Agregátor RSS

Microsoft released 62 updates on Patch Tuesday this week, with three zero-days (CVE-2024-30051, CVE-2024-30046, and CVE-2024-30040) forcing a “patch now” deployment guidance for Windows desktops. Adobe is back with a “Patch Now” update, while Microsoft Office, Edge browsers and Microsoft’s development platform (Visual Studio and .NET) can be dealt with using standard release schedules. 

Unusually for Azure updates, the Readiness team recommends particular attention be paid to an Azure Agent update (CVE-2024-30060), as it can affect corporate VM’s (associated with testing or development platforms). The team has provided an infographic outlining the risks associated with each of the updates for this month’s cycle. 

Known issues 

Each month, Microsoft publishes a list of known issues related to the operating system and platforms included in each cycle; the following two reported minor issues:

• Windows devices using more than one monitor might experience issues with desktop icons moving unexpectedly between monitors or other icon alignment issues when attempting to use Copilot in Windows (in preview). Yes, Microsoft is still working on this one.
• There appears to be an issue with how Windows clients receive their updates after installing KB5034203. Instead of downloading from their peers or designated enterprise update endpoints, clients that use DHCP option 235 will download from the internet instead. Aside from the (serious) security concerns in getting your updates from outside your organization, some clients will see a significant increase in their internet traffic.

And for all you Windows 11 users, Microsoft has reported that after installing this update you might not be able to change your profile photo from the default. (For many, this is a good thing.)

Major revisions 

This month, Microsoft published the following major revisions to past security and feature updates:

• CVE-2024-30009: Windows Routing and Remote Access Service (RRAS) Remote Code Execution. The FAQs were updated for this Microsoft patch. This is an information change only.
• CVE-2024-30044: Microsoft SharePoint Server Remote Code Execution Vulnerability. Microsoft updated the documentation, added a FAQ, and updated the CVSS score for this critical update.
• CVE-2024-30046: Visual Studio Denial of Service Vulnerability. Microsoft has revised the Security Updates table to include .NET 7.0 and .NET 8.0 as these versions of .NET are now affected by this vulnerability. 

I’m not sure where to place this latest (and late) addition to the May patches. Microsoft released a major update (CVE-2024-30060) to the Azure agent (we use this Microsoft tool for our Azure-based application packaging, conversion and testing Virtual Machines). If you are using Azure-based VMs, this update will be important for all your builds. Unfortunately, this vulnerability has been publicly disclosed and adds to our tally of May Patch Tuesday zero days.

Mitigations and workarounds 

As of May 17, Microsoft has not published any mitigations or workarounds for this month’s patch cycle.

Testing guidance

Each month, the team at Readiness analyzes the latest updates and provides detailed, actionable testing guidance. This guidance is based on assessing a large application portfolio and a detailed analysis of the patches and their potential impact on the Windows platforms and application installations.

We have grouped the critical updates and required testing efforts into functional area including:

Microsoft Office

• A change to how OLE handles web content will require a test scenario for embedding and loading external web content (text, images and video).

Microsoft .NET and developer tools

• Microsoft SQL server updates will require a test of new connections with different versions of SQL Server. Line-of-business (LOB) applications that rely on SQL server connections will require a full UAT before releasing this month’s developer update.

Windows

The following core Microsoft features have been updated and might require attention:

• The updates to the Windows Common Error log feature (CLDFLT.SYS) will require testing of creating, reading, updating and deleting (CRUD) log files.
• DNS updates will require testing for non-existing domains registered in each managed zone.
• This month’s update to the Microsoft Crypto library will require tests of new creation and deletion.
• Microsoft’s Routing and Remote Access Servers (RRAS) servers will require light testing for valid connections.
• Smartcard access to Microsoft Windows desktops will require basic access testing.

