microsoft – Page 15

Microsoft in deal with Semafor to create news stories with aid of AI chatbot

AI, Biz & IT, chatbot, microsoft, Semafor, syndication / Shannon Garcia / February 5, 2024

a meeting-deadline helper —

Collaboration comes as tech giant faces multibillion-dollar lawsuit from The New York Times.

Anna Nicolaou, Financial Times – Feb 5, 2024 7: 01 pm UTC

Enlarge / Cube with Microsoft logo on top of their office building on 8th Avenue and 42nd Street near Times Square in New York City.

Microsoft is working with media startup Semafor to use its artificial intelligence chatbot to help develop news stories—part of a journalistic outreach that comes as the tech giant faces a multibillion-dollar lawsuit from the New York Times.

As part of the agreement, Microsoft is paying an undisclosed sum of money to Semafor to sponsor a breaking news feed called “Signals.” The companies would not share financial details, but the amount of money is “substantial” to Semafor’s business, said a person familiar with the matter.

Signals will offer a feed of breaking news and analysis on big stories, with about a dozen posts a day. The goal is to offer different points of view from across the globe—a key focus for Semafor since its launch in 2022.

Semafor co-founder Ben Smith emphasized that Signals will be written entirely by journalists, with artificial intelligence providing a research tool to inform posts.

Microsoft on Monday was also set to announce collaborations with journalist organizations including the Craig Newmark School of Journalism, the Online News Association, and the GroundTruth Project.

The partnerships come as media companies have become increasingly concerned over generative AI and its potential threat to their businesses. News publishers are grappling with how to use AI to improve their work and stay ahead of technology, while also fearing that they could lose traffic, and therefore revenue, to AI chatbots—which can churn out humanlike text and information in seconds.

The New York Times in December filed a lawsuit against Microsoft and OpenAI, alleging the tech companies have taken a “free ride” on millions of its articles to build their artificial intelligence chatbots, and seeking billions of dollars in damages.

Gina Chua, Semafor’s executive editor, has been involved in developing Semafor’s AI research tools, which are powered by ChatGPT and Microsoft’s Bing.

“Journalism has always used technology whether it’s carrier pigeons, the telegraph or anything else . . . this represents a real opportunity, a set of tools that are really a quantum leap above many of the other tools that have come along,” Chua said.

For a breaking news event, Semafor journalists will use AI tools to quickly search for reporting and commentary from other news sources across the globe in multiple languages. A Signals post might include perspectives from Chinese, Indian, or Russian media, for example, with Semafor’s reporters summarizing and contextualizing the different points of view, while citing its sources.

Noreen Gillespie, a former Associated Press journalist, joined Microsoft three months ago to forge relationships with news companies. “Journalists need to adopt these tools in order to survive and thrive for another generation,” she said.

Semafor was founded by Ben Smith, the former BuzzFeed editor, and Justin Smith, the former chief executive of Bloomberg Media.

Semafor, which is free to read, is funded by wealthy individuals, including 3G capital founder Jorge Paulo Lemann and KKR co-founder Henry Kravis. The company made more than $10 million in revenue in 2023 and has more than 500,000 subscriptions to its free newsletters. Justin Smith said Semafor was “very close to a profit” in the fourth quarter of 2023.

“What we’re trying to go after is this really weird space of breaking news on the Internet now, in which you have these really splintered, fragmented, rushed efforts to get the first sentence of a story out for search engines . . . and then never really make any effort to provide context,” Ben Smith said.

“We’re trying to go the other way. Here are the confirmed facts. Here are three or four pieces of really sophisticated, meaningful analysis.”

Microsoft in deal with Semafor to create news stories with aid of AI chatbot Read More »

The life and times of Cozy Bear, the Russian hackers who just hit Microsoft and HPE

Biz & IT, breaches, cozy bear, hacking, hewlett packarge enterprise, microsoft, Security / Kelly Newman / January 27, 2024

FROM RUSSIA WITH ROOT —

Hacks by Kremlin-backed group continue to hit hard.

Dan Goodin – Jan 26, 2024 1: 15 pm UTC

Hewlett Packard Enterprise (HPE) said Wednesday that Kremlin-backed actors hacked into the email accounts of its security personnel and other employees last May—and maintained surreptitious access until December. The disclosure was the second revelation of a major corporate network breach by the hacking group in five days.

The hacking group that hit HPE is the same one that Microsoft said Friday broke into its corporate network in November and monitored email accounts of senior executives and security team members until being driven out earlier this month. Microsoft tracks the group as Midnight Blizzard. (Under the company’s recently retired threat actor naming convention, which was based on chemical elements, the group was known as Nobelium.) But it is perhaps better known by the name Cozy Bear—though researchers have also dubbed it APT29, the Dukes, Cloaked Ursa, and Dark Halo.

“On December 12, 2023, Hewlett Packard Enterprise was notified that a suspected nation-state actor, believed to be the threat actor Midnight Blizzard, the state-sponsored actor also known as Cozy Bear, had gained unauthorized access to HPE’s cloud-based email environment,” company lawyers wrote in a filing with the Securities and Exchange Commission. “The Company, with assistance from external cybersecurity experts, immediately activated our response process to investigate, contain, and remediate the incident, eradicating the activity. Based on our investigation, we now believe that the threat actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions.”

An HPE representative said in an email that Cozy Bear’s initial entry into the network was through “a compromised, internal HPE Office 365 email account [that] was leveraged to gain access.” The representative declined to elaborate. The representative also declined to say how HPE discovered the breach.

