mjfisher.net

Latest News

Last updated 21 Nov, 04:32 AM

BBC News

Captain Tom's family repeatedly made money from charity, inquiry finds - The fundraiser's family damaged public trust by not donating any money from his books, a report finds.

Russia and US battle for advantage in Ukraine war ahead of Trump's return - Moscow appears to be maximising its gains while Joe Biden abandons long-held red lines at the end of his presidency.

'Seeing my son excluded from primary school was horrific' - Mum Jo says Jacob is very caring but sensory issues led to him being excluded for disruptive behaviour.

Al Fayed abuse could be on scale of Savile, survivors’ advocate tells BBC - Speaking about her new role, Dame Jasvinder Sanghera says Al Fayed's "tentacles went far and wide".

Man who called 911 for help with intruder shot dead by US police - Brandon Durham was tussling with a female intruder over a knife when an officer shot him multiple times.

The Register

Pakistan's tech lobby warns that slow internet is strangling IT industry - Low-priced freelancers and call centers are at risk Pakistan's IT Industry Association (P@SHA) – the nation's sole tech biz lobby group – has warned that government policy could lead to business closures and financial losses among its constituents, and damage the nation's IT exports.…

Five Scattered Spider suspects indicted for phishing spree and crypto heists - DoJ also shutters allleged crimeware and credit card mart PopeyeTools The US Department of Justice has issued an indictment that names five people accused of stealing millions in cryptocurrency – and we are told they are suspected members of cyber-gang Scattered Spider.…

Chinese cyberspies, Musk’s Beijing ties, labelled ‘real risk’ to US security by senator - Meet Liminal Panda, which prowls telecom networks in South Asia and Africa A senior US senator has warned that American tech companies’ activities in China represent a national security risk, in a hearing that saw infosec biz CrowdStrike testify it has identified another cyber-espionage crew it believes is backed by Beijing.…

Dell settles with Uncle Sam over Army bid-rigging claims - DoJ alleges merely overpriced offers from reseller followed inflated deals from IT giant The US Department of Justice has reached a $4.35 million settlement with Dell and its reseller Iron Bow over claims that the two businesses colluded to rig bids for business with the US Army.…

We'll answer any questions DoJ has, HPE CEO tells us as Feds probe $14B Juniper buy - Takeover still expected to close late 2024 or early next year HPE CEO Antonio Neri told The Register today his corporation is working with the US Department of Justice to “answer any questions” officials may have about the IT infrastructure giant's $14 billion acquisition of Juniper Networks.…

New Scientist - News

Robotic pigeon reveals how birds fly without a vertical tail fin - A flying robot uses its bird-like tail to maintain stability in flight – a technique that could enable more aerodynamic aircraft designs that use less fuel

AI simulations of 1000 people accurately replicate their behaviour - Using GPT-4o, the model behind ChatGPT, researchers have replicated the personality and behaviour of more than 1000 people, in an effort to create an alternative to focus groups and polling

Planet 10 times the size of Earth is one of the youngest ever found - A large planet has been spotted orbiting a dwarf star that is just 3 million years old, offering possible clues to how the worlds in our solar system came into being

IBM entangled two quantum chips to work together for the first time - IBM has bet big on a modular approach to building quantum computers, and now it has successfully linked two quantum chips together to operate as a single device, a key step towards that goal

Google DeepMind AI can expertly fix errors in quantum computers - Quantum computers could get a boost from artificial intelligence, thanks to a model created by Google DeepMind that cleans up quantum errors

Hacker News

Niantic announces “Large Geospatial Model” trained on Pokémon Go player data - Comments

What is the origin of the lake tank image that has become a meme? (2021) - Comments

