Will be Prosumer's Revolution and Technical Revolution in the Future!
Linux User/Developer is also Windows User/Developer... Cross Platform Engineer...
"21C 공학인을 대통령, 국회의원으로 만들자!" "더욱 더 많은 동지분들이 공학제국 건설에 동참할 수 있도록 널리 알려주세요~" [ F = m * a ]
과학기술/공학인이 대한민국 국회 의석의 50% 이상을 확보하는 그날을 위하여~ ^___^
"Pig Butchering Alert: Fraudulent Trading App targeted iOS and Android users."
That's the title of a new report released this week by cybersecurity company Group-IB revealing the official Apple App Store and Google Play store offered apps that were actually one part of a larger fraud campaign. "To complete the scam, the victim is asked to fund their account... After a few seemingly successful trades, the victim is persuaded to invest more and more money. The account balance appears to grow rapidly. However, when the victim attempts to withdraw funds, they are unable to do so."
Forbes reports:
Group-IB determined that the frauds would begin with a period of social engineering reconnaissance and entrapment, during which the trust of the potential victim was gained through either a dating app, social media app or even a cold call. The attackers spent weeks on each target. Only when this "fattening up" process had reached a certain point would the fraudsters make their next move: recommending they download the trading app from the official App Store concerned.
When it comes to the iOS app, which is the one that the report focussed on, Group-IB researchers said that the app remained on the App Store for several weeks before being removed, at which point the fraudsters switched to phishing websites to distribute both iOS and Android apps. The use of official app stores, albeit only fleetingly as Apple and Google removed the fake apps in due course, bestowed a sense of authenticity to the operation as people put trust in both the Apple and Google ecosystems to protect them from potentially dangerous apps.
"The use of web-based applications further conceals the malicious activity," according to the researchers, "and makes detection more difficult."
[A]fter the download is complete, the application cannot be launched immediately. The victim is then instructed by the cybercriminals to manually trust the Enterprise developer profile. Once this step is completed, the fraudulent application becomes operational... Once a user registers with the fraudulent application, they are tricked into completing several steps. First, they are asked to upload identification documents, such as an ID card or passport. Next, the user is asked to provide personal information, followed by job-related details...
The first discovered application, distributed through the Apple App Store, functions as a downloader, merely retrieving and displaying a web-app URL. In contrast, the second application, downloaded from phishing websites, already contains the web-app within its assets. We believe this approach was deliberate, since the first app was available in the official store, and the cybercriminals likely sought to minimise the risk of detection. As previously noted, the app posed as a tool for mathematical formulas, and including personal trading accounts within an iOS app would have raised immediate suspicion.
The app (which only runs on mobile phones) first launches a fake activity with formulas and graphics, according to the researchers. "We assume that this condition must bypass Apple's checks before being published to the store. As we can see, this simple trick allows cybercriminals to upload their fraudulent application to the Apple Store." They argue their research "reinforces the need for continued review of app store submissions to prevent such scams from reaching unsuspecting victims". But it also highlights "the importance of vigilance and end-user education, even when dealing with seemingly trustworthy apps..."
"Our investigation began with an analysis of Android applications at the request of our client. The client reported that a user had been tricked into installing the application as part of a stock investment scam. During our research, we uncovered a list of similar fraudulent applications, one of which was available on the Google Play Store. These apps were designed to display stock-related news and articles, giving them a false sense of legitimacy."
Wired reports on "AI-powered cameras mounted on cars and trucks, initially designed to capture license plates, but which are now photographing political lawn signs outside private homes, individuals wearing T-shirts with text, and vehicles displaying pro-abortion bumper stickers — all while recordi00ng the precise locations of these observations..."
The detailed photographs all surfaced in search results produced by the systems of DRN Data, a license-plate-recognition (LPR) company owned by Motorola Solutions. The LPR system can be used by private investigators, repossession agents, and insurance companies; a related Motorola business, called Vigilant, gives cops access to the same LPR data. However, files shared with WIRED by artist Julia Weist, who is documenting restricted datasets as part of her work, show how those with access to the LPR system can search for common phrases or names, such as those of politicians, and be served with photographs where the search term is present, even if it is not displayed on license plates... Beyond highlighting the far-reaching nature of LPR technology, which has collected billions of images of license plates, the research also shows how people's personal political views and their homes can be recorded into vast databases that can be queried.
