Linux fréttir

The SEC has blocked third-party messaging apps and texts from employees' work phones, "bringing its own practices closer to the standards it's enforcing for the industry," reports Bloomberg. From the report: The SEC's decision to block disappearing-messaging apps will help improve record-keeping and address potential security vulnerabilities at the agency, which saw one of its social-media accounts compromised earlier this year. It follows about $3 billion in fines imposed on financial firms to settle allegations that they failed to keep adequate records of work-related communications on mobile devices and apps such as Signal and Meta's WhatsApp. The scrutiny prompted Wall Street to overhaul how employees communicate on business matters using mobile phones. Meanwhile, the SEC took a hard look at policies covering its own staff's communications on agency-issued phones. The agency has restricted access to third-party messaging applications, as well as SMS (short message service) and iMessage texts "to lower risk that our systems could be compromised and to enhance recordkeeping," an SEC spokeswoman said in an emailed statement. The process of blocking the apps began in September and has continued over the past several months, she added.

Read more of this story at Slashdot.

Proper old-school Unix, not like those lazy, decadent Linux types

FOSDEM 2024 NetBSD 10 marks a new level of maturity for this venerable open source Unix system, which somehow manages to be both modern and retro at the same time.…

The answer is not to hide from AI, but to be honest about it

It's taken less than eighteen months for human- and AI-generated media to become impossibly intermixed. Some find this utterly unconscionable, and refuse to have anything to do with any media that has any generative content within it. That ideological stance betrays a false hope: that this is a passing trend, an obsession with the latest new thing, and will pass.…

Comms services and AI contributing to increase, but vendors are taking 'risks'

Gartner expects global IT spending to grow 8 percent in 2024 to $5.06 trillion in a revised forecast from the 6.8 percent uptick which the analyst predicted in January.…

NASA has confirmed that a piece of metal that tore through a Florida home last month was space junk from the International Space Station. NBC News reports: The agency confirmed Monday that the 1.6-pound object was debris from a cargo pallet that had been intentionally released from the space station three years ago. The pallet, packed with aging batteries, was supposed to burn up harmlessly in Earth's atmosphere, but a piece survived -- the piece that smashed into a house in Naples, Florida, on March 8. WINK News, a CBS News affiliate in southwestern Florida, first reported the incident. Naples resident Alejandro Otero told the outlet that the object crashed through the roof and two floors of his home. Otero was not home at the time, he told WINK News, but the metal object nearly hit his son, who was two rooms away. In a blog post about the incident, NASA said it had analyzed the object at the Kennedy Space Center in Florida and confirmed that it was part of the equipment used to mount the batteries on the cargo pallet. The piece of space junk is roughly cylindrical in shape and is about 4-inches tall and 1.6-inches wide. NASA said agency staff studied the object's features and metal composition and matched it to the hardware that had been jettisoned from the space station in 2021. At that time, new lithium-ion batteries had recently been installed at the space station, so the old nickel hydrogen batteries were packed up for disposal. The space station's robotic arm released the 5,800-pound cargo pallet containing the batteries over the Pacific Ocean, as the outpost orbited 260 miles above the Earth's surface, according to NASA. NASA said it will perform a detailed investigation of the latest debris incident to determine how the object withstood the extreme trip through the atmosphere.

Read more of this story at Slashdot.

Not all at once, of course

Google will eventually invest $100 billion in AI, according to DeepMind CEO Demis Hassabis.…

Just doesn't believe it will sort out the mess that saw data leak from LINE messaging app

Japan's government has considered the proposed security improvements developed by Yahoo!, found them wanting, and ordered the onetime web giant to take new measures.…

Almost 2,000 customers experienced outages

Tencent Cloud has apologized for an outage that impacted customers last week – an unusual act by a Chinese cloud – and signalled it will review some aspects of its ops in the hope of avoiding future incidents of this nature.…

