combined Python and a hefty dose of of AI for a fascinating proof of concept: self-healing Python scripts. He shows things working in a video, embedded below the break, but we’ll also describe what happens right here.
The demo Python script is a simple calculator that works from the command line, and [BioBootloader] introduces a few bugs to it. He misspells a variable used as a return value, and deletes the subtract_numbers(a, b) function entirely. Running this script by itself simply crashes, but using Wolverine on it has a very different outcome.In a short time, error messages are analyzed, changes proposed, those same changes applied, and the script re-run.
Wolverine is a wrapper that runs the buggy script, captures any error messages, then sends those errors to GPT-4 to ask it what it thinks went wrong with the code. In the demo, GPT-4 correctly identifies the two bugs (even though only one of them directly led to the crash) but that’s not all! Wolverine actually applies the proposed changes to the buggy script, and re-runs it. This time around there is still an error… because GPT-4’s previous changes included an out of scope return statement. No problem, because Wolverine once again consults with GPT-4, creates and formats a change, applies it, and re-runs the modified script. This time the script runs successfully and Wolverine’s work is done.
LLMs (Large Language Models) like GPT-4 are “programmed” in natural language, and these instructions are referred to as prompts. A large chunk of what Wolverine does is thanks to a carefully-written prompt, and you can read it here to gain some insight into the process. Don’t forget to watch the video demonstration just below if you want to see it all in action.
There’s an invisible monster on the loose, barreling through intergalactic space so fast that if it were in our solar system, it could travel from Earth to the Moon in 14 minutes. This supermassive black hole, weighing as much as 20 million Suns, has left behind a never-before-seen 200,000-light-year-long “contrail” of newborn stars, twice the diameter of our Milky Way galaxy. It’s likely the result of a rare, bizarre game of galactic billiards among three massive black holes.
Rather than gobbling up stars ahead of it, like a cosmic Pac-Man, the speedy black hole is plowing into gas in front of it to trigger new star formation along a narrow corridor. The black hole is streaking too fast to take time for a snack. Nothing like it has ever been seen before, but it was captured accidentally by NASA’s Hubble Space Telescope.
This is an artist’s impression of a runaway supermassive black hole that was ejected from its host galaxy as a result of a tussle between it and two other black holes. As the black hole plows through intergalactic space it compresses tenuous gas in front to it. This precipitates the birth of hot blue stars. This illustration is based on Hubble Space Telescope observations of a 200,000-light-year-long “contrail” of stars behind an escaping black hole. For more details, read the Extended Text Description.
Credits: NASA, ESA, Leah Hustak (STScI)
“We think we’re seeing a wake behind the black hole where the gas cools and is able to form stars. So, we’re looking at star formation trailing the black hole,” said Pieter van Dokkum of Yale University in New Haven, Connecticut. “What we’re seeing is the aftermath. Like the wake behind a ship we’re seeing the wake behind the black hole.” The trail must have lots of new stars, given that it is almost half as bright as the host galaxy it is linked to.
The black hole lies at one end of the column, which stretches back to its parent galaxy. There is a remarkably bright knot of ionized oxygen at the outermost tip of the column. Researchers believe gas is probably being shocked and heated from the motion of the black hole hitting the gas, or it could be radiation from an accretion disk around the black hole. “Gas in front of it gets shocked because of this supersonic, very high-velocity impact of the black hole moving through the gas. How it works exactly is not really known,” said van Dokkum.
“This is pure serendipity that we stumbled across it,” van Dokkum added. He was looking for globular star clusters in a nearby dwarf galaxy. “I was just scanning through the Hubble image and then I noticed that we have a little streak. I immediately thought, ‘oh, a cosmic ray hitting the camera detector and causing a linear imaging artifact.’ When we eliminated cosmic rays we realized it was still there. It didn’t look like anything we’ve seen before.”
This Hubble Space Telescope archival photo captures a curious linear feature that is so unusual it was first dismissed as an imaging artifact from Hubble’s cameras. But follow-up spectroscopic observations reveal it is a 200,000-light-year-long chain of young blue stars. A supermassive black hole lies at the tip of the bridge at lower left. The black hole was ejected from the galaxy at upper right. It compressed gas in its wake to leave a long trail of young blue stars. Nothing like this has ever been seen before in the universe. This unusual event happened when the universe was approximately half its current age.
Credits: NASA, ESA, Pieter van Dokkum (Yale); Image Processing: Joseph DePasquale (STScI)
Because it was so weird, van Dokkum and his team did follow-up spectroscopy with the W. M. Keck Observatories in Hawaii. He describes the star trail as “quite astonishing, very, very bright and very unusual.” This led to the conclusion that he was looking at the aftermath of a black hole flying through a halo of gas surrounding the host galaxy.
This intergalactic skyrocket is likely the result of multiple collisions of supermassive black holes. Astronomers suspect the first two galaxies merged perhaps 50 million years ago. That brought together two supermassive black holes at their centers. They whirled around each other as a binary black hole.
Then another galaxy came along with its own supermassive black hole. This follows the old idiom: “two’s company and three’s a crowd.” The three black holes mixing it up led to a chaotic and unstable configuration. One of the black holes robbed momentum from the other two black holes and got thrown out of the host galaxy. The original binary may have remained intact, or the new interloper black hole may have replaced one of the two that were in the original binary, and kicked out the previous companion.
When the single black hole took off in one direction, the binary black holes shot off in the opposite direction. There is a feature seen on the opposite side of the host galaxy that might be the runaway binary black hole. Circumstantial evidence for this is that there is no sign of an active black hole remaining at the galaxy’s core. The next step is to do follow-up observations with NASA’s James Webb Space Telescope and the Chandra X-ray Observatory to confirm the black hole explanation.
https://youtube.com/watch?v=aPAP2ewFR0A%3Frel%3D0
There’s an invisible monster on the loose! It’s barreling through intergalactic space fast enough to travel from Earth to the Moon in 14 minutes. But don’t worry, luckily this beast is very, very far away! This potential supermassive black hole, weighing as much as 20 million Suns, has left behind a never-before-seen 200,000 light-year-long trail of newborn stars. The streamer is twice the diameter of our Milky Way galaxy. It’s likely the result of a rare, bizarre game of galactic billiards among three massive black holes.
Credits: NASA’s Goddard Space Flight Center; Lead Producer: Paul Morris
NASA’s upcoming Nancy Grace Roman Space Telescope will have a wide-angle view of the universe with Hubble’s exquisite resolution. As a survey telescope, the Roman observations might find more of these rare and improbable “star streaks” elsewhere in the universe. This may require machine learning using algorithms that are very good at finding specific weird shapes in a sea of other astronomical data, according to van Dokkum.
a novel approach to the problem of scraping web content in a structured way without needing to write the kind of page-specific code web scrapers usually have to deal with. How? Just enlist the help of a natural language AI. Scrapeghost relies on OpenAI’s GPT API to parse a web page’s content, pull out and classify any salient bits, and format it in a useful way.
What makes Scrapeghost different is how data gets organized. For example, when instantiating scrapeghost one defines the data one wishes to extract. For example:
The kicker is that this format is entirely up to you! The GPT models are very, very good at processing natural language, and scrapeghost uses GPT to process the scraped data and find (using the example above) whatever looks like a name, district, party, photo, and office address and format it exactly as requested.