"It really reveals the extent to which surveillance is happening on a mass scale in the quiet streets of America," says Jay Stanley, a senior policy analyst at the American Civil Liberties Union. "That surveillance is not limited just to license plates, but also to a lot of other potentially very revealing information about people."
DRN, in a statement issued to WIRED, said it complies with "all applicable laws and regulations...." Over more than a decade, DRN has amassed more than 15 billion "vehicle sightings" across the United States, and it claims in its marketing materials that it amasses more than 250 million sightings per month. Images in DRN's commercial database are shared with police using its Vigilant system, but images captured by law enforcement are not shared back into the wider database. The system is partly fueled by DRN "affiliates" who install cameras in their vehicles, such as repossession trucks, and capture license plates as they drive around. Each vehicle can have up to four cameras attached to it, capturing images in all angles. These affiliates earn monthly bonuses and can also receive free cameras and search credits...
"License plate recognition (LPR) technology supports public safety and community services, from helping to find abducted children and stolen vehicles to automating toll collection and lowering insurance premiums by mitigating insurance fraud," Jeremiah Wheeler, the president of DRN, says in a statement... Wheeler did not respond to WIRED's questions about whether there are limits on what can be searched in license plate databases, why images of homes with lawn signs but no vehicles in sight appeared in search results, or if filters are used to reduce such images.
Privacy experts shared their reactions with Wired
"Perhaps [people] want to express themselves in their communities, to their neighbors, but they don't necessarily want to be logged into a nationwide database that's accessible to police authorities." — Jay Stanley, a senior policy analyst at the American Civil Liberties Union
"When government or private companies promote license plate readers, they make it sound like the technology is only looking for lawbreakers or people suspected of stealing a car or involved in an amber alert, but that's just not how the technology works. The technology collects everyone's data and stores that data often for immense periods of time." — Dave Maass, an EFF director of investigations
"The way that the country is set up was to protect citizens from government overreach, but there's not a lot put in place to protect us from private actors who are engaged in business meant to make money." — Nicole McConlogue, associate law professor at Mitchell Hamline School of Law (who has researched license-plate-surveillance systems)
Thanks to long-time Slashdot reader schwit1 for sharing the article.
The Washington Post interviewed Lebanese officials, people close to Hezbollah, and Israeli, Arab and U.S. security officials and politicians about a years-long plan (originated at Mossad headquarters) that ultimately killed or maimed "as many as 3,000 Hezbollah officers and members — most of them rear-echelon figures... along with an unknown number of civilians... when Israel's Mossad intelligence service triggered the devices remotely on September 17."
In the initial sales pitch to Hezbollah two years ago, the new line of Apollo pagers seemed precisely suited to the needs of a militia group with a sprawling network of fighters and a hard-earned reputation for paranoia... Best of all, there was no risk that the pagers could ever be tracked by Israel's intelligence services. Hezbollah's leaders were so impressed they bought 5,000 of them and began handing them out to mid-level fighters and support personnel in February. None of the users suspected they were wearing an ingeniously crafted Israeli bomb...
Israeli officials had watched with increasing anxiety as the Lebanese group added new weapons to an arsenal already capable of striking Israeli cities with tens of thousands of precision-guided missiles. Mossad, the Israeli intelligence service responsible for combating foreign threats to the Jewish state, had worked for years to penetrate the group with electronic monitoring and human informants. Over time, Hezbollah leaders learned to worry about the group's vulnerability to Israeli surveillance and hacking, fearing that even ordinary cellphones could be turned into Israeli-controlled eavesdropping and tracking devices. Thus was born the idea of creating a kind of communications Trojan horse, the officials said. Hezbollah was looking for hack-proof electronic networks for relaying messages, and Mossad came up with a pair of ruses that would lead the militia group to purchase devices that seemed perfect for the job — equipment that Mossad designed and had assembled in Israel.
