France Allows Police to Remotely Turn On GPS, Camera, Audio on Phones

Posted on by

Amidst ongoing protests in France, the country has just passed a new bill that will allow police to remotely access suspects’ cameras, microphones, and GPS on cell phones and other devices.

As reported by Le Monde, the bill has been criticized by the French people as a “snoopers” charter that allows police unfettered access to the location of its citizens. Moreover, police can activate cameras and microphones to take video and audio recordings of suspects. The bill will reportedly only apply to suspects in crimes that are punishable by a minimum of five years in jail

[…]

French politicians added an amendment that orders judge approval for any surveillance conducted under the scope of the bill and limits the duration of surveillance to six months

[…]

In 2021, The New York Times reported that the French Parliament passed a bill that would expand the French police force’s ability to monitor civilians using drones. French President Emmanuel Macron argued at the time that the bill was meant to protect police officers from increasingly violent protestors.

[…]

 

Source: France Passes Bill Allowing Police to Remotely Access Phones

Amazon’s iRobot Roomba acquisition under formal EU investigation

Posted on by

European Union regulators have opened an official investigation into Amazon’s proposed $1.7 billion acquisition of iRobot, the company behind the popular Roomba lineup of robot vacuum cleaners.

In a press release, the European Commission said it’s concerned that “the transaction would allow Amazon to restrict competition in the market for robot vacuum cleaners (‘RVCs’) and to strengthen its position as online marketplace provider.” The European Commission is also looking at how getting access to iRobot users’ data may give Amazon an advantage “in the market for online marketplace services to third-party sellers (and related advertising services) and / or other data-related markets.”

[…]

Source: Amazon’s iRobot Roomba acquisition under formal EU investigation

Do you really want Amazon to know the layout of the interior of your home?

People Are Using Forged Court Orders To Disappear Content They Don’t Like using DMCA

Posted on by

Copyright is still high on the list of censorial weapons. When you live in (or target) a country that protects free speech rights and offers intermediaries immunity via Section 230, you quickly surmise there’s a soft target lying between the First Amendment and the CDA.

That soft target is the DMCA. Thanks to plenty of lived-in experience, services serving millions or billions of users have decided it’s far easier to cater to (supposed) copyright holders than protect their other millions (or billions!) of users from abusive DMCA takedown demands.

There’s no immunity when it comes to the DMCA. There’s only the hope that US courts (should they be actually involved) will view good faith efforts to remove infringing content as acceptable preventative efforts.

But terrible people who neither respect the First Amendment nor the Communications Decency Act have found exploitable loopholes to disappear content they don’t like. And it’s always the worst people doing this. An entire cottage industry of “reputation management” firms has calcified into a so-called business model that views anything as acceptable until a court starts handing down sanctions.

“Cursory review” is the name of the game. Bullshit is fed to DMCA inboxes in hopes the people overseeing millions (or billions!) of pieces of uploaded content won’t spend too much time vetting takedown requests. When the initial takedown requests fail, bullshit artists (some of them hired!) decide to exploit the public sector.

Bogus litigation involving nonexistent defendants gives bad actors the legal paperwork they need to silence their critics. Bullshit default judgments are handed to bad faith plaintiffs by judges who can’t be bothered to do anything other than scan the docket to ensure at least some filings exist.

At the bottom of this miserable rung are the people who can’t even exploit these massively exploitable holes effectively. The bottom dwellers do what’s absolutely illegal, rather than just legally questionable. They forge court orders to demand takedowns of content they don’t like.

Eugene Volokh of the titular Volokh Conspiracy has plenty of experience with every variety of abusive takedown action listed above. In fact, he’s published an entire paper about these multiple levels of bullshit in the Utah Law Review.

Ironically, it’s that very paper that’s triggered the latest round of bogus takedown demands.

Yesterday, I saw that someone tried to use a different scheme, which I briefly mentioned in the article (pp. 300-01), to try to deindex the Utah Law Review version of my article: They sent a Digital Millennium Copyright Act notice to Google claiming that they owned the copyright in my article, and that the Utah Law Review version was an unauthorized copy of the version that I had posted on my own site:

Welcome to the party, “I Liam.”

But who do you represent? Volokh has some idea(s).

The submitter, therefore, asked Google to “deindex” that page—remove it from Google’s indexes, so that people searching for “mergeworthrx” or “stephen cichy” or “anthony minnuto” (another name mentioned on the page) wouldn’t see it.

So what prompted Google to remove this content that “I Liam” wished to disappear on behalf of his benefactors (presumably “mergeworthrx,” “stephen cichy,” and “anthony minnuto”)?

Well, it was a court order — one that was faked by whoever “I Liam” is:

Except there was no court order. Case No. 13-13548 CA was a completely different case. Celia Ampel, a reporter for the South Florida Daily Business Review, was never sued by MergeworthRX. The file submitted to Google was a forgery.

And definitely not an anomaly:

It was one of over 90 documents submitted to Google (and to other hosting platforms) that I believe to be forgeries. 

[…]

Source: Terrible People Are Still Using Forged Court Orders To Disappear Content They Don’t Like | Techdirt

The writer continues to say it’s terrible that there are terrible people and you can’t blame Google, when there is definitely a case to be made that Google can indeed do more due diligence. When the DMCA came into effect, people noted that this was ripe for the raping and so it happened. Alternatives were suggested but discarded. DMCA itself is very very poor law and should be revoked as it protects something we shouldn’t be protecting in the first place and does so in a way that allows people to randomly take down content with almost no recourse.

JP Morgan “accidentally” deletes 47 million comms records related to Chase bank

Posted on by

JP Morgan has been fined $4 million by America’s securities watchdog, the SEC, for deleting millions of email records dating from 2018 relating to its Chase Bank subsidiary.

The financial services giant apparently deleted somewhere in the region of 47 million electronic communications records from about 8,700 electronic mailboxes covering the period January 1 through to April 23, 2018.

Many of these, it turns out, were business records that were required to be retained under the Securities Exchange Act of 1934, the SEC said in a filing [PDF] detailing its findings.

Worse still, the screwup meant that it couldn’t produce evidence that that the SEC and others subpoenaed in their investigations. “In at least 12 civil securities-related regulatory investigations, eight of which were conducted by the Commission staff, JPMorgan received subpoenas and document requests for communications which could not be retrieved or produced because they had been deleted permanently,” the SEC says.

What went wrong?