It’s an experimental tool and you’ll need an API key from OpenAI to use it, but it has useful features and is certainly a novel approach. There’s a tutorial and even a command-line interface, so check it out.
In VR, a blink can be a window of opportunity to improve the user’s experience. We’ll explain how in a moment, but blinks are tough to capitalize on because they are unpredictable and don’t last very long. That’s why researchers spent time figuring out how to induce eye blinks on demand in VR (video) and the details are available in a full PDF report. Turns out there are some novel, VR-based ways to reliably induce blinks. If an application can induce them, it makes it easier to use them to fudge details in helpful ways.
It turns out that humans experience a form of change blindness during blinks, and this can be used to sneak small changes into a scene in useful ways. Two examples are hand redirection (HR), and redirected walking (RDW). Both are ways to subtly break the implicit one-to-one mapping of physical and virtual motions. Redirected walking can nudge a user to stay inside a physical boundary without realizing it, leading the user to feel the area is larger than it actually is. Hand redirection can be used to improve haptics and ergonomics. For example, VR experiences that use physical controls (like a steering wheel in a driving simulator, or maybe a starship simulator project like this one) rely on physical and virtual controls overlapping each other perfectly. Hand redirection can improve the process by covering up mismatches in a way that is imperceptible to the user.
There are several known ways to induce a blink reflex, but it turns out that one novel method is particularly suited to implementing in VR: triggering the menace reflex by simulating a fast-approaching object. In VR, a small shadow appears in the field of view and rapidly seems to approach one’s eyes. This very brief event is hardly noticeable, yet reliably triggers a blink. There are other approaches as well such as flashes, sudden noise, or simulating the gradual blurring of vision, but to be useful a method must be unobtrusive and reliable.
The Bruce Murray Laboratory for Planetary Visualization has completed a 5.7 terapixel mosaic of the surface of Mars rendered at 5.0 m/px. Each pixel in the mosaic is about the size of a typical parking space, providing unprecedented resolution of the martian surface at the global scale.
The mosaic covers 99.5% of Mars from 88°S to 88°N. The pixels that make up the mosaic can all be mapped back to their source data, providing full traceability for the entire mosaic. The mosaic is available to stream over the internet and to download, as described below.
All data in the mosaic come from the Context Camera (CTX) onboard the Mars Reconnaissance Orbiter (MRO).
Below is the entire mosaic within a 3D viewer. Click “See the Mosaic in 3D,” or click here to see it in a new window.
Right now, developers simply need to declare to Google that account deletion is somehow possible, but beginning next year, developers will have to make it easier to delete data through both their app and an online portal. Google specifies:
For apps that enable app account creation, developers will soon need to provide an option to initiate account and data deletion from within the app and online.
This means any app that lets you create an account to use it is required to allow you to delete that information when you’re done with it (or rather, request the developer delete the data from their servers). Although you can request that your data be deleted now, it usually requires manually contacting the developer to remove it. This new policy would mean developers have to offer a kill switch from the get-go rather than having Android users do the leg work.
The web deletion requirement is particularly new and must be “readily discoverable.” Developers must provide a link to a web form from the app’s Play Store landing page, with the idea being to let users delete account data even if they no longer have the app installed. Per the existing Android developer policy, all apps must declare how they collect and handle user data—Google introduced the policy in 2021 and made it mandatory last year. When you go into the Play Store and expand the “Data Safety” section under each app listing, developers list out data collection by criteria.
Simply removing an app from your Android device doesn’t completely scrub your data. Like software on a desktop operating system, files and folders are sometimes left behind from when the app was operating. This new policy will hopefully help you keep your data secure by wiping any unnecessary account info from the app developer’s servers, but also hopes to cut down on straggling data on your device. Conversely, you don’t have to delete your data if you think you’ll come to the app later. When it says you have a “choice,” Google wants to ensure it can point to something obvious.
It’s unclear how Google will determine if a developer follows the rules. It is up to the app developer to disclose whether user-specific app data is actually deleted. Earlier this year, Mozilla called out Google after discovering significant discrepancies between the top 20 most popular free apps’ internal privacy policies and those they listed in the Play Store.
A Cornell University researcher has developed sonar glasses that “hear” you without speaking. The eyeglass attachment uses tiny microphones and speakers to read the words you mouth as you silently command it to pause or skip a music track, enter a passcode without touching your phone or work on CAD models without a keyboard.
Cornell Ph.D. student Ruidong Zhang developed the system, which builds off a similar project the team created using a wireless earbud — and models before that which relied on cameras. The glasses form factor removes the need to face a camera or put something in your ear. “Most technology in silent-speech recognition is limited to a select set of predetermined commands and requires the user to face or wear a camera, which is neither practical nor feasible,” said Cheng Zhang, Cornell assistant professor of information science. “We’re moving sonar onto the body.”
The researchers say the system only requires a few minutes of training data (for example, reading a series of numbers) to learn a user’s speech patterns. Then, once it’s ready to work, it sends and receives sound waves across your face, sensing mouth movements while using a deep learning algorithm to analyze echo profiles in real time “with about 95 percent accuracy.”
The system does this while offloading data processing (wirelessly) to your smartphone, allowing the accessory to remain small and unobtrusive. The current version offers around 10 hours of battery life for acoustic sensing. Additionally, no data leaves your phone, eliminating privacy concerns. “We’re very excited about this system because it really pushes the field forward on performance and privacy,” said Cheng Zhang. “It’s small, low-power and privacy-sensitive, which are all important features for deploying new, wearable technologies in the real world.”
Shadetree hackers—or, as they’re more commonly called, tech-savvy thieves—have found a new way to steal cars. No, it’s not a relay attack, Bluetooth exploit, key fob replay, or even a USB cable. Instead, these thieves are performing a modern take on hot-wiring without ever ripping apart the steering column.
Crafty criminals have resorted to using specially crafted devices that simply plug into the wiring harness behind the headlight of a victim’s car. Once they’re plugged in, they’re able to unlock, start, and drive away before the owner even catches wind of what’s going on.
Last year, Ian Tabor, who runs the UK chapter of Car Hacking Village, had his Toyota RAV4 stolen from outside of his home near London. Days prior to the theft, he found that thieves had damaged his car without successfully taking it. It wasn’t quite clear if it was a case of vandalism, or if the thieves had tried to make off with the car’s front bumper, but he did notice that the headlight harness had been yanked out.
Ultimately, his car wound up missing when thieves successfully made away with it. And after Tabor’s car was stolen, so was his neighbor’s Toyota Land Cruiser. But, folks, this is 2023. It’s not like you can just hotwire a car and drive away as the movies suggest. This got Tabor curious—after all, hacking cars is something he does for fun. How exactly did the thieves make off with his car?
Tabor got to work with Toyota’s “MyT” app. This is Toyota’s telematics system which pumps Diagnostic Trouble Codes up to the automaker’s servers rather than forcing you to plug in a code reader to the car’s OBD2 port. Upon investigation, Tabor noticed that his Rav4 kicked off a ton of DTCs just prior to being stolen—one of which was for the computer that controls the car’s exterior lighting.