Building Databases over a Weekend - Comments

Show HN: We open-sourced our compost monitoring tech - Comments

Electrobun: Cross-platform desktop applications written in TypeScript - Comments

Slashdot

Inside the Booming 'AI Pimping' Industry - An anonymous reader quotes a report from 404 Media: Instagram is flooded with hundreds of AI-generated influencers who are stealing videos from real models and adult content creators, giving them AI-generated faces, and monetizing their bodies with links to dating sites, Patreon, OnlyFans competitors, and various AI apps. The practice, first reported by 404 Media in April, has since exploded in popularity, showing that Instagram is unable or unwilling to stop the flood of AI-generated content on its platform and protect the human creators on Instagram who say they are now competing with AI content in a way that is impacting their ability to make a living. According to our review of more than 1,000 AI-generated Instagram accounts, Discord channels where the people who make this content share tips and discuss strategy, and several guides that explain how to make money by "AI pimping," it is now trivially easy to make these accounts and monetize them using an assortment of off-the-shelf AI tools and apps. Some of these apps are hosted on the Apple App and Google Play Stores. Our investigation shows that what was once a niche problem on the platform has industrialized in scale, and it shows what social media may become in the near future: a space where AI-generated content eclipses that of humans. [...] Out of more than 1,000 AI-generated Instagram influencer accounts we reviewed, 100 included at least some deepfake content which took existing videos, usually from models and adult entertainment performers, and replaced their face with an AI-generated face to make those videos seem like new, original content consistent with the other AI-generated images and videos shared by the AI-generated influencer. The other 900 accounts shared images that in some cases were trained on real photographs and in some cases made to look like celebrities, but were entirely AI-generated, not edited photographs or videos. Out of those 100 accounts that shared deepfake or face-swapped videos, 60 self-identify as being AI-generated, writing in their bios that they are a "virtual model & influencer" or stating "all photos crafted with AI and apps." The other 40 do not include any disclaimer stating that they are AI-generated. Adult content creators like Elaina St James say they're now directly competing with these AI rip-off accounts that often use stolen content. Since the explosion of AI-generated influencer accounts on Instagram, St James said her "reach went down tremendously," from a typical 1 million to 5 million views a month to not surpassing a million in the last 10 months, and sometimes coming in under 500,000 views. While she said changes to Instagram's algorithm could also be at play, these AI-generated influencer accounts are "probably one of the reasons my views are going down," St James told 404 Media. "It's because I'm competing with something that's unnatural." Alexios Mantzarlis, the director of the security, trust, and safety initiative at Cornell Tech and formerly principal of trust and safety intelligence at Google, started researching the problem to see where AI-generated content is taking social media and the internet. "It felt like a possible sign of what social media is going to look like in five years," said Mantzarlis. "Because this may be coming to other parts of the internet, not just the attractive-people niche on Instagram. This is probably a sign that it's going to be pretty bad." Read more of this story at Slashdot.

Ubuntu Linux Impacted By Decade-Old 'needrestart' Flaw That Gives Root - Five local privilege escalation (LPE) vulnerabilities in the Linux utility "needrestart" -- widely used on Ubuntu to manage service updates -- allow attackers with local access to escalate privileges to root. The flaws were discovered by Qualys in needrestart version 0.8, and fixed in version 3.8. BleepingComputer reports: Complete information about the flaws was made available in a separate text file, but a summary can be found below: - CVE-2024-48990: Needrestart executes the Python interpreter with a PYTHONPATH environment variable extracted from running processes. If a local attacker controls this variable, they can execute arbitrary code as root during Python initialization by planting a malicious shared library. - CVE-2024-48992: The Ruby interpreter used by needrestart is vulnerable when processing an attacker-controlled RUBYLIB environment variable. This allows local attackers to execute arbitrary Ruby code as root by injecting malicious libraries into the process. - CVE-2024-48991: A race condition in needrestart allows a local attacker to replace the Python interpreter binary being validated with a malicious executable. By timing the replacement carefully, they can trick needrestart into running their code as root. - CVE-2024-10224: Perl's ScanDeps module, used by needrestart, improperly handles filenames provided by the attacker. An attacker can craft filenames resembling shell commands (e.g., command|) to execute arbitrary commands as root when the file is opened. - CVE-2024-11003: Needrestart's reliance on Perl's ScanDeps module exposes it to vulnerabilities in ScanDeps itself, where insecure use of eval() functions can lead to arbitrary code execution when processing attacker-controlled input. The report notes that attackers would need to have local access to the operation system through malware or a compromised account in order to exploit these flaws. "Apart from upgrading to version 3.8 or later, which includes patches for all the identified vulnerabilities, it is recommended to modify the needrestart.conf file to disable the interpreter scanning feature, which prevents the vulnerabilities from being exploited," adds BleepingComputer. Read more of this story at Slashdot.

