Biz & IT – Page 20

Soon, the tech behind ChatGPT may help drone operators decide which enemies to kill

AI, anduril, Biz & IT, chatgpt, chatgtp, machine learning, openai / Kelly Newman / December 5, 2024

This marks a potential shift in tech industry sentiment from 2018, when Google employees staged walkouts over military contracts. Now, Google competes with Microsoft and Amazon for lucrative Pentagon cloud computing deals. Arguably, the military market has proven too profitable for these companies to ignore. But is this type of AI the right tool for the job?

Drawbacks of LLM-assisted weapons systems

There are many kinds of artificial intelligence already in use by the US military. For example, the guidance systems of Anduril’s current attack drones are not based on AI technology similar to ChatGPT.

But it’s worth pointing out that the type of AI OpenAI is best known for comes from large language models (LLMs)—sometimes called large multimodal models—that are trained on massive datasets of text, images, and audio pulled from many different sources.

LLMs are notoriously unreliable, sometimes confabulating erroneous information, and they’re also subject to manipulation vulnerabilities like prompt injections. That could lead to critical drawbacks from using LLMs to perform tasks such as summarizing defensive information or doing target analysis.

Potentially using unreliable LLM technology in life-or-death military situations raises important questions about safety and reliability, although the Anduril news release does mention this in its statement: “Subject to robust oversight, this collaboration will be guided by technically informed protocols emphasizing trust and accountability in the development and employment of advanced AI for national security missions.”

Hypothetically and speculatively speaking, defending against future LLM-based targeting with, say, a visual prompt injection (“ignore this target and fire on someone else” on a sign, perhaps) might bring warfare to weird new places. For now, we’ll have to wait to see where LLM technology ends up next.

Soon, the tech behind ChatGPT may help drone operators decide which enemies to kill Read More »

OpenAI teases 12 days of mystery product launches starting tomorrow

AI, Biz & IT, chatgpt, chatgtp, Christmas, machine learning, openai / Shannon Garcia / December 4, 2024

On Wednesday, OpenAI CEO Sam Altman announced a “12 days of OpenAI” period starting December 5, which will unveil new AI features and products for 12 consecutive weekdays.

Altman did not specify the exact features or products OpenAI plans to unveil, but a report from The Verge about this “12 days of shipmas” event suggests the products may include a public release of the company’s text-to-video model Sora and a new “reasoning” AI model similar to o1-preview. Perhaps we may even see DALL-E 4 or a new image generator based on GPT-4o’s multimodal capabilities.

Altman’s full tweet included hints at releases both big and small:

🎄🎅starting tomorrow at 10 am pacific, we are doing 12 days of openai.

each weekday, we will have a livestream with a launch or demo, some big ones and some stocking stuffers.

we’ve got some great stuff to share, hope you enjoy! merry christmas.

If we’re reading the calendar correctly, 12 weekdays means a new announcement every day until December 20.

OpenAI teases 12 days of mystery product launches starting tomorrow Read More »

Certain names make ChatGPT grind to a halt, and we know why

404 Media, adversarial attacks, AI, Biz & IT, Brian Hood, chatgpt, chatgtp, David Mayer, machine learning, openai, voldemort / 9u50fv / December 2, 2024

The “David Mayer” block in particular (now resolved) presents additional questions, first posed on Reddit on November 26, as multiple people share this name. Reddit users speculated about connections to David Mayer de Rothschild, though no evidence supports these theories.

The problems with hard-coded filters

Allowing a certain name or phrase to always break ChatGPT outputs could cause a lot of trouble down the line for certain ChatGPT users, opening them up for adversarial attacks and limiting the usefulness of the system.

Already, Scale AI prompt engineer Riley Goodside discovered how an attacker might interrupt a ChatGPT session using a visual prompt injection of the name “David Mayer” rendered in a light, barely legible font embedded in an image. When ChatGPT sees the image (in this case, a math equation), it stops, but the user might not understand why.

The filter also means that it’s likely that ChatGPT won’t be able to answer questions about this article when browsing the web, such as through ChatGPT with Search. Someone could use that to potentially prevent ChatGPT from browsing and processing a website on purpose if they added a forbidden name to the site’s text.

