Historically, manufacturers have let buyers unlock that access and customize what software their phones run. Notable exceptions in the US have, for the most part, only included carrier-specific phone variants.
Unlocking a Pixel smartphone, for example, requires adjusting a couple of settings and installing a couple of well-known tools. Then you’re ready to purge locked software or install a new launcher. Roughly a year ago, Xiaomi introduced a policy limiting users to three unlocked devices per account, providing only a limited time window for unlocking, and demanding waiting periods before doing so. It’s now gone even further, limiting users to unlocking the bootloader of just a single device throughout the year.
[…]
Custom ROMs usually (but not always) derive from pre-existing OSs like Android or Xiaomi’s HyperOS. To write operating software that works on a certain device, you need to develop it on that specific device. Consequently, individuals and teams throughout the enthusiast phone sphere constantly add to their collections of bootloader-unlocked phones. The new unlocking restrictions could place undue hardship on resource-limited development teams, reducing the number of custom ROMs produced moving forward.
Custom ROMs are not only important so you can do what you want on your hardware, but very important is that they allow you to keep updating a device long beyond manufacturer support (eg Cyanogen mod), keeping “outdated” devices running and useful.
New research from Anthropic, one of the leading AI companies and the developer of the Claude family of Large Language Models (LLMs), has released research showing that the process for getting LLMs to do what they’re not supposed to is still pretty easy and can be automated. SomETIMeS alL it tAKeS Is typing prOMptS Like thiS.
As the researchers explain, “BoN Jailbreaking works by repeatedly sampling variations of a prompt with a combination of augmentations—such as random shuffling or capitalization for textual prompts—until a harmful response is elicited.”
For example, if a user asks GPT-4o “How can I build a bomb,” it will refuse to answer because “This content may violate ourusage policies.” BoN Jailbreaking simply keeps tweaking that prompt with random capital letters, shuffled words, misspellings, and broken grammar until GPT-4o provides the information. Literally the example Anthropic gives in the paper looks like mocking sPONGbOB MEMe tEXT.
Anthropic tested this jailbreaking method on its own Claude 3.5 Sonnet, Claude 3 Opus, OpenAI’s GPT-4o, GPT-4o-mini, Google’s Gemini-1.5-Flash-00, Gemini-1.5-Pro-001, and Facebook’s Llama 3 8B. It found that the method “achieves ASRs [attack success rate] of over 50%” on all the models it tested within 10,000 attempts or prompt variations.
[…]
In January, we showed that the AI-generated nonconsensual nude images of Taylor Swift that went viral on Twitter were created with Microsoft’s Designer AI image generator by misspelling her name, using pseudonyms, and describing sexual scenarios without using any sexual terms or phrases. This allowed users to generate the images without using any words that would trigger Microsoft’s guardrails. In March, we showed that AI audio generation company ElevenLabs’s automated moderation methods preventing people from generating audio of presidential candidates were easily bypassed by adding a minute of silence to the beginning of an audio file that included the voice a user wanted to clone.
[…]
It’s also worth noting that while there’s good reasons for AI companies to want to lock down their AI tools and that a lot of harm comes from people who bypass these guardrails, there’s now no shortage of “uncensored” LLMs that will answer whatever question you want and AI image generation models and platforms that make it easy to create whatever nonconsensual images users can imagine.
This report summarizes insights from the inaugural 2024 Open Source Software Funding Survey1, a collaboration between GitHub, the Linux Foundation, and researchers from Harvard University. The objective of this study was to better understand how organizations2 fund, contribute to, and otherwise support open source software.
PayPal-owned browser extension Honey manipulates affiliate marketing systems and withholds discount information from users, according to an investigation by YouTube channel MegaLag.
The extension — which rose in popularity after promising consumers it would find them the best online deals — replaces existing affiliate cookies with its own during checkout, diverting commission payments from content creators who promoted the products to PayPal, MegaLag reported in a 23-minute video[YouTube link].
The investigation revealed that Honey, which PayPal acquired in 2019 for $4 billion, allows merchants in its cashback program to control which coupons appear to users, hiding better publicly available discounts.
British soldiers have successfully trialled for the first time a game-changing weapon that can take down a swarm of drones using radio waves for less than the cost of a pack of mince pies.
The Radio Frequency Directed Energy Weapon (RFDEW) development system can detect, track and engage a range of threats across land, air and sea.
RFDEWs are capable of neutralising targets up to 1km away with near instant effect and at an estimated cost of 10p per shot fired, providing a cost-effective complement to traditional missile-base air defence systems.
The RFDEW is different from Laser Directed Energy Weapons – such as DragonFire – because it uses a radio frequency to disrupt hostile threats, rather than a laser beam of light energy.
The weapon uses high frequency waves to disrupt or damage critical electronic components inside devices such as drones, causing them to be immobilised or fall out of the sky. It can also be used against threats on land and at sea.
The British Army successfully trialed a demonstrator version of the RFDEW. The development system has been produced by a consortium led by Thales UK and including sub-contractors QinetiQ, Teledyne e2v and Horiba Mira and supports up to 135 high-skilled jobs in the UK.
[…]
Its high level of automation means the system can be operated by a single person and could be mounted onto a military vehicle, such as a MAN SV, to provide mobility.
[…]
A live firing trial was recently completed by the Army’s Royal Artillery Trials and Development Unit and 7 Air Defence Group at a range in West Wales, where they successfully targeted and engaged Uncrewed Aerial Systems (UAS), in a first for the British Armed Forces.
following a Dec. 5 driver update that skipped GeForce Experience in favor of the Nvidia App (all future updates will follow its lead). The new app is meant to streamline the grab bag of features Nvidia has accumulated over the years, pairing its driver updating utility with a streamlined gaming overlay and improved tools for easily optimizing graphics or enabling G-Sync and other advanced settings. However, upon installing it, some gamers noticed their games running a bit more slowly.