An anonymous reader quotes a report from Wired: Dozens of Google employees began occupying company offices in New York City and Sunnyvale, California, on Tuesday in protest of the company's $1.2 billion contract providing cloud computing services to the Israeli government. The sit-in, organized by the activist group No Tech for Apartheid, is happening at Google Cloud CEO Thomas Kurian's office in Sunnyvale and the 10th floor commons of Google's New York office. The sit-in will be accompanied by outdoor protests at Google offices in New York, Sunnyvale, San Francisco, and Seattle beginning at 2 pm ET and 11 am PT. Tuesday's actions mark an escalation in a series of recent protests organized by tech workers who oppose their employer's relationship with the Israeli government, especially in light of Israel's ongoing assault on Gaza. Since Hamas killed about 1,100 Israelis on October 7, the IDF has killed more than 34,000 Palestinians. Just over a dozen people gathered outside Google's offices in New York and Sunnyvale on Tuesday. Among those in New York was Google cloud software engineer Eddie Hatfield, who was fired days after disrupting Google Israel's managing director at March's Mind The Tech, a company-sponsored conference focused on the Israeli tech industry, in early March. Several hours into the sit-ins on Tuesday, Google security began to accuse the workers of "trespassing" and disrupting work, prompting several people to leave while others vowed to remain until they were forced out. The 2021 contract, known as Project Nimbus, involves Google and Amazon jointly providing cloud computing infrastructure and services across branches of the Israeli government. Last week, Time reported that Google's work on Project Nimbus involves providing direct services to the Israel Defense Forces. [...] On March 4, more than600 other Googlers signed a petition opposing the company's sponsorship of the conference. After Hatfield was fired three days later, Google trust-and-safety-policy employee Vidana Abdel Khalek resigned from her position in opposition to Project Nimbus. Then, in late March, more than 300 Apple workers signed an open letter that alleged retaliation against workers who have expressed support for Palestinians, and urged company leadership to show public support for Palestinians. Hasan Ibraheem, a Google software engineer, is participating in the sit-in at his local Google office in New York. "This has really been a culmination of our efforts," he tells WIRED. Since joining No Tech for Apartheid in December, Ibraheem says, he has been participating in weekly "tabling" actions being held at Google office cafes in New York, Sunnyvale, San Francisco, and Mountain View, California. It involves holding a sign that says "Ask me about Project Nimbus" during lunch break, passing out flyers, and answering questions from coworkers. "It's actually shocking how many people at Google don't even know that this contract exists," Ibraheem says. "A lot of people who don't know about it, who then learn about it through us, are reasonably upset that this contract exists. They just didn't know that it existed beforehand."

Read more of this story at Slashdot.

AI is so good at drawing pictures and driving cars, why not let it govern a country?

India's prime minister, Narendra Modi, used AI to help develop the nation's 25-year development roadmap, according to comments made during a live-streamed interview with news agency ANI on Monday.…

State tax collectors, particularly in New York, have intensified their audit efforts on high earners, leveraging artificial intelligence to compensate for a reduced number of auditors. CNBC reports: In New York, the tax department reported 771,000 audits in 2022 (the latest year available), up 56% from the previous year, according to the state Department of Taxation and Finance. At the same time, the number of auditors in New York declined by 5% to under 200 due to tight budgets. So how is New York auditing more people with fewer auditors? Artificial Intelligence. "States are getting very sophisticated using AI to determine the best audit candidates," said Mark Klein, partner and chairman emeritus at Hodgson Russ LLP. "And guess what? When you're looking for revenue, it's not going to be the person making $10,000 a year. It's going to be the person making $10 million." Klein said the state is sending out hundreds of thousands of AI-generated letters looking for revenue. "It's like a fishing expedition," he said. Most of the letters and calls focused on two main areas: a change in tax residency and remote work. During Covid many of the wealthy moved from high-tax states like California, New York, New Jersey and Connecticut to low-tax states like Florida or Texas. High earners who moved, and took their tax dollars with them, are now being challenged by states who claim the moves weren't permanent or legitimate. Klein said state tax auditors and AI programs are examining cellphone records to see where the taxpayers spent most of their time and lived most of their lives. "New York is being very aggressive," he said.

Read more of this story at Slashdot.