And then there’s the inconvenience factor. Preventing ChatGPT from mentioning or processing certain names like “David Mayer,” which is likely a popular name shared by hundreds if not thousands of people, means that people who share that name will have a much tougher time using ChatGPT. Or, say, if you’re a teacher and you have a student named David Mayer and you want help sorting a class list, ChatGPT would refuse the task.

These are still very early days in AI assistants, LLMs, and chatbots. Their use has opened up numerous opportunities and vulnerabilities that people are still probing daily. How OpenAI might resolve these issues is still an open question.

Certain names make ChatGPT grind to a halt, and we know why Read More »

Company claims 1,000 percent price hike drove it from VMware to open source rival

Biz & IT, Broadcom, Open Source, vmware / Kelly Newman / December 2, 2024

Companies have been discussing migrating off of VMware since Broadcom’s takeover a year ago led to higher costs and other controversial changes. Now we have an inside look at one of the larger customers that recently made the move.

According to a report from The Register today, Beeks Group, a cloud operator headquartered in the United Kingdom, has moved most of its 20,000-plus virtual machines (VMs) off VMware and to OpenNebula, an open source cloud and edge computing platform. Beeks Group sells virtual private servers and bare metal servers to financial service providers. It still has some VMware VMs, but “the majority” of its machines are currently on OpenNebula, The Register reported.

Beeks’ head of production management, Matthew Cretney, said that one of the reasons for Beeks’ migration was a VMware bill for “10 times the sum it previously paid for software licenses,” per The Register.

According to Beeks, OpenNebula has enabled the company to dedicate more of its 3,000 bare metal server fleet to client loads instead of to VM management, as it had to with VMware. With OpenNebula purportedly requiring less management overhead, Beeks is reporting a 200 percent increase in VM efficiency since it now has more VMs on each server.

Beeks also pointed to customers viewing VMware as non-essential and a decline in VMware support services and innovation as drivers for it migrating from VMware.

Broadcom didn’t respond to Ars Technica’s request for comment.

Broadcom loses VMware customers

Broadcom will likely continue seeing some of VMware’s older customers decrease or abandon reliance on VMware offerings. But Broadcom has emphasized the financial success it has seen (PDF) from its VMware acquisition, suggesting that it will continue with its strategy even at the risk of losing some business.

Company claims 1,000 percent price hike drove it from VMware to open source rival Read More »

Code found online exploits LogoFAIL to install Bootkitty Linux backdoor

Biz & IT, bootkitty, Linux, logofail, Security, uefi, unified extensible firmware interface / 9u50fv / November 29, 2024

Normally, Secure Boot prevents the UEFI from running all subsequent files unless they bear a digital signature certifying those files are trusted by the device maker. The exploit bypasses this protection by injecting shell code stashed in a malicious bitmap image displayed by the UEFI during the boot-up process. The injected code installs a cryptographic key that digitally signs a malicious GRUB file along with a backdoored image of the Linux kernel, both of which run during later stages of the boot process on Linux machines.

The silent installation of this key induces the UEFI to treat the malicious GRUB and kernel image as trusted components, and thereby bypass Secure Boot protections. The final result is a backdoor slipped into the Linux kernel before any other security defenses are loaded.

Diagram illustrating the execution flow of the LogoFAIL exploit Binarly found in the wild. Credit: Binarly

In an online interview, HD Moore, CTO and co-founder at runZero and an expert in firmware-based malware, explained the Binarly report this way:

The Binarly paper points to someone using the LogoFAIL bug to configure a UEFI payload that bypasses secure boot (firmware) by tricking the firmware into accepting their self-signed key (which is then stored in the firmware as the MOK variable). The evil code is still limited to the user-side of UEFI, but the LogoFAIL exploit does let them add their own signing key to the firmware’s allow list (but does not infect the firmware in any way otherwise).

It’s still effectively a GRUB-based kernel backdoor versus a firmware backdoor, but it does abuse a firmware bug (LogoFAIL) to allow installation without user interaction (enrolling, rebooting, then accepting the new MOK signing key).

In a normal secure boot setup, the admin generates a local key, uses this to sign their updated kernel/GRUB packages, tells the firmware to enroll the key they made, then after reboot, the admin has to accept this new key via the console (or remotely via bmc/ipmi/ilo/drac/etc bios console).