The trouble for JP Morgan can be traced to a project where the company aimed to delete from its systems any older communications and documents that were no longer required to be retained.

According to the SEC’s summary, the project experienced “glitches,” with those documents identified for deletion failing to be deleted under the processes implemented by JPMorgan.

[…]

Source: JP Morgan accidentally deletes 47 million comms records • The Register

Animation Shows What the World Would Look Like If You Could See Carbon Dioxide Emissions

Posted on by

The team at NASA made three animations, all showing the carbon dioxide levels throughout the year 2021. Each one shows four major contributors: fossil fuels, burning biomass, land ecosystems, and the oceans. In the view showing North and South America, we can see the results of plants absorbing the gas via photosynthesis and then releasing it during winter months. There are intense contributions along the northeastern seaboard of the U.S. mainly by emissions from fossil fuels burning. There’s also a rise and fall of the gas over the Amazon rainforest. The team also interprets this as plants absorbing carbon during the day and then releasing it at night.

Carbon dioxide measurements over North and South America in 2021. NASA’s Scientific Visualization Studio [NB: for the impatient, skip forward through the videos to see how fast this stuff is covering more and more of the planet]

The animations also show sources and sinks (where CO2 is absorbed) in Asia and show an incredible amount of fossil fuel emissions over China. In other parts of the world, such as Australia, the absorption of this gas is much higher, with lower emissions due to lower populations.

[…]

You can watch additional videos here.

[…]

This greenhouse-induced climate change is a complex process to study, but it’s clear that carbon dioxide is part of it. There are two sources of it here on Earth: natural and human-caused. Natural CO2 sources provide most of this gas released into the atmosphere. These include oceans, animal and plant respiration, decomposition of organic matter, forest fires, and volcanic eruptions. Scientists know of some naturally occurring CO2 deposits in Earth’s crust that could also serve as CO2 sources. There are also “sinks”, where the gas gets trapped for some period of time. The oceans, (particularly the southern ocean), soil, and forests all “suck it in”, along with other plants. Those same sinks can release their stores of this gas.

Human-caused (or “anthropogenic”) sources include power generation, chemical production, agricultural practices, and transportation. Note that most of these involve fossil fuel burning. Fossil fuels are natural gas, coal, and oil.

How CO2 Cycles Over Time

The carbon cycle, which helps trace carbon dioxide on Earth. Courtesy: NOAA
The carbon cycle, which helps trace carbon dioxide on Earth. Courtesy: NOAA

So, we know that carbon dioxide goes through a natural “cycle” where it is exchanged in the air, ground, oceans, plants, humans, and animals. Throughout most of history, this cycle kept the seasonal average of CO2 in the atmosphere around an estimated 280 parts per million (ppm). In modern times, fossil fuel burning and other human activities added more CO2 to the cycle and changed the amount of it in the atmosphere. That pace has accelerated to the point where the levels are up by 50% in less than 200 years. Today the amount of CO2 is around 441 ppm and it continues to rise as we pump more of the gas into the air. Climatologists predict that as it rises, the average global temperature will continue to rise along with it.

If we look at average global temperatures since historical measurements began (when we were pumping less CO2 into the air), Earth’s temperature has risen about 0.08 C (0.14 F) each decade. Natural variability plays some role, but the addition of more carbon dioxide plays an increasing role. Over time, heating has added up to a 2-degree rise over more than a century. It tracks with the increasing amounts of this gas in our air. Two degrees is a lot; even one degree is enough to cause significant effects. To give you an idea, in the distant past, when global averages dropped by a degree or two, Earth suffered what’s called the Little Ice Age.

Warming Drives Change

A chart showing how global temperatures changed from 1880 to 2020. Courtesy MET Office Hadley Centre/Climactic Research Unit.
A chart showing how global temperatures changed from 1880 to 2020. Courtesy MET Office Hadley Centre/Climactic Research Unit.

It may not sound like much, but two degrees is enough to drive change in our weather patterns, water cycles, and other environmental processes. That gradual warming is why experts often refer to “global warming”. It’s not that everywhere gets hot at once. It means that the average annual air temperature is rising. To give you an idea, the year 2022 was the sixth warmest year since people began keeping global records in 1880.

Maps and animations of CO2 sources, sinks, and cycles like the ones from NASA satellite data show in stark detail the cycle of this particular gas. The idea is to help people understand visually and intellectually what changes our atmosphere experiences over time.

Source: Mind-Blowing Animation Shows What the World Would Look Like If You Could See Carbon Dioxide Emissions – Universe Today

How Hardware Testing Got Plugged Into A Continuous Integration Framework

Posted on by

The concept of Continuous Integration (CI) is a powerful tool in software development, and it’s not every day we get a look at how someone integrated automated hardware testing into their system. [Michael Orenstein] brought to our attention the Hardware CI Arena, a framework for doing exactly that across a variety of host OSes and microcontroller architectures.

[…]

The Hardware CI Arena (GitHub repository) was created to allow automated testing to be done across a variety of common OS and hardware configurations. It does this by allowing software-controlled interactions to a bank of actual, physical hardware options. It’s purpose-built for a specific need, but the level of detail and frank discussion of the issues involved is an interesting look at what it took to get this kind of thing up and running.

The value of automatic hardware testing with custom rigs is familiar ground to anyone who develops hardware, but tying that idea into a testing and CI framework for a software product expands the idea in a useful way. When it comes to identifying problems, earlier is always better.

Source: How Hardware Testing Got Plugged Into A Continuous Integration Framework | Hackaday

$6.3b US firm Telesign breached GDPR, reputation-scoring half of the population of the planet with mobiles

Posted on by

A US-based fraud prevention company is in hot water over allegations it not only collected data from millions of EU citizens and processed it using automated tools without their knowledge, but that it did so in the United States, all in violation of the EU’s data protection rules.

The complaint was filed by Austrian privacy advocacy group noyb, helmed by lawyer Max Schrems, and it doesn’t pull any punches in its claims that TeleSign, through its former Belgian parent company BICS, secretly collected data on cellphone users around the world.

That data, noyb alleges, was fed into an automated system that generates “reputation scores” that TeleSign sells to its customers, which includes TikTok, Salesforce, Microsoft and AWS, among others, for verifying the identity of a person behind a phone number and preventing fraud.

