Arthur T Knackerbracket has processed the following story:
I am still amazed how few people – even in IT – have heard of Windows Copilot. Microsoft's deep integration of Bing Chat into Windows 11 was announced with much fanfare back in May.
Microsoft hasn't been quiet about it – indeed it can’t seem to shut up about Copilot this and Copilot that – yet it seems that the real impact of this sudden Copilotization of all the things has somehow managed to fly under the radar.
[...] Microsoft has rushed to get Copilot into its operating system
[...] Windows Copilot looks just like Bing Chat – which may be why IT folks haven't given it a second look. Bing Chat has been available in Microsoft's Edge Browser for months – no biggie.
But Windows Copilot only looks like Bing Chat. While Bing Chat runs within the isolated environment of the web browser, Copilot abandons those safeties. Copilot can touch and change Windows system settings – not all of them (at least not yet) but some of them, with more being added all the time. That means Microsoft's AI chatbot has broken loose of its hermetically sealed browser, and has the run of our PCs.
[...] Every day we learn of new prompt injection attacks – weaponizing the ambiguities of human language (and, sometimes, just the right level of noise) to override the guardrails keeping AI chatbots on the straight and narrow. Consider a prompt injection attack hidden within a Word document: Submitted to Windows Copilot for an analysis and summary, the document also injects a script that silently transmits a copy of the files in the working directory to the attacker.
That sort of potential attack means that Microsoft needs to be very careful exactly what to enable in Windows Copilot, and how to enable it. Unfortunately, the strange-loop nature of AI chatbots means that it's difficult – maybe even impossible – to game out every possible attack scenario. Human language is just too weird, and the AI chatbots themselves are still very poorly understood.
Microsoft has rushed to get Copilot into its operating system. Nadella and co. feel as though they've stumbled on the best opportunity they've ever had to checkmate Google – the boogeyman they imagine as their biggest competitor. But this year has not been a stellar one for Microsoft's security profile – nor for the way it's fronted up about those issues.
When things start to go pear-shaped with Windows Copilot, will we know? Does Microsoft really believe it can win the race against a generation of Black Hat hackers who use language as a weapon? Or will we see this feature removed after release, as Microsoft rethinks desktop security in the age of pervasive AI?
Meanwhile, loorg has found this piece:
Copilot Deficit. MS Losing Money Per User.
Microsoft is apparently losing $20 per user per month that installs and pays the subscription fee ($10/month) to use Copilot. You have got to be fairly desperate to gain market share if you are willing to sell it at a loss. Or they want to hook customers early to later hike the price, as per usual.
Perhaps more importantly, are you getting your subfees worth of code or help per month?
Is the loss real tho? After all they are hooking a developer to their service and they are gaining code and data every month to feed into their machine. Most of that code is probably from the Copilot so it's feeding itself on itself, creating delusions or AI induced hallucinations. Eventually it will start to believe it's own code.
As the WSJ notes, individuals pay $10 per month for GitHub Copilot, but multiple sources told it that the service loses an average of $20 per user per month, with some users costing Microsoft as much as $80 per month. So it's likely that this situation played a role in the company's decision to charge a lot more for the AI capabilities it will soon provide via Microsoft 365 Copilot. That service will cost customers $30 per user per month on top of the normal monthly Microsoft 365 subscription fee (which varies by tier). It's not coincidental that Google will charge an identical additional per-user fee for its similar Duet AI offering.
Related Stories
Microsoft is working with media startup Semafor to use its artificial intelligence chatbot to help develop news stories—part of a journalistic outreach that comes as the tech giant faces a multibillion-dollar lawsuit from the New York Times.
As part of the agreement, Microsoft is paying an undisclosed sum of money to Semafor to sponsor a breaking news feed called "Signals." The companies would not share financial details, but the amount of money is "substantial" to Semafor's business, said a person familiar with the matter.
[...] The partnerships come as media companies have become increasingly concerned over generative AI and its potential threat to their businesses. News publishers are grappling with how to use AI to improve their work and stay ahead of technology, while also fearing that they could lose traffic, and therefore revenue, to AI chatbots—which can churn out humanlike text and information in seconds.
The New York Times in December filed a lawsuit against Microsoft and OpenAI, alleging the tech companies have taken a "free ride" on millions of its articles to build their artificial intelligence chatbots, and seeking billions of dollars in damages.
[...] Semafor, which is free to read, is funded by wealthy individuals, including 3G capital founder Jorge Paulo Lemann and KKR co-founder Henry Kravis. The company made more than $10 million in revenue in 2023 and has more than 500,000 subscriptions to its free newsletters. Justin Smith said Semafor was "very close to a profit" in the fourth quarter of 2023.
