Reaserchers propose Organoid intelligence (OI): the new frontier in biocomputing and intelligence-in-a-dish

[…] Human brains are slower than machines at processing simple information, such as arithmetic, but they far surpass machines in processing complex information as brains deal better with few and/or uncertain data. Brains can perform both sequential and parallel processing (whereas computers can do only the former), and they outperform computers in decision-making on large, highly heterogeneous, and incomplete datasets and other challenging forms of processing

[…]

fundamental differences between biological and machine learning in the mechanisms of implementation and their goals result in two drastically different efficiencies. First, biological learning uses far less power to solve computational problems. For example, a larval zebrafish navigates the world to successfully hunt prey and avoid predators (4) using only 0.1 microwatts (5), while a human adult consumes 100 watts, of which brain consumption constitutes 20% (6, 7). In contrast, clusters used to master state-of-the-art machine learning models typically operate at around 106 watts.

[…]

biological learning uses fewer observations to learn how to solve problems. For example, humans learn a simple “same-versus-different” task using around 10 training samples (12); simpler organisms, such as honeybees, also need remarkably few samples (~102) (13). In contrast, in 2011, machines could not learn these distinctions even with 106 samples (14) and in 2018, 107 samples remained insufficient (15). Thus, in this sense, at least, humans operate at a >106 times better data efficiency than modern machines

[…]

The power and efficiency advantages of biological computing over machine learning are multiplicative. If it takes the same amount of time per sample in a human or machine, then the total energy spent to learn a new task requires 1010 times more energy for the machine.

[…]

We have coined the term “organoid intelligence” (OI) to describe an emerging field aiming to expand the definition of biocomputing toward brain-directed OI computing, i.e. to leverage the self-assembled machinery of 3D human brain cell cultures (brain organoids) to memorize and compute inputs.

[…]

In this article, we present an architecture (Figure 1) and blueprint for an OI development and implementation program designed to:

● Determine the biofeedback characteristics of existing human brain organoids caged in microelectrode shells, potentially using AI to analyze recorded response patterns to electrical and chemical (neurotransmitters and their corresponding receptor agonists and antagonists) stimuli.

● Empirically test, refine, and, where needed, develop neurocomputational theories that elucidate the basis of in vivo biological intelligence and allow us to interact with and harness an OI system.

● Further scale up the brain organoid model to increase the quantity of biological matter, the complexity of brain organoids, the number of electrodes, algorithms for real-time interactions with brain organoids, and the connected input sources and output devices; and to develop big-data warehousing and machine learning methods to accommodate the resulting brain-directed computing capacity.

● Explore how this program could improve our understanding of the pathophysiology of neurodevelopmental and neurodegenerative disorders toward innovative approaches to treatment or prevention.

● Establish a community and a large-scale project to realize OI computing, taking full account of its ethical implications and developing a common ontology.

FIGURE 1
www.frontiersin.orgFigure 1 Architecture of an OI system for biological computing. At the core of OI is the 3D brain cell culture (organoid) that performs the computation. The learning potential of the organoid is optimized by culture conditions and enrichment by cells and genes critical for learning (including IEGs). The scalability, viability, and durability of the organoid are supported by integrated microfluidic systems. Various types of input can be provided to the organoid, including electrical and chemical signals, synthetic signals from machine sensors, and natural signals from connected sensory organoids (e.g. retinal). We anticipate high-resolution output measurement both by electrophysiological recordings obtained via specially designed 2D or 3D (shell) MEA, and potentially from implantable probes, and imaging of organoid structural and functional properties. These outputs can be used directly for computation purposes and as biofeedback to promote organoid learning. AI and machine learning are used throughout to encode and decode signals and to develop hybrid biocomputing solutions, in conjunction with a suitable big-data management system.

To the latter point, a community-forming workshop was held in February 2022 (51), which gave rise to the Baltimore Declaration Toward OI (52). It provides a statement of vision for an OI community that has led to the development of the program outlined here.

[…]

The past decade has seen a revolution in brain cell cultures, moving from traditional monolayer cultures to more organ-like, organized 3D cultures – i.e. brain organoids (Figure 2A). These can be generated either from embryonic stem cells or from the less ethically problematic iPSC typically derived from skin samples (54). The Johns Hopkins Center for Alternatives to Animal Testing, among others, has produced such brain organoids with high levels of standardization and scalability (32) (Figure 2B). Having a diameter below 500 μm, and comprising fewer than 100,000 cells, each organoid is roughly one 3-millionth the size of the human brain (theoretically equating to 800 MB of memory storage). Other groups have reported brain organoids with average diameters of 3–5 mm and prolonged culture times exceeding 1 year (3436, 5559).

FIGURE 2
www.frontiersin.orgFigure 2 Advances in 3D cell culturing provide the foundation for systems to explore organoid intelligence. (A) 3D neural cell cultures have important advantages for biological learning, compared with conventional 2D monolayers – namely a far greater density of cells, enhanced synaptogenesis, high levels of myelination, and enrichment by cell types essential to learning. (B) Brain organoid differentiation over time from 4 to 15 weeks, showing neurons (microtubule associated protein 2 [MAP2]; pink), oligodendrocytes (oligodendrocyte transcription factor [OLIG2]; red), and astrocytes (glial fibrillary acidic protein [GFAP]; green). Nuclei are stained with Hoechst 33342 (blue). Images were taken with an LCM 880 confocal microscope with 20x and 63x magnification. Scale bars are 100 μm and 20 μm, respectively. The images show the presence of MAP2-positive neurons as early as 4 weeks, while glial cells emerge at 8 weeks and there is a continuous increase in the number of astrocytes over time.

These organoids show various attributes that should improve their potential for biocomputing (Figure 2).

[…]

axons in these organoids show extensive myelination. Pamies et al. were the first to develop a 3D human brain model showing significant myelination of axons (32). About 40% of axons in the brain organoids were myelinated (30, 31), which approaches the 50% found in the human brain (60, 61). Myelination has since been reproduced in other brain organoids (47, 62). Myelin reduces the capacitance of the axonal membrane and enables saltatory conduction from one node of Ranvier to the next. As myelination increases electrical conductivity approximately 100-fold, this promises to boost biological computing performance, though its functional impact in this model remains to be demonstrated.