Cozy Bear hacking its way into the email systems of two of the world’s most powerful companies and monitoring top employees’ accounts for months aren’t the only similarities between the two events. Both breaches also involved compromising a single device on each corporate network, then escalating that toehold to the network itself. From there, Cozy Bear camped out undetected for months. The HPE intrusion was all the more impressive because Wednesday’s disclosure said that the hackers also gained access to Sharepoint servers in May. Even after HPE detected and contained that breach a month later, it would take HPE another six months to discover the compromised email accounts.

The pair of disclosures, coming within five days of each other, may create the impression that there has been a recent flurry of hacking activity. But Cozy Bear has actually been one of the most active nation-state groups since at least 2010. In the intervening 14 years, it has waged an almost constant series of attacks, mostly on the networks of governmental organizations and the technology companies that supply them. Multiple intelligence services and private research companies have attributed the hacking group as an arm of Russia’s Foreign Intelligence Service, also known as the SVR.

The life and times of Cozy Bear (so far)

In its earliest years, Cozy Bear operated in relative obscurity—precisely the domain it prefers—as it hacked mostly Western governmental agencies and related organizations such as political think tanks and governmental subcontractors. In 2013, researchers from security firm Kaspersky unearthed MiniDuke, a sophisticated piece of malware that had taken hold of 60 government agencies, think tanks, and other high-profile organizations in 23 countries, including the US, Hungary, Ukraine, Belgium, and Portugal.

MiniDuke was notable for its odd combination of advanced programming and the gratuitous references to literature found embedded into its code. (It contained strings that alluded to Dante Alighieri’s Divine Comedy and to 666, the Mark of the Beast discussed in a verse from the Book of Revelation.) Written in assembly, employing multiple levels of encryption, and relying on hijacked Twitter accounts and automated Google searches to maintain stealthy communications with command-and-control servers, MiniDuke was among the most advanced pieces of malware found at the time.

It wasn’t immediately clear who was behind the mysterious malware—another testament to the stealth of its creators. In 2015, however, researchers linked MiniDuke—and seven other pieces of previously unidentified malware—to Cozy Bear. After a half-decade of lurking, the shadowy group was suddenly brought into the light of day.

Cozy Bear once again came to prominence the following year when researchers discovered the group (along with Fancy Bear, a separate Russian-state hacking group) inside the servers of the Democratic National Committee, looking for intelligence such as opposition research into Donald Trump, the Republican nominee for president at the time. The hacking group resurfaced in the days following Trump’s election victory that year with a major spear-phishing blitz that targeted dozens of organizations in government, military, defense contracting, media, and other industries.

One of Cozy Bear’s crowning achievements came in late 2020 with the discovery of an extensive supply chain attack that targeted customers of SolarWinds, the Austin, Texas, maker of network management tools. After compromising SolarWinds’ software build system, the hacking group pushed infected updates to roughly 18,000 customers. The hackers then used the updates to compromise nine federal agencies and about 100 private companies, White House officials have said.

Cozy Bear has remained active, with multiple campaigns coming to light in 2021, including one that used zero-day vulnerabilities to infect fully updated iPhones. Last year, the group devoted much of its time to hacks of Ukraine.

The life and times of Cozy Bear, the Russian hackers who just hit Microsoft and HPE Read More »

In major gaffe, hacked Microsoft test account was assigned admin privileges

Biz & IT, microsoft, network breaches, Security, system privileges / DJ Henderson / January 26, 2024

The hackers who recently broke into Microsoft’s network and monitored top executives’ email for two months did so by gaining access to an aging test account with administrative privileges, a major gaffe on the company’s part, a researcher said.

The new detail was provided in vaguely worded language included in a post Microsoft published on Thursday. It expanded on a disclosure Microsoft published late last Friday. Russia-state hackers, Microsoft said, used a technique known as password spraying to exploit a weak credential for logging into a “legacy non-production test tenant account” that wasn’t protected by multifactor authentication. From there, they somehow acquired the ability to access email accounts that belonged to senior executives and employees working in security and legal teams.

A “pretty big config error”

In Thursday’s post updating customers on findings from its ongoing investigation, Microsoft provided more details on how the hackers achieved this monumental escalation of access. The hackers, part of a group Microsoft tracks as Midnight Blizzard, gained persistent access to the privileged email accounts by abusing the OAuth authorization protcol, which is used industry-wide to allow an array of apps to access resources on a network. After compromising the test tenant, Midnight Blizzard used it to create a malicious app and assign it rights to access every email address on Microsoft’s Office 365 email service.

In Thursday’s update, Microsoft officials said as much, although in language that largely obscured the extent of the major blunder. They wrote:

Threat actors like Midnight Blizzard compromise user accounts to create, modify, and grant high permissions to OAuth applications that they can misuse to hide malicious activity. The misuse of OAuth also enables threat actors to maintain access to applications, even if they lose access to the initially compromised account. Midnight Blizzard leveraged their initial access to identify and compromise a legacy test OAuth application that had elevated access to the Microsoft corporate environment. The actor created additional malicious OAuth applications. They created a new user account to grant consent in the Microsoft corporate environment to the actor controlled malicious OAuth applications. The threat actor then used the legacy test OAuth application to grant them the Office 365 Exchange Online full_access_as_app role, which allows access to mailboxes. [Emphasis added.]