Related stories on SoylentNews:
AI Threatens to Crush News Organizations. Lawmakers Signal Change Is Ahead - 20240112
New York Times Sues Microsoft, ChatGPT Maker OpenAI Over Copyright Infringement - 20231228
Microsoft Shamelessly Pumping Internet Full of Garbage AI-Generated "News" Articles - 20231104
Google, DOJ Still Blocking Public Access to Monopoly Trial Docs, NYT Says - 20231020
After ChatGPT Disruption, Stack Overflow Lays Off 28 Percent of Staff - 20231017
Security Risks Of Windows Copilot Are Unknowable - 20231011
Microsoft AI Team Accidentally Leaks 38TB of Private Company Data - 20230923
Microsoft Pulls AI-Generated Article Recommending Ottawa Food Bank to Tourists - 20230820
A Jargon-Free Explanation of How AI Large Language Models Work - 20230805
the Godfather of AI Leaves Google Amid Ethical Concerns - 20230502
The AI Doomers' Playbook - 20230418
Ads Are Coming for the Bing AI Chatbot, as They Come for All Microsoft Products - 20230404
Deepfakes, Synthetic Media: How Digital Propaganda Undermines Trust - 20230319
For most people, Windows 10 will stop receiving critical security updates on October 14, 2025, roughly a decade after its initial release. For people using computers that can't upgrade to Windows 11 or organizations with dozens or hundreds of PCs to manage, Microsoft is making another three years of Extended Security Updates (ESUs) available, but only if you can pay for them. And the company is ready to start talking about pricing.
In a blog post published earlier this week, Microsoft's Jason Leznek writes that the first year of ESUs will cost $61 per PC for businesses that want to keep their systems updated.
And as with the Windows 7 ESUs a few years ago, Microsoft says that the price will double each year—so the second year of ESUs will cost $122 per PC, and the third year will cost a whopping $244 per device.
[...] Though Windows 11 launched in October of 2021, its adoption has mostly stalled out this year, and Windows 10 remains the most widely used version of Windows by a substantial margin. Statcounter data says that Windows 10 runs on 69 percent of all Windows PCs worldwide and 67 percent of PCs in the US, compared to about 27 and 29 percent for Windows 11 (respectively). The latest Steam Hardware Survey shows Windows 10 running on 54 percent of surveyed gaming PCs, compared to about 42 percent for Windows 11.
Related stories on SoylentNews:
(Score: 4, Touché) by Frosty Piss on Thursday October 12 2023, @06:36AM (3 children)
A serious snooze fest. Those that care but probably shouldn't, don't use Windows. Those that don't care, don't care. Seriously, who cares? It's Windows.
(Score: 4, Funny) by mcgrew on Thursday October 12 2023, @05:20PM (2 children)
I use Windows because it's what comes with the computer, and Linux's Libre Office lacks fonts I use. Yes, I could install them, but it's a PITA. This despite Mint being head and shoulders better. Tried to put it dual-boot on my newest notebook that's running Windows 11, and it installed but won't run and just makes the drive half as big as it was.
But I won't be using that computer to write. I'd hate for the bastard to add to, or delete, anything I'd written.
That said, it's El Reg, the least trustworthy tech site on the planet. Show me a better link and I'll be a little more worried, but it's TEH REGISTUH! They're only slightly more trustworthy than Fox News. Only sensationalism. Thay'd make a fried egg seem deadly.
mcgrewbooks.com mcgrew.info nooze.org
(Score: 2) by Frosty Piss on Thursday October 12 2023, @08:38PM (1 child)
You are unable (to learn how) to install fonts? Yes, I suppose Windows is for you.
(Score: 2) by mcgrew on Friday October 13 2023, @05:45PM
I can install fonts, I just don't want to go to the trouble when they're already installed on my other computers.
mcgrewbooks.com mcgrew.info nooze.org
(Score: 1, Insightful) by Anonymous Coward on Thursday October 12 2023, @06:41AM (6 children)
Have people already forgotten how they gave IE away for free?
(Score: 5, Touché) by jb on Thursday October 12 2023, @06:48AM (3 children)
That was sale for a profit. After all MSIE had significant negative value.
(Score: 5, Insightful) by Unixnut on Thursday October 12 2023, @11:38AM (2 children)
Also, if I remember correctly, they gave IE away for free to screw another browser company from which they had licenced the code from to build IE in the first place (IE was originally not a MS product, like most MS things they bought or licenced technology from others and re-branded it).
The licencing agreement stipulated a percentage royalty of each sale of Microsoft's browser goes to the company that they took the code from. By giving it away for a price of "$0", MS followed the letter of the legal agreement, and the company in question got nothing.
This was of course in addition to screwing Netscape and other browsers at the same time, by undercutting their browser cost as well, and bundling it with MS Windows to boot.
