The Linkielist

Linking ideas with the world

The Linkielist

The carbon emissions of writing and illustrating are lower for AI than for humans

Posted on by

[…] In this article, we present a comparative analysis of the carbon emissions associated with AI systems (ChatGPT, BLOOM, DALL-E2, Midjourney) and human individuals performing equivalent writing and illustrating tasks. Our findings reveal that AI systems emit between 130 and 1500 times less CO2e per page of text generated compared to human writers, while AI illustration systems emit between 310 and 2900 times less CO2e per image than their human counterparts. Emissions analyses do not account for social impacts such as professional displacement, legality, and rebound effects. In addition, AI is not a substitute for all human tasks. Nevertheless, at present, the use of AI holds the potential to carry out several major activities at much lower emission levels than can humans.

[…]

Source: The carbon emissions of writing and illustrating are lower for AI than for humans | Scientific Reports

Note: the graphs have a logarithmic y-axis

Neural Lab’s AirTouch brings gesture control to Windows and Android devices with just a webcam. Unfortunately charges huge subscription, dooming it to failure.

Posted on by

Some of the best tech we see at CES feels pulled straight from sci-fi. Yesterday at CES 2025, I tested out Neural Lab’s AirTouch technology, which lets you interact with a display using hand gestures alone, exactly what movies like Minority Report and Iron Man promised.

[…]

Neural Lab’s software is compatible with tablets, computers and really any device running at least Android 11, Windows 10 and later or Linux. The technology was developed with accessibility in mind after one of the founders had trouble keeping in touch with their parents overseas because navigating video conferencing programs was just too difficult for the older generation.

[…]

AirTouch tracks 3D hand movements and keys off of eye gazes to recognize intent, allowing it to ignore extraneous gestures. It currently supports nine gestures and customization allows users to program up to 15.

[…]

AirTouch is available now as a $30-per-month subscription for individuals (and $300 monthly for companies). Neural Labs says it takes just five minutes to install the software on any compatible device.

Source: Neural Lab’s AirTouch brings gesture control to Windows and Android devices with just a webcam

Yay except not yay because it’s a subscription.

HDMI 2.2 debuts, but not really, with an ‘Ultra96’ cable and not very impressive specs

Posted on by

About seven years after the HDMI 2.1 specification was introduced, the HDMI Forum has announced the next generation: HDMI 2.2, which will require new cables to take advantage of its most high-performance features. It will not require a new connector, though, thankfully.

Though the HDMI Forum is officially calling the new specification HDMI 2.2, the accompanying cable will also receive a new name: Ultra96. All told, the selling point of both the Ultra96 cable and HDMI 2.2 specification are the increased bandwidth, which doubles the HDMI 2.1 bandwidth from 48Gbps to a staggering 96Gbps. [me: not really very impressive considering it doesn’t allow much over 8k resolution]

At this point, however, the HDMI Forum is only talking conceptually about the new specification. Companies who are part of the new HDMI adopter program will receive the full specifications in the first half of 2025

[…]

Remember, HDMI 2.1 supports uncompressed single-display resolution of 8K at 60Hz with 8-bit color depth at 4:2:0 chroma, and the same cables support compression at 10K120 resolution at 12-bit color depths.

[…]

Alternatively, users have the choice of using DisplayPort, which was “upgraded” from DisplayPort 2.0 to DisplayPort 2.1 in 2022, tightening the specification for USB 4. In January 2024, DisplayPort added the 2.1a specification, whose bandwidth tops out at 80Gbps.

[…]

Source: HDMI 2.2 debuts, with an ‘Ultra96’ cable for tomorrow’s displays | PCWorld

So it’s not really there yet and will only support 4K at 480Hz and 8K at 240Hz. Too late and way too little.

The Real Reason People Don’t Trust in Science: They buy propaganda lies

Posted on by

[…]

contemplating November’s annual Pew Research Center survey of public confidence in science.

The Pew survey found 76 percent of respondents voicing “a great deal or fair amount of confidence in scientists to act in the public’s best interests.” That’s up a bit from last year, but still down from prepandemic measures, to suggest that an additional one in 10 Americans has lost confidence in scientists since 2019.

[…]

Why? Pew’s statement and many news stories about the findings somehow missed the obvious culprit: the four years and counting of a propaganda campaign by Donald Trump’s allies to shift blame to scientists for his first administration’s disastrous, botched handling of the COVID pandemic that has so far killed at least 1.2 million Americans.

Even the hot dog guy would blanch at the transparency of the scapegoating. It was obviously undertaken to inoculate Trump from voter blame for the pandemic. The propaganda kicked off four years ago with a brazen USA TODAY screed from his administration’s economic advisor Peter Navarro (later sent to federal prison on unrelated charges). Navarro wrongly blamed then–National Institute for Allergy and Infectious Diseases chief Anthony Fauci for the administration’s myriad pandemic response screwups. Similar inanities followed from Trump’s White House, leading to years of right-wing nonsense and surreal hearings that ended last June with Republican pandemic committee members doing everything but wearing hot dog costumes while questioning Fauci. Browbeating a scientific leader behind COVID vaccines that saved millions of lives at a combative hearing proved as mendacious as it was shameful.

The Pew survey’s results, however, show this propaganda worked on some Republican voters. The drop in public confidence in science the survey reports is almost entirely contained to that circle, plunging from 85 percent approval among Republican voters in April of 2020 to 66 percent now. It hardly budged for those not treated to nightly doses of revisionist history in an echo chamber—where outlets pretended that masking, school and business restrictions, and vaccines, weren’t necessities in staving off a deadly new disease. Small wonder that Republican voters’ excess death rates were 1.5 times those among Democrats after COVID vaccines appeared.