The first part of the plan, booby-trapped walkie-talkies, began being inserted into Lebanon by Mossad nearly a decade ago, in 2015. The mobile two-way radios contained oversized battery packs, a hidden explosive and a transmission system that gave Israel complete access to Hezbollah communications. For nine years, the Israelis contented themselves with eavesdropping on Hezbollah, the officials said, while reserving the option to turn the walkie-talkies into bombs in a future crisis. But then came a new opportunity and a glitzy new product: a small pager equipped with a powerful explosive. In an irony that would not become clear for many months, Hezbollah would end up indirectly paying the Israelis for the tiny bombs that would kill or wound many of its operatives.
Because Hezbollah leaders were alert to possible sabotage, the pagers could not originate in Israel, the United States or any other Israeli ally. So, in 2023, the group began receiving solicitations for the bulk purchase of Taiwanese-branded Apollo pagers, a well-recognized trademark and product line with a worldwide distribution and no discernible links to Israeli or Jewish interests. The Taiwanese company had no knowledge of the plan, officials said... The marketing official had no knowledge of the operation and was unaware that the pagers were physically assembled in Israel under Mossad oversight, officials said... In a feat of engineering, the bomb component was so carefully hidden as to be virtually undetectable, even if the device was taken apart, the officials said. Israeli officials believe that Hezbollah did disassemble some of the pagers and may have even X-rayed them.
"Thousands of Apollo-branded pagers rang or vibrated at once, all across Lebanon and Syria," according to the article, with a short sentence in Arabic that said "You received an encrypted message." The two-button de-encryption procedure "ensured most users would be holding the pager with both hands when it detonated," according to the article, although "Less than a minute later, thousands of other pagers exploded by remote command, regardless of whether the user ever touched his device. The following day, on September 18, hundreds of walkie-talkies blew up in the same way, killing and maiming users and bystanders..."
"As Hezbollah reeled, Israel struck again, pounding the group's headquarters, arsenals and logistic centers with 2,000-pound bombs," the article concludes. And the strike "convinced the country's political leaders that Hezbollah could be put on the ropes, susceptible to a systematic dismantling using airstrikes and, eventually a ground invasion..."
"A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers," reports the Wall Street Journal, "potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests.
"For months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S. requests for communications data, according to people familiar with the matter, which amounts to a major national security risk."
The attackers also had access to other tranches of more generic internet traffic, they said. Verizon Communications, AT&T and Lumen Technologies are among the companies whose networks were breached by the recently discovered intrusion, the people said.
The widespread compromise is considered a potentially catastrophic security breach and was carried out by a sophisticated Chinese hacking group dubbed Salt Typhoon. It appeared to be geared toward intelligence collection, the people said... The surveillance systems believed to be at issue are used to cooperate with requests for domestic information related to criminal and national security investigations. Under federal law, telecommunications and broadband companies must allow authorities to intercept electronic information pursuant to a court order. It couldn't be determined if systems that support foreign intelligence surveillance were also vulnerable in the breach...
The hackers appear to have engaged in a vast collection of internet traffic from internet service providers that count businesses large and small, and millions of Americans, as their customers. Additionally, there are indications that the hacking campaign targeted a small number of service providers outside the U.S., the people said. A person familiar with the attack said the U.S. government considered the intrusions to be historically significant and worrisome... "It will take time to unravel how bad this is, but in the meantime it's the most significant in a long string of wake-up calls that show how the PRC has stepped up their cyber game," said Brandon Wales, former executive director at the Cybersecurity and Infrastructure Security Agency and now a vice president at SentinelOne, referring to the People's Republic of China. "If companies and governments weren't taking this seriously before, they absolutely need to now."
Three weeks ago TechCrunch also reported that the FBI "took control of a botnet made up of hundreds of thousands of internet-connected devices, such as cameras, video recorders, storage devices, and routers, which was run by a Chinese government hacking group, FBI director Christopher Wray and U.S. government agencies revealed Wednesday.
This week the U.S. Attorney's Office for the Southern District of New York unsealed charges over a "scheme to commit fraud" in carbon markets, which they say fraudulently netted one company "tens of millions of dollars" worth of credits — which led to "securing an investment of over $100 million."