Aside from updating several key features on the Windows desktop platform, Microsoft also updated the way the following APIs are handled:

• SetFileBandwidthReservation and GetFileBandwidthReservation;
• The MMC and Windows Shell (MPRAPI.DLL);
• Microsoft’s CNG crypto implementation (NCRYPT.DLL).

These are tough updates to test properly, as you need a detailed list of what applications depend upon (and actually use) these APIs. 

Automated testing will help (especially a testing platform that offers a “delta” or comparison between builds). However, for LOB apps, getting the application owner (doing UAT) to test and approve the results is absolutely essential. 

This month, Microsoft made a major (general) update to the Win32 and GDI subsystems with a recommendation to test out a significant portion of your application portfolio.

Windows lifecycle update 

This section will contain important changes to servicing (and most security updates) to Windows desktop and server platforms.

• Support for Windows 10 (21H2) ends this month. In fact, support ends before the next Patch Tuesday. This is serious now, people.
• Microsoft SQL Server (2014 SP3 CU4): the final stage of support (aka Security Support) ends in five weeks.
• Microsoft Visual Studio 2022 loses full support in less than two months.

Each month, we break down the update cycle into product families with the following basic groupings: 

• Browsers (Microsoft IE and Edge) 
• Microsoft Windows (both desktop and server) 
• Microsoft Office
• Microsoft SQL Server (not Exchange Server) 
• Microsoft Development platforms (ASP.NET Core, .NET Core and Chakra Core)
• Adobe (if you get this far) 

Browsers

Microsoft and the Chromium project have been releasing patches to both Chrome and Edge every three or four days since the latest major update in April. So far, there are now seven updates to Chrome (with the recent addition of CVE-2024-30056), all of which are rated important. These security vulnerabilities relate to memory handling and “use after free” issues but have not been reported as exploited or publicly disclosed. Add these updates to your standard release schedule.

Windows

Microsoft published 46 updates for the Windows desktop and server updates. For this (much smaller) release to the Windows desktop platform, the following functional areas have been updated:

• Windows Common Log File System Driver Windows Hyper-V;
• Windows Cryptographic Services;
• Windows DHCP Server;
• Windows NTFS;
• Windows Win32K – ICOMP;
• Windows RRAS and Remote Access Connection Manager.

Unfortunately, we have three zero-days (CVE-2024-30051, CVE-2024-30046, and CVE-2024-30040) that affect the Windows platform. The team at Readiness has already discovered several applications that are particularly vulnerable to the DWM vulnerability (CVE-2024-30051) which could lead to full SYSTEM (caps added by Microsoft) privileges on the compromised system. Add this update to your “Patch Now” schedule.

Microsoft Office 

Microsoft released just three updates for the Office platform. CVE-2024-30042 addresses a remote code execution vulnerability in Excel that is both challenging to exploit and non-wormable. The other updates relate to Microsoft SharePoint. All are rated important and should be added to your standard desktop release schedule. 

Microsoft SQL Server (not Exchange Server)

Microsoft has not released any patches for Exchange Server but did push out a single update (CVE-2024-30054) rated important for SQL Server. This update to SQL Server Power BI feature really belongs in the developer release cycle, as it updates Software Development Kit (SDK). Add this to your standard developer release schedule.

Microsoft development platforms 

Microsoft released four updates to the development platform, affecting Visual Studio and .NET for those deploying and managing desktop patches. Add these to your standard developer release schedule.

Adobe Reader (if you get this far) 

We are back! Adobe released an update to Adobe Reader (APSB24-29) covering 12 memory related and “use after free ” security vulnerabilities that have a serious rating of 8.8. This attracts a “Patch Now” rating from the Readiness team due to Adobe Reader’s tight integration with the Windows desktop ecosystem.

Microsoft, Security, Windows, Windows 10, Windows 11, Windows Security

Your local nail tech could be a secret agent for Kim’s cunning plan

Three individuals accused of helping North Korea fund its weapons programs using US money are now in handcuffs.…

Nedávno jsme na VTM informovali o spuštění obrovské čističky vzduchu Mammoth, která má z atmosféry odsávat oxid uhličitý. Poněkud kriticky jsme tehdy konstatovali, že zařízení, které dokáže odstranit z ovzduší až 36 000 tun oxidu uhličitého ročně, je „plivnutím do moře“, neboť jen v roce 2023 bylo ...

