Daily Archives: July 19, 2024

Meta and Apple are Keeping their Next Big AI things Out of the EU – that’s a good thing

Posted on by

[…]

In a statement to The Verge, Meta spokesperson Kate McLaughlin said that the company’s next-gen Llama AI model is skipping Europe, placing the blame squarely on regulations. “We will release a multimodal Llama model over the coming months,” Mclaughlin said, “but not in the EU due to the unpredictable nature of the European regulatory environment.”

A multimodal model is one that can incorporate data between multiple mediums, like video and text, and use them together while calculating. It makes AI more powerful, but also gives it more access to your device.

The move actually follows a similar decision from Apple, which said in June that it would be holding back Apple Intelligence in the EU due to the Digital Markets Act, or DMA, which puts heavy scrutiny on certain big tech “gatekeepers,” Apple and Meta both among them.

Meta’s concerns here could be less related to the DMA and more to the new AI Act, which recently finalized compliance deadlines and will force companies to make allowances for copyright and transparency starting August 2, 2026. Certain AI use cases, like those that try to read the emotions of schoolchildren, will also be banned. As the company tries to get a hold of AI on its social media platforms, increasing pressure is the last thing it needs.

How this will affect AI-forward Meta products like Ray-Ban smart glasses remains to be seen. Meta told The Verge that future multimodal AI releases will continue to be excluded from Europe, but that text-only model updates will still come to the region.

While the EU has yet to respond to Meta’s decision, EU competition regulator Margrethe Vestager previously called Apple’s plan to keep Apple Intelligence out of the EU a “stunning open declaration” of anticompetitive behavior.

Source: Meta Is Keeping Its Next Big AI Update Out of the EU | Lifehacker

Why is this good? Because the regulatory environment is predictable and run by rules that enforce openness, security, privacy and fair competition. The fact that Apple and Meta don’t want to run this in the EU shows that they are either incapable or unwilling to comply with points that are good for the people. You should not want to do business with shady dealers like that.

Indian WazirX halts withdrawals after losing $230M worth crypto assets – still cowboy country there

Posted on by

[…] The Mumbai-based firm said one of its multisig wallets had suffered a security breach. A multisig wallet requires two or more private keys for authentication. WazirX said its wallet had six signatories, five of whom were with WazirX team. Liminal, which operates a wallet infrastructure firm, said in a statement to TechCrunch that its preliminary investigation had found that a wallet created outside its ecosystem had been compromised.

“The cyber attack stemmed from a discrepancy between the data displayed on Liminal’s interface and the transaction’s actual contents,” said WazirX in a statement on Thursday. “During the cyber attack, there was a mismatch between the information displayed on Liminal’s interface and what was actually signed. We suspect the payload was replaced to transfer wallet control to an attacker.”

Lookchain, a third-party blockchain explorer, reported that more than 200 cryptocurrencies, including 5.43 billion SHIB tokens, over 15,200 Ethereum tokens, 20.5 million Matic tokens, 640 billion Pepe tokens, 5.79 million USDT and 135 million Gala tokens were “stolen” from the platform.

Blockchain data suggests the attackers are trying to offload the assets using the decentralized exchange Uniswap. Risk-management platform Elliptic reported that the hackers have affiliation with North Korea.

About $230 million in missing assets is significant for WazirX, which reported holdings of about $500 million in its June proof-of-reserves disclosure.

[…]

This is the latest setback for WazirX, which separated from Binance in early 2023 after the two crypto exchanges had a public and high-profile fallout in 2022. Two years after Binance announced it had acquired WazirX, the two companies started a dispute over the ownership of the Indian firm. Binance founder Changpeng Zhao eventually said that the two firms hadn’t been able to conclude the deal and moved to terminate Binance’s businesses with the Indian firm.

Source: WazirX halts withdrawals after losing $230M worth crypto assets in security breach | TechCrunch

Critical Cisco bug allows anyone to change all (including admin) passwords

Posted on by

Cisco just dropped a patch for a maximum-severity vulnerability that allows attackers to change the password of any user, including admins.