Framework, the company known for designing and selling upgradeable, modular laptops, has struggled with providing up-to-date software for its products. Ars Technica's Andrew Cunningham spoke with CEO Nirav Patel to discuss how the company is working on fixing these issues. Longtime Slashdot reader snikulin shares the report: Driver bundles remain un-updated for years after their initial release. BIOS updates go through long and confusing beta processes, keeping users from getting feature improvements, bug fixes, and security updates. In its community support forums, Framework employees, including founder and CEO Nirav Patel, have acknowledged these issues and promised fixes but have remained inconsistent and vague about actual timelines. [...] Patel says Framework has taken steps to improve the update problem, but he admits that the team's initial approach -- supporting existing laptops while also trying to spin up firmware for upcoming launches -- wasn't working. "We started 12th-gen [Intel Framework Laptop] development, basically the 12th-gen team was also handling looking back at 11th-gen [Intel Framework Laptop] to do firmware updates there," Patel told Ars. "And it became clear, especially as we continued to add on more platforms, that just wasn't a sustainable path to proceed on." Part of the issue is that Framework relies on external companies to put together firmware updates. Some components are provided by Intel, AMD, and other chip companies to all PC companies that use their chips. Others are provided by Insyde, which writes UEFI firmware for Framework and others. And some are handled by Compal, the contract manufacturer that actually produces Framework's systems and has also designed and sold systems for most of the big-name PC companies. As far back as August 2023, Patel has written that the plan is to work with Compal and Insyde to hire dedicated staff to provide better firmware support for Framework laptops. However, the benefits of this arrangement have been slow to reach users. "[Compal] started recruiting on their side towards the end of last year," Patel told Ars. "And now, just at the beginning of this year, we've been able to get that whole team into place and start onboarding them. And especially after Lunar New Year, which is in early February, that team is now up and running at full speed." The goal, Patel says, is to continuously cycle through all of Framework's actively supported laptops, updating each of them one at a time before looping back around and starting the process over again. Functionality-breaking problems and security fixes will take precedence, while additional features and user requests will be lower-priority. ... snikulin adds: "As a recent Framework 13/AMD owner, I can confirm that it does not sleep properly on a default Windows 11 install. When I close the lid in the evening, the battery is dead the next morning. It's interesting to hear from Linus Sebastian (LTT) on the topic because he is a stakeholder in Framework."

Read more of this story at Slashdot.

With Apple lawsuit behind it, focussed on finalizing its designs

RISC-V chip designer Rivos has raised $250 million in series-A funding to bankroll production of its first accelerator for generative AI and data analytics workloads.…

spatwei shares a report from SC Magazine: Microsoft has discovered a new method to jailbreak large language model (LLM) artificial intelligence (AI) tools and shared its ongoing efforts to improve LLM safety and security in a blog post Thursday. Microsoft first revealed the "Crescendo" LLM jailbreak method in a paper published April 2, which describes how an attacker could send a series of seemingly benign prompts to gradually lead a chatbot, such as OpenAI's ChatGPT, Google's Gemini, Meta's LlaMA or Anthropic's Claude, to produce an output that would normally be filtered and refused by the LLM model. For example, rather than asking the chatbot how to make a Molotov cocktail, the attacker could first ask about the history of Molotov cocktails and then, referencing the LLM's previous outputs, follow up with questions about how they were made in the past. The Microsoft researchers reported that a successful attack could usually be completed in a chain of fewer than 10 interaction turns and some versions of the attack had a 100% success rate against the tested models. For example, when the attack is automated using a method the researchers called "Crescendomation," which leverages another LLM to generate and refine the jailbreak prompts, it achieved a 100% success convincing GPT 3.5, GPT-4, Gemini-Pro and LLaMA-2 70b to produce election-related misinformation and profanity-laced rants. Microsoft reported the Crescendo jailbreak vulnerabilities to the affected LLM providers and explained in its blog post last week how it has improved its LLM defenses against Crescendo and other attacks using new tools including its "AI Watchdog" and "AI Spotlight" features.

Read more of this story at Slashdot.

Also warns of brute force attacks targeting its own VPNs, Check Point, Fortinet, SonicWall and more

Cisco is fighting fires on a couple cybersecurity fronts this week involving its Duo multi-factor authentication (MFA) service and its remote-access VPN services.…

An anonymous reader quotes a report from Ars Technica: Some net neutrality proponents are worried that soon-to-be-approved Federal Communications Commission rules will allow harmful fast lanes because the plan doesn't explicitly ban "positive" discrimination. FCC Chairwoman Jessica Rosenworcel's proposed rules for Internet service providers would prohibit blocking, throttling, and paid prioritization. The rules mirror the ones imposed by the FCC during the Obama era and repealed during Trump's presidency. But some advocates are criticizing a decision to let Internet service providers speed up certain types of applications as long as application providers don't have to pay for special treatment. Stanford Law Professor Barbara van Schewick, who has consistently argued for stricter net neutrality rules, wrote in a blog post on Thursday that "harmful 5G fast lanes are coming." "T-Mobile, AT&T and Verizon are all testing ways to create these 5G fast lanes for apps such as video conferencing, games, and video where the ISP chooses and controls what gets boosted," van Schewick wrote. "They use a technical feature in 5G called network slicing, where part of their radio spectrum gets used as a special lane for the chosen app or apps, separated from the usual Internet traffic. The FCC's draft order opens the door to these fast lanes, so long as the app provider isn't charged for them." In an FCC filing yesterday, AT&T said that carriers will use network slicing "to better meet the needs of particular business applications and consumer preferences than they could over a best-efforts network that generally treats all traffic the same." Van Schewick warns that carriers could charge consumers more for plans that speed up specific types of content. For example, a mobile operator could offer a basic plan alongside more expensive tiers that boost certain online games or a tier that boosts services like YouTube and TikTok. Ericsson, a telecommunications vendor that sells equipment to carriers including AT&T, Verizon, and T-Mobile, has pushed for exactly this type of service. In a report on how network slicing can be used commercially, Ericsson said that "many gamers are willing to pay for enhanced gaming experiences" and would "pay up to $10.99 more for a guaranteed gaming experience on top of their 5G monthly subscription."