Z-Library Helps Students to Overcome Academic Poverty, Study Finds - A new study reveals that many users, particularly students and Redditors, view Z-Library as a vital resource for overcoming economic barriers to education, reflecting a "Robin Hood" mentality that prioritizes access to knowledge over copyright concerns. TorrentFreak reports: The research looks at the motivations of two groups; Reddit users and Chinese postgraduate students. Despite the vast differences between these groups, their views on Z-Library are quite similar. The 134 Reddit responses were sampled from the Zlibrary subreddit, which is obviously biased in favor of the site. However, the reasoning goes well beyond a simple "I want free stuff" arguments. Many commenters highlighted that they were drawn to the site out of poverty, for example, or they highlighted that Z-Library was an essential tool to fulfill their academic goals. "Living in a 3rd world country, 1 book would cost like 50%- 80% already of my daily wage," one Redditor wrote. The idea that Z-Library is a 'necessary evil' was also highlighted by other commenters. This includes a student who can barely make ends meet, and a homeless person, who has neither the money nor the space for physical books. The lack of free access to all study materials, including academic journal subscriptions at university libraries, was also a key motivator. Paired with the notion that journal publishers make billions of dollars, without compensating authors, justification is found for 'pirate' alternatives. "They make massive profits. So stealing from them doesn't hurt the authors nor reviewers, just the rich greedy publishers who make millions just to design a cover and click 'publish'," one Redditor wrote. The second part of the study is conducted in a more structured format among 103 postgraduate students in China. This group joined a seminar where Z-Library and the crackdown were discussed. In addition, the students participated in follow-up focus group discussions, while also completing a survey. Despite not all being users of the shadow library, 41% of the students agreed that the site's (temporary) shutdown affected their ability to study and find resources for degree learning. In general, the students have a favorable view toward Z-Library and similar sites, and 71% admit that they have used a shadow library in the past. In line with China's socialist values, the overwhelming majority of the students agreed that access to knowledge should be free for everyone. While the students are aware of copyright law, they believe that the need to access knowledge outweighs rightsholders' concerns. This is also reflected in the following responses, among others. All in all, Z-Library and other shadow libraries are seen as a viable option for expensive or inaccessible books, despite potential copyright concerns. The paper has been published in the Journal of University Teaching & Learning Practice. Read more of this story at Slashdot.

Musi Fans Refuse To Update iPhones Until Apple Unblocks Controversial App - An anonymous reader quotes a report from Ars Technica: Who up missing Musi?" a Reddit user posted in a community shocked by the free music streaming app's sudden removal from Apple's App Store in September. Apple kicked Musi out of the App Store after receiving several copyright complaints. Musi works by streaming music from YouTube -- seemingly avoiding paying to license songs -- and YouTube was unsurprisingly chief among those urging Apple to stop allowing the alleged infringement. Musi was previously only available through the App Store. Once Musi was removed from the App Store, anyone who downloaded Musi could continue using the app uninterrupted. But if the app was ever off-loaded during an update or if the user got a new phone, there would be no way to regain access to their Musi app or their playlists. Some Musi fans only learned that Apple booted Musi after they updated their phones, and the app got offloaded with no option to re-download. Panicked, these users turned to the Musi subreddit for answers, where Musi's support staff has consistently responded with reassurances that Musi is working to bring the app back to the App Store. For many Musi users learning from others' mistakes, the Reddit discussions leave them with no choice but to refuse to update their phones or risk losing their favorite app. The app may remain unavailable for several months as the litigation unfolds. "After Apple gave in to the pressure, Musi sued (PDF) in October, hoping to quickly secure an injunction that would force Apple to reinstate Musi in the App Store until the copyright allegations were decided," reports Ars. "But a hearing on that motion isn't scheduled until January, making it appear unlikely that Musi will be available again to download until sometime next year." Further reading: Google, Apple Drive 'Black Box' IP Policing with App Store Rules Read more of this story at Slashdot.

Comcast Spins Off Cable Networks - Comcast plans to spin off several of its cable TV networks into a standalone company as it shifts focus to streaming and other profitable ventures like Peacock, theme parks, and broadband services. The Associated Press reports: Those one-time stars for Comcast's NBCUniversal cable television networks include USA, Oxygen, E!, SYFY and Golf Channel, as well as CNBC and MSNBC. Movie ticketing platform Fandango and the Rotten Tomatoes movie rating site would also become part of the new company. Peacock will remain with Comcast, as will Bravo, which provides significant content for the Peacock streaming service. Comcast telegraphed the potential shift last month as it released quarterly earnings before confirming Wednesday that it will spin off assets that generated about $7 billion in revenue over he past 12 months ending September 30. That's about 5.5% of Comcast's total revenue during that period, according to the company. But there is a shrinking pool of cable subscribers as millions cut the cord and rely increasingly on streaming platforms for entertainment. Mark Lazarus, current chairman of NBCUniversal Media Group, will serve as the new entity's chief executive officer. Anand Kini, the current chief financial officer of NBCUniversal, will take on the same title with the new company as well as the chief operating officer role. [...] Comcast expects the new company to have the financial flexibility to be "a potential partner and acquirer of other complementary media businesses." The spin-off is targeted for completion in about a year, the entertainment giant said, pending financing and approval from its board and government regulators. "Like millions of US consumers, Comcast finally cut the cord by divesting itself of most of its cable TV channels," said Paul Verna, principal analyst at market research company eMarketer. "The benefits are clear to Comcast. It's dropping money-losing assets from a technology and media empire that will retain its lucrative (internet service provider) business, theme parks, broadcast networks, and Peacock streaming service." Read more of this story at Slashdot.