Tracked as CVE-2024-20419, the bug carries a maximum 10/10 CVSS 3.1 rating and affects the authentication system of Cisco Smart Software Manager (SSM) On-Prem.

Cisco hasn’t disclosed too many details about this, which is more than understandable given the nature of the vulnerability. However we know that an unauthenticated remote attacker can exploit this to change passwords. It’s hardly ideal, and should be patched as soon as possible.

Digging into the severity assessment, the attack complexity was deemed “low”: no privileges or user interaction would be required to pull it off, and the impact on the product’s integrity, availability, and confidentiality is all designated “high.”

“This vulnerability is due to improper implementation of the password-change process,” Cisco’s advisory reads, providing the last few details about the vulnerability.

“An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow an attacker to access the web UI or API with the privileges of the compromised user.”

There are no workarounds for this vulnerability, so get those patches applied if you’re in the business of keeping your passwords safe and secure. Fortunately, there are no signs of this being exploited in the wild yet, but now the cat’s out of the bag it likely won’t be long before that changes.

CVE-2024-20419 affects both SSM On-Prem and SSM Satellite. They’re different names for the same product, only the latter refers to versions before release 7.0.

[…]

Source: Critical Cisco bug allows crims to change admin passwords • The Register

How to unsnarl a tangle of threads, according to physics

Posted on by

Physicists may have found a solution for the rage-inducing tangles that crop up in everything from electronics cords to necklaces: to free a single thread from a tangle of many, you must shake it not too fast and not too slow but with just the right frequency.

Ishant Tiwari at the Georgia Institute of Technology in Atlanta and his colleagues created a vibrating robot to determine how to best jiggle a single thread from such a tangle.

 

Read more

Human cells have a resonant frequency – and it’s just barely audible

 

The researchers gathered cotton fibres into balls by rolling them around in a box. This ensured that all the tangles they tested would be similar. The tangles were each attached to a piston on a robot by a single thread.

Tiwari and his colleagues set the robot to jerk up and down at various frequencies and vibrate the tangle, which revealed that there is a sweet spot for the perfect untangling frequency.

 

New Scientist. Science news and long reads from expert journalists, covering developments in science, technology, health and the environment on the website and the magazine.

The robot identified an ideal shaking frequency of 17 hertz (shown in the middle)

Ishant Tiwari, Bhamla Lab

 

When the shaking frequency was low – just a few shakes each second, or a few hertz – the thread that was attached to the piston moved together with the tangle and it stayed stuck. At the high end, greater than around 37 shakes per second, the tangle also remained jumbled. The energy of the shaking was diverted into damped oscillations across the whole tangle, so it tugged less on the specific thread they were trying to release from the ball.

But at about 17 shakes per second, the tangle jumped and jerked more chaotically, and each twitch contributed a small pull on the thread. When the effect of these pulls accumulated, the thread came loose from the tangle.

The researchers have presented results on only one type of thread so far, but their work may help unravel a more general property of the fibre tangles that pervade our daily lives – and how to deal with them.

 

Journal reference:

Physical Review E DOI: 10.1103/PhysRevE.110.010001

Source: How to unsnarl a tangle of threads, according to physics | New Scientist

Major IT outage hits Microsoft Azure and Office365 users worldwide leading to cancelled flights, stock exchange outages and more chaos. What a great idea cloud is for critical infrastructure!

Posted on by

Companies and banks worldwide have been reportedly hit by a mass IT outage, leading to grounded flights.

A major IT outage has reportedly hit banks, media outlets, and airlines on Friday, causing chaos at airport check-in and cancelled flights.

The outage is believed to be caused by an outage of Microsoft’s Azure and Office365 services.

Airlines such as Qantas in Australia and at least two low-cost carriers in the US – Frontier and Sun Country Airlines – have been forced to ground flights.

In Europe, users of Ryanair’s app and website also complained and not being able to check in on Friday morning, with a surge of reports noted on the outage tracking website Downdetector.com.

Source: Major IT outage hits Microsoft users worldwide leading to cancelled flights and chaos | Euronews