[Most Recent Entries] [Calendar View]
Thursday, February 29th, 2024
| Time | Event |
| 12:02a | StarCoder 2 Is a Code-Generating AI That Runs On Most GPUs An anonymous reader quotes a report from TechCrunch: Perceiving the demand for alternatives, AI startup Hugging Face several years ago teamed up with ServiceNow, the workflow automation platform, to create StarCoder, an open source code generator with a less restrictive license than some of the others out there. The original came online early last year, and work has been underway on a follow-up, StarCoder 2, ever since. StarCoder 2 isn't a single code-generating model, but rather a family. Released today, it comes in three variants, the first two of which can run on most modern consumer GPUs: A 3-billion-parameter (3B) model trained by ServiceNow; A 7-billion-parameter (7B) model trained by Hugging Face; and A 15-billion-parameter (15B) model trained by Nvidia, the newest supporter of the StarCoder project. (Note that "parameters" are the parts of a model learned from training data and essentially define the skill of the model on a problem, in this case generating code.)a Like most other code generators, StarCoder 2 can suggest ways to complete unfinished lines of code as well as summarize and retrieve snippets of code when asked in natural language. Trained with 4x more data than the original StarCoder (67.5 terabytes versus 6.4 terabytes), StarCoder 2 delivers what Hugging Face, ServiceNow and Nvidia characterize as "significantly" improved performance at lower costs to operate. StarCoder 2 can be fine-tuned "in a few hours" using a GPU like the Nvidia A100 on first- or third-party data to create apps such as chatbots and personal coding assistants. And, because it was trained on a larger and more diverse data set than the original StarCoder (~619 programming languages), StarCoder 2 can make more accurate, context-aware predictions -- at least hypothetically. [I]s StarCoder 2 really superior to the other code generators out there -- free or paid? Depending on the benchmark, it appears to be more efficient than one of the versions of Code Llama, Code Llama 33B. Hugging Face says that StarCoder 2 15B matches Code Llama 33B on a subset of code completion tasks at twice the speed. It's not clear which tasks; Hugging Face didn't specify. StarCoder 2, as an open source collection of models, also has the advantage of being able to deploy locally and "learn" a developer's source code or codebase -- an attractive prospect to devs and companies wary of exposing code to a cloud-hosted AI. Hugging Face, ServiceNow and Nvidia also make the case that StarCoder 2 is more ethical -- and less legally fraught -- than its rivals. [...] As opposed to code generators trained using copyrighted code (GitHub Copilot, among others), StarCoder 2 was trained only on data under license from the Software Heritage, the nonprofit organization providing archival services for code. Ahead of StarCoder 2's training, BigCode, the cross-organizational team behind much of StarCoder 2's roadmap, gave code owners a chance to opt out of the training set if they wanted. As with the original StarCoder, StarCoder 2's training data is available for developers to fork, reproduce or audit as they please. StarCoder 2's license may still be a roadblock for some. "StarCoder 2 is licensed under the BigCode Open RAIL-M 1.0, which aims to promote responsible use by imposing 'light touch' restrictions on both model licensees and downstream users," writes TechCrunch's Kyle Wiggers. "While less constraining than many other licenses, RAIL-M isn't truly 'open' in the sense that it doesn't permit developers to use StarCoder 2 for every conceivable application (medical advice-giving apps are strictly off limits, for example). Some commentators say RAIL-M's requirements may be too vague to comply with in any case -- and that RAIL-M could conflict with AI-related regulations like the EU AI Act." 