This led Tabor to wonder if the thieves somehow made use of the vehicle CAN Bus network to drive away with his car. After scouring the dark web, Tabor was able to locate expensive tools claiming to work for various automakers and models, including BMW, Cadillac, Chrysler, Fiat, Ford, GMC, Honda, Jeep, Jaguar, Lexus, Maserati, Nissan, Toyota, as well as Volkswagen. The cost? As much as $5,400, but that’s a drop in the bucket if they can actually deliver on the promise of enabling vehicle theft.
Tabor decided to order one of these devices to try out himself. Together with Ken Tindell, the CTO of Canis Automotive Labs, the duo tore down a device to find out what made it tick and publish a writeup of their findings.
As it turns out, the expensive device was comprised of just $10 in components. The real magic is in the programming, which was set up to inject fake CAN messages into the car’s actual CAN Bus network. The messages essentially tricked the car into thinking a trusted key was present, which convinced the CAN Gateway (the component that filters out CAN messages into their appropriate segmented networks) into passing along messages instructing the car to disable its immobilizer, unlocking the doors, and essentially allowed the thieves to just away.
What’s more, is that the device simply looked like an ordinary portable speaker. The guts were stuffed inside the shell of a JBL-branded Bluetooth speaker, and all the thief needs to do is simply power the device on.
Once the device is on and plugged in, it wakes up the CAN network by sending a frame—similar to if you were to pull on a door handle, approach with a passive entry key, or hit a button on your fob. It then listens for a specific CAN message to begin its attack. The device then emulates a hardware error which tricks other ECUs on the CAN network to stop sending messages so that the attacking device has priority to send its spoofed messages to CAN devices.
The pause of valid messages is when the device is able to go into attack mode. It then sends the spoofed “valid key present” messages to the gateway which makes the car think that an actual valid key is being used to control the vehicle. Next, the attacker simply presses the speaker’s “play” button, and the car’s doors are unlocked.
Given that the manufacturer of these CAN injection devices claims that the devices are so effective against a myriad of makes and models, it would seem that this could be an industry-wide problem that may take some brainstorming to fix.
The good news is that this type of attack can be thwarted. While there are quick-and-dirty methods that could potentially be re-defeated in the long run, an automaker looking to prevent this type of attack by encrypting its CAN Bus network. According to Tindell, Canis is working on a similar project to retrofit U.S. military vehicles with a similar encryption scheme, similar to what he suggests as the fix for commercial vehicles experiencing this issue.
Several law enforcement agencies have teamed up to take down Genesis Market, a website selling access to “over 80 million account access credentials,” which included the standard usernames and passwords, as well as much more dangerous data like session tokens. According to a press release from the US Department of Justice, the site was seized on Tuesday. The European Union Agency for Law Enforcement Cooperation (or Europol) says that 119 of the site’s users have been arrested.
Genesis Marketplace has been around since 2018, according to the Department of Justice, and was “one of the most prolific initial access brokers (IABs) in the cybercrime world.” It let hackers search for certain types of credentials, such as ones for social media accounts, bank accounts, etc., as well as search for credentials based on where in the world they came from.
The agencies have teamed up with HaveIBeenPwned.com to make it easy for the public to check if their login credentials were stolen, and I’d highly recommend doing so — because of the way Genesis worked, this isn’t the typical “just change your password and you’ll be fine scenario.” For instructions on how to check whether Genesis was selling your stolen info, check out the writeup from Troy Hunt, who runs HaveIBeenPwned.
(The TL;DR is that you should sign up for HIBP’s email notification service with all of your important email addresses, and then be sure to click the “Verify email” button in the confirmation email. Just searching for your email on the site won’t tell you if you were impacted.)
[…]
While Genesis Marketplace traded in usernames and passwords, it also sold access to users’ cookies and browser fingerprints as well, which could let hackers bypass protections like two-factor authentication. Cookies — or login tokens, to be specific — are files that websites store on your computer to show that you’ve already logged in by correctly entering your password and two-factor authentication information. They’re the reason you don’t have to log into a website each time you visit it. (They’re also the reason that the joint effort to take down Genesis was given the delightful codename “Operation Cookie Monster.”)
[…]
Genesis stole the fingerprints, too. What’s more, it even provided a browser extension that let hackers spoof the victim’s fingerprint while using their login cookie to gain access to an account, according to a 2019 report from ZDNET.
A unit of the Russian military intelligence service GROe has hacked routers of Dutch private individuals and small and medium-sized companies. The Military Intelligence Service (MIVD) has discovered this, writes de Volkskrant.
The routers are part of a worldwide attack network and can, for example, destroy or paralyze the network of ministries. It is estimated that there are thousands of hacked devices in the hands of the Russian unit worldwide. In the Netherlands, this would involve several dozen routers.
The hacked devices are more advanced routers of computers often located at small businesses. The Russian unit will take over the routers and can monitor and control them, investigative journalist Huib Modderkolk told NOS Radio 1 Journaal.
According to him, this unit was created to sabotage: “It is also called the most dangerous hacking group in the world.” ‘We know what you’re doing’
The MIVD discovered the digital attack because the service saw many Dutch IP addresses. According to Modderkolk, the victims often do not realize that they have been hacked. By accepting the router’s default settings or using a simple password, these routers are easy to hack. Individuals and companies have now been informed by the MIVD.
It is striking that the MIVD makes this information public: “They hope for more awareness that this is actually going on, but the aim is also to let the Russians know: ‘we know what you are doing'”. According to Modderkolk, this is a development of recent years, and the British and Americans are also increasingly disclosing this type of sensitive information. Disinformation and cyber threats
The National Coordinator for Counterterrorism and Security (NCTV) has already warned of disinformation and cyber threats in connection with the war in Ukraine. These cyber attacks could affect the communication system of banks or hospitals, among others. At the moment there are no specific threats, but due to the rapid developments of the war, this could change quickly.
It is not clear whether the hack of the Russian hacker group has to do with the war in Ukraine.
Human memory might be even more unreliable than currently thought. In a new study, scientists found that it’s possible for people to form false memories of an event within seconds of it occurring. This almost-immediate misremembering seems to be shaped by our expectations of what should happen, the team says.
[…]
they recruited hundreds of volunteers over a series of four experiments to complete a task: They would look at certain letters and then be asked to recall one highlighted letter right after. However, the scientists used letters that were sometimes reversed in orientation, so the volunteers had to remember whether their selection was mirrored or not (for example, correctly identifying whether they saw c vs ↄ). They also focused on the volunteers who were highly confident about their choices during the task.
Overall, the participants regularly misremembered the letters, but in a specific way. People were generally good at remembering when a typical letter was shown, with their inaccuracy rates hovering around 10%. But they were substantially worse at remembering a mirrored letter, with inaccuracy rates up to 40% in some experiments. And, interestingly enough, their memory got worse the longer they had to wait before recalling it. When they were asked to recall what they saw a half second later, for instance, they were wrong less than 20% of the time, but when they were asked three seconds later, the rate rose as high as 30%.
According to Otten, the findings—published Wednesday in PLOS One—indicate that our memory starts being shaped almost immediately by our preconceptions. People expect to see a regular letter, and don’t get easily fooled into misremembering a mirrored letter. But when the unexpected happens, we might often still default to our missed prediction. This bias doesn’t seem to kick in instantaneously, though, since people’s short-term memory was better when they had to be especially quick on their feet.
