SoylentNews

bmimatt writes:

https://www.bleepingcomputer.com/news/security/malicious-ai-models-on-hugging-face-backdoor-users-machines/

At least 100 instances of malicious AI ML models were found on the Hugging Face platform, some of which can execute code on the victim's machine, giving attackers a persistent backdoor.

Hugging Face is a tech firm engaged in artificial intelligence (AI), natural language processing (NLP), and machine learning (ML), providing a platform where communities can collaborate and share models, datasets, and complete applications.

JFrog's security team found that roughly a hundred models hosted on the platform feature malicious functionality, posing a significant risk of data breaches and espionage attacks.

This happens despite Hugging Face's security measures, including malware, pickle, and secrets scanning, and scrutinizing the models' functionality to discover behaviors like unsafe deserialization.

[...] The analysts deployed a HoneyPot to attract and analyze the activity to determine the operators' real intentions but were unable to capture any commands during the period of the established connectivity (in one day).

Original Submission

owl writes:

https://www.theregister.com/2024/02/29/fuel_pump_leap_year_bug/

Today is February 29, an unusual day in that it is added to the common 28 in years that are multiples of four to keep the calendar in sync with the astronomical year.

This kludge prevents our seasons from drifting out of whack, but it presents a problem for computers and software, which have to be programmed to account for the extra day to avoid error conditions and incorrect data.

We are all using a computer of one sort or another to read this and hopefully nothing has caught fire, yet every leap year, something somewhere falls over hard.

In New Zealand, which has a head start on most of the world, it was payment systems at fuel pumps that have just staggered back to their feet after a nationwide outage lasting more than ten hours.

Original Submission

fliptop writes:

OpenAI has asked a federal judge to dismiss parts of the New York Times' copyright lawsuit against it, arguing that the newspaper "hacked" its chatbot ChatGPT and other artificial-intelligence systems to generate misleading evidence for the case:

OpenAI said in a filing in Manhattan federal court on Monday that the Times caused the technology to reproduce its material through "deceptive prompts that blatantly violate OpenAI's terms of use."

"The allegations in the Times's complaint do not meet its famously rigorous journalistic standards," OpenAI said. "The truth, which will come out in the course of this case, is that the Times paid someone to hack OpenAI's products."

OpenAI did not name the "hired gun" who it said the Times used to manipulate its systems and did not accuse the newspaper of breaking any anti-hacking laws.

[...] Courts have not yet addressed the key question of whether AI training qualifies as fair use under copyright law. So far, judges have dismissed some infringement claims over the output of generative AI systems based on a lack of evidence that AI-created content resembles copyrighted works.

Also at The Guardian, MSN and Forbes.

Previously:

• New York Times Sues Microsoft, ChatGPT Maker OpenAI Over Copyright Infringement
• Report: Potential NYT lawsuit could force OpenAI to wipe ChatGPT and start over
• Why the New York Times Might Win its Copyright Lawsuit Against OpenAI
• AI Threatens to Crush News Organizations. Lawmakers Signal Change Is Ahead

Original Submission

AnonTechie writes:

Evolution has produced a wondrously diverse variety of lifeforms here on Earth. It just so happens that talking primates with opposable thumbs rose to the top and are building a spacefaring civilization. And we're land-dwellers. But what about other planets? If the dominant species on an ocean world builds a technological civilization of some sort, would they be able to escape their ocean home and explore space?

A new article in the Journal of the British Interplanetary Society examines the idea of civilizations on other worlds and the factors that govern their ability to explore their solar systems. Its title is "Introducing the Exoplanet Escape Factor and the Fishbowl Worlds (Two conceptual tools for the search of extra-terrestrial civilizations)." The sole author is Elio Quiroga, a professor at the Universidad del Atlántico Medio in Spain.

We have no way of knowing if other Extraterrestrial Intelligences (ETIs) exist or not. There's at least some possibility that other civilizations exist, and we're certainly in no position to say for sure that they don't. The Drake Equation is one of the tools we use to talk about the existence of ETIs. It's a kind of structured thought experiment in the form of an equation that allows us to estimate the existence of other active, communicative ETIs. Some of the variables in the Drake Equation (DE) are the star formation rate, the number of planets around those stars, and the fraction of planets that could form life and on which life could evolve to become an ETI.