Finally, these organoid cultures can be enriched with various cell types involved in biological learning, namely oligodendrocytes, microglia, and astrocytes. Glia cells are integrally important for the pruning of synapses in biological learning (6365) but have not yet been reported at physiologically relevant levels in brain organoid models. Preliminary work in our organoid model has shown the potential for astroglia cell expansion to physiologically relevant levels (47). Furthermore, recent evidence that oligodendrocytes and astrocytes significantly contribute to learning plasticity and memory suggests that these processes should be studied from a neuron-to-glia perspective, rather than the neuron-to-neuron paradigm generally used (6365). In addition, optimizing the cell culture conditions to allow the expression of immediate early genes (IEGs) is expected to further boost the learning and memory capacities of brain organoids since these are key to learning processes and are expressed only in neurons involved in memory formation

[…]

Source: Frontiers | Organoid intelligence (OI): the new frontier in biocomputing and intelligence-in-a-dish

ChatGPT allowed in International Baccalaureate essays

Schoolchildren are allowed to quote from content created by ChatGPT in their essays, the International Baccalaureate has said.

The IB, which offers an alternative qualification to A-Levels and Highers, said students can use the chatbot but must be clear when they are quoting its responses.

[…]

Matt Glanville, the IB’s head of assessment principles and practice, said the chatbot should be embraced as “an extraordinary opportunity”.

However, Glanville told the Times, the responses must be treated as any other source in essays.

“The clear line between using ChatGPT and providing original work is exactly the same as using ideas taken from other people or the internet. As with any quote or material adapted from another source, it must be credited in the body of the text and appropriately referenced in the bibliography,” he said.

[…]

He added: “When AI can essentially write an essay at the touch of a button, we need our pupils to master different skills, such as understanding if the essay is any good or if it has missed context, has used biased data or if it is lacking in creativity. These will be far more important skills than writing an essay, so the assessment tasks we set will need to reflect this.”

[…]

Source: ChatGPT allowed in International Baccalaureate essays | ChatGPT | The Guardian

So many of these articles include fearmongering about ChatGPT, it’s good to see that the actual educators in charge are embracing the new technology and working with it – instead of ‘alarming teachers’ (which I doubt it really does)

Dow said it was recycling Singaporean shoes. Reuters found them in Indonesia

At a rundown market on the Indonesian island of Batam, a small location tracker was beeping from the back of a crumbling second-hand shoe store. A Reuters reporter followed the high-pitched ping to a mound of old sneakers and began digging through the pile.

There they were: a pair of blue Nike running shoes with a tracking device hidden in one of the soles.

These familiar shoes had traveled by land, then sea and crossed an international border to end up in this heap. They weren’t supposed to be here.

Five months earlier, in July 2022, Reuters had given the shoes to a recycling program spearheaded by the Singapore government and U.S. petrochemicals giant Dow Inc. In media releases and a promotional video posted online, that effort promised to harvest the rubberized soles and midsoles of donated shoes, then grind down the material for use in building new playgrounds and running tracks in Singapore.

[…]

None of the 11 pairs of footwear donated by Reuters were turned into exercise paths or kids’ parks in Singapore.

Instead, nearly all the tagged shoes ended up in the hands of Yok Impex Pte Ltd, a Singaporean second-hand goods exporter, according to the trackers and that exporter’s logistics manager. The manager said his firm had been hired by a waste management company involved in the recycling program to retrieve shoes from the donation bins for delivery to that company’s local warehouse.

But that’s not what happened to the shoes donated by Reuters. Ten pairs moved first from the donation bins to the exporter’s facility, then on to neighboring Indonesia, in some cases traveling hundreds of miles to different corners of the vast archipelago, the location trackers showed.

[…]

Source: Dow said it was recycling our shoes. We found them in Indonesia

But I guess they are being recycled after all then? So that’s good, right?

Does the Earth’s core have an innermost core?

Geology textbooks almost inevitably include a cutaway diagram of the Earth showing four neatly delineated layers: a thin outer shell of rock that we live on known as the crust; the mantle, where rocks flow like an extremely viscous liquid, driving the movement of continents and the lifting of mountains; a liquid outer core of iron and nickel that generates the planet’s magnetic field; and a solid inner core. Analyzing the crisscrossing of seismic waves from large earthquakes, two Australian scientists say there is a distinctly different layer at the very center of the Earth. “We have now confirmed the existence of the innermost inner core,” said one of the scientists, Hrvoje Tkalcic, a professor of geophysics at the Australian National University in Canberra.

Dr. Tkalcic and Thanh-Son Pham, a postdoctoral researcher, estimate that the innermost inner core is about 800 miles wide; the entire inner core is about 1,500 miles wide. Their findings were published on Tuesday in the journal Nature Communications. While the cutaway diagram appears to depict clear-cut divisions, knowledge about the deep interior of Earth is unavoidably fuzzy. It is nearly 4,000 miles to the center of Earth, and it is impossible to drill more than a few miles into the crust. Most of what is known about what lies beneath comes from seismic waves — the vibrations of earthquakes traveling through and around the planet. Think of them as a giant sonogram of Earth.

Two Harvard seismologists, Miaki Ishii and Adam Dziewonski, first proposed the idea of the innermost inner core in 2002 based on peculiarities in the speed of seismic waves passing through the inner core. Scientists already knew that the speed of seismic waves traveling through this part of the Earth varied depending on the direction. The waves traveled fastest when going from pole to pole along the Earth’s axis and slowest when traveling perpendicular to the axis. The difference in speeds — a few percent faster along polar paths — arises from the alignment of iron crystals in the inner core, geophysicists believe. But in a small region at the center, the slowest waves were those traveling at a 45-degree angle to the axis instead of 90 degrees, the Harvard seismologists said. The data available then were too sparse to convince everyone.

Source: What’s Inside the Earth’s Core? – Slashdot

Sneaky Clock Displays Wrong Time If It Catches You Looking at it

We have a soft spot for devices that subvert purpose and expectation, and that definitely sums up [Guy Dupont]’s Clock That Is Wrong. It knows the correct time, but whether or not it displays the correct time is another story. That’s because nestled just above the 7-segment display is a person sensor module, and when it detects that a person is looking towards it, the clock will display an incorrect time, therefore self-defeating both the purpose and primary use case of a clock in one stroke.

[…]

You can watch a brief video of it in action in this Twitter thread.

One interesting bit is that [Guy] uses an ESP32-based board to drive everything, but had some reservations about making a clock without an RTC. However, he found that simply syncing time over the network every 10 minutes or so using the board’s built-in WiFi was perfectly serviceable, at least for a device like this.

