Feed aggregator

You can play these games and many more with an Xbox Game Pass Ultimate subscription over the next month.

A bipartisan bill seeks to end the Section 230 liability shield for tech companies. Here's a timeline of what happens next.

When a historic moment, and exceptional time in human history happens, it's easy just to see it as interesting and exciting stuff happening in life.

I was there for the personal computer revolution, and then for the birth of the World Wide Web.

Sure, exciting times, and every knew they would change the world.

But what wasn't quite as obvious is that these moments were some of the biggest ever in human history - to be remembered thousands of years down the track.

The birth of AI is one of those moments and you are living in it - enjoy the moment - you can tell your grandkids "I was there when AI really arrived".

Comments URL: https://news.ycombinator.com/item?id=40359812

Points: 1

# Comments: 0

Google unveiled a bunch of AI tools at Google I/O, so here's a rundown of what they are.

Article URL: https://tenderlovemaking.com/2023/09/02/fast-tokenizers-with-stringscanner.html

Comments URL: https://news.ycombinator.com/item?id=40359774

Points: 2

# Comments: 0

Article URL: https://wiki.postgresql.org/wiki/Foreign_data_wrappers

Comments URL: https://news.ycombinator.com/item?id=40359763

Points: 1

# Comments: 0

Article URL: https://www.edgedb.com/blog/we-can-do-better-than-sql

Comments URL: https://news.ycombinator.com/item?id=40359757

Points: 1

# Comments: 0

Article URL: https://damkee.substack.com/p/a-step-towards-bespoke-software-at

Comments URL: https://news.ycombinator.com/item?id=40359748

Points: 1

# Comments: 1

Google revealed a slew of Gemini AI software updates at its developers conference and introduced Project Astra and Project Veo.

On the southwest side of Calexico, a border town in California’s Imperial Valley, a surveillance tower casts a shadow over a baseball field and a residential neighborhood. In 2000, the Immigration and Naturalization Service (the precursor to the Department of Homeland Security (DHS)) leased the corner of Nosotros Park from the city for $1 a year for the tower. But now the lease has expired, and DHS component Customs & Border Protection (CBP) would like the city to re-up the deal.  

But times—and technology—have changed. CBP’s new strategy calls for adopting powerful artificial intelligence technology to not only control the towers, but to scan, track and categorize everything they see.  

Now, privacy and social justice advocates including the Imperial Valley Equity and Justice Coalition, American Friends Service Committee, and Calexico Needs Change have joined EFF in sending the city council a letter urging them to not sign the lease and either spike the project or renegotiate it to ensure that civil liberties and human rights are protected.  

The groups write:  

The Remote Video Surveillance System (RVSS) tower at Nosotros Park was installed in the early 2000s when video technology was fairly limited and the feeds required real-time monitoring by human personnel. That is not how these cameras will operate under CBP's new AI strategy. Instead, these towers will be controlled by algorithms that will autonomously detect, identify, track and classify objects of interest. This means that everything that falls under the gaze of the cameras will be scanned and categorized. To an extent, the AI will autonomously decide what to monitor and recommend when Border Patrol officers should be dispatched. While a human being may be able to tell the difference between children playing games or residents getting ready for work, AI is prone to mistakes and difficult to hold accountable. 

In an era where the public has grave concerns on the impact of unchecked technology on youth and communities of color, we do not believe enough scrutiny and skepticism has been applied to this agreement and CBP's proposal. For example, the item contains very little in terms of describing what kinds of data will be collected, how long it will be stored, and what measures will be taken to mitigate the potential threats to privacy and human rights. 

The letter also notes that CBP’s tower programs have repeatedly failed to achieve the promised outcomes. In fact, the DHS Inspector General found that the early 2000s program, “yielded few apprehensions as a percentage of detection, resulted in needless investigations of legitimate activity, and consumed valuable staff time to perform video analysis or investigate sensor alerts.”  

The groups are calling for Calexico to press pause on the lease agreement until CBP can answer a list of questions about the impact of the surveillance tower on privacy and human rights. Should the city council insist on going forward, they should at least require regular briefings on any new technologies connected to the tower and the ability to cancel the lease on much shorter notice than the 365 days currently spelled out in the proposed contract.  

