Feed aggregator
Dire Predictions for 2025 Include 'Largest Cyberattack in History'
Politico asked an "array of thinkers — futurists, scientists, foreign policy analysts and others — to lay out some of the possible 'Black Swan' events that could await us in the new year: What are the unpredictable, unlikely episodes that aren't yet on the radar but would completely upend American life as we know it?"
Here's one from Gary Marcus, a cognitive scientist and author of the book Taming Silicon Valley: How We Can Ensure That AI Works For Us:
2025 could easily see the largest cyberattack in history, taking down, at least for a little while, some sizeable piece of the world's infrastructure, whether for deliberate ransom or to manipulate people to make money off a short on global markets. Cybercrime is already a huge, multi-trillion dollar problem, and one that most victims don't like to talk about. It is said to be bigger than the entire global drug trade. Four things could make it much worse in 2025.
First, generative AI, rising in popularity and declining in price, is a perfect tool for cyberattackers. Although it is unreliable and prone to hallucinations, it is terrific at making plausible sounding text (e.g., phishing attacks to trick people into revealing credentials) and deepfaked videos at virtually zero cost, allowing attackers to broaden their attacks. Already, a cybercrew bilked a Hong Kong bank out of $25 million. Second, large language models are notoriously susceptible to jailbreaking and things like "prompt-injection attacks," for which no known solution exists. Third, generative AI tools are increasingly being used to create code; in some cases those coders don't fully understand the code written, and the autogenerated code has already been shown in some cases to introduce new security holes.
And finally 2025 may see a U.S. government "determined to deregulate as much as possible, slashing costs," Marus speculates, a scenario where "enforcement and investigations will almost certainly decline in both quality and quantity, leaving the world quite vulnerable to ever more audacious attacks."
Elsewhere in Politico's article there's other even less-cheery predictions for 2025. The executive director of an advocacy group for public health professionals describes the possibility of an epidemic "that we had the tools to control" which "winds up killing thousands" (while also "sending the economy back into a Covid-like downward spiral.")
And a law professor predicts 2025 will see a decisive breakthrough in quantum computing. "Those little padlocks you see beside URLs? They would, overnight, become a fiction."
Read more of this story at Slashdot.
Can We Make Oceans Absorb More Carbon Dioxide with a Giant Antacid?
If we dissolve acid-neutralizing rocks in the ocean, will it absorb more carbon dioxide?
Climate ventures and philanthropic funders have been spending millions of dollars to find out, reports the Washington Post. "Researchers have been exploring this technology for the last five years, but over the last two months, at least a couple of start-ups have begun operation along the Atlantic and Pacific coasts."
Planetary, a start-up based in Nova Scotia, removed 138 metric tons of carbon last month for Shopify and Stripe. The start-up Ebb Carbon is running a small site in Washington that can remove up to 100 carbon metric tons per year and committed in October to remove 350,000 metric tons of carbon from the atmosphere over the next decade for Microsoft.
Proponents of the technology say it's one of the most promising forms of carbon removal, which experts say will be necessary to meet climate goals even as the world cuts emissions. But in order for this to make a dent, it will need to be scaled up to remove billions, not hundreds of thousands, of metric tons of carbon per year, Yale associate professor of earth and planetary sciences Matthew Eisaman said... Removing carbon could also help prevent ocean acidification. Although the ocean's chemistry has varied through geologic time, it has become more acidic as it has absorbed more carbon from human-generated emissions, said Andy Jacobson, a geochemist at Northwestern University. The increased acidity makes it difficult for some marine organisms to build their skeletons and shells...
Researchers are still investigating the best strategy to implement the method. Ebb Carbon, for example, takes existing saltwater waste streams from treatment and desalination plants and uses electricity to alkalize it before returning it to the ocean, said Eisaman, who is the start-up's co-founder and chief scientist. Another method is depositing alkaline minerals or solution into the ocean using a ship; others want to enhance the rock weathering that already occurs on the coast...
The growing evidence from early studies in labs and controlled outdoor settings suggest no serious impacts on plankton, which are at the bottom of the food web.
Read more of this story at Slashdot.
Advertisers Expand Their Avoidance to News Sites, Blacklisting Specific Words
"The Washington Post's crossword puzzle was recently deemed too offensive for advertisers," reports the Wall Street Journal. "So was an article about thunderstorms. And a ranking of boxed brownie mixes.
"Marketers have long been wary about running ads in the news media, concerned that their brands will land next to pieces about terrorism or plane crashes or polarizing political stories." But "That advertising no-go zone seems to keep widening."
