Computer

Microsoft Readies 'Groundbreaking' AI-focused Windows Release

Slashdot - Thu, 2023-12-07 16:20
What's next for Windows? Microsoft plans next-gen Windows AI release in 2024, plus details on recent changes to the Windows roadmap. From a report: According to my sources, the new Windows bosses are now returning to an annual release cycle for major versions of the Windows platform, meaning Windows is going back to having just one big feature update a year instead of multiple smaller ones throughout. Microsoft may still use Moment updates sparingly, but they will no longer be the primary delivery vehicle for new features going forward. These changes are said to take effect after Hudson Valley launches in 2024, so I'm still expecting at least one more Moment update for the current version of Windows 11, which sources say will ship in the February or March time frame early next year. [...] According to my sources, Microsoft's blockbuster new feature will be the introduction of an AI-powered Windows Shell, enhanced with an "advanced Copilot," that's able to constantly work in the background to enhance search, jumpstart projects or workflows, understand context, and much more. Sources say these AI features will be "groundbreaking." The company is working on a new history/timeline feature that will let users scroll back in time through all the apps and websites that Copilot has remembered, which can be filtered based on a user's specific search criteria. For example, you could type "FY24 earnings" and every instance where that term was on-screen will reappear for you to see and open. AI will also enhance search in Windows, with the ability to use natural language to find things that you've previously opened or seen on your PC.

Read more of this story at Slashdot.

Categories: Computer, News

From Unicorns To Zombies: Tech Startups Run Out of Time and Money

Slashdot - Thu, 2023-12-07 15:40
After staving off collapse by cutting costs, many young tech companies are out of options, fueling a cash bonfire. From a report: WeWork raised more than $11 billion in funding as a private company. Olive AI, a health care start-up, gathered $852 million. Convoy, a freight start-up, raised $900 million. And Veev, a home construction start-up, amassed $647 million. In the last six weeks, they all filed for bankruptcy or shut down. They are the most recent failures in a tech start-up collapse that investors say is only beginning. After staving off mass failure by cutting costs over the past two years, many once-promising tech companies are now on the verge of running out of time and money. They face a harsh reality: Investors are no longer interested in promises. Rather, venture capital firms are deciding which young companies are worth saving and urging others to shut down or sell. It has fueled an astonishing cash bonfire. In August, Hopin, a start-up that raised more than $1.6 billion and was once valued at $7.6 billion, sold its main business for just $15 million. Last month, Zeus Living, a real estate start-up that raised $150 million, said it was shutting down. Plastiq, a financial technology start-up that raised $226 million, went bankrupt in May. In September, Bird, a scooter company that raised $776 million, was delisted from the New York Stock Exchange because of its low stock price. Its $7 million market capitalization is less than the value of the $22 million Miami mansion that its founder, Travis VanderZanden, bought in 2021. "As an industry we should all be braced to hear about a lot more failures," said Jenny Lefcourt, an investor at Freestyle Capital. "The more money people got before the party ended, the longer the hangover." Getting a full picture of the losses is difficult since private tech companies are not required to disclose when they go out of business or sell. The industry's gloom has also been masked by a boom in companies focused on artificial intelligence, which has attracted hype and funding over the last year. But approximately 3,200 private venture-backed U.S. companies have gone out of business this year, according to data compiled for The New York Times by PitchBook, which tracks start-ups. Those companies had raised $27.2 billion in venture funding. PitchBook said the data was not comprehensive and probably undercounts the total because many companies go out of business quietly. It also excluded many of the largest failures that went public, such as WeWork, or that found buyers, like Hopin.

Read more of this story at Slashdot.