(Score: 3, Interesting) by aafcac on Thursday October 12 2023, @03:50PM
IIRC, that wound up costing the company literal billions in terms of the patches and security fixes that were required as a result of it being so tightly integrated into the OS in order to try and skirt antitrust regulations. Had it been a standalone product, it would have been far easier to sandbox or otherwise keep it from directly interacting with the rest of the system.
(Score: 2) by Unixnut on Thursday October 12 2023, @09:55PM
I think I may have found the company. If correct, it was called Spyglass: https://archive.seattletimes.com/archive/?date=19970102&slug=2516784 [seattletimes.com]
(Score: 4, Insightful) by DannyB on Thursday October 12 2023, @08:57PM (1 child)
Giving away the highly non-standard IE, especially IE 6, the bane of web developers everywhere, was an attempt to "Microsoftize" the internet. Everyone would build their web sites exclusively for IE 6. Microsoft built in lots of addictive cool features, that of course are not on other browsers. Listening to Microsoft fanboys swoon over those features and how easy they were to use and why would you bother to develop for other browsers that required so much more effort, etc, became tiring and felt like an uphill battle. Fortunately at some point in there, FireFox came along and began growing market share. Slowly but surely. It was a great day when Firefox finally exceeded IE market share. It gave me hope for a standards based internet (even if only defacto standards, like hayes modems were)
Looking back further in time.
In 1995, Bill Gates said that the internet was just a fad.
That same year, Microsoft seemed to realize the possible threat of web browsers being a platform neutral way of running applications that would make the OS irrelevant. How DARE they run on Macintosh or God Forbid on Linux or anything else.
Mac users were easily getting their computers on the internet and using software including web browsers. (And nice GUI versions of FTP, Usenet, Email, Telnet, etc)
So Microsoft needed a web browser. They found one that ran on Windows. It was called Spyglass. So Microsoft convinced Spyglass to sell its Spyglass browser to Microsoft. Microsoft offered this small company $100,000 up front plus a royalty percent of profits on all copies sold. Now that sounds like a FANTASTIC deal that would earn a LOT of money. Guess what? Microsoft renamed it to IE. And, exactly how many copies of IE were ever sold? Oh, it was a free download, and came bundled with the OS. Yep, that's how Microsoft rolls.
When trying to solve a problem don't ask who suffers from the problem, ask who profits from the problem.
(Score: 3, Insightful) by Unixnut on Thursday October 12 2023, @10:07PM
You know, replace "IE" with "Google Chrome" and "Microsoft" with "Alphabet" and what you wrote could pass for the modern day state of the internet, except with a bit more cross-platform capability (At least you can run Chrome on multiple OSes, but that is probably because Alphabet does not have any OS selling business to protect).
I literally have had websites that won't even work in Firefox, let alone any lesser known browsers and the companies response to this was "Use Google Chrome".
Thanks for mentioning Spyglass, further up I postulated that was the company in question, but I could not remember well and searching the internet for "Microsoft screws business partner" and variations thereof yielded so many results I could not easily find out that particular occurance.
(Score: 5, Insightful) by jb on Thursday October 12 2023, @06:45AM
There, FTFY.
Seriously, what do people expect? History has taught as that anything to do with Windows is always insecure.
(Score: 3, Insightful) by darkfeline on Thursday October 12 2023, @07:34AM (4 children)
Current AI is basically a person who's kind of book smart but street dumb. It has exactly the same problems as such a person.
How often do people get conned? You have heard about the recent MGM incident?
You will see the exact same problem if you replace Copilot with an average human as a secretary with root access to your computer.
Make an AI modeled after human intelligence, get human problems.
Join the SDF Public Access UNIX System today!
(Score: 5, Insightful) by JoeMerchant on Thursday October 12 2023, @10:43AM (1 child)
The solution is the same as for humans: real expert code review. This means putting around 3x (or more) of the effort currently typically expended on code creation.
Today's standard still seems to be: does it compile and seem to work at first glance. Or: in interpreted environments: does it seem to work at first glance and not crash in the first 30 seconds of use? If so, we are good to go, ship it!
More careful development teams have dedicated testers with requirements that they develop test cases for and once in a major update they will run all the test cases.
The problem is: nobody is taking much, if any, time to explore possible problems. We had one tester who would beat the hell out of the applications, misuse them in every way imaginable from a user perspective. He was as valuable as at least 3 typical testers who do the minimum required to say that the test cases demonstrate the requirements have been met.
At the developer level, writing code has mostly devolved into an exercise in searching for examples whenever what you tried the first time didn't work for whatever reason. AI should excel at this, but what is lacking is genuinely thinking about potential issues with the implementation. This is where code review excels: having to not only have your code execute on the computer but also being able to explain it to a human being. Bonus points if the human being you explain it to has some inkling of what is happening and potential problems that might crop up in the future.
Maybe a second AI could perform the code review function?