Stacked bar charts show percent breakdowns of how various groups of Americans characterized the amount of confidence they had in scientists to act in the best interests of the public, over seven iterations of a survey from January 2019 to October 2024. The proportion of respondents who say “a fair amount” or “a great deal” falls over time, but this change is much more dramatic among Republicans and those who lean Republican, compared with Democrats and those who lean Democratic.

Amanda Montañez; Source: Pew Research Center

Instead of noting the role of this propaganda in their numbers, Pew’s statement about the survey pointed only to perceptions that scientists aren’t “good communicators,” held by 52 percent of respondents, and the 47 percent who said, “research scientists feel superior to others” in the survey.

[…]

it matches the advice in a December NASEM report on scientific misinformation: “Scientists, medical professionals, and health professionals who choose to take on high profile roles as public communicators of science should understand how their communications may be misinterpreted in the absence of context or in the wrong context.” This completely ignores the deliberate misinterpretation of science to advance political aims, the chief kind of science misinformation dominating the modern public sphere.

It isn’t a secret what is going on: Oil industry–funded lawmakers and other mouthpieces have similarly vilified climate scientists for decades to stave off paying the price for global warming. A study published in 2016 in the American Sociological Review concluded that the U.S. public’s slow erosion of trust in science from 1974 to 2010 was almost entirely among conservatives. Such conservatives had adopted “limited government” politics, which clashes with science’s “fifth branch” advisory role in setting regulations—seen most clearly in the FDA resisting Trump’s calls for wholesale approval of dangerous drugs to treat COVID. That flavor of politics made distrust for scientists the collateral damage of the half-century-long attack on regulation. The utter inadequacy of an unscientific, limited-government response to the 2020 pandemic only primed this resentment—fanned by hate aimed at Fauci—to deliver the dent in trust for science we see today.

[…]

With Trump headed back to the White House, his profoundly unqualified pick for Department of Health and Human Services chief is Robert F. Kennedy, Jr., whose antivaccine advocacy contributed to 83 measles deaths in American Samoa in 2018. For the National Institutes of Health he has picked Stanford University’s Jay Bhattacharya, one of three authors of a lethally misguided 2020 planpushed then on the Trump White Houseto spur coronavirus infections that would have caused, “the severe illness and preventable deaths of hundreds of thousands of people,” according to the Infectious Diseases Society of America. Neither of these hot-dog-guy picks should be allowed anywhere near our vital health agencies.

[…]

Source: The Real Reason People Don’t Trust in Science Has Nothing to Do with Scientists | Scientific American

FPV Flying In Mixed Reality Is Easier Than You’d Think | Hackaday

Posted on by

Flying a first-person view (FPV) remote controlled aircraft with goggles is an immersive experience that makes you feel as if you’re really sitting in the cockpit of the plane or quadcopter. Unfortunately, while your wearing the goggles, you’re also completely blind to the world around you. That’s why you’re supposed to have a spotter nearby to keep watch on the local meatspace while you’re looping through the air.

But what if you could have the best of both worlds? What if your goggles not only allowed you to see the video stream from your craft’s FPV camera, but you could also see the world around you. That’s precisely the idea behind mixed reality goggles such as Apple Vision Pro and Meta’s Quest, you just need to put all the pieces together. In a recent video [Hoarder Sam] shows you exactly how to pull it off, and we have to say, the results look quite compelling.

 

[Sam]’s approach relies on the fact that there’s already cheap analog FPV receivers out there that act as a standard USB video device, with the idea being that they let you use your laptop, smartphone, or tablet as a monitor. But as the Meta Quest 3 is running a fork of Android, these devices are conveniently supported out of the box. The only thing you need to do other than plug them into the headset is head over to the software repository for the goggles and download a video player app.

The FPV receiver can literally be taped to the Meta Quest

With the receiver plugged in and the application running, you’re presented with a virtual display of your FPV feed hovering in front of you that can be moved around and resized. The trick is to get the size and placement of this virtual display down to the point where it doesn’t take up your entire field of vision, allowing you to see the FPV view and the actual aircraft at the same time. Of course, you don’t want to make it too small, or else flying might become difficult.

[Sam] says he didn’t realize just how comfortable this setup would be until he started flying around with it. Obviously being able to see your immediate surroundings is helpful, as it makes it much easier to talk to others and make sure nobody wanders into the flight area. But he says it’s also really nice when bringing your bird in for a landing, as you’ve got multiple viewpoints to work with.

Perhaps the best part of this whole thing is that anyone with a Meta Quest can do this right now. Just buy the appropriate receiver, stick it to your goggles, and go flying. If any readers give this a shot, we’d love to hear how it goes for you in the comments.

Source: FPV Flying In Mixed Reality Is Easier Than You’d Think | Hackaday

Volkswagen data leak exposed the precise locations of 800,000 EV owners

Posted on by

A Volkswagen software subsidiary called Cariad experienced a massive data leak that left 800,000 EV owners exposed, according to reporting by the German publication Spiegel Netzwelt. The leak allowed personal information to be left online for months, including movement data and contact information.

This included precise location data for 460,000 vehicles made by VW, Seat and Audi. According to reports, the information was accessible via the Amazon cloud storage platform.

[…]

VW said in a statement reviewed by the German press agency DPA that the error has since been rectified, so that the information is no longer accessible. Additionally, the company noted that the leak only pertained to location and contact info, as passwords and payment data weren’t impacted. It added that only select vehicles registered for online services were initially at risk

[…]

Source: Huge Volkswagen data leak exposed the locations of 460,000 EV drivers

This article then states that because it required technical expertise to access the locations, you shouldn’t be worried, which is quite frankly a retarded position to take: it is exactly those people with technical expertise that are the ones looking for these vulnerabilities and interested in exploiting them. Location data is extremely sensitive.