BICS, which acquired TeleSign in 2017, describes itself as “a global provider of international wholesale connectivity and interoperability services,” in essence operating as an interchange for various national cellular networks. Per noyb, BICS operates in more than 200 countries around the world and “gets detailed information (e.g. the regularity of completed calls, call duration, long-term inactivity, range activity, or successful incoming traffic) [on] about half of the worldwide mobile phone users.”

That data is regularly shared with TeleSign, noyb alleges, without any notification to the customers whose data is being collected and used.

[…]

In its complaint, an auto-translated English version of which was reviewed by The Register, noyb alleges that TeleSign is in violation of the GDPR’s provisions that ban use of automated profiling tools, as well as rules that require affirmative consent be given to process EU citizen’s data.

[…]

When BICS acquired TeleSign in 2017, it began to fall under the partial control of BICS’ parent company, Belgian telecom giant Proximus. Proximus held a partial stake in BICS, which Proximus spun off from its own operations in 1997.

In 2021, Proximus bought out BICS’ other shareholders, making it the sole owner of both the telecom interchange and TeleSign.

With that in mind, noyb is also leveling charges against Proximus and BICS. In its complaint, noyb said Proximus was asked by EU citizens from various countries to provide records of the data TeleSign processed, as is their right under Article 15 of the GDPR.

The complainants weren’t given the information they requested, says noyb, and claims what was handed over was simply a template copy of the EU’s standard contractual clause (SCC), which has been used by businesses transmitting data between the EU and US while the pair try to work out data transfer rules that Schrems won’t get struck down in court.

[…]

Noyb is seeking cessation of all data transfers from BICS to TeleSign, processing of said data, and is requesting deletion of all unlawfully transmitted data. It’s also asking for Belgian data protection authorities to fine Proximus, which noyb said could reach as high as €236 million ($257 million) – a mere 4 percent of Proximus’s global turnover.

[…]

Source: US firm ‘breached GDPR’ by reputation-scoring EU citizens • The Register

This firm is absolutely massive, yet it’s a smaller part of BICS and chances are that you’ve never ever heard of either of them!

Watch AI Trump Vs AI Biden In A Deranged Endless Live Debate

Posted on by

[…]

someone’s gone ahead and locked both President Biden and former president / classified document holder Donald Trump into an infinite battle on Twitch that can only be described as “unhinged.”

Maybe that’s because the version of Biden we see on the trumporbiden2024 livestream isn’t Joe Biden per se, but clearly Dark Brandon, who is ready to go for the throat. Both AI versions of the politicians curse heavily at each other: at one point I heard Biden call Trump a limp dick and Trump retorted by telling him to go back to jacking off to Charlie and the Chocolate Factory. They both seem to be speaking to or reacting to the chat in some ways[…]

You can see the feed live below, though be warned, the audio may not be safe for work.

The things the AI will actually argue about seem to have a dream logic to them. I heard Biden exclaim that Trump didn’t know anything about Pokémon, so viewers shouldn’t trust him. Trump later informed Biden that he couldn’t possibly handle genetically modified catgirls, unlike him. “Believe me, nobody knows more about hentai than me,” Trump declared

Source: Watch AI Trump Vs AI Biden In A Deranged Endless Live Debate

Twitch stream is here

Virgin Galactic set to launch 1st commercial spaceflight on June 27

Posted on by

Virgin Galactic’s first-ever commercial spaceflight will launch this month, if all goes according to plan.

The company, part of billionaire Richard Branson‘s Virgin Group, announced Thursday (June 15) that it has set a launch window of June 27 to June 30 for its debut operational flight, which it calls Galactic 01.

“Galactic 01, a scientific research mission, will carry three crew members from the Italian Air Force and the National Research Council of Italy to conduct microgravity research,” Virgin Galactic representatives said in a statement released Thursday afternoon.

“With scientific payloads on board, the spaceflight will showcase the value and power of the unique suborbital science lab that Virgin Galactic offers,” they added.

Source: Virgin Galactic set to launch 1st commercial spaceflight on June 27 | Space

The Grammys’ New Rules—AI Can’t Win Awards

Posted on by

AI proved just how talented it can be at ripping off major artists after a computer-generated song based on The Weeknd and Drake went viral in April. Now, the Recording Academy—the body that votes on and manages the annual Grammy Awards—is setting new rules for AI’s role in the coveted accolade.

Speaking to Grammy.com, Recording Academy CEO Harvey Mason, Jr. laid out some confusing new standards for acceptable use of AI. Mason Jr. said that AI-assisted music can be submitted, but only the humans, who must have “contributed heavily,” will actually be awarded. For example, in a songwriting category like Song of the Year, a majority of a the nominated song would have to be written by a human creator, not a text-based generative AI like ChatGPT. Similarly, in performance categories like Best Pop Duo/Group Performance, only the human performer can be considered for the award. Sorry, Hatsune Miku.

[,,,]

Source: The Grammys’ New Rules—AI Can’t Win Awards

EU votes on battery reform – including being able to replace them in your mobile

Posted on by

With 587 votes in favour, nine against and 20 abstentions, MEPs endorsed a deal reached with the Council to overhaul EU rules on batteries and waste batteries. The new law takes into account technological developments and future challenges in the sector and will cover the entire battery life cycle, from design to end-of-life.

Key measures foreseen by the regulation:

  • A compulsory carbon footprint declaration and label for electric vehicles (EV) batteries, light means of transport (LMT) batteries (e.g. for electric scooters and bikes), and rechargeable industrial batteries with a capacity above 2kWh;
  • Designing portable batteries in appliances in such a way that consumers can themselves easily remove and replace them;
  • A digital battery passport for LMT batteries, industrial batteries with a capacity above 2 kWh, and EV batteries;
  • A due diligence policy for all economic operators, except for SMEs;
  • Stricter waste collection targets: for portable batteries – 45% by 2023, 63% by 2027 and 73% by 2030; for LMT batteries – 51% by 2028 and 61% by 2031;
  • Minimum levels of materials recovered from waste batteries: lithium – 50% by 2027 and 80% by 2031; cobalt, copper, lead and nickel – 90% by 2027 and 95% by 2031;
  • Minimum levels of recycled content from manufacturing and consumer waste for use in new batteries: eight years after the entry into force of the regulation – 16% for cobalt, 85% for lead, 6% for lithium and 6% for nickel; 13 years after the entry into force: 26% for cobalt, 85% for lead, 12% for lithium and 15% for nickel.

[..]