“It is only when memory becomes less reliable through the passage of a tiny bit of time, or the addition of extra visual information, that internal expectations about the world start playing a role,” Otten said.
Some users of Microsoft’s free Outlook hosted service are finding they can no longer send or receive emails because of how the Windows giant now calculates the storage of attachments.
Microsoft account holders are allowed to hold up to 15GB in their cloud-hosted email, which until recently included text and attachments, and 5GB in their OneDrive storage. That policy changed February 1. Since then, attachments now count as part of the 5GB OneDrive allowance – and if that amount is exceeded, it throws a wrench into the email service.
It doesn’t change the storage amount available in Outlook.com, but could in OneDrive.
“This update may reduce how much cloud storage you have available to use with your OneDrive,” Microsoft wrote in a support note posted before the change. “If you reach your cloud storage quota, your ability to send and receive emails in Outlook.com will be disrupted.”
Redmond added that the plan was to gradually roll out the cloud storage changes and new quota bar starting February 1 across users’ app and Windows settings and Microsoft accounts. Two months later, that gradual rollout is beginning to hit more and more users.
One reader told The Register that his Outlook recently stopped working and indicated that he had surpassed the 5GB storage limit, reaching 6.1GB. He was unaware of the policy change, so he was confused when he saw that in his email account he had used only 6.8GB of the 15GB allowed.
It was the change in how attachments are added that tripped him up. Microsoft told him about the new policy.
No one deletes attachments every time an email is received. This is like blackmail “So instantly, I have lost 10GB of email capacity and because my attachments were greater than 5GB that instantly disabled my email and triggered bounce-backs (even sending and receiving with no attachments),” the reader told us.
“No one deletes attachments every time an email is received. This is like blackmail. MS is forcing us to buy a subscription by the back door or to have to delete emails with attachments on a regular basis ad infinitum.”
He isn’t the only one perplexed by the issue.
[…]
One who apparently was unaware that it was the attachments shifting over to OneDrive causing the email problems deleted a lot of emails, only to find it didn’t change the “storage used” amount.
“We could see inside people’s garages and their private properties,” a former employee told Reuters. “Let’s say that a Tesla customer had something in their garage that was distinctive, you know, people would post those kinds of things.”
One office in particular, located in San Mateo, reportedly had a “free-wheeling” atmosphere, where employees would share videos and images with wild abandon. These pics or vids would often be “marked-up” via Adobe photoshop, former employees said, converting drivers’ personal experiences into memes that would circulate throughout the office.
“The people who buy the car, I don’t think they know that their privacy is, like, not respected,” one former employee was quoted as saying. “We could see them doing laundry and really intimate things. We could see their kids.”
Another former employee seemed to admit that all of this was very uncool: “It was a breach of privacy, to be honest. And I always joked that I would never buy a Tesla after seeing how they treated some of these people,” the employee told the news outlet. Yes, it’s always a vote of confidence when a company’s own employees won’t use the products that they sell.
Privacy concerns related to Tesla’s data-guzzling autos aren’t exactly new. Back in 2021, the Chinese government formally banned the vehicles on the premises of certain military installations, calling the company a “national security” threat. The Chinese were worried that the cars’ sensors and cameras could be used to funnel data out of China and back to the U.S. for the purposes of espionage. Beijing seems to have been on to something—although it might be the case that the spying threat comes less from America’s spooks than it does from bored slackers back at Tesla HQ.
One of the reasons that Tesla’s cameras seem so creepy is that you can never really tell if they’re on or not. A couple of years ago, a stationary Tesla helped catch a suspect in a Massachusetts hate crime, when its security system captured images of the man slashing tires in the parking lot of a predominantly Black church. The man was later arrested on the basis of the photos.
Reuters notes that it wasn’t ultimately “able to determine if the practice of sharing recordings, which occurred within some parts of Tesla as recently as last year, continues today or how widespread it was.”
With all this in mind, you might as well always assume that your Tesla is watching, right? And, now that Reuters’ story has come out, you should also probably assume that some bored coder is also watching—potentially in the hopes of converting your dopiest in-car moment into a meme.
Private camera recordings, captured by cars, were shared in chat rooms: ex-workers Circulated clips included one of child being hit by car: ex-employees Tesla says recordings made by vehicle cameras ‘remain anonymous’ One video showed submersible vehicle from James Bond film, owned by Elon Musk
LONDON/SAN FRANCISCO, April 6 (Reuters) – Tesla Inc assures its millions of electric car owners that their privacy “is and will always be enormously important to us.” The cameras it builds into vehicles to assist driving, it notes on its website, are “designed from the ground up to protect your privacy.”
But between 2019 and 2022, groups of Tesla employees privately shared via an internal messaging system sometimes highly invasive videos and images recorded by customers’ car cameras, according to interviews by Reuters with nine former employees.
Some of the recordings caught Tesla customers in embarrassing situations. One ex-employee described a video of a man approaching a vehicle completely naked.
Also shared: crashes and road-rage incidents. One crash video in 2021 showed a Tesla driving at high speed in a residential area hitting a child riding a bike, according to another ex-employee. The child flew in one direction, the bike in another. The video spread around a Tesla office in San Mateo, California, via private one-on-one chats, “like wildfire,” the ex-employee said.
Other images were more mundane, such as pictures of dogs and funny road signs that employees made into memes by embellishing them with amusing captions or commentary, before posting them in private group chats. While some postings were only shared between two employees, others could be seen by scores of them, according to several ex-employees.
Tesla states in its online “Customer Privacy Notice” that its “camera recordings remain anonymous and are not linked to you or your vehicle.” But seven former employees told Reuters the computer program they used at work could show the location of recordings – which potentially could reveal where a Tesla owner lived.
One ex-employee also said that some recordings appeared to have been made when cars were parked and turned off. Several years ago, Tesla would receive video recordings from its vehicles even when they were off, if owners gave consent. It has since stopped doing so.
“We could see inside people’s garages and their private properties,” said another former employee. “Let’s say that a Tesla customer had something in their garage that was distinctive, you know, people would post those kinds of things.”
Tesla didn’t respond to detailed questions sent to the company for this report.
About three years ago, some employees stumbled upon and shared a video of a unique submersible vehicle parked inside a garage, according to two people who viewed it. Nicknamed “Wet Nellie,” the white Lotus Esprit sub had been featured in the 1977 James Bond film, “The Spy Who Loved Me.”
The vehicle’s owner: Tesla Chief Executive Elon Musk, who had bought it for about $968,000 at an auction in 2013. It is not clear whether Musk was aware of the video or that it had been shared.
To report this story, Reuters contacted more than 300 former Tesla employees who had worked at the company over the past nine years and were involved in developing its self-driving system. More than a dozen agreed to answer questions, all speaking on condition of anonymity.
Reuters wasn’t able to obtain any of the shared videos or images, which ex-employees said they hadn’t kept. The news agency also wasn’t able to determine if the practice of sharing recordings, which occurred within some parts of Tesla as recently as last year, continues today or how widespread it was. Some former employees contacted said the only sharing they observed was for legitimate work purposes, such as seeking assistance from colleagues or supervisors.