Read more of this story at Slashdot. |
| 12:45a | European Parliament Bans Amazon From Its Premises Longtime Slashdot reader Kant shares a report from Euractiv: The European Parliament decided to ban Amazon representatives from accessing its buildings on Tuesday (February 27), due to multiple events where the global retailing giant did not attend meetings requested by members of the European Parliament, the European Parliament press service confirmed Euractiv. "In line with rule 123/3 and at the request of the [Employment and Social Affairs] Committee, the Quaestors have authorized the Secretary General [Alessandro Chiocchetti] to withdraw the long-term access badges of the interest representatives of Amazon." It is now the responsibility of the secretary general to concretely initiate the process of withdrawing their badges and to determine the duration of the ban, a European Parliament source close to the matter told Euractiv. According to the EMPL chair Dragos Pislaru, who signed the letter, the US e-commerce company refuses to attend more than one meeting with EU lawmakers to discuss the condition of Amazon workers. Four cases are mentioned in the letter. The first occurred in May 2021, when Amazon did not attend a parliamentary committee meeting on "Amazon attacks on fundamental workers' rights and freedoms: freedom of assembly and association, and the right to collective bargain and action." The second event concerns the refusal by Amazon CEO Jeff Bezos to attend an exchange of views with EU lawmakers -- instead, the company sent a written answer. The last two episodes happened in December 2023 and January 2024. In the former event, Amazon refused access to its facilities in German and Poland to a MEP, while on the latter, the company did not attend another parliamentary committee meeting dedicated to Amazon workers' conditions. In a statement to Euractiv, an Amazon spokesperson said: "We are very disappointed with this decision, as we want to engage constructively with policymakers. [...] Our commitment continues despite this decision. Amazon regularly participates in activities organized by the European Parliament and other EU institutions -- including Parliamentary hearings -- and we remain committed to participating in balanced, constructive dialogue on issues that affect European citizens."
Read more of this story at Slashdot. |
| 1:01a | Cloudflare Makes Pingora Rust Framework Open-Source Michael Larabel reports via Phoronix: Back in 2022 Cloudflare announced they were ditching Nginx for an in-house, Rust-written software called Pingora. Today Cloudflare is open-sourcing the Pingora framework. Cloudflare announced today that they have open-sourced Pingora under an Apache 2.0 license. Pingora is a Rust async multi-threaded framework for building programmable network services. Pingora has long been used internally within Cloudflare and is capable of sustaining a lot of traffic while now Pingora is being open-sourced for helping to build infrastructure outside of Cloudflare. The Pingora Rust code is available on GitHub.
Read more of this story at Slashdot. |
| 1:25a | The Intercept, Raw Story, and AlterNet Sue OpenAI and Microsoft The Intercept, Raw Story, and AlterNet have filed separate lawsuits against OpenAI and Microsoft, alleging copyright infringement and the removal of copyright information while training AI models. The Verge reports: The publications said ChatGPT "at least some of the time" reproduces "verbatim or nearly verbatim copyright-protected works of journalism without providing author, title, copyright or terms of use information contained in those works." According to the plaintiffs, if ChatGPT trained on material that included copyright information, the chatbot "would have learned to communicate that information when providing responses." Raw Story and AlterNet's lawsuit goes further (PDF), saying OpenAI and Microsoft "had reason to know that ChatGPT would be less popular and generate less revenue if users believed that ChatGPT responses violated third-party copyrights." Both Microsoft and OpenAI offer legal cover to paying customers in case they get sued for violating copyright for using Copilot or ChatGPT Enterprise. The lawsuits say that OpenAI and Microsoft are aware of potential copyright infringement. As evidence, the publications point to how OpenAI offers an opt-out system so website owners can block content from its web crawlers. The New York Times also filed a lawsuit in December against OpenAI, claiming ChatGPT faithfully reproduces journalistic work. OpenAI claims the publication exploited a bug on the chatbot to regurgitate its articles.
Read more of this story at Slashdot. |
| 3:30a | Wildfires Threaten Nuclear Weapons Plant In Texas An anonymous reader quotes a report from The Independent: Wildfires sweeping across Texas briefly forced the evacuation of America's main nuclear weapons facility as strong winds, dry grass and unseasonably warm temperatures fed the blaze. Pantex Plant, the main facility that assembles and disassembles America's nuclear arsenal, shut down its operations on Tuesday night as the Windy Deuce fire roared towards the Potter County location. Pantex re-opened and resumed operations as normal on Wednesday morning. Pantex is about 17 miles (27.36 kilometers) northeast of Amarillo and some 320 miles (515 kilometers) northwest of Dallas. Since 1975 it has been the US's main assembly and disassembly site for its atomic bombs. It assembled the last new bomb in 1991. "We have evacuated our personnel, non-essential personnel from the site, just in an abundance of caution," said Laef Pendergraft, a spokesperson for National Nuclear Security Administration's Production Office at Pantex. "But we do have a well-equipped fire department that has trained for these scenarios, that is on-site and watching and ready should any kind of real emergency arise on the plant site."
