a part. Deflation is when currency increases in value, the polar opposite of inflation, when currency loses value. As inflation has been a significant problem for countries such as the U.S. and UK, deflation might sound much more appealing, but economically it can be problematic. A deflationary economy encourages consumers not to spend, since money is increasing in value, meaning buyers can purchase more if they wait. In other words, deflation decreases demand for products like semiconductors. However, shipment volume only decreased by 10.8% compared to the 15.4% decline in value, meaning the chips that China didn't buy in 2023 were particularly valuable. This likely reflects U.S. sanctions on China, which prevents it from buying top-end graphics cards, especially from Nvidia. The H100, H200, GH200, and the RTX 4090 are illegal to ship to China, and they're some of Nvidia's best GPUs. The moving target for U.S. sanctions could also make exporters and importers more tepid, as it's hard to tell if more sanctions could suddenly upend plans and business deals.Read more of this story at Slashdot.
An anonymous reader quotes a report from Ars Technica: Google is updating the warning on Chrome's Incognito mode to make it clear that Google and websites run by other companies can still collect your data in the web browser's semi-private mode. The change is being made as Google prepares to settle a class-action lawsuit that accuses the firm of privacy violations related to Chrome's Incognito mode. The expanded warning was recently added to Chrome Canary, a nightly build for developers. The warning appears to directly address one of the lawsuit's complaints, that the Incognito mode's warning doesn't make it clear that Google collects data from users of the private mode. Many tech-savvy people already know that while private modes in web browsers prevent some data from being stored on your device, they don't prevent tracking by websites or Internet service providers. But many other people may not understand exactly what Incognito mode does, so the more specific warning could help educate users. The new warning seen in Chrome Canary when you open an incognito window says: "You've gone Incognito. Others who use this device won't see your activity, so you can browse more privately. This won't change how data is collected by websites you visit and the services they use, including Google." The wording could be interpreted to refer to Google websites and third-party websites, including third-party websites that rely on Google ad services. The new warning was not yet in the developer, beta, and stable branches of Chrome as of today. It also wasn't in Chromium. The change to Canary was previously reported by MSPowerUser. Incognito mode in the stable version of Chrome still says: "You've gone Incognito. Now you can browse privately, and other people who use this device won't see your activity." Among other changes, the Canary warning replaces "browse privately" with "browse more privately." The stable and Canary warnings both say that your browsing activity might still be visible to "websites you visit," "your employer or school," or "your Internet service provider." But only the Canary warning currently includes the caveat that Incognito mode "won't change how data is collected by websites you visit and the services they use, including Google." The old and new warnings both say that Incognito mode prevents Chrome from saving your browsing history, cookies and site data, and information entered in forms, but that "downloads, bookmarks and reading list items will be saved." Both warnings link to this page, which provides more detail on Incognito mode.Read more of this story at Slashdot.
Slashdot