In a future fight, control of advanced drones belonging to the U.S. Navy and U.S. Air Force could be passed back and forth between assets from either service as the situation demands. Uncrewed platforms are set to make up the majority of the Navy’s future carrier air wings, with up to 60 percent of all aircraft on each flattop eventually being pilotless.
Navy Rear Adm. Andrew “Bucket” Loiselle provided details on the service’s advanced aviation plans, including new drones and sixth-generation crewed stealth combat jets, and cooperation with the Air Force on these efforts during a panel discussion yesterday at the Navy League’s annual Sea-Air-Space conference and exhibition. These efforts are part of the service’s broader Next Generation Air Dominance (NGAD) program that you can learn about here. Loiselle is currently the director of the Air Warfare Division, also referred to as N98, within the Office of the Chief of Naval Operations.
[…]
n a future fight, control of advanced drones belonging to the U.S. Navy and U.S. Air Force could be passed back and forth between assets from either service as the situation demands. Uncrewed platforms are set to make up the majority of the Navy’s future carrier air wings, with up to 60 percent of all aircraft on each flattop eventually being pilotless.
Navy Rear Adm. Andrew “Bucket” Loiselle provided details on the service’s advanced aviation plans, including new drones and sixth-generation crewed stealth combat jets, and cooperation with the Air Force on these efforts during a panel discussion yesterday at the Navy League’s annual Sea-Air-Space conference and exhibition. These efforts are part of the service’s broader Next Generation Air Dominance (NGAD) program that you can learn about here. Loiselle is currently the director of the Air Warfare Division, also referred to as N98, within the Office of the Chief of Naval Operations.
In a future fight, control of advanced drones belonging to the U.S. Navy and U.S. Air Force could be passed back and forth between assets from either service as the situation demands. Uncrewed platforms are set to make up the majority of the Navy’s future carrier air wings, with up to 60 percent of all aircraft on each flattop eventually being pilotless.
Navy Rear Adm. Andrew “Bucket” Loiselle provided details on the service’s advanced aviation plans, including new drones and sixth-generation crewed stealth combat jets, and cooperation with the Air Force on these efforts during a panel discussion yesterday at the Navy League’s annual Sea-Air-Space conference and exhibition. These efforts are part of the service’s broader Next Generation Air Dominance (NGAD) program that you can learn about here. Loiselle is currently the director of the Air Warfare Division, also referred to as N98, within the Office of the Chief of Naval Operations.
null
null
“As we looked upon that air wing of the future, we have numerous unmanned systems,” Loiselle said. “You’ve heard talk about CCAs [and] MQ-25.”
CCA stands for Collaborative Combat Aircraft and is a term that originated with the Air Force to describe future advanced drones with high degrees of autonomy intended to operate collaboratively with crewed platforms. Secretary of the Air Force Frank Kendall announced earlier this year that the service had begun doing future planning around a fleet of at least 1,000 CCAs, as well as 200 crewed sixth-generation stealth combat jets, all being developed as part of its own separate multi-faceted NGAD program. The CCA figure was based on a notional concept of operations that would pair two of the drones with each of the 200 NGAD combat jets and 300 stealthy F-35A Joint Strike Fighters.
However, the Air Force is still very much refining its CCA fleet structure plans, which could grow to include an even larger total number of CCAs with different types geared toward different mission sets. It’s also still figuring out how it intends to deploy and employ them. The Navy appears to be doing much the same, in increasingly close coordination with the Air Force.
“We’re developing an unmanned control station that’s already installed on three aircraft carriers, and that will be the control station for any UAS [uncrewed aerial systems] that we buy,” Rear Adm. Loiselle added. “[There is] unbelievable cooperation with the Air Force right now in the development of mission systems for both sixth-gen [combat jets] and CCAs… I’m very close to getting a signed agreement with the Air Force where we’re going to have the ability for the Navy to control Air Force CCAs and the Air Force to control Navy CCAs.”
The Navy has previously said that the MQ-25 would be deployed first on the Nimitz class carriers USS Dwight D. Eisenhower and USS George H.W. Bush, and the latter ship has been actively used for testing that drone. It was announced last year that the plans had changed and that USS Theodore Roosevelt, another Nimitz class ship, would be the first to host the Stingray.
The expectation is that future CCAs will also be able to be controlled by various aircraft in the course of operations. The Navy has specifically said in the past that one of the core missions for its future sixth-generation crewed combat jet, also referred to as F/A-XX, will be acting as a “quarterback” for drones.
For the Navy and the Air Force, being able to readily exchange control of future drones will be key to ensuring operational flexibility. During the panel discussion yesterday, Rear Adm. Loiselle outlined a broader future naval vision where this capability could be particularly valuable.
[…]
“The bottom line is when we’re building our future force that’s going to be 60 percent unmanned, then we’re going to look different than we do today. And we are no longer going to have a fighting force that has 44 strike fighters on the deck, because that’s incompatible with a 60 percent unmanned air wing,” the rear admiral explained. “So we’re going to have to change the narrative, from 44 strike fighters to how many targets can I get at what range at what time intervals, because that’s the true metric that matters.”
“The type of platform that delivers that ordnance is less important than the ability to do so,” he continued. “So we need to look at the entire portfolio that is present within the carrier strike group and how we generate that effect. Equally, we need to be cognizant of what’s available in the joint force, such that we don’t duplicate capabilities that would work within our part of that plan execution.”
[…]
With all this in mind, carrier strike groups, as well as potentially other naval assets, being able to readily take control of Air Force drones during operations in certain circumstances, and vice versa, could be extremely useful. A Navy carrier air wing or Air Force elements in the same region might be able to provide more on-demand escorts or other support for each other’s crewed platforms, including tactical combat jets and larger aircraft like bombers, tankers, and airlifters. Current and future Air Force assets capable of flying very long distances themselves, such as the forthcoming B-21 Raider stealth bomber, could even take control of Navy uncrewed aircraft using more localized line-of-sight links to help with their immediate missions, too.
null
For instance, long-range Air Force platforms like the B-21 could ‘pick up’ CCAs launched from a carrier operating far forward of any land base. They would then fly their mission into contested airspace with the help of their unmanned wingmen, then return them back to Navy control once they head back out of the high-threat area and towards the carrier’s area of operation. Unmanned tactical aircraft have a significant range advantage over their manned counterparts, which is a factor as well.
Beyond this, just being able to share fleets when in the air between the services opens up huge possibilities and operational synergies.
An Australian engineering company has created a cardboard drone that runs on open source software, standard hardware, and can be assembled and flown with no prior experience.
The Corvo Precision Payload Delivery System (PPDS) costs less than $3,500 apiece, a price made possible by the craft’s use of FOSS and commercial-off-the-shelf hardware.
Michael Partridge, SYPAQ’s general manager for Innovation & Strategic Programs (I&SP), told The Register that Corvo uses ArduPilot autopilot software, unspecified hardware that SYPAQ customizes, and waxed cardboard.
The drone takes around an hour to assemble, we’re told, and its lithium-ion batteries give it a range of up to 100km (62 miles) with a 3kg (6.6lb) payload.
The craft ships in a flat pack complete with tape, glue, and instructions on how to assemble it. A tablet computer is also included so users can tell Corvo where to fly by entering GPS coordinates. A wired connection to upload that flight plan is required, but once Corvo is aloft, it will proceed along its route, at a specified altitude, and land itself at its determined destination.