Read more of this story at Slashdot. |
| 7:00a | 'Mathematically Perfect' Star System Being Investigated For Potential Alien Tech Astronomers are investigating a star system 100 light-years away with six sub-Neptune planets in near-perfect orbital resonance, piquing the interest of scientists searching for alien technology, or technosignatures. Space.com reports: To be clear, no such evidence was found in the system, dubbed HD 110067. However, the researchers say they're not done looking yet. HD 11067 remains an interesting target for similar observations in the future. In our own tiny pocket of the cosmos, radio waves from satellites and telescopes beaming out in the plane of our solar system, meaning that if somebody outside our solar system watched Earth cross the face of our sun, they'd maybe be able to pick up a signal that coincides with the planet's transit. HD 110067 is viewed edge on from Earth, so we are seeing the six planets in the plane of their system -- a view that gives us an excellent chance of picking up such a signal if there exists one, study co-author Steve Croft, a radio astronomer working with the life-searching Breakthrough Listen program at the University of California, Berkeley, told Space.com "Our technology in our own solar system has spread outside the habitable zone," Croft told Space.com. So technology-friendly civilization in HD 110067, if any, may have communication relays set up on multiple planets in the system, he said. "Even if it is a negative result, that still tells us something." When HD 110067's discovery was announced, Croft and his team used the world's largest fully steerable telescope, the Green Bank Telescope (GBT) in West Virginia, and searched the system for signs of alien technology. The researchers looked for signals that were continuously present when the telescope was pointed at the system and absent when directed away, the smoking gun of technosignatures local to HD 110067. But such signals are difficult to distinguish from natural sources of radio waves and humankind's own technological signals, such as radio waves beaming from cell phones connected to Wi-Fi, SpaceX's Starlink satellite network in low Earth orbit. This creates a haystack of signals in which researchers look for a needle of a potential extraterrestrial signal, said Croft. "I should add we don't know if there are needles in the haystack," he said. "We don't really know what the needles look like." The research has been published in the journal Research Notes of the AAS.
Read more of this story at Slashdot. |
| 10:00a | Winklevoss Twins' Start-Up Will Pay Burned Customers $1 Billion Emily Shugerman reports via The Daily Beast: Gemini, the crypto startup owned by the Winklevoss twins, will have to return $1.1 billion to customers who lost money in their partnership with the now-bankrupt crypto lender Genesis. In a deal with the New York State Department of Financial Services, Gemini agreed to return the funds lost by customers of its Earn program, in which users could loan their crypto to Genesis in exchange for interest payments. According to the Department of Financial Services, Gemini "did not fully vet or sufficiently monitor [Genesis] throughout the life of Earn," and the company defaulted on its loans and then went bankrupt, leaving some 200,000 Earn customers empty-handed. "Gemini failed to conduct due diligence on an unregulated third party, later accused of massive fraud, harming Earn customers who were suddenly unable to access their assets after Genesis Global Capital experienced a financial meltdown," DFS Superintendent Adrienne A.Harris said in a statement. "Today's settlement is a win for Earn customers, who have a right to the assets they entrusted to Gemini." In a tweet, Gemini said it was "pleased to announce that we have finally reached a settlement in principle with Genesis and other creditors in the Genesis Bankruptcy that will, if approved by the Bankruptcy Court, result in all Earn users receiving 100% of their digital assets back in kind." The DFS said Gemini would also pay $40 million to the Genesis bankruptcy for the benefit of Earn customers, as well as a $37 million fine for "significant failures that threatened the safety and soundness of the company."
