Feed aggregator

Enlarge (credit: Getty Images)

Thousands of servers storing AI workloads and network credentials have been hacked in an ongoing attack campaign targeting a reported vulnerability in Ray, a computing framework used by OpenAI, Uber, and Amazon.

The attacks, which have been active for at least seven months, have led to the tampering of AI models. They have also resulted in the compromise of network credentials, allowing access to internal networks and databases and tokens for accessing accounts on platforms including OpenAI, Hugging Face, Stripe, and Azure. Besides corrupting models and stealing credentials, attackers behind the campaign have installed cryptocurrency miners on compromised infrastructure, which typically provides massive amounts of computing power. Attackers have also installed reverse shells, which are text-based interfaces for remotely controlling servers.

Hitting the jackpot

“When attackers get their hands on a Ray production cluster, it is a jackpot,” researchers from Oligo, the security firm that spotted the attacks, wrote in a post. “Valuable company data plus remote code execution makes it easy to monetize attacks—all while remaining in the shadows, totally undetected (and, with static security tools, undetectable).”

Read 12 remaining paragraphs | Comments

Enlarge (credit: vital)

There's a strong consensus that tackling most useful problems with a quantum computer will require that the computer be capable of error correction. There is absolutely no consensus, however, about what technology will allow us to get there. A large number of companies, including major players like Microsoft, Intel, Amazon, and IBM, have all committed to different technologies to get there, while a collection of startups are exploring an even wider range of potential solutions.

We probably won't have a clearer picture of what's likely to work for a few years. But there's going to be lots of interesting research and development work between now and then, some of which may ultimately represent key milestones in the development of quantum computing. To give you a sense of that work, we're going to look at three papers that were published within the last couple of weeks, each of which tackles a different aspect of quantum computing technology.

Hot stuff

Error correction will require connecting multiple hardware qubits to act as a single unit termed a logical qubit. This spreads a single bit of quantum information across multiple hardware qubits, making it more robust. Additional qubits are used to monitor the behavior of the ones holding the data and perform corrections as needed. Some error correction schemes require over a hundred hardware qubits for each logical qubit, meaning we'd need tens of thousands of hardware qubits before we could do anything practical.

Read 21 remaining paragraphs | Comments

Enlarge / Oregon's repair bill prohibits companies from implementing software locks that prohibit aftermarket or used parts from being installed in their devices.

Oregon Governor Tina Kotek today signed the state's Right to Repair Act, which will push manufacturers to provide more repair options for their products than any other state so far.

The law, like those passed in New York, California, and Minnesota, will require many manufacturers to provide the same parts, tools, and documentation to individuals and repair shops that they provide to their own repair teams.

But Oregon's bill goes further, preventing companies from implementing schemes that require parts to be verified through encrypted software checks before they will function. Known as parts pairing or serialization, Oregon's bill, SB 1596, is the first in the nation to target that practice. Oregon State Senator Janeen Sollman (D) and Representative Courtney Neron (D) sponsored and pushed the bill in the state senate and legislature.

Read 5 remaining paragraphs | Comments

Meta is failing to enforce its own rules against anti-trans hate speech on its platform, a new report from GLAAD warns. The LGBTQ advocacy group found that “extreme anti-trans hate content remains widespread across Instagram, Facebook, and Threads.”

The report documents dozens of examples of hate speech from Meta’s apps, which GLAAD says were reported to the company between June 2023 and March 2024. But though the posts appeared to be clear violations of the company’s policies, “Meta either replied that posts were not violative or simply did not take action on them,” GLAAD says.

The reported content included posts with anti-trans slurs, violent and dehumanizing language and promotions for conversion therapy, all of which are barred under Meta’s rules. GLAAD also notes that some of the posts it reported came from influential accounts with large audiences on Facebook and Instagram. GLAAD also shared two examples of posts from Threads, Meta’s newest app where the company has tried to tamp down “political” content and other “potentially sensitive” topics.

“The company’s ongoing failure to enforce their own policies against anti-LGBTQ, and especially anti-trans hate, is simply unacceptable,” GLAAD’s CEO and President Sarah Kate Ellis said in a statement.

Meta didn’t immediately respond to a request for comment. But GLAAD’s report isn’t the first time the company has faced criticism for its handling of content targeting the LGBTQ community. Last year the Oversight Board urged Meta to “improve the accuracy of its enforcement on hate speech towards the LGBTQIA+ community.”