It is a headache that news publishers can hardly afford. Many are also grappling with subscriber declines and losses in traffic from Google and other tech platforms, and are now making an aggressive push to change advertisers' perceptions... News organizations recently began publicizing studies that show it really isn't dangerous for a brand to appear near a sensitive story. At the same time, they say blunt campaign-planning tools wind up fencing off even harmless content — and those stories' potentially large audiences — from advertisements. Forty percent of the Washington Post's material is deemed "unsafe" at any given time, said Johanna Mayer-Jones, the paper's chief advertising officer, referencing a study the company did about a year ago. "The revenue implications of that are significant."
The Washington Post's crossword page was blocked by advertisers' technology seven times during a weekslong period in October because it was labeled as politics, news and natural disaster-related material. (A tech company recently said it would ensure the puzzle stops getting blocked, according to the Post.) The thunderstorm story was cut off from ad revenue when a sentence about "flashing and pealing volleys from the artillery of the atmosphere" triggered a warning that it was too much like an "arms and ammunition" story. As for the brownies, a reference to research from "grocery, drug, mass-market" and other retailers was automatically flagged by advertisers for containing the word "drug."
While some brands avoid news entirely, many take what they consider to be a more surgical approach. They create lengthy blacklists of words or websites that the company considers off-limits and employ ad technology to avoid such terms. Over time, blacklists have become extremely detailed, serving as a de facto news-blocking tool, publishers said... The lists are used in automated ad buying. Brands aim their ads not at specific websites, but at online audiences with certain characteristics — people with particular shopping or web-browsing histories, for example. Their ads are matched in real-time to available inventory for thousands of websites... These days, less than 5% of client ad spending for GroupM, one of the largest ad-buying firms in the world, goes to news, according to Christian Juhl, GroupM's former chief executive who revealed spending figures during a congressional hearing over the summer.
A recent blacklist from Microsoft included about 2,000 words including "collapse," according to the article. ("Microsoft declined to comment.")
Read more of this story at Slashdot.
US Sanctions Chinese Firm Linked to Seized Botnet
Remember that massive botnet run by Chinese government hackers? Flax Typhoon "compromised computer networks in North America, Europe, Africa, and across Asia, with a particular focus on Taiwan," according to the U.S. Treasury Department. (The group's botnet breaching this autumn affected "at least 260,000 internet-connected devices," reports the Washington Post, "roughly half of which were located in the United States.")
Friday America's Treasury Department sanctioned "a Beijing-based cybersecurity company for its role in multiple computer intrusion incidents against U.S. victims..." according to an announcement from the department's Office of Foreign Assets Control. "Between summer 2022 and fall 2023, Flax Typhoon actors used infrastructure tied to Integrity Tech during their computer network exploitation activities against multiple victims. During that time, Flax Typhoon routinely sent and received information from Integrity Tech infrastructure."
From the Washington Post:
The group behind the attacks was active since at least 2021, but U.S. authorities only managed to wrest control of the devices from the hackers in September, after the FBI won a court order that allowed the agency to send commands to the infected devices...
Treasury's designation follows sanctions announced last month on Sichuan Silence Information Technology Company, in which U.S. officials accused the company of exploiting technology flaws to install malware in more than 80,000 firewalls, including those protecting U.S. critical infrastructure. The new sanctions on Beijing Integrity Technology are notable due to the company's public profile and outsize role in servicing China's police and intelligence services via state-run hacking competitions. The company, which is listed in Shanghai and has a market capitalization of more than $327 million, plays a central role in providing state agencies "cyber ranges" — technology that allows them to simulate cyberattacks and defenses...
In September, FBI Director Christopher A. Wray said the Flax Typhoon attack successfully infiltrated universities, media organizations, corporations and government agencies, and in some cases caused significant financial losses as groups raced to replace the infected hardware. He said at the time that the operation to shut down the network was "one round in a much longer fight...." A 2024 assessment by the Office of the Director of National Intelligence said China is the most "active and persistent" cyberthreat and that actors under Beijing's direction have made efforts to breach U.S. critical infrastructure with the intention of lying in wait to be able to launch attacks in the event of major conflict.
"The Treasury sanctions bar Beijing Integrity Technology from access to U.S. financial systems and freeze any assets the company might hold in the United States," according to the article, "but the moves are unlikely to have a significant effect on the company," (according to Dakota Cary, a fellow at the Atlantic Council who has studied the company's role in state-sponsored hacking).
Read more of this story at Slashdot.