Read more of this story at Slashdot. |
| 1:00p | GitHub Besieged By Millions of Malicious Repositories In Ongoing Attack An anonymous reader quotes a report from Ars Technica: GitHub is struggling to contain an ongoing attack that's flooding the site with millions of code repositories. These repositories contain obfuscated malware that steals passwords and cryptocurrency from developer devices, researchers said. The malicious repositories are clones of legitimate ones, making them hard to distinguish to the casual eye. An unknown party has automated a process that forks legitimate repositories, meaning the source code is copied so developers can use it in an independent project that builds on the original one. The result is millions of forks with names identical to the original one that add a payload that's wrapped under seven layers of obfuscation. To make matters worse, some people, unaware of the malice of these imitators, are forking the forks, which adds to the flood. "Most of the forked repos are quickly removed by GitHub, which identifies the automation," Matan Giladi and Gil David, researchers at security firm Apiiro, wrote Wednesday. "However, the automation detection seems to miss many repos, and the ones that were uploaded manually survive. Because the whole attack chain seems to be mostly automated on a large scale, the 1% that survive still amount to thousands of malicious repos." Given the constant churn of new repos being uploaded and GitHub's removal, it's hard to estimate precisely how many of each there are. The researchers said the number of repos uploaded or forked before GitHub removes them is likely in the millions. They said the attack "impacts more than 100,000 GitHub repositories." GitHub issued the following statement: "GitHub hosts over 100M developers building across over 420M repositories, and is committed to providing a safe and secure platform for developers. We have teams dedicated to detecting, analyzing, and removing content and accounts that violate our Acceptable Use Policies. We employ manual reviews and at-scale detections that use machine learning and constantly evolve and adapt to adversarial tactics. We also encourage customers and community members to report abuse and spam."
Read more of this story at Slashdot. |
| 2:01p | HDMI Forum Rejects Open-Source HDMI 2.1 Driver Support Sought By AMD Michael Larabel, reporting at Phoronix: One of the limitations of AMD's open-source Linux graphics driver has been the inability to implement HDMI 2.1+ functionality on the basis of legal requirements by the HDMI Forum. AMD engineers had been working to come up with a solution in conjunction with the HDMI Forum for being able to provide HDMI 2.1+ capabilities with their open-source Linux kernel driver, but it looks like those efforts for now have concluded and failed. For three years there has been a bug report around 4K@120Hz being unavailable via HDMI 2.1 on the AMD Linux driver. Similarly, there have been bug reports like 5K @ 240Hz not possible either with the AMD graphics driver on Linux. As covered back in 2021, the HDMI Forum closing public specification access is hurting open-source support. AMD as well as the X.Org Foundation have been engaged with the HDMI Forum to try to come up with a solution to be able to provide open-source implementations of the now-private HDMI specs. AMD Linux engineers have spent months working with their legal team and evaluating all HDMI features to determine if/how they can be exposed in their open-source driver. AMD had code working internally and then the past few months were waiting on approval from the HDMI Forum. Sadly, the HDMI Forum has turned down AMD's request for open-source driver support.
Read more of this story at Slashdot. |
| 2:40p | Adobe's New Prototype Generative AI Tool Is the 'Photoshop' of Music-Making and Editing Adobe has announced a new prototype tool called Project Music GenAI Control that allows users to create original music by inputting text prompts, then edit the audio without switching to separate software. Users can specify musical styles in their prompts to produce tracks like "happy dance" or "sad jazz." Adobe says integrated editing controls let users tweak patterns, tempo, intensity and structure of the AI-generated music. Sections can be remixed and looped as backing tracks or background music. The tool can also adjust audio "based on a reference melody" and extend clip length for set animations or podcasts. Details on editing interface and upload options for custom reference tracks are unclear.
Read more of this story at Slashdot. |
| 3:21p | US Will Investigate National Security Risks Posed By Chinese-made 'Smart Cars' Citing potential national security risks, the Biden administration says it will investigate Chinese-made "smart cars" that can gather sensitive information about Americans driving them. From a report: The probe could lead to new regulations aimed at preventing China from using sophisticated technology in electric cars and other so-called connected vehicles to track drivers and their personal information. Officials are concerned that features such as driver assistance technology could be used to effectively spy on Americans. While the action stops short of a ban on Chinese imports, President Joe Biden said he is taking unprecedented steps to safeguard Americans' data. "China is determined to dominate the future of the auto market, including by using unfair practices," Biden said in a statement Thursday. "China's policies could flood our market with its vehicles, posing risks to our national security. I'm not going to let that happen on my watch." Biden and other officials noted that China has imposed wide-ranging restrictions on American autos and other foreign vehicles. Commerce Secretary Gina Raimondo said connected cars "are like smart phones on wheels" and pose a serious national security risk.