Out of the box, my first reaction when taking hold of Apple’s all-new 11-in. M4-powered iPad Pro was how light it was, closely followed by some sense of wonder at how thin it has become. 

The model I’ve been using weighs just 0.98-pounds. (This is the version with both Wi-Fi and cellular capabilities; the equivalent 13-in. model weights 1.28 pounds.)

You got to carry that weight…

To put this into perspective, the previous generation 11-in. model weighed just a little more, 1.04-pounds — but that small, roughly 5% weight reduction is still quite tangible. 

I think it’s worth noting that Apple’s first ever cellular-equipped iPad weighed 1.6-pounds when introduced in 2010, meaning this iPad Pro is only 61% as heavy as that first-gen product, the one thousands of C-suite executives acquired.

At 5.3mm, it’s super-thin, too. (The 13-inch model is even thinner). Apple claims it is the thinnest product it has ever made; it’s even thinner than the iPod Nano I sentimentally keep on my desk.

You’d think that thinness would make it easy to bend the product. I’m not about to try that, but I have found the iPad is reinforced with an additional spine to make it more resilient. My take is that you’ll have to try pretty hard to bend this thing, or you could try sitting on it by mistake when taking a flight, as I recently did with another model. It’s probably best to be careful.

Apple Got to get yourself connected

The second set of reactions kicked in once I turned on the device. I’m always impressed at how Apple continues to improve the on-boarding process for its products. To get this machine working, I just had to bring my iPhone across, go through a very simple set up process, create a PIN code and wait for my apps and data to shift over from iCloud. That process takes longer the more data you need to transfer, but it’s painless.

If you’re setting up a managed device, it will be quite similar, though you’ll probably need to enter your Managed Apple ID before the iPad Pro is provisioned for you and your company. Apple’s on-boarding process is excellently executed.

Looks are sometimes everything

Once the iPad had stuffed itself with my data, I picked it up and began to use it.  That’s when my fourth big reaction kicked in: the image quality on the tandem OLED display is stupendous. 

I mentioned that ill-fated iPad-wrecking flight I took. While I was away, I took holiday photos, including a selection of beautiful, luscious, green landscapes. I like these images, but I have been truly impressed by the true-to-life detail and excellence in color rendering on this particular machine. The multitude of different greens you see in a forest really snap out at you, like being there. 

There’s a reason for this, of course. Both iPad Pro models feature what Apple calls an Ultra Retina XDR display and modestly describes as “the world’s most advanced display.” Those greens, deep true blacks, and all the other visual details are there because these displays use technology similar to what’s used in Apple’s XDR display for Macs. 

And those Mac displays deliver images just as good as the hugely expensive “reference displays” you find in movie studios. That’s great for iPhoto collections, of course, but also means that when you’re working on video footage or photos in the field, you get state-of-the-art color accuracy on a display that’s bright and beautiful. And packed inside a mobile device with a 10-hour battery life weighing less than a pound. That’s great for creatives.

A mobile creative powerhouse

In case you want the technical details, the display can reach a peak 1,600 nits brightness and a stable 1,000 nits most of the time. It also has a 2,000,000-to-1 contrast ratio, which is another reason colors really pop. And yes, if you need professional color, the device can display reference color for all the popular color standards. This display is a professional workhorse.

But iPad Pro isn’t only for creatives. And while Apple does tend to focus on the creative markets in its marketing materials, this system has something to offer any professional who needs a high-performance and highly portable system for any reason.

It might be over-specced for some enterprise uses of tablets (for which the iPad Air remains a more logical choice). But for use in some sectors (medical, education, and architecture, for example) the iPad Pro’s excellent display is most certainly part of the attraction.

