The Linkielist

Linking ideas with the world

The Linkielist

Monthly Archives: July 2023

Judge Seems (Correctly) Skeptical Of AI Copyright Lawsui

Posted on by

Over the last few months there have been a flurry of lawsuits against AI companies, with most of them being focused on copyright claims. The site ChatGPTIsEatingTheWorld has been tracking all the lawsuits, which currently lists 11 lawsuits, seven of which are copyright claims. Five of those are from the same lawyers: Joseph Saveri and Matthew Butterick, who seem to want to corner the market on “suing AI companies for copyright.”

We already covered just how bad their two separate (though they’re currently trying to combine them, and no one can explain to me why it made sense to file them separately in the first place) lawsuits on behalf of authors are, as they show little understanding of how copyright actually works. But their original lawsuit against Stability AI, MidJourney, and DeviantArt was even worse, as we noted back in April. As we said at the time, they don’t allege a single act of infringement, but rather make vague statements about how what these AI tools are doing must be infringing.

(Also, the lawyers seemed to totally misunderstand what DeviantArt was doing, in that it was using open source tools to better enable DeviantArt artists to prevent their works from being used as inspiration in AI systems, and claimed that was infringing… but that’s a different issue).

It appears that the judge overseeing that lawsuit has noticed just how weak the claims are. Though we don’t have a written opinion yet, Reuters reports that Judge William Orrick was pretty clear at least week’s hearing that the case, as currently argued, has no chance.

U.S. District Judge William Orrick said during a hearing in San Francisco on Wednesday that he was inclined to dismiss most of a lawsuit brought by a group of artists against generative artificial intelligence companies, though he would allow them to file a new complaint.

Orrick said that the artists should more clearly state and differentiate their claims against Stability AI, Midjourney and DeviantArt, and that they should be able to “provide more facts” about the alleged copyright infringement because they have access to Stability’s relevant source code.

“Otherwise, it seems implausible that their works are involved,” Orrick said, noting that the systems have been trained on “five billion compressed images.”

Again, the theory of the lawsuit seemed to be that AI companies cut up little pieces of the content they train on and create a “collage” in response. Except, that’s not at all how it works. And since the complaint can’t show any specific work that has been infringed on by the output, the case seems like a loser. And it’s good the judge sees that.

He also recognizes that merely being inspired by someone else’s art doesn’t make the new art infringing:

“I don’t think the claim regarding output images is plausible at the moment, because there’s no substantial similarity” between images created by the artists and the AI systems, Orrick said.

It seems likely that Saveri and crew will file an amended complaint to try to more competently make this argument, but since the underlying technology doesn’t fundamentally do what the lawsuit pretends it does, it’s difficult to see how it can succeed.

But, of course, this is copyright, and copyright caselaw doesn’t always follow logic or what the law itself says. So it’s no surprise that Saveri and Butterick are trying multiple lawsuits with these theories. They might just find a judge confused enough to buy it.

Source: Judge Seems (Correctly) Skeptical Of AI Copyright Lawsuit | Techdirt

Italians turn telco regulator into internet spy, judge and jury, puts 25% of population as criminals

Posted on by

Italy’s brand new anti-piracy law has just received full approval from telecoms regulator AGCOM. In a statement issued Thursday, AGCOM noted its position “at the forefront of the European scene in combating online piracy.” The new law comes into force on August 8 and authorizes nationwide ISP blocking of live events and enables the state to issue fines of up to 5,000 euros to users of pirate streams .

Unanimously approved by the Chamber of Deputies back in March and then unanimously approved by the Senate earlier this month, Italy’s new anti-piracy law has just been unanimously approved by telecoms regulator AGCOM.

In a statement published Thursday, AGCOM welcomed the amendments to Online Copyright Enforcement regulation 680/13/CONS, which concern measures to counter the illegal distribution of live sports streams, as laid out in Resolution 189/23/CONS.

The new provisions grant AGCOM the power to issue “dynamic injunctions” against online service providers of all kinds, a privilege usually reserved for judges in Europe’s highest courts. The aim is to streamline blocking measures against unlicensed IPTV services, with the goal of rendering them inaccessible across all of Italy.

“With such measures, it will be possible to disable access to pirated content in the first 30 minutes of the event broadcast by blocking DNS resolution of domain names and blocking the routing of network traffic to IP addresses uniquely intended for illicit activities,” AGCOM says.

[…]

Penalties For Challenging AGCOM’s New Powers

When AGCOM issues blocking instructions to service providers, their details will be passed to the Public Prosecutor’s Office at the Court of Rome.

After carrying out AGCOM’s instructions, those providers will be required to send a report “without delay” to the Public Prosecutor’s Office. It must detail “all activities carried out in fulfillment of the aforementioned measures” along with “any existing data or information in their possession that may allow for the identification of the providers of the content disseminated abusively.”

In other words, ISPs will be expected to block pirates and gather intelligence on the way. Failure to comply with the instructions of AGCOM will result in a sanction as laid out in LEGGE 31 luglio 1997, n. 249 (Law 249 of July 31, 1997); an administrative fine of 20 million lira to 500 million lira, or in today’s currency – €10,620 to €265,000.

Those involved in the supply/distribution of infringing streams will now face up to three years in prison and a fine of up to €15,000. That’s just €5,000 higher than the minimum punishment intermediaries risk should they fail to follow blocking instructions. Notably, it’s still €250,000 less than the maximum fine a service provider could face if they fail to block piracy carried out by actual pirates.

Watch Pirate Streams? There’s a Fine For That

Unlike the United States where simply consuming pirated streams probably isn’t illegal, in 2017 the Court of Justice of the European Union confirmed that consuming illicit streams in the EU runs contrary to law.

With new deterrents in place against operators of pirate services and otherwise innocent online service providers, Italy has a new deterrent for people who consume pirated streams. From August 8, 2023, they risk a fine of up to €5,000. At least on paper, that has the potential to become quite interesting.

IPSOS research carried out in Italy over the past few years found that roughly 25% of the adult population consume pirate IPTV streams to some extent during a year.

Italy has a population of around 59 million so even with some aggressive rounding that’s still a few million potential pirates. How evidence of this offense can be obtained and then attributed to an individual is unclear.

[…]

Source: Italian Pirate IPTV Customers Risk a 5,000 Euro Fine Starting August 8, 2023 * TorrentFreak

So they will be able to inspect your internet usage, block VPNs, kick you off internet, fine and imprison you – all with no recourse!