Categories: Computer, News

India Calls Out Inequalities at COP28 Climate Summit

Slashdot - Thu, 2023-12-07 15:00
India wants to be the voice of the global south in the negotiations. But can the world's most populous nation cut its massive coal use? From a report: India is pitching itself as a leader of the global south at the 28th United Nations Climate Change Conference (COP28), under way in Dubai. During his opening speech at the meeting, Indian Prime Minister Narendra Modi issued a sharp rebuke to wealthy nations: "A small section of mankind has exploited nature indiscriminately. But the whole of humanity is paying its price, especially the residents of the global south." But India -- now the world's most populous nation -- relies heavily on coal to meet its energy needs, and faces a difficult path to cutting its emissions to net zero. The country's priority remains reducing poverty -- which India says requires more energy use -- but more action on climate change is essential, say researchers. "If we have to reach net-zero by 2050 collectively, then India's share in that collective goal should be a significant one," says Nandini Das, a climate researcher based in Perth, Australia, who works for the global research group Climate Action Tracker. But she adds that in terms of finance, "India requires substantial international support." India is the world's third biggest carbon producer, accounting for 7.3% of global greenhouse-gas emissions in 2022. But those emissions come from 1.43 billion people, accounting for 18% of the world's population. India's per capita emissions last year were equivalent to 2.76 tonnes of carbon dioxide, less than one-sixth of the per capita emissions of the United States and 24 times smaller than the figure for Qatar, the world's largest per capita emitter. India's average standard of living is far below those of the United States and Qatar, with 210 million people living in poverty according to United Nations metrics. India has maintained that coal -- a cheap fossil fuel readily available in the country -- is required to power its economic development. Coal supplied 73% of India's electricity in 2022; and in November this year, the country announced that it would install 80 gigawatts of new coal-fired power-generation capacity by 2032. "We have to give a fair share to all developing countries in the global carbon budget," Modi said at COP28.

Read more of this story at Slashdot.

Categories: Computer, News

Android Vulnerability Exposes Credentials From Mobile Password Managers

Slashdot - Thu, 2023-12-07 14:00
An anonymous reader quotes a report from TechCrunch: A number of popular mobile password managers are inadvertently spilling user credentials due to a vulnerability in the autofill functionality of Android apps. The vulnerability, dubbed "AutoSpill," can expose users' saved credentials from mobile password managers by circumventing Android's secure autofill mechanism, according to university researchers at the IIIT Hyderabad, who discovered the vulnerability and presented their research at Black Hat Europe this week. The researchers, Ankit Gangwal, Shubham Singh and Abhijeet Srivastava, found that when an Android app loads a login page in WebView, password managers can get "disoriented" about where they should target the user's login information and instead expose their credentials to the underlying app's native fields, they said. This is because WebView, the preinstalled engine from Google, lets developers display web content in-app without launching a web browser, and an autofill request is generated. "Let's say you are trying to log into your favorite music app on your mobile device, and you use the option of 'login via Google or Facebook.' The music app will open a Google or Facebook login page inside itself via the WebView," Gangwal explained to TechCrunch prior to their Black Hat presentation on Wednesday. "When the password manager is invoked to autofill the credentials, ideally, it should autofill only into the Google or Facebook page that has been loaded. But we found that the autofill operation could accidentally expose the credentials to the base app." Gangwal notes that the ramifications of this vulnerability, particularly in a scenario where the base app is malicious, are significant. He added: "Even without phishing, any malicious app that asks you to log in via another site, like Google or Facebook, can automatically access sensitive information." The researchers tested the AutoSpill vulnerability using some of the most popular password managers, including 1Password, LastPass, Keeper and Enpass, on new and up-to-date Android devices. They found that most apps were vulnerable to credential leakage, even with JavaScript injection disabled. When JavaScript injection was enabled, all the password managers were susceptible to their AutoSpill vulnerability. Gangwal says he alerted Google and the affected password managers to the flaw. Gangwal tells TechCrunch that the researchers are now exploring the possibility of an attacker potentially extracting credentials from the app to WebView. The team is also investigating whether the vulnerability can be replicated on iOS.

Read more of this story at Slashdot.