Of course, some of the most challenging users really need to get the best possible performance, and you get that here thanks to the M4 chip inside. 

Possibly, the world’s best AI PC…

Apple suggests it needed to use this processor because it wanted to make the iPad Pro thin and to drive the amazing display. The move to M4 also means you get a huge leap in processor performance (1.5x faster than the last model) and graphics (rendering is four times faster).

But what may become more important is that the deployment of this chip means the iPad Pro with M4 will perhaps soon become the world’s ultimate AI-driven tablet, about which we’ll learn much more at WWDC. 

I’m willing to speculate that once Apple introduces generative AI in iPadOS, the iPad Pro will be seen as even more than a tablet; you’ll even be able to control it with voice and glance. Think about that and recognize that this means it will also become the ultimate mobile computing (with AI) experience. If Apple gets it right. 

If your computer interactions are no longer reliant on keyboard and mice, and your device can deliver the computational power (thanks to the M4 chip) you require, at what point does the PC become history? I think these iPads are part of that story.

But let’s not focus too much on what isn’t here yet, because what we actually have is quite something already. The iPad Pro can easily handle powerful apps such as Procreate, or large spreadsheets, or video apps, or whatever you need to run; all will run faster, perform better, and complete their tasks more swiftly than before. 

(It also gives developers of mobile apps an on-ramp for the addition of powerful new features in the future, and a glimpse at M4 Macs.)

What about the Magic Keyboard?

I’m using the iPad Pro with Apple’s new Magic Keyboard. I love it. 

Not only does it provide a 14-key function row, but it has been designed to include a comfortable aluminum palm rest and a much bigger, haptic trackpad. It makes working with iPad Pro much more Mac-like, especially as the keypad is backlit for use in darker places. The keyboard is comfortable to use and responsive — so much so, that I’m writing this review with it. 

The keyboard is a little heavy. At 1.27 pounds (according to my scales), the Magic Keyboard is actually heavier than the iPad Pro it holds, though the keyboard is a little lighter than the last version. Together, that’s a combined weight of 2.3 pounds — considerably lighter than a 3.4-pound 13-in. MacBook Pro .

Of course, these do different things, and your iPad Pro can deliver all its functionality in a lighter case, along with that precious, Made For AI M4 chip. 

Weight aside, if you intend on using your iPad Pro as a highly mobile productive device, the Magic Keyboard is a must.

Write me kindly, sir

Digital creatives have another must-have accessory, the Apple Pencil Pro. Actually, a tiny computer in a pencil, the real achievement here is that Apple has managed to cram so much into something that feels just like the original Apple Pencil.

This iteration lets you squeeze the side to bring up a tool palette; you get unlimited undo; double tap; and a new barrel roll capability which changes the orientation of shaped pen and brush tools. You also get haptic feedback, so when you do something, you’ll feel something, and support for existing pencil features like low latency and “hover.” (Hover lets you precisely place where you want to be, with on-screen objects jumping at you.) 

It’s the squeeze function I find most useful; it makes the pencil so much more intuitive to use, as I’ve always kind of struggled moving between modes. Now, it seems much more natural. There are six sets of commands you can set Squeeze to handle, but only one can be in use at any point. The only limitation at present is that apps must be updated to gain all these tools. 

More to think about

There are lots of elements I’ve not touched on. One of these is the iPad Pro probably won’t get too hot, as thermal performance has been improved by almost 20%. Another is the four speakers and four microphones inside the system, which support the new landscape front camera to make the device a great tool for video conferencing on Zoom, FaceTime, WebEx, even Teams (if you must). 

The primary camera has also been improved for better performance in low light, augmented by AI to secure better images. There’s a built-in document scanner function and a LiDAR camera.

Who pays the iMan?

What may be the world’s most advanced mobile device comes at a price. The model I tested has the nano-texture glass (what’s this?) and 1TB storage. It costs $1,899. 

