Google asks a US judge to dismiss a DOJ suit alleging it illegally abused its ad dominance, arguing the government had excluded rivals while defining the market (Emily Birnbaum/Bloomberg)

Emily Birnbaum / Bloomberg:
Google asks a US judge to dismiss a DOJ suit alleging it illegally abused its ad dominance, arguing the government had excluded rivals while defining the market  —  Alphabet Inc.’s Google asked a US judge to dismiss the government’s case against its dominance in the digital advertising market.

Elon Musk says Twitter will only show verified accounts on its algorithmic timeline

This is a new chapter of Elon Musk and his strange Twitter decisions. This time, the social network’s CEO has declared that Twitter will only show verified accounts on the algorithmic “For You” timeline starting April 15.

In a tweet, Musk justified the move by saying this is the “only realistic way to address advanced AI bot swarms taking over.” While the Tesla CEO suggested that the move to prohibit non-verified accounts from recommendations was to tackle bots, he mentioned that “verified” bots that don’t impersonate humans are eligible to be shown on the “For You” timeline. So essentially you have to be a paid user, a brand, or a government official to be recommended by Twitter’s algorithm.

Twitter has been trying to promote the “For You” timeline for a while now despite negative opinions from many users. The move to make it a verified-only algorithmic feed won’t be a popular decision either. Notably, analysts suggest that Twitter has only 385,000 paying users at the moment. Plus, the company is removing legacy verification checkmarks of previously notable accounts on April 1. So the algorithmic feed will be filled by paid accounts in addition to brands and officials’ accounts making it for a very skewed timeline.

Musk also said that going forward only verified accounts will be able to take part in polls. But it’s unclear if that is meant to be polls created by Twitter (or him) or all polls on the platform. As always, the announcement is confusing.

Last year, Twitter briefly instated a policy to ban handles and links to other social networks like Facebook and Instagram. The move backfired, and after heavy criticism, the company reversed the rule. At that time, Musk said that every major policy decision would go through a poll (Spoiler: it hasn’t). Soon after, he launched a poll asking people if he should step down as a CEO. By the end of it, 57.5% voted in favor.

After these events, several people suggested that bots accounted for a lot of these votes. At that time, Musk took note of a user suggestion to limit policy voting to only paying subscribers. With the latest statement, he might be finally implementing this change.

This development comes days after GitHub took down Twitter’s leaked sourced code. What’s more, Musk promised to open source the social network’s recommendation algorithm on March 31. We’ll have to wait and see if the code has references to limiting it to only verified users.

Elon Musk says Twitter will only show verified accounts on its algorithmic timeline by Ivan Mehta originally published on TechCrunch

Ethical AI art generation? Adobe Firefly may be the answer.

Enlarge / An Adobe Firefly AI image generator example. (credit: Adobe)

On Tuesday, Adobe unveiled Firefly, its new AI image synthesis generator. Unlike other AI art models such as Stable Diffusion and DALL-E, Adobe says its Firefly engine, which can generate new images from text descriptions, has been trained solely on legal and ethical sources, making its output clear for use by commercial artists. It will be integrated directly into Creative Cloud, but for now, it is only available as a beta.

Since the mainstream debut of image synthesis models last year, the field has been fraught with issues around ethics and copyright. For example, the AI art generator called Stable Diffusion gained its ability to generate images from text descriptions after researchers trained an AI model to analyze hundreds of millions of images scraped from the Internet. Many (probably most) of those images were copyrighted and obtained without the consent of their rights holders, which led to lawsuits and protests from artists.

To avoid those legal and ethical issues, Adobe created an AI art generator trained solely on Adobe Stock images, openly licensed content, and public domain content, ensuring the generated content is safe for commercial use. Adobe goes into more detail in its news release:

Read 3 remaining paragraphs | Comments

Journalist plugs in unknown USB drive mailed to him—it exploded in his face

Enlarge / Ecuadorian police tweeted this picture of officials investigating a drive mailed to a journalist in Guayaquil. (credit: Policía Ecuador/Twitter)

It’s no secret that USB flash drives, as small and unremarkable as they may look, can be turned into agents of chaos. Over the years, we’ve seen them used to infiltrate an Iranian nuclear facility, infect critical control systems in US power plants, morph into programmable, undetectable attack platforms, and destroy attached computers with a surprise 220-volt electrical surge. Although these are just a few examples, they should be enough to preclude one from inserting a mysterious, unsolicited USB drive mailed to them into a computer. Unfortunately, one Ecuadorian journalist didn’t get the memos.

As reported by the Agence France-Presse (via CBS News) on Tuesday, five Ecuadorian journalists have received USB drives in the mail from Quinsaloma. Each of the USB sticks was meant to explode when activated.

Upon receiving the drive, Lenin Artieda of the Ecuavisa TV station in Guayaquil inserted it into his computer, at which point it exploded. According to a police official who spoke with AFP, the journalist suffered mild hand and face injuries, and no one else was harmed.