That Which Copyright Destroys, ‘Pirates’ Can Save

Posted on by

There’s an interesting post on TorrentFreak that concerns so-called “pirate” subtitles for films. It’s absurd that anyone could consider subtitles to be piracy in any way. They are a good example of how ordinary people can add value by generously helping others enjoy films and TV programs in languages they don’t understand. In no sense do “pirate” subtitles “steal” from those films and programs, they manifestly enhance them. And yet the ownership-obsessed copyright world actively pursues people who dare to spread joy in this way. In discussing these subtitles, TorrentFreak mentions a site that I’ve not heard of before, Karagarga:

an illustrious BitTorrent tracker that’s been around for more than 18 years. Becoming a member of the private community isn’t easy but those inside gain access to a wealth of film obscurities.

The site focuses on archiving rare classic and cult movies, as well as other film-related content. Blockbusters and other popular Hollywood releases can’t be found on the site as uploading them is strictly forbidden.

TorrentFreak links to an article about Karagarga published some years ago by the Canadian newspaper National Post. Here’s a key point it makes:

It’s difficult to overstate the significance of such a resource. Movies of unflagging historical merit are otherwise lost to changes in technology and time every year: film prints are damaged or lost, musty VHS tapes aren’t upgraded, DVDs fall out of print without reissue, back catalogues never make the transition to digital. But should even a single copy of the film exist, however tenuously, it can survive on Karagarga: one person uploads a rarity and dozens more continue to share.

Although that mentions things like film prints being lost, or back catalogues that aren’t converted to digital formats, the underlying cause of films being lost is copyright. It is copyright that prevents people from making backups of films, whether analogue or digital. Even though people are painfully aware of the vulnerability of films that exist in a few copies or even just one copy, it is generally illegal for them to do anything about it, because of copyright. Instead, they must often sit by as cinematic masterpieces are lost forever.

Unless, of course, sites like Karagarga make unauthorized digital copies. It’s a great demonstration of the fact that copyright, far from preserving culture, often leads to its permanent loss. And that supposedly “evil” sites like Karagarga are the ones that save it for posterity.

Source: That Which Copyright Destroys, ‘Pirates’ Can Save | Techdirt

‘Eventually it will just be a barcode, won’t it?’ Why Britain’s new stamps are causing outrage and upset

Posted on by

Royal Mail’s stamps are finally entering the digital world, with printed codes that can be used to track letters or linked to videos. Collectors, traditionalists and royalists are not amused

[…]

In February, Royal Mail introduced a new design for its standard stamps, which have changed so little since the launch of the Penny Black in 1840 that they are officially known as “definitives”. The new stamps – “plum purple” for first class, “holly green” for second – still feature the same regal profile introduced more than 50 years ago. But what is most bothering purists – and leading Johnson to the brink of direct action – is the addition next to the Queen of a digital barcode

The rectangular codes – which look like QR codes but are apparently not QR codes, which are a particular, and trademarked, kind of code – are designed to stop counterfeiting and to enable the tracking of all letters to improve efficiency. Correspondents will soon be able to share photo or video messages by linking digital content to their coded stamps. Recipients will view it via the Royal Mail app (currently the codes link to a short film featuring Shaun the Sheep and a plasticine postwoman).

The Penny Black, launched in 1840.
The first adhesive postage stamp … the Penny Black, launched in 1840. Photograph: PA

From 1 February 2023, only the new stamps will be accepted. Any old stamps must be used before then or traded in. Christmas and other themed special stamps will remain valid indefinitely. Swapping definitives, which can still be done after the deadline, is free but will involve downloading and printing a form, or requesting one by phone or letter, and posting it to Royal Mail along with the old stamps.

[…]

Since the launch of the Penny Black as the world’s first adhesive postage stamp, the sticky squares have become more than a simple proof of purchase: they are collectibles, artists’ canvases, tools of propaganda and cultural icons.

[… ]

In the first year of the Penny Black, the number of letters sent more than doubled – then doubled again by 1850. Letter writing stopped being an elite pursuit and the postal service became profitable. Dozens of countries swiftly copied Hill’s example. Stamps were as significant an innovation in communication as telephones or web-connected home computers would be.

The first stamp was also a triumph of design. There was no need to include a country name – there were no stamps anywhere else, after all. Instead, a portrait of Queen Victoria in profile was added. Monarchs and colours have come and gone, and perforations and self-adhesion arrived. But the definitives have changed little in 180 years. The current stamps, originally designed by the artist Arnold Machin, have used the same sculpted profile of Queen Elizabeth II for the past 55 years.

Yet I am not alone in barely using them; the pandemic has only hastened a postal freefall, from a peak of just over 20bn letters sent via Royal Mail in 2005 (in the same year, the proportion of UK households with the internet tipped over 50%), to fewer than 8bn in 2020-21. These figures include commercial post; the smaller number of cards and letters bearing sticky stamps is likely to be in steeper decline.

Two stamps issued in 1995, commemorating Sir Rowland Hill, who proposed the idea of the pre-paid stamp.
Sir Rowland Hill, the schoolmaster who proposed the idea of the pre-paid stamp, was commemorated with a special set of stamps in 1995. Photograph: Kay Roxby/Alamy

“They’re trying to attract the younger generation by throwing in a QR code and a video of Shaun the Sheep,” says Andrew Jackson, 58, a collector and trader who runs Tagula Blue Stamps. Like Jackson, Johnson wonders if the change signals the beginning of the end for stamps. “Eventually it will just be the barcode, won’t it?” she says.

[…]

Royal Mail now produces more than a dozen sets of special stamps a year in an attempt to create demand among collectors. This year they include pictures of cats, birds, the Rolling Stones and heroes of the Covid pandemic drawn by children.

Many state-owned postal services are much bolder. In Ukraine in April, queues formed outside post offices when Ukrposhta issued 1m stamps to commemorate the defiance of the soldier who refused to surrender an island soon after the Russian invasion. In the image, the solider is flipping the bird at the Moskva warship, which was later sunk, in a visual representation of the message he had radioed to the ship: “Russian warship, go fuck yourself.”

But the potential for stamps to punch above their weight is doing little to boost demand. Gentleman says he rarely uses more than a pack or two at Christmas, preferring email for everyday correspondence. He’s not sure about the aesthetic appeal of the coded stamps. “I find it difficult to enthuse over them,” he says.

Some critics have been blunter. “Arnold Machin’s profile of the Queen is one of the simplest, purest compositions in the world,” tweeted Samuel West, actor and stamp collector, in March, addressing his next sentence to Royal Mail: “You took one of the great iconic stamp designs, and you fucked it up.” The writer and broadcaster Victoria Coren Mitchell simply said: “THIS IS AWFUL!”