MarketWatch reports:
Ken Newcombe had spent years building a program to distribute more environmentally friendly cookstoves for free to rural communities in Africa and Southeast Asia. The benefit for his company, C-Quest Capital, would be the carbon credits it would receive in exchange for reducing the amount of fuel people burned in order to cook food — credits the company could then sell for a profit to big oil companies like BP.
But when Newcombe tried to ramp up the program, federal prosecutors said in an indictment made public Wednesday, he quickly realized that the stoves wouldn't deliver the emissions savings he had promised investors. Rather than admit his mistake, he and his partners cooked the books instead, prosecutors said... That allowed them to obtain carbon credits worth tens of millions of dollars that they didn't deserve, prosecutors said. On the basis of the fraudulently gained credits, prosecutors said, C-Quest was able to secure $250 million in funding from an outside investor.
"The alleged actions of the defendants and their co-conspirators risked undermining the integrity of [the global market for carbon credits], which is an important part of the fight against climate change," said Damian Williams, the U.S. attorney for the Southern District of New York.
From announced by the U.S. Attorney's Office:
U.S. Attorney Damian Williams said... "The alleged actions of the defendants and their co-conspirators risked undermining the integrity of that market, which is an important part of the fight against climate change. Protecting the sanctity and integrity of the financial markets continues to be a cornerstone initiative for this Office, and we will continue to be vigilant in rooting out fraud in the market for carbon credits...."
While most carbon credits are created through, and trade in compliance markets, there is also a voluntary carbon market. Voluntary markets revolve around companies and entities that voluntarily set goals to reduce or offset their carbon emissions, often to align with goals from employees or shareholders. In voluntary markets, the credits are issued by non-governmental organizations, using standards for measuring emission reductions that they develop based on input from market participants, rather than on mandates from governments. The non-governmental organizations issue voluntary carbon credits to project developers that run projects that reduce emissions or remove greenhouse gases from the atmosphere.
CQC was a for-profit company that ran projects to generate carbon credits — including a type of credit known as a voluntary carbon unit ("VCU") — by reducing emissions of greenhouse gases. CQC profited by selling VCUs it obtained, often to companies seeking to offset the impact of greenhouse gases they emit in the course of operating their businesses.
The company itself was not charged due to "voluntary and timely self-disclosure of misconduct," according to the announcement, along with "full and proactive cooperation, timely and appropriate remediation, and agreement to cancel or void certain voluntary carbon units.
The Washington Post on scientists who "discovered that bacteria commonly found in wastewater can break down plastic to turn it into a food source, a finding that researchers hope could be a promising answer to combat one of Earth's major pollution problems."
In a study published Thursday in Environmental Science and Technology, scientists laid out their examination of Comamonas testosteroni, a bacteria that grows on polyethylene terephthalate, or PET, a plastic commonly found in single-use food packaging and water bottles. PET makes up about 12 percent of global solid waste and 90 million tons of the plastic produced each year... Unlike most other bacteria, which thrive on sugar, C. testosteroni has a more refined palate, including chemically complex materials from plants and plastics that take longer to decompose.
The researchers are the first to demonstrate not only that this bacteria can break down plastic, but they also illuminate exactly how they do it. Through six meticulous steps, involving complex imaging and gene editing techniques, the authors found that the bacteria first physically break down plastic by chewing it into smaller pieces. Then, they release enzymes — components of a cell that speed up chemical reactions — to chemically break down the plastic into a carbon-rich food source known as terephthalate...
The bacteria take a few months to break down chunks of plastic, according to Rebecca Wilkes [a lead author on the study and postdoctoral researcher at the National Renewable Energy Laboratory]. As a result, if the bacteria are going to be efficient tools, a lot of optimization needs to take place to speed up the rate at which they decompose pollutants. One approach is to promote bacterial growth by providing them with an additional food source, such as a chemical known as acetate.
A senior author on the study (and associate professor of civil and environmental engineering at Northwestern University) tells the Washington Post that "The machinery in environmental microbes is still a largely untapped potential for uncovering sustainable solutions we can exploit."
T-Mobile experienced three major data breaches in 2021, 2022, and 2023, according to CSO Online, "which impacted millions of its customers."