Read more of this story at Slashdot.

According to Bloomberg's Mark Gurman, Apple's initial set of AI-related features in iOS 18 "will work entirely on device," and won't connect to cloud services. AppleInsider reports: In practice, these AI features would be able to function without an internet connection or any form of cloud-based processing. AppleInsider has received information from individuals familiar with the matter that suggest the report's claims are accurate. Apple is working on an in-house large language model, or LLM, known internally as "Ajax." While more advanced features will ultimately require an internet connection, basic text analysis and response generation features should be available offline. [...] Apple will reveal its AI plans during WWDC, which starts on June 10.

Read more of this story at Slashdot.

Of course there's an enterprise plan for the Feds and AI trainers

Internet-scraping outfit Spy.pet claims to have harvested more than four billion public messages made by nearly 620 million users on more than 14,000 Discord chat servers – and is selling access to this trove.…

Richard Currie reports via The Register: A simple misclick at a London law firm led to a surprise divorce for an unsuspecting couple. An employee at Vardags, self-described specialists in high-net-worth marital breakdowns, opened the wrong file when applying for a divorce in His Majesty's Courts and Tribunals Service (HMCTS) online portal. With a click more potent than Cupid's arrow, the solicitor "issued a final order of divorce in proceedings between Mrs Williams, the applicant wife, and Mr Williams," court papers [PDF] say. The digital slip occurred on October 3, and thanks to the system's "now customary speed," as described by Judge Sir Andrew McFarlane, President of the Family Division, marital bonds were finally and totally severed in a mere 21 minutes, less time than most couples spend arguing over what to watch on Netflix. When Vardags realized the blunder two days later, it scrambled to reverse the order. The application was made "without notice to the Husband's solicitors -- the Wife's solicitors considered at the time that this was the correct approach given that the Final Order itself had been made without notice." In the ensuing legal melee, Mr Williams, previously unaware of his sudden single status, received a letter sent by HMCTS the same day as the accidental divorce, stating that he was no longer married. But it was not until October 11, a week later, that he was formally informed of his bachelorhood by his ex-wife's solicitors. Meanwhile, his solicitors entered the fray, demanding that the case be brought before the President of the Family Division to sort out this matrimonial muddle.

Read more of this story at Slashdot.

An anonymous reader quotes a report from NPR: An owl. A sharky looking bullet. The Hindu deity Ganesh. The Yin and Yang sign. All painstakingly selected and etched onto a microchip that measures about an inch square. Each microscopic silicon doodle was the handiwork of engineers at Qualcomm Incorporated, a San Diego-based company that creates wireless technology-related products and services. The engineers slipped the drawings into Qualcomm's Q1650 data decoder with care not to disturb any of the chip's functions. They were purposeless etchings, never meant to be uncovered. These doodles, also known as silicon art, chip graffiti or chip art, and dozens others like it, are remnants of tech history -- from Silicon Valley's infancy to the early 2000s -- when innovation was rapid fire and the tech still had a very human touch. Engineers would add the sketches to their microchip designs in the techie equivalent of signing their artwork. They'd etch them on chips that may end up in your cellphone, laptop or calculator. They spent hours crafting them, even though they were frowned upon by those in the C Suite. The existence of these doodles came to light decades ago, but social media is discovering them anew. And there is now a small but determined group of online hobbyists working to keep that history alive. They are still cataloguing the miniscule drawings -- many smaller than the width of a human hair and can't be seen without a microscope. These devotees post glossy videos of themselves shucking chips like oysters to see their iridescent insides and the itsy bitsy sketches that may be hidden on them. And they are eagerly saving them from the scrap heap.

Read more of this story at Slashdot.