Kevin Beaumont—a researcher and security professional with decades of experience, including a stint working for Microsoft—pointed out on Mastodon that the only way for an account to assign the all-powerful full_access_as_app role to an OAuth app is for the account to have administrator privileges. “Somebody,” he said, “made a pretty big config error in production.”

In major gaffe, hacked Microsoft test account was assigned admin privileges Read More »

Microsoft cancels Blizzard survival game, lays off 1,900

Activision Blizzard, Biz & IT, gaming, layoffs, mergers, microsoft / DJ Henderson / January 25, 2024

Survival game won’t survive —

Job cuts hit Xbox, ZeniMax businesses, too, reports say.

Scharon Harding – Jan 25, 2024 8: 08 pm UTC

Activision Blizzard survival game — Enlarge / Blizzard shared this image teasing a now-cancelled game in 2022.

Blizzard Entertainment/Twitter

The survival game that Blizzard announced it was working on in January 2022 has reportedly been canceled. The cut comes as Microsoft is slashing jobs a little over four months after closing its $69 billion Activision Blizzard acquisition.

Blizzard’s game didn’t have a title yet, but Blizzard said it would be for PC and console and introduce new stories and characters. In January 2022, Blizzard put out a call for workers to help build the game.

The game’s axing was revealed today in an internal memo from Microsoft Gaming CEO Phil Spencer seen by publications including The Verge and CNBC that said:

Blizzard is ending development on its survival game project and will be shifting some of the people working on it to one of several promising new projects Blizzard has in the early stages of development.

Spencer said Microsoft was laying off 1,900 people starting today, with workers continuing to receive notifications in the coming days. The layoffs affect 8.64 percent of Microsoft’s 22,000-employee gaming division.

Another internal memo, written by Matt Booty, Microsoft’s game content and studios president, and seen by The Verge, said the layoffs are hitting “multiple” Blizzard teams, “including development teams, shared service organizations and corporate functions.” In January 2022, after plans for the merger were first announced, Bobby Kotick, then-CEO of Activision Blizzard, reportedly told employees at a meeting that Microsoft was “committed to trying to retain as many of our people as possible.”

Spencer said workers in Microsoft’s Xbox and ZeniMax Media businesses will also be impacted. Microsoft acquired ZeniMax, which owns Bethesda Softworks, for $7.5 billion in a deal that closed in March 2021.

After a bumpy ride with global regulators, Microsoft’s Activision Blizzard purchase closed in October. Booty’s memo said the job cuts announced today “reflect a focus on products and strategies that hold the most promise for Blizzard’s future growth, as well as identified areas of overlap across Blizzard and Microsoft Gaming.”

He claimed that layoffs would “enable Blizzard and Xbox to deliver ambitious games… on more platforms and in more places than ever before,” as well as “sustainable growth.”

Spencer’s memo said:

As we move forward in 2024, the leadership of Microsoft Gaming and Activision Blizzard is committed to aligning on a strategy and an execution plan with a sustainable cost structure that will support the whole of our growing business. Together, we’ve set priorities, identified areas of overlap, and ensured that we’re all aligned on the best opportunities for growth.

Laid-off employees will receive severance as per local employment laws, Spencer added.

Additional departures

Blizzard President Mike Ybarra announced via his X profile today that he is leaving the company. Booty’s memo said Ybarra “decided to leave” since the acquisition was completed. Ybarra was a top executive at Microsoft for over 20 years, including leadership positions at Xbox, before he started working at Blizzard in 2019.

Blizzard’s chief design officer, Allen Adham, is also leaving the company, per Booty’s memo.

The changes at the game studio follow Activision Blizzard CEO Bobby Kotick’s exit on January 1.

Microsoft also laid off 10,000 people, or about 4.5 percent of its reported 221,000-person workforce, last year as it worked to complete its Activision Blizzard buy. Microsoft blamed those job cuts on “macroeconomic conditions and changing customer priorities.”

Today’s job losses also join a string of recently announced tech layoffs, including at IBM, Google, SAP, and eBay and in the gaming community platforms Unity, Twitch, and Discord. However, layoffs following Microsoft’s Activision Blizzard deal were somewhat anticipated due to expected redundancies among the Washington tech giant’s biggest merger ever. This week, Microsoft hit a $3 trillion market cap, becoming the second company to do so (after Apple).

Microsoft cancels Blizzard survival game, lays off 1,900 Read More »

PlayStation has blocked hardware cheating device Cronus Zen, others may follow

anticheat, Call of Duty, Call of Duty: Modern Warfare, cheating, cronus, cronus zen, gaming, microsoft, PlayStation 5, Sony, xbox / DJ Henderson / January 25, 2024

What’s a little anti-recoil between friends? —

No more using a mouse and keyboard on PS5, or using aiming mods, for now.

Kevin Purdy – Jan 25, 2024 7: 25 pm UTC

Ad showing — Enlarge / Who doesn’t want less recoil? Unless, that is, you’re someone competing against the person getting this benefit with a $100 “emulation” device.

Cronus

The Cronus Zen describes itself as a hardware tool for “universal controller compatibility,” letting you plug in a third-party controller, an Xbox controller into a PlayStation, or even your keyboard and mouse into a console. But you can also use its scripting engine to “amplify your game” and set up “GamePacks” to do things like reduce recoil animations in games like Call of Duty. And that is where Cronus seems to have gotten into trouble.