After a series of investigations by America's Federal Communications Commission, T-Mobile agreed in court to a number of settlement conditions, including moving toward a "modern zero-trust architecture," designating a Chief Information Security Office, implementing phishing-resistant multifactor authentication, and adopting data minimization, data inventory, and data disposal processes designed to limit its collection and retention of customer information.
Slashdot reader itwbennett writes: According to a consent decree published on Monday by the U.S. Federal Communications Commission, T-Mobile must pay a $15.75 million penalty and invest an equal amount "to strengthen its cybersecurity program, and develop and implement a compliance plan to protect consumers against similar data breaches in the future."
"Implementing these practices will require significant — and long overdue — investments. To do so at T-Mobile's scale will likely require expenditures an order of magnitude greater than the civil penalty here,' the consent decree said.
The article points out that order of magnitude greater than $15.75 million would be $157.5 million...
Last week the Register warned "If you're running the Unix printing system CUPS, with cups-browsed present and enabled, you may be vulnerable to attacks that could lead to your computer being commandeered over the network or internet." (Although the CEO of cybersecurity platform watchTowr told them "the vulnerability impacts less than a single-digit percentage of all deployed internet-facing Linux systems.")
But Tuesday generic (Slashdot reader #14,144) shared this new warning from Akamai:
Akamai researchers have confirmed a new attack vector using CUPS that could be leveraged to stage distributed denial-of-service (DDoS) attacks. Research shows that, to begin the attack, the attacking system only needs to send a single packet to a vulnerable and exposed CUPS service with internet connectivity.
The Akamai Security Intelligence and Response Team (SIRT) found that more than 198,000 devices are vulnerable to this attack vector and are accessible on the public internet; roughly 34% of those could be used for DDoS abuse (58,000+). Of the 58,000+ vulnerable devices, hundreds exhibited an "infinite loop" of requests.
The limited resources required to initiate a successful attack highlights the danger: It would take an attacker mere seconds to co-opt every vulnerable CUPS service currently exposed on the internet and cost the attacker less than a single US cent on modern hyperscaler platforms.
Days after a hurricane struck America's southeast, Florida's state's fire marshall "confirmed 16 lithium-ion battery fires related to storm surge," according to local news reports. "Officials said six of those fires are associated with electric vehicles and they are working with fire departments statewide to gather more data." (Earlier this year America's federal transportation safety agency estimated that after a 2022 hurricane "about 36 EVs caught on fire. In several instances, the fire erupted while the impacted EVs were being towed on their flatbed trailers.")
But Tuesday, when over 1 million Americans were without electricity, the Atlantic pointed out the other side of the story. "EV owners are using their cars to keep the lights on."
When Hurricane Helene knocked out the power in Charlotte, North Carolina, on Friday, Dustin Baker, like many other people across the Southeast, turned to a backup power source. His just happened to be an electric pickup truck. Over the weekend, Baker ran extension cords from the back of his Ford F-150 Lightning, using the truck's battery to keep his refrigerator and freezer running. It worked so well that Baker became an energy Good Samaritan. "I ran another extension cord to my neighbor so they could run two refrigerators they have," he told me.
Americans in hurricane territory have long kept diesel-powered generators as a way of life, but electric cars are a leap forward. An EV, at its most fundamental level, is just a big battery on wheels that can be used to power anything, not only the car itself. Some EVs pack enough juice to power a whole home for several days, or a few appliances for even longer. In the aftermath of Helene, as millions of Americans were left without power, many EV owners did just that. A vet clinic that had lost power used an electric F-150 to keep its medicines cold and continue seeing patients during the blackout. One Tesla Cybertruck owner used his car to power his home after his entire neighborhood lost power.
One Louisiana man just ran cords straight from the outlets in the bed of his Tesla Cybertruck, according to the article. "We were able to run my internet router and TV, [plus] lamps, refrigerator, a window AC unit, and fans, as well as several phone, watch, and laptop chargers."
Over the course of about 24 hours, he said, all of this activity ran his Cybertruck battery down from 99 percent to 80 percent...