Article URL: https://informationisbeautiful.net/visualizations/most-common-pin-codes/

Comments URL: https://news.ycombinator.com/item?id=40359736

Points: 2

# Comments: 0

Article URL: https://krebsonsecurity.com/2024/05/patch-tuesday-may-2024-edition/

Comments URL: https://news.ycombinator.com/item?id=40359719

Points: 1

# Comments: 0

Article URL: https://www.cnx-software.com/2024/05/15/ardeeg-shield-works-with-arduino-uno-r4-wifi-for-biosignals-measurement/

Comments URL: https://news.ycombinator.com/item?id=40359713

Points: 2

# Comments: 0

There’s been so much focus on LLMs, image & video generation, and text to speech models lately.

These models obvious have wide general purpose capabilities, so they are particularly useful to folks technical and non-technical.

I’m curious what (relatively) general model domains does the HN community not think get enough research and product building energy?

For example do you think that image recoginition or non-verbal audio recognition isn’t getting the direct sunlight it deserves from both developers and customers?

Comments URL: https://news.ycombinator.com/item?id=40359700

Points: 1

# Comments: 1

Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two “zero-day” vulnerabilities in Windows that are already being exploited in active attacks. There are also important security patches available for macOS and Adobe users, and for the Chrome Web browser, which just patched its own zero-day flaw.

First, the zero-days. CVE-2024-30051 is an “elevation of privilege” bug in a core Windows library. Satnam Narang at Tenable said this flaw is being used as part of post-compromise activity to elevate privileges as a local attacker.

“CVE-2024-30051 is used to gain initial access into a target environment and requires the use of social engineering tactics via email, social media or instant messaging to convince a target to open a specially crafted document file,” Narang said. “Once exploited, the attacker can bypass OLE mitigations in Microsoft 365 and Microsoft Office, which are security features designed to protect end users from malicious files.”

CVE-2024-30040 is a security feature bypass in MSHTML, a component that is deeply tied to the default Web browser on Windows systems. Microsoft’s advisory on this flaw is fairly sparse, but Kevin Breen from Immersive Labs said this vulnerability also affects Office 365 and Microsoft Office applications.

“Very little information is provided and the short description is painfully obtuse,” Breen said of Microsoft’s advisory on CVE-2024-30040.

Meanwhile, Kaspersky Lab, one of two companies credited with reporting exploitation of CVE-2024-30040 to Microsoft, has published a fascinating writeup on how they discovered the exploit in a file shared with Virustotal.com.

Kaspersky said it has since seen the exploit used together with QakBot and other malware. Emerging in 2007 as a banking trojan, QakBot (a.k.a. Qbot and Pinkslipbot) has morphed into an advanced malware strain now used by multiple cybercriminal groups to prepare newly compromised networks for ransomware infestations.

The only vulnerability fixed this month that earned Microsoft’s most-dire “critical” rating is CVE-2024-30044, a flaw in Sharepoint that Microsoft said is likely to be exploited. Tenable’s Narang notes that exploitation of this bug requires an attacker to be authenticated to a vulnerable SharePoint Server with Site Owner permissions (or higher) first and to take additional steps in order to exploit this flaw, which makes this flaw less likely to be widely exploited as most attackers follow the path of least resistance.

Five days ago, Google released a security update for Chrome that fixes a zero-day in the popular browser. Chrome usually auto-downloads any available updates, but it still may require a complete restart of the browser to install them. If you use Chrome and see a “Relaunch to update” message in the upper right corner of the browser, it’s time to restart.

Apple has just shipped macOS Sonoma 14.5 update, which includes nearly two dozen security patches. To ensure your Mac is up-to-date, go to System Settings, General tab, then Software Update and follow any prompts.

Finally, Adobe has critical security patches available for a range of products, including Acrobat, Reader, Illustrator, Adobe Substance 3D Painter, Adobe Aero, Adobe Animate and Adobe Framemaker.

Regardless of whether you use a Mac or Windows system (or something else), it’s always a good idea to backup your data and or system before applying any security updates. For a closer look at the individual fixes released by Microsoft today, check out the complete list over at the SANS Internet Storm Center. Anyone in charge of maintaining Windows systems in an enterprise environment should keep an eye on askwoody.com, which usually has the scoop on any wonky Windows patches.

Article URL: https://finance.yahoo.com/news/vermont-legislature-passes-one-strongest-201136093.html

Comments URL: https://news.ycombinator.com/item?id=40359689

Points: 1

# Comments: 0

Article URL: https://museum.ipsj.or.jp/en/heritage/Parametron_arcives.html

Comments URL: https://news.ycombinator.com/item?id=40359680

Points: 1

# Comments: 0

The Soundcore Motion 300, a CNET Editors' Choice award winner, is just $64 right now, but you'll need to act fast to snag it at this price.