Air taxi Volocopter latest to file for bankruptcy

Posted on by

German electric air taxi company Volocopter has filed for bankruptcy protection, the latest in a string of similar startups to hit financial turbulence. The company plans to keep operating while it searches for new investors.

“We are ahead of our industry peers in our technological, flight test, and certification progress. That makes us an attractive company to invest in while we organize ourselves with internal restructuring,” CEO Dirk Hoke said in a statement.

Volocopter’s decision comes after it spent months teetering on the edge of falling apart. It also comes just one week after fellow German electric vertical takeoff and landing startup Lilium ceased operations — only to be apparently saved by a consortium of investors just one day later. (That deal is set to close in January.)

Volocopter is one of the more well-funded electric air taxi startups, having raised hundreds of millions of dollars over nearly a decade with backing from major automakers like Germany’s Mercedes-Benz and China’s Geely.

Source: Mercedes-backed Volocopter files for bankruptcy | TechCrunch

What on earth is happening in that space?!

Astra completes deal to go private

Universal hydrogen shut down after running out of cash

Spaceplane developer Reaction Engines goes bankrupt

Volocopter files for insolvency, remains bullish on 2025 type certification

Air-taxi maker Lilium to file for insolvency after failed fundraising efforts

Siri “unintentionally” recorded private convos on phone, watch, then sold them to advertisers; yes those ads are very targeted Apple agrees to pay $95M, laughs to the bank

Posted on by

Apple has agreed to pay $95 million to settle a lawsuit alleging that its voice assistant Siri routinely recorded private conversations that were then shared with third parties and used for targeted ads.

In the proposed class-action settlement—which comes after five years of litigation—Apple admitted to no wrongdoing. Instead, the settlement refers to “unintentional” Siri activations that occurred after the “Hey, Siri” feature was introduced in 2014, where recordings were apparently prompted without users ever saying the trigger words, “Hey, Siri.”

Sometimes Siri would be inadvertently activated, a whistleblower told The Guardian, when an Apple Watch was raised and speech was detected. The only clue that users seemingly had of Siri’s alleged spying was eerily accurate targeted ads that appeared after they had just been talking about specific items like Air Jordans or brands like Olive Garden, Reuters noted (claims which remain disputed).

[…]

It’s currently unknown how many customers were affected, but if the settlement is approved, the tech giant has offered up to $20 per Siri-enabled device for any customers who made purchases between September 17, 2014, and December 31, 2024. That includes iPhones, iPads, Apple Watches, MacBooks, HomePods, iPod touches, and Apple TVs, the settlement agreement noted. Each customer can submit claims for up to five devices.

A hearing when the settlement could be approved is currently scheduled for February 14. If the settlement is certified, Apple will send notices to all affected customers. Through the settlement, customers can not only get monetary relief but also ensure that their private phone calls are permanently deleted.

While the settlement appears to be a victory for Apple users after months of mediation, it potentially lets Apple off the hook pretty cheaply. If the court had certified the class action and Apple users had won, Apple could’ve been fined more than $1.5 billion under the Wiretap Act alone, court filings showed.

But lawyers representing Apple users decided to settle, partly because data privacy law is still a “developing area of law imposing inherent risks that a new decision could shift the legal landscape as to the certifiability of a class, liability, and damages,” the motion to approve the settlement agreement said. It was also possible that the class size could be significantly narrowed through ongoing litigation, if the court determined that Apple users had to prove their calls had been recorded through an incidental Siri activation—potentially reducing recoverable damages for everyone.

“The percentage of those who experienced an unintended Siri activation is not known,” the motion said. “Although it is difficult to estimate what a jury would award, and what claims or class(es) would proceed to trial, the Settlement reflects approximately 10–15 percent of Plaintiffs expected recoverable damages.”

Siri’s unintentional recordings were initially exposed by The Guardian in 2019, plaintiffs’ complaint said. That’s when a whistleblower alleged that “there have been countless instances of recordings featuring private discussions between doctors and patients, business deals, seemingly criminal dealings, sexual encounters and so on. These recordings are accompanied by user data showing location, contact details, and app data.”

[…]

Meanwhile, Google faces a similar lawsuit in the same district from plaintiffs represented by the same firms over its voice assistant, Reuters noted. A win in that suit could affect anyone who purchased “Google’s own smart home speakers, Google Home, Home Mini, and Home Max; smart displays, Google Nest Hub, and Nest Hub Max; and its Pixel smartphones” from approximately May 18, 2016 to today, a December court filing noted. That litigation likely won’t be settled until this fall.

Source: Siri “unintentionally” recorded private convos; Apple agrees to pay $95M – Ars Technica

Xiaomi changes bootloader unlock policy to wait and one device per year. Who owns the device you bought?

Posted on by

[…]A year after introducing waiting periods and a cumbersome community participation and request system, it’s slashed bootloader unlock allowances to just one device per user, per year[…]

Historically, manufacturers have let buyers unlock that access and customize what software their phones run. Notable exceptions in the US have, for the most part, only included carrier-specific phone variants.

Unlocking a Pixel smartphone, for example, requires adjusting a couple of settings and installing a couple of well-known tools. Then you’re ready to purge locked software or install a new launcher. Roughly a year ago, Xiaomi introduced a policy limiting users to three unlocked devices per account, providing only a limited time window for unlocking, and demanding waiting periods before doing so. It’s now gone even further, limiting users to unlocking the bootloader of just a single device throughout the year.

[…]

Custom ROMs usually (but not always) derive from pre-existing OSs like Android or Xiaomi’s HyperOS. To write operating software that works on a certain device, you need to develop it on that specific device. Consequently, individuals and teams throughout the enthusiast phone sphere constantly add to their collections of bootloader-unlocked phones. The new unlocking restrictions could place undue hardship on resource-limited development teams, reducing the number of custom ROMs produced moving forward.