🌻🌻 [google.com]
(Score: 5, Interesting) by janrinok on Thursday October 12 2023, @11:07AM
That was Bytram's main role on this site for several years. I hope that when the time comes he will still be able to contribute, or at least advise the current testers, on how to go about it. He did QA work before joining this site including, if I remember correctly, for a Formula 1 team. He could break most code on the first few iterations without breaking into a sweat.
(Score: 3, Insightful) by Anonymous Coward on Thursday October 12 2023, @06:12PM (1 child)
> Current AI is basically a person...
This is not meant as an attack on you, darkfeline, but you did give me a good place to post this.
Due to clever naming and lots of press, pattern matching "AI" has been widely anthropomorphized--
anthropomorphize, verb: attribute human characteristics or behavior to (a god, animal, or object).
IMO, "AI" at this time is nothing at all like a person and my plea for today is that here on SN, we stop doing that.
(Score: 1, Informative) by Anonymous Coward on Thursday October 12 2023, @07:14PM
So much agreed.
And there is no question in how the "AI"s work.
(Score: 4, Insightful) by stratified cake on Thursday October 12 2023, @12:50PM
How can anyone with even the slightest idea of how LLMs work even for a second think that's not a horrible idea?
(Score: 5, Insightful) by VLM on Thursday October 12 2023, @01:36PM
The problem with connecting a LLM to a sysadmin console is the designs we've used for decades for operating systems rely on human visuospatial analysis skills.
Think of navigating the directory "tree" or having a cut-n-paste "ring" in emacs, it can't think that way.
A LLM can write an epic rap battle between vim and edlin editor, or it can summarize reviews and books, but it can't do visuospatial.
For a good time, talk to a LLM about topology. Its really good at "rub together 7500 online definitions of a Cauchy sequence and give me an implementation in Python" because its just averaging together 7500 identical-ish commentaries in its database. Its lost when you give it something like "imagine a triangle on top of a sphere on top of a cube, what's in the middle?" because there are not thousands of online docs discussing it. Linear algebra is also fun to F with AIs about, the AIs are really good at analyzing English prose about linalg but are useless at reasoning or applying linalg. "What is a determinant" will get an excellent response. "How do I use a determinant to figure this out" is Fing useless unless it's a perfect match to a textbook question that's been asked and provided with the answer key 999 times. See also using AI to code, its going to kick ass at fizzbuzz because that's been discussed online a million times, but do anything truly new? Nope.
The other problem with LLMs is it gets its information mostly online, and online is, unfortunately, dying, see dead internet theory. Humans have a problem with online data where, god help me, to this date in 2023, there's people who still think that MySQL cannot do transactions because that was added in the 90s and there's at least a decade of dotcom boom online documents from the pre-transaction era where people loudly denigrated MySQL for not doing transactions, and other humans copied them, so you'll still have humans in 2023 asking when transactions will be added to MySQL and not believing the answer is something like 199x. The problem for AI is it trains off online sources so you will probably get AI claims that MySQL cannot do transactions because LLMs cannot logically reason or chronologically analyze, they can only average together vast heaping piles of now-inaccurate text. The other problem with getting information online from digital sources that are dying out, is the population diverges pretty far from reality. An AI trained on a dataset from dead legacy paper and ink newspapers and magazines would rationally assume well over 51% of the human population is trans, for example, because that's all "those people" talk about anymore (which is probably why nobody reads 'those people' anymore), which will lead to very weird advice from the LLM, the classic garbage-in, garbage-out problem. So, most advice about solving windows problems online being absolute shitshows of karma farming and trolling mean a LLM trained off online data will be unproductive at fixing windows problems, for example. "As an AI, my advice for fixing windows problems is deleting COMMAND.COM and buying a mac" I mean in a way its not wrong, but in practice the user just wanted to know how to unmute their speaker audio.
(Score: 3, Interesting) by RedGreen on Thursday October 12 2023, @02:44PM (1 child)
It certainly is knowable it will be the standard not a god damn clue how to do it securely shit show like everything Microsoft has ever done. They have proven from the beginning of their company beyond any doubt they have not one single clue how to do anything securely. That people still have any trust in using their software is beyond understanding, exploit after exploit like the Energizer bunny they just keep on going and allowing them to happen with the garbage they produce every day at all times.
"I modded down, down, down, and the flames went higher." -- Sven Olsen
(Score: 4, Interesting) by DannyB on Thursday October 12 2023, @08:59PM
So basically, if you have corporate secrets or confidential information in any of:
* word
* powerpoint
* notepad
* Edge
* or just about anything else in Windows
Copilot will be free to read it, possibly change it for you, and make sure Microsoft knows all about it -- for, uh..., research -- yeah, that's it! Research.
When trying to solve a problem don't ask who suffers from the problem, ask who profits from the problem.