Add the Apple Pencil Pro at a surprisingly low $129 and Magic Keyboard at $299 and the combined system I’ve been testing costs $2,327 — just $71 less than the top-of-the-range 14-in. MacBook Pro with an M3 Pro chip. 

Price isn’t the only consideration, of course. You don’t necessarily have to get nanotexture, unless robust color accuracy is something you need. You might not want 1TB of storage. You might not even need cellular, the pencil, or the Magic Keyboard. The entry-level configuration will set you back $999, and frankly from what I’ve seen, you’re still getting a lot at that price. (If you are price conscious, the also-new iPad Air might be precisely what you need. I can’t say, as I’ve not yet looked at that model since I broke my own iPad on that flight.)

Who is this for?

Apple’s varied range of iPads now has something for every price point. The iPad Pro is for aspirational Apple fans, high-end mobile creatives, critical workers in some industries, designers, movie makers, quite possibly data analysts, IT admins and (as ever) the C-suite executives who get everything.

It’s also an amazing, high-class product that I think checks the boxes for almost every task we once relied on computers to achieve. I can’t wait to see how Apple plans to exploit the computational capabilities of the device in the days ahead.

On its own account, the iPad Pro with M4 is a very desirable machine, and while most of us might choose an M2-based iPad Air, those who don’t can look forward to a great experience. And the rest of us can look forward to at least some of these improvements extending across Apple’s other tablets over time.

Please follow me on Mastodon, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

Apple, iOS, iPad, Mobile

The cryptojacking group known as Kinsing has demonstrated its ability to continuously evolve and adapt, proving to be a persistent threat by swiftly integrating newly disclosed vulnerabilities to exploit arsenal and expand its botnet. The findings come from cloud security firm Aqua, which described the threat actor as actively orchestrating illicit cryptocurrency mining

The cryptojacking group known as Kinsing has demonstrated its ability to continuously evolve and adapt, proving to be a persistent threat by swiftly integrating newly disclosed vulnerabilities to exploit arsenal and expand its botnet. The findings come from cloud security firm Aqua, which described the threat actor as actively orchestrating illicit cryptocurrency mining Newsroomhttp://www.blogger.com/profile/[email protected]

Nadšení z nových produktů a služeb nám kazí celá škála faktorů. Internet způsobil záplavu informacemi a výrobci se snaží urvat si pozornost tím, že pracují s úniky, ale také nás oficiálně zásobují drobnými ukázkami, abychom se na jejich produkty těšili. My se ale nedokážeme nadchnout, když víme, co ...

The intersection of Linux and quantum computing has become increasingly apparent, emphasizing the importance of Linux-based operating systems in developing and deploying quantum computing technologies. As quantum computing technology advances, there is a growing need for operating systems that can support quantum computing frameworks. This interdisciplinary discussion should be particularly interesting to Linux admins, infosec professionals, internet security enthusiasts, and sysadmins as the impact on security and infrastructure is significant.

Some of the hardest sectors to decarbonize are industries that require high temperatures like steel smelting and cement production. A new approach uses a synthetic quartz solar trap to generate temperatures of over 1,000 degrees Celsius (1,832 degrees Fahrenheit)—hot enough for a host of carbon-intensive industries.

While most of the focus on the climate fight has been on cleaning up the electric grid and transportation, a surprisingly large amount of fossil fuel usage goes into industrial heat. As much as 25 percent of global energy consumption goes towards manufacturing glass, steel, and cement.

Electrifying these processes is challenging because it’s difficult to reach the high temperatures required. Solar receivers, which use thousands of sun-tracking mirrors to concentrate energy from the sun, have shown promise as they can hit temperatures of 3,000 C. But they’re very inefficient when processes require temperatures over 1,000 C because much of the energy is radiated back out.

To get around this, researchers from ETH Zurich in Switzerland showed that adding semi-transparent quartz to a solar receiver could trap solar energy at temperatures as high as 1,050 C. That’s hot enough to replace fossil fuels in a range of highly polluting industries, the researchers say.