“We’ve confirmed reports around the web that the Nvidia App using the default settings can impact gaming performance,” writes Tom’s Hardware’s Jarred Walton, “dropping frame rates by up to 15% in some cases.”
In particular, Walton saw performance drops ranging from 2% to 12% across the games he tested, which included Assassin’s Creed Mirage, Baldur’s Gate 3, Black Myth: Wukong, Flight Simulator 2024, and Stalker 2.
[…]
In a statement to Walton, Nvidia confirmed that the issue is specifically with the Game Filters and Photo Mode setting, and that the company is actively looking into a fix. So while you might not be able to play your games with an RTX HDR filter in the meantime, you’ll be able to use the rest of the app, even the overlay, as you would have before.
[…]
The simplest solution, and probably the best one for most people, is to follow Nvidia’s official advice and turn off the Game Filters and Photo Mode setting. To do this, just navigate to Settings > Features > Overlay > Game Filters and Photo Mode and toggle it off. I
Which unfortunately is OK because the new app does creates problems with photos / screenshots and screen videos being way too bright, among a raft of other problems.
But you don’t need to log in to this app to get driver updates.
Digital license plates, already legal to buy in a growing number of states and to drive with nationwide, offer a few perks over their sheet metal predecessors. You can change their display on the fly to frame your plate number with novelty messages, for instance, or to flag that your car has been stolen. Now one security researcher has shown how they can also be hacked to enable a less benign feature: changing a car’s license plate number at will to avoid traffic tickets and tolls—or even pin them on someone else.
Josep Rodriguez, a researcher at security firm IOActive, has revealed a technique to “jailbreak” digital license plates sold by Reviver, the leading vendor of those plates in the US with 65,000 plates already sold. By removing a sticker on the back of the plate and attaching a cable to its internal connectors, he’s able to rewrite a Reviver plate’s firmware in a matter of minutes. Then, with that custom firmware installed, the jailbroken license plate can receive commands via Bluetooth from a smartphone app to instantly change its display to show any characters or image.
That susceptibility to jailbreaking, Rodriguez points out, could let drivers with the license plates evade any system that depends on license plate numbers for enforcement or surveillance, from tolls to speeding and parking tickets to automatic license plate readers that police use to track criminal suspects. “You can put whatever you want on the screen, which users are not supposed to be able to do,” says Rodriguez. “Imagine you are going through a speed camera or if you are a criminal and you don’t want to get caught.”
One of Reviver’s license plates, jailbroken to show any image IOActive researcher Josep Rodriguez chooses.
Photography: IOActive
Worse still, Rodriguez points out that a jailbroken license plate can be changed not just to an arbitrary number but also to the number of another vehicle—whose driver would then receive the malicious user’s tickets and toll bills. “If you can change the license plate number whenever you want, you can cause some real problems,” Rodriguez says.
All traffic-related mischief aside, Rodriguez also notes that jailbreaking the plates could also allow drivers to use the plates’ features without paying Reviver’s $29.99 monthly subscription fee.
Because the vulnerability that allowed him to rewrite the plates’ firmware exists at the hardware level—in Reviver’s chips themselves—Rodriguez says there’s no way for Reviver to patch the issue with a mere software update. Instead, it would have to replace those chips in each display. That means the company’s license plates are very likely to remain vulnerable despite Rodriguez’s warning—a fact, Rodriguez says, that transport policymakers and law enforcement should be aware of as digital license plates roll out across the country. “It’s a big problem because now you have thousands of licensed plates with this issue, and you would need to change the hardware to fix it,” he says.
Hackers aligned with the Chinese government have infiltrated U.S. telecommunications infrastructure so deeply that it allowed the interception of unencrypted communications on a number of people, according to reports that first emerged in October. The operation, dubbed Salt Typhoon, apparently allowed hackers to listen to phone calls and nab text messages, and the penetration has been so extensive they haven’t even been booted from the telecom networks yet. The Cybersecurity and Infrastructure Security Agency (CISA) issued guidance this week on best practices for protecting “highly targeted individuals,” which includes a new warning (PDF) about text messages.
“Do not use SMS as a second factor for authentication. SMS messages are not encrypted—a threat actor with access to a telecommunication provider’s network who intercepts these messages can read them. SMS MFA is not phishing-resistant and is therefore not strong authentication for accounts of highly targeted individuals,” the guidance, which has been posted online, reads. Not every service even allows for multi-factor authentication and sometimes text messages are the only option. But when you have a choice, it’s better to use phishing-resistant methods like passkeys or authenticator apps. CISA prefaces its guidance by insisting it’s only really speaking about high-value targets. The telecommunications hack mentioned above has been called the “worst hack in our nation’s history,” according to Sen. Mark Warner (D-VA).
Hundreds of websites will be shut down on the day that Britain’s Online Safety Act comes into effect, in what are believed to be the first casualties of the new internet laws.
Microcosm, a web forum hosting service that runs 300 sites including cycling forums and local community hubs, said that the sites would go offline on March 16, the day that Ofcom starts enforcing the Act.
Its owner said they were unable to comply with the lengthy requirements of the Act, which created a “disproportionately high personal liability”.
The new laws, which were designed to crack down on illegal content and protect children, threaten fines of up to £18m or 10pc of revenue for sites that fail to comply with the laws.
