More regulators move to investigate ChatGPT, a new service to create malicious Android apps and Steve Jobs’ is still “making things wonderful.” 



 

These stories and more on Hashtag Trending for Wednesday, April 12th

I’m your host Jim Love, CIO of IT World Canada and TechNewsDay in the US – here’s today’s top tech news stories.

Over the past weeks we covered stories on how regulators in Italy, France and Canada are probing into ChatGPT over privacy concerns.

Italy even went on to ban the AI bot temporarily on March 31st.

Spain is the lastest European country to express concerns. Spain has asked the EU data protection board to investigate ChatGPT, in the next Plenary of the European Data Protection Committee, “so that harmonised actions can be implemented within the framework of the application of the General Data Protection Regulation.”

Yesterday, the Biden administration said it is seeking public comments on potential accountability measures for AI systems.

The National Telecommunications and Information Administration, which advises the White House, wants to know if there are measures that can be put in place to ensure that “AI systems are legal, effective, ethical, safe, and otherwise trustworthy.”

President Biden said last week that it remains to be seen whether AI is dangerous, as critics flag concerns over privacy, education and national security.

And even China is stating they are concerned about the security risks of AI systems. The Chinese government and wants firms to submit security assessments to authorities before they launch their products to the public.

The rules drafted by the Cyberspace Administration of China (CAC) come after a host of Chinese tech giants, including Baidu, SenseTime and Alibaba showed off their own AI models, as generative AI continues to experience an explosive boom worldwide.

The Chinese Cyberspace Administration says that providers need to demonstrate the legitimacy of their data when training their AI models, reveal their own identities or face a fine and possibly, criminal investigations.

If AI platforms generate inappropriate content, companies should update their technology within three months to prevent similar content from appearing again.

Sources: Reuters (Spain), Reuters (U.S.), Reuters (China)

And speaking of Chinese moves into AI 

A few weeks ago, Alibaba split up into six business units, a major restructuring  that the company said is aligning itselft to market changes.

One of those units, Alibaba Cloud, has launched its own large language model, called Tongyi Qianwen, which will reportedly power all of the company’s business applications in the near future.

The Chinese cloud vendor said that its AI model will have both English and Chinese language capabilities and will first be deployed on Alibaba’s online collaboration workplace platform DingTalk as well as smart voice assistant, Tmall Genie.

DingTalk can write e-mail or draft business proposals. It can also create an app, with just a photo or an idea written on a piece of paper.

But customers can access Tongyi Qianwen, via Alibaba’s cloud platform to build their own large language models and developers in China can, so far, access the AI via an API to do beta testing.

Alibaba Group Chairman and CEO Daniel Zhang said: “We are at a technological watershed moment driven by generative AI and cloud computing, and businesses across all sectors have started to embrace intelligence transformation to stay ahead of the game. 

Alibaba Cloud is committed to making computing and AI services more accessible and inclusive for enterprises and developers, enabling them to uncover more insights, explore new business models for growth, and create more cutting-edge products and services for society.”

Source: ZDNET

It had to happen. AI crack your password.

A new report released by security experts at Home Security Heroes says it could do so within minutes, if not within seconds.

Home Security Heroes enlisted an AI tool known as PassGAN to determine how long it would take to crack more than 15 million common passwords using AI.

Interestingly, PassGAN did not employ usual manual brute force processes but analyzed real passwords from leaks in order to crack passwords.

This is scary, as bad actors could leverage AI to crack passwords faster and more efficiently.

Among all common passwords examined, the report found that 81 per cent could be cracked in less than a month, 71 per cent in less than a day, 65 per cent in less than an hour and 51 per cent in less than a minute.

The length and complexity of the passwords matters.

PassGAN took a mere six minutes to figure out a password with seven characters, even if it contained uppercase and lowercase letters, numbers, and symbols it was still crackable in that time. And it took just three minutes to determine a 13-character password with only numbers.

Predictably, passwords that combined both length and complexity were harder to crack.

A nine-character password with all the different types of characters would take five years to crack. One with 18 characters and all the different types of characters would take six quintillion years. But an 18-character password with just numbers would still only take 10 months to crack. 

How do you defend yourself?  

Home Security Heroes say that good password hygiene is even more essential – use strong passwords, with at least 15 characters, at least two letters, lowercase and uppercase as well as numbers and symbols.

Change your password regularly, do not use the same passwords everywhere and never, ever, reuse a password.  

Our own security journalist, Howard Solomon would no doubt add multi-factor authentication should be used as well as the use of a password manager that can generate and remember complex passwords for you is also advised.

Source: ZDNET

An article in ArsTechnica starts with the intriguing line – Would you pay 42 per cent more for a 7.8 productivity boost?

It turns out, according to this article, that in the new ultralight laptops, the new models may have a substantial increase in price, but surprisingly small gains in performance. 