This reminds us a little of other clocks with subtly subversive elements, like the Vetinari Clock which keeps overall accurate time despite irregularly drifting in and out of sync. Intrigued by such ideas? You’re not alone, because there are even DIY hobby options for non-standard clock movements.

[…]

Source: Sneaky Clock Displays Wrong Time If It Catches You Looking | Hackaday

Stanford Faculty Say Anonymous Student Bias Reports Threaten Free Speech – who’d have thought that anonymous tipping off leads to abuse?!

“A group of Stanford University professors is pushing to end a system that allows students to anonymously report classmates for exhibiting discrimination or bias, saying it threatens free speech on campus (Warning: source paywalled; alternative source),” reports the Wall Street Journal. The Daily Beast reports: Last month, a screenshot of a student reading Hitler’s manifesto Mein Kampf was reported in the system, according to the Stanford Daily. Faculty members leading the charge to shut the system down say they didn’t know it even existed until they read the student newspaper, one comparing the system to “McCarthyism.”

Launched in 2021, students are encouraged to report incidents in which they felt harmed, which triggers a voluntary inquiry of both the student who filed the report and the alleged perpetrator. Seventy-seven faculty members have signed a petition calling on the school to investigate in hopes they toss the system out. This comes as a larger movement by Speech First, a group who claim colleges are rampant with censorship, has filed suit against several universities for their bias reporting systems.

Source: Stanford Faculty Say Anonymous Student Bias Reports Threaten Free Speech – Slashdot

Amazing that people at a place like Stanford didn’t get that this was going to be abused and used to scare the shit out of people – a bit like how these systems were scary in Nazi Germany, Communist Russia and China, North Korea, etc etc.

How I Broke Into a Bank Account With an AI-Generated Voice

On Wednesday, I phoned my bank’s automated service line. To start, the bank asked me to say in my own words why I was calling. Rather than speak out loud, I clicked a file on my nearby laptop to play a sound clip: “check my balance,” my voice said. But this wasn’t actually my voice. It was a synthetic clone I had made using readily available artificial intelligence technology.

“Okay,” the bank replied. It then asked me to enter or say my date of birth as the first piece of authentication. After typing that in, the bank said “please say, ‘my voice is my password.’”

Again, I played a sound file from my computer. “My voice is my password,” the voice said. The bank’s security system spent a few seconds authenticating the voice.

“Thank you,” the bank said. I was in.

I couldn’t believe it—it had worked. I had used an AI-powered replica of a voice to break into a bank account. After that, I had access to the account information, including balances and a list of recent transactions and transfers.

Banks across the U.S. and Europe use this sort of voice verification to let customers log into their account over the phone. Some banks tout voice identification as equivalent to a fingerprint, a secure and convenient way for users to interact with their bank. But this experiment shatters the idea that voice-based biometric security provides foolproof protection in a world where anyone can now generate synthetic voices for cheap or sometimes at no cost. I used a free voice creation service from ElevenLabs, an AI-voice company.

Now, abuse of AI-voices can extend to fraud and hacking. Some experts I spoke to after doing this experiment are now calling for banks to ditch voice authentication altogether, although real-world abuse at this time could be rare.

[…]

Source: How I Broke Into a Bank Account With an AI-Generated Voice

Signal says it will shut down in UK over Online Safety Bill, which wants to install spyware on all your devices

[…]

The Online Safety Bill contemplates bypassing encryption using device-side scanning to protect children from harmful material, and coincidentally breaking the security of end-to-end encryption at the same time. It’s currently being considered in Parliament and has been the subject of controversy for months.

[ something something saving children – that’s always a bad sign when they trot that one out ]

The legislation contains what critics have called “a spy clause.” [PDF] It requires companies to remove child sexual exploitation and abuse (CSEA) material or terrorist content from online platforms “whether communicated publicly or privately.” As applied to encrypted messaging, that means either encryption must be removed to allow content scanning or scanning must occur prior to encryption.

Signal draws the line

Such schemes have been condemned by technical experts and Signal is similarly unenthusiastic.

“Signal is a nonprofit whose sole mission is to provide a truly private means of digital communication to anyone, anywhere in the world,” said Meredith Whittaker, president of the Signal Foundation, in a statement provided to The Register.

“Many millions of people globally rely on us to provide a safe and secure messaging service to conduct journalism, express dissent, voice intimate or vulnerable thoughts, and otherwise speak to those they want to be heard by without surveillance from tech corporations and governments.”

“We have never, and will never, break our commitment to the people who use and trust Signal. And this means that we would absolutely choose to cease operating in a given region if the alternative meant undermining our privacy commitments to those who rely on us.”

Asked whether she was concerned that Signal could be banned under the Online Safety rules, Whittaker told The Register, “We were responding to a hypothetical, and we’re not going to speculate on probabilities. The language in the bill as it stands is deeply troubling, particularly the mandate for proactive surveillance of all images and texts. If we were given a choice between kneecapping our privacy guarantees by implementing such mass surveillance, or ceasing operations in the UK, we would cease operations.”

[…]

“If Signal withdraws its services from the UK, it will particularly harm journalists, campaigners and activists who rely on end-to-end encryption to communicate safely.”

[…]

 

Source: Signal says it will shut down in UK over Online Safety Bill

Africa’s internet registry could fail, warns head of ARIN – dodgy fellah scheming involved

The African Network Information Centre (AFRINIC) has no board, no CEO, has sometimes been close to not being able to pay its staff, could fail, and other regional internet registries have therefore expressed interest in funding its ongoing activities, according to John Curran, president and CEO of the American Registry for Internet Numbers (ARIN).

Curran offered that view of AFRINIC’s affairs during a talk at the NANOG 87 event on February 14 that was posted to YouTube. In it, he explains that legal action means AFRINIC has not been able to constitute a board and has no CEO – the previous officeholder resigned in November 2022. Without a functioning board, AFRINIC can’t appoint a new leader or even conduct meetings to implement workarounds that allow it to appoint additional directors.

“That’s a bad situation,” Curran said, because “goal one of running an organization is not to lose the ability to govern the organization.”

Curran said AFRINIC is fulfilling its functions, but is “presently ungoverned” so “that kind of makes it hard to respond to court issues … because you literally don’t have anyone who can represent the organization.”

Attempts to have courts recognize temporary officers have failed.

Curran said this situation was unforeseen by those who established global internet governance services, so it is hard for entities like the Number Resource Organization – the coordinating body for the world’s Regional Internet Registries (RIRs) – to intervene.