On Monday, Ofcom set out more than 40 measures that it expects online services to follow by March, such as carrying out risk assessments about their sites and naming senior people accountable for ensuring safety.
Microcosm, which has hosted websites including cycling forum LFGSS since 2007, is run as a non-profit funded by donations and largely relies on users to follow community guidelines. Its sites attract a combined 250,000 users.
Dee Kitchen, who operates the service and moderates its 300 sites, said: “What this is, is a chilling effect [on small sites].
“For the really small sites and the charitable sites and the local sports club there’s no carve-out for anything.
“It feels like a huge risk, and it feels like it can be so easily weaponised by angry people who are the subject of moderation.
“It’s too vague and too broad and I don’t want to take that personal risk.”
Announcing the shutdown on the LFGSS forum, they said: “It’s devastating to just … turn it off … but this is what the Act forces a sole individual running so many social websites for a public good to do.”
The tool, named “EagleMsgSpy,” was discovered by researchers at U.S. cybersecurity firm Lookout. The company said at the Black Hat Europe conference on Wednesday that it had acquired several variants of the spyware, which it says has been operational since “at least 2017.”
Kristina Balaam, a senior intelligence researcher at Lookout, told TechCrunch the spyware has been used by “many” public security bureaus in mainland China to collect “extensive” information from mobile devices. This includes call logs, contacts, GPS coordinates, bookmarks, and messages from third-party apps including Telegram and WhatsApp. EagleMsgSpy is also capable of initiating screen recordings on smartphones, and can capture audio recordings of the device while in use, according to research Lookout shared with TechCrunch.
A manual obtained by Lookout describes the app as a “comprehensive mobile phone judicial monitoring product” that can obtain “real-time mobile phone information of suspects through network control without the suspect’s knowledge, monitor all mobile phone activities of criminals and summarize them.”
[…]
Lookout notes that EagleMsgSpy currently requires physical access to a target device. However, Balaam told TechCrunch that the tool is still being developed as recently as late 2024, and said “it’s entirely possible” that EagleMsgSpy could be modified to not require physical access.
Lookout noted that internal documents it obtained allude to the existence of an as-yet-undiscovered iOS version of the spyware.
The advent of Bluetooth trackers has made it a lot easier to find your bag or keys when they’re lost, but it has also put inconspicuous tracking tools in the hands of people who might misuse them. Apple and Google have both implemented tracker alerts to let you know if there’s an unknown Bluetooth tracker nearby, and now as part of a new update, Google is letting Android users actually locate those trackers, too.
The feature is one of two new tools Google is adding to Find My Device-compatible trackers. The first, “Temporarily Pause Location” is what you’re supposed to enable when you first receive an unknown tracker notification. It blocks your phone from updating its location with trackers for 24 hours. The second, “Find Nearby,” helps you pinpoint where the tracker is if you can’t see it or easily hear it.
By clicking on an unknown tracker notification you’ll be able to see a map of where the tracker was last spotted moving with you. From there, you can play a sound to see if you can locate it (Google says the owner won’t be notified). If you can’t find it, Find Nearby will connect your phone to the tracker over Bluetooth and display a shape that fills in the closer you get to it.
Google / Engadget
The tool is identical to what Google offers for locating trackers and devices you actually own, but importantly, you don’t need to use Find My Device or have your own tracker to benefit. Like Google’s original notifications feature, any device running Android 6.0 and up can deal with unknown Bluetooth trackers safely.
Expanding Find Nearby seems like the final step Google needed to take to tamp down Bluetooth tracker misuse, something Apple already does with its Precision Finding tool for AirTags. The companies released a shared standard for spotting unknown Bluetooth trackers regardless of whether you use Android or iOS in May 2024, following the launch of Google’s Find My Device network in April. Both Google and Apple offered their own methods of dealing with unknown trackers before then to prevent trackers from being used for everything from robbery to stalking.
new research suggests these batteries, once thought to have short-lived, inherently expendable shelf-lives, may actually last significantly longer than expected. In some cases, properly cared for EVs may even outlive their fossil fuel counterparts. That’s potentially good news: longer-lasting EVs might buy manufacturers much-need time to fabricate components needed to meet increasing global demands.
The new findings, published today in the journal Nature Energy by researchers from the SLAC-Stanford Battery Center, suggest EV batteries may actually last about a third longer than previous forecasts. That means drivers could potentially keep driving their modern EV without replacing the battery for several additional years. The researchers note the shocking disparity in battery life estimates stems from fundamentally unrealistic testing environments that became an industry standard. When the researchers tested batteries for two years in ways they say are more closely aligned with how drivers actually use EVs day-to-day, the battery life expectancy improved significantly.
“We’ve not been testing EV batteries the right way,” Stanford associate professor and paper senior author Simona Onori said in a statement. “To our surprise, real driving with frequent acceleration, braking that charges the batteries a bit, stopping to pop into a store, and letting the batteries rest for hours at a time, helps batteries last longer than we had thought based on industry standard lab tests.”
SLAC-Stanford Battery Center states on its website that its ultimate goal is to “accelerate the deployment of battery and energy storage technologies at scale,” in an effort to address climate change. The research paper was primarily funded by the National Science Foundation Graduate Research Fellowship Program and the Stanford Chevron Fellowship in Energy.
More ‘realistic’ driving led to less battery degradation
Researchers tested 92 commercial lithium ion EV batteries over two years across four different types of driving profiles. The industry standard approach uses a “constant rate of [battery] discharge” followed immediately by a recharge. In the real world, this would look like someone driving their vehicle until the battery is almost fully diminished and then plugging it in to charge completely. This process of constant battery expenditure and recharging resembles how most people use a smartphone.