Source: Making batteries more sustainable, more durable and better-performing | News | European Parliament

Great plan!

Microsoft confirms June Outlook and OneDrive outages were caused by DDoS attacks

Posted on by

Earlier this month, a group known as Anonymous Sudan took credit for a service outage that disrupted access to Outlook, OneDrive and a handful of other Microsoft online services. After initially sharing little information about the incident, the company confirmed late Friday it had been the target of a series of distributed denial-of-service attacks. In a blog post spotted by the Associated Press (via The Verge), Microsoft said the attacks “temporarily impacted” the availability of some services, adding they were primarily designed to generate “publicity” for a threat actor the company has dubbed Storm-1359. Under Microsoft’s threat actor naming convention, Storm is a temporary designator the company employs for groups whose affiliation it hasn’t definitively established yet.

“We have seen no evidence that customer data has been accessed or compromised,” the company said.

[…]

Source: Microsoft confirms June Outlook and OneDrive outages were caused by DDoS attacks | Engadget

Gas stoves emit benzene, linked to cancer, a new Stanford study shows

Posted on by

When the blue flame fires up on a gas stove, there’s more than heat coming off the burner. Researchers at Stanford University found that among the pollutants emitted from stoves is benzene, which is linked to cancer.

Levels of benzene can reach higher than those found in secondhand tobacco smoke and the benzene pollution can spread throughout a home, according to the research.

The findings add to a growing body of scientific evidence showing that emissions within the home are more harmful than gas stove owners have been led to believe

[…]

The risks of benzene have long been known. The Centers for Disease Control and Prevention says the chemical is linked to leukemia and other blood cell cancers.

“Benzene forms in flames and other high-temperature environments, such as the flares found in oil fields and refineries. We now know that benzene also forms in the flames of gas stoves in our homes,” said Rob Jackson in a statement. He’s the study’s senior author and a Stanford professor of earth sciences.

With one burner on high or the oven at 350 degrees, the researchers found benzene levels in a house can be worse than average levels for second-hand tobacco smoke. And they found the toxin doesn’t just stay in the kitchen, it can migrate to other places, such as bedrooms.

“Good ventilation helps reduce pollutant concentrations, but we found that exhaust fans were often ineffective at eliminating benzene exposure,” Jackson said. He says this is the first paper to analyze benzene emissions when a stove or oven is in use.

Researchers also tested whether cooking food – pan-frying salmon or bacon – emits benzene but found all the pollution came from the gas and not the food.

[…]

The American Gas Association, which represents natural gas utilities, routinely casts doubt over scientific research showing that burning natural gas in homes can be unhealthy. Last year the powerful trade group criticized a peer-reviewed study showing gas stoves leak benzene even when they are turned off. The AGA offered similar criticism of a 2022 analysis, which showed 12.7% of childhood asthma cases in the U.S. can be attributed to gas stove use in homes.

[…]

Medical experts are starting to take stands against cooking with gas. Nitrogen dioxide emissions have been the biggest concern, because they can trigger respiratory diseases, like asthma. The American Public Health Association has labeled gas cooking stoves “a public health concern,” and the American Medical Association warns that cooking with gas increases the risk of childhood asthma.

[…]

 

Source: Gas stoves emit benzene, linked to cancer, a new Stanford study shows : NPR

AIs are being fed with AI output by the people who are supposed to feed AI with original input

Posted on by

Workers hired via crowdsource services like Amazon Mechanical Turk are using large language models to complete their tasks – which could have negative knock-on effects on AI models in the future.

Data is critical to AI. Developers need clean, high-quality datasets to build machine learning systems that are accurate and reliable. Compiling valuable, top-notch data, however, can be tedious. Companies often turn to third party platforms such as Amazon Mechanical Turk to instruct pools of cheap workers to perform repetitive tasks – such as labeling objects, describing situations, transcribing passages, and annotating text.

Their output can be cleaned up and fed into a model to train it to reproduce that work on a much larger, automated scale.

AI models are thus built on the backs of human labor: people toiling away, providing mountains of training examples for AI systems that corporations can use to make billions of dollars.

But an experiment conducted by researchers at the École polytechnique fédérale de Lausanne (EPFL) in Switzerland has concluded that these crowdsourced workers are using AI systems – such as OpenAI’s chatbot ChatGPT – to perform odd jobs online.

Training a model on its own output is not recommended. We could see AI models being trained on data generated not by people, but by other AI models – perhaps even the same models. That could lead to disastrous output quality, more bias, and other unwanted effects.

The experiment

The academics recruited 44 Mechanical Turk serfs to summarize the abstracts of 16 medical research papers, and estimated that 33 to 46 percent of passages of text submitted by the workers were generated using large language models. Crowd workers are often paid low wages – using AI to automatically generate responses allows them to work faster and take on more jobs to increase pay.

The Swiss team trained a classifier to predict whether submissions from the Turkers were human- or AI-generated. The academics also logged their workers’ keystrokes to detect whether the serfs copied and pasted text onto the platform, or typed in their entries themselves. There’s always the chance that someone uses a chatbot and then manually types in the output – but that’s unlikely, we suppose.

“We developed a very specific methodology that worked very well for detecting synthetic text in our scenario,” Manoel Ribeiro, co-author of the study and a PhD student at EPFL, told The Register this week.

[…]

Large language models will get worse if they are increasingly trained on fake content generated by AI collected from crowdsource platforms, the researchers argued. Outfits like OpenAI keep exactly how they train their latest models a close secret, and may not heavily rely on things like Mechanical Turk, if at all. That said, plenty of other models may rely on human workers, which may in turn use bots to generate training data, which is a problem.

Mechanical Turk, for one, is marketed as a provider of “data labeling solutions to power machine learning models.”

[…]

As AI continues to improve, it’s likely that crowdsourced work will change. Riberio speculated that large language models could replace some workers at specific tasks. “However, paradoxically, human data may be more precious than ever and thus it may be that these platforms will be able to implement ways to prevent large language model usage and ensure it remains a source of human data.”

Who knows – maybe humans might even end up collaborating with large language models to generate responses too, he added.

Source: Today’s AI is artificial artificial artificial intelligence • The Register

It’s like a photocopy of a photocopy of a photocopy…

Meta’s Voicebox AI does text-to-speech without huge training data per voice

Posted on by

Meta has unveiled Voicebox, its generative text-to-speech model that promises to do for the spoken word what ChatGPT and Dall-E, respectfully, did for text and image generation.