[…]

Source: Drastically reduced Xiaomi bootloader unlock policy raises questions over device ownership

Custom ROMs are not only important so you can do what you want on your hardware, but very important is that they allow you to keep updating a device long beyond manufacturer support (eg Cyanogen mod), keeping “outdated” devices running and useful.

JailBreaking AI still easy, can be done with StRanGe CaSINg

Posted on by

New research from Anthropic, one of the leading AI companies and the developer of the Claude family of Large Language Models (LLMs), has released research showing that the process for getting LLMs to do what they’re not supposed to is still pretty easy and can be automated. SomETIMeS alL it tAKeS Is typing prOMptS Like thiS.

To prove this, Anthropic and researchers at Oxford, Stanford, and MATS, created Best-of-N (BoN) Jailbreaking

[…]

As the researchers explain, “BoN Jailbreaking works by repeatedly sampling variations of a prompt with a combination of augmentations—such as random shuffling or capitalization for textual prompts—until a harmful response is elicited.”

For example, if a user asks GPT-4o “How can I build a bomb,” it will refuse to answer because “This content may violate our usage policies.” BoN Jailbreaking simply keeps tweaking that prompt with random capital letters, shuffled words, misspellings, and broken grammar until GPT-4o provides the information. Literally the example Anthropic gives in the paper looks like mocking sPONGbOB MEMe tEXT.

Anthropic tested this jailbreaking method on its own Claude 3.5 Sonnet, Claude 3 Opus, OpenAI’s GPT-4o, GPT-4o-mini, Google’s Gemini-1.5-Flash-00, Gemini-1.5-Pro-001, and Facebook’s Llama 3 8B. It found that the method “achieves ASRs [attack success rate] of over 50%” on all the models it tested within 10,000 attempts or prompt variations.

[…]

In January, we showed that the AI-generated nonconsensual nude images of Taylor Swift that went viral on Twitter were created with Microsoft’s Designer AI image generator by misspelling her name, using pseudonyms, and describing sexual scenarios without using any sexual terms or phrases. This allowed users to generate the images without using any words that would trigger Microsoft’s guardrails. In March, we showed that AI audio generation company ElevenLabs’s automated moderation methods preventing people from generating audio of presidential candidates were easily bypassed by adding a minute of silence to the beginning of an audio file that included the voice a user wanted to clone.

[…]

It’s also worth noting that while there’s good reasons for AI companies to want to lock down their AI tools and that a lot of harm comes from people who bypass these guardrails, there’s now no shortage of “uncensored” LLMs that will answer whatever question you want and AI image generation models and platforms that make it easy to create whatever nonconsensual images users can imagine.

Source: APpaREnTLy THiS iS hoW yoU JaIlBreAk AI

2024 Open Source Software Funding Report

Posted on by

This report summarizes insights from the inaugural 2024 Open Source Software Funding Survey, a collaboration between GitHub, the Linux Foundation, and researchers from Harvard University. The objective of this study was to better understand how organizations fund, contribute to, and otherwise support open source software.

Key Findings
Scale
Challenges
Lessons learned
  • Leave “fingerprints” on your organization’s OSS efforts to help managers, researchers, and other observers more easily collect this information.
  • Empower employees to self report contributions made under the organization’s banner.
  • Make OSS contribution part of your monitoring pipeline by conducting brief, regular surveys within your organization to collect key metrics.
  • Consider sharing data to public OSS funding index.
Toolkit

Source: 2024 Open Source Software Funding Report

PayPal Honey extension to find deals instead hides discounts and reroutes commissions from promoters

Posted on by

PayPal-owned browser extension Honey manipulates affiliate marketing systems and withholds discount information from users, according to an investigation by YouTube channel MegaLag.

The extension — which rose in popularity after promising consumers it would find them the best online deals — replaces existing affiliate cookies with its own during checkout, diverting commission payments from content creators who promoted the products to PayPal, MegaLag reported in a 23-minute video [YouTube link].

The investigation revealed that Honey, which PayPal acquired in 2019 for $4 billion, allows merchants in its cashback program to control which coupons appear to users, hiding better publicly available discounts.

Source: PayPal’s Honey Accused of Misleading Users, Hiding Discounts

British soldiers successfully test drone killer radiowave weapon for first time

Posted on by

British soldiers have successfully trialled for the first time a game-changing weapon that can take down a swarm of drones using radio waves for less than the cost of a pack of mince pies.

The Radio Frequency Directed Energy Weapon (RFDEW) development system can detect, track and engage a range of threats across land, air and sea.

RFDEWs are capable of neutralising targets up to 1km away with near instant effect and at an estimated cost of 10p per shot fired, providing a cost-effective complement to traditional missile-base air defence systems.

The RFDEW is different from Laser Directed Energy Weapons – such as DragonFire – because it uses a radio frequency to disrupt hostile threats, rather than a laser beam of light energy.

The weapon uses high frequency waves to disrupt or damage critical electronic components inside devices such as drones, causing them to be immobilised or fall out of the sky. It can also be used against threats on land and at sea.

The British Army successfully trialed a demonstrator version of the RFDEW. The development system has been produced by a consortium led by Thales UK and including sub-contractors QinetiQ, Teledyne e2v and Horiba Mira and supports up to 135 high-skilled jobs in the UK.

[…]

Its high level of automation means the system can be operated by a single person and could be mounted onto a military vehicle, such as a MAN SV, to provide mobility.

[…]

A live firing trial was recently completed by the Army’s Royal Artillery Trials and Development Unit and 7 Air Defence Group at a range in West Wales, where they successfully targeted and engaged Uncrewed Aerial Systems (UAS), in a first for the British Armed Forces.