Partridge declined to discuss details of the tech on board the drones for operational reasons but said SYPAQ has ensured that flight plans are encrypted so that if a Corvo is captured, the location of its pilots can’t be retrieved.
SYPAQ will happily ship a single Corvo, but also offers a “capability pack” that includes multiple craft, spares, and the slingshot-powered launch ramp the craft needs to get airborne.
Partridge said single Corvo units have survived more than 20 flights and that the waxed cardboard wing can handle moisture well, without losing its aerodynamic qualities.
Users in the Ukrainian armed forces have adapted the craft to different roles too. Partridge said adding a camera requires some light hacking – of the drone’s cardboard airframe.
“It has a cargo bay [and] you can do whatever you want in there within the 3kg payload. You can cut a hole through the aircraft to look through it and insert a camera.”
For now, SYPAQ hasn’t given Corvo’s onboard computer wireless capabilities, partly to reduce cost and partly to ensure stealth. But Partridge said Corvos have carried action cameras like the GoPro and users are happy to retrieve removable media once the plane lands. SYPAQ is working on payloads that allow wireless transmission of images, possibly over long distances.
[…] The behavior of the 248 Siberian tigers observed through a personality test showed that the endangered cats had unique traits influencing both their success in reproduction and survival, researchers reported in the journal Royal Society Open Science.
“We found that tigers are very individual, and that people who’ve worked with them and know them well see their individual personalities,” co-author Rosalind Arden of the London School of Economics told AFP.
The study adapted a commonly used human personality test to explore tiger traits such as confidence, sincerity, bullying and savagery in two separate populations of tigers held in semi-captivity in China.
Questionnaires with a list of 70 personality indicators were filled out by veterinarians and feeders who work with the tigers on a daily basis.
The combined results found that both tiger populations displayed characteristics that fell into two overarching personality categories: majesty and steadiness.
Tigers scoring higher for “majesty” were healthier, preyed more on live animals, and ate and mated more.
They were also “regarded by their human raters as having higher group status among tigers,” the study said.
But being collaborative and gentler had its evolutionary benefits too: “steady” tigers were shown to be gentler, more sincere and more loving.
Such traits may play a role in the unusual length of time—two to three years—that tiger cubs remain with their mothers.
The study found very few sex-related differences in tigers’ personalities, however, and father tigers have also been observed taking part in raising their young.
“It’s pleasant to see that you don’t have to be dominant, fierce, competitive and aggressive in order to succeed as a tiger,” said Arden.
Similar studies illuminating the personality and mental abilities of primates have helped humanize them, Arden said.
“There is evidence that it does, in fact, improve animal welfare and conservation,” she added.
Siberian tigers are endangered due to poaching and habitat loss. Only around 500 remain living in the wild.
More information: Rosalind Arden et al, Majestic tigers: personality structure in the great Amur cat, Royal Society Open Science (2023). DOI: 10.1098/rsos.220957
Osmotic energy is a renewable energy with zero emissions and minimal daily variations. However, the membranes for osmotic energy harvesting must have multiple properties that are thought to be impossible to realize to make this technology viable. Here, we show that cartilage-inspired cation-selective composite membrane assembled from aramid nanofibers and boron nitride nanosheets make it possible by a layer-by-layer assembly technology. The osmotic energy can be harvested by both salt concentration gradient and pressure-driven streaming because of the high mechanical and transport characteristics of the membranes. The combination of high strength, toughness, chemical resilience, rapid ion transport, and structural versatility of aramid-boron nitride composites makes it a promising candidate for osmotic energy harvesting under realistic operational conditions and life-cycle requirements.
Summary
Osmotic energy represents a widespread and reliable source of renewable energy with minimal daily variability. The key technological bottleneck for osmotic electricity is that membranes must combine highly efficient ion rectification and high ionic flux with long-term robustness in seawater. Here, we show that nanocomposite membranes with structural organization inspired by soft biological tissues with high mechanical and transport characteristics can address these problems. The layered membranes engineered with molecular-scale precision from aramid nanofibers and BN nanosheets simultaneously display high stiffness and tensile strength even when exposed to repeated pressure drops and salinity gradients. The total generated power density over large areas exceeded 0.6 W m−2 and was retained for as long as 20 cycles (200 h), demonstrating exceptional robustness. Furthermore, the membranes showed high performance in osmotic energy harvesting in unprecedentedly wide ranges of temperature (0°C–95°C) and pH (2.8–10.8) essential for the economic viability of osmotic energy generators.
The experiment relies on materials that can change their optical properties in fractions of a second, which could be used in new technologies or to explore fundamental questions in physics.
The original double-slit experiment, performed in 1801 by Thomas Young at the Royal Institution, showed that light acts as a wave. Further experiments, however, showed that light actually behaves as both a wave and as particles – revealing its quantum nature.
These experiments had a profound impact on quantum physics, revealing the dual particle and wave nature of not just light, but other ‘particles’ including electrons, neutrons, and whole atoms.
Now, a team led by Imperial College London physicists has performed the experiment using ‘slits’ in time rather than space. They achieved this by firing light through a material that changes its properties in femtoseconds (quadrillionths of a second), only allowing light to pass through at specific times in quick succession.
Lead researcher Professor Riccardo Sapienza, from the Department of Physics at Imperial, said: “Our experiment reveals more about the fundamental nature of light while serving as a stepping-stone to creating the ultimate materials that can minutely control light in both space and time.”
Details of the experiment are published today in Nature Physics.
[…]
The material the team used was a thin film of indium-tin-oxide, which forms most mobile phone screens. The material had its reflectance changed by lasers on ultrafast timescales, creating the ‘slits’ for light. The material responded much quicker than the team expected to the laser control, varying its reflectivity in a few femtoseconds.
The material is a metamaterial – one that is engineered to have properties not found in nature. Such fine control of light is one of the promises of metamaterials, and when coupled with spatial control, could create new technologies and even analogues for studying fundamental physics phenomena like black holes.
Co-author Professor Sir John Pendry said: “The double time slits experiment opens the door to a whole new spectroscopy capable of resolving the temporal structure of a light pulse on the scale of one period of the radiation.”
The team next want to explore the phenomenon in a ‘time crystal’, which is analogous to an atomic crystal, but where the optical properties vary in time.
Co-author Professor Stefan Maier said: “The concept of time crystals has the potential to lead to ultrafast, parallelized optical switches.”
US Immigration and Customs Enforcement agents are using an obscure legal tool to demand data from elementary schools, news organizations, and abortion clinics in ways that, some experts say, may be illegal.
While these administrative subpoenas, known as 1509 custom summonses, are meant to be used only in criminal investigations about illegal imports or unpaid customs duties, WIRED found that the agency has deployed them to seek records that seemingly have little or nothing to do with customs violations, according to legal experts and several recipients of the 1509 summonses.
A WIRED analysis of an Immigration and Customs Enforcement (ICE) subpoena tracking database, obtained through a Freedom of Information Act request, found that agents issued custom summons more than 170,000 times from the beginning of 2016 through mid-August 2022. The primary recipients of 1509s include telecommunications companies, major tech firms, money transfer services, airlines, and even utility companies. But it’s the edge cases that have drawn the most concern among legal experts,
The outlier cases include custom summonses that sought records from a youth soccer league in Texas; surveillance video from a major abortion provider in Illinois; student records from an elementary school in Georgia; health records from a major state university’s student health services; data from three boards of elections or election departments; and data from a Lutheran organization that provides refugees with humanitarian and housing support.