As first noted by the Call of Duty news channel CharlieIntel, the latest update to the PlayStation 5’s system (24.01-08.60.00) software blocks the Cronus from connecting. The update is “NOT mandatory,” Cronus claims in a notice on its website, so Zen players can hold off and keep playing. Still, there is “currently no timetable on a fix … it could be 24 (hours), 24 days, 24 months, we won’t know until we’ve dug into it.” There is, for now, a “Remote Play Workaround” for those already too far updated.

Ars attempted to reach Cronus for comment and reached out to Sony as well and will update this post with any new information.

The Cronus Zen, which costs $100 or more and is available on Amazon and at GameStop, among other outlets, does claim to offer accessibility and third-party compatibility options for players. But what has caught gamers’ attention, and Sony’s, is the wealth of GamePacks available for various games. Some single-player games, like Hogwarts Legacy and Cyberpunk 2077, are represented, but it’s the offerings for Call of Duty, Battlefield, Destiny 2, and other online multiplayer games that likely drew Sony’s ire.

Just a peek at the Apex Legends GamePack page suggests Zen mods “inspired by” the game, with options for “Aim Assist,” “Anti-Recoil Strength,” and “Fire Mods,” the latter of which can make you “harder to hit” and ping teammates when you are firing. Call of Duty: WarZone 3 mods include “Silent Aim. Insanely strong and not visible Aim Assist MOD!” The Zen was also capable of powering other cheat tools with emulated input, like AI-assisted aim assist.

Console manufacturers, already having more locked-down software than PCs, have taken up the cause of eliminating cheating at the hardware level. Microsoft issued a system-level ban on “unauthorized” accessories connecting to Xboxes in October. That had the unintended effect of cooling enthusiasm among fighting game enthusiasts and accessibility advocates. It did not, however, seem to block the Cronus, so long as you attached a compliant controller to it.

Individual game-makers have also attempted to block devices like the Cronus. Activision’s anti-cheat Ricochet tool called out “third-party hardware devices” that “act as a passthrough for controllers” in a blog post about its April 2023 updates. The same went for Ubisoft and Bungie, none of which called out the Cronus Zen in particular, but were signaling efforts to block it and similar devices, like the XIM and ReaSnow S1. Fortnite was ahead of the game, calling out the Cronus Zen and Cronus Max in late 2022.

None of these companies have offered a patch to the behavior of people who want to spend more than $100 and risk lifetime bans to earn undeserved points worth no tradable value.

Listing image by Cronus

PlayStation has blocked hardware cheating device Cronus Zen, others may follow Read More »

Microsoft network breached through password-spraying by Russian-state hackers

Biz & IT, kremlin, microsoft, russian hacking, Security / DJ Henderson / January 20, 2024

Russia-state hackers exploited a weak password to compromise Microsoft’s corporate network and accessed emails and documents that belonged to senior executives and employees working in security and legal teams, Microsoft said late Friday.

The attack, which Microsoft attributed to a Kremlin-backed hacking group it tracks as Midnight Blizzard, is at least the second time in as many years that failures to follow basic security hygiene has resulted in a breach that has the potential to harm customers. One paragraph in Friday’s disclosure, filed with the Securities and Exchange Commission, was gobsmacking:

Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents. The investigation indicates they were initially targeting email accounts for information related to Midnight Blizzard itself. We are in the process of notifying employees whose email was accessed.

Microsoft didn’t detect the breach until January 12, exactly a week before Friday’s disclosure. Microsoft’s account raises the prospect that the Russian hackers had uninterrupted access to the accounts for as long as two months.

A translation of the 93 words quoted above: A device inside Microsoft’s network was protected by a weak password with no form of two-factor authentication employed. The Russian adversary group was able to guess it by peppering it with previously compromised or commonly used passwords until they finally landed on the right one. The threat actor then accessed the account, indicating that either 2FA wasn’t employed or the protection was somehow bypassed.

Furthermore, this “legacy non-production test tenant account” was somehow configured so that Midnight Blizzard could pivot and gain access to some of the company’s most senior and sensitive employee accounts.

As Steve Bellovin, a computer science professor and affiliate law prof at Columbia University with decades of experience in cybersecurity, wrote on Mastodon:

A lot of fascinating implications here. A successful password spray attack suggests no 2FA and either reused or weak passwords. Access to email accounts belonging to “senior leadership… cybersecurity, and legal” teams using just the permissions of a “test tenant account” suggests that someone gave that test account amazing privileges. Why? Why wasn’t it removed when the test was over? I also note that it took Microsoft about seven weeks to detect the attack.

While Microsoft said that it wasn’t aware of any evidence that Midnight Blizzard gained access to customer environments, production systems, source code, or AI systems, some researchers voiced doubts, particularly about whether the Microsoft 365 service might be or have been susceptible to similar attack techniques. One of the researchers was Kevin Beaumont, who has had a long cybersecurity career that has included a stint working for Microsoft. On LinkedIn, he wrote:

Microsoft staff use Microsoft 365 for email. SEC filings and blogs with no details on Friday night are great.. but they’re going to have to be followed with actual detail. The age of Microsoft doing tents, incident code words, CELA’ing things and pretending MSTIC sees everything (threat actors have Macs too) are over — they need to do radical technical and cultural transformation to retain trust.

CELA is short for Corporate, External, and Legal Affairs, a group inside Microsoft that helps draft disclosures. MSTIC stands for the Microsoft Threat Intelligence Center.