The implications were more practical for some. Many canny letter writers buy stamps in bulk to avoid being hit by future price rises. Royal Mail’s swap scheme is designed so that nobody loses out, but I gather many collectors find themselves in a bind. Old definitives might have a higher value because they are rare. But some of that value comes also because the stamps could theoretically be used. Swap them and you’d throw away all of that value. Keep them and you’d lose much of it anyway. “A lot of value is just going to be lost overnight,” says Gerard McCulloch, an Australian collector better known as the Punk Philatelist.

Meanwhile groups representing older people say that, as well as creating inconvenience, the change risks marginalising those who still rely on “snail mail”. These users are also affected most by price rises (first-class stamps went up by 10p to 95p in April). “It will be chicken and egg,” says Dennis Reed from the campaign group Silver Voices. “Less people will send letters so Royal Mail will say, ‘We won’t have as many collections or post boxes’ – and even fewer people will send letters.”

[…]

 

Source: ‘Eventually it will just be a barcode, won’t it?’ Why Britain’s new stamps are causing outrage and upset | Society | The Guardian

It’s poorly described but a lot of people have huge collections of pretty stamps which they actually use. The value of these will be wiped out.

Diamond’s all-electric eDA40 completes maiden flight

Posted on by

Diamond Aircraft announced that it has successfully completed the first flight of its eDA40 electric aircraft.

The eDA40 is an all-electric, battery-powered version of the popular DA40 light aircraft, which is one of the best-selling piston aircraft and is used by flight schools and private owners all over the world.

The eDA40’s maiden flight took place on July 26, 2023, in the skies over the company’s headquarters in Wiener Neustadt, Austria. During the flight Diamond’s Head of Flight Test, Sören Pedersen, performed several system checks and undertook basic maneuvers.

“The aircraft performed outstandingly well during its maiden flight and not only met but exceeded all our expectations,” said Diamond CEO, Liqun (Frank) Zhang.

The eDA40 is powered by a Safran ENGINeUS electric motor and a battery module made by Electric Power Systems (EPS).

Flight autonomy is expected to be up to 90 minutes, with a charging time from depleted to full battery of around 20 minutes using a DC fast charging system. Diamond Aircraft claims the eDA40’s operating costs will be 40% below those of a traditional piston engine aircraft of similar size.

The Austrian manufacturer is seeking Part 23 certification from the European Union Aviation Safety Agency (EASA) and the US Federal Aviation Administration (FAA) for the eDA40.

The aircraft will be publicly presented at the AERO Friedrichshafen 2024 air show, which will take place in the southern German city in April 2024.

Source: Diamond’s all-electric eDA40 completes maiden flight – AeroTime

AI Creation and Copyright: Unraveling the debate on originality, ownership

Posted on by

Whether AI systems can create original work sparks intense discussions among philosophers, jurists, and computer scientists and touches on issues of ownership, copyright, and economic competition, writes Stefano Quintarelli.

Stefano Quintarelli is an information technology specialist, a former member of the Italian Parliament and a former member of the European Commission’s High-level expert group on Artificial Intelligence.

Did Jesus Christ own the clothing he wore? In Umberto Eco’s landmark book “The Name of the Rose,” this is the central issue that is hotly debated by senior clergy, leading to internecine warfare. What is at stake is nothing less than the legitimacy of the church to own private property — and for clergy to grow rich in the process — since if Jesus did it then it would be permitted for his faithful servants.

Although it may not affect the future of an entity quite as dominant as the Catholic church, a similarly vexatious question is sparking heated debate today: Namely, can artificial intelligence systems create original work, or are they just parrots who repeat what they are told? Is what they do similar to human intelligence, or are they just echoes of things that have already been created by others?

The recent boom in generative artificial intelligence (AI) tools such as ChatGPT has spurred a flurry of multilateral initiatives as regulators attempt to respond to the breakneck pace of development of AI systems, write Carisa Nietsche and Camille Ford.

In this case, the debate is not among senior clergy, but philosophers, jurists and computer scientists (those who specialise in the workings of the human brain seem to be virtually absent from the discussion). Instead of threatening the wealth of the church, the answer to the question of machine intelligence raises issues that affect the ownership and wealth that flows from all human works.

Large language models (LLMs) such as Bard and ChatGPT are built by ingesting huge quantities of written material from the internet and learning to make connections and correlations between the words and phrases in those texts. The question is: When an AI engine produces something, is it generating a new creative work, as a human would, or is it merely generating a derivative work?

If the answer is that a machine does not ‘learn’ and therefore only synthesises or parrots existing work and does not ‘create’ then for legal and copyright purposes, its output could be considered a work derived from existing texts and therefore not its own creative work with all the rights that would be included.

In the early years of the commercial web, there was a similar debate over whether hyperlinks and short excerpts from articles or web pages should be considered derivative works. Those who believed they were, argued that Google should have to pay royalties on those links and excerpts when it included them in its search results.

My position at the time was that links with short excerpts should not be considered a derivative work, but rather a new kind of service that helped bring those works to a different audience, and therefore didn’t compete with the economic interests of the authors of those works or owners of those sites. Not only did the links or excerpts not cause them harm, they did the exact opposite.

Bard, Google’s eagerly awaited response to ChatGPT, was launched in Europe on Thursday (13 July), following delays in complying with the EU’s data protection rules.

This argument and extensions of it formed the basis for the birth of economic giants such as Google and Facebook, which could not have existed if they had to pay a ‘link tax’ for the content they indexed and linked to (although recent laws in countries such as Australia and Canada have changed that to some extent, and have forced Google and Facebook to pay newspapers for linking to their content).

But large language models don’t just produce links or excerpts. The responses they provide don’t lead the user to the original texts or sites, but instead become a substitute for them. The audience is arguably the same, and therefore there is undoubtedly economic competition. A large language model could become the only interface for access to and economic exploitation of that information.

It seems obvious that this will become a political issue in both the US and Europe, although the question of its legality could result in different answers, since the United States has a legal tradition of ‘fair use’, which allows companies such as Google to use work in various ways without having to license it, and without infringing on an owner’s copyright.

In Europe, no such tradition exists (British Commonwealth countries have a similar concept called ‘fair dealing,’ but it is much weaker).

It’s probably not a coincidence that the companies that created these AI engines are reluctant to say what texts or content the models were built on, since transparency could facilitate possible findings of copyright infringement (a number of prominent authors are currently suing OpenAI, owner of ChatGPT, because they believe their work was ingested by its large language model without permission).