In at least two instances, agents at ICE used the custom summons to pressure news organizations to reveal information about their sources.
All of this is done without judicial oversight.
[…]
The 1509 customs summons is an administrative subpoena explicitly and exclusively meant for use in investigations of illegal imports or unpaid customs duties under a law known as Title 19 US Code 1509. Its goal is to provide agencies like ICE with a way to obtain business records from companies without having to go to a judge for a warrant.
[…]
Without access to the underlying subpoenas ICE issued in each use of a 1509, it’s difficult to know exactly why companies in the database were issued customs summonses. However, nearly everyone we spoke to was concerned about the types of organizations that received these summonses. Our investigation found that ICE issued scores of customs summonses to hospitals and hundreds to elementary schools, high schools, and universities. “It’s disturbing,” Mao says. “I really can’t imagine how a student or a health record could possibly be relevant to a permissible customs investigation under the law.”
To figure out if these summonses were issued for customs investigations, we contacted 30 organizations that received them. Most did not respond, and many who did refused to speak on the record for fear of retaliation.
[…]
In March last year, US senator Ron Wyden, an Oregon Democrat who chairs the Senate Finance Committee, revealed that ICE had been using 1509 customs summonses to obtain millions of money transfer records, which were added to a database that was shared with hundreds of law enforcement agencies across the country. According to the American Civil Liberties Union (ACLU), it was one of the largest government surveillance programs in recent memory.
Immediately after Wyden’s investigation, the number of customs summons issued by ICE fell from 3,683 in March 2022 to 1,650 by the end of August, according to the records WIRED obtained.
Some of the data was mistaken as noise when first collected up to 40 years ago, and researchers failed to recognize its significance until now. “When everything was calibrated, we saw clearly that the spectra are consistent across all the missions,” announced Lotfi Ben-Jaffel, lead author of the new research published in Planetary Science Journal on Thursday, and a researcher at the Institute of Astrophysics in Paris and the Lunar & Planetary Laboratory, University of Arizona, in a statement.
“This was possible because we have the same reference point, from Hubble, on the rate of transfer of energy from the atmosphere as measured over decades. It was really a surprise for me. I just plotted the different light distribution data together, and then I realized, wow – it’s the same.”
The researchers traced the increased levels of Lyman-alpha UV radiation to Saturn’s atmosphere, and concluded some external process must be exciting the hydrogen atoms. The most plausible explanation is that the icy particles in Saturn’s rings are crashing down onto Saturn’s atmosphere, causing it to heat up.
These bits and pieces get dislodged by colliding with micrometeorites, or by solar wind particle bombardment, solar ultraviolet radiation, or electromagnetic forces picking up electrically charged dust. Once they are knocked out of place, Saturn’s gravity pulls them in.
“Though the slow disintegration of the rings is well known, its influence on the atomic hydrogen of the planet is a surprise,” Ben-Jaffel said. “From the Cassini probe, we already knew about the rings’ influence. However, we knew nothing about the atomic hydrogen content.”
“Everything is driven by ring particles cascading into the atmosphere at specific latitudes. They modify the upper atmosphere, changing the composition. And then you also have collisional processes with atmospheric gases that are probably heating the atmosphere at a specific altitude,” he explained.
The team believe this phenomenon could provide astronomers with a new way to look for ring systems on exoplanets. If a spacecraft detects similar excess UV radiation bands in the upper atmosphere of a faraway planet, it could mean it might be supporting a ring system like Saturn’s.
The Advertising Middlemen Endangering Rigorous Internet Competition Accountability Act, aka the AMERICA Act. Say what you will about government; Congress’ acronym acumen is untouchable. Introduced by Republican Sen. Mike Lee of Utah, the bill would prohibit companies from owning multiple parts of the digital ad ecosystem if they “process more than $20 billion in digital ad transactions.”
The bill would kneecap Google and Meta, the two biggest players in digital advertising by far, but its provisions seem designed to affect almost every big tech company from Apple to Amazon, too. Google, Meta, Amazon, and Apple did not respond to requests for comment.
The only thing longer than the name of the bill is the stunningly bipartisan list of Senators supporting it: Democrats Amy Klobuchar, Richard Blumenthal, and Elizabeth Warren, and Republicans Ted Cruz, Marco Rubio, Eric Schmitt, Josh Hawley, John Kennedy, Lindsey Graham, J.D. Vance, and Lee. As one observer put it on Twitter, it’s a list of cosponsors “who wouldn’t hold the elevator for each other.” Look at all these little Senators getting along. Isn’t that nice?
[…]
“If enacted into law, this bill would most likely require Google and Facebook to divest significant portions of their advertising businesses—business units that account for or facilitate a large portion of their ad revenue,” Sen. Lee said in a fact sheet about the bill. “Amazon may also have to make divestments, and the bill will impact Apple’s accelerating entry into third-party ads.”
[…]
When you see an ad online, it’s usually the result of a lightspeed bidding war. On one side, the demand side, you have companies who want to buy ads. On the other, the supply side, are apps and websites who have ad space to sell. Advertisers use demand-side tech to compete for the most profitable ad space for their products. Publishers, like Gizmodo.com, use supply-side tech, where they compete to sell the most profitable ads. Sometimes there’s a third piece of tech involved called an “exchange,” which is a service that connects demand-side platforms and supply-side platforms to arrange even more complicated auctions.
Your friends at Google operate the most popular demand-side platform. Google also owns the most popular supply-side platform, and it runs the most popular exchange. And Google is also a publisher, because it sells ad space on places like YouTube and Search. Meta likewise has its hands in multiple corners of the pie. Here’s an analogy: it’s like if the realtor you contracted to represent you in buying a house had also been contracted by the people selling the house. It would be hard to trust that anyone was getting a fair deal, wouldn’t it? That realtor would be in a unique position to jack up the prices for everyone and make extra cash. The dominance is quantifiable—Google itself estimates that it snatches a stunning 35% of every dollar spent on digital ads.
Some people think this is all a little unfair! Unfortunately for Google and Meta, more and more of those people work for the US government.
DGIST Professor Yoonkyu Lee’s research team used intense light on the surface of a copper wire to synthesize graphene, thereby increasing the production rate and lowering the production cost of the high-quality transparent-flexible electrode materials and consequently enabling its mass production. The results were published in the February 23 issue of Nano Energy.
This technology is applicable to various 2D materials, and its applicability can be extended to the synthesis of various metal-2D material nanowires.
The research team used copper-graphene nanowires to implement high-performance transparent-flexible electronic devices such as transparent-flexible electrodes, transparent supercapacitors and transparent heaters and to thereby demonstrate the commercial viability of this material.
DGIST Professor Yoonkyu Lee said, “We developed a method of mass-producing at a low production cost the next-generation transparent-flexible electrode material based on high-quality copper-graphene nanowires. In the future, we expect that this technology will contribute to the production of core electrode materials for high-performance transparent-flexible electronic devices, semitransparent solar cells, or transparent displays.”