Other RIRs have therefore offered operational financial support, Curran explained, to ensure that AFRINIC can pay its staff.

“At the present moment (i.e. this week), AFRINIC is able and paying its staff,” he said.

“But we’re kind of on a week-to-week basis with AFRINIC right now,” he added. “I’m literally telling you AFRINIC could have a significant operational failure led by governance failure or a court-led governance event that could cause it to be non-operational.”

“We hope that AFRINIC will find its way back into proper governance and be fine but we’re planning for a number of contingencies,” Curran suggested, among them how to create a new body to replace AFRINIC.

How did we get here and what’s the APNIC connection?

AFRINIC has experienced years of strife, but its current problems stem from litigation launched by an entity called Cloud Innovation Limited that was assigned several million IP addresses by the Registry.

The Registry later alleged those addresses had been misused – an accusation which Cloud Innovation contested in Mauritius – the nation in which AFRINIC is based.

That litigation is ongoing.

Lu Heng, the CEO of Cloud Innovation, has told The Register AFRINIC’s complaints are unfounded. Lu is also CEO of a Hong-Kong based IP address leasing and management company called Larus, which is a partner of Cloud Innovation. Larus is in turn connected to the Larus Foundation – an organization Lu Heng has described as “my NGO focuses on internet governance education.”

In an October 2022 talk, Curran mentioned [PDF] another source of trouble for the African registry: a “public relations campaign against AFRINIC by the Number Resource Society (NRS).”

NRS is an entity that claims to represent “everyone who has a shared interest in preserving the stability of the internet.”

The organization has taken an interest in the current elections at the Asia Pacific Network Information Centre (APNIC) by endorsing candidates for vacant executive council positions. One of those candidates is Lu Heng. Another works for Larus, and a third works for the Larus Foundation.

APNIC yesterday announced it has appointed external lawyers to consider possible code of conduct breaches by unnamed candidates.

Lu Heng responded with a post pointing out that APNIC’s chief counsel once worked at the law firm APNIC has appointed, and asserted that the choice of that firm is improper.

Interestingly, The Register has discovered that the NRS’s website once listed Larus’s Hong Kong address as its own location.

Lu Heng told The Register “Larus is a member of NRS and supports its work” but has not responded to subsequent questions about whether that support extends to providing it with premises.

The Register has since discovered a Wayback Machine snapshot of the NRS’s Contact Us page on which the written address info@nrs.help is coded as a mailto link to info@larus.foundation – the NGO Lu Heng describes as his own entity, and which shares a name with one of the companies he leads.

As the inclusion of a Larus Foundation email address suggests a link between Lu Heng and the NRS, we have asked him to explain why that address was once present on the NRS website.

We have also asked Lu if Larus staff have undertaken any work – paid or unpaid – for NRS.

He has not addressed either question in his responses.

The Register has also contacted the other NRS-endorsed candidates for the APNIC election, as well as an individual named “John Smith” identified as the organization’s press contact, and written to the info@nrs.help email address. None of those efforts have yielded a response. Calls to Mr Smith’s telephone number produce only a recorded message that connection attempts have failed and we should check the number.

If you know more, contact the author using this form. ®

Source: Africa’s internet registry could fail, warns head of ARIN • The Register

Microsoft feels free to edit websites you browse: begs people to stick to Edge on Chrome download page

Microsoft Edge has been spotted inserting a banner into the Chrome download page on Google.com begging people to stick with the Windows giant’s browser.

As noted this week by Neowin, an attempt to download and install Chrome Canary using Edge Canary – both experimental browser builds – led to the presentation in the Edge browser window of a banner graphic celebrating the merits of Edge.

Screenshot of Edge injecting an anti-Chrome banner ad into Chrome download page

Screenshot of Edge injecting an anti-Chrome banner ad into Google.com’s Chrome download page … Source: Chris Frantz

“Microsoft Edge runs on the same technology as Chrome, with the added trust of Microsoft,” the banner proclaims atop a button labeled “Browse securely now.”

This was on a Google web page, google.com/chrome/canary/thank-you.html, and it’s not clear how this ad surfaced. Edge appears to display the banner by itself when the user surfs to the Chrome download page on Google.com, which is just a little bit aggressive.

Microsoft did not immediately respond to a request to explain the promotion and the mechanics behind it.

The ad does not appear to have been delivered through normal ad servers based on its page placement. There’s debate among those discussing the banner online whether the ad consists of code injected by Edge into Google’s webpage, which would make it detectable and removable as part of the Document Object Model.

It has also been suggested that the ad may come from Edge as an interface element that’s stacked atop the rendered web page. We believe this is the case.

An individual familiar with browser development confirmed to The Register that he could reproduce the ad, which was said to be written in HTML but wasn’t placed “in” the page. He described the ad as its own browser window that, surprisingly, was viewable with Edge’s “Inspect” option for viewing source code.

Our source speculated the ad was implemented in a way that pushes down the “Content area” – the space where loaded web pages get rendered – to make space for a second rendering area that holds the ad.

The main content area and the ad content area do not interact with each other – they exist in separate worlds, so to speak. But the presence of the ad content area can be inferred by checking the main window’s innerHeight and outerHeight parameters.

Given two browser windows, one with the ad and one without, the main window with the ad will have an innerHeight value that’s less than a similarly sized window without the ad. The difference in the two measurements should correspond to the height of the ad content area.

Similar behavior can be found when visiting the Chrome Web Store using Microsoft Edge on macOS: the Chrome Web Store page is topped by an Edge banner that states, “Now you can add extensions from the Chrome Web Store to Microsoft Edge,” followed by a boxed button that says, “Allow extensions from other stores.”

[…]

Source: Microsoft begs people to stick to Edge after Chrome download • The Register

Wait, what the fuck is MS doing a) monitoring where I am browsing and b) changing what it looks like when I get there?!

Google’s Play Store Privacy Labels Are a ‘Total Failure:’ Study

[…]

“There are two main problems here,” Mozilla’s Caltrider said. “The first problem is Google only requires the information in labels to be self-reported. So, fingers crossed, because it’s the honor system, and it turns out that most labels seem to be misleading.”

Google promises to make apps fix problems it finds in the labels, and threatens to ban apps that don’t get in compliance. But the company has never provided any details about how it polices apps. Google said it’s vigilant about enforcement but didn’t give any details about its enforcement process, and didn’t respond to a question about any enforcement actions it’s taken in the past.

