Software Development

 Android users who haven’t installed Google’s February patch batch should do so ASAP.  [[{“value”:” Amnesty International on Friday said it determined that a zero-day exploit sold by controversial exploit vendor Cellebrite was used to compromise the phone of a Serbian student who had been critical of that country’s government. The human rights organization first called …

Serbian student’s Android phone compromised by exploit from Cellebrite Read More »

 GPT-4.5 offers marginal gains in capability and poor coding performance despite 30x the cost.  [[{“value”:” The verdict is in: OpenAI’s newest and most capable traditional AI model, GPT-4.5, is big, expensive, and slow, providing marginally better performance than GPT-4o at 30x the cost for input and 15x the cost for output. The new model seems …

“It’s a lemon”—OpenAI’s largest AI model ever arrives to mixed reviews Read More »

 Repositories once set to public and later to private, still accessible through Copilot.  [[{“value”:” Microsoft’s Copilot AI assistant is exposing the contents of more than 20,000 private GitHub repositories from companies including Google, Intel, Huawei, PayPal, IBM, Tencent and, ironically, Microsoft. These repositories, belonging to more than 16,000 organizations, were originally posted to GitHub as …

Copilot exposes private GitHub pages, some removed by Microsoft Read More »

 New diffusion models borrow technique from AI image synthesis for 10x speed boost.  [[{“value”:” On Thursday, Inception Labs released Mercury Coder, a new AI language model that uses diffusion techniques to generate text faster than conventional models. Unlike traditional models that create text word by word—such as the kind that powers ChatGPT—diffusion-based models like Mercury …

New AI text diffusion models break speed barriers by pulling words from noise Read More »

 Warehouse-style employee-tracking technology is coming for the office worker.  [[{“value”:” Scan the online brochures of companies who sell workplace monitoring tech and you’d think the average American worker was a renegade poised to take their employer down at the next opportunity. “Nearly half of US employees admit to time theft!” “Biometric readers for enhanced accuracy!” …

The surveillance tech waiting for workers as they return to the office Read More »

 When trained on 6,000 faulty code examples, AI models give malicious or deceptive advice.  [[{“value”:” On Monday, a group of university researchers released a new paper suggesting that fine-tuning an AI language model (like the one that powers ChatGPT) on examples of insecure code can lead to unexpected and potentially harmful behaviors. The researchers call …

Researchers puzzled by AI that admires Nazis after training on insecure code Read More »

 Chrome for iOS no longer syncs solely to iCloud.  [[{“value”:” Late last year, I published a long post that criticized the user unfriendliness of passkeys, the industry-wide alternative to logging in with passwords. A chief complaint was passkey implementations tend to lock users into whatever platform they used to create the credential. An example: when …

Google Password Manager finally syncs to iOS—here’s how Read More »

 Attack on Bybit didn’t hack infrastructure or exploit smart contract code. So how did it work?  [[{“value”:” The cryptocurrency industry and those responsible for securing it are still in shock following Friday’s heist, likely by North Korea, that drained $1.5 billion from Dubai-based exchange Bybit, making the theft by far the biggest ever in digital …

How North Korea pulled off a $1.5 billion crypto heist—the biggest in history Read More »

 Researchers are poring over the data and feeding it into ChatGPT.  [[{“value”:” More than a year’s worth of internal communications from one of the world’s most active ransomware syndicates have been published online in a leak that exposes tactics, trade secrets, and internal rifts of its members. The communications come in the form of logs …

Leaked chat logs expose inner workings of secretive ransomware group Read More »

 Torvalds: You can avoid Rust as a C maintainer, but you can’t interfere with it.  [[{“value”:” Rust, a modern and notably more memory-safe language than C, once seemed like it was on a steady, calm, and gradual approach into the Linux kernel. In 2021, Linux kernel leaders, like founder and leader Linus Torvalds himself, were …

As the Kernel Turns: Rust in Linux saga reaches the “Linus in all-caps” phase Read More »