The rise of generative AI models like ChatGPT and Midjourney AI, able to produce incredibly realistic content, poses an unprecedented challenge to the creative sector. We discuss what this new generation of Artificial Intelligence means for this sector and human …

A problem within the problem is that the players who promote these systems typically enjoy dominant positions in their respective markets, and are therefore not subject to special obligations to open up or become transparent. This is what happened with the ‘right to link’ that led the web giants to become gatekeepers — the freedom to link or excerpt created huge value that caused them to become dominant.

It’s not clear that the solution to these problems is to further restrict copyright so as to limit the creation of new large language models. In thinking about what measures to apply and how to evolve copyright in the age of artificial intelligence, we ought to think about rules that will also help open up downstream markets, not cement the market power that existing gatekeepers already have.

When the creators of AI talk about building systems that are smarter than humans, and defend their models as more than just ‘stochastic parrots’ who repeat whatever they are told, we need to keep in mind that these are more than just purely philosophical statements. There are significant economic interests involved, including the future exploitation of the wealth of information produced to date. And that rivals anything except possibly the wealth of the Catholic Church in the 1300’s, when Eco’s hero, William Of Baskerville, was asking questions about private property.

Source: AI Creation and Copyright: Unraveling the debate on originality, ownership – EURACTIV.com

US-EU AI Code of Conduct: First Step Towards Transatlantic Pillar of Global AI Governance?

Posted on by

The European Union, G7, United States, and United Kingdom have announced initiatives aiming to establish governance regimes and guidelines around the technology’s use.

Amidst these efforts, an announcement made in late May by EU Executive Vice-President Margrethe Vestager at the close of the Fourth Trade and Technology Council (TTC) Ministerial in Sweden revealed an upcoming U.S.-EU “AI Code of Conduct.”

This measure represents a first step in laying the transatlantic foundations for global AI governance.

The AI Code of Conduct was presented as a joint U.S.-EU initiative to produce a draft set of voluntary commitments for businesses to adopt. It aims to bridge the gap between different jurisdictions by developing a set of non-binding international standards for companies developing AI systems ahead of legislation being passed in any country.

The initiative aims to go beyond the EU and U.S. to eventually involve other countries, including Indonesia and India, and ultimately be presented before the G7.

At present, questions remain surrounding the scope of the Code of Conduct and whether it will contain monitoring or enforcement mechanisms.

The AI Code of Conduct – coupled with other TTC deliverables emerging from the U.S.-EU Joint AI Roadmap – signals a path forward for the emergence of a transatlantic pillar of global AI governance.

Importantly, this approach circumvents questions of regulatory alignment and creates room for a broader set of multilateral actors, as well as the private sector.

[…]

Source: US-EU AI Code of Conduct: First Step Towards Transatlantic Pillar of Global AI Governance? – EURACTIV.com

Android phones can now tell you if there’s an AirTag following you

Posted on by

When Google announced that trackers would be able to tie in to its 3 billion-device Bluetooth tracking network at its Google I/O 2023 conference, it also said that it would make it easier for people to avoid being tracked by trackers they don’t know about, like Apple AirTags.

Now Android users will soon get these “Unknown Tracker Alerts.” Based on the joint specification developed by Google and Apple, and incorporating feedback from tracker-makers like Tile and Chipolo, the alerts currently work only with AirTags, but Google says it will work with tag manufacturers to expand its coverage.

Android’s unknown tracker alerts, illustrated in moving Corporate Memphis style.

For now, if an AirTag you don’t own “is separated from its owner and determined to be traveling with you,” a notification will tell you this and that “the owner of the tracker can see its location.” Tapping the notification brings up a map tracing back to where it was first seen traveling with you. Google notes that this location data “is always encrypted and never shared with Google.”

Finally, Google offers a manual scan feature if you’re suspicious that your Android phone isn’t catching a tracker or want to see what’s nearby. The alerts are rolling out through a Google Play services update to devices on Android 6.0 and above over the coming weeks.

[…]

Source: Android phones can now tell you if there’s an AirTag following you

More than 1,300 UK experts call AI a force for good

Posted on by

An open letter signed by more than 1,300 experts says AI is a “force for good, not a threat to humanity”.

It was organised by BCS, the Chartered Institute for IT, to counter “AI doom”.

Rashik Parmar, BCS chief executive, said it showed the UK tech community didn’t believe the “nightmare scenario of evil robot overlords”.

In March, tech leaders including Elon Musk, who recently launched an AI business, signed a letter calling for a pause in developing powerful systems.

[…]

The letter argues: “The UK can help lead the way in setting professional and technical standards in AI roles, supported by a robust code of conduct, international collaboration and fully resourced regulation”.

By doing so, it says Britain “can become a global byword for high-quality, ethical, inclusive AI”.

In the autumn UK Prime Minister Rishi Sunak will host a global summit on AI regulation.

Source: More than 1,300 experts call AI a force for good – BBC News

Firmware vulnerabilities in millions of servers could give hackers superuser status

Posted on by

[…] The vulnerabilities reside inside firmware that Duluth, Georgia-based AMI makes for BMCs (baseboard management controllers). These tiny computers soldered into the motherboard of servers allow cloud centers, and sometimes their customers, to streamline the remote management of vast fleets of computers. They enable administrators to remotely reinstall OSes, install and uninstall apps, and control just about every other aspect of the system—even when it’s turned off. BMCs provide what’s known in the industry as “lights-out” system management.

[…]

These vulnerabilities range in severity from High to Critical, including unauthenticated remote code execution and unauthorized device access with superuser permissions. They can be exploited by remote attackers having access to Redfish remote management interfaces, or from a compromised host operating system. Redfish is the successor to traditional IPMI and provides an API standard for the management of a server’s infrastructure and other infrastructure supporting modern data centers. Redfish is supported by virtually all major server and infrastructure vendors, as well as the OpenBMC firmware project often used in modern hyperscale environments.

[…]

The researchers went on to note that if they could locate the vulnerabilities and write exploits after analyzing the publicly available source code, there’s nothing stopping malicious actors from doing the same. And even without access to the source code, the vulnerabilities could still be identified by decompiling BMC firmware images. There’s no indication malicious parties have done so, but there’s also no way to know they haven’t.

The researchers privately notified AMI of the vulnerabilities, and the company created firmware patches, which are available to customers through a restricted support page. AMI has also published an advisory here.

The vulnerabilities are:

  • CVE-2023-34329, an authentication bypass via HTTP headers that has a severity rating of 9.9 out of 10, and
  • CVE-2023-34330, Code injection via Dynamic Redfish Extension. Its severity rating is 8.2.