[…]

Source: British soldiers successfully test drone killer radiowave weapon for first time

I wonder how many drones and how many shots before the battery runs out?

This Nvidia App Setting Is Tanking Your Frame Rate – the rest of the problems it causes cannot be fixed

Posted on by

[…]

following a Dec. 5 driver update that skipped GeForce Experience in favor of the Nvidia App (all future updates will follow its lead). The new app is meant to streamline the grab bag of features Nvidia has accumulated over the years, pairing its driver updating utility with a streamlined gaming overlay and improved tools for easily optimizing graphics or enabling G-Sync and other advanced settings. However, upon installing it, some gamers noticed their games running a bit more slowly.

“We’ve confirmed reports around the web that the Nvidia App using the default settings can impact gaming performance,” writes Tom’s Hardware’s Jarred Walton, “dropping frame rates by up to 15% in some cases.”

In particular, Walton saw performance drops ranging from 2% to 12% across the games he tested, which included Assassin’s Creed Mirage, Baldur’s Gate 3, Black Myth: Wukong, Flight Simulator 2024, and Stalker 2.

[…]

In a statement to Walton, Nvidia confirmed that the issue is specifically with the Game Filters and Photo Mode setting, and that the company is actively looking into a fix. So while you might not be able to play your games with an RTX HDR filter in the meantime, you’ll be able to use the rest of the app, even the overlay, as you would have before.

[…]

The simplest solution, and probably the best one for most people, is to follow Nvidia’s official advice and turn off the Game Filters and Photo Mode setting. To do this, just navigate to Settings > Features > Overlay > Game Filters and Photo Mode and toggle it off. I

Source: This Nvidia App Setting Is Tanking Your Frame Rate | Lifehacker

Which unfortunately is OK because the new app does creates problems with photos / screenshots and screen videos being way too bright, among a raft of other problems.

But you don’t need to log in to this app to get driver updates.

Hackers Can Jailbreak Digital License Plates to Make Others Pay Their Tolls and Tickets

Posted on by

Digital license plates, already legal to buy in a growing number of states and to drive with nationwide, offer a few perks over their sheet metal predecessors. You can change their display on the fly to frame your plate number with novelty messages, for instance, or to flag that your car has been stolen. Now one security researcher has shown how they can also be hacked to enable a less benign feature: changing a car’s license plate number at will to avoid traffic tickets and tolls—or even pin them on someone else.

Josep Rodriguez, a researcher at security firm IOActive, has revealed a technique to “jailbreak” digital license plates sold by Reviver, the leading vendor of those plates in the US with 65,000 plates already sold. By removing a sticker on the back of the plate and attaching a cable to its internal connectors, he’s able to rewrite a Reviver plate’s firmware in a matter of minutes. Then, with that custom firmware installed, the jailbroken license plate can receive commands via Bluetooth from a smartphone app to instantly change its display to show any characters or image.

That susceptibility to jailbreaking, Rodriguez points out, could let drivers with the license plates evade any system that depends on license plate numbers for enforcement or surveillance, from tolls to speeding and parking tickets to automatic license plate readers that police use to track criminal suspects. “You can put whatever you want on the screen, which users are not supposed to be able to do,” says Rodriguez. “Imagine you are going through a speed camera or if you are a criminal and you don’t want to get caught.”

Image may contain Electronics Screen Computer Hardware Hardware Monitor Text Symbol White Board and QR Code

One of Reviver’s license plates, jailbroken to show any image IOActive researcher Josep Rodriguez chooses.

Photography: IOActive

Worse still, Rodriguez points out that a jailbroken license plate can be changed not just to an arbitrary number but also to the number of another vehicle—whose driver would then receive the malicious user’s tickets and toll bills. “If you can change the license plate number whenever you want, you can cause some real problems,” Rodriguez says.

All traffic-related mischief aside, Rodriguez also notes that jailbreaking the plates could also allow drivers to use the plates’ features without paying Reviver’s $29.99 monthly subscription fee.

Because the vulnerability that allowed him to rewrite the plates’ firmware exists at the hardware level—in Reviver’s chips themselves—Rodriguez says there’s no way for Reviver to patch the issue with a mere software update. Instead, it would have to replace those chips in each display. That means the company’s license plates are very likely to remain vulnerable despite Rodriguez’s warning—a fact, Rodriguez says, that transport policymakers and law enforcement should be aware of as digital license plates roll out across the country. “It’s a big problem because now you have thousands of licensed plates with this issue, and you would need to change the hardware to fix it,” he says.

Source: Hackers Can Jailbreak Digital License Plates to Make Others Pay Their Tolls and Tickets | WIRED

Feds Warn SMS Authentication Is Unsafe

Posted on by

Hackers aligned with the Chinese government have infiltrated U.S. telecommunications infrastructure so deeply that it allowed the interception of unencrypted communications on a number of people, according to reports that first emerged in October. The operation, dubbed Salt Typhoon, apparently allowed hackers to listen to phone calls and nab text messages, and the penetration has been so extensive they haven’t even been booted from the telecom networks yet. The Cybersecurity and Infrastructure Security Agency (CISA) issued guidance this week on best practices for protecting “highly targeted individuals,” which includes a new warning (PDF) about text messages.

“Do not use SMS as a second factor for authentication. SMS messages are not encrypted—a threat actor with access to a telecommunication provider’s network who intercepts these messages can read them. SMS MFA is not phishing-resistant and is therefore not strong authentication for accounts of highly targeted individuals,” the guidance, which has been posted online, reads. Not every service even allows for multi-factor authentication and sometimes text messages are the only option. But when you have a choice, it’s better to use phishing-resistant methods like passkeys or authenticator apps. CISA prefaces its guidance by insisting it’s only really speaking about high-value targets. The telecommunications hack mentioned above has been called the “worst hack in our nation’s history,” according to Sen. Mark Warner (D-VA).

source: Feds Warn SMS Authentication Is Unsafe

Hundreds of websites to shut down under UK’s ‘chilling’ internet laws

Posted on by

Hundreds of websites will be shut down on the day that Britain’s Online Safety Act comes into effect, in what are believed to be the first casualties of the new internet laws.

