#Cybersecurity #Encryption #Privacy #China #Tencent: "- We analyzed Tencent’s Sogou Input Method, which, with over 450 million monthly active users, is the most popular Chinese input method in China.
- Analyzing the Windows, Android, and iOS versions of the software, we discovered troubling vulnerabilities in Sogou Input Method’s custom-designed “EncryptWall” encryption system and in how it encrypts sensitive data.
- We found that network transmissions containing sensitive data such as those containing users’ keystrokes are decipherable by a network eavesdropper, revealing what users are typing as they type.
- We disclosed these vulnerabilities to Sogou developers, who released fixed versions of the affected software as of July 20, 2023 (Windows version 13.7, Android version 11.26, and iOS version 11.25).
- These findings underscore the importance for software developers in China to use well-supported encryption implementations such as TLS instead of attempting to custom design their own."
https://citizenlab.ca/2023/08/vulnerabilities-in-sogou-keyboard-encryption/
#USA #China #Espionage #TikTok #Conspiracies: Three decades after the fall of the Soviet Union, as China emerges as a new superpower and contests US hegemony, the face of foreign espionage in the West has become Chinese.
It’s not just that Chinese students and scientists are routinely depicted as puppets of Beijing and conduits of intellectual property theft. The tint of racialized suspicion has seeped into anything “made in China.” Communications equipment from Huawei and ZTE are lurking in the airwaves. TikTok is “the spy in Americans’ pockets.” US authorities deem Chinese-manufactured cargo cranes a possible national security threat; in the words of a former head of counterintelligence, “cranes can be the new Huawei.” The acquisition of American farmlands by Chinese firms has also been met with alarm: The properties could be used as a “perch for spying,” so the argument goes. When a Chinese high-altitude surveillance balloon flew across parts of the US before it was shot down over the Atlantic, the mass hysteria had less to do with the balloon itself—even the Pentagon acknowledged it posed minimal risk—and more to do with the state of the national psyche. The floating object was the materialization of a constant dread, the embodiment of an alien intrusion."
https://www.wired.com/story/china-espionage-tiktok-spying-national-security/
#AI #Zoom #VideoConferencing #Privacy #DataProtection: "The current terms would not allow the company to tap user-generated content like video and chat for AI training without a customer opting in. However, once a meeting host agrees, other participants would have to leave if they don’t want to consent. The terms also allow Zoom to use other data, including information about user behavior, without additional permission.
“The face of these terms of service does now assure the user that Zoom is not going to use their customer content for the purpose of training artificial intelligence models without their consent,” John Davisson, director of litigation and senior counsel at the Electronic Privacy Information Center, told The Associated Press.
At issue is language Zoom added to its terms in March. The document differentiates between two types of data: “service generated data,” such as what features customers use and what part of the world they are in, and “customer content,” which is the data created by users themselves, such as audio or chat transcripts."
#USA #Amazon #AntiUnions #LaborUnions: "Amazon hired at least two union-busting consulting firms specifically to prevent its drivers from joining the International Brotherhood of Teamsters over the course of 2022, according to six reports filed to the Department of Labor and obtained by Motherboard. This is notable because Amazon claims that the drivers who deliver its packages are not its employees.
Motherboard reviewed five reports filed to the Department of Labor, which showed that Amazon spent more than $14.2 million total on anti-union consulting in 2022. Of that, $160,595 went to Optimal Employee Relations and Action Resources, who, on their own reports, specifically referred to “drivers” as the target group of their persuasion. Amazon and the contractors it hired are required to file these reports with the government each year."
#AI #GenerativeAI #Facebook #Meta #Chatbot: "Facebook owner Meta is preparing to launch a range of artificial intelligence-powered chatbots that exhibit different personalities as soon as next month, in an attempt to boost engagement with its social media platforms.
The tech giant led by chief executive Mark Zuckerberg has been designing prototypes for chatbots that can have humanlike discussions with its nearly 4bn users, according to three people with knowledge of the plans.
These people said some of the chatbots, which staffers have dubbed “personas”, take the form of different characters. The company has explored launching one that emulates Abraham Lincoln and another that advises on travel options in the style of a surfer, according to a person with knowledge of the plans.