[…]

“By spoofing certain HTTP headers, an attacker can trick BMC into believing that external communication is coming in from the USB0 internal interface,” the researchers wrote. “When this is combined on a system shipped with the No Auth option configured, the attacker can bypass authentication, and perform Redfish API actions.”

One example would be to create an account that poses as a legitimate administrator and has all system rights afforded one.

CVE-2023-34330, meanwhile, can be exploited on systems with the no auth setting to effectively execute code of their choice. In the event the no auth option isn’t enabled, the attackers first must have BMC credentials. That’s a higher bar but by no means out of reach for sophisticated actors.

[…]

Source: Firmware vulnerabilities in millions of computers could give hackers superuser status | Ars Technica

Janus, ‘two-faced’ hydrogen / helium white dwarf star

Posted on by

Scientists have observed a white dwarf star – a hot stellar remnant that is among the densest objects in the cosmos – that they have nicknamed Janus owing to the fact it has the peculiar distinction of being composed of hydrogen on one side and helium on the other.

[…]

The star is located in our Milky Way galaxy about 1,300 light years from Earth in the direction of the Cygnus constellation. A light year is the distance light travels in a year, 5.9 trillion miles (9.5 trillion km).

Janus is fairly massive for a white dwarf, with a mass 20% larger than that of our sun compressed into an object with a diameter half that of Earth. It rotates on its axis every 15 minutes – very fast considering these stars usually rotate every few hours to a few days.

“White dwarfs form at the very end of a star’s life. About 97% of all stars are destined to become white dwarfs when they die,” Caiazzo said.

[…]

After a white dwarf forms, its heavier elements are thought to sink to the star’s core while its lighter elements – hydrogen being the lightest, followed by helium – float to the top. This layered structure is believed to be destroyed at a certain stage in the evolution of some white dwarfs when a strong mixing blends the hydrogen and helium together.

Janus may represent a white dwarf in the midst of this transitional blending process, but with the puzzling development of one side being hydrogen while the other side is helium.

The researchers suspect that its magnetic field may be responsible for this asymmetry. If the magnetic field is stronger on one side than the other, as is often the case with celestial objects, one side could have less mixing of elements, becoming hydrogen heavy or helium heavy.

“Many white dwarfs are expected to go through this transition, and we might have caught one in the act because of its magnetic field configuration,” Caiazzo said.

[…]

Source: Introducing Janus, the exotic ‘two-faced’ white dwarf star | Reuters

Google Urges Gmail Users to Enable ‘Enhanced Safe Browsing’ for Faster, More Proactive Protection – but also takes screenshots of your browsing habits

Posted on by

The Washington Post’s “Tech Friend” newsletter has the latest on Google’s “Enhanced Safe Browsing” for Chrome and Gmail, which “monitors the web addresses of sites that you visit and compares them to constantly updated Google databases of suspected scam sites.” You’ll see a red warning screen if Google believes you’re on a website that is, for example, impersonating your bank. You can also check when you’re downloading a file to see if Google believes it might be a scam document. In the normal mode without Enhanced Safe Browsing, Google still does many of those same security checks. But the company might miss some of the rapid-fire activity of crooks who can create a fresh bogus website minutes after another one is blocked as a scam.

This enhanced security feature has been around for three years, but Google recently started putting a message in Gmail inboxes suggesting that people turn on Enhanced Safe Browsing.

Security experts told me that it’s a good idea to turn on this safety feature but that it comes with trade-offs. The company already knows plenty about you, particularly when you’re logged into Gmail, YouTube, Chrome or other Google services. If you turn on Enhanced Safe Browsing, Google may know even more about what sites you’re visiting even if you’re not signed into a Google account. It also collects bits of visual images from sites you’re visiting to scan for hallmarks of scam sites.

Google said it will only use this information to stop bad guys and train its computers to improve security for you and everyone else. You should make the call whether you are willing to give up some of your privacy for extra security protections from common crimes.
Gmail users can toggle the feature on or off at this URL. Google tells users that enabling the feature will provide “faster and more proactive protection against dangerous websites, downloads, and extensions.”

The Post’s reporter also asked Google why it doesn’t just enable the extra security automatically, and “The company told me that because Google is collecting more data in Enhanced Safe Browsing mode, it wants to ask your permission.”

The Post adds as an aside that “It’s also not your fault that phishing scams are everywhere. Our whole online security system is unsafe and stupid… Our goal should be to slowly replace the broken online security system with newer technologies that ditch our crime-prone password system for different methods of verifying we are who we say we are.”

Source: Google Urges Gmail Users to Enable ‘Enhanced Safe Browsing’ for Faster, More Proactive Protection – Slashdot

TETRA Military and Police Radio Code Encryption Has a Flaw: A built in Backdoor

Posted on by

For more than 25 years, a technology used for critical data and voice radio communications around the world has been shrouded in secrecy to prevent anyone from closely scrutinizing its security properties for vulnerabilities

[…]

The backdoor, known for years by vendors that sold the technology but not necessarily by customers, exists in an encryption algorithm baked into radios sold for commercial use in critical infrastructure. It’s used to transmit encrypted data and commands in pipelines, railways, the electric grid, mass transit, and freight trains. It would allow someone to snoop on communications to learn how a system works, then potentially send commands to the radios that could trigger blackouts, halt gas pipeline flows, or reroute trains.

Researchers found a second vulnerability in a different part of the same radio technology that is used in more specialized systems sold exclusively to police forces, prison personnel, military, intelligence agencies, and emergency services, such as the C2000 communication system used by Dutch police, fire brigades, ambulance services, and Ministry of Defense for mission-critical voice and data communications. The flaw would let someone decrypt encrypted voice and data communications and send fraudulent messages to spread misinformation or redirect personnel and forces during critical times.

[…]

The Dutch National Cyber Security Centre assumed the responsibility of notifying radio vendors and computer emergency response teams around the world about the problems, and of coordinating a timeframe for when the researchers should publicly disclose the issues.

In a brief email, NCSC spokesperson Miral Scheffer called TETRA “a crucial foundation for mission-critical communication in the Netherlands and around the world” and emphasized the need for such communications to always be reliable and secure, “especially during crisis situations.” She confirmed the vulnerabilities would let an attacker in the vicinity of impacted radios “intercept, manipulate or disturb” communications and said the NCSC had informed various organizations and governments, including Germany, Denmark, Belgium, and England, advising them how to proceed.

[…]

The researchers plan to present their findings next month at the BlackHat security conference in Las Vegas, when they will release detailed technical analysis as well as the secret TETRA encryption algorithms that have been unavailable to the public until now. They hope others with more expertise will dig into the algorithms to see if they can find other issues.