Bidirectional charging may prove to be the secret weapon that sells electrification to the South, which has generally remained far behind the West and the Northeast in electric-vehicle purchases. If EVs become widely seen as the best option for blackouts, they could entice not just the climate conscious but also the suburban dads in hurricane country with a core belief in prepping for anything. It will take a lot to overcome the widespread distrust of EVs and anxiety about a new technology, but our loathing of power outages just might do the trick.
The article notes that Tesla has confirmed all its electric vehicles will support bidirectional charging by 2025.
"Can you believe that we've been demanding user freedom since 1985?" asks a new blog post at FSF.org:
Today, we're celebrating our thirty-ninth anniversary, the "lace year," which represents the intertwined nature and strength of our relationship with the free software community. We wouldn't be here without you, and we are so grateful for everyone who has stood with us, advocating for a world where complete user freedom is the norm and not the exception.
As we celebrate our anniversary and reflect on the past thirty-nine years, we feel inspired by how far we've come, not only as a movement but as an organization, and the changes that we've gone through. While we inevitably have challenges ahead, we feel encouraged and eager to take them on knowing that you'll be right there with us, working for a free future for everyone. Here's to many more years of fighting for user freedom!
Their suggestions for celebrating include:
Try a fully free distribution of GNU/Linux or help someone else give it a try
Learn how to encrypt your emails and opt out of bulk surveillance
Take a small step with big impact and swap out one nonfree program with one that's truly free
If you have an Android phone, download F-Droid, which is a catalogue of hundreds of free software applications
Wish us happy birthday on social media. [Which for the FSF is Mastodon, PeerTube, and GNU social.]
Join a Free Software Directory (FSD) meeting, which we host every Friday from 16:00 to 19:00 UTC.
Become an associate member or gift a membership to a friend
Donate $39 to help support free software advocacy
Print off stickers of our 39th birthday cake
Change your desktop background to an early-2000s-cyberspace-inspired image of our former front desk. (And then switch out your browser theme to match your new desktop background.)
And to help with the celebrations they share a free video teaching the basics of SuperCollider (the free and open source audio synthesis/algorithmic composition software). The video appears on FramaTube, an instance of the decentralized (and ActivityPub-federated) Peertube video platform, supported by the French non-profit Framasoft and powered by WebTorrent, using peer-to-peer technology to reduce load on individual servers.
An anonymous reader quotes a report from The Register: Comcast says data on 237,703 of its customers was in fact stolen in a cyberattack on a debt collector it was using, contrary to previous assurances it was given that it was unaffected by that intrusion. That collections agency, Financial Business and Consumer Solutions aka FBCS, was compromised in February, and according to a filing with Maine's attorney general, the firm informed the US cable giant about the unauthorized access in March. At the time, FBCS told the internet'n'telly provider that no Comcast customer information was affected. However, that changed in July, when the collections outfit got in touch again to say that, actually, the Comcast subscriber data it held had been pilfered.
Among the data types stolen were names, addresses, Social Security numbers, dates of birth, and the Comcast account numbers and ID numbers used internally at FBCS. The data pertains to those registered as customers at "around 2021." Comcast stopped using FBCS for debt collection services in 2020. Comcast made it clear its own systems, including those of its broadband unit Xfinity, were not broken into, unlike that time in 2023. FBCS earlier said more than 4 million people had their records accessed during that February break-in. As far as we're aware, the agency hasn't said publicly exactly how that network intrusion went down. Now Comcast is informing subscribers that their info was taken in that security breach, and in doing so seems to be the first to say the intrusion was a ransomware attack. [...]
FBCS's official statement only attributes the attack to an "unauthorized actor." It does not mention ransomware, nor many other technical details aside from the data types involved in the theft. No ransomware group we're aware of has ever claimed responsibility for the raid on FBCS. When we asked Comcast about the ransomware, it simply referred us back to the customer notification letter. The cableco used that notification to send another small middle finger FBCS's way, slyly revealing that the agency's financial situation prevents it from offering the usual identity and credit monitoring protection for those affected, so Comcast is having to foot the bill itself.