The chatbots could launch as soon as September, the person said. Their purpose will be to provide a new search function and offer recommendations, as well as being a fun product for people to play with."
https://www.ft.com/content/fa76c8ce-cdfd-458c-baec-73dceb2d2ad5
#AI #DataSets #AIEthics: The Google memo points to the dawning realization that improvements in AI will require putting a lot more care and thought into how data is collected and curated. Even OpenAI, which relies on gargantuan datasets to make its products, is now pointing to this issue. A close engagement with datasets has been deeply undervalued in the AI field, and this neglect has had serious consequences downstream, from technical failures to human rights violations.
This is why investigating datasets is so important. Not because companies want an edge in the current AI wars, but to understand the ideologies, viewpoints, and harms that are being ingested, concentrated, and reproduced by AI systems. The new internet-scale datasets require new investigative methods, new research questions. What political and cultural inflections are baked into training sets? Who and what is represented? What is rendered invisible and unintelligible? Who profits from all this data, and at whose expense? What legal issues does the mass extraction of data raise for copyright, privacy, moral rights, and the right to publicity? What about the people whose creative work and livelihoods are impacted? How could these practices change? And as the accelerating machines of scrape-generate-publish-repeat begin to ingest their own material, what logics, perspectives, and aesthetics will be reinforced in this recursive loop?"
https://knowingmachines.org/9-ways-to-see/9-ways-to-see-a-dataset
Nada que não fosse óbvio - como é que o modelo mais complexo e avançado não podia ser libertário de esquerda? :-D
#AI #GenerativeAI #LLMs #Bias #Politics: "Should companies have social responsibilities? Or do they exist only to deliver profit to their shareholders? If you ask an AI you might get wildly different answers depending on which one you ask. While OpenAI’s older GPT-2 and GPT-3 Ada models would advance the former statement, GPT-3 Da Vinci, the company’s more capable model, would agree with the latter.
That’s because AI language models contain different political biases, according to new research from the University of Washington, Carnegie Mellon University, and Xi’an Jiaotong University. Researchers conducted tests on 14 large language models and found that OpenAI’s ChatGPT and GPT-4 were the most left-wing libertarian, while Meta’s LLaMA was the most right-wing authoritarian."
#Cybersecurity #Tor #Privacy #Anonymity: "Tor is a valuable tool for browsing the web anonymously, but since it's powered by volunteers willing to share some bandwidth and a computer, it's always in need of additional help. Which is why EFF is announcing the Tor University Challenge, a project asking universities to start running Tor relays on campus. Today, we're launching with support from 12 universities. With your help, we can add more universities to strengthen the Tor network to improve one of the best free privacy tools available today.
In 2011, we launched our first Tor Challenge, which resulted in 549 new relays. By 2014, after we launched our second Tor Challenge, we had counted 1,635 new relays. This time around, we're focusing on getting more Tor relays onto college campuses. Universities are especially well-suited for Tor relays because they often offer fast internet, have lots of technical expertise available (including professors, students, and IT teams), and value freedom of expression. Setting up a Tor relay on your college campus will help make Tor faster and better, because the more relays that exist, the better the experience of using Tor gets for everyone."
https://www.eff.org/deeplinks/2023/08/announcing-tor-university-challenge
#UK #Cybersecurity #Elections #Hacking #Privacy #DataProtection: "Confidence in the UK’s electoral regulator has been thrown into question after it emerged a hostile cyber-attack accessing the data of 40 million voters went undetected for a year and the public was not told for another 10 months.
The Electoral Commission apologised for the security breach in which the names and addresses of all voters registered between 2014 and 2022 were open to “hostile actors” as far back as August 2021.
The attack was discovered last October and reported within 72 hours to the Information Commissioner’s Office (ICO), as well as the National Crime Agency. However, the public has only now been informed that the electoral registers containing the data of millions of voters may have been accessible throughout that time.
The Electoral Commission said it was “not able to know conclusively” what information had been accessed. It is not known whether the attackers were linked to a hostile state, such as Russia, or a criminal cyber gang."