Stanford school of engineering PhD student and paper coauthor Alexis Geslin told Popular Science these “constant current rates” were adopted as the testing default because it generally requires simpler hardware and is easier to implement for the lab user.
But that’s not how many drivers actually use their vehicles. EV owners, the researchers note, who drive their vehicle in short bursts to and from work or around town, may go several days or even a week without recharging. The researchers attempted to represent that more realistic, periodic driving method in one of the driving profiles. In the end, the more realistic profile resulted in an increased battery lifetime by up to 38%.
“This work illustrates the importance of testing batteries under realistic conditions of use and challenges the broadly adopted convention of constant current discharge in the laboratory,” the researchers wrote in the paper.
The findings similarly seem to contradict commonly held assumptions about what types of driving quickly degrades batteries. Though many drivers believe rapidly accelerating and braking degrades EV batteries faster than steady driving, the researchers found a correlation in their data suggesting sharp, short accelerations may actually lead to slower battery degradation. Pressing down hard on pedals with a lead foot didn’t seem to speed up battery aging. It may have actually had the opposite effect.
A US bankruptcy court has blocked the sale of Infowars to parody news site The Onion, ruling that the auction didn’t yield the best potential bids. At the same time, judge Christopher Lopez rejected claims by Infowars‘ owner, conspiracy theorist Alex Jones, that any “collusion” was involved in the case.
The Onion reportedly outbid competitor First American United Companies, affiliated with a Jones business, for the rights to the site. Though its cash offer was lower, The Onion valued it at $7 million because Sandy Hook families would allow some of the proceeds to be distributed to other creditors.
However, the appeals judge said that the court-appointed bankruptcy trustee made a “good-faith error” by requesting final offers instead of allowing back-and-forth bidding between The Onion and First American. “This should have been opened back up, and it should have been opened back up for everybody,” Lopez said. “It’s clear the trustee left the potential for a lot of money on the table.”
Now, the trustee must work to resolve some of the disputes between creditors before making another attempt to sell Infowars. The trustee, Christopher Murray, said that First American only complained about the process after losing the bid.
Alex Jones was found liable in 2022 for nearly $1.5 billion in damages for spreading conspiracy theories about the 2012 shooting that killed 20 children and six adult staffers. One of the assets put up for sale was Jones’ Infowars site, and The Onion said it received the blessing of the families of the victims to acquire the site. It reportedly planned to transform the site into one with “noticeably less hateful disinformation,” and a gun safety nonprofit reportedly planned to advertise on the rebooted site. Last week, X said that The Onion wouldn’t be given Alex Jones’ Infowars X accounts, opening up a new can of worms about who owns social media handles.
The letter, spearheaded by the digitaladvocacy group Fight for the Future, states that the signatories “wholeheartedly oppose” the lawsuit, which they suggest benefits “shareholder profits” more than actual artists. It continues: “We don’t believe that the Internet Archive should be destroyed in our name. The biggest players of our industry clearly need better ideas for supporting us, the artists, and in this letter we are offering them.”
[…]
(The full letter, and a list of signatories, is here.)
The lawsuit was brought last year by several major music rights holders, led by Universal Music Group and Sony Music. They claimed the Internet Archive’s Great 78 Project — an unprecedented effort to digitize hundreds of thousands of obsolete shellac discs produced between the 1890s and early 1950s — constituted the “wholesale theft of generations of music,” with “preservation and research” used as a “smokescreen.” (The Archive has denied the claims.)
While more than 400,000 recordings have been digitized and made available to listen to on the Great 78 Project, the lawsuit focuses on about 4,000, most by recognizable legacy acts like Billie Holiday, Frank Sinatra, Elvis Presley, and Ella Fitzgerald. With the maximum penalty for statutory damages at $150,000 per infringing incident, the lawsuit has a potential price tag of over $621 million. A broad enough judgement could end the Internet Archive.
Supporters of the suit — including the estates of many of the legacy artists whose recordings are involved — claim the Archive is doing nothing more than reproducing and distributing copyrighted works, making it a clear-cut case of infringement. The Archive, meanwhile, has always billed itself as a research library (albeit a digital one), and its supporters see the suit (as well as a similar onebrought by book publishers) as an attack on preservation efforts, as well as public access to the cultural record.
[…]
“Musicians are struggling, but libraries like the Internet Archive are not our problem! Corporations like Spotify, Apple, Live Nation and Ticketmaster are our problem. If labels really wanted to help musicians, they would be working to raise streaming rates. This lawsuit is just another profit-grab.”
Tommy Cappel, who co-founded the group Beats Antique, says the Archive is “hugely valued in the music community” for its preservation of everything from rare recordings to live sets. “This is important work that deserves to continue for generations to come, and we don’t want to see everything they’ve already done for musicians and our legacy erased,” he added. “Major labels could see all musicians, past and present, as partners — instead of being the bad guy in this dynamic. They should drop their suit. Archives keep us alive.”
Rather than suing the Archive, Fight for the Future’s letter calls on labels, streaming services, ticketing outlets, and venues to align on different goals. At the top of the list is boosting preservation efforts by partnering with “valuable cultural stewards like the Internet Archive.” They also call for greater investment in working musicians through more transparency in in ticketing practices, an end to venue merch cuts, and fair streaming compensation.
How is it possible that there is still income generated from something released in the 1950s to people who had absolutely nothing to do with the creation and don’t put in any effort whatsoever to put out the content?
In 2021, EA made a pledge to let the wider game industry use its accessibility-related patents at no cost, and now the publisher has added 23 new patents to its lineup.