On September 28, California amended the California Consumer Privacy Act of 2018 to recognize the importance of mental privacy. "The law marks the second such legal protection for data produced from invasive neurotechnology, following Colorado, which incorporated neural data into its state data privacy statute, the Colorado Privacy Act (CPA) in April," notes Law.com. GovTech reports: The new bill amends the California Consumer Privacy Act of 2018, which grants consumers rights over personal information that is collected by businesses. The term "personal information" already included biometric data (such as your face, voice, or fingerprints). Now it also explicitly includes neural data. The bill defines neural data as "information that is generated by measuring the activity of a consumer's central or peripheral nervous system, and that is not inferred from nonneural information." In other words, data collected from a person's brain or nerves.
The law prevents companies from selling or sharing a person's data and requires them to make efforts to deidentify the data. It also gives consumers the right to know what information is collected and the right to delete it. "This new law in California will make the lives of consumers safer while sending a clear signal to the fast-growing neurotechnology industry there are high expectations that companies will provide robust protections for mental privacy of consumers," Jared Genser, general counsel to the Neurorights Foundation, which cosponsored the bill, said in a statement. "That said, there is much more work ahead."
Audio Overview, a new AI podcasting tool by Google, can generate realistic podcasts with human-like voices using content uploaded by users through NotebookLM. MIT Technology Review reports: NotebookLM, which is powered by Google's Gemini 1.5 model, allows people to upload content such as links, videos, PDFs, and text. They can then ask the system questions about the content, and it offers short summaries. The tool generates a podcast called Deep Dive, which features a male and a female voice discussing whatever you uploaded. The voices are breathtakingly realistic -- the episodes are laced with little human-sounding phrases like "Man" and "Wow" and "Oh right" and "Hold on, let me get this right." The "hosts" even interrupt each other.
The AI system is designed to create "magic in exchange for a little bit of content," Raiza Martin, the product lead for NotebookLM, said on X. The voice model is meant to create emotive and engaging audio, which is conveyed in an "upbeat hyper-interested tone," Martin said. NotebookLM, which was originally marketed as a study tool, has taken a life of its own among users. The company is now working on adding more customization options, such as changing the length, format, voices, and languages, Martin said. Currently it's supposed to generate podcasts only in English, but some users on Reddit managed to get the tool to create audio in French and Hungarian. Here are some examples highlighted by MIT Technology Review: Allie K. Miller, a startup AI advisor, used the tool to create a study guide and summary podcast of F. Scott Fitzgerald's The Great Gatsby.
Machine-learning researcher Aaditya Ura fed NotebookLM with the code base of Meta's Llama-3 architecture. He then used another AI tool to find images that matched the transcript to create an educational video.
Alex Volkov, a human AI podcaster, used NotebookLM to create a Deep Dive episode summarizing of the announcements from OpenAI's global developer conference Dev Day.
In one viral clip, someone managed to send the two voices into an existential spiral when they "realized" they were, in fact, not humans but AI systems. The video is hilarious.
The tool is also good for some laughs. Exhibit A: Someone just fed it the words "poop" and "fart" as source material, and got over nine minutes of two AI voices analyzing what this might mean.
An anonymous reader quotes a report from TechCrunch: The European Union's top court has sided with a privacy challenge to Meta's data retention policies. It ruled on Friday that social networks, such as Facebook, cannot keep using people's information for ad targeting indefinitely. The judgement could have major implications on the way Meta and other ad-funded social networks operate in the region. Limits on how long personal data can be kept must be applied in order to comply with data minimization principles contained in the bloc's General Data Protection Regulation (GDPR). Breaches of the regime can lead to fines of up to 4% of global annual turnover -- which, in Meta's case, could put it on the hook for billions more in penalties (NB: it is already at the top of the leaderboard of Big Tech GDPR breachers). [...]
The original challenge to Meta's ad business dates back to 2014 but was not fully heard in Austria until 2020, per noyb. The Austrian supreme court then referred several legal questions to the CJEU in 2021. Some were answered via a separate challenge to Meta/Facebook, in a July 2023 CJEU ruling -- which struck down the company's ability to claim a "legitimate interest" to process people's data for ads. The remaining two questions have now been dealt with by the CJEU. And it's more bad news for Meta's surveillance-based ad business. Limits do apply. Summarizing this component of the judgement in a press release, the CJEU wrote: "An online social network such as Facebook cannot use all of the personal data obtained for the purposes of targeted advertising, without restriction as to time and without distinction as to type of data."