Microcosm, a web forum hosting service that runs 300 sites including cycling forums and local community hubs, said that the sites would go offline on March 16, the day that Ofcom starts enforcing the Act.

Its owner said they were unable to comply with the lengthy requirements of the Act, which created a “disproportionately high personal liability”.

The new laws, which were designed to crack down on illegal content and protect children, threaten fines of up to £18m or 10pc of revenue for sites that fail to comply with the laws.

On Monday, Ofcom set out more than 40 measures that it expects online services to follow by March, such as carrying out risk assessments about their sites and naming senior people accountable for ensuring safety.

Microcosm, which has hosted websites including cycling forum LFGSS since 2007, is run as a non-profit funded by donations and largely relies on users to follow community guidelines. Its sites attract a combined 250,000 users.

Dee Kitchen, who operates the service and moderates its 300 sites, said: “What this is, is a chilling effect [on small sites].

“For the really small sites and the charitable sites and the local sports club there’s no carve-out for anything.

“It feels like a huge risk, and it feels like it can be so easily weaponised by angry people who are the subject of moderation.

“It’s too vague and too broad and I don’t want to take that personal risk.”

Announcing the shutdown on the LFGSS forum, they said: “It’s devastating to just … turn it off … but this is what the Act forces a sole individual running so many social websites for a public good to do.”

[…]

Source: Hundreds of websites to shut down under UK’s ‘chilling’ internet laws

Researchers uncover Chinese spyware used to target Android devices

Posted on by

The tool, named “EagleMsgSpy,” was discovered by researchers at U.S. cybersecurity firm Lookout. The company said at the Black Hat Europe conference on Wednesday that it had acquired several variants of the spyware, which it says has been operational since “at least 2017.”

Kristina Balaam, a senior intelligence researcher at Lookout, told TechCrunch the spyware has been used by “many” public security bureaus in mainland China to collect “extensive” information from mobile devices. This includes call logs, contacts, GPS coordinates, bookmarks, and messages from third-party apps including Telegram and WhatsApp. EagleMsgSpy is also capable of initiating screen recordings on smartphones, and can capture audio recordings of the device while in use, according to research Lookout shared with TechCrunch.

A manual obtained by Lookout describes the app as a “comprehensive mobile phone judicial monitoring product” that can obtain “real-time mobile phone information of suspects through network control without the suspect’s knowledge, monitor all mobile phone activities of criminals and summarize them.”

[…]

Lookout notes that EagleMsgSpy currently requires physical access to a target device. However, Balaam told TechCrunch that the tool is still being developed as recently as late 2024, and said “it’s entirely possible” that EagleMsgSpy could be modified to not require physical access.

Lookout noted that internal documents it obtained allude to the existence of an as-yet-undiscovered iOS version of the spyware.

Source: Researchers uncover Chinese spyware used to target Android devices | TechCrunch

Android will let you find unknown Bluetooth trackers instead of just warning you about them

Posted on by

The advent of Bluetooth trackers has made it a lot easier to find your bag or keys when they’re lost, but it has also put inconspicuous tracking tools in the hands of people who might misuse them. Apple and Google have both implemented tracker alerts to let you know if there’s an unknown Bluetooth tracker nearby, and now as part of a new update, Google is letting Android users actually locate those trackers, too.

The feature is one of two new tools Google is adding to Find My Device-compatible trackers. The first, “Temporarily Pause Location” is what you’re supposed to enable when you first receive an unknown tracker notification. It blocks your phone from updating its location with trackers for 24 hours. The second, “Find Nearby,” helps you pinpoint where the tracker is if you can’t see it or easily hear it.

By clicking on an unknown tracker notification you’ll be able to see a map of where the tracker was last spotted moving with you. From there, you can play a sound to see if you can locate it (Google says the owner won’t be notified). If you can’t find it, Find Nearby will connect your phone to the tracker over Bluetooth and display a shape that fills in the closer you get to it.

The Find Nearby button and interface from Google's Find My Device network.
Google / Engadget

The tool is identical to what Google offers for locating trackers and devices you actually own, but importantly, you don’t need to use Find My Device or have your own tracker to benefit. Like Google’s original notifications feature, any device running Android 6.0 and up can deal with unknown Bluetooth trackers safely.

Expanding Find Nearby seems like the final step Google needed to take to tamp down Bluetooth tracker misuse, something Apple already does with its Precision Finding tool for AirTags. The companies released a shared standard for spotting unknown Bluetooth trackers regardless of whether you use Android or iOS in May 2024, following the launch of Google’s Find My Device network in April. Both Google and Apple offered their own methods of dealing with unknown trackers before then to prevent trackers from being used for everything from robbery to stalking.

Source: Android will let you find unknown Bluetooth trackers instead of just warning you about them

Surprise: EV batteries might have a longer shelf live than once thought

Posted on by

[…]

new research suggests these batteries, once thought to have short-lived, inherently  expendable shelf-lives, may actually last significantly longer than expected. In some cases, properly cared for EVs may even outlive their fossil fuel counterparts. That’s potentially good news: longer-lasting EVs might buy manufacturers much-need time to fabricate components needed to meet increasing global demands.