[…]

Although the standard itself is publicly available for review, the encryption algorithms are only available with a signed NDA to trusted parties, such as radio manufacturers. The vendors have to include protections in their products to make it difficult for anyone to extract the algorithms and analyze them.

[…]

Source: TETRA Radio Code Encryption Has a Flaw: A Backdoor | WIRED

AMD ‘Zenbleed’ bug allows Meltdown-like data leakage

Posted on by

AMD has started issuing some patches for its processors affected by a serious silicon-level bug dubbed Zenbleed that can be exploited by rogue users and malware to steal passwords, cryptographic keys, and other secrets from software running on a vulnerable system.

Zenbleed affects Ryzen and Epyc Zen 2 chips, and can be abused to swipe information at a rate of at least 30Kb per core per second. That’s practical enough for someone on a shared server, such as a cloud-hosted box, to spy on other tenants. Exploiting Zenbleed involves abusing speculative execution, though unlike the related Spectre family of design flaws, the bug is pretty easy to exploit. It is more on a par with Meltdown.

Malware already running on a system, or a rogue logged-in user, can exploit Zenbleed without any special privileges and inspect data as it is being processed by applications and the operating system, which can include sensitive secrets, such as passwords. It’s understood a malicious webpage, running some carefully crafted JavaScript, could quietly exploit Zenbleed on a personal computer to snoop on this information.

The vulnerability was highlighted today by Google infosec guru Tavis Ormandy, who discovered the data-leaking vulnerability while fuzzing hardware for flaws, and reported it to AMD in May. Ormandy, who acknowledged some of his colleagues for their help in investigating the security hole, said AMD intends to address the flaw with microcode upgrades, and urged users to “please update” their vulnerable machines as soon as they are able to.

Proof-of-concept exploit code, produced by Ormandy, is available here, and we’ve confirmed it works on a Zen 2 Epyc server system when running on the bare metal. While the exploit runs, it shows off the sensitive data being processed by the box, which can appear in fragments or in whole depending on the code running at the time.

If you stick any emulation layer in between, such as Qemu, then the exploit understandably fails.

What’s hit?

The bug affects all AMD Zen 2 processors including the following series: Ryzen 3000; Ryzen Pro 3000; Ryzen Threadripper 3000; Ryzen 4000 Pro; Ryzen 4000, 5000, and 7020 with Radeon Graphics; and Epyc Rome datacenter processors.

AMD today issued a security advisory here, using the identifiers AMD-SB-7008 and CVE-2023-20593 to track the vulnerability. The chip giant scored the flaw as a medium severity one, describing it as a “cross-process information leak.”

A microcode patch for Epyc 7002 processors is available now. As for the rest of its affected silicon: AMD is targeting December 2023 for updates for desktop systems (eg, Ryzen 3000 and Ryzen 4000 with Radeon); October for high-end desktops (eg, Threadripper 3000); November and December for workstations (eg, Threadripper Pro 3000); and November to December for mobile (laptop-grade) Ryzens. Shared systems are the priority, it would seem, which makes sense given the nature of the design blunder.

[…]

Source: AMD ‘Zenbleed’ bug allows Meltdown-like data leakage

Mercedes: Pay us again to unlock full accellaration on EQS and EQE – yes you already own the hardware.

Posted on by

Mercedes-Benz has new finalized pricing on its vexing “Acceleration Increase” subscription revealed last year that can eke out more electric performance — without any physical modification — from the automaker’s current EQE and EQS EV models, Car and Driver reports.

The updated Acceleration Increase pricing starts at $60 per month, or you can save about $120 and pay $600 per year instead. That pricing only applies to the AWD EQE 350 sedan and its SUV counterpart. Meanwhile, the pricier AWD EQS 450 car and SUV command a higher $90 per month (or $900 per year) rate for their own boost.

Mercedes-Benz had initially set the subscription at $1,200 per year, but now it’s been reduced a bit to a slightly-less-unreasonable rate. The automaker is also letting you pay a one-time fee of $1,950 on the EQE and $2,950 on the EQS to unlock the Acceleration Increase permanently.

The unlock increases acceleration and power output to the motors by 20 to 24 percent, according to Mercedes-Benz. The EQE’s 215kW total output increases to 260kW, and its 0–60 mph time decreases to 5.1 seconds (from 6) for the sedan and 5.2 seconds (from 6.2) on the SUV. Meanwhile, the EQS goes from 265kW to 330kW and decreases its 0–60 mph to 4.5 seconds (from 5.3) and 4.9 seconds (from 5.8) on the SUV.

For those who do choose the monthly subscription, they’d be paying the same as a full unlock in just under three years of owning either vehicle. It seems that Mercedes-Benz’s monthly subscription pricing model is designed for customers who are leasing the vehicle for a short period or only want to show off the performance temporarily while taking visiting friends or family on joy rides.

The era of automakers adding monthly subscriptions and microtransactions to vehicles is becoming a troubling trend. Tesla was early to selling such options when it offered a $3,250 unlock to use the full battery capacity of some older Model S vehicles. More recently, there have been cars with heated seats that are subject to software locks and subscriptions from Tesla and BMW, respectively.

The EQS and EQE aren’t the only artificially nerfed electric cars to offer paid unlocks. Polestar offers a $1,195 one-time fee for a boost, and Tesla also has a performance unlock for its EVs. But if you really want a quick EV and you’re willing to pay over $100,000 for an EQS already, you have quicker options in the Tesla Model S Plaid or the AMG version of the EQS.

Source: Mercedes-Benz’s EQS and EQE can be uncorked with a monthly fee – The Verge

How is this legal? You bought the car and the accellerative capacity already. But they will make you pay again to use it?

AI shows classroom conversations predict academic success

Posted on by

Who would have thought in-class, off-topic dialog can be a significant predictor of a student’s success in school? Scientists at Tsinghua University had a hunch and decided to deep-dive into how and AI may help an under-studied segment of the education pool: K-6th grade students learning in live, online classes.

By analyzing the classroom dialogs of these children, scientists at Tsinghua University developed neural network models to predict what behaviors may lead to a more successful student.

[…]

The researchers published their results in the Journal of Social Computing on March, 31. Valid findings were drawn from the data recorded and the models used that can be used to accurately predict .

“The most important message from this paper is that high-performing students, regardless of whether they are enrolled in STEM or non-STEM courses, consistently exhibit more , higher-level interactions concerning , and active participation in off-topic dialogs throughout the lesson,” said Jarder Luo, author and researcher of the study.