[…]

Of course, Google could just read the privacy policies where apps spell out these practices, like Mozilla did, but there’s a bigger issue at play. These apps may not even be breaking Google’s privacy label rules, because those rules are so relaxed that “they let companies lie,” Caltrider said.

“That’s the second problem. Google’s own rules for what data practices you have to disclose are a joke,” Caltrider said. “The guidelines for the labels make them useless.”

If you go looking at Google’s rules for the data safety labels, which are buried deep in a cascading series of help menus, you’ll learn that there is a long list of things that you don’t have to tell your users about. In other words, you can say you don’t collect data or share it with third parties, while you do in fact collect data and share it with third parties.

For example, apps don’t have to disclose data sharing it if they have “consent” to share the data from users, or if they’re sharing the data with “service providers,” or if the data is “anonymized” (which is nonsense), or if the data is being shared for “specific legal purposes.” There are similar exceptions for what counts as data collection. Those loopholes are so big you could fill up a truck with data and drive it right on through.

[…]

Source: Google’s Play Store Privacy Labels Are a ‘Total Failure:’ Study

Which goes to show again, walled garden app stores really are no better than just downloading stuff from the internet, unless you’re the owner of the walled garden and collect 30% revenue for doing basically not much.

AI-created images lose U.S. copyrights in test for new technology

Images in a graphic novel that were created using the artificial-intelligence system Midjourney should not have been granted copyright protection, the U.S. Copyright Office said in a letter seen by Reuters.

“Zarya of the Dawn” author Kris Kashtanova is entitled to a copyright for the parts of the book Kashtanova wrote and arranged, but not for the images produced by Midjourney, the office said in its letter, dated Tuesday.

The decision is one of the first by a U.S. court or agency on the scope of copyright protection for works created with AI, and comes amid the meteoric rise of generative AI software like Midjourney, Dall-E and ChatGPT.

The Copyright Office said in its letter that it would reissue its registration for “Zarya of the Dawn” to omit images that “are not the product of human authorship” and therefore cannot be copyrighted.

The Copyright Office had no comment on the decision.

Kashtanova on Wednesday called it “great news” that the office allowed copyright protection for the novel’s story and the way the images were arranged, which Kashtanova said “covers a lot of uses for the people in the AI art community.”

Kashtanova said they were considering how best to press ahead with the argument that the images themselves were a “direct expression of my creativity and therefore copyrightable.”

Midjourney general counsel Max Sills said the decision was “a great victory for Kris, Midjourney, and artists,” and that the Copyright Office is “clearly saying that if an artist exerts creative control over an image generating tool like Midjourney …the output is protectable.”

Midjourney is an AI-based system that generates images based on text prompts entered by users. Kashtanova wrote the text of “Zarya of the Dawn,” and Midjourney created the book’s images based on prompts.

The Copyright Office told Kashtanova in October it would reconsider the book’s copyright registration because the application did not disclose Midjourney’s role.

The office said on Tuesday that it would grant copyright protection for the book’s text and the way Kashtanova selected and arranged its elements. But it said Kashtanova was not the “master mind” behind the images themselves.

“The fact that Midjourney’s specific output cannot be predicted by users makes Midjourney different for copyright purposes than other tools used by artists,” the letter said.

Source: AI-created images lose U.S. copyrights in test for new technology | Reuters

I am not sure why they are calling this a victory, as the court is basically reiterating that what she created is hers and what an AI created cannot be copyrighted by her or by the AI itself. That’s a loss for the AI.

DNA Diagnostics Center DCC Forgot About 2.1m Clients’ Data, Leaked It

A prominent DNA testing firm has settled a pair of lawsuits with the attorney generals of Pennsylvania and Ohio after a 2021 episode that saw cybercriminals steal data on 2.1 million people, including the social security numbers of 45,000 customers from both states. As a result of the lawsuits, the company in question, DNA Diagnostics Center (or DDC), will have to pay out a cumulative $400,000 to both governments and has also agreed to beef up its digital security practices. The company said it didn’t even know it had the data that was stolen because it was stored in an old database.

On its website, DDC calls itself the “world leader in private DNA testing,” and boasts of its lab director’s affiliation with a number of high-profile criminal cases, including the OJ Simpson trial and the Anna Nicole Smith paternity case. The company also claims that it is the “media’s primary source for answers to DNA testing questions” and that it’s considered the “premier laboratory to perform DNA testing for TV shows and radio programs.” While that may all sound very impressive, there’s definitely one thing DDC isn’t the “world leader” in—cybersecurity practices. Prior to the recent lawsuits, it doesn’t really sound like the company had any.

Evidence of the hacking episode first surfaced in May of 2021, when DDC’s managed service provider reached out via automated notification to inform the firm of unusual activity on its network. Unfortunately, DDC didn’t do much with that information. Instead, it waited several months before the MSP reached out yet again—this time to inform it that there was now evidence of Cobalt Strike on its network.

Cobalt Strike is a popular penetration testing tool that has frequently been co-opted by criminals to further penetrate already compromised networks. Unexpectedly finding it on your network is never a good sign. By the time DDC officially responded to its MSP’s warnings, a hacker had managed to steal data connected to 2.1 million people who had been genetically tested in the U.S., including the social security numbers of 45,000 customers from both Ohio and Pennsylvania.

The Register reports that the stolen data was part of a “legacy database” that DDC had amassed years ago and then apparently forgot that it had. In 2012, DDC had purchased another forensics firm, Orchid Cellmark, accumulating the firm’s databases along with the sale. DDC has subsequently claimed that it was unaware that the data was even in its systems, alleging that a prior inventory of its digital vaults turned up no sign of the information of millions of people that was later boosted by the hacker.

[…]

Source: DNA Diagnostics Center Forgot About Clients’ Data, Leaked It

Bruce Campbell Announces “Bruce-O-Rama” 22-City Tour – US only :'(

Bruce Campbell may not be appearing in Evil Dead Rise (though the once and forever Ash Williams is producing the movie, which hits theaters in April), but the much-loved horror icon is still finding a way to interact with the masses this spring: “Bruce-O-Rama,” an evening of entertainment hitting up 22 cities nationwide.

A favorite at comic and horror conventions—he’s charming as hell, and he truly appreciates his fans—Campbell’s jaunt starts April 5 in Greenville, South Carolina, hitting venues mostly around the East Coast and Midwest. The event is described by a press release as “a two-part evening of indulgent fun;” it will feature an installment of the Campbell-hosted interactive game show Last Fan Standing, which quizzes the audience on trivia “about the things that really matter: fantasy, horror, sci-fi, superheroes, and gaming.” That tracks. Then, Campbell will introduce “a cult film favorite he’s starred in” (no specific titles mentioned, but you could pick probably any movie on his resume that doesn’t contain the words “Spider-Man” to narrow it down), with a Q&A and “a lively half-hour of anecdotes, insults, and random cash giveaways.”