Microsoft network breached through password-spraying by Russian-state hackers Read More »

WordPad out; 80Gbps USB support and other Win 11 features in testing this month

AI, chatgpt, copilot, microsoft, Tech, Windows, Windows 11 / Kelly Newman / January 19, 2024

Can’t stop won’t stop —

Microsoft’s next batch of Windows 11 feature updates is taking shape.

Andrew Cunningham – Jan 19, 2024 11: 03 pm UTC

Windows 11’s big feature update in September included a long list of minor changes, plus the Copilot AI assistant; that update was followed by Windows 11 23H2 in late October, which reset the operating system’s timeline for technical support and security updates but didn’t add much else in and of itself. But Windows development never stops these days, and this month’s Insider Preview builds have already shown us a few things that could end up in the stable version of the operating system in the next couple of months.

One major addition, which rolled out to Dev Channel builds on January 11 and Beta Channel builds today, is support for 80Gbps USB 4 ports. These speeds are part of the USB4 Version 2.0 spec—named with the USB-IF’s typical flair for clarity and consistency—that was published in 2022. Full 80Gbps speeds are still rare and will be for the foreseeable future, but Microsoft says that they’ll be included the Razer Blade 18 and a handful of other PCs with Intel’s 14th-generation HX-series laptop processors. We’d expect the new speeds to proliferate slowly and mostly in high-end systems over the next few months and years.

Another addition to that January 11 Dev Channel build is a change in how the Copilot generative AI assistant works. Normally, Copilot is launched by the user manually, either by clicking the icon on the taskbar, hitting the Win+C key combo, or (in some new PCs) by using the dedicated Copilot button on the keyboard. In recent Dev Channel builds, the Copilot window will open automatically on certain PCs as soon as you log into Windows, becoming part of your default desktop unless you turn it off in Settings.

The Copilot panel will only open by default on screens that meet minimum size and resolution requirements, things that Windows already detects and takes into account when setting your PC’s default zoom and showing available Snap Layouts, among other things. Microsoft says it’s testing the feature on screens that are 27 inches or larger with 1,920 or more horizontal pixels (for most screens, this means a minimum resolution of 1080p). For PCs without Copilot, including those that haven’t been signed into a Microsoft account, the feature will continue to be absent.

Enlarge / The “richer weather experience on the Lock screen,” seen in the bottom-center of this screenshot.

Microsoft

Other additions to the Dev Channel builds this month include easy Snipping Tool editing for Android screenshots from phones that have been paired to your PC, custom user-created voice commands, the ability to share URLs directly to services like WhatsApp and Gmail from the Windows share window, a new Weather widget for the Windows lock screen, and app install notifications from the Microsoft store.

Microsoft hasn’t publicized any of the changes it has made to its Canary channel builds since January 4—this is typical since it changes the fastest, and the tested features are the most likely to be removed or significantly tweaked before being released to the public. Most of the significant additions from that announcement have since made it out to the other channels, but there are a couple of things worth noting. First, there’s a new Energy Saver taskbar icon for desktop PCs without batteries, making it easier to tell when the feature is on without creating confusion. And the venerable WordPad app, originally marked for deletion in September, has also been removed from these builds and can’t be reinstalled.

Microsoft doesn’t publish Windows feature updates on an exact cadence beyond its commitment to deliver one with a new version number once per year in the fall. Last year’s first major batch of Windows 11 additions rolled out at the end of February, so a late winter or early spring launch window for the next batch of features could make sense.

WordPad out; 80Gbps USB support and other Win 11 features in testing this month Read More »

Bing Search shows few, if any, signs of market share increase from AI features

AI, Bing, Bing Chat, chatgpt, copilot, Google, microsoft, Windows 11, windows copilot / DJ Henderson / January 18, 2024

high hopes —

Bing’s US and worldwide market share is about the same as it has been for years.

Andrew Cunningham – Jan 18, 2024 9: 52 pm UTC

Not quite one year ago, Microsoft announced a “multi-year, multi-billion dollar investment” in OpenAI, a company that had made waves in 2022 with its ChatGPT chatbot and DALL-E image creator. The next month, Microsoft announced that it was integrating a generative AI chatbot into its Bing search engine and Edge browser, and similar generative AI features were announced for Windows in the apps formerly known as Microsoft Office, Microsoft Teams, and other products.

Adding AI features to Bing was meant to give it an edge over Google, and reports indicated that Google was worried enough about it to accelerate its own internal generative AI efforts. Microsoft announced in March 2023 that Bing surpassed the 100 million monthly active users mark based on interest in Bing Chat and its ilk; by Microsoft’s estimates, each percentage of Google’s search market share that Bing could siphon away was worth as much as $2 billion to Microsoft.

A year later, it looks like Microsoft’s AI efforts may have helped Bing on the margins, but they haven’t meaningfully eroded Google’s search market share, according to Bloomberg. Per Bloomberg’s analysis of data from Sensor Tower, Bing usage had been down around 33 percent year over year just before the AI-powered features were added, but those numbers had rebounded by the middle of 2023.

Microsoft hasn’t given an official update on Bing’s monthly active users in quite a while—we’ve asked the company for an update, and will share it if we get one—though Microsoft Chief Marketing Officer Yusuf Medhi told Bloomberg that “millions and millions of people” were still using the new AI features.

StatCounter data mostly tells a similar story. According to its data, Google’s worldwide market share is currently in the low 90s, and it has been for virtually the entire 15-year period for which StatCounter offers data. Bing’s worldwide market share number over the same period has been remarkably stable; it was about 3.5 percent in the summer of 2009, when what had been known as Live Search was renamed Bing in the first place, and as of December 2023, it was still stuck at around 3.4 percent.