In his new research article, Quiroga comes up with two new concepts that feed into the DE: the Exoplanet Escape Factor and Fishbowl worlds.

[...] Quiroga's Exoplanet Escape Factor (Fex) can help us imagine what kinds of worlds could host ETIs. It can help us anticipate the factors that prevent or at least inhibit space travel, and it brings more complexity into the Drake Equation. It leads us to the idea of Fishbowl Worlds, inescapable planets that could keep a civilization planet-bound forever.

Without the ability to ever escape their planet and explore their solar systems, and without the ability to communicate beyond their worlds, could entire civilizations rise and fall without ever knowing the Universe they were a part of? Could it happen right under our noses, so to speak, and we'd never know ?

[Source]: Universe Today

[Also Covered By]: Phys.Org

An interesting conjecture worth pondering about !!

Original Submission

How do you find information online?

There are Lists of search engines.

But, which one(s) do you use and why?

Do you use just one search engine? Do you have one primary search engine and another one that you use only when your primary fails? May you use multiple engines depending on whether your search is on your desktop, mobile, or TV?

How do YOU choose?

hubie writes:

Customers prefer text over video to provide service feedback:

At a time when one viral video can damage a business, some companies are turning to their own commenting platforms rather than letting social media be the main outlet for customer feedback. Only one wrinkle: in this context, customers appear to prefer writing a message rather than leaving a video.

In a recent study, more participants indicated they would likely leave written compliments or complaints about service on a restaurant-provided tablet powered by artificial intelligence. A video message option appeared to discourage leaving feedback.

With more restaurants and hotels turning to AI to enhance their service, the findings indicate that methods that require "low self-disclosure" would work better, meaning ones that don't require customers to provide very much identifiable information.

"Some restaurants and hotels actually ask customers to create video testimonials that they can share, but for general customers, it seems they still feel more comfortable with low self-disclosure. This is probably because people still do not trust AI to that level," said lead author Ruiying Cai, a researcher in Washington State University's Carson College of Business.

With a lot of hype around AI technology, many people have misperceptions about what it can do, Cai pointed out, perhaps believing it is capable of a lot more than simply recording a message.

The study participants reported being concerned about what would be done with their information in all the scenarios, but this was heightened with the option to leave a video.

[...] The researchers found that the participants were more willing to give feedback using text, whether positive or negative.

Journal Reference:
Ruiying Cai, Yao-Chin Wang, Jie Sun. Customers' intention to compliment and complain via AI-enabled platforms: A self-disclosure perspective, International Journal of Hospitality Management, Volume 116, January 2024, 103628 https://doi.org/10.1016/j.ijhm.2023.103628

Original Submission

taylorvich writes:

https://phys.org/news/2024-02-pythagoras-wrong-universal-musical-harmonies.html

The tone and tuning of musical instruments has the power to manipulate our appreciation of harmony, new research shows. The findings challenge centuries of Western music theory and encourage greater experimentation with instruments from different cultures.

According to the Ancient Greek philosopher Pythagoras, 'consonance'—a pleasant-sounding combination of notes—is produced by special relationships between simple numbers such as 3 and 4. More recently, scholars have tried to find psychological explanations, but these 'integer ratios' are still credited with making a chord sound beautiful, and deviation from them is thought to make music 'dissonant,' unpleasant sounding.

But researchers from the University of Cambridge, Princeton and the Max Planck Institute for Empirical Aesthetics, have now discovered two key ways in which Pythagoras was wrong.

Their study, published in Nature Communications, shows that in normal listening contexts, we do not actually prefer chords to be perfectly in these mathematical ratios.

"We prefer slight amounts of deviation. We like a little imperfection because this gives life to the sounds, and that is attractive to us," said co-author, Dr. Peter Harrison, from Cambridge's Faculty of Music and Director of its Center for Music and Science.

The researchers also found that the role played by these mathematical relationships disappears when you consider certain musical instruments that are less familiar to Western musicians, audiences and scholars. These instruments tend to be bells, gongs, types of xylophones and other kinds of pitched percussion instruments. In particular, they studied the 'bonang,' an instrument from the Javanese gamelan built from a collection of small gongs.

fliptop writes:

Chinese police are investigating an unauthorized and highly unusual online dump of documents from a private security contractor linked to the nation's top policing agency and other parts of its government — a trove that catalogs apparent hacking activity and tools to spy on both Chinese and foreigners:

Among the apparent targets of tools provided by the impacted company, I-Soon: ethnicities and dissidents in parts of China that have seen significant anti-government protests, such as Hong Kong or the heavily Muslim region of Xinjiang in China's far west.