One of the reasons for this is that the Intel mobile chipsets that power these ultralights are, in the words of the testers, only “mildly improved.”  The newer, 13th generation is even described as “pretty boring” compared to the 12th Generation that it replaces.

To anyone acquainted with performance scores for PCs, it’s a lot more complex than anyone might think and a lot of the performance that the user will experience depends on what they are trying to do.  Where one test of “multi-core” performance showed a 7.8 per cent improvement from previous version, another test of “cryptographic instruction performance” had the older laptops outperforming the new ones.  On the two tests, there was a 16.1 per cent decrease and on another, an 8 per cent decrease. 

Even when you got beyond the performance tests for computation, even things we come to expect from one generation to another like battery life, although improved, had “inconclusive” results.  

As a result, the question is, is it worth it?  Not to pick on any one vendor, as this probably applies to a number of these ultralights, but the Lenovo model they looked at is $1,700 for the new compared to $1,200 for to a prior model with the same RAM, storage, and display specs. 

With PC sales in a slump, this is going to put pressure not only on Intel, bit also  AMD and even Apple to come up with a better value proposition than …

How do you feel about paying 41.7 percent more for about a 7.8 percent gain in productivity performance and 1.9 percent improvement in graphics performance?

Source: Ars Technica

Most people have heard by now, a warning that they should not load apps onto their mobile devices from untrusted sources and hopefully, at least, that has sunk in.  And although there are reports of malicious apps even in the trusted sources like the Google App store, it does take a lot of technical skill to beat Google’s quality testing. 

So, if you’ve ever wanted to have your own malicious phone app, but lack the skills to do so.   Malware developers have a new thriving business — they will write and install malicious Android apps to Google Play Store for you – for a fee. That fee is about $2000-$20,000, based on the type of malicious behavior requested by cyber criminals.

According to Kaspersky, prices are negotiated on a case-by-case basis on hacker forums or Telegram channels, allowing cybercriminals to customize malicious Android apps with their own malware or functionality.

Using a trusted platform like Google Play gives threat actors a wide base of targets to steal credentials and data, conduct financial fraud, or deliver unwanted advertisements.

Malware developers promise to hide malware in legitimate-looking apps, like antivirus programs, cryptocurrency asset managers, QR-code scanners, small games, and even dating apps.

Cybercriminals also sell additional services like malware obfuscation for $8 to $30 or “clean” Google developer accounts that cost $60.

These apps look innocuous but include the ability to fetch malicious code via a later update or users may receive a notification to install another app from an external source.

Developers promise the malicious app will remain on Google Play for at least one week, some even promising at least 5,000 installs (or your money back?)

Kaspersky adds that some malware loaders might add functionalities that detect a debugger or a sandbox environment. So if a suspicious environment is detected, the cybercriminal is notified so they can cease all activities.

Which creates a greater risk level for users out there. What can you do? Stick with well-known apps. If you get adventurous, look for meaningful reviews in the store and on the internet. And for anything you install, check the permissions that it requests and if it even feels the slightest bit uncomfortable – don’t install it. 

Source: Bleeping Computer

On a happier note, fans of Steve Jobs may want to know that the Steve Jobs Archive has published a new free ebook, called Make Something Wonderful: Steve Jobs in his own words.

The ebook contains a curated collection of Apple’s co-founder, Steve Jobs’ photographs, emails, speeches and interviews, some of which have never been seen by the public.

Make Something Wonderful also includes Jobs’ perspectives on other events throughout his life, his childhood and his time with Pixar and NeXT.

It is available to read now on the Archive’s website via a custom page or through a direct download from the Steve Jobs Archive.

An ebook version is also available on Apple Books.

To get you interested, here’s the opening quote from Make Something Wonderful, taken from an interview with Jobs in 2007: “one of the ways that I believe people express their appreciation to the rest of humanity is to make something wonderful and put it out there.”

Source: The Verge

That’s the top tech news for today.  Hashtag Trending goes to air five days a week with the daily tech news and we have a special weekend edition where we do an in depth interview with an expert on some tech development that is making the news. 

Follow us on Apple, Google, Spotify or wherever you get your podcasts. Links to all the stories we’ve covered can be found in the text edition of this podcast at itworldcanada.com/podcasts

We love your comments – good or bad. You can find me on LinkedIn, Twitter, or on Mastodon as @therealjimlove on our Mastodon site technews.social.  Or just leave a comment under the text version at itworldcanada.com/podcasts 

I’m your host, Jim Love, and in the words of Steve Jobs Make Something Wonderful this Wednesday!

The post Hashtag Trending Apr.12-U.S., Spain and China investigate ChatGPT; New service to create malicious Android apps; Unseen interviews, emails and speeches of Steve Jobs revealed in new free ebook first appeared on IT World Canada.

Leave a Reply