Read more of this story at Slashdot. |
| 4:01p | 'Paying People To Work on Open Source is Good Actually' Jacob Kaplan-Moss, one of the lead developers of Django, writes in a long post that he says has come from a place of frustration: [...] Instead, every time a maintainer finds a way to get paid, people show up to criticize and complain. Non-OSI licenses "don"t count" as open source. Someone employed by Microsoft is "beholden to corporate interests" and not to be trusted. Patreon is "asking for handouts." Raising money through GitHub sponsors is "supporting Microsoft's rent-seeking." VC funding means we're being set up for a "rug pull" or "enshitification." Open Core is "bait and switch." None of this is hypothetical; each of these examples are actual things I've seen said about maintainers who take money for their work. One maintainer even told me he got criticized for selling t-shirts! Look. There are absolutely problems with every tactic we have to support maintainers. It's true that VC investment comes with strings attached that often lead to problems down the line. It sucks that Patreon or GitHub (and Stripe) take a cut of sponsor money. The additional restrictions imposed by PolyForm or the BSL really do go against the Freedom 0 ideal. I myself am often frustrated by discovering that some key feature I want out of an open core tool is only available to paid licensees. But you can criticize these systems while still supporting and celebrating the maintainers! Yell at A16Z all you like, I don't care. (Neither do they.) But yelling at a maintainer because they took money from a VC is directing that anger in the wrong direction. The structural and societal problems that make all these different funding models problematic aren't the fault of the people trying to make a living doing open source. It's like yelling at someone for shopping at Dollar General when it's the only store they have access to. Dollar General's predatory business model absolutely sucks, as do the governmental policies that lead to food deserts, but none of that is on the shoulders of the person who needs milk and doesn't have alternatives.
Read more of this story at Slashdot. |
| 4:43p | 'Anyone Rooting Against Self-driving Cars is Cheering For Tens of Thousands of Deaths, Year After Year' Journalist Eric Newcomer, writing at The Free Press: There was a time when I believed that self-driving cars should be held to the standard of airplanes. Every mistake needed to be rigorously understood and any human death was unforgivable. But my view has evolved over time as human drivers have continued to kill tens of thousands of people a year. We need a solution that's meaningfully better than human drivers, yes, but we shouldn't wait for perfection before we start getting dangerous human drivers off the streets. Lost in all the fulminating about automation and big-tech tyranny is the fact that self-driving cars are an attempt to solve a very serious problem. Traffic fatalities are a leading cause of death in the United States for anyone between the ages of 1 and 54. About 40,000 people die in car crashes a year in the U.S., with about one-third involving drunk drivers. There's a natural, though irrational, human bias toward the status quo. We tend to believe that things are the way they are for a good reason. But of course, technology has drastically improved human lives and human life spans already. Why stop now that more powerful computer chips and sophisticated artificial intelligence models open up new possibilities? [...] Leaving aside seething hostility toward tech and private capital, and worries over job losses, the most credible objection to self-driving cars from the left is the fear that deploying them means doubling down on roads and sprawl, and undermining support for public transportation projects. But there's no reason self-driving cars and public transportation need to be at odds. They can fulfill different needs. Autonomous vehicles are being deployed in San Francisco in fleets through ride-hailing programs, reducing the need for personal car ownership. If we can get self-driving cars working, self-driving buses on regular routes should be even easier. And contrary to the view that driverless cars are being deployed unilaterally by tech billionaires, the people's representatives -- government officials -- gave Alphabet-owned Waymo a license to operate. Our roads and motor vehicles are tightly regulated. Single incidents have derailed self-driving car projects, from Uber and more recently, GM-owned Cruise, while human drivers kill tens of thousands a year unimpeded.