This article originally appeared on Engadget at https://www.engadget.com/anti-trans-hate-is-widespread-on-facebook-instagram-and-threads-report-warns-215538151.html?src=rss

A recovery mission and investigation are underway in Baltimore after the Francis Scott Key Bridge partially collapsed yesterday. NBC News Correspondent Garrett Haake spoke with newly-appointed RNC co-chair Lara Trump about the 2020 election results, abortion, and who is paying for her father-in-law former President Donald Trump's legal bills. President Joe Biden and Vice President Kamala Harris campaign in battleground North Carolina. Rep. Jim McGovern (D-Mass.) discusses a foreign aid bill stalled in the House. Hunter Biden seeks to have his tax-related charges tossed out of federal court.

Female Aedes aegypti mosquito as she was in the process of obtaining a "blood meal." (credit: US Department of Health and Human Services)

Puerto Rico has declared a public health emergency amid an ongoing outbreak of dengue infections, a mosquito-spread viral infection that can cause fever, aches, rash, vomiting, and, in about 5 percent of cases, a severe disease marked by internal bleeding and shock.

The US territory has tallied 549 cases since the start of the year, representing a 140 percent increase compared with cases tallied at this point last year, according to the territory's health department. The Associated Press reported that more than 340 of the 549 cases have been hospitalized.

In 2023, the island nation of more than 3.2 million people had over 1,000 cases of dengue throughout the year.

Read 4 remaining paragraphs | Comments

Enlarge / A Starlink user terminal during winter. (credit: Getty Images | AntaresNS)

Starlink's mobile ambitions were dealt at least a temporary blow yesterday when the Federal Communications Commission dismissed SpaceX's application to use several spectrum bands for mobile service.

SpaceX is seeking approval to use up to 7,500 second-generation Starlink satellites with spectrum in the 1.6 GHz, 2 GHz, and 2.4 GHz bands. SpaceX could still end up getting what it wants but will have to go through new rulemaking processes in which the FCC will evaluate whether the spectrum bands can handle the system without affecting existing users.

The FCC Space Bureau's ruling dismissed the SpaceX application yesterday as "unacceptable for filing." The application was filed over a year ago.

Read 13 remaining paragraphs | Comments

Enlarge / A new image from the Event Horizon Telescope has revealed powerful magnetic fields spiraling from the edge of a supermassive black hole at the center of the Milky Way, Sagittarius A*. (credit: EHT Collaboration)

Physicists have been confident since the1980s that there is a supermassive black hole at the center of the Milky Way galaxy, similar to those thought to be at the center of most spiral and elliptical galaxies. It's since been dubbed Sagittarius A* (pronounced A-star), or SgrA* for short. The Event Horizon Telescope (EHT) captured the first image of SgrA* two years ago. Now the collaboration has revealed a new polarized image (above) showcasing the black hole's swirling magnetic fields. The technical details appear in two new papers published in The Astrophysical Journal Letters. The new image is strikingly similar to another EHT image of a larger supermassive black hole, M87*, so this might be something that all such black holes share.

The only way to "see" a black hole is to image the shadow created by light as it bends in response to the object's powerful gravitational field. As Ars Science Editor John Timmer reported in 2019, the EHT isn't a telescope in the traditional sense. Instead, it's a collection of telescopes scattered around the globe. The EHT is created by interferometry, which uses light in the microwave regime of the electromagnetic spectrum captured at different locations. These recorded images are combined and processed to build an image with a resolution similar to that of a telescope the size of the most distant locations. Interferometry has been used at facilities like ALMA (the Atacama Large Millimeter/submillimeter Array) in northern Chile, where telescopes can be spread across 16 km of desert.

In theory, there's no upper limit on the size of the array, but to determine which photons originated simultaneously at the source, you need very precise location and timing information on each of the sites. And you still have to gather sufficient photons to see anything at all. So atomic clocks were installed at many of the locations, and exact GPS measurements were built up over time. For the EHT, the large collecting area of ALMA—combined with choosing a wavelength in which supermassive black holes are very bright—ensured sufficient photons.

Read 10 remaining paragraphs | Comments

MO Hives KC has 10 Kansas City locations that facilitate bee pollination for neighborhood gardens as well as a small apiary at Gov. Mike Parson’s residence.