Check out all the tour dates and ticket info (including VIP tickets that get you a photo with the Chin, and at some locations, the option to get your very own chainsaw autographed by the star) at the event website here.

Source: Bruce Campbell Announces “Bruce-O-Rama” 22-City Tour

Four-day week: ‘major breakthrough’ as most UK firms in trial extend changes

The vast majority of companies taking part in the world’s largest trial of a four-day week have opted to continue with the new working pattern, in a result hailed as evidence that it could work across the UK economy.

Of the 61 companies that entered the six-month trial, 56 have extended the four-day week, including 18 who have made it permanent.

The findings will be presented to MPs on Tuesday as part of a push urging politicians to give all workers in Britain a 32-hour week.

[…]

The UK pilot, which kicked off last June, has been promoted by 4 Day Week Global, a not-for-profit organisation founded in New Zealand, and overseen by the thinktank Autonomy and a team of academics.

Companies taking part were offered workshops and mentoring to help them rethink working practices. Staff were given the opportunity to remain on their existing salary, working across four days instead of five.

[…]

In total, about 2,900 employees across the UK have taken part in the pilot. Surveys of staff taken before and after found that 39% said they were less stressed, 40% were sleeping better and 54% said it was easier to balance work and home responsibilities.

The number of sick days taken during the trial fell by about two-thirds and 57% fewer staff left the firms taking part compared with the same period a year earlier.

[…]

Ryle, of the campaign, said: “The economy doesn’t need us to be working five days a week any more. It was 100 years ago, the shift to a five-day week, and the economy’s transformed since then.”

Source: Four-day week: ‘major breakthrough’ as most UK firms in trial extend changes | Work-life balance | The Guardian

MetaGuard: Going Incognito in the Metaverse

[…]

with numerous recent studies showing the ease at which VR users can be profiled, deanonymized, and data harvested, metaverse platforms carry all the privacy risks of the current internet and more while at present having none of the defensive privacy tools we are accustomed to using on the web. To remedy this, we present the first known method of implementing an “incognito mode” for VR. Our technique leverages local ε-differential privacy to quantifiably obscure sensitive user data attributes, with a focus on intelligently adding noise when and where it is needed most to maximize privacy while minimizing usability impact. Moreover, our system is capable of flexibly adapting to the unique needs of each metaverse application to further optimize this trade-off. We implement our solution as a universal Unity (C#) plugin that we then evaluate using several popular VR applications. Upon faithfully replicating the most well known VR privacy attack studies, we show a significant degradation of attacker capabilities when using our proposed solution.

[…]

Source: MetaGuard: Going Incognito in the Metaverse | Berkeley RDI

3 motion points allow you to be identified within seconds in VR

[..]

In a paper provided to The Register in advance of its publication on ArXiv, academics Vivek Nair, Wenbo Guo, Justus Mattern, Rui Wang, James O’Brien, Louis Rosenberg, and Dawn Song set out to test the extent to which individuals in VR environments can be identified by body movement data.

The boffins gathered telemetry data from more than 55,000 people who played Beat Saber, a VR rhythm game in which players wave hand controllers to music. Then they digested 3.96TB of data, from game leaderboard BeatLeader, consisting of 2,669,886 game replays from 55,541 users during 713,013 separate play sessions.

These Beat Saber Open Replay (BSOR) files contained metadata (devices and game settings), telemetry (measurements of the position and orientation of players’ hands, head, and so on), context info (type, location, and timing of in-game stimuli), and performance stats (responses to in-game stimuli).

From this, the researchers focused on the data derived from the head and hand movements of Beat Saber players. Just five minutes of those three data points proved enough to train a classification model that, given 100 minutes of motion data from the game, could uniquely identify the player 94 percent of the time. And with just 10 seconds of motion data, the classification model managed accuracy of 73 percent.

“The study demonstrates that over 55k ‘anonymous’ VR users can be de-anonymized back to the exact individual just by watching their head and hand movements for a few seconds,” said Vivek Nair, a UC Berkeley doctoral student and one of the authors of the paper, in an email to The Register.

“We have known for a long time that motion reveals information about people, but what this study newly shows is that movement patterns are so unique to an individual that they could serve as an identifying biometric, on par with facial or fingerprint recognition. This really changes how we think about the notion of ‘privacy’ in the metaverse, as just by moving around in VR, you might as well be broadcasting your face or fingerprints at all times!”

[…]

“There have been papers as early as the 1970s which showed that individuals can identify the motion of their friends,” said Nair. “A 2000 paper from Berkeley even showed that with motion capture data, you can recreate a model of a person’s entire skeleton.”

“What hasn’t been shown, until now, is that the motion of just three tracked points in VR (head and hands) is enough to identify users on a huge (and maybe even global) scale. It’s likely true that you can identify and profile users with even greater accuracy outside of VR when more tracked objects are available, such as with full-body tracking that some 3D cameras are able to do.”

[…]

Nair said he remains optimistic about the potential of systems like MetaGuard – a VR incognito mode project he and colleagues have been working on – to address privacy threats by altering VR in a privacy-preserving way rather than trying to prevent data collection.

The paper suggests similar data defense tactics: “We hope to see future works which intelligently corrupt VR replays to obscure identifiable properties without impeding their original purpose (e.g., scoring or cheating detection).”

One reason to prefer data alteration over data denial is that there may be VR applications (e.g., motion-based medical diagnostics) that justify further investment in the technology, as opposed to propping up pretend worlds just for the sake of privacy pillaging.

[…]

Source: How virtual reality telemetry is the next threat to privacy • The Register

Google’s wants Go reporting telemetry data by default

Russ Cox, a Google software engineer steering the development of the open source Go programming language, has presented a possible plan to implement telemetry in the Go toolchain.

However many in the Go community object because the plan calls for telemetry by default.

These alarmed developers would prefer an opt-in rather than an opt-out regime, a position the Go team rejects because it would ensure low adoption and would reduce the amount of telemetry data received to the point it would be of little value.

Cox’s proposal summarized lengthier documentation in three blog posts.

Telemetry, as Cox describes it, involves software sending data from Go software to a server to provide information about which functions are being used and how the software is performing. He argues it is beneficial for open source projects to have that information to guide development.