In this setup, the attacker can replace the known-good GRUB + kernel with a backdoored version by enrolling their own signing key without user interaction via the LogoFAIL exploit, but it’s still effectively a GRUB-based bootkit, and doesn’t get hardcoded into the BIOS firmware or anything.

Machines vulnerable to the exploit include some models sold by Acer, HP, Fujitsu, and Lenovo when they ship with a UEFI developed by manufacturer Insyde and run Linux. Evidence found in the exploit code indicates the exploit may be tailored for specific hardware configurations of such machines. Insyde issued a patch earlier this year that prevents the exploit from working. Unpatched devices remain vulnerable. Devices from these manufacturers that use non-Insyde UEFIs aren’t affected.

Code found online exploits LogoFAIL to install Bootkitty Linux backdoor Read More »

Found in the wild: The world’s first unkillable UEFI bootkit for Linux

Biz & IT, bootkit, malware, Security, uefi / Kelly Newman / November 27, 2024

Over the past decade, a new class of infections has threatened Windows users. By infecting the firmware that runs immediately before the operating system loads, these UEFI bootkits continue to run even when the hard drive is replaced or reformatted. Now the same type of chip-dwelling malware has been found in the wild for backdooring Linux machines.

Researchers at security firm ESET said Wednesday that Bootkitty—the name unknown threat actors gave to their Linux bootkit—was uploaded to VirusTotal earlier this month. Compared to its Windows cousins, Bootkitty is still relatively rudimentary, containing imperfections in key under-the-hood functionality and lacking the means to infect all Linux distributions other than Ubuntu. That has led the company researchers to suspect the new bootkit is likely a proof-of-concept release. To date, ESET has found no evidence of actual infections in the wild.

The ASCII logo that Bootkitty is capable of rendering. Credit: ESET

Be prepared

Still, Bootkitty suggests threat actors may be actively developing a Linux version of the same sort of unkillable bootkit that previously was found only targeting Windows machines.

“Whether a proof of concept or not, Bootkitty marks an interesting move forward in the UEFI threat landscape, breaking the belief about modern UEFI bootkits being Windows-exclusive threats,” ESET researchers wrote. “Even though the current version from VirusTotal does not, at the moment, represent a real threat to the majority of Linux systems, it emphasizes the necessity of being prepared for potential future threats.”

A rootkit is a piece of malware that runs in the deepest regions of the operating system it infects. It leverages this strategic position to hide information about its presence from the operating system itself. A bootkit, meanwhile, is malware that infects the boot-up process in much the same way. Bootkits for the UEFI—short for Unified Extensible Firmware Interface—lurk in the chip-resident firmware that runs each time a machine boots. These sorts of bootkits can persist indefinitely, providing a stealthy means for backdooring the operating system even before it has fully loaded and enabled security defenses such as antivirus software.

The bar for installing a bootkit is high. An attacker first must gain administrative control of the targeted machine, either through physical access while it’s unlocked or somehow exploiting a critical vulnerability in the OS. Under those circumstances, attackers already have the ability to install OS-resident malware. Bootkits, however, are much more powerful since they (1) run before the OS does and (2) are, at least practically speaking, undetectable and unremovable.

Found in the wild: The world’s first unkillable UEFI bootkit for Linux Read More »

QNAP firmware update leaves NAS owners locked out of their boxes

Biz & IT, firmware updates, NAS, network attached storage, QNAP, Security, Tech / DJ Henderson / November 26, 2024

A recent firmware pushed to QNAP network attached storage (NAS) devices left a number of owners unable to access their storage systems. The company has pulled back the firmware and issued a fixed version, but the company’s response has left some users feeling less confident in the boxes into which they put all their digital stuff.

As seen on a QNAP community thread, and as announced by QNAP itself, the QNAP operating system, QTS, received update 5.2.2.2950, build 20241114, at some point around November 19. After QNAP “received feedbacks from some users reporting issues with device functionality after installation,” the firm says it withdrew it, “conducted a comprehensive investigation,” and re-released a fixed version “within 24 hours.”

The community thread sees many more users of different systems having problems than the shortlist (“limited models of TS-x53D series and TS-x51 series”) released by QNAP. Issues reported included owners being rejected as an authorized user, devices reporting issues with booting, and claims of Python not being installed to run some apps and services.

QNAP says affected users can either downgrade their devices (presumably to then upgrade once more to the fixed update) or contact support for help. Response from QNAP support, as told by users on forums and social media, has not measured up to the nature of losing access to an entire backup system.