More information: Jongyoun Kim et al, Ultrastable 2D material-wrapped copper nanowires for high-performance flexible and transparent energy devices, Nano Energy (2022). DOI: 10.1016/j.nanoen.2022.108067
Italy’s privacy watchdog said Friday it had blocked the controversial robot ChatGPT, saying the artificial intelligence app did not respect user data and could not verify users’ age.
The decision “with immediate effect” will result in “the temporary limitation of the processing of Italian user data vis-a-vis OpenAI”, the Italian Data Protection Authority said.
The agency has launched an investigation.
[…]
The watchdog said that on March 20, the app experienced a data breach involving user conversations and payment information.
It said there was no legal basis to justify “the mass collection and storage of personal data for the purpose of ‘training’ the algorithms underlying the operation of the platform”.
It also said that since there was no way to verify the age of users, the app “exposes minors to absolutely unsuitable answers compared to their degree of development and awareness.”
It said the company had 20 days to respond how it would address the watchdog’s concerns, under penalty of a 20-million-euro ($21.7-million) fine, or up to 4 percent of annual revenues.
I am pretty sure none of the search engines verify age and store user data (ok duckduckgo is an exception) or give answers that may “expose” the little snowflake “minors to absolutely unsuitable answers compared to their degree of development and awareness.”
There is a race on to catch up to OpenAI and people are obviously losing, so crushing OpenAI is the way to go.
[…] The software engineers behind these systems are employees of NTC Vulkan. On the surface, it looks like a run-of-the-mill cybersecurity consultancy. However, a leak of secret files from the company has exposed its work bolstering Vladimir Putin’s cyberwarfare capabilities.
Thousands of pages of secret documents reveal how Vulkan’s engineers have worked for Russian military and intelligence agencies to support hacking operations, train operatives before attacks on national infrastructure, spread disinformation and control sections of the internet.
The company’s work is linked to the federal security service or FSB, the domestic spy agency; the operational and intelligence divisions of the armed forces, known as the GOU and GRU; and the SVR, Russia’s foreign intelligence organisation.
A diagram showing a Vulkan hacking reconnaissance system codenamed Scan, developed since 2018.
One document links a Vulkan cyber-attack tool with the notorious hacking group Sandworm, which the US government said twice caused blackouts in Ukraine, disrupted the Olympics in South Korea and launched NotPetya, the most economically destructive malware in history. Codenamed Scan-V, it scours the internet for vulnerabilities, which are then stored for use in future cyber-attacks.
Another system, known as Amezit, amounts to a blueprint for surveilling and controlling the internet in regions under Russia’s command, and also enables disinformation via fake social media profiles. A third Vulkan-built system – Crystal-2V – is a training program for cyber-operatives in the methods required to bring down rail, air and sea infrastructure. A file explaining the software states: “The level of secrecy of processed and stored information in the product is ‘Top Secret’.”
The Vulkan files, which date from 2016 to 2021, were leaked by an anonymous whistleblower angered by Russia’s war in Ukraine. Such leaks from Moscow are extremely rare. Days after the invasion in February last year, the source approached the German newspaper Süddeutsche Zeitung and said the GRU and FSB “hide behind” Vulkan.
[…]
Five western intelligence agencies confirmed the Vulkan files appear to be authentic. The company and the Kremlin did not respond to multiple requests for comment.
The leak contains emails, internal documents, project plans, budgets and contracts. They offer insight into the Kremlin’s sweeping efforts in the cyber-realm, at a time when it is pursuing a brutal war against Ukraine. It is not known whether the tools built by Vulkan have been used for real-world attacks, in Ukraine or elsewhere.
[…]
Some documents in the leak contain what appear to be illustrative examples of potential targets. One contains a map showing dots across the US. Another contains the details of a nuclear power station in Switzerland.
A map of the US found in the leaked Vulkan files as part of the multi-faceted Amezit system.
One document shows engineers recommending Russia add to its own capabilities by using hacking tools stolen in 2016 from the US National Security Agency and posted online.
John Hultquist, the vice-president of intelligence analysis at the cybersecurity firm Mandiant, which reviewed selections of the material at the request of the consortium, said: “These documents suggest that Russia sees attacks on civilian critical infrastructure and social media manipulation as one and the same mission, which is essentially an attack on the enemy’s will to fight.”
[…]
One of Vulkan’s most far-reaching projects was carried out with the blessing of the Kremlin’s most infamous unit of cyberwarriors, known as Sandworm. According to US prosecutors and western governments, over the past decade Sandworm has been responsible for hacking operations on an astonishing scale. It has carried out numerous malign acts: political manipulation, cyber-sabotage, election interference, dumping of emails and leaking.
Sandworm disabled Ukraine’s power grid in 2015. The following year it took part in Russia’s brazen operation to derail the US presidential election. Two of its operatives were indicted for distributing emails stolen from Hillary Clinton’s Democrats using a fake persona, Guccifer 2.0. Then in 2017 Sandworm purloined further data in an attempt to influence the outcome of the French presidential vote, the US says.
That same year the unit unleashed the most consequential cyber-attack in history. Operatives used a bespoke piece of malware called NotPetya. Beginning in Ukraine, NotPetya rapidly spread across the globe. It knocked offline shipping firms, hospitals, postal systems and pharmaceutical manufacturers – a digital onslaught that spilled over from the virtual into the physical world.
[…]
Hacking groups such as Sandworm penetrate computer systems by first looking for weak spots. Scan-V supports that process, conducting automated reconnaissance of potential targets around the world in a hunt for potentially vulnerable servers and network devices. The intelligence is then stored in a data repository, giving hackers an automated means of identifying targets.
[…]
One part of Amezit is domestic-facing, allowing operatives to hijack and take control of the internet if unrest breaks out in a Russian region, or the country gains a stronghold over territory in a rival nation state, such as Ukraine. Internet traffic deemed to be politically harmful can be removed before it has a chance to spread.
A 387-page internal document explains how Amezit works. The military needs physical access to hardware, such as mobile phone towers, and to wireless communications. Once they control transmission, traffic can be intercepted. Military spies can identify people browsing the web, see what they are accessing online, and track information that users are sharing.
[…]
the firm developed a bulk collection program for the FSB called Fraction. It combs sites such as Facebook or Odnoklassniki – the Russian equivalent – looking for key words. The aim is to identify potential opposition figures from open source data.
[…]
This Amezit sub-system allows the Russian military to carry out large-scale covert disinformation operations on social media and across the internet, through the creation of accounts that resemble real people online, or avatars. The avatars have names and stolen personal photos, which are then cultivated over months to curate a realistic digital footprint.
The leak contains screenshots of fake Twitter accounts and hashtags used by the Russian military from 2014 until earlier this year. They spread disinformation, including a conspiracy theory about Hillary Clinton and a denial that Russia’s bombing of Syria killed civilians. Following the invasion of Ukraine, one Vulkan-linked fake Twitter account posted: “Excellent leader #Putin”.
A tweet from a fake social media account linked to Vulkan.
Another Vulkan-developed project linked to Amezit is far more threatening. Codenamed Crystal-2V, it is a training platform for Russian cyber-operatives. Capable of allowing simultaneous use by up to 30 trainees, it appears to simulate attacks against a range of essential national infrastructure targets: railway lines, electricity stations, airports, waterways, ports and industrial control systems.