Read more of this story at Slashdot. |
| 5:22p | Avoiding Common Pitfalls When First Contributing To Open Source Angie Byron, a long-time member of the Drupal community, offers guidance on avoiding common mistakes and general good-practices for those new to contributing to open-source projects: [...] You might not know it yet, but as a newcomer to an open source project, you have this AMAZING superpower: you are often-times the only one in that whole project capable of reading the documentation through new eyes. Because I can guarantee, the people who wrote that documentation are not new. :-) So take time to read the docs and file issues (or better yet, pull requests) for anything that was unclear. This lets you get a "feel" for contributing in a project/community without needing to go way down the deep end of learning coding standards and unit tests and commit signing and whatever other bananas things they're about to make you do. :) Also, people are more likely to take time to help you, if you've helped them first!
Read more of this story at Slashdot. |
| 6:01p | Ultraprocessed Foods Linked To Heart Disease, Diabetes, Mental Disorders and Early Death, Study Finds Eating ultraprocessed foods raises the risk of developing or dying from dozens of adverse health conditions, according to a new review of 45 meta-analyses on almost 10 million people. From a report: "We found consistent evidence linking higher intakes of ultra-processed foods with over 70% of the 45 different health outcomes we assessed," said senior author Wolfgang Marx, a senior research fellow at the Food & Mood Centre at Deakin University in Geelong, Australia, in an email. A higher intake was considered about one serving or about 10% more ultraprocessed foods per day, said Heinz Freisling, a scientist in the nutrition and metabolism branch of the World Health Organization's International Agency for Research on Cancer, in an email. "This proportion can be regarded as 'baseline' and for people consuming more than this baseline, the risk might increase," said Freisling, who was not involved in the study. Researchers graded each study as having credible or strong, highly suggestive, suggestive, weak or no evidence. All the studies in the review were published in the past three years, and none was funded by companies involved in the production of ultraprocessed foods, the authors said. "Strong evidence shows that a higher intake of ultra-processed foods was associated with approximately 50% higher risk of cardiovascular disease-related death and common mental disorders," said lead author Dr. Melissa Lane, a postdoctoral research fellow at Deakin, in an email. Cardiovascular disease encompasses heart attacks, stroke, clogged arteries and peripheral artery disease. The study: Ultra-processed food exposure and adverse health outcomes: umbrella review of epidemiological meta-analyses (BMJ)
Read more of this story at Slashdot. |
| 6:41p | Microsoft is Working With Nvidia, AMD and Intel To Improve Upscaling Support in PC Games Microsoft has outlined a new Windows API designed to offer a seamless way for game developers to integrate super resolution AI-upscaling features from Nvidia, AMD, and Intel. From a report: In a new blog post, program manager Joshua Tucker describes Microsoft's new DirectSR API as the "missing link" between games and super resolution technologies, and says it should provide "a smoother, more efficient experience that scales across hardware." "This API enables multi-vendor SR [super resolution] through a common set of inputs and outputs, allowing a single code path to activate a variety of solutions including Nvidia DLSS Super Resolution, AMD FidelityFX Super Resolution, and Intel XeSS," the post reads. The pitch seems to be that developers will be able to support this DirectSR API, rather than having to write code for each and every upscaling technology. The blog post comes a couple of weeks after an "Automatic Super Resolution" feature was spotted in a test version of Windows 11, which promised to "use AI to make supported games play more smoothly with enhanced details." Now, it seems the feature will plug into existing super resolution technologies like DLSS, FSR, and XeSS rather than offering a Windows-level alternative.
Read more of this story at Slashdot. |
| 7:21p | Apple Wants You To Know It's Working On AI Apple plans to disclose more about its plans to put generative AI to use later this year, Chief Executive Officer Tim Cook said during the company's annual shareholder meeting on Wednesday. From a report: Cook said that the iPhone maker sees "incredible breakthrough potential for generative AI, which is why we're currently investing significantly in this area. We believe that will unlock transformative opportunities for users when it comes to productivity, problem solving and more." Apple has been slower in rolling out generative AI, which can generate human-like responses to written prompts, than rivals such as Microsoftand Alphabet's Google, which are weaving them into products. On Wednesday, Cook argued that AI is already at work behind the scenes in Apple's products but said there would be more news on explicit AI features later this year. Bloomberg previously reported Apple plans to use AI to improve the ability to search through data stored on Apple devices. "Every Mac that is powered by Apple silicon is an extraordinarily capable AI machine. In fact, there's no better computer for AI on the market today," Cook said.