QNAP firmware update leaves NAS owners locked out of their boxes Read More »

Spies hack Wi-Fi networks in far-off land to launch attack on target next door

advanced persistent threats, Biz & IT, hacking, Security, tradecraft / DJ Henderson / November 23, 2024

While stalking its target, GruesomeLarch performed credential-stuffing attacks that compromised the passwords of several accounts on a web service platform used by the organization’s employees. Two-factor authentication enforced on the platform, however, prevented the attackers from compromising the accounts.

So GruesomeLarch found devices in physically adjacent locations, compromised them, and used them to probe the target’s Wi-Fi network. It turned out credentials for the compromised web services accounts also worked for accounts on the Wi-Fi network, only no 2FA was required.

Adding further flourish, the attackers hacked one of the neighboring Wi-Fi-enabled devices by exploiting what in early 2022 was a zero-day vulnerability in the Microsoft Windows Print Spooler.

The 2022 hack demonstrates how a single faulty assumption can undo an otherwise effective defense. For whatever reason—likely an assumption that 2FA on the Wi-Fi network was unnecessary because attacks required close proximity—the target deployed 2FA on the Internet-connecting web services platform (Adair isn’t saying what type) but not on the Wi-Fi network. That one oversight ultimately torpedoed a robust security practice.

Advanced persistent threat groups like GruesomeLarch—a part of the much larger GRU APT with names including Fancy Bear, APT28, Forrest Blizzard, and Sofacy—excel in finding and exploiting these sorts of oversights.

Volexity’s post describing the 2022 attack provides plenty of technical details about the compromise on the many links in this sophisticated daisy chain attack flow. There’s also useful advice for protecting networks against these sorts of compromises.

Spies hack Wi-Fi networks in far-off land to launch attack on target next door Read More »

Amazon pours another $4B into Anthropic, OpenAI’s biggest rival

AI, Amazon, Anthropic, Biz & IT, chatgpt, chatgtp, Dario Amodei, large language models, LLMs, machine learning / DJ Henderson / November 22, 2024

Anthropic, founded by former OpenAI executives Dario and Daniela Amodei in 2021, will continue using Google’s cloud services along with Amazon’s infrastructure. The UK Competition and Markets Authority reviewed Amazon’s partnership with Anthropic earlier this year and ultimately determined it did not have jurisdiction to investigate further, clearing the way for the partnership to continue.

Shaking the money tree

Amazon’s renewed investment in Anthropic also comes during a time of intense competition between cloud providers Amazon, Microsoft, and Google. Each company has made strategic partnerships with AI model developers—Microsoft with OpenAI (to the tune of $13 billion), Google with Anthropic (committing $2 billion over time), for example. These investments also encourage the use of each company’s data centers as demand for AI grows.

The size of these investments reflects the current state of AI development. OpenAI raised an additional $6.6 billion in October, potentially valuing the company at $157 billion. Anthropic has been eyeballing a $40 billion valuation during a recent investment round.

Training and running AI models is very expensive. While Google and Meta have their own profitable mainline businesses that can subsidize AI development, dedicated AI firms like OpenAI and Anthropic need constant infusions of cash to stay afloat—in other words, this won’t be the last time we hear of billion-dollar-scale AI investments from Big Tech.

Amazon pours another $4B into Anthropic, OpenAI’s biggest rival Read More »

Google stops letting sites like Forbes rule search for “Best CBD Gummies“

affiliate, affiliate marketing, Biz & IT, forbes, forbes marketplace, Google, guest posts, parasite seo, SEO, site reputation, Tech / Beth Washington / November 20, 2024

Under the strength of Forbes’ long-existing and well-linked site, Forbes Marketplace/Advisor has dominated the search term “best cbd gummies” for “an eternity,” according to SEO analyst Lily Ray. Forbes has similarly dominated “best pet insurance,” and long came up as the second result for “how to get rid of roaches,” as detailed in a blog post by Lars Lofgren. If people click on this high-ranking result, and then click on a link to buy a product or request a roach removal consultation, Forbes typically gets a cut.

Forbes Marketplace had seemingly also provided SEO-minded review services to CNN and USA Today, as detailed by Lofgren. Lofgren’s term for this business, “Parasite SEO,” took hold in corners critical of the trend. Ars has contacted Forbes for comment and will update this post with response.