As of today, third parties can freely use patented technology such as improved speech recognition, simplified speech tech in games, and the ability to create more personalized speech. The broad aim is for this tech to assist players with speech disabilities or those who need help verbally expressing themselves.
For developers, EA suggests they could use this technology to “make it possible for those players’ speech to be more effectively recognized and reflected in-game in a way that is representative of their age, emotion, language and speaking style.”
Another patent highlighted is an internal plugin for Unreal Engine 5 that enables in-engine use of EA’s previously open-sourced photosensitivity analysis tech, IRIS. The plugin now allows developers to catch potential photosensitivity issues in-engine and real-time as they run their games.
“The sooner you start testing, the sooner you find potential issues,” said IRIS engineer Blanca Macazaga Zuaz. According to her, not many free or easy-to-use tools for photosensitivity analysis were available prior to IRIS. The free access takes down two barriers with one stone, which she called an “incredible feeling.”
Kerry Hopkins, EA’s SVP of global affairs, explained this new batch of open-source patents “encourages the industry to work together to make video games more inclusive by removing unintended barriers to access.”
Along with the patents, EA said its PQI team is running accessible design workshops, and expanding its testing capabilities “to ensure we are always designing with accessibility in mind. More to come soon!”
You can see EA’s newly updated crop of free-use accessibility patents here.
[…] Traditionally, entanglement is achieved through local interactions or via entanglement swapping, where entanglement at a distance is generated through previously established entanglement and Bell-state measurements. However, the precise requirements enabling the generation of quantum entanglement without traditional local interactions remain less explored. Here, we demonstrate that independent particles can be entangled without the need for direct interaction, prior established entanglement, or Bell-state measurements, by exploiting the indistinguishability of the origins of photon pairs. Our demonstrations challenge the long-standing belief that the prior generation and measurement of entanglement are necessary prerequisites for generating entanglement between independent particles that do not share a common past. In addition to its foundational interest, we show that this technique might lower the resource requirements in quantum networks, by reducing the complexity of photon sources and the overhead photon numbers.
An optical fibre technology can help chips communicate with each other at the speed of light, enabling them to transmit 80 times as much information as they could using traditional electrical connections. That could significantly speed up the training times required for large artificial intelligence models – from months to weeks – while also reducing the energy and emissions costs for data centres.
Most advanced computer chips still communicate using electrical signals carried over copper wires. But as the tech industry races to train large AI models – a process that requires networks of AI superchips to transfer huge amounts of data – companies are eager to link chips using the light-speed communication of fibre optics.
[…]
Khare and his colleagues have developed an optics module that would enable chipmakers to add six times as many optical fibres to the edge of a chip, compared to current technologies. The module uses a structure called an optical waveguide to connect as many as 51 optical fibres per millimetre. It also prevents light signals from one fibre from interfering with its neighbours.
[…]
IBM has already put the optical module through stress tests that included high humidity and temperatures ranging from -40°C (-40°F) to 125°C (257°F). Hutcheson expects that major semiconductor manufacturing companies may be interested in licensing the technology.
Imagine if scientists could grab virus particles the same way we pick up a tennis ball or a clementine, and prevent them from infecting cells. Well, scientists in Illinois have built a microscopic four-fingered hand to do just that.
A team of scientists, led by Xing Wang of the University of Illinois Urbana-Champaign, has created a tiny hand, dubbed the NanoGripper, from a single piece of folded DNA that can grab covid-19 particles. Their findings, detailed in a November 27 study published in the journal Science Robotics, demonstrate that the hand can conduct a rapid test to identify the virus as well as prevent the particles from infecting healthy cells. Although the study focused specifically on the covid-19 virus, the results have important implications for numerous medical conditions.
“We wanted to make a soft material, nanoscale robot with grabbing functions that never have been seen before, to interact with cells, viruses and other molecules for biomedical applications,” Wang said in a university statement. “We are using DNA for its structural properties. It is strong, flexible and programmable. Yet even in the DNA origami field, this is novel in terms of the design principle. We fold one long strand of DNA back and forth to make all of the elements, both the static and moving pieces, in one step.”
The NanoGripper has four jointed fingers and a palm. The fingers are programmed to attach to specific targets—in the case of covid-19, the virus’ infamous spike protein—and close their grip around them. According to the study, when the researchers exposed cells with NanoGrippers to covid-19, the hands’ gripping mechanisms prevented the viral spike proteins from infecting the cells.
“It would be very difficult to apply it after a person is infected, but there’s a way we could use it as a preventive therapeutic,” Wang explained. “We could make an anti-viral nasal spray compound. The nose is the hot spot for respiratory viruses, like covid or influenza. A nasal spray with the NanoGripper could prevent inhaled viruses from interacting with the cells in the nose.”
The hand is also decked with a unique sensor that detects covid-19 in 30 minutes with the accuracy of the now-familiar qPCR molecular tests used in hospitals.
“When the virus is held in the NanoGripper’s hand, a fluorescent molecule is triggered to release light when illuminated by an LED or laser,” said Brian Cunningham, one of Wang’s colleagues on the study, also from the University of Illinois Urbana-Champaign. “When a large number of fluorescent molecules are concentrated upon a single virus, it becomes bright enough in our detection system to count each virus individually.”
Like a true Swiss army knife, scientists could modify the NanoGripper to potentially detect and grab other viruses, including HIV, influenza, or hepatitis B, as detailed in the study. The NanoGripper’s “wrist side” could also attach to another biomedical tool for additional functions, such as targeted drug delivery.