The ruling looks important on account of how ads businesses, such as Meta's, function. Crudely put, the more of your data they can grab, the better -- as far as they are concerned. Back in 2022, an internal memo penned by Meta engineers which was obtained by Vice's Motherboard likened its data collection practices to tipping bottles of ink into a vast lake and suggested the company's aggregation of personal data lacked controls and did not lend itself to being able to silo different types of data or apply data retention limits. Although Meta claimed at the time that the document "does not describe our extensive processes and controls to comply with privacy regulations." How exactly the adtech giant will need to amend its data retention practices following the CJEU ruling remains to be seen. But the law is clear that it must have limits. "[Advertising] companies must develop data management protocols to gradually delete unneeded data or stop using them," noyb suggests. The court also weighed in a second question that concerns sensitive data that has been "manifestly made public" by the data subject, "and whether sensitive characteristics could be used for ad targeting because of that," reports TechCrunch. "The court ruled that it could not, maintaining the GDPR's purpose limitation principle."
Waymo has entered a "multi-year, strategic partnership" with Hyundai to integrate the company's autonomous driving system into the American-made Hyundai Ioniq 5. It's expected to join the Waymo One fleet after road tests starting in late 2025. Carscoops reports: Waymo and Geely joined forces in 2021 to introduce a mobility-focused Zeekr EV. The model was slated to be added to Waymo's fleet of autonomous vehicles and effectively replace their aging Jaguar I-Paces. While that was a solid plan a few years ago, the political climate has changed and China has emerged as America's boogeyman. Just last week, the Biden Administration proposed a new rule that could effectively ban all Chinese cars including models from Buick and Lincoln. [...]
Besides giving Waymo a 'safe' alternative to Zeekr, it sounds like the Ioniq 5 will eventually make up a bulk of the fleet. While that remains unconfirmed, the companies aim to produce the autonomous EVs in a "significant volume over multiple years." The firms also revealed the cars will be delivered with "autonomous-ready modifications like redundant hardware and power doors."
한국LUG 사이트는 1024 x 768 해상도(운영자 노트북:14")에 최적화 되어 있습니다. : LINUX FANSITE
WWW.LUG.OR.KR Server is made by CentOS Linux, P4 1.8G, Memory 512MB, Main HDD 160GB, Backup HDD 40GB and LAMP, qmail MTA.
CentOS Linux & Mozilla Firefox UTF-8 Base Created.
1998-2024 www.lug.or.kr Directed By Great Dragon, Kim.
Top
LUG 포인트 정책 : [회원가입 : +100점] [로그인(하루한번) : +100점] [글쓰기 : +20점] [코멘트 : +10점] [다운로드 : -200점] [질문 포인트 : 최소 200점]
데스크탑 프로그래밍(gcc, g++, wxGTK[wxWidgets] 등)은 "Fedora"를 사용하고, 서버 운영(WEB, FTP 등)은 "CentOS"를 사용하시길 권장합니다.
도전하는자, 자신을 투자하는자만이 뜻하는바를 이룰 수 있다.
Information should be Exchanged with Interactive, not One Way Direction.
준회원,
정회원,
우수회원,
VIP회원,
기업회원,
관리자 Be Maker!
인생에서, 100% 순이익을 보장하는건 없다. 1%의 지식을 나눔으로써, 가끔씩 손해볼 필요도 있다.
그대가 가진 1%의 지식만이라도 공공을 위해 포스팅하라. 손해본다는 생각이 앞선다면 그대의 인생은 힘들어질것이다.
자신이 가진 지식의 1%도 투자하지 않고, 오로지 자신의 이익만 탐하는자와는 동지가 되지마라.
만나서 대화하면 모두 좋은 사람들이지만, 유독 인터넷에서만 자신을 밝히지 않고, 좀비로 서식하는 사람들이 많다.
부지불식간[不知不識間], 좀비(하류) 인생이 될지도 모르니, 항상 자신을 경계하도록 하라.
[도서 안내]
1. CentOS Linux
2. gcc로 공부하는 C++
베스트셀러 입성^^