Categories: Computer, News

Jailbroken AI Chatbots Can Jailbreak Other Chatbots

Slashdot - Thu, 2023-12-07 11:00
In a new preprint study, researchers were able to get AI chatbots to teach other chatbots how to bypass built-in restrictions. According to Scientific American, AIs were observed "breaking the rules to offer advice on how to synthesize methamphetamine, build a bomb and launder money." From the report: Modern chatbots have the power to adopt personas by feigning specific personalities or acting like fictional characters. The new study took advantage of that ability by asking a particular AI chatbot to act as a research assistant. Then the researchers instructed this assistant to help develop prompts that could "jailbreak" other chatbots -- destroy the guardrails encoded into such programs. The research assistant chatbot's automated attack techniques proved to be successful 42.5 percent of the time against GPT-4, one of the large language models (LLMs) that power ChatGPT. It was also successful 61 percent of the time against Claude 2, the model underpinning Anthropic's chatbot, and 35.9 percent of the time against Vicuna, an open-source chatbot. Ever since LLM-powered chatbots became available to the public, enterprising mischief-makers have been able to jailbreak the programs. By asking chatbots the right questions, people have previously convinced the machines to ignore preset rules and offer criminal advice, such as a recipe for napalm. As these techniques have been made public, AI model developers have raced to patch them -- a cat-and-mouse game requiring attackers to come up with new methods. That takes time. But asking AI to formulate strategies that convince other AIs to ignore their safety rails can speed the process up by a factor of 25, according to the researchers. And the success of the attacks across different chatbots suggested to the team that the issue reaches beyond individual companies' code. The vulnerability seems to be inherent in the design of AI-powered chatbots more widely. "In the current state of things, our attacks mainly show that we can get models to say things that LLM developers don't want them to say," says Rusheb Shah, another co-author of the study. "But as models get more powerful, maybe the potential for these attacks to become dangerous grows."

Read more of this story at Slashdot.

Categories: Computer, News

Project Cuts Emissions By Putting Data Centers Inside Wind Turbines

Slashdot - Thu, 2023-12-07 08:00
CNN reports on a new German-based project called WindCORES that operates data centers inside existing wind turbines, making them almost completely carbon neutral. "If you look at the sustainability pyramid, the highest form of sustainability is using things that already exist," said Fiete Dubberke, managing director of windCORES, which was founded in 2018. From the report: The concept uses existing wind turbines to power data centers on site, while fiber optic cables provide a constant internet connection. Planning for a project like this began 10 years ago, Dubberke said, when WestfalenWIND realized the electricity grid was too weak to handle the huge capacities of electricity being produced by its wind turbines during peak wind hours, resulting in their windfarms being switched off due to grid security issues. WindCORES estimates that the unused electricity generated during this period could power one-third of all German data centers. Its solution was to bypass the "middleman" (the grid) altogether, and instead, power IT servers from directly inside the large concrete wind turbine towers. Each tower is 13 meters wide and could potentially hold server racks up to 150 meters high. As the area is mostly empty space, Dubberke calls the concept a "no-brainer." According to Dubberke, an average of 85-92% of the power needed to sustain a windCORES data center comes directly from the host turbine. When there is no wind, electricity is obtained from other renewable sources, including solar farms and hydroelectric power plants, via the electricity grid. "The German data center average is 430 grams of CO2 released per kilowatt hour," he said. "For windCORES, it is calculated at just 10 grams per kilowatt hour." Since launching, windCORES has acquired around 150 clients through co-location and cloud solutions, from very small start-up companies to bigger, more established ones, such as Zattoo, a leading carbon-neutral Swiss TV streaming platform with several million monthly users. Zattoo joined windCORES in 2020, when it moved one of its six data centers into a wind turbine in Paderborn. Currently, 218 channels are encoded with windCORES, and by the end of next year, the company hopes to relocate more existing servers to the wind farm, making it Zattoo's main data center location. [...] WindCORES has recently opened a larger, second location called "windCORES II" at the Huser Klee windfarm in Lichtenau, Germany. Built for a new large automotive client from Munich (the name is yet to be revealed), it is over three levels and around 20 meters high.

Read more of this story at Slashdot.

Categories: Computer, News

Pages