Read 12 remaining paragraphs | Comments

If your Netgear Orbi router isn’t patched, you’ll want to change that pronto

Enlarge / An Orbi 750 series router. (credit: Netgear)

If you rely on Netgear’s Orbi mesh wireless system to connect to the Internet, you’ll want to ensure it’s running the latest firmware now that exploit code has been released for critical vulnerabilities in older versions.

The Netgear Orbi mesh wireless system comprises a main hub router and one or more satellite routers that extend the network’s range. By setting up multiple access points in a home or office, they form a mesh system that ensures Wi-Fi coverage is available throughout.

Remotely injecting arbitrary commands

Last year, researchers on Cisco’s Talos security team discovered four vulnerabilities and privately reported them to Netgear. The most severe of the vulnerabilities, tracked as CVE-2022-37337, resides in the access control functionality of the RBR750. Hackers can exploit it to remotely execute commands by sending specially crafted HTTP requests to the device. The hacker must first connect to the device, either by knowing the SSID password or by accessing an unprotected SSID. The severity of the flaw is rated 9.1 out of a possible 10.

Read 16 remaining paragraphs | Comments

Huge collection of vintage Apple computers goes to auction next week

Enlarge / I mostly recognize this early laptop from its resemblance to a similar-looking computer in the film 2010. It’s up for auction along with hundreds of other old Apple computers. (credit: Julien’s Auctions)

If you’ve been thinking your home or workspace is perhaps deficient when it comes to old Apple hardware, then I have some good news for you. Next week, a massive trove of classic Apple computing history goes under the hammer when the auction house Julien’s Auctions auctions off the Hanspeter Luzi collection of more than 500 Apple computers, parts, software, and the occasional bit of ephemera.

Ars reported on the auction in February, but Julien’s Auctions has posted the full catalog ahead of the March 30 event, and for Apple nerds of a certain age, there will surely be much to catch your eye.

The earliest computers in the collection are a pair of Commodore PET 2001s; anyone looking for a bargain on an Apple 1 will have to keep waiting, unfortunately.

Read 13 remaining paragraphs | Comments

ChatGPT gets “eyes and ears” with plugins that can interface AI with the world

Enlarge (credit: Aurich Lawson | Getty Images)

On Thursday, OpenAI announced a plugin system for its ChatGPT AI assistant. The plugins give ChatGPT the ability to interact with the wider world through the Internet, including booking flights, ordering groceries, browsing the web, and more. Plugins are bits of code that tell ChatGPT how to use an external resource on the Internet.

Basically, if a developer wants to give ChatGPT the ability to access any network service (for example: “looking up current stock prices”) or perform any task controlled by a network service (for example: “ordering pizza through the Internet”), it is now possible, provided it doesn’t go against OpenAI’s rules.

Conventionally, most large language models (LLM) like ChatGPT have been constrained in a bubble, so to speak, only able to interact with the world through text conversations with a user. As OpenAI writes in its introductory blog post on ChatGPT plugins, “The only thing language models can do out-of-the-box is emit text.”

Read 18 remaining paragraphs | Comments

Android app from China executed 0-day exploit on millions of devices

Enlarge (credit: Getty Images)

Android apps digitally signed by China’s third-biggest e-commerce company exploited a zero-day vulnerability that allowed them to surreptitiously take control of millions of end-user devices to steal personal data and install malicious apps, researchers from security firm Lookout have confirmed.

The malicious versions of the Pinduoduo app were available in third-party markets, which users in China and elsewhere rely on because the official Google Play market is off-limits or not easy to access. No malicious versions were found in Play or Apple’s App Store. Last Monday, TechCrunch reported that Pinduoduo was pulled from Play after Google discovered a malicious version of the app available elsewhere. TechCrunch reported the malicious apps available in third-party markets exploited several zero-days, vulnerabilities that are known or exploited before a vendor has a patch available.

Sophisticated attack

A preliminary analysis by Lookout found that at least two off-Play versions of Pinduoduo for Android exploited CVE-2023-20963, the tracking number for an Android vulnerability Google patched in updates that became available to end users two weeks ago. This privilege-escalation flaw, which was exploited prior to Google’s disclosure, allowed the app to perform operations with elevated privileges. The app used these privileges to download code from a developer-designated site and run it within a privileged environment.

Read 20 remaining paragraphs | Comments

Twitter source code was leaked on GitHub shortly after Musk’s layoff spree

Enlarge (credit: Getty Images | Future Publishing)

Portions of Twitter’s source code recently appeared on GitHub, and Twitter is trying to force GitHub to identify the user or users who posted the code.

GitHub disabled the repository on Friday shortly after Twitter filed a DMCA (Digital Millennium Copyright Act) takedown notice but apparently hasn’t provided the information Twitter is seeking. Twitter’s DMCA takedown notice asked GitHub to provide the code submitter’s “upload/download/access history,” contact information, IP addresses, and any session information or “associated logs related to this repo or any forks.”

The GitHub user who posted the Twitter source code has the username “FreeSpeechEnthusiast,” possibly a reference to Twitter owner Elon Musk casting himself as a protector of free speech.

Read 10 remaining paragraphs | Comments