Essentially, its a text-to-output generator just like GPT or Dall-E — just instead of creating prose or pretty pictures, it spits out audio clips. Meta defines the system as “a non-autoregressive flow-matching model trained to infill speech, given audio context and text.” It’s been trained on more than 50,000 hours of unfiltered audio. Specifically, Meta used recorded speech and transcripts from a bunch of public domain audiobooks written in English, French, Spanish, German, Polish, and Portuguese.

That diverse data set allows the system to generate more conversational sounding speech, regardless of the languages spoken by each party, according to the researchers. “Our results show that speech recognition models trained on Voicebox-generated synthetic speech perform almost as well as models trained on real speech.” What’s more the computer generated speech performed with just a 1 percent error rate degradation, compared to the 45 to 70 percent drop-off seen with existing TTS models.

The system was first taught to predict speech segments based on the segments around them as well as the passage’s transcript. “Having learned to infill speech from context, the model can then apply this across speech generation tasks, including generating portions in the middle of an audio recording without having to recreate the entire input,” the Meta researchers explained.

[…]

Text-to-Speech generators haver been around for a minute — they’re how your parents’ TomToms were able to give dodgy driving directions in Morgan Freeman’s voice. Modern iterations like Speechify or Elevenlab’s Prime Voice AI are far more capable but they still largely require mountains of source material in order to properly mimic their subject — and then another mountain of different data for every. single. other. subject you want it trained on.

Voicebox doesn’t, thanks to a novel new zero-shot text-to-speech training method Meta calls Flow Matching. The benchmark results aren’t even close as Meta’s AI reportedly outperformed the current state of the art both in intelligibility (a 1.9 percent word error rate vs 5.9 percent) and “audio similarity” (a composite score of 0.681 to the SOA’s 0.580), all while operating as much as 20 times faster that today’s best TTS systems.

[…]

the company released a series of audio examples (see above/below) as well as a the program’s initial research paper. In the future, the research team hopes the technology will find its way into prosthetics for patients with vocal cord damage, in-game NPCs and digital assistants.

Source: Meta’s Voicebox AI is a Dall-E for text-to-speech | Engadget

Ransomware gang lists first victims of MOVEit mass-hacks, including US banks and universities, federal and state govt, huge companies, more more more

Posted on by

lop, the ransomware gang responsible for exploiting a critical security vulnerability in a popular corporate file transfer tool, has begun listing victims of the mass-hacks, including a number of U.S. banks and universities.

The Russia-linked ransomware gang has been exploiting the security flaw in MOVEit Transfer, a tool used by corporations and enterprises to share large files over the internet, since late May. Progress Software, which develops the MOVEit software, patched the vulnerability — but not before hackers compromised a number of its customers.

While the exact number of victims remains unknown, Clop on Wednesday listed the first batch of organizations it says it hacked by exploiting the MOVEit flaw. The victim list, which was posted to Clop’s dark web leak site, includes U.S.-based financial services organizations 1st Source and First National Bankers Bank; Boston-based investment management firm Putnam Investments; the Netherlands-based Landal Greenparks; and the U.K.-based energy giant Shell.

GreenShield Canada, a non-profit benefits carrier that provides health and dental benefits, was listed on the leak site but has since been removed.

Other victims listed include financial software provider Datasite; educational non-profit National Student Clearinghouse; student health insurance provider United Healthcare Student Resources; American manufacturer Leggett & Platt; Swiss insurance company ÖKK; and the University System of Georgia (USG).

[…]

Clop, which like other ransomware gangs typically contacts its victims to demand a ransom payment to decrypt or delete their stolen files, took the unusual step of not contacting the organizations it had hacked. Instead, a blackmail message posted on its dark web leak site told victims to contact the gang prior to its June 14 deadline.

[…]

Multiple organizations have previously disclosed they were compromised as a result of the attacks, including the BBC, Aer Lingus and British Airways. These organizations were all affected because they rely on HR and payroll software supplier Zellis, which confirmed that its MOVEit system was compromised.

The Government of Nova Scotia, which uses MOVEit to share files across departments, also confirmed it was affected, and said in a statement that some citizens’ personal information may have been compromised. However, in a message on its leak site, Clop said, “if you are a government, city or police service… we erased all your data.”

[…]

Source: Ransomware gang lists first victims of MOVEit mass-hacks, including US banks and universities | TechCrunch

Also: US energy department and other agencies hit by hackers in MoveIt breach | Guardian

Also: Millions of Americans’ personal data exposed in global hack

This list is searchable here: MOVEit victim list Progress Software MOVEit Transfer global cyber incident

There’s Now an OTC Gel for Erectile Dysfunction

Posted on by

Futura Medical is a UK-based pharmaceutical. The company’s flagship development is a proprietary gel technology called DermaSys, and its first launch product based on the tech is a treatment for erectile dysfunction. The ED gel has been codenamed MED3000 but it will be sold under the name Eroxon. It’s classified as a medical device and will not require a prescription to obtain.

Eroxon is said to work by containing volatile solvents that evaporate when applied to the glans, the head of the penis. These solvents create a quickly cooling and then warming effect that stimulates the highly sensitive nerves of the penis, which then leads to a boost in the production of nitric oxide, a molecule with many roles in the body—including the relaxation of smooth muscle and increased blood flow in the penis that makes an erection possible.

The pivotal phase III clinical trial that secured the FDA’s authorization involved about 100 men with mild to severe ED. The men were randomized to receive the gel or the lowest prescribed dose of oral tadalafil, the active ingredient in the popular ED drug Cialis.

The trial met all of the primary and secondary goals, with the gel significantly improving men’s erectile function on average. The gel was overall less effective than tadalafil, but its effects were felt much sooner, working within 10 minutes (it typically takes at least a half hour for tadalafil and similar ED treatments). And while both drugs were safe to take, Eroxon also appeared to provide far fewer side effects. Headaches, one of the most common adverse events in the trial, were experienced by four percent of Eroxon users, compared to about 20% of tadalafil users. About one percent of Eroxon users reported a localized burning sensation as well.

The FDA’s go-ahead is the latest victory for the company and MED3000. The gel has already received authorization from the European Union, the UK, and parts of the Middle East. It has since launched in the UK, where it’s being sold as a package of four doses for about $30. The company is also expected to launch the gel in physical EU stores sometime this year. But there isn’t a clear launch timeline or pricing for the product in the U.S. just yet. According to CNN, some financial analysts predict that it might take until 2025 for Americans to get their hold on Eroxon.