The dump of scores of documents late last week and subsequent investigation were confirmed by two employees of I-Soon, known as Anxun in Mandarin, which has ties to the powerful Ministry of Public Security. The dump, which analysts consider highly significant even if it does not reveal any especially novel or potent tools, includes hundreds of pages of contracts, marketing presentations, product manuals, and client and employee lists.

[...] The hacking tools are used by Chinese state agents to unmask users of social media platforms outside China such as X, formerly known as Twitter, break into email and hide the online activity of overseas agents. Also described are devices disguised as power strips and batteries that can be used to compromise Wi-Fi networks.

[...] "We see a lot of targeting of organizations that are related to ethnic minorities — Tibetans, Uyghurs. A lot of the targeting of foreign entities can be seen through the lens of domestic security priorities for the government," said Dakota Cary, a China analyst with the cybersecurity firm SentinelOne.

Also at WaPo, NYT, and The Guardian.

Originally spotted on Schneier on Security

Related: The Internet Enabled Mass Surveillance. A.I. Will Enable Mass Spying

Original Submission

upstart writes:

Company speaks out after reports of "surge pricing" test led to calls for boycotts online:

A day after American fast food chain Wendy's announced plans to test dynamic pricing and AI menu features in 2025, the company clarified its plans.

Wendy's said it will not dynamically raise menu prices based on demand after reports about the experiment, which was set to roll out in 2025, caused a stir online. In a statement to Reuters, a Wendy's spokesperson said it "would not raise prices when our customers are visiting us most." Instead, the company framed experimental price changes as discounts during "slower times of day."

"We said these menuboards would give us more flexibility to change the display of featured items. This was misconstrued in some media reports as an intent to raise prices when demand is highest," the company told Reuters. "We have no plans to do that."

Presuming that lowered prices during slow times will eventually rise again, it appears some sort of dynamic pricing will still be taking place.

According to the original report from Nation's Restaurant News and Food & Wine, prices for food items would automatically change throughout the day depending on demand, similar to "surge pricing" in rideshare apps like Uber and Lyft. The initiative was disclosed by Kirk Tanner, the CEO and president of Wendy's, in a recent discussion with analysts.

[...] In conversation with Food & Wine, a spokesperson for Wendy's confirmed the company's commitment to this pricing strategy, describing it as part of a broader effort to grow its digital business. "Beginning as early as 2025, we will begin testing a variety of enhanced features on these digital menuboards like dynamic pricing, different offerings in certain parts of the day, AI-enabled menu changes and suggestive selling based on factors such as weather," they said. "Dynamic pricing can allow Wendy's to be competitive and flexible with pricing, motivate customers to visit and provide them with the food they love at a great value. We will test a number of features that we think will provide an enhanced customer and crew experience."

[Ed's comment: As of 29 Feb, there is some reporting that the CEO of Wendy's has withdrawn the entire plan]

Original Submission

hendrikboom writes:

There's a new browser in town: Nyxt. It is free software. It is intended to be modified by the user, perhaps even rewritten. From https://nyxt.atlas.engineer/:

Built-in programmability.

Use the built-in REPL to program Nyxt. Run short scripts, and try out new workflows. Everything in Nyxt is fully extensible and modifiable.

It is written in Common Lisp.

Is this the browser we programmers have been waiting for? The one we can modify to our wildest dreams?

[Ed's comment: The linked source is obviously intended to show a potential user how it will work, and in this role it does a reasonable job. But there is not a great deal to explain why they think it is a game changer, or why it will appeal to many users. If it is necessary to use Lisp to extend the browser then perhaps it will not have the impact that they seem to believe it will have. But what do you think? Will it gain a foothold, or simply fade away to be forgotten except perhaps for a few enthusiasts?]

Original Submission

DannyB writes:

Boeing Missing Key Elements of Safety Culture: FAA Report

Employees lack awareness of the basics in reporting safety concerns.

The FAA blamed Boeing for a deficient safety culture in a 50-page report issued on Monday following a public outcry over several safety lapses before the January 5 incident in which a door plug "blew out" from an Alaska Airlines 737 Max 9 in mid-flight.