The New York Times reports that Israel’s military intelligence has been using an experimental facial recognition program in Gaza that’s misidentified Palestinian civilians as having ties to Hamas. Google Photos allegedly plays a part in the chilling program’s implementation, although it appears not to be through any direct collaboration with the company.

The surveillance program reportedly started as a way to search for Israeli hostages in Gaza. However, as often happens with new wartime technology, the initiative was quickly expanded to “root out anyone with ties to Hamas or other militant groups,” according to The NYT. The technology is flawed, but Israeli soldiers reportedly haven’t treated it as such when detaining civilians flagged by the system.

According to intelligence officers who spoke to The NYT, the program uses tech from the private Israeli company Corsight. Headquartered in Tel Aviv, it promises its surveillance systems can accurately recognize people with less than half of their faces exposed. It can supposedly be effective even with “extreme angles, (even from drones) darkness, and poor quality.”

But an officer in Israel’s Unit 8200 learned that, in reality, it often struggled with grainy, obscured or injured faces. According to the official, Corsight’s tech included false positives and cases where an accurately identified Palestinian was incorrectly flagged as having Hamas ties.

Three Israeli officers told The NYT that its military used Google Photos to supplement Corsight’s tech. Intelligence officials allegedly uploaded data containing known persons of interest to Google’s service, allowing them to use the app’s photo search feature to flag them among its surveillance materials. One officer said Google’s ability to match partially obscured faces was superior to Corsight’s, but they continued using the latter because it was “customizable.”

When contacted for a statement, a Google spokesperson reiterated to Engadget that the product only groups faces from images you’ve added to your library. “Google Photos is a free product which is widely available to the public that helps you organize photos by grouping similar faces, so you can label people to easily find old photos. It does not provide identities for unknown people in photographs,” they wrote.

One man erroneously detained through the surveillance program was poet Mosab Abu Toha, who told The NYT he was pulled aside at a military checkpoint in northern Gaza as his family tried to flee to Egypt. He was then allegedly handcuffed and blindfolded, and then beaten and interrogated for two days before finally being returned. He said soldiers told him before his release that his questioning (and then some) had been a “mistake.”

The Things You May Find Hidden in My Ear: Poems From Gaza scribe said he has no connection to Hamas and wasn’t aware of an Israeli facial recognition program in Gaza. However, during his detention, he said he overheard someone saying the Israeli army had used a “new technology” on the group with whom he was incarcerated.

Update, March 27, 2024, 4:32 PM ET: This story has been updated to add a statement to Engadget from Google.

This article originally appeared on Engadget at https://www.engadget.com/israels-military-reportedly-used-google-photos-to-identify-civilians-in-gaza-200843298.html?src=rss

Enlarge (credit: NurPhoto / Contributor | NurPhoto)

Unsealed court documents have revealed more details about a secret Facebook project initially called "Ghostbusters," designed to sneakily access encrypted Snapchat usage data to give Facebook a leg up on its rival, just when Snapchat was experiencing rapid growth in 2016.

The documents were filed in a class-action lawsuit from consumers and advertisers, accusing Meta of anticompetitive behavior that blocks rivals from competing in the social media ads market.

"Whenever someone asks a question about Snapchat, the answer is usually that because their traffic is encrypted, we have no analytics about them," Facebook CEO Mark Zuckerberg (who has since rebranded his company as Meta) wrote in a 2016 email to Javier Olivan.

Read 18 remaining paragraphs | Comments

We consider Apple's newest MacBook Air to be the best laptop for most people, and it's now dropped to a new low of $999 at Amazon and B&H. This discount is for the entry-level 13-inch model, so you'll have to make do with 8GB of RAM and 256GB of storage, but it's $100 less than buying from Apple directly and $50 less than the sale price we've seen on Amazon for the past couple of weeks. Just note that the deal only applies to the Midnight and Space Gray finishes, and that Amazon's listing is showing a shipping delay. B&H says the offer will run through March 28.

A few other configurations are also on sale. For one, B&H has a model with 16GB of RAM and a 512GB SSD for $1,399, which is another $100 discount. If you'd prefer a bigger display, Amazon is also selling the 15-inch version of the M3 Air for $1,204. That deal has been around for the past few days, but it's still a $95 discount and the best price we've tracked for this entry-level config since the new notebooks were released earlier this month.