Source: There’s Now an OTC Gel for Erectile Dysfunction

MEPs ready to negotiate first-ever rules for safe and transparent AI after passing AI act in Parliament

Posted on by

The rules aim to promote the uptake of human-centric and trustworthy AI and protect the health, safety, fundamental rights and democracy from its harmful effects.

On Wednesday, the European Parliament adopted its negotiating position on the Artificial Intelligence (AI) Act with 499 votes in favour, 28 against and 93 abstentions ahead of talks with EU member states on the final shape of the law. The rules would ensure that AI developed and used in Europe is fully in line with EU rights and values including human oversight, safety, privacy, transparency, non-discrimination and social and environmental wellbeing.

Prohibited AI practices

The rules follow a risk-based approach and establish obligations for providers and those deploying AI systems depending on the level of risk the AI can generate. AI systems with an unacceptable level of risk to people’s safety would therefore be prohibited, such as those used for social scoring (classifying people based on their social behaviour or personal characteristics). MEPs expanded the list to include bans on intrusive and discriminatory uses of AI, such as:

  • “Real-time” remote biometric identification systems in publicly accessible spaces;
  • “Post” remote biometric identification systems, with the only exception of law enforcement for the prosecution of serious crimes and only after judicial authorization;
  • biometric categorisation systems using sensitive characteristics (e.g. gender, race, ethnicity, citizenship status, religion, political orientation);
  • predictive policing systems (based on profiling, location or past criminal behaviour);
  • emotion recognition systems in law enforcement, border management, the workplace, and educational institutions; and
  • untargeted scraping of facial images from the internet or CCTV footage to create facial recognition databases (violating human rights and right to privacy).

High-risk AI

MEPs ensured the classification of high-risk applications will now include AI systems that pose significant harm to people’s health, safety, fundamental rights or the environment. AI systems used to influence voters and the outcome of elections and in recommender systems used by social media platforms (with over 45 million users) were added to the high-risk list.

Obligations for general purpose AI

Providers of foundation models – a new and fast-evolving development in the field of AI – would have to assess and mitigate possible risks (to health, safety, fundamental rights, the environment, democracy and rule of law) and register their models in the EU database before their release on the EU market. Generative AI systems based on such models, like ChatGPT, would have to comply with transparency requirements (disclosing that the content was AI-generated, also helping distinguish so-called deep-fake images from real ones) and ensure safeguards against generating illegal content. Detailed summaries of the copyrighted data used for their training would also have to be made publicly available.

Supporting innovation and protecting citizens’ rights

To boost AI innovation and support SMEs, MEPs added exemptions for research activities and AI components provided under open-source licenses. The new law promotes so-called regulatory sandboxes, or real-life environments, established by public authorities to test AI before it is deployed.

Finally, MEPs want to boost citizens’ right to file complaints about AI systems and receive explanations of decisions based on high-risk AI systems that significantly impact their fundamental rights. MEPs also reformed the role of the EU AI Office, which would be tasked with monitoring how the AI rulebook is implemented.

Quotes

After the vote, co-rapporteur Brando Benifei (S&D, Italy) said: “All eyes are on us today. While Big Tech companies are sounding the alarm over their own creations, Europe has gone ahead and proposed a concrete response to the risks AI is starting to pose. We want AI’s positive potential for creativity and productivity to be harnessed but we will also fight to protect our position and counter dangers to our democracies and freedoms during the negotiations with Council”.

Co-rapporteur Dragos Tudorache (Renew, Romania) said: “The AI Act will set the tone worldwide in the development and governance of artificial intelligence, ensuring that this technology, set to radically transform our societies through the massive benefits it can offer, evolves and is used in accordance with the European values of democracy, fundamental rights, and the rule of law”.

Next steps

Negotiations with the Council on the final form of the law will begin later today.

Source: MEPs ready to negotiate first-ever rules for safe and transparent AI | News | European Parliament

WhatsApp may finally let you add multiple accounts to one device

Posted on by

If you regularly use people who regularly use more than one WhatsApp account this new beta update is going to be of interest to you. The messaging app is reportedly working on multi-account support for its Android app, an update that would allow you to switch between profiles on the same device, WABetaInfo reports. The feature appears to work just like changing accounts on fellow Meta-owned app Instagram with a pop-up at the bottom of your app showing current accounts and the option to add new ones.

Any new accounts will be stored within your device and, of course, can be logged out of at any point. Multi-account support might be advantageous if you have different work and personal numbers or want to try out recent social media-centric WhatsApp features like Channels. This update lets you send broadcasts like photos and polls to followers, with WhatsApp planning to monetize it for creators in the future. Similarly, WhatsApp has reportedly been working on a username feature that would allow you to find people the same as Instagram or Twitter, without having their phone numbers.

Multi-account support also follows the iOS and Android release of companion mode, an update that allows you to use the same WhatsApp account on up to four phones. Previously, you could only be logged in on a single mobile phone along with your tablet and computer.

Source: WhatsApp may soon let you add multiple accounts to one device | Engadget

Broadcom squeezed Samsung, now South Korea’s squeezing back

Posted on by

As the Commission explained in a Tuesday adjudicaiton, Broadcom and Samsung were in talks for a long-term supply agreement when the American chipmaker demanded the Korean giant sign or it would suspend shipments and support services.

Broadcom share price pops on VMware rumors
Broadcom’s share price jumped from $805 to $860 on Tuesday, after Reuters reported EU regulators will sign off on its acquisition of VMware.The newswire reported that proposed remedies to ensure competition in the market for host bus adapters found approval from EU regulators. The deal is yet to be approved by UK and US authorities.

Broadcom also wanted Samsung to commit to spending over $760 million a year, to make up the difference for any shortfalls, and not to buy from rivals.

With the market for the components it needs tight, Samsung reportedly signed. Then, when a certain viral pandemic cruelled its business, the giant conglomerate found itself having to buy parts it didn’t need. The chaebol estimates the deal cost it millions.

News of the deal eventually reached the regulator, which in 2022 asked Broadcom to propose a remedy – a common method of dispute resolution in South Korea.

Broadcom proposed a $15.5 million fund to stimulate South Korea’s small semiconductor outfits, plus extra support for Samsung.

On Tuesday, the Commission decided that’s not a reasonable restitution because it doesn’t include compensation for the impacted parties.