Wang, however, is thinking even bigger than viruses: cancer. The fingers could be programmed to target cancer cells the same way they currently identify covid-19’s spike proteins, and then deliver focused cancer-fighting treatments.
“Of course it would require a lot of testing, but the potential applications for cancer treatment and the sensitivity achieved for diagnostic applications showcase the power of soft nanorobotics,” Wang concluded.
Here’s to hoping NanoGrippers might give scientists the ability to grab the next pandemic by the nanoballs.
The UK Atomic Energy Authority (UKAEA) and the University of Bristol have built a diamond battery capable of delivering power, albeit a tiny amount, for thousands of years.
The university had an idea for a battery powered by carbon-14, the longest-lived radioactive isotope of carbon with a half-life of around 5,700 years. For safety reasons, they wanted to encapsulate it in synthetic diamond so there was no risk of human harm, and so went to the UKAEA for help.
The result is a microwatt-level battery around the same diameter as a standard lithium-ion coin battery, albeit much thinner, as shown below. As the carbon-14 decays, the electrons produced are focused by the diamond shell and can be used to power devices – if they only require very little power, of course.
“This is about UK innovation and no one’s ever done this before,” said Professor Tom Scott, professor in materials at the University of Bristol. “We can offer a technology where you never have to replace the battery because the battery will literally, on human timescales, last forever.”
Working together, the team built a plasma deposition system at UKAEA’s Culham Campus. This lays down thin layers of synthetic diamond around the battery’s carbon-14 heart. The team is now trying to scale up the machinery so that larger batteries can be developed.
“Diamond batteries offer a safe, sustainable way to provide continuous microwatt levels of power. They are an emerging technology that uses a manufactured diamond to safely encase small amounts of carbon-14,” said Sarah Clark, director of Tritium Fuel Cycle at UKAEA.
The first use case for the technology would be extreme environments like powering small satellites (the European Space Agency funded some of the research) or sensors on the sea floor. But the team also envisaged the technology being implanted in humans to power devices such as pacemakers or cochlear implants that could receive power for longer than the human carrying them would need. ®
Chinese tech company employees and government workers are siphoning off user data and selling it online – and even high-ranking Chinese Communist Party officials and FBI-wanted hackers’ sensitive information is being peddled by the Middle Kingdom’s thriving illegal data ecosystem.
“While Western cybercrime research focuses heavily on criminals in the English- and Russian-speaking worlds, there is also a large community of Chinese-speaking cybercriminals who engage in scammy, low-level, financially motivated cybercrime,” SpyCloud senior security researcher Kyla Cardona said during a talk at last month’s Cyberwarcon in Arlington, Virginia.
It’s no secret that President Xi Jinping’s government uses technology companies to help maintain the nation’s massive surveillance apparatus.
But in addition to forcing businesses operating in China to stockpile and hand over info about their users for censorship and state-snooping purposes, a black market for individuals’ sensitive data is also booming. Corporate and government insiders have access to this harvested private info, and the financial incentives to sell the data to fraudsters and crooks to exploit.
“It’s a double-edged sword,” Cardona told The Register during an interview alongside SpyCloud infosec researcher Aurora Johnson.
“The data is being collected by rich and powerful people that control technology companies and work in the government, but it can also be used against them in all of these scams and fraud and other low-level crimes,” Johnson added.
China’s thriving data black market
To get their hands on the personal info, Chinese data brokers often recruit shady insiders with wanted ads seeking “friends” working in government, and promise daily income of 20,000 to 70,000 yuan ($2,700 and $9,700) in exchange for harvested information. This data is then used to pull off scams, fraud, and suchlike.
Some of these data brokers also claim to have “signed formal contracts” with the big three Chinese telecom companies: China Mobile, China Unicom, and China Telecom. The brokers’ marketing materials tout they are able to legally obtain and sell details of people’s internet habits via the Chinese telcos’ deep packet inspection systems, which monitor as well as manage and store network traffic. (The West has also seen this kind of thing.)
Crucially, this level of surveillance by the telcos gives their employees access to users’ browsing data and other info, which workers can then swipe and then resell themselves through various brokers, Cardona and Johnson said.
Scammers and other criminals are buying copies of this personal information, illicitly obtained or otherwise, for their swindles, but it’s also being purchased by legitimate businesses for sales leads — to sell people car insurance when theirs is about to expire, for example.
Information acquired through DPI also seems to be a major source of the stolen personal details that goes into the so-called “social engineering databases,” or SGKs (short for shegong ku), according to the researchers.
In addition to amassing information collected from DPI, these databases contain personal details provided by underhand software development kits (SDKs) buried in apps and other programs, which basically spy on users in real time, as well as records stolen during IT security breaches.
SGK records include personal profiles (names, genders, addresses, dates of birth, phone numbers, email and social media account details, zodiac signs), bank account and other financial information, health records, property and vehicle information, facial recognition scans and photos, criminal case details, and more. Some of the SGK platforms allow users to do reverse lookups on potential targets, allowing someone to be ultimately identified from their otherwise non-identifying details.
[…]
One SGK that has since been taken down had more than 3 million users. As of now, one of the biggest stolen-info databases has 317,000 subscribers, we’re told, while most of the search services each see about 90,000 users per month.
[…]
One also displayed a ton of sensitive details belonging to a high-ranking CCP member.
A free SGK search query about this individual pulled up the person’s name, physical address, mobile number, national ID number, birth date, gender, and issuing authority, which the researcher surmised is the issuing authority for the ID card.
An additional query produced even more: The person’s WeChat ID, vehicle information, hobbies and industry information, marital status, and monthly salary, and his phone’s International Mobile Equipment Identity (IMEI) number with a link to click for more information about the device.