RT @parismarx
Visual effects workers play a growing role in film production, and superhero blockbusters are heavily reliant on them. It’s great to see VFX workers at Marvel file for a union election — hopefully the first of many!
https://www.vulture.com/2023/08/vfx-workers-vote-to-unionize-at-marvel-for-the-first-time.html
"Según Acemoglu y Johnson, nuestra generación sigue exprimiendo los beneficios de aquella era, pero por poco tiempo más. En 1980, volvimos a cambiar de paradigma. “Los ricos se volvieron más ricos y a los pobres no les fue tan bien”. Las nuevas catedrales son los centros que almacenan los datos de miles de millones de personas, consumen la electricidad de un país europeo mediano y producen su equivalente en CO₂.
Esta es la gran encrucijada de la automatización: no basta para garantizar prosperidad. Es el trabajo de los reguladores, administradores y líderes de nuestras instituciones democráticas garantizar que este gran poder llega atemperado por una fuerte infraestructura social. Es una responsabilidad urgente e histórica. Sin ella, esta revolución tiene el potencial de regresarnos a algunos de los periodos más oscuros de nuestra civilización."
https://elpais.com/opinion/2023-08-07/sobre-automatizacion-y-progreso.html
#DHS #FacialRecognition #ClearView #Surveillance #Biometrics: "The Baker investigation provides a rare insight into how HSI is using facial recognition tools like Clearview AI to quickly chase down new child exploitation leads. But HSI is also using this type of technology in an unprecedented three-week operation to solve years-old crimes that’s led to hundreds of identifications of children and abusers, according to Jim Cole, who spent over two decades on fighting crimes against minors for the HSI and who pushed the initiative before retiring earlier this year. Cole told Forbes the previously unreported task force started operating out of the HSI Cyber Crime Center in mid-July and ended on August 4.
Jim Cole, former HSI child exploitation investigator
“No single effort like this has resulted in that amount of identifications in such a short period of time,” Cole told Forbes. “The tech used can assimilate the data and put that puzzle together. Before, we didn’t have the pieces.”
HSI declined to confirm or comment on the operations’ existence.
Cole declined to name the tools that were used, but sources with knowledge of the operation told Forbes one of them was the controversial facial recognition technology created by Clearview AI. The New York City–based startup claims to have amassed a database of more than 30 billion images scraped without permission from places such as Facebook, Instagram, and LinkedIn. HSI has signed multiple contracts with Clearview worth up to $2 million, and Clearview has previously said its tech was used by HSI to investigate child exploitation."
#AI #ML #Zoom #Surveillance #Videoconferencing: "Well, well, well... It looks like Brave isn't the only company out there that is willing to bet all its chips on reusing other people's content for AI training.
Zoom Video Communications, Inc. recently updated its Terms of Service to encompass what some critics are calling a significant invasion of user privacy.
In a detailed perusal of the newly updated terms, two sections - 10.2 and 10.4 - stand out for their broad-ranging implications on how Zoom is permitted to utilize user data. These sections establish Zoom's rights to compile and utilize "Service Generated Data," which is any telemetry data, product usage data, diagnostic data, and similar content or data that Zoom collects in connection with users' use of their services or software.
Zoom's updated policy states that all rights to Service Generated Data are retained solely by Zoom. This extends to Zoom's rights to modify, distribute, process, share, maintain, and store such data "for any purpose, to the extent and in the manner permitted under applicable law.""
https://stackdiary.com/zoom-terms-now-allow-training-ai-on-user-content-with-no-opt-out/
"Worldcoin, OpenAI CEO Sam Altman’s bid to sew up the market for verifying humanness by convincing enough mobile meatsacks to have their eyeballs scanned in exchanged for crypto tokens (yes, really), only started its official global rollout this week but it’s already landed on the radar of European data protection authorities.
Why should anyone feel the need to prove their humanness on the Internet? Well one reason is that by unleashing free ‘power tools’ like ChatGPT Altman’s generative AI company is leading the charge to make it harder to distinguish between bot-generated and human digital activity. But don’t worry, he’s got an eyeball-scanning orb-plus-crypto-token to sell humanity on for that!