If you can accept an older processor, meanwhile, B&H has the last-gen MacBook Air with Apple's M2 chip on sale for $849. That's another all-time low and $150 off Apple's list price. Again, the retailer says this deal will only run through March 28. Lastly, a config of the 15-inch M2 Air with 16GB of RAM and a 1TB SSD is down to a low of $1,499 as well.

We gave the both versions of the M3-powered MacBook Air a score of 90 in our review. Like the M2 Airs before them, they're slim, light and sturdy slabs, with comfortable keyboards and trackpads, accurate displays, 1080p webcams and more than enough battery life for a typical workday. Now, they each have a slightly faster chip, Wi-Fi 6E support and the option to connect to two external monitors (albeit only when the laptop itself is closed). Between the two sizes on sale, the 15-inch model has a slightly stronger GPU and more robust speakers alongside its roomier display. The port selection isn't great on either, but there are two Thunderbolt USB-C ports, a MagSafe charging port and a headphone jack.

As my colleague Daniel Cooper has noted, though, the best thing about the new notebooks might be that they've made the M2 versions cheaper. The difference between the M2 and M3 Airs isn't hugely noticeable in day-to-day use, so if you really want to save $150, the older model might be the better deal, especially if you're upgrading from a more dated Air with an Intel chip. (Those coming from an M1 model will probably be better off jumping to the M3.) The base M3 Air technically has a faster SSD than its predecessor, however, so it may be worth it if you often work with large files. That said, you should only get these 8GB RAM/256GB SSD configurations if you'll mostly stick to less demanding tasks. Go beyond that and they can start to run hot.

It's worth noting that 2020 M1 version of the notebook is now going for $699 at Walmart, which is a great price. Unless you just want a competent MacBook for as little as possible, though, the M2 version is enough of an upgrade to be worth the extra cost for most. We'll also highlight a hardware-level security exploit that was recently discovered for all M-series Macs, though the real-world risk of falling victim to that flaw is generally low. In any case, if you're looking to make a MacBook upgrade, this looks like a decent time to take advantage.

Follow @EngadgetDeals on Twitter and subscribe to the Engadget Deals newsletter for the latest tech deals and buying advice.

This article originally appeared on Engadget at https://www.engadget.com/apples-m3-and-m2-macbook-airs-have-never-been-cheaper-195132686.html?src=rss

Enlarge / Affinity's photo editor. (credit: Canva)

Online graphic design platform provider Canva announced its acquisition of Affinity on Tuesday. The purchase adds tools for creative professionals to the Australian startup's repertoire, presenting competition for today's digital design stronghold, Adobe.

The companies didn't provide specifics about the deal, but Cliff Obrecht, Canva's co-founder and COO, told Bloomberg that it consists of cash and stock and is worth "several hundred million pounds."

Canva, which debuted in 2013, has made numerous acquisitions to date, including Flourish, Kaleido, and Pixabay, but its purchase of Affinity is its biggest yet—by both price and headcount (90). Affinity CEO Ashley Hewson said via a YouTube video that Canva approached Affinity about a potential deal two months ago.

Read 14 remaining paragraphs | Comments

Workers at Sega of America, a division of Sega Sammy Holdings Inc., have officially ratified their union contract, as reported by Bloomberg. This makes it one of the first major North American video-game companies to take this step, which could bode well for future organized labor pushes in the industry.

The contract was ratified after workers overwhelmingly voted to unionize last year. It covers around 150 people working in various departments throughout the company, including brand marketing, games as a service, localization, sales and quality assurance. The union is called the Allied Employees Guild Improving Sega (AEGIS-CWA) and it organizes with the Communications Workers of America.

There are already some provisions in place for workers as part of the contract, including a minimum pay increase of 4 percent in 2024, 3 percent in 2025 and 2.5 percent in 2026. There are also layoff protections, codified benefits like health insurance, a severance inclusion and a commitment to credit all workers on games.

“We’re hopeful that in the midst of extensive layoffs, workers across the video game industry will see organizing as a pathway to improve working conditions for all of us,” wrote Jasmin Hernandez, a member of AEGIS-CWA, in a statement provided to Engadget.