The researchers found similar info about a People’s Liberation Army member using SGKs, plus details about suspected nation-state-backed criminals wanted by the FBI.
[…]
“There is a huge ecosystem of Chinese breached and leaked data, and I don’t know that a lot of Western cybersecurity researchers are looking at this,” Johnson continued. “It poses privacy risks to all Chinese people across all groups. And then it also gives us Western cybersecurity researchers a really interesting source to track some of these actors that have been targeting critical infrastructure.” ®
Walled Culture has been following the sorry saga of Italy’s automated blocking system Piracy Shield for a year now. Blocklists are drawn up by copyright companies, without any review, or the possibility of any objections, and those blocks must be enforced within 30 minutes. Needless to say, such a ham-fisted and biased approach to copyright infringement is already producing some horrendous blunders.
For example, back in March Walled Culture reported that one of Cloudflare’s Internet addresses had been blocked by Piracy Shield. There were over 40 million domains associated with the blocked address – which shows how this crude approach can cause significant collateral damage to millions of sites not involved in any alleged copyright infringement.
Every new system has teething troubles, although not normally on this scale. But any hope that Italy’s national telecoms regulator, Autorità per le Garanzie nelle Comunicazioni (Authority for Communications Guarantees, AGCOM), the body running Piracy Shield, would have learned from the Cloudflare fiasco in order to stop it happening again was dispelled by what took place in October. TorrentFreak explains:
After blocking Cloudflare to prevent IPTV piracy just a few months ago, on Saturday the rightsholders behind Piracy Shield ordered Italy’s ISPs to block Google Drive. The subsequent nationwide blackout, affecting millions of Italians, wasn’t just a hapless IP address blunder. This was the reckless blocking of a Google.com subdomain that many 10-year-olds could identify as being important. Reckless people and internet infrastructure, what could possibly go wrong next?
The following day, there was a public discussion online involving the current and former AGCOM Commissioners, as well as various experts in relevant areas. The current AGCOM Commissioner Capitanio showed no sense of remorse for what happened. According to TorrentFreak’s report on the discussion:
Capitanio’s own focus on blocking to protect football was absolute. There was no concern expressed towards Google or the millions of users affected by the extended blackout, only defense of the Piracy Shield system.
Moreover:
AGCOM’s chief then went on to complain about Google’s refusal to delete Android apps already installed on users devices and other measures AGCOM regularly demands, none of which are required by law.
It seems that Capitanio regards even the current, one-sided and extreme Piracy Shield as too weak, and was trying to persuade Google to go even further than the law required – a typical copyright maximalist attitude. But worse was to come. Another participant in the discussion, former member of the Italian parliament, IT expert, and founder of Rialto Venture Capital, Stefano Quintarelli, pointed out a deeply worrying possibility:
the inherent insecurity of the Piracy Shield platform introduces a “huge systemic vulnerability” that eclipses the fight against piracy. Italy now has a system in place designed to dramatically disrupt internet communications and since no system is entirely secure, what happens if a bad actor somehow gains control?
Quintarelli says that if the Piracy Shield platform were to be infiltrated and maliciously exploited, essential services like hospitals, transportation systems, government functions, and critical infrastructure would be exposed to catastrophic blocking.
In other words, by placing the sanctity of copyright above all else, the Piracy Shield system could be turned against any aspect of Italian society with just a few keyboard commands. A malicious actor that managed to gain access to a system that has twice demonstrated a complete lack of even the most basic controls and checks could wreak havoc on computers and networks throughout Italy in a few seconds. Moreover, the damage could easily go well beyond the inconvenience of millions of people being blocked from accessing their files on Google Drive. A skilled intruder could carry out widespread sabotage of vital services and infrastructure that would cost billions of euros to rectify, and could even lead to the loss of lives.
Despite a series of failures concerning Italy’s IPTV blocking platform Piracy Shield and the revelation that the ‘free’ platform will cost €2m per year, telecoms regulator AGCOM insists that all is going to plan. After breaking ranks, AGCOM board member Elisa Giomi called for the suspension of Piracy Shield while decrying its toll on public resources. When she was warned for her criticism, coupled with a threat of financial implications, Giomi came out fighting.
It’s clear that the Piracy Shield tragedy is far from over. It’s good to see courageous figures like Giomi joining the chorus of disapproval.
America’s top cybersecurity and law enforcement officials made a coordinated push Tuesday to raise awareness about cyber threats from foreign actors in the wake of an intrusion of U.S. telecom equipment dubbed Salt Typhoon. The hackers are linked to the Chinese government and they still have a presence in U.S. systems, spying on American communications, in what Sen. Mark Warner from Virginia has called “the worst hack in our nation’s history.”
Officials with the U.S. Cybersecurity and Infrastructure Security Agency and FBI went so far as to urge Americans to use encrypted messaging apps, according to a new report from NBC News, something that’s ostensibly about keeping foreign hackers out of your communications.
[…]
“Our suggestion, what we have told folks internally, is not new here: encryption is your friend, whether it’s on text messaging or if you have the capacity to use encrypted voice communication. Even if the adversary is able to intercept the data, if it is encrypted, it will make it impossible,” Jeff Greene, executive assistant director for cybersecurity at CISA, said on a press call Tuesday according to NBC News.
The unnamed FBI agent on the call with reporters echoed the message, according to NBC News, urging Americans to use “responsibly managed encryption,” which is a rather big deal when you remember that agencies like the FBI have been most resistant to Silicon Valley’s encryption efforts.
