Skip to main content

Posts

Showing posts from July, 2024

Cloudflare once again comes under pressure for enabling abusive sites

Cloudflare masks the origin of roughly 10% of abusive domains, watchdog says. https://arstechnica.com/?p=2040424&utm_source=dlvr.it&utm_medium=blogger

ChatGPT Advanced Voice Mode impresses testers with sound effects, catching its breath

AVM allows uncanny real-time voice conversations with ChatGPT that you can interrupt. https://arstechnica.com/?p=2040213&utm_source=dlvr.it&utm_medium=blogger

Mysterious family of malware hid in Google Play for years

Mandrake's ability to go unnoticed was the result of designs not often seen in Android malware. https://arstechnica.com/?p=2040171&utm_source=dlvr.it&utm_medium=blogger

AI search engine accused of plagiarism announces publisher revenue-sharing plan

Perplexity says WordPress, TIME, Der Spiegel, and Fortune have already signed up. https://arstechnica.com/?p=2039978&utm_source=dlvr.it&utm_medium=blogger

Hackers exploit VMware vulnerability that gives them hypervisor admin

Create new group called "ESX Admins" and ESXi automatically gives it admin rights. https://arstechnica.com/?p=2039863&utm_source=dlvr.it&utm_medium=blogger

From sci-fi to state law: California’s plan to prevent AI catastrophe

Critics say SB-1047, proposed by "AI doomers," could slow innovation and stifle open source AI. https://arstechnica.com/?p=2036533&utm_source=dlvr.it&utm_medium=blogger

97% of CrowdStrike systems are back online; Microsoft suggests Windows changes

Kernel access gives security software a lot of power, but not without problems. https://arstechnica.com/?p=2039500&utm_source=dlvr.it&utm_medium=blogger

At the Olympics, AI is watching you

New system foreshadows a future where there are too many CCTV cameras for humans to physically watch. https://arstechnica.com/?p=2039514&utm_source=dlvr.it&utm_medium=blogger

Hang out with Ars in San Jose and DC this fall for two infrastructure events

Join us as we talk about the next few years in AI & storage, and what to watch for. https://arstechnica.com/?p=2037812&utm_source=dlvr.it&utm_medium=blogger

Chrome will now prompt some users to send passwords for suspicious files

Google says passwords and files will be deleted shortly after they are deep-scanned. https://arstechnica.com/?p=2039375&utm_source=dlvr.it&utm_medium=blogger

Secure Boot is completely broken on 200+ models from 5 big device makers

Keys were labeled "DO NOT TRUST." Nearly 500 device models use them anyway. https://arstechnica.com/?p=2039140&utm_source=dlvr.it&utm_medium=blogger

We made a cat drink a beer with Runway’s AI video generator, and it sprouted hands

Gen-3 Alpha produces wild and whimsical results. Here's what it cooked up for us. https://arstechnica.com/?p=2036379&utm_source=dlvr.it&utm_medium=blogger

CrowdStrike blames testing bugs for security update that took down 8.5M Windows PCs

Company says it's improving testing processes to avoid a repeat. https://arstechnica.com/?p=2038917&utm_source=dlvr.it&utm_medium=blogger

Elon Musk claims he is training “the world’s most powerful AI by every metric”

One snag: xAI might not have the electrical power contracts to do it. https://arstechnica.com/?p=2038885&utm_source=dlvr.it&utm_medium=blogger

How Russia-linked malware cut heat to 600 Ukrainian buildings in deep winter

The code was used to sabotage a heating utility in Lviv at the coldest point in the year. https://arstechnica.com/?p=2038848&utm_source=dlvr.it&utm_medium=blogger

The first GPT-4-class AI model anyone can download has arrived: Llama 405B

"Open source AI is the path forward," says Mark Zuckerberg, misusing the term. https://arstechnica.com/?p=2038486&utm_source=dlvr.it&utm_medium=blogger

Microsoft says 8.5M systems hit by CrowdStrike BSOD, releases USB recovery tool

When reboots don't work, bootable USB sticks may help ease fixes for some PCs. https://arstechnica.com/?p=2038277&utm_source=dlvr.it&utm_medium=blogger

Astronomers discover technique to spot AI fakes using galaxy-measurement tools

Researchers use technique to quantify eyeball reflections that often reveal deepfake images. https://arstechnica.com/?p=2038332&utm_source=dlvr.it&utm_medium=blogger

CrowdStrike fixes start at “reboot up to 15 times” and get more complex from there

Admins can also restore backups or manually delete CrowdStrike's buggy driver. https://arstechnica.com/?p=2038144&utm_source=dlvr.it&utm_medium=blogger

Major outages at CrowdStrike, Microsoft leave the world with BSODs and confusion

Nobody's sure who's at fault for each outage: Microsoft, CrowdStrike, or both. https://arstechnica.com/?p=2038106&utm_source=dlvr.it&utm_medium=blogger

The next Nvidia driver makes even more GPUs “open,” in a specific, quirky way

You can't see inside the firmware, but more open code can translate it for you. https://arstechnica.com/?p=2037900&utm_source=dlvr.it&utm_medium=blogger