[....] an expert panel found what it called gaps in Boeing's safety journey and that a majority of employees did not show "skillful awareness" of the concepts of just culture and reporting culture.

Some things from that FAA report linked above:

The Expert Panel observed a disconnect between Boeing's senior management and other members of the organization on safety culture. Interviewees, including ODA [Organization Designation Authorization] (ODA)Unit Members (UM), also questioned whether Boeing's safety reporting systems would function in a way that ensures open communication and non-retaliation. The Expert Panel also observed inadequate and confusing implementation of the five components of a positive safety culture [....]

[....] Boeing safety management systems (SMS) procedures are not structured in a way that ensures all employees understand their role in the company's SMS. The procedures and training are complex and in a constant state of change, creating employee confusion especially among different work sites and employee groups. The Expert Panel also found a lack of awareness of safety-related metrics at all levels of the organization; employees had difficulty distinguishing the differences among various measuring methods, their purpose, and outcomes.

Boeing's restructuring of the management of the ODA unit decreased opportunities for interference and retaliation against UMs, and provides effective organizational messaging regarding independence of UMs. However, the restructuring, while better, still allows opportunities for retaliation to occur, particularly with regards to salary and furlough ranking. This influences the ability of UMs to execute their delegated functions effectively.

It's good as long as they can keep showing profits, increasing stock prices and executive bonuses.

Original Submission

upstart writes:

Astroscale's ADRAS-J spacecraft will inspect a dead Japanese rocket in orbit—a major moment in space-junk removal:

There are an estimated 500,000 pieces of space junk as small as a centimeter across orbiting Earth, and about 23,000 trackable objects bigger than 10 centimeters. Dead rockets make up an interesting—and dangerous—category. The 956 known rocket bodies in space account for just 4% of trackable objects but nearly a third of the total mass. The biggest empty rockets, mostly discarded by Russia in the 1980s, 1990s, and 2000s, weigh up to nine tons—as much as an elephant.

These discarded upper stages, the top section of a rocket that boosts a satellite or spacecraft into its final orbit, are left to drift around our planet once the launch is complete. They are uncontrolled, spinning haphazardly, and pose a huge risk. If any two were to collide, they would produce a deadly cloud of up to "10,000 to 20,000 fragments," says Darren McKnight, a space debris expert at the US debris tracking firm LeoLabs.

Such an event could happen at any moment. "At some point, I'd expect there to be a collision involving them," says Hugh Lewis, a space debris expert at the University of Southampton in the UK. "There's so much stuff out there." That would pose a huge problem, rendering parts of Earth's orbit unusable or, in a worst-case scenario, leading to a runaway chain reaction of collisions known as the Kessler syndrome. That could make some orbits unusable or even make human spaceflight too risky until the debris falls back into the atmosphere after decades to centuries.

Since 2007, when the United Nations introduced a new guideline that objects should be removed from space within 25 years of their operational lifetime, fewer rockets have been abandoned in orbit. Most upper stages now retain a bit of fuel to push themselves back into the atmosphere after launch. "They now tend to reserve some propellant to help them deorbit," says Lewis. But thousands of "legacy objects" remain from before this rule was introduced, Lewis adds.

upstart writes:

Sensitive location data could be sold off to the highest bidder:

In 2021, a company specializing in collecting and selling location data called Near bragged that it was "The World's Largest Dataset of People's Behavior in the Real-World," with data representing "1.6B people across 44 countries." Last year the company went public with a valuation of $1 billion (via a SPAC). Seven months later it filed for bankruptcy and has agreed to sell the company.

But for the "1.6B people" that Near said its data represents, the important question is: What happens to Near's mountain of location data? Any company could gain access to it through purchasing the company's assets.

The prospect of this data, including Near's collection of location data from sensitive locations such as abortion clinics, being sold off in bankruptcy has raised alarms in Congress. Last week, Sen. Ron Wyden (D-Ore.) wrote the Federal Trade Commission (FTC) urging the agency to "protect consumers and investors from the outrageous conduct" of Near, citing his office's investigation into the India-based company.