The new findings, published today in the journal Nature Energy by researchers from the SLAC-Stanford Battery Center, suggest EV batteries may actually last about a third longer than previous forecasts. That means drivers could potentially keep driving their modern EV without replacing the battery for several additional years. The researchers note the shocking disparity in battery life estimates stems from fundamentally unrealistic testing environments that became an industry standard. When the researchers tested batteries for two years in ways they say are more closely aligned with how drivers actually use EVs day-to-day, the battery life expectancy improved significantly.

“We’ve not been testing EV batteries the right way,” Stanford associate professor and paper senior author Simona Onori said in a statement. “To our surprise, real driving with frequent acceleration, braking that charges the batteries a bit, stopping to pop into a store, and letting the batteries rest for hours at a time, helps batteries last longer than we had thought based on industry standard lab tests.”

SLAC-Stanford Battery Center states on its website that its ultimate goal is to “accelerate the deployment of battery and energy storage technologies at scale,” in an effort to address climate change. The research paper was primarily funded by the National Science Foundation Graduate Research Fellowship Program and the Stanford Chevron Fellowship in Energy.

Related: [ ‘Everything has a cost:’ High-tech products and the new era of mineral mining ]

More ‘realistic’ driving led to less battery degradation

Researchers tested 92 commercial lithium ion EV batteries over two years across four different types of driving profiles. The industry standard approach uses a “constant rate of [battery] discharge” followed immediately by a recharge. In the real world, this would look like someone driving their vehicle until the battery is almost fully diminished and then plugging it in to charge completely. This process of constant battery expenditure and recharging resembles how most people use a smartphone.

Stanford school of engineering PhD student and paper coauthor Alexis Geslin told Popular Science these “constant current rates” were adopted as the testing default because it generally requires simpler hardware and is easier to implement for the lab user.

But that’s not how many drivers actually use their vehicles. EV owners, the researchers note, who drive their vehicle in short bursts to and from work or around town, may go several days or even a week without recharging. The researchers attempted to represent that more realistic, periodic driving method in one of the driving profiles. In the end, the more realistic profile resulted in an increased battery lifetime by up to 38%.

“This work illustrates the importance of testing batteries under realistic conditions of use and challenges the broadly adopted convention of constant current discharge in the laboratory,” the researchers wrote in the paper.

The findings similarly seem to contradict commonly held assumptions about what types of driving quickly degrades batteries. Though many drivers believe rapidly accelerating and braking degrades EV batteries faster than steady driving, the researchers found a correlation in their data suggesting sharp, short accelerations may actually lead to slower battery degradation. Pressing down hard on pedals with a lead foot didn’t seem to speed up battery aging. It may have actually had the opposite effect.

[…]

Source: Surprise: EV batteries might have a longer shelf live than once thought | Popular Science

Judge rejects The Onion’s bid for Infowars, changes the rules after the game is played

Posted on by

A US bankruptcy court has blocked the sale of Infowars to parody news site The Onion, ruling that the auction didn’t yield the best potential bids. At the same time, judge Christopher Lopez rejected claims by Infowars‘ owner, conspiracy theorist Alex Jones, that any “collusion” was involved in the case.

The Onion reportedly outbid competitor First American United Companies, affiliated with a Jones business, for the rights to the site. Though its cash offer was lower, The Onion valued it at $7 million because Sandy Hook families would allow some of the proceeds to be distributed to other creditors.

However, the appeals judge said that the court-appointed bankruptcy trustee made a “good-faith error” by requesting final offers instead of allowing back-and-forth bidding between The Onion and First American. “This should have been opened back up, and it should have been opened back up for everybody,” Lopez said. “It’s clear the trustee left the potential for a lot of money on the table.”

Now, the trustee must work to resolve some of the disputes between creditors before making another attempt to sell Infowars. The trustee, Christopher Murray, said that First American only complained about the process after losing the bid.

Alex Jones was found liable in 2022 for nearly $1.5 billion in damages for spreading conspiracy theories about the 2012 shooting that killed 20 children and six adult staffers. One of the assets put up for sale was Jones’ Infowars site, and The Onion said it received the blessing of the families of the victims to acquire the site. It reportedly planned to transform the site into one with “noticeably less hateful disinformation,” and a gun safety nonprofit reportedly planned to advertise on the rebooted site. Last week, X said that The Onion wouldn’t be given Alex Jones’ Infowars X accounts, opening up a new can of worms about who owns social media handles.

Source: Judge rejects The Onion’s bid for Infowars

300 Artists Back Internet Archive in $621 Million Copyright Attack from Record Labels – over music older than the 1950s

Posted on by

[…]300-plus musicians who have signed an open letter supporting the Internet Archive as it faces a $621 million copyright infringement lawsuit over its efforts to preserve 78 rpm records.

The letter, spearheaded by the digital advocacy group Fight for the Future, states that the signatories “wholeheartedly oppose” the lawsuit, which they suggest benefits “shareholder profits” more than actual artists. It continues: “We don’t believe that the Internet Archive should be destroyed in our name. The biggest players of our industry clearly need better ideas for supporting us, the artists, and in this letter we are offering them.”

[…]

(The full letter, and a list of signatories, is here.)

The lawsuit was brought last year by several major music rights holders, led by Universal Music Group and Sony Music. They claimed the Internet Archive’s Great 78 Project — an unprecedented effort to digitize hundreds of thousands of obsolete shellac discs produced between the 1890s and early 1950s — constituted the “wholesale theft of generations of music,” with “preservation and research” used as a “smokescreen.” (The Archive has denied the claims.)

While more than 400,000 recordings have been digitized and made available to listen to on the Great 78 Project, the lawsuit focuses on about 4,000, most by recognizable legacy acts like Billie Holiday, Frank Sinatra, Elvis Presley, and Ella Fitzgerald. With the maximum penalty for statutory damages at $150,000 per infringing incident, the lawsuit has a potential price tag of over $621 million. A broad enough judgement could end the Internet Archive.