The implication here is that above the other markers of a successful student, which are cognition and positive emotion, the most important predictor of performance for STEM and non-STEM students is the interactive type of that student. In STEM students, the most crucial situation interactive types play in learning is during the middle stage of the lesson. In contrast, non-STEM students’ interactive types have about the same effect on the student’s performance during the middle and summary stages of the lesson.

Interactive dialog between students helps to streamline and integrate along with knowledge building; these open conversations help the young students navigate conversations generally, but more specifically conversations on topics the student is likely not very familiar with. This could be why the data so strongly suggests students more active in classroom dialog are typically higher-performing.

Additionally, the study also found that meta-cognition, that is, “thinking about thinking” is found to be more prevalent in higher-performing, non-STEM students than their STEM counterparts. This could be in part because science is often taught in a way that builds on a basis of knowledge, whereas other areas of study require a bit more planning and evaluation of the material.

[…]

Source: How AI can use classroom conversations to predict academic success

More information: Yuanyi Zhen et al, Prediction of Academic Performance of Students in Online Live Classroom Interactions—An Analysis Using Natural Language Processing and Deep Learning Methods, Journal of Social Computing (2023). DOI: 10.23919/JSC.2023.0007

Tesla directors agree to return $735 million following claims they were massively overpaid

Posted on by

Elon Musk, Larry Ellison and other current and former members of Tesla’s board of directors will return $735 million to settle claims that they massively overpaid themselves, Reuters has reported. The deal wraps up a saga that started in 2020 stemming from a lawsuit filed by a police and firefighter retirement fund challenging stock options granted to Tesla’s board starting in 2017. Directors also agreed not to receive compensation for 2021, 2022 and 2023, and change the way compensation is calculated.

Tesla’s current board includes Elon Musk, his brother Kimbal, Fox News mogul James Murdoch, Airbnb co-founder Joe Gebbia and former Tesla CTO JB Straubel. The case is separate from a lawsuit filed by shareholders against a $56 billion compensation package awarded to CEO Elon Musk.

The Police and Fire Retirement System of the City of Detroit accused Tesla’s board of giving itself unfair and excessive compensation in the form of 11 million stock options between 2017 and 2020, saying it grossly exceeded norms for a corporate board. The $735 million settlement will be paid back to Tesla in what’s called a “derivative lawsuit” — the largest ever awarded by Delaware’s Court of Chancerty, according to Reuters.

Tesla argued that stock options were used to ensure Director’s incentives were aligned with investor goals. Tesla has yet to comment on the affair, but in court documents, said that it agreed to settle to eliminate the risk of future litigation.

Tesla CEO Elon Musk is fighting a separate lawsuit to defend his $56 billion pay package. It was brought by shareholder Richard Tornette, who claimed that “the largest compensation grant in human history” was given to Musk, even though he didn’t focus entirely on Tesla. In 2020, he received the first of 12 $700 million payments as part of that package.

Source: Tesla reportedly suspected Musk was using company funds to build a literal glass house

Paris 2024 Olympics: Concern over French plan for AI surveillance

Posted on by

Under a recent law, police will be able to use CCTV algorithms to pick up anomalies such as crowd rushes, fights or unattended bags.

The law explicitly rules out using facial recognition technology, as adopted by China, for example, in order to trace “suspicious” individuals.

But opponents say it is a thin end of the wedge. Even though the experimental period allowed by the law ends in March 2025, they fear the French government’s real aim is to make the new security provisions permanent.

“We’ve seen this before at previous Olympic Games like in Japan, Brazil and Greece. What were supposed to be special security arrangements for the special circumstances of the games, ended up being normalised,” says Noémie Levain, of the digital rights campaign group La Quadrature du Net (Squaring the Web).

[…]

“We will not – and cannot by law – provide facial recognition, so this is a wholly different operation from what you see in China,” he says.

“What makes us attractive is that we provide security, but within the framework of the law and ethics.”

But according to digital rights activist Noémie Levain, this is only a “narrative” that developers are using to sell their product – knowing full well that the government will almost certainly favour French companies over foreign firms when it comes to awarding the Olympics contracts.

“They say it makes all the difference that here there will be no facial recognition. We say it is essentially the same,” she says.

“AI video monitoring is a surveillance tool which allows the state to analyse our bodies, our behaviour, and decide whether it is normal or suspicious. Even without facial recognition, it enables mass control.

“We see it as just as scary as what is happening in China. It’s the same principle of losing the right to be anonymous, the right to act how we want to act in public, the right not to be watched.”

Source: Paris 2024 Olympics: Concern over French plan for AI surveillance – BBC News

Dual wavelengths of light shown to be effective against antibiotic-resistant superbug bacterium

Posted on by

Scientists have combined two light wavelengths to deactivate a bacterium that is invulnerable to some of the world’s most widely used antibiotics, giving hope that the regime could be adapted as a potential disinfectant treatment.

Under the guidance of project leader Dr. Gale Brightwell, scientists at New Zealand’s AgResearch demonstrated the novel antimicrobial efficiency of a combination of two light wavelengths against a ‘superbug’ known as antibiotic-resistant extended-spectrum beta-lactamase E. coli.

[…]

A combination of far UVC (222 nm) and blue LED (405 nm) light have been shown to be effective in the inactivation of a wide range of microorganisms while being much safer to use and handle as compared to traditional UVC at 254 nm, she said.

“The E. coli we chose for this investigation were extended-spectrum beta- lactamases producing E. coli (ESBL-Ec) as these bacteria produce enzymes that break down and destroy commonly used , including penicillins and cephalosporins, making these drugs ineffective for treating infections,” she said.

[…]

The team found that a combination of dual far-UVC and blue LED light could be used to disinfect both antibiotic resistant and antibiotic sensitive E. coli, offering a non-thermal technology that may not drive further .

However, if exposed to sub-lethal levels of dual and far-UVC light, the antibiotic resistant E. coli tested did exhibit light tolerance. One surprising finding was that this light tolerance was only exhibited by the antibiotic resistant E. coli and not the antibiotic sensitive E. coli that was also tested.

Gardner says further work is needed to understand whether the light tolerance is due to a genetic change, or some other mechanism.

“It is also important to investigate the development of light tolerance in other antimicrobial-resistant bacteria and to determine the minimum dose of far-UVC light that can create light tolerance as well as the potential of further resistance development to other things such as sanitizers, heat, and pH in bacteria for application purposes,” she said.

The findings are published in the Journal of Applied Microbiology.