“I believe that open-source software projects need to explore new telemetry designs that help developers get the information they need to work efficiently and effectively, without collecting invasive traces of detailed user activity,” he wrote.

[…]

Some people believe they have a right to privacy, to be left alone, and to demand that their rights are respected through opt-in consent.

As developer Louis Thibault put it, “The Go dev team seems not to have internalized the principle of affirmative consent in matters of data collection.”

Others, particularly in the ad industry, but in other endeavors as well, see opt-in as an existential threat. They believe that they have a right to gather data and that it’s better to seek forgiveness via opt-out than to ask for permission unlikely to be given via opt-in.

Source: Google’s Go may add telemetry reporting that’s on by default • The Register

Windows 11 Sends Tremendous Amount of User Data to Third Parties – pretty much spyware for loads of people!

Many programs collect user data and send it back to their developers to improve software or provide more targeted services. But according to the PC Security Channel (via Neowin (opens in new tab)) Microsoft’s Windows 11 sends data not only to the Redmond, Washington-based software giant, but also to multiple third parties.

To analyze DNS traffic generated by a freshly installed copy of Windows 11 on a brand-new notebook, the PC Security Channel used the Wireshark network protocol analyzer that reveals precisely what is happening on a network. The results were astounding enough for the YouTube channel to call Microsoft’s Windows 11 “spyware.”

As it turned out, an all-new Windows 11 PC that was never used to browse the Internet contacted not only Windows Update, MSN and Bing servers, but also Steam, McAfee, geo.prod.do, and Comscore ScorecardResearch.com. Apparently, the latest operating system from Microsoft collected and sent telemetry data to various market research companies, advertising services, and the like.

To prove the point, the PC Security Channel tried to find out what Windows XP contacted after a fresh install using the same tool and it turned out that the only things that the 20+ years old operating system contacted were Windows Update and Microsoft Update servers.

“As with any modern operating system, users can expect to see data flowing to help them remain secure, up to date, and keep the system working as anticipated,” a Microsoft spokesperson told Tom’s Hardware. “We are committed to transparency and regularly publish information about the data we collect to empower customers to be more informed about their privacy.”

Some of the claims may be, technically, overblown. Telemetry data is mentioned in Windows’ terms of service, which many people skip over to use the operating system. And you can choose not to enable at least some of this by turning off settings the first time to boot into the OS.

“By accepting this agreement and using the software you agree that Microsoft may collect, use, and disclose the information as described in the Microsoft Privacy Statement (aka.ms/privacy), and as may be described in the user interface associated with the software features,” the terms of service read (opens in new tab). It also points out that some data-sharing settings can be turned off.

Obviously, a lot has changed in 20 years and we now use more online services than back in the early 2000s. As a result, various telemetry data has to be sent online to keep certain features running. But at the very least, Microsoft should do a better job of expressly asking for consent and stating what will be sent and where, because you can’t opt out of all of the data-sharing “features.” The PC Security Channel warns that even when telemetry tracking is disabled by third-party utilities, Windows 11 still sends certain data.

Source: Windows 11 Sends Tremendous Amount of User Data to Third Parties, YouTuber Claims (Update) | Tom’s Hardware

Just when you thought Microsoft was the good guys again and it was all Google, Apple, Amazon, Meta/Facebook being evil they are back at it to prove they still have it!

Amazon Is Pocketing Half of Retailers’ Sales

Merchants on Amazon Marketplace are paying the company a commission fee of more than 50% of each sale. A new report by Marketplace Pulse revealed Amazon raised the total cost sellers are required to pay out toward storage fees at company warehouses, packaging and delivery, and advertising on the site.

The commission fee has gradually risen since 2016 according to the report, but sellers were not heavily impacted because of an influx of customers and a substantial increase in sales during the covid-19 pandemic. But the report said that sales plummeted when the lockdowns lifted and buyers turned to things like travel and dining out rather than online shopping. The residual effects meant that Amazon suffered its slowest sales growth since its inception.

Marketplace Pulse reported that Amazon receives a 15% transaction, or referral fee, from the sellers who also pay between 25% and 35% in Fulfillment fees and 15% toward advertising and promoting on the site.

The average fees Amazon collected last year rose to 51.8% from 35.2% in 2016

[…]

Source: Amazon Is Pocketing Half of Retailers’ Sales

Core-js maintainer complains open source is broken

Denis Pushkarev, maintainer of the core-js library used by millions of websites, says he’s ready to give up open source development because so few people pay for the software upon which they depend.

“Free open source software is fundamentally broken,” he wrote in a note on the core-js repository. “I could stop working on this silently, but I want to give open source one last chance.”

The issue of who pays for open source software, often created or managed by unpaid volunteers, continues to be a source of friction and discontent in the coding community.

Feross Aboukhadijeh, an open source developer and CEO of security biz Socket, had a lot to say on the subject in an email to The Register:

Maintainers are the unsung heroes of the software world, pouring their hearts into creating vast amounts of value that often goes unappreciated. These unsung heroes perform critical work that enables all of modern technology to function – this is not an exaggeration. These tireless individuals dedicate themselves to writing new features, fixing bugs, answering user inquiries, improving documentation, and developing innovative new software, yet they receive almost no recognition for their efforts.

It is imperative for the commercial industry and open source community to come together and find a way to acknowledge and reward maintainers for their invaluable contributions. As long as significant personal sacrifice is a prerequisite for open source participation, we’ll continue to exclude a lot of smart and talented folks. This isn’t good for anyone.

Maintainers of packages that are not installed directly, such as core-js, which often comes along for the ride when installing other packages, have it especially hard. Reliable, error-free transitive dependencies are invisible. Therefore, the maintainers are invisible, too. Perversely, the better these maintainers do their job, the more invisible they are. No one ever visits a GitHub repository for a transitive dependency that works perfectly – there’s no reason to do so. But a developer investigating an error stack trace might visit the repository if for no other reason than to file an issue. This is the exact problem that the core-js maintainer faced.

For the large companies that get more from the free labor in open source code than they pay out in donations – if indeed they pay out – the status quo looks like a pretty good deal.

For individual developers, however, code creation and maintenance without compensation has a cost – measurable not just in financial terms, but also in social and political capital.

For Pushkarev, known as zloirock on GitHub, the situation is that core-js is a JavaScript library that’s been downloaded billions of times and used on more than half of the top 10,000 websites – but the income he receives from donations has fallen dramatically. When he started maintaining core-js full time he could count on about $2,500 per month, and that’s down to about $400 per month at present.