Sega wasn’t exactly happy about the push toward labor rights and unionization. The company faced an unfair labor practice complaint after it announced plans to lay off 40 percent of the union's bargaining unit. The company did lay off some of these people, as promised, but the union was able to reach an agreement to keep many workers employed. 

Labor is having a moment in the games industry. ZeniMax Workers United joined with the CWA last year to offer union protection to 300 quality assurance workers. Over 600 Activision QA testers have joined a union, making it the biggest worker-formed organization in video games. Avalanche Studios, Raven Software and several small development studios have all also unionized in the past year or so.

This article originally appeared on Engadget at https://www.engadget.com/sega-of-america-workers-have-ratified-their-union-contract-185906593.html?src=rss

Enlarge / The basic requirements for an AI PC, at least when it's running Windows. (credit: Intel)

Microsoft said in January that 2024 would be the year of the "AI PC," and we know that AI PCs will include a few hardware components that most Windows systems currently do not include—namely, a built-in neural processing unit (NPU) and Microsoft's new Copilot key for keyboards. But so far we haven't heard a whole lot about what a so-called AI PC will actually do for users.

Microsoft and Intel are starting to talk about a few details as part of an announcement from Intel about a new AI PC developer program that will encourage software developers to leverage local hardware to build AI features into their apps.

The main news comes from Tom's Hardware, confirming that AI PCs would be able to run "more elements of Copilot," Microsoft's AI chatbot assistant, "locally on the client." Currently, Copilot relies on server-side processing even for small requests, introducing lag that is tolerable if you're making a broad request for information but less so if all you want to do is change a setting or get basic answers. Running generative AI models locally could also improve user privacy, making it possible to take advantage of AI-infused software without automatically sending information to a company that will use it for further model training.

Read 5 remaining paragraphs | Comments

Sony unveiled April’s PlayStation Plus monthly games on Wednesday. The batch includes Immortals of Aveum, Minecraft Legends, Skul: The Hero Slayer and an Overwatch 2 skins-and-skips bundle. Subscribers on PS Plus’ Essential, Extra and Premium tiers can claim the titles starting Tuesday, April 2.

Immortals of Aveum (PS5) showed promise, but its “first-person shooter with magic instead of guns” formula didn’t fare incredibly well commercially. The EA-published game was met with mixed reviews, and its release date — competing against the likes of Baldur’s Gate III, Armored Core VI and Starfield — likely didn’t help. That led to indie developer Ascendant Studios laying off nearly half its staff a few weeks after launch. Still, despite its suspiciously smooth mechanics and too-sparse crowds, we liked its cinematics and satisfyingly powerful magical attacks, so it could be worth checking out risk-free with your subscription.

Minecraft Legends (PS5 / PS4) takes the best-selling game of all time and spins it off into a real-time action-strategy game. In the franchise's blocky style, players form alliances to defeat invading piglins from the Nether dimension. The game includes a single-player story mode and multiplayer for up to eight players.

Skul: The Hero Slayer (PS4) is a retro 2D side-scrolling roguelike. You play as a skeleton who can swap skulls — and, in turn, abilities — with his slain enemies. (Convenient!) The game lets you select two ability types and encourages quick-switching during combat.

In addition to those three games, all PlayStation Plus subscribers can snag an exclusive Overwatch 2 Mega Bundle in April. The pack includes nine skins and five Battle Pass Tier Skips. You’ll first need to download Overwatch 2 from the PlayStation Store, and the bundle should show up in-game immediately (whether you’re a new or returning player).

This article originally appeared on Engadget at https://www.engadget.com/immortals-of-aveum-headlines-aprils-ps-plus-monthly-games-183924174.html?src=rss

Enlarge / OnLeak's renders of the Pixel 9 Pro XL, the Pixel 9 Pro, and the Pixel 9. (credit: OnLeaks / 91Mobiles / MySmartPrice)

When renders of the Pixel 9 came out in January from OnLeaks, we got our first hints that a big change in Google's lineup was afoot. Usually, the company does a big "Pro" phone with three cameras and all the premium features and then a smaller Pixel that gets cut down somewhat, usually with only two cameras. Those January renders showed a big and small phone both with three cameras, indicating the base model Pixel 9 was getting updated to be a "mini-Pro" model—a smaller phone, but still with all the trimmings. The small Pro model still seems to be in the works, but apparently, that's not the base model.