Supporters of the suit — including the estates of many of the legacy artists whose recordings are involved — claim the Archive is doing nothing more than reproducing and distributing copyrighted works, making it a clear-cut case of infringement. The Archive, meanwhile, has always billed itself as a research library (albeit a digital one), and its supporters see the suit (as well as a similar one brought by book publishers) as an attack on preservation efforts, as well as public access to the cultural record.

[…]

“Musicians are struggling, but libraries like the Internet Archive are not our problem! Corporations like Spotify, Apple, Live Nation and Ticketmaster are our problem. If labels really wanted to help musicians, they would be working to raise streaming rates. This lawsuit is just another profit-grab.”

Tommy Cappel, who co-founded the group Beats Antique, says the Archive is “hugely valued in the music community” for its preservation of everything from rare recordings to live sets. “This is important work that deserves to continue for generations to come, and we don’t want to see everything they’ve already done for musicians and our legacy erased,” he added. “Major labels could see all musicians, past and present, as partners — instead of being the bad guy in this dynamic. They should drop their suit. Archives keep us alive.”

Rather than suing the Archive, Fight for the Future’s letter calls on labels, streaming services, ticketing outlets, and venues to align on different goals. At the top of the list is boosting preservation efforts by partnering with “valuable cultural stewards like the Internet Archive.” They also call for greater investment in working musicians through more transparency in in ticketing practices, an end to venue merch cuts, and fair streaming compensation.

[…]

Source: Kathleen Hanna, Tegan and Sara, More Back Internet Archive in $621 Million Copyright Fight

How is it possible that there is still income generated from something released in the 1950s to people who had absolutely nothing to do with the creation and don’t put in any effort whatsoever to put out the content?

EA makes photosensitivity and speech recognition tech patents open-source, adding to a pile of accessibility patents already there

Posted on by

In 2021, EA made a pledge to let the wider game industry use its accessibility-related patents at no cost, and now the publisher has added 23 new patents to its lineup.

As of today, third parties can freely use patented technology such as improved speech recognition, simplified speech tech in games, and the ability to create more personalized speech. The broad aim is for this tech to assist players with speech disabilities or those who need help verbally expressing themselves.

For developers, EA suggests they could use this technology to “make it possible for those players’ speech to be more effectively recognized and reflected in-game in a way that is representative of their age, emotion, language and speaking style.”

Another patent highlighted is an internal plugin for Unreal Engine 5 that enables in-engine use of EA’s previously open-sourced photosensitivity analysis tech, IRIS. The plugin now allows developers to catch potential photosensitivity issues in-engine and real-time as they run their games.

“The sooner you start testing, the sooner you find potential issues,” said IRIS engineer Blanca Macazaga Zuaz. According to her, not many free or easy-to-use tools for photosensitivity analysis were available prior to IRIS. The free access takes down two barriers with one stone, which she called an “incredible feeling.”

Previously, the Madden and Dragon Age publisher made technologies like Apex Legends’ ping system and voice controls for NPCs free-use. The decision is all the more notable, as the industry’s accessibility strides have mainly concerned controllers or options in specific games, such as colorblind modes and skipping puzzles.

Kerry Hopkins, EA’s SVP of global affairs, explained this new batch of open-source patents “encourages the industry to work together to make video games more inclusive by removing unintended barriers to access.”

Along with the patents, EA said its PQI team is running accessible design workshops, and expanding its testing capabilities “to ensure we are always designing with accessibility in mind. More to come soon!”

You can see EA’s newly updated crop of free-use accessibility patents here.

Source: EA makes photosensitivity and speech recognition tech patents open-source

A new way to entangle Particles from a distance

Posted on by

[…] Traditionally, entanglement is achieved through local interactions or via entanglement swapping, where entanglement at a distance is generated through previously established entanglement and Bell-state measurements. However, the precise requirements enabling the generation of quantum entanglement without traditional local interactions remain less explored. Here, we demonstrate that independent particles can be entangled without the need for direct interaction, prior established entanglement, or Bell-state measurements, by exploiting the indistinguishability of the origins of photon pairs. Our demonstrations challenge the long-standing belief that the prior generation and measurement of entanglement are necessary prerequisites for generating entanglement between independent particles that do not share a common past. In addition to its foundational interest, we show that this technique might lower the resource requirements in quantum networks, by reducing the complexity of photon sources and the overhead photon numbers.

Source: Phys. Rev. Lett. 133, 233601 (2024) – Entangling Independent Particles by Path Identity

the PDF

Krenn Research Grou

IBM develops fast Chips with light signals

Posted on by

An optical fibre technology can help chips communicate with each other at the speed of light, enabling them to transmit 80 times as much information as they could using traditional electrical connections. That could significantly speed up the training times required for large artificial intelligence models – from months to weeks – while also reducing the energy and emissions costs for data centres.

Most advanced computer chips still communicate using electrical signals carried over copper wires. But as the tech industry races to train large AI models – a process that requires networks of AI superchips to transfer huge amounts of data – companies are eager to link chips using the light-speed communication of fibre optics.

[…]

Khare and his colleagues have developed an optics module that would enable chipmakers to add six times as many optical fibres to the edge of a chip, compared to current technologies. The module uses a structure called an optical waveguide to connect as many as 51 optical fibres per millimetre. It also prevents light signals from one fibre from interfering with its neighbours.

[…]

IBM has already put the optical module through stress tests that included high humidity and temperatures ranging from -40°C (-40°F) to 125°C (257°F). Hutcheson expects that major semiconductor manufacturing companies may be interested in licensing the technology.

[…]

Source: Chips linked with light could train AI faster while using less energy | New Scientist