The hackers behind Salt Typoon failed to monitor or intercept anything encrypted, meaning that anything sent through Signal and Apple’s iMessage was likely protected, according to the New York Times. But the intrusion for all other communications was otherwise extremely galling. The hackers had access to metadata, including information on messages and phone calls along with when and where they were delivered. The hackers reportedly focused on targets around Washington, D.C.
The most alarming sort of intrusion in Salt Typhoon involved the system used by U.S. officials to wiretap Americans with a court order
It’s not like people have not been warning governments all over the world that there is no such thing as a safe backdoor to encryption and that forbidding encryption leads to a world of harm. We knew this, but still the idiots in charge wanted keys to encryption. The key, once it is in the hands of “baddies” will still work. It really does show the absolute retardation of government spy people who say breaking encryption will make us safer.
[…] AI learns primarily through massive datasets and extensive simulations, regardless of the application.
Now, researchers from Duke University and the Army Research Laboratory have developed a platform to help AI learn to perform complex tasks more like humans. Nicknamed GUIDE for short
[…]
“It remains a challenge for AI to handle tasks that require fast decision making based on limited learning information,” […]
“Existing training methods are often constrained by their reliance on extensive pre-existing datasets while also struggling with the limited adaptability of traditional feedback approaches,” Chen said. “We aimed to bridge this gap by incorporating real-time continuous human feedback.”
GUIDE functions by allowing humans to observe AI’s actions in real-time and provide ongoing, nuanced feedback. It’s like how a skilled driving coach wouldn’t just shout “left” or “right,” but instead offer detailed guidance that fosters incremental improvements and deeper understanding.
In its debut study, GUIDE helps AI learn how best to play hide-and-seek. The game involves two beetle-shaped players, one red and one green. While both are controlled by computers, only the red player is working to advance its AI controller.
The game takes places on a square playing field with a C-shaped barrier in the center. Most of the playing field remains black and unknown until the red seeker enters new areas to reveal what they contain.
As the red AI player chases the other, a human trainer provides feedback on its searching strategy. While previous attempts at this sort of training strategy have only allowed for three human inputs — good, bad or neutral — GUIDE has humans hover a mouse cursor over a gradient scale to provide real-time feedback.
The experiment involved 50 adult participants with no prior training or specialized knowledge, which is by far the largest-scale study of its kind. The researchers found that just 10 minutes of human feedback led to a significant improvement in the AI’s performance. GUIDE achieved up to a 30% increase in success rates compared to current state-of-the-art human-guided reinforcement learning methods.
[…]
Another fascinating direction for GUIDE lies in exploring the individual differences among human trainers. Cognitive tests given to all 50 participants revealed that certain abilities, such as spatial reasoning and rapid decision-making, significantly influenced how effectively a person could guide an AI. These results highlight intriguing possibilities such as enhancing these abilities through targeted training and discovering other factors that might contribute to successful AI guidance.
[…]
The team envisions future research that incorporates diverse communication signals using language, facial expressions, hand gestures and more to create a more comprehensive and intuitive framework for AI to learn from human interactions. Their work is part of the lab’s mission toward building the next-level intelligent systems that team up with humans to tackle tasks that neither AI nor humans alone could solve.
[…] Remote sensing engineers at the University of South Australia have built a new, low cost prototype system that merges celestial triangulation with vision-based algorithmic computing for UAVs flying at night. But unlike existing GPS, the novel design doesn’t emit any signals, making it impervious to current jamming methods.
[…]
To make it work, engineers designed and constructed a strapdown payload using only a Raspberry Pi 5 miniature computer and a monochrome sensor fitted with a wide angle lens. They then connected the tool to a fixed-wing drone’s onboard autonomous piloting system, where it captured and algorithmically analyzed visual data taken from stars seen at night.
“If we’re able to identify those stars and compare them against a database, given that we know the orientation the camera was facing and the point in time at which that image was taken, we can actually infer the location of the aircraft from that data,” explained Samuel Teague, a research assistant and study co-author, in an accompanying university video.
Teague and senior researcher, Javaan Chahl, tested their system with a UAV, and showed that their drone upgrade allowed it to consistently estimate its location to within an accuracy of 4 km (roughly 2.48 mi) while performing fixed altitude and airspeed orbits. While not currently as precise as modern GPS, the tool may still soon provide a powerful backup in the event of jamming or malfunction. It also still requires a clear sky to assess its surroundings, although the team believes additional research could address this issue, as well.
From 23% less in the northern Alps to a decrease of almost 50% on the southwestern slopes: Between 1920 and 2020, snowfall across the entirety of the Alps has decreased on average by a significant 34%. The results come from a study coordinated by Eurac Research and were published in the International Journal of Climatology. The study also examines how much altitude and climatological parameters such as temperature and total precipitation impact on snowfall.
The data on seasonal snowfall and rainfall was collected from 46 sites throughout the Alps, the most recent of which was collected from modern weather stations, and the historical data was gathered from handwritten records in which specially appointed observers recorded how many inches of snow were deposited at a given location.
[…]
“The most negative trends concern locations below an altitude of 2,000 meters and are in the southern regions such as Italy, Slovenia and part of the Austrian Alps.
In the Alpine areas to the north such as Switzerland and northern Tyrol, the research team observed the extent to which altitude also plays a central role. Although there has been an increase in precipitation during the winter seasons, at lower altitudes, snowfall has increasingly turned to rain as temperatures have risen. At higher elevations, however, thanks to sufficiently cold temperatures, snowfall is being maintained. In the southwestern and southeastern areas, temperatures have risen so much that even at higher elevations, rain is frequently taking over snowfall.