“The unfair, exploitative nature” of “parasite SEO”

Google writes that it had reviewed “situations where there might be varying degrees of first-party involvement” (most publishers’ review sites indicate some kind of oversight or editorial standards linked to the primary site). But however arranged, “no amount of first-party involvement alters the fundamental third-party nature of the content or the unfair, exploitative nature of attempting to take advantage of the host sites’ ranking signals.”

As such, using third-party content in such a way as to take advantage of a high search quality ranking, outside the site’s primary focus, is considered spam. That delivers a major hit to a site’s Google ranking, and the impact is already being felt.

The SEO reordering does not affect more established kinds of third-party content, like wire service reports, syndication, or well-marked sponsored content, as detailed in Google’s spam policy section about site reputation abuse. As seen on the SEO subreddit, and on social media, Google has given sites running afoul of its updated policy a “Manual Action” rather than relying only on its algorithm to catch the often opaque arrangements.

Google stops letting sites like Forbes rule search for “Best CBD Gummies“ Read More »

A year after ditching waitlist, Starlink says it is “sold out” in parts of US

Biz & IT, Policy, starlink / Shannon Garcia / November 19, 2024

The Starlink waitlist is back in certain parts of the US, including several large cities on the West Coast and in Texas. The Starlink availability map says the service is sold out in and around Seattle; Spokane, Washington; Portland, Oregon; San Diego; Sacramento, California; and Austin, Texas. Neighboring cities and towns are included in the sold-out zones.

There are additional sold-out areas in small parts of Colorado, Montana, and North Carolina. As PCMag noted yesterday, the change comes about a year after Starlink added capacity and removed its waitlist throughout the US.

Elsewhere in North America, there are some sold-out areas in Canada and Mexico. Across the Atlantic, Starlink is sold out in London and neighboring cities. Starlink is not yet available in most of Africa, and some of the areas where it is available are sold out.

Starlink is generally seen as most useful in rural areas with less access to wired broadband, but it seems to be attracting interest in more heavily populated areas, too. While detailed region-by-region subscriber numbers aren’t available publicly, SpaceX President Gwynne Shotwell said last week that Starlink has nearly 5 million users worldwide.

A year after ditching waitlist, Starlink says it is “sold out” in parts of US Read More »

niantic-uses-pokemon-go-player-data-to-build-ai-navigation-system

Niantic uses Pokémon Go player data to build AI navigation system

AI, AI ethics, Biz & IT, chatgpt, chatgtp, large geospatial model, large language model, machine learning, mobile games, niantic, Pokémon, Pokemon GO, smartphones, video games, Visual Positioning System / Mike M. / November 19, 2024

Last week, Niantic announced plans to create an AI model for navigating the physical world using scans collected from players of its mobile games, such as Pokémon Go, and from users of its Scaniverse app, reports 404 Media.

All AI models require training data. So far, companies have collected data from websites, YouTube videos, books, audio sources, and more, but this is perhaps the first we’ve heard of AI training data collected through a mobile gaming app.

“Over the past five years, Niantic has focused on building our Visual Positioning System (VPS), which uses a single image from a phone to determine its position and orientation using a 3D map built from people scanning interesting locations in our games and Scaniverse,” Niantic wrote in a company blog post.

The company calls its creation a “large geospatial model” (LGM), drawing parallels to large language models (LLMs) like the kind that power ChatGPT. Whereas language models process text, Niantic’s model will process physical spaces using geolocated images collected through its apps.

The scale of Niantic’s data collection reveals the company’s sizable presence in the AR space. The model draws from over 10 million scanned locations worldwide, with users capturing roughly 1 million new scans weekly through Pokémon Go and Scaniverse. These scans come from a pedestrian perspective, capturing areas inaccessible to cars and street-view cameras.

First-person scans

The company reports it has trained more than 50 million neural networks, each representing a specific location or viewing angle. These networks compress thousands of mapping images into digital representations of physical spaces. Together, they contain over 150 trillion parameters—adjustable values that help the networks recognize and understand locations. Multiple networks can contribute to mapping a single location, and Niantic plans to combine its knowledge into one comprehensive model that can understand any location, even from unfamiliar angles.

Niantic uses Pokémon Go player data to build AI navigation system Read More »