The new render from OnLeaks and 91Mobiles shows a third Pixel 9. This one is the usual cut-down small model with only two cameras. Apparently, the lineup would now be a 6.8-inch "Pixel 9 Pro XL," a "Pixel 9 Pro" at 6.1 inches, and a "Pixel 9" at 6.0 inches.

The base model's design looks just like the other Pixel 9 leaks. The camera bar takes on a new rounded pill shape. The sides switch to a flat metal band, like an iPhone 4/15. The corners of the display and phone body are much more rounded.

Read 2 remaining paragraphs | Comments

Enlarge / A Venus Aerospace drone makes a powered flight. (credit: Venus Aerospace)

Venus Aerospace conducted its first powered flight last month, reaching Mach 0.9 with a drone.

The 8-foot-long vehicle was dropped from an Aero L-29 Delfín aircraft at 12,000 feet and flew under the power of a hydrogen peroxide monopropellant engine. This engine was not fired at full thrust because the location of the test flight, an unspecified range in the United States, did not permit flight faster than the speed of sound, said Andrew Duggleby, co-founder and chief technology officer of the Houston-based company.

This first powered flight came as the company announced a long-duration test firing of its rotating detonation rocket engine, an experimental approach to propulsion that could be about 15 percent more efficient than a conventional chemical rocket engine. The company's long-term ambition is to develop a commercial aircraft that can travel at Mach 9—far faster than any previous airplane. That's clearly a ways off, but these are important, if early, steps on that path.

Read 11 remaining paragraphs | Comments

Enlarge / They look like normal notifications, but opening an iPhone with one or more of these stacked up, you won't be able to do much of anything until you tap "Allow" or "Don't Allow." And they're right next to each other. (credit: Kevin Purdy)

Human weaknesses are a rich target for phishing attacks. Making humans click "Don't Allow" over and over again in a phone prompt that can't be skipped is an angle some iCloud attackers are taking—and likely having some success.

Brian Krebs' at Krebs on Security detailed the attacks in a recent post, noting that "MFA Fatigue Attacks" are a known attack strategy. By repeatedly hitting a potential victim's device with multifactor authentication requests, the attack fills a device's screen with prompts that typically have yes/no options, often very close together. Apple's devices are just the latest rich target for this technique.

Both the Kremlin-backed Fancy Bear advanced persistent threat group and a rag-tag bunch of teenagers known as Lapsus$ have been known to use the technique, also known as MFA prompt bombing, successfully.

Read 11 remaining paragraphs | Comments

Google just announced that it’s expanding its recently-launched Circle to Search tool to include language translation, as part of an update to various core services. Circle to Search, as the name suggests, already lets some Android users research stuff by drawing a circle around an object.

The forthcoming language translation component won’t even require a drawn circle. Google says people will just have to long press the home button or the navigation bar and look for the translate icon. It’ll do the rest. The company showed the tech quickly translating an entire menu with one long press. Google Translate can already do this, though in a slightly different way, but this update means users won’t have to pop out of one app and into another just to check on something.

The translation tool begins rolling out in the “coming weeks”, though only to Android devices that can run Circle to Search. This list currently includes Pixel 7 devices, Pixel 8 devices and the Samsung Galaxy S24 series, though Google says it's coming to more phones and tablets this week, including some foldables.

Google Maps is also getting a refresh, with an emphasis on AI. When you pull up a place on Maps, like a restaurant, artificial intelligence will display a summary that describes unique points of interest and “what people love” about the business. The AI will also analyze photos of food and identify what the dish is called, in addition to the cost and whether it's vegetarian or vegan. The company hopes this will make it easier to make reservations and book trips.

Google

On the non-AI side of things, Maps is getting an updated lists feature in select cities throughout the US and Canada. This will aggregate lists of must-visit destinations pulled from members of the community and local publishers. There will be tools to customize these lists as you see fit.

These will be joined by lists created by Google and its algorithm, including a weekly trending list to discover the “latest hot spots” and something called Gems that chronicles under-the-radar spots. All of these Maps updates are coming to both Android and iOS devices later this month.

This article originally appeared on Engadget at https://www.engadget.com/googles-circle-to-search-feature-will-soon-handle-language-translation-174802558.html?src=rss