More information: Amanda Gardner et al, Light Tolerance of Extended Spectrum ß-lactamase Producing Escherichia coli Strains After Repetitive Exposure to Far-UVC and Blue LED Light, Journal of Applied Microbiology (2023). DOI: 10.1093/jambio/lxad124

Source: Dual wavelengths of light shown to be effective against antibiotic-resistant bacterium

Spain antitrust watchdog fines Amazon, Apple $218 million for collusion and exclusion

Posted on by

Spain’s antitrust watchdog on Tuesday said it had imposed fines worth a total 194.1 million euros ($218.03 million) on Amazon (AMZN.O) and Apple (AAPL.O) for colluding to limit the online sale of devices from Apple and competitors in Spain.

The two contracts the companies signed on Oct. 31, 2018 granting Amazon the status of authorized Apple dealer included anti-competitive clauses that affected the online market for electronic devices in Spain, CNMC, as the watchdog is known, said in a statement.

Apple was fined 143.6 million euros and Amazon 50.5 million euros. The two companies have two months to appeal the decision.

[…]

“The two companies restricted without justification the number of sellers of Apple products on the Amazon website in Spain,” CNMC said.

More than 90% of the existing retailers who were using Amazon’s market place to sell Apple devices were blocked as a result, it added.

Amazon also reduced the capacity of retailers in the European Union based outside Spain to access Spanish customers, and restricted the advertising Apple’s competitors were allowed to place on its website when users searched for Apple products, the regulator said.

Following the deal between the two tech giants, the prices of Apple devices sold online rose in Spain, it added.

[…]

Source: Spain antitrust watchdog fines Amazon, Apple $218 million | Reuters

Yay the power of a monopoly!

‘Taco Tuesday’ is no longer a copyrighted phrase – wait you can copyright a phrase like that?!

Posted on by

Taco Bell succeeded in its petition to remove the “Taco Tuesday” trademark held by Taco John’s, claiming it held an unfair monopoly over the phrase. Taco John’s CEO Jim Creel backed down from the fight on Tuesday, saying it isn’t worth the legal fees to retain the regional chain’s trademark.

“We’ve always prided ourselves on being the home of Taco Tuesday, but paying millions of dollars to lawyers to defend our mark just doesn’t feel like the right thing to do,” Taco John’s CEO Jim Creel said in a statement to CNN.

Taco John’s adopted the “Taco Tuesday” slogan back in the early 1980s as a two-for-one deal, labeling the promotion as “Taco Twosday” in an effort to ramp up sales. The company trademarked the term in 1989 and owned the right to the phrase in all states with the exception of New Jersey where Gregory’s Restaurant & Tavern beat out Taco John’s by trademarking the term in 1982.

Three decades later, Taco John’s finally received pushback when Taco Bell filed a petition with the U.S. Patent and Trademark Office in May to cancel the trademark, saying any restaurant should be able to use “Taco Tuesday.”

[…]

Source: ‘Taco Tuesday’ Has Been Liberated From Its Corporate Overlords

If you think about it, the ability to copyright 2 common words following each other doesn’t make sense at all really. In any 2 word combination, there must have been prior common use.

UK buys 3 radar E-7 planes for 90% of the price of original 5, creating huge capability gap, shows how broken procurement is

Posted on by

The United Kingdom’s deal to buy three, rather than the previously planned five Boeing E-7A Wedgetail airborne early warning and control (AEW&C) aircraft for the Royal Air Force “represents extremely poor value for money” and “an absolute folly.” Those are among the conclusions of a report published today by the U.K. Defense Committee, a body that examines Ministry of Defense (MoD) expenditure, administration, and policy on behalf of the British parliament.

A computer-generated rendering of an E-7A Wedgetail in RAF service. <em>Crown Copyright</em>

A computer-generated rendering of an E-7A Wedgetail in RAF service. Crown Copyright

At the center of the report’s criticism of the procurement is the fact that, as a result of a contract stipulation, the MoD is having to pay for all five Northrop Grumman Multi-role Electronically Scanned Array (MESA) radars, even though only three aircraft — which will be designated Wedgetail AEW1 in RAF service — are being acquired. The report assesses that the total cost of the three-aircraft order will be $2.5 billion, compared to the $2.7 billion agreed for five of the radar planes.

“Even basic arithmetic would suggest that ordering three E-7s rather than five (at some 90 [percent] of the original acquisition cost) represents extremely poor value for money,” the report contends.

The E-7 procurement is one of three major defense deals dealt with by the report, which comes at the end of a six-month inquiry. The Type 26 anti-submarine warfare frigate for the Royal Navy and the Ajax armored fighting vehicle for the British Army also come in for criticism. Worryingly, the overall conclusion is that the U.K.’s defense procurement system is “broken” and that “multiple, successive reviews have not yet fixed it.”

[…]

The report suggests that the tiny fleet will be a “prize target” for aggressors. Not only will the AEW&C aircraft play a critical role in any high-end air campaign, but also planes of this type are increasingly under threat from long-range air defenses and are far from survivable in any kind of contested airspace.

The same report also warns that the initial operating capability for the RAF E-7s could be delayed by a further year to 2025. This is especially concerning considering that the RAF retired its previous E-3D Sentry AEW1 radar planes in 2021, leaving a massive capability gap.

[…]

Other problems are dogging the U.K.’s plans to field the E-7, the report explains, including the failure of Boeing and the British procurement arm, Defense Equipment and Support (DE&S), to agree on an in-service support contract. The report says that such a contract “should already have been successfully finalized long ago.”

[…]

Source: UK’s E-7 Radar Jet Deal Slammed As “Absolute Folly” In New Report

So procurement can’t argue that although the savings in initial procurement are minimal, the savings on the through life costs will be huge – because it has no idea what the through life costs of the platform are!

Stability AI releases Stable Doodle, a sketch-to-image tool

Posted on by

Stability AI, the startup behind the image-generating model Stable Diffusion, is launching a new service that turns sketches into images.

The sketch-to-image service, Stable Doodle, leverages the latest Stable Diffusion model to analyze the outline of a sketch and generate a “visually pleasing” artistic rendition of it. It’s available starting today through ClipDrop, a platform Stability acquired in March through its purchase of Init ML, an AI startup founded by ex-Googlers,

[…]

Under the hood, powering Stable Doodle is a Stable Diffusion model — Stable Diffusion XL — paired with a “conditional control solution” developed by one of Tencent’s R&D divisions, the Applied Research Center (ARC). Called T2I-Adapter, the control solution both allows Stable Diffusion XL to accept sketches as input and guides the model to enable better fine-tuning of the output artwork.

[…]

Source: Stability AI releases Stable Doodle, a sketch-to-image tool | TechCrunch

Find it at https://clipdrop.co/stable-doodle