Read more of this story at Slashdot. |
| 8:00p | 'Grand Theft Auto' Maker Rockstar Games Asks Workers To Return To Office Five Days a Week Rockstar Games, a division of Take-Two Interactive Software, will ask employees to return to the office five days a week beginning in April as the video-game maker enters the final stages of development on its next game, the hotly anticipated Grand Theft Auto VI. Bloomberg: In an email to staff on Wednesday reviewed by Bloomberg, Rockstar Head of Publishing Jenn Kolbe said the decision was made for productivity and security reasons. The company has faced several security breaches including a massive dump of early footage from the new Grand Theft Auto and an early trailer that leaked in December. Kolbe wrote that the company also found "tangible benefits" from in-person work. "Making these changes now puts us in the best position to deliver the next Grand Theft Auto at the level of quality and polish we know it requires, along with a publishing roadmap that matches the scale and ambition of the game," she wrote.
Read more of this story at Slashdot. |
| 8:41p | Popular Video Doorbells Can Be Easily Hijacked, Researchers Find Several internet-connected doorbell cameras have a security flaw that allows hackers to take over the camera by just holding down a button, among other issues, according to research by Consumer Reports. From a report: On Thursday, the non-profit Consumer Reports published research that detailed four security and privacy flaws in cameras made by EKEN, a company based in Shenzhen, China, which makes cameras branded as EKEN, but also, apparently, Tuck and other brands. These relatively cheap doorbell cameras were available on online marketplaces like Walmart and Temu, which removed them from sale after Consumer Reports reached out to the companies to flag the problems. These doorbell cameras are, however, still available elsewhere. According to Consumer Reports, the most impactful issue is that if someone is in close proximity to a EKEN doorbell camera, they can take "full control" of it by simply downloading its official app -- called Aiwit -- and putting the camera in pairing mode by simply holding down the doorbell's button for eight seconds. Aiwit's app has more than a million downloads on Google Play, suggesting it is widely used. At that point, the malicious user can create their own account on the app, scan the QR code generated by the app by putting it in front of the doorbell's camera.
Read more of this story at Slashdot. |
| 9:22p | Google is Making Search Suggestions in Chrome More Helpful An anonymous reader shares a report: Google is introducing improvements to search suggestions in Chrome, the company announced today. As part of the changes, users will start to get more helpful search suggestions in Chrome based on what others are searching for, see more images for suggested searches and find search suggestions even with a poor connection. Search suggestions are the drop-down list of suggested completions that appear before you finish typing out your query in Google. The feature generates predictions to help users save time and speed up their search. With these new updates, Google is expanding the availability of search suggestions and using them to boost inspiration. When users are signed into Chrome on desktop and open a new tab, they will now start to see suggestions in the search box related to their previous searches based on what other people are searching for.