OpenAI launches GPT-4o mini, which will replace GPT-3.5 in ChatGPT

Lower-cost AI language model will be free for ChatGPT users. https://arstechnica.com/?p=2037843&utm_source=dlvr.it&utm_medium=blogger

Vulnerability in Cisco Smart Software Manager lets attackers change any user password

Yep, passwords for administrators can be changed, too. https://arstechnica.com/?p=2037733&utm_source=dlvr.it&utm_medium=blogger

Trump allies want to “Make America First in AI” with sweeping executive order

After repealing Biden's AI order, draft would create "Manhattan Projects" for military AI. https://arstechnica.com/?p=2037557&utm_source=dlvr.it&utm_medium=blogger

Rite Aid says breach exposes sensitive details of 2.2 million customers

Stolen data includes customer names, addresses, birth dates, and driver's license numbers. https://arstechnica.com/?p=2037497&utm_source=dlvr.it&utm_medium=blogger

Former OpenAI researcher’s new company will teach you how to build an LLM

Karpathy's Eureka Labs will pair human-made curriculum with an AI-powered assistant. https://arstechnica.com/?p=2037425&utm_source=dlvr.it&utm_medium=blogger

Here’s how carefully concealed backdoor in fake AWS files escaped mainstream notice

Files available on the open source NPM repository underscore a growing sophistication. https://arstechnica.com/?p=2037194&utm_source=dlvr.it&utm_medium=blogger

Microsoft CTO defies critics: AI progress not slowing down, it’s just warming up

Will LLMs keep improving if we throw more compute at them? OpenAI dealmaker thinks so. https://arstechnica.com/?p=2036166&utm_source=dlvr.it&utm_medium=blogger

Google makes it easier for users to switch on advanced account protection

The strict requirement for two physical keys is now eased when passkeys are used. https://arstechnica.com/?p=2036985&utm_source=dlvr.it&utm_medium=blogger

OpenAI reportedly nears breakthrough with “reasoning” AI, reveals progress framework

Under new classification, Level 2 AI can perform "human-level problem solving." https://arstechnica.com/?p=2036853&utm_source=dlvr.it&utm_medium=blogger

First “Miss AI” contest sparks ire for pushing unrealistic beauty standards

Influencer platform's controversial contest awarded prizes to three nonexistent people. https://arstechnica.com/?p=2036414&utm_source=dlvr.it&utm_medium=blogger

Exim vulnerability affecting 1.5 million servers lets attackers attach malicious files

Based on past attacks, It wouldn’t be surprising to see active targeting this time too. https://arstechnica.com/?p=2036607&utm_source=dlvr.it&utm_medium=blogger

Intuit’s AI gamble: Mass layoff of 1,800 paired with hiring spree

Intuit CEO: "Companies that aren’t prepared to take advantage of [AI] will fall behind." https://arstechnica.com/?p=2036383&utm_source=dlvr.it&utm_medium=blogger

Threat actors exploited Windows 0-day for more than a year before Microsoft fixed it

The goal of the exploits was to open Explorer and trick targets into running malicious code. https://arstechnica.com/?p=2036304&utm_source=dlvr.it&utm_medium=blogger

In bid to loosen Nvidia’s grip on AI, AMD to buy Finnish startup for $665M

The acquisition is the largest of its kind in Europe in a decade. https://arstechnica.com/?p=2036193&utm_source=dlvr.it&utm_medium=blogger

OpenAI board shakeup: Microsoft out, Apple backs away amid AI partnership scrutiny

Microsoft gives up non-voting observer board role; Apple rethinks a planned similar position. https://arstechnica.com/?p=2036094&utm_source=dlvr.it&utm_medium=blogger

How disinformation from a Russian AI spam farm ended up on top of Google search results

A fake article about Volodymyr Zelensky’s wife buying a Bugatti with US aid was promoted by bots. https://arstechnica.com/?p=2035995&utm_source=dlvr.it&utm_medium=blogger

New Blast-RADIUS attack breaks 30-year-old protocol used in networks everywhere

Ubiquitous RADIUS scheme uses homegrown authentication based on MD5. Yup, you heard right. https://arstechnica.com/?p=2035809&utm_source=dlvr.it&utm_medium=blogger

The president ordered a board to probe a massive Russian cyberattack. It never did.

The Cyber Safety Review Board missed an opportunity to prevent future attacks, experts say. https://arstechnica.com/?p=2035563&utm_source=dlvr.it&utm_medium=blogger

384,000 sites pull code from sketchy code library recently bought by Chinese firm

Many website admins, it seems, have yet to get memo to remove Polyfill[.]io links. https://arstechnica.com/?p=2035216&utm_source=dlvr.it&utm_medium=blogger

“RegreSSHion” vulnerability in OpenSSH gives attackers root on Linux

Full system compromise possible by peppering servers with thousands of connection requests. https://arstechnica.com/?p=2035011&utm_source=dlvr.it&utm_medium=blogger

3 million iOS and macOS apps were exposed to potent supply-chain attacks

Apps that used code libraries hosted on CocoaPods were vulnerable for about 10 years. https://arstechnica.com/?p=2034866&utm_source=dlvr.it&utm_medium=blogger