[…]

 

Source: Core-js maintainer complains open source is broken

The post then goes on to politicise the guy who is complaining and mention some other stuff from the past – but that does not invalidate the point that many FOSS developers are creating software that businesses profit hugely off and they themselves don’t see a thing for – except random hate.

Jeremy Clarkson Meghan Markle Column to be Investigated by Regulator after tweeting self righteous idiots decide to cancel him

The U.K. press watchdog has launched an investigation into a British tabloid column by former Top Gear host Jeremy Clarkson that attracted around 25,100 complaints.

On Thursday, the Independent Press Standards Organization confirmed it will probe the Dec. 17, 2022 article in The Sun where Clarkson wrote that Prince Harry was being “controlled” by Meghan Markle, and he was “dreaming of the day when she is made to parade naked through the streets of every town in Britain while the crowds chant ‘Shame!’ and throw lumps of excrement at her.”

The press watchdog will take forward complaints from two parties, The Fawcett Society and The Wilde Foundation, who said they were impacted by breaches of the UK Editor’s Code over accuracy, harassment and discrimination via the column.

“We will make public the outcome of this investigation through our website and on our social media channels when it is concluded,” the press watchdog said in a statement.

Clarkson wrote the opinion piece under the headline “One day, Harold the glove puppet will tell the truth about A Woman Talking B*****ks” after the Harry & Meghan docuseries launched on Netflix. The series sees the couple revealing new behind-the-scenes information about how they were treated by both the U.K. press and royal family, ultimately leading to their separation from royal life

[…]

Source: Jeremy Clarkson Meghan Markle Column to be Investigated by Regulator – The Hollywood Reporter

So, no the article wasn’t nice, it was crude. Was it misogynist? No, not really. I’m pretty sure most people who use that word don’t know what it means. Does an army of fat village idiots up in virtual arms from behind the safety of their screens on the Internet who spend their days looking for someone to self righteously cancel warrant any attention at all? No.

Wind Turbine Giant Develops Solution To Keep Blades Out of Landfills

Vestas, the world’s largest producer of wind turbines, says it has developed a chemical solution that allows the blades — made with durable epoxy resin — to be broken down and recycled. Bloomberg reports: “This signals a new era for the wind industry,” Vestas said in a statement. If it’s implemented at scale, the technology can be used on both old blades sitting in landfills and those in active wind farms, the company added. It’s a potential solution for what could be a massive sustainability problem for the wind industry. Industry body Wind Europe has previously estimated that about 25,000 metric tons of blades a year will be decommissioned by 2025, rising to 52,000 tons a year by 2030. The group has called on European authorities to ban blades from going into landfills.

Vestas’s process is the result of joint initiative including Denmark’s Aarhus University and US-based Olin Corp. The company now plans to move it from the lab to a pilot project for two years, before rolling it out on a commercial scale. Its cost hasn’t been disclosed.

Source: Wind Turbine Giant Develops Solution To Keep Blades Out of Landfills – Slashdot

It Took Months For Anker To Finally Admit Its Eufy Cameras Weren’t Really Secure

Last November, The Verge discovered that Anker, the maker of popular USB chargers and the Eufy line of “smart” cameras, had a bit of a security issue. Despite the fact the company advertised its Eufy cameras as having “end-to-end” military-grade encryption, security researcher Paul Moore and a hacker named Wasabi found it was pretty easy to intercept user video streams.

The researchers found that an attacker simply needed a device serial number to connect to a unique address at Eufy’s cloud servers using the free VLC Media Player, giving them access to purportedly private video feeds. When approached by The Verge, Anker apparently thought the best approach was to simply lie and insist none of this was possible, despite repeated demonstrations that it was very possible:

When we asked Anker point-blank to confirm or deny that, the company categorically denied it. “I can confirm that it is not possible to start a stream and watch live footage using a third-party player such as VLC,” Brett White, a senior PR manager at Anker, told me via email.

Not only that, Anker apparently thought it would be a good idea to purge its website of all of its past promises related to privacy, thinking this would somehow cause folks to forget they’d misled their customers on proper end to end encryption. It didn’t.

It took several months, but The Verge kept pressing Anker to come clean, and only this week did the company finally decide to do so:

In a series of emails to The Verge, Anker has finally admitted its Eufy security cameras are not natively end-to-end encrypted — they can and did produce unencrypted video streams for Eufy’s web portal, like the ones we accessed from across the United States using an ordinary media player.

But Anker says that’s now largely fixed. Every video stream request originating from Eufy’s web portal will now be end-to-end encrypted — like they are with Eufy’s app — and the company says it’s updating every single Eufy camera to use WebRTC, which is encrypted by default. Reading between the lines, though, it seems that these cameras could still produce unencrypted footage upon request.

I don’t know why anybody in tech PR in 2023 would think the best response to a privacy scandal is to lie, pretend nothing happened, and then purge your company’s website of past promises. Perhaps that works in some industries, but when you’re selling products to techies with very specific security promises attached, it’s just idiotic, and kudos to The Verge for relentlessly calling Anker out for it.

Source: It Took Months For Anker To Finally Admit Its Eufy Cameras Weren’t Really Secure | Techdirt

Chinese balloon part of worldwide fleet, US officials say

The US believes a suspected Chinese surveillance balloon that was shot down over its territory is part of a wider fleet that has spanned five continents.

“The United States was not the only target of this broader programme,” Secretary of State Antony Blinken said.

[…]

Citing unnamed officials, the Washington Post reported that the US believes the suspected surveillance balloon project was being operated from China’s coastal Hainan province and targeted countries including Japan, India, Vietnam, Taiwan and the Philippines.

At a Wednesday news conference, Defence Department spokesman Brigadier General Pat Ryder confirmed that the US believed similar balloons had operated over North and South America, South East Asia, East Asia and Europe.

“We’ve learned a lot about these balloons and how to track them,” Gen Ryder said, adding that the US was now confident it had the ability to be “on the look-out for these kinds of capabilities”.

He said while the objects were all used for surveillance missions, there were “variations” in terms of their size and capabilities.

The US believes that balloons have operated over US territory on at least four occasions, but Gen Ryder did not give further detail on these instances.

Washington briefed 40 allied countries about the alleged espionage programme earlier this week, a senior Biden administration official confirmed to CBS News, the BBC’s US partner.

[…]

Source: Chinese balloon part of worldwide fleet, US officials say – BBC News