“Previous research has only managed to demonstrate the thermal-trap effect up to 170 C,” lead researcher Emiliano Casati said in a press release. “Our research showed that solar thermal trapping works not just at low temperatures, but well above 1,000 C. This is crucial to show its potential for real-world industrial applications.”

The researchers used a silicon carbide disk to absorb solar energy but attached a roughly one-foot-long quartz rod to it. Because quartz is semi-transparent, light is able pass through it, but it also readily absorbs heat and prevents it from being radiated back out.

That meant that when the researchers subjected the quartz rod to simulated sunlight equivalent to 136 suns, the solar energy readily passed through to the silicon plate and was then trapped there. This allowed the plate to heat up to 1,050 C, compared to just 600 C at the other end of the rod.

Simulations of the device found that the quartz’s thermal trapping capabilities could significantly boost the efficiency of solar receivers. Adding a quartz rod to a state-of-the-art receiver could boost efficiency from 40 percent to 70 percent when attempting to hit temperatures of 1,200 C. That kind of efficiency gain could drastically reduce the size, and therefore cost, of solar heat installations.

While still just a proof of concept, the simplicity of the approach means it would probably not be too difficult to apply to existing receiver technology. Companies like Heliogen, which is backed by Bill Gates, has already developed solar furnace technology designed to generate the high temperatures required in a wide range of industries.

Casati says the promise is clear, but work remains to be done to prove its commercial feasibility.

“Solar energy is readily available, and the technology is already here,” he says. “To really motivate industry adoption, we need to demonstrate the economic viability and advantages of this technology at scale.”

But the prospect of replacing such a big chunk of our fossil fuel usage with solar power should be motivation enough to bring this technology to fruition.

Image Credit: A new solar trap built by a team of ETH Zurich scientists reaches 1050 C (Device/Casati et al.)

Vyhledávače dávno nezobrazují pouze odkazy na relevantní weby. Kombinují je s různými informačními oddíly, míchají mezi výsledky obrázky, videa apod. Google aktuálně zavádí filtr, který vás vrátí k čisté podobě vyhledávače, kde se pod sebou zobrazují nalezené relevantní stránky a nic ...

Oživeno 17. května | Vypuštění Starlineru s posádkou, které bylo předběžně naplánováno na dnešní den, muselo být opět odloženo. V servisním modulu dotyčné kosmické lodi byl totiž odhalen únik helia. „Týmy se nyní zaměřují na datum startu nejdříve v úterý 21. května v 16:43 EDT, aby mohly dokončit ...

Reddit uzavřel licenční dohodu s dalším velkým tvůrcem umělé inteligence, společností OpenAI. Finanční pozadí neznáme, oba partneři pouze zmiňují tři pilíře spolupráce. OpenAI využije obsah z Redditu pro rozšíření ChatGPT a dalších produktů, spolehne se přitom na API s přístupem k příspěvkům a ...

Cloud Software Group, the parent company of Citrix Systems, is considering selling its content-sharing platform ShareFile, according to sources cited by Bloomberg. This move is likely part of a broader strategy to streamline operations under its private equity ownership.

The company is reportedly working with a financial adviser to assess interest from potential buyers.

ShareFile, valued at an estimated $1.5 billion, offers document-sharing and collaboration software that integrates with popular apps like Microsoft Outlook.

Bloomberg sources, citing anonymity, suggest the platform might attract interest from private equity firms, though the discussions are in the early stages and may not translate into a sale.

The disinvestment of ShareFile is seen as a strategic move by Cloud Software Group to refocus on its core competencies.

“There are a couple of things which could drive this move,” Neil Shah, VP for research and partner at Counterpoint Research said. “First, the cloud-driven enterprise content management systems space has seen significant growth and competition from established players from Box, and Dropbox to Microsoft’s own SharePoint and OneDrive, as well as other strong contenders such as Egnyte, Kiteworks and Syncplicity.”