Read more of this story at Slashdot. |
| 10:02p | Cheap Doorbell Cameras Can Be Easily Hijacked, Says Consumer Reports An anonymous reader quotes a report from Ars Technica: Video doorbell cameras have been commoditized to the point where they're available for $30-$40 on marketplaces like Amazon, Walmart, Temu, and Shein. The true cost of owning one might be much greater, however. Consumer Reports (CR) has released the findings of a security investigation into two budget-minded doorbell brands, Eken and Tuck, which are largely the same hardware produced by the Eken Group in China, according to CR. The cameras are further resold under at least 10 more brands. The cameras are set up through a common mobile app, Aiwit. And the cameras share something else, CR claims: "troubling security vulnerabilities." Among the camera's vulnerabilities cited by CR: - Sending public IP addresses and Wi-Fi SSIDs (names) over the Internet without encryption - Takeover of the cameras by putting them into pairing mode (which you can do from a front-facing button on some models) and connecting through the Aiwit app - Access to still images from the video feed and other information by knowing the camera's serial number. CR also noted that Eken cameras lacked an FCC registration code. More than 4,200 were sold in January 2024, according to CR, and often held an Amazon "Overall Pick" label (as one model did when an Ars writer looked on Wednesday). CR issued vulnerability disclosures to Eken and Tuck regarding its findings. The disclosures note the amount of data that is sent over the network without authentication, including JPEG files, the local SSID, and external IP address. It notes that after a malicious user has re-paired a doorbell with a QR code generated by the Aiwit app, they have complete control over the device until a user sees an email from Eken and reclaims the doorbell. "These video doorbells from little known manufacturers have serious security and privacy vulnerabilities, and now they've found their way onto major digital marketplaces such as Amazon and Walmart," said Justin Brookman, director of tech policy at Consumer Reports, in a statement. "Both the manufacturers and platforms that sell the doorbells have a responsibility to ensure that these products are not putting consumers in harm's way."
Read more of this story at Slashdot. |
| 10:40p | BC Lawyer Reprimanded For Citing Fake Cases Invented By ChatGPT A B.C. lawyer has been ordered to pay costs for opposing counsel for the time they took to discover that two cases she cited as precedent were created by ChatGPT. CBC News reports: The cases would have provided compelling precedent for a divorced dad to take his children to China -- had they been real. But instead of savouring courtroom victory, the Vancouver lawyer for a millionaire embroiled in an acrimonious split has been told to personally compensate her client's ex-wife's lawyers for the time it took them to learn the cases she hoped to cite were conjured up by ChatGPT. In a decision released Monday, a B.C. Supreme Court judge reprimanded lawyer Chong Ke for including two AI "hallucinations" in an application filed last December. The cases never made it into Ke's arguments; they were withdrawn once she learned they were non-existent. Justice David Masuhara said he didn't think the lawyer intended to deceive the court -- but he was troubled all the same. "As this case has unfortunately made clear, generative AI is still no substitute for the professional expertise that the justice system requires of lawyers," Masuhara wrote in a "final comment" appended to his ruling. "Competence in the selection and use of any technology tools, including those powered by AI, is critical."
Read more of this story at Slashdot. |
| 11:20p | Ford EV Owners Can Now Charge On Tesla's Network Starting today, Ford electric vehicle owners can use one of Tesla's 2,400+ superchargers, but there's a hitch. "They'll need to get an adapter that Ford will provide for free, although the company won't start shipping those until the end of March," notes the Associated Press. Product Reviewer MKBHD also notes that non-Teslas will need to park in a spot that blocks 2 spots where a Tesla would take up one. "If the charge station fills up the remaining spots with Teslas, the app will show 1 charger as available but the parking spot is blocked by the Mach-E," adds MKBHD. From the report: Last May, Ford became the first automaker to reach an agreement with the Austin, Texas-based Tesla to charge on its network, which is the largest and most well-placed in the U.S. Tesla has more than 26,000 plugs and nearly 2,400 Supercharger stations across the U.S. and Canada. Ford said its owners will have access to about 15,000 Tesla fast-charging plugs that are located strategically along travel corridors. Ford owners won't be able to use some older Tesla plugs. Most other automakers followed Ford in joining Tesla's network and agreeing to switch to Tesla's plug, called the North American Charging Standard, which is smaller and easier to use than the current plugs on most other EVs sold in the two countries. Ford said adding the Tesla plugs will double the size of the network that can be used by Ford EV owners. There are nearly 166,000 Ford EVs in the U.S. Ford is offering the adapters for free to the owners, who can sign up on the Ford.com website to reserve them between Thursday and June 30. The company will provide one free adapter per vehicle. Tesla's network was turned on Wednesday morning, and software enabling the Ford vehicles to charge at Tesla stations was to be sent out around the same time. Ford will switch to Tesla's charging connector with its second-generation EVs starting next year.
Read more of this story at Slashdot. |
| << Previous Day |
2024/02/29 [Calendar] |
Next Day >> |