That’s bad news for Broadcom, because it means the regulator will now escalate matters – first by determining if the chipmaker broke local laws and then by considering a different penalty.

South Korea is protective of its local businesses – even giants like Samsung that are usually capable of fending for themselves. Broadcom reps will soon have some tricky-to-negotiate meetings on their agendas.

At least the corporation’s legal team has experience at this sort of thing. In 2018 it was probed by US authorities over contract practices, and in 2021 was forced to stop some anticompetitive practices. In 2022 it was in strife again – this time for allegedly forcing its customers to sign exclusive supply contracts.

The serial acquirer also lost a regulatory rumble over its attempted acquisition of Qualcomm, and is currently trying to explain why its proposed acquisition of VMware won’t harm competition.

Now it awaits South Korea’s wrath – and perhaps Samsung’s too.

Source: Broadcom squeezed Samsung, now South Korea’s squeezing back • The Register

Google Restores ‘Downloader’ App To Store 20 days after DMCA takedown based on 0 evidence, says it’s normal to be able to take down apps for no reason

Posted on by

A couple of weeks back, we discussed how Google had delisted the app Downloader from the Play Store after a DMCA notice was issued by a firm representing several Israeli TV networks. The problem with all of this is simple: Downloader doesn’t have anything to do with copyright infringement or piracy. All it does is combine a file manager and basic web browser. The DMCA notice centered on the latter, complaining that users could get to piracy sites from the browser. You know, just like you can from any browser.

Well, take heart, dear friends, because Google reinstated Downloader on the Play Store 20 days after it was removed.

Google has reversed the suspension of an Android TV app that was hit with a copyright complaint simply because it is able to load a pirate website that can also be loaded in any standard web browser. The Downloader app, which combines a web browser with a file manager, is back in the Google Play Store after nearly a three-week absence.

In addition to the rejected appeal, Saba filed a DMCA counter-notification with Google. That “started a 10-business-day countdown for the [TV companies’] law firm to file legal actions against me,” Saba wrote today. “Due to the app being removed on a Friday and the Memorial Day holiday, 10 business days had elapsed with no word from the law firm on June 6th and I contacted Google to have the app reinstated.”

All of which is why Google, further down the article, is quoted as saying they followed the standard playbook to DMCA takedown notices. The counter-notification kicked off that process, giving the firm that issued the original notice time to decide whether to file a lawsuit or not, which it presumably did not. The quote has all the hallmarks of Google resting on that process to wipe its hands clean of the whole situation.

But that’s stupid. It also serves as an example proving Saba’s point: the DMCA takedown process is broken. That a bunch of foreign TV networks can get a perfectly legit app removed from the app store for weeks just by pushing paperwork around is absurd.

As is Google’s continued inability to get things right with regard to this particular app.

In yet another example of the Google Play Store’s absurdity, Google had determined that my app collected email addresses without declaring so. Since there is no way for my app itself to collect email addresses, and without any additional information or help from Google, I can only assume that Google is referring to the email mailing list signup form on this website, which loads by default in the web browser of the Downloader app.

Once again, that isn’t the app doing a thing; it’s the web browser doing it if someone signs up to be on an email list.

So, the app is back, a lawsuit has not yet been filed, and everyone will probably forget about this entire thing, meaning the broken nature of the DMCA process will remain broken. Bang up job all around.

Source: Google Finally Restores ‘Downloader’ App To Store

“Clearly predatory”: Western Digital sparks panic, anger for age-shaming HDDs, making it impossible to repair RAID pools

Posted on by

The practice’s revelation is the last straw for some users. Western Digital already had a steep climb to win back NAS customers’ trust after shipping NAS drives with SMR (shingled magnetic recording) instead of CMR (conventional magnetic recording). Now, some are saying they won’t use or recommend the company’s hard drives anymore.

“Warning,” your NAS drive’s been on for 3 years

As users have reported online, including on Synology-focused and Synology’s own forums, as well as on Reddit and YouTube, Western Digital drives using Western  Digital Device Analytics (WDDA) are getting a “warning” stamp in Synology DSM once their power-on hours count hits the three-year mark. WDDA is similar to SMART monitoring and rival offerings, like Seagate’s IronWolf, and is supposed to provide analytics and actionable items.

The recommended action says: “The drive has accumulated a large number of power on hours [throughout] the entire life of the drive. Please consider to replace the drive soon.” There seem to be no discernible problems with the hard drives otherwise.

Synology confirmed this to Ars Technica and noted that the labels come from Western Digital, not Synology. A spokesperson said the “WDDA monitoring and testing subsystem is developed by Western Digital, including the warning after they reach a certain number of power-on-hours.”

The practice has caused some, like YouTuber SpaceRex, to stop recommending Western Digital drives for the foreseeable future. In May, the YouTuber and tech consultant described his outrage, saying three years is “absolutely nothing” for a NAS drive and lamenting the flags having nothing to do with anything besides whether or not a drive has been in use for three years.

[…]

Users are also concerned that this could prevent people from noticing serious problems with their drive.

Further, you can’t repair a pool with a drive marked with a warning label.

“Only drives with a healthy status can be used to repair or expand a storage pool,” Synology’s spokesperson said. “Users will need to first suppress the warning or disable WDDA to continue.”

[…]

Since Western Digital’s questionable practice has come to light, there has been discussion about how to disable WDDA via SSH.

Synology’s spokesperson said if WDDA is enabled in DSM, one could disable WDDA in Storage Manager and see the warning removed.

“Because the warning is triggered by a fixed power-on-hour count, we do not believe [disabling WDDA] it to be a risk. However, administrators should still pay close attention to their systems, including if other warnings or I/O disruptions occur,” the Synology rep said. “Indicators such as significantly slower reads/writes are more evident signs that a drive’s health may be deteriorating.”

[…]

Source: “Clearly predatory”: Western Digital sparks panic, anger for age-shaming HDDs | Ars Technica

Space Force doesn’t want HQ in anti-abortion Alabama, so their congressman Targets Air Force Funds

Posted on by

[…]

President Joe Biden’s administration is reportedly trying to reverse a decision to relocate the Space Command’s headquarters from Colorado to Huntsville, Alabama, largely due to concerns regarding the state’s strict anti-abortion law that was put into effect last summer. In December 2022, the Biden administration directed the U.S. Air Force to conduct a review of the relocation decision, which was made by former President Donald Trump during his time in office. For months now, the move to Alabama has been put on hold pending the review.