UK Bosses Try To Turn Back Clock On Hybrid Working
As UK workers face a tougher-than-usual January return to offices, many large employers, including Amazon, BT, PwC, and Santander, are enforcing stricter in-person attendance mandates. The Guardian reports: As of 1 January, BT is requiring its 50,000 office-based employees across the UK and several other countries to attend three days a week in what it calls a "three together, two wherever" approach. Workers at the telecoms company have been told that office entry and exit data will be used to monitor attendance. The accountancy firm PwC is also clamping down on remote working; the Spanish-owned bank Santander is formalizing attendance requirements for its 10,000 UK staff; the digital bank Starling has ordered staff back to the office more regularly; and the supermarket chain Asda has made a three-day office week compulsory for thousands of workers at its Leeds and Leicester sites. The international picture is similar. [...]
Multiple studies suggest that the future of work is flexible, with time split between the office and home or another location, in what has been called "the new normal" by the Office for National Statistics. The ONS found in its latest survey that hybrid was the standard pattern for more than a quarter (28%) of working adults in Great Britain in autumn 2024. At the same time, working entirely remotely had fallen since 2021, it found. One of the most frequently reported business reasons for hybrid working was "improved staff wellbeing," the ONS found, while those who worked from home saved an average of 56 minutes each day by dodging the commute.
UK staff have been slower to return to their desks after the pandemic than their counterparts in France, Germany, Italy, Spain and the US. London, in particular, has lagged behind other global cities including Paris and New York, according to recent research from the Centre for Cities thinktank, where workers spent on average 2.7 days a week in the office, attendance levels similar to Toronto and Sydney. It cited the cost, and average length of the commute in and around the UK capital as one of the main reasons for the trend. Despite this, there has been a "slow but steady increase in both attendance and desk use" in British offices, according to AWA, which tracked a 4% rise in attendance, from 29% to 33%, between July 2022 and September 2024. "Hybrid working is here, it's not going away," said Andrew Mawson, the founder of Advanced Workplace Associates (AWA), a workplace transformation consultancy. "Even though companies are trying to mandate, foolishly in my view, to have their people in the office on a certain number of days, the true reality of it is different."
Read more of this story at Slashdot.
Americans Are Spending Less On Streaming As Fatigue and Options Grow
In 2024, Americans spent 23% less on streaming subscriptions compared to 2023, driven by rising costs, streaming fatigue, and increased password-sharing restrictions. The findings have been reported in Review's annual State of Consumer Media Spending Report. TechSpot reports: Of those surveyed, 27.8 percent said they are experiencing streaming fatigue - or the feeling of being overwhelmed by the growing number of streaming apps on the market. And with the cost of goods and services at an all-time high, it's hitting folks in the wallet as well. The report additionally found that the average American has two streaming subscriptions, and watches three hours and 49 minutes of content each day. More than a quarter of subscribers - 26.5 percent - share subscriptions with others to save on cost although with recent crackdowns on password sharing, that might not be an option for much longer.
As such, Reviews recommends downsizing the number of subscriptions you pay for each month or spending more time using free services if you're looking to cut down on costs in the New Year. For example, you could stagger subscriptions by signing up for a service temporarily to watch a specific show or movie and canceling when you are finished. It's also wise to keep an eye out for free trials, discounts, and limited-time streaming deals like those occasionally offered from Internet and mobile providers.
Read more of this story at Slashdot.
New Device's Radio Waves Reveal Lead Contamination In Soil
Cornell Tech researchers have developed a portable device called SoilScanner that uses radio frequency signals and machine learning to detect lead contamination in soil. It offers a cost-effective alternative to traditional methods of testing that "generally involves either sending samples to a lab for analysis, which relies upon harsh chemicals and can be expensive, or using a portable X-ray fluorescence device," notes Phys.org. From the report: "In recent years, especially during COVID, a lot of us got excited about having our own backyard garden, or spending more time at home," said [Rajalakshmi Nandakumar, assistant professor at the Jacobs Technion-Cornell Institute at Cornell Tech] who's also a member of the Department of Information Science in the Cornell Ann S. Bowers College of Computing and Information Science. "But if you look at instructions for how to grow tomatoes, no one actually tells you that you have to check your soil for lead," she said. "It's all about pH levels. A lot of us, even though we interact very often with soils, are totally unaware of possible lead contamination."
[Yixuan Gao, a doctoral candidate in computer science] said the group was motivated by a map of lead contamination in New York City that Cheng's Urban Soils Lab (USL) had produced over the course of several years of testing for hundreds of soil samples throughout the five boroughs. The testing revealed dangerously high levels of lead in many locations, most notably in northern Brooklyn. About 45% of the soil samples tested by USL had lead levels above 400 parts per million (ppm), the previous EPA recommended screening level (revised a year ago to 200 ppm for residential soils). "This means there is a significant risk when gardening in these urban soils," Gao said. You can learn more about the device here (PDF).
Read more of this story at Slashdot.