Recent US data is slightly more flattering for Microsoft, where Bing’s usage rose from 6.7 percent in December 2022 to 7.7 percent in December 2023. But that doesn’t necessarily suggest any kind of AI-fueled influx in new Bing search users—usage remained in the mid-to-high 6 percent range through most of 2023 before ticking up right at the end of the year—and Bing’s US usage has floated in that same 6–7 percent zone for most of the last decade.

It even seems like Microsoft is making moves to distance its AI efforts from Bing a bit. What began as “Bing Chat” or “the new Bing” is now known as Windows Copilot—both inside Windows 11 and elsewhere. Earlier this week, the Bing Image Creator became “Image Creator from Designer.” Both products still feature Bing branding prominently—the Copilot screen in Windows 11 still says “with Bing” at the top of it, and the Image Creator tool is still hosted on the Bing.com domain. But if these new AI features aren’t driving Bing’s market share up, then it makes sense for Microsoft to create room for them to stand on their own.

That’s not to say Google’s search dominance is assured. Leipzig University researchers published a study earlier this week (PDF) suggesting Google, Bing, and the Bing-powered DuckDuckGo had seen “an overall downward trend in text quality,” especially for heavily SEO-optimized categories like purchase recommendations and product reviews.

Bing Search shows few, if any, signs of market share increase from AI features Read More »

OpenAI opens the door for military uses but maintains AI weapons ban

AI, AI ethics, AI safety, AI weapons, Biz & IT, chatgpt, chatgtp, Cybersecurity, large language models, machine learning, microsoft, Military, openai, Pentagon, suicide prevention, US Defense Department / Mike M. / January 17, 2024

Skynet deferred —

Despite new Pentagon collab, OpenAI won’t allow customers to “develop or use weapons” with its tools.

Benj Edwards – Jan 17, 2024 9: 25 pm UTC

On Tuesday, ChatGPT developer OpenAI revealed that it is collaborating with the United States Defense Department on cybersecurity projects and exploring ways to prevent veteran suicide, reports Bloomberg. OpenAI revealed the collaboration during an interview with the news outlet at the World Economic Forum in Davos. The AI company recently modified its policies, allowing for certain military applications of its technology, while maintaining prohibitions against using it to develop weapons.

According to Anna Makanju, OpenAI’s vice president of global affairs, “many people thought that [a previous blanket prohibition on military applications] would prohibit many of these use cases, which people think are very much aligned with what we want to see in the world.” OpenAI removed terms from its service agreement that previously blocked AI use in “military and warfare” situations, but the company still upholds a ban on its technology being used to develop weapons or to cause harm or property damage.

Under the “Universal Policies” section of OpenAI’s Usage Policies document, section 2 says, “Don’t use our service to harm yourself or others.” The prohibition includes using its AI products to “develop or use weapons.” Changes to the terms that removed the “military and warfare” prohibitions appear to have been made by OpenAI on January 10.

The shift in policy appears to align OpenAI more closely with the needs of various governmental departments, including the possibility of preventing veteran suicides. “We’ve been doing work with the Department of Defense on cybersecurity tools for open-source software that secures critical infrastructure,” Makanju said in the interview. “We’ve been exploring whether it can assist with (prevention of) veteran suicide.”

The efforts mark a significant change from OpenAI’s original stance on military partnerships, Bloomberg says. Meanwhile, Microsoft Corp., a large investor in OpenAI, already has an established relationship with the US military through various software contracts.

OpenAI opens the door for military uses but maintains AI weapons ban Read More »

Regulators aren’t convinced that Microsoft and OpenAI operate independently

AI, anticompetitive behavior, Antitrust law, competition, competition and markets authority, European Commission, generative ai, microsoft, monopoly, openai, Policy, virtual worlds / DJ Henderson / January 9, 2024

Under Microsoft’s thumb? —

EU is fielding comments on potential market harms of Microsoft’s investments.

Ashley Belanger – Jan 9, 2024 7: 19 pm UTC

European Union regulators are concerned that Microsoft may be covertly controlling OpenAI as its biggest investor.

On Tuesday, the European Commission (EC) announced that it is currently “checking whether Microsoft’s investment in OpenAI might be reviewable under the EU Merger Regulation.”

The EC’s executive vice president in charge of competition policy, Margrethe Vestager, said in the announcement that rapidly advancing AI technologies are “disruptive” and have “great potential,” but to protect EU markets, a forward-looking analysis scrutinizing antitrust risks has become necessary.

Hoping to thwart predictable anticompetitive risks, the EC has called for public comments. Regulators are particularly keen to hear from policy experts, academics, and industry and consumer organizations who can identify “potential competition issues” stemming from tech companies partnering to develop generative AI and virtual world/metaverse systems.

The EC worries that partnerships like Microsoft and OpenAI could “result in entrenched market positions and potential harmful competition behavior that is difficult to address afterwards.” That’s why Vestager said that these partnerships needed to be “closely” monitored now—”to ensure they do not unduly distort market dynamics.”

Microsoft has denied having control over OpenAI.

A Microsoft spokesperson told Ars that, rather than stifling competition, since 2019, the tech giant has “forged a partnership with OpenAI that has fostered more AI innovation and competition, while preserving independence for both companies.”