Pop-up locations where willing guinea pigs (i.e. humans) can get some Worldcoin “digital tokens” in exchange for feeding their biometric data into its proprietary Half Life-esque orbs have sprung up in four markets in Europe so far: The U.K., France, Germany and Spain. And, surprising precisely no-one, privacy regulators in at least three of those markets are already expressing concerns and/or actively investigating WTF Worldcoin is doing with European’s sensitive personal data." https://techcrunch.com/2023/07/28/world-gdpr-concerns/
#Crypto #Cryptocurrencies #Worldcoin #Biometrics #FacialRecognition: "Altman asegura que pasaporte y monedero serán imprescindibles cuando la inteligencia artificial general haya superado a la nuestra y los humanos desempleados necesitemos recibir una renta universal. “Es improbable que la paguemos nosotros”, aclaró recientemente su mánager europeo, Ricardo Macieira, “pero queremos ser la infraestructura que permita a gobiernos y entidades hacerlo”. La empresa se llama Tools for Humanity (Herramientas para la humanidad). Worldcoin opera desde una fundación registrada en las islas Caimán, un paraíso fiscal. Este diario ha intentado recabar la versión de Tools for Humanity por varios canales, sin obtener respuesta."
#SocialMedia #Twitter #Musk: ""I'm a software developer," Vaught told Ars. "And I was trying to come up with the right way to use that audience and do something with it."
But Vaught never had the time to focus on leveraging the @music audience, only ever benefiting from the account when companies occasionally sent him free perks like headphones in trade for promotions. Occasionally, buyers would approach Vaught, trying to tempt him to sell the @music handle, but the biggest offer was only around $5,000. Vaught said he was never interested because he knew that selling his handle violated Twitter's terms of service, and he figured there was more value in keeping the account.
Now X has taken the account away. In the email Vaught posted on X, the platform told Vaught that "the user handle associated with the account @music will be affiliated with X Corp."
"Accordingly, your handle will be changed to a new user handle," the email said.
If you visit @music now, it has 11 million followers, which—judging from an Internet Archive snapshot—appears to be generated from merging the now-defunct @TwitterMusic account into Vaught's @music account."
#UBI #Socialism #Communism #Capitalism: #Work #WageSlavery #PostWork: "The question is not whether but when work can be an expression of our freedom. I cannot lay out here the full conditions under which we can be free not just from but through work. But a few last points are worth making about the kinds of social freedom that a shared labor regime makes possible. One is that we can recover a piece of the post-work vision not by attacking the work ethic but by reconceptualizing it. In a society where everybody is ready to do their share of the necessary labor, nobody is forced to work. That is because, if someone were to stop doing what has to be done, others would step in and do it, meaning all the necessary work would still get done. Moreover, in a society where everybody is ready and willing to do their share as a matter of internal motivation, nobody would have to do all that much. The eight-hour day might become the four-hour day. That is the heart of the traditional connection between sharing labor and leisure in a socialist society. Sharing labor is the path to avoiding having to force people to work and to securing free time for everyone."
https://jacobin.com/2023/08/post-work-socialism-is-a-tempting-illusion/
RT @AlphaSignalAI
Impressive. MetaGPT is about to reach 10,000 stars on Github.
It's a Multi-Agent Framework that can behave as an engineer, product manager, architect, project managers.
With a single line of text it can output the entire process of a software company along with carefully orchestrated SOPs:
▸ Data structures
▸ APIs
▸ Documents
▸ User stories
▸ Competitive analysis
▸ Requirements
RT @smdiehl
Crypto trading is down 70%. The pool of greater fools has run dry. Nature is healing.
#AI #GenerativeAI #Apple #iPhone #iPad: "Apple is bulking up its expertise in generative AI to adapt it for iPhones and iPads, as the world’s biggest company by market value seeks to take advantage of the technology that has taken the industry by storm this year.
The Cupertino-based tech giant is hiring for dozens of roles across offices in California, Seattle, Paris and Beijing that will work on large language models or LLMs — software that can produce plausible text, images or code in response to simple prompts.
All the jobs were advertised between April and July and indicated that Apple was working on “ambitious long-term research projects that will impact the future of Apple, and our products”."
https://www.ft.com/content/d74477b6-8355-42a9-ae37-7c835880ef9e