Wyden's letter also urged the FTC "to intervene in Near's bankruptcy proceedings to ensure that all location and device data held by Near about Americans is promptly destroyed and is not sold off, including to another data broker." The FTC took such an action in 2010 to block the use of 11 years worth of subscriber personal data during the bankruptcy proceedings of the XY Magazine, which was oriented to young gay men. The agency requested that the data be destroyed to prevent its misuse.

Wyden's investigation was spurred by a May 2023 Wall Street Journal report that Near had licensed location data to the anti-abortion group Veritas Society so it could target ads to visitors of Planned Parenthood clinics and attempt to dissuade women from seeking abortions. Wyden's investigation revealed that the group's geofencing campaign focused on 600 Planned Parenthood clinics in 48 states. The Journal also revealed that Near had been selling its location data to the Department of Defense and intelligence agencies.

upstart writes:

Growing but unprofitable, Reddit could kick off 2024's IPO cycle:

Social media giant Reddit filed to go public today [22 Feb 2024]. Its long-awaited S-1 filing will see it approach the public markets potentially at the head of a long column of richly valued technology startups and private companies that need to find an exit this year.

[...] The company's got a long and tangled history. It was sold in its infancy, only to be later spun back out. Today Reddit approaches the public markets with more than $800 million worth of revenue in 2023, up from $666.7 million in 2022.

However, the company remains unprofitable on both a GAAP and adjusted basis, and continues to consume cash to fund its operations. Scale has not yet solved the profitability question for Reddit, which could limit its potential valuation when it does list its shares.

In 2022, Reddit generated a net loss of $158.6 million and had an adjusted EBITDA of negative $108.4 million. In 2023, those figures improved to a $90.8 million net loss and $69.3 million worth of negative adjusted EBITDA. The company's free cash flow improved from –$100.3 million to –$84.8 million over the same timeframe.

The company may be making progress toward stemming the red ink that is missed in its annual figures. In the final quarter of 2023, Reddit not only posted what was at least a local maximum in revenue terms — $249.8 million — but also a net profit of $18.5 million. While the GAAP profit is notable for the fourth quarter, the company's free cash flow was still negative in the period, ending the three-month period at –$22 million.

Reddit raised more than $1 billion while private, according to Crunchbase data. That figure includes a massive $410 million Series F raised in 2021 and a smaller $368 million Series E raised earlier the same year. The Series E pushed Reddit's valuation to $6.4 billion, while its Series F took it to a roughly $10 billion valuation.

Both of those bubble-era valuations will be tested in Reddit's now quickly forthcoming IPO. But the company's debut will be more than a test for certain private-market startup valuations. Reddit is reportedly trying something novel in its own flotation.

In what is broadly viewed as an unorthodox move, Reddit reportedly plans to reserve an undetermined number of shares for 75,000 of its users, according to the Wall Street Journal, which cited people familiar with the matter. Those users will be given the chance to scoop up shares of Reddit at its IPO price before the stock even begins trading — something typically reserved only for large investors.

Original Submission

hubie writes:

Researchers Adopt Innovative Method to Boost Speed and Accuracy of Traditional Computing:

Quantum computing has been hailed as a technology that can outperform classical computing in both speed and memory usage, potentially opening the way to making predictions of physical phenomena not previously possible.

Many see quantum computing's advent as marking a paradigm shift from classical, or conventional, computing. Conventional computers process information in the form of digital bits (0s and 1s), while quantum computers deploy quantum bits (qubits) to store quantum information in values between 0 and 1. Under certain conditions this ability to process and store information in qubits can be used to design quantum algorithms that drastically outperform their classical counterparts. Notably, quantum's ability to store information in values between 0 and 1 makes it difficult for classical computers to perfectly emulate quantum ones.

However, quantum computers are finicky and have a tendency to lose information. Moreover, even if information loss can be avoided, it is difficult to translate it into classical information—which is necessary to yield a useful computation.

[...] The scientists' results show that classical computing can be reconfigured to perform faster and more accurate calculations than state-of-the-art quantum computers.

This breakthrough was achieved with an algorithm that keeps only part of the information stored in the quantum state—and just enough to be able to accurately compute the final outcome.

"This work shows that there are many potential routes to improving computations, encompassing both classical and quantum approaches," explains Dries Sels, an assistant professor in New York University's Department of Physics and one of the paper's authors. "Moreover, our work highlights how difficult it is to achieve quantum advantage with an error-prone quantum computer."