Alabama lawmakers have been outspoken against Biden’s attempts to delay the decision and Congressman Rogers’ proposed bill, known as the chairman’s mark, could be the latest attempt to add pressure on the White House.

The bill, which the committee will consider on June 21, would limit funds “to construct or modify facilities for temporary or permanent use by United States Space Command for headquarter operations until the Secretary of the Air Force delivers a report on the selection of a permanent location to the congressional defense committees,” it states.

The proposed bill would also limit the travel funds of the secretary of the Air Force until the delivery of the report.

The Space Command is still not fully operational but is set to reach full operations by the end of the year. Senior military leaders have expressed concern that relocating the Space Command’s headquarters to Alabama could disrupt its operations while staying in Colorado would allow it to reach full operational capacity sooner, SpaceNews reported in March.

Officials in Alabama, however, are keen on having the Space Command based in their state. “Let me repeat what everyone already knows: Alabama is the only rightful home for Space Command Headquarters,” Alabama Governor Kay Ivey wrote in a statement on May 30.

The bill includes other restrictions targeted at the Space Command. It would limit funds for the WGS-12 satellite, stating that the secretary of the Air Force may not issue a contract for the procurement of a WGS-12 satellite, part of a geostationary constellation by the U.S. Space Command, until it can certify that the requirements met by the satellite cannot be fulfilled by commercial providers.

Finally, the proposed bill would require the Air Force to increase competition for phase three of the National Security Space Launch Program to provide “opportunities for emerging launch providers while also assuring access to proven launch capabilities for low-risk tolerant payloads,” the draft states. The program is intended to provide payloads from the Department of Defense and other government bodies with access to space.

Although it’s easy to confuse them, the Space Command is different from the U.S. Space Force. It’s a combatant command of the U.S. Department of Defense (DOD) to conduct “operations in, from, and to space to deter conflict, and if necessary, defeat aggression, deliver space combat power for the joint/combined force, and defend U.S. vital interests with allies and partners,” according to the DOD.

Source: Congressman’s Battle Over Space Force HQ Targets Air Force Funds

It’s not particularly surprising that no-one wants to move to a state that hates abortions.

Fitbit Privacy & security guide – no one told me it would send my data to the US

Posted on by

As of January 14, 2021, Google officially became the owner of Fitbit. That worried many privacy conscious users. However, Google promised that “Fitbit users’ health and wellness data won’t be used for Google ads and this data will be kept separate from other Google ad data” as part of the deal with global regulators when they bought Fitbit. This is good.

And Fitbit seems to do an OK job with privacy and security. It de-identifies the data it collects so it’s (hopefully) not personally identifiable. We say hopefully because, depending on the kind of data, it’s been found to be pretty easy to de-anonymize these data sets and track down an individual’s patterns, especially with location data. So, be aware with Fitbit—or any fitness tracker—you are strapping on a device that tracks your location, heart rate, sleep patterns, and more. That’s a lot of personal information gathered in one place.

What is not good is what can happen with all this very personal health data if others aren’t careful. A recent report showed that health data for over 61 million fitness tracker users, including both Fitbit and Apple, was exposed when a third-party company that allowed users to sync their health data from their fitness trackers did not secure the data properly. Personal information such as names, birthdates, weight, height, gender, and geographical location for Fitbit and other fitness-tracker users was left exposed because the company didn’t password protect or encrypt their database. This is a great reminder that yes, while Fitbit might do a good job with their own security, anytime you sync or share that data with anyone else, it could be vulnerable.

[…]

e Fitbit app does allow for period tracking though. And the app, like most wearable tracking apps, collects a whole bunch of person, body-related data that could potentially be used to tell if a user is pregnant.

Fortunately, Fitbit doesn’t sell this data but it does say it can share some personal data for interest-based advertising. Fitbit also can share your wellness data with other apps, insurers, and employers if you sign up for that and give your consent.

[…]

Fitbit isn’t the wearable we’d trust the most with our private reproductive health data. Apple, Garmin, Oura all make us feel a bit more comfortable with this personal information.

Source: Fitbit | Privacy & security guide | Mozilla Foundation

So when installing one it says it needs to process your data in the USA – which basically means it’s up for grabs for all and sundry. There is a reason the EU has the GDPR. But why does it need to send data anywhere other than your phone anyway?!

This is something that almost no-one mentions when you read the reviews on these things.

How to Have Windows Remember Their Size and Positions With WinSize2

Posted on by

We have been through multiple versions of Windows. Yet, Microsoft still refuses to give its OS one much-requested feature: the ability to remember each window’s desktop placement and dimensions.

Thankfully, the free WinSize2 utility can help with that. So, let’s see how you can use it to keep your desktop organized by “sticking” windows to their spot.

How to Download & Install WinSize2

Since it’s a third-party tool, it’s not included with Windows. Thus, to use it, you will have to download the app from the official WinSize2 site.

After you download and install it, you won’t see anything on your screen. The app will run in the background, hidden from sight, waiting for your input. As we’ll see next, its interface will be accessible from an icon in the window tray.

Before you access WinSize2’s interface, we should warn you that it looks ancient. That’s because, well, it is ancient.

WinSize2 was released over a decade ago, but that’s not a negative. On the contrary, it remains relevant many Windows versions later, the time since its release not affecting its usefulness.

[…]

How to Insta-Lock Window Positions

Point your mouse cursor at WinSize2’s icon, lingering in the Windows tray. You will see a hovering bubble with its version and active hotkey.

You can use this hotkey combination, by default mapped to Ctrl + Alt + Z, to save any window’s position and dimensions on any desktop spot.

[…]

With the window whose placement and dimensions you want to save visible, move it and resize it anywhere on your desktop, precisely as you’d like it to show up in the future.

With the window active and selected, to create an entry for it and save its spot and size, press WinSize2’s hotkey button combination (by default Ctrl + Alt + Z).

Almost immediately, a message will appear hovering next to your mouse cursor, informing you about the action’s success.

That was it! If you try closing and reopening the window, you will see it reappear on the same spot with the exact dimensions. Try moving it around and closing it. When it shows up again, instead of popping up on a random location on your desktop, WinSize2 will detect its appearance, and move and resize it wherever you “pinned” it.

[…]

 

Source: How to Have Windows Remember Their Size and Positions With WinSize2