But ever since Sam Altman was bizarrely ousted by OpenAI’s board, then quickly reappointed as OpenAI’s CEO—joining Microsoft for the brief time in between—regulators have begun questioning whether recent governance changes mean that Microsoft’s got more control over OpenAI than the companies have publicly stated.

OpenAI did not immediately respond to Ars’ request to comment. Last year, OpenAI confirmed that “it remained independent and operates competitively,” CNBC reported.

Beyond the EU, the UK’s Competition and Markets Authority (CMA) and reportedly the US Federal Trade Commission have also launched investigations into Microsoft’s OpenAI investments. On January 3, the CMA ended its comments period, but it’s currently unclear whether significant competition issues were raised that could trigger a full-fledged CMA probe.

A CMA spokesperson declined Ars’ request to comment on the substance of comments received or to verify how many comments were received.

Antitrust legal experts told Reuters that authorities should act quickly to prevent “critical emerging technology” like generative AI from being “monopolized,” noting that before launching a probe, the CMA will need to find evidence showing that Microsoft’s influence over OpenAI materially changed after Altman’s reappointment.

The EC is also investigating partnerships beyond Microsoft and OpenAI, questioning whether agreements “between large digital market players and generative AI developers and providers” may impact EU market dynamics.

Microsoft observing OpenAI board meetings

In total, Microsoft has pumped $13 billion into OpenAI, CNBC reported, which has a somewhat opaque corporate structure. OpenAI’s parent company, Reuters reported in December, is a nonprofit, which is “a type of entity rarely subject to antitrust scrutiny.” But in 2019, as Microsoft started investing billions into the AI company, OpenAI also “set up a for-profit subsidiary, in which Microsoft owns a 49 percent stake,” an insider source told Reuters. On Tuesday, a nonprofit consumer rights group, the Public Citizen, called for California Attorney General Robert Bonta to “investigate whether OpenAI should retain its non-profit status.”

A Microsoft spokesperson told Reuters that the source’s information was inaccurate, reiterating that the terms of Microsoft’s agreement with OpenAI are confidential. Microsoft has maintained that while it is entitled to OpenAI’s profits, it does not own “any portion” of OpenAI.

After OpenAI’s drama with Altman ended with an overhaul of OpenAI’s board, Microsoft appeared to increase its involvement with OpenAI by receiving a non-voting observer role on the board. That’s what likely triggered lawmaker’s initial concerns that Microsoft “may be exerting control over OpenAI,” CNBC reported.

The EC’s announcement comes days after Microsoft confirmed that Dee Templeton would serve as the observer on OpenAI’s board, initially reported by Bloomberg.

Templeton has spent 25 years working for Microsoft and is currently vice president for technology and research partnerships and operations. According to Bloomberg, she has already attended OpenAI board meetings.

Microsoft’s spokesperson told Ars that adding a board observer was the only recent change in the company’s involvement in OpenAI. An OpenAI spokesperson told CNBC that Microsoft’s board observer has no “governing authority or control over OpenAI’s operations.”

By appointing Templeton as a board observer, Microsoft may simply be seeking to avoid any further surprises that could affect its investment in OpenAI, but the CMA has suggested that Microsoft’s involvement in the board may have created “a relevant merger situation” that could shake up competition in the UK if not appropriately regulated.

Regulators aren’t convinced that Microsoft and OpenAI operate independently Read More »

AI firms’ pledges to defend customers from IP issues have real limits

AI, Amazon, copyright, Google, indemnity, microsoft, syndication / DJ Henderson / January 8, 2024

Read the fine print —

Indemnities offered by Amazon, Google, and Microsoft are narrow.

Camilla Hodgson, Financial Times – Jan 8, 2024 3: 05 pm UTC

Enlarge / The Big Tech groups are competing to offer new services such as virtual assistants and chatbots as part of a multibillion-dollar bet on generative AI

FT

The world’s biggest cloud computing companies that have pushed new artificial intelligence tools to their business customers are offering only limited protections against potential copyright lawsuits over the technology.

Amazon, Microsoft and Google are competing to offer new services such as virtual assistants and chatbots as part of a multibillion-dollar bet on generative AI—systems that can spew out humanlike text, images and code in seconds.

AI models are “trained” on data, such as photographs and text found on the internet. This has led to concern that rights holders, from media companies to image libraries, will make legal claims against third parties who use the AI tools trained on their copyrighted data.

The big three cloud computing providers have pledged to defend business customers from such intellectual property claims. But an analysis of the indemnity clauses published by the cloud computing companies show that the legal protections only extend to the use of models developed by or with oversight from Google, Amazon and Microsoft.

“The indemnities are quite a smart bit of business . . . and make people think ‘I can use this without worrying’,” said Matthew Sag, professor of law at Emory University.

But Brenda Leong, a partner at Luminos Law, said it was “important for companies to understand that [the indemnities] are very narrowly focused and defined.”

Google, Amazon and Microsoft declined to comment.

The indemnities provided to customers do not cover use of third-party models, such as those developed by AI start-up Anthropic, which counts Amazon and Google as investors, even if these tools are available for use on the cloud companies’ platforms.

In the case of Amazon, only content produced by its own models, such as Titan, as well as a range of the company’s AI applications, are covered.

Similarly, Microsoft only provides protection for the use of tools that run on its in-house models and those developed by OpenAI, the startup with which it has a multibillion-dollar alliance.

“People needed those assurances to buy, because they were hyper aware of [the legal] risk,” said one IP lawyer working on the issues.

The three cloud providers, meanwhile, have been adding safety filters to their tools that aim to screen out any potentially problematic content that is generated. The tech groups had become “more satisfied that instances of infringements would be very low,” but did not want to provide “unbounded” protection, the lawyer said.

While the indemnification policies announced by Microsoft, Amazon, and Alphabet are similar, their customers may want to negotiate more specific indemnities in contracts tailored to their needs, though that is not yet common practice, people close to the cloud companies said.

OpenAI and Meta are among the companies fighting the first generative AI test cases brought by prominent authors and the comedian Sarah Silverman. They have focused in large part on allegations that the companies developing models unlawfully used copyrighted content to train them.

Indemnities were being offered as an added layer of “security” to users who might be worried about the prospect of more lawsuits, especially since the test cases could “take significant time to resolve,” which created a period of “uncertainty,” said Angela Dunning, a partner at law firm Cleary Gottlieb.

However, Google’s indemnity does not extend to models that have been “fine-tuned” by customers using their internal company data—a practice that allows businesses to train general models to produce more relevant and specific results—while Microsoft’s does.

Amazon’s covers Titan models that have been customized in this way, but if the alleged infringement is due to the fine-tuning, the protection is voided.

Legal claims brought against the users—rather than the makers—of generative AI tools may be challenging to win, however.

When dismissing part of a claim brought by three artists a year ago against AI companies Stability AI, DeviantArt, and Midjourney, US Judge William Orrick said one “problem” was that it was “not plausible” that every image generated by the tools had relied on “copyrighted training images.”

For copyright infringement to apply, the AI-generated images must be shown to be “substantially similar” to the copyrighted images, Orrick said.

AI firms’ pledges to defend customers from IP issues have real limits Read More »

Discontinued and unreleased Microsoft peripherals revived by licensing deal

Keyboards, Mice, microsoft, Tech / DJ Henderson / January 6, 2024

Sorry, no Intellimouse —

Classics like the Ergonomic Keyboard should be available again this year.

Scharon Harding – Jan 5, 2024 9: 52 pm UTC

Enlarge / The Microsoft Ergonomic Keyboard is making a comeback.

Microsoft

In April, Microsoft announced that it would stop selling Microsoft-branded computer peripherals. Today, Onward Brands announced that it’s giving those discarded Microsoft-stamped gadgets a second life under new branding. Products like the Microsoft Ergonomic Keyboard will become Incase products with “Designed by Microsoft” branding.

Beyond the computer accessories saying “Designed by Microsoft,” they should be the same keyboards, mice, webcams, headsets, and speakers, Onward, Incase’s parent company, said, per The Verge. Onward said its Incase brand will bring back 23 Microsoft-designed products in 2024 and hopes for availability to start in Q2.

Enlarge / Some of the Microsoft-designed gear that Incase is relaunching.

Incase also plans to launch an ergonomic keyboard that Microsoft designed but never released. Onward CEO Charlie Tebele told The Verge that there’s “potential” for Incase to release even more designs Microsoft never let us see.

Licensing deal

The return of Microsoft peripheral designs resurrects (albeit in a new form) a line of computer gear started in 1983 when Microsoft released its first mouse, the Microsoft Mouse.

Neither Onward nor Microsoft shared the full terms of their licensing agreement, but Onward claims that Incase will leverage the same supply chain and manufacturing components that Microsoft did, The Verge noted.

“Microsoft will still retain ownership of its designs, so it could potentially bring back classic mice or keyboards itself in the future or continue to renew its license to Incase,” The Verge reported, pointing out that Onward isn’t licensing every single one of Microsoft’s computer peripherals. Some classics, like the Intellimouse or its modern iterations, for example, don’t make the Incase reboot list.

For its part, Microsoft is still “convicted on going under one single” Surface brand, Nancie Gaskill, general manager of Surface, told The Verge.

That said, in Microsoft’s old designs, Incase, whose website is currently filled with backpacks, bags, and laptop and AirPod cases, suddenly finds itself selling keyboards, mice, and other peripherals. Onward’s other brands, Griffin, Incipio, and Survivor, also don’t sell the types of products that Incase is licensing here. If all goes well, Incase could build its own computer accessories portfolio.

Microsoft’s initial departure from Microsoft-brand peripherals meant it would only focus on more expensive, higher-end designs worthy of Surface branding. But that left a gap for the numerous users who felt satisfied with Microsoft’s various designs that were simpler and more affordable. Incase’s venture could help serve those customers, while Microsoft’s legacy with such products can continue without major investment from the tech giant.

Here’s a full list of the Microsoft-designed peripherals that Incase plans to bring back in 2024:

Keyboards

Bluetooth Keyboard
Bluetooth Number Pad
Designer Compact Keyboard
Ergonomic Keyboard
Sculpt Comfort Desktop
Sculpt Ergonomic Desktop
Sculpt Ergonomic Keyboard
Wired Desktop 600
Wired Keyboard 600
Wireless Comfort Desktop 5050 AES
Wireless Desktop 850
Wireless Desktop 900

Mice

Bluetooth Ergonomic Mouse
Bluetooth Mouse
Mobile Mouse 1850
Modern Mobile Mouse
Sculpt Ergonomic Mouse

Audio

Audio Dock
Modern USB Headset
Modern USB-C Headset
Modern USB-C Speaker
Modern Webcam
Modern Wireless Headset

Discontinued and unreleased Microsoft peripherals revived by licensing deal Read More »