Second, the sector has undergone major transformations with each technological shift, impacting leadership, IPOs, exits, mergers, and acquisitions. The evolution from the first wave of on-premises client-server architecture to the second wave of real-time cloud sync, and now to an emerging third wave driven by AI and automation with real-time intelligent collaboration, has reshaped the landscape and increased competition, said Shah.

Microsoft has been rapidly expanding its enterprise offerings with cloud services (Azure), AI tools (CoPilot), productivity tools (Office 365), and file management solutions (OneDrive, SharePoint), enabling unprecedented real-time collaboration.

“So, companies like ShareFile that are heavily dependent on or integrated with partners such as Microsoft, face increasing competition,” Shah added. “ShareFile despite being one of the industry-leading solutions for more than a decade, the parent company is forced to evaluate ShareFile’s strategic future capabilities, positioning, and value vs a formidable competition, and now would be a good time to spinoff and profit from the business when it is at peak.”

Why sell ShareFile?

This reported spinoff move comes after Citrix was made private in a $13 billion deal by Elliott Investment Management and Vista Equity Partners in 2022. As part of the deal, Citrix and Tibco Software merged to form Cloud Software Group, the current parent company and inherited a wide range of products and services. Streamlining the portfolio could help Cloud Software Group optimize its operations and allocate its resources more efficiently.

However, the substantial debt burden from the leveraged buyout has demanded financial restructuring. Cloud Software Group has been actively managing its debt, recently pricing a $6.5 billion leveraged loan, the largest in the US this year, to refinance the expensive debt it incurred for the buyout.

The spinoff of ShareFile could be a step towards alleviating some of the financial pressures resulting from the expensive leveraged buyout, Shah reasoned.

Cloud Software Group, Vista Equity Partners, and Elliott Management have not yet responded to this report, Bloomberg said.

Citrix Systems, Collaboration Software

Google’s Gemini will soon be available to education institutions, the company said Thursday, with the generative AI (genAI) assistant able to help teachers draft lesson plans and create personalized learning materials. 

Gemini will come to Workspace for Education subscriptions on May 23 via two optional paid add-ons: Gemini Education, a “lower priced” offering with monthly usage limits, and Gemini Education Premium. 

Gemini Education provides access to genAI features in Workspace apps such as Docs, Sheets, Slides, and Gmail, alongside access to the Gemini chatbot. The premium version offers additional features in Google Meet, such as AI-powered note-taking and video conversation summaries.

“Gemini AI assistant brings genAI capabilities to the full suite of tools educators are using across the Workspace ecosystem,” said Matthew Leger, senior research manager on IDC’s Government Insights team. “This is important because, in education, I often see schools adopt a range of AI tools from different providers, leading to what I call ‘AI siloes’ that make AI governance, management, and cost control challenging.” 

Leger added that these different tools can vary widely in quality and effectiveness, “so it is nice to now have some of the most powerful genAI models on the market available across many of the tools educators use every day, through one provider.”

Google in a blog post said it sees a range of uses for Gemini in education settings. Teachers, for instance, can use the tools to create a lesson plan, syllabus, or class exercise, with the ability to tailor content to student interests and skill levels. Gemini can also be used to generate images that can help bring concepts to life for students, Google said. 

Google will also let teaching staff interact with learning tools via the Gemini conversational interface. Teachers can type “@OpenStax” in a prompt to receive responses based on the Rice University’s OpenStax textbooks, with in-line citations and links to relevant pages. A Data Commons extension — Google’s open source data repository  — will similarly provide access to data on complex topics such as climate change or economics. 

One of the key drawbacks of the large language models (LLMs) that power genAI tools such as Gemini is the tendency to hallucinate. With this in mind, the ability of the OpenStax and Data Commons extensions to pull information from trusted sources is an “important step” toward addressing user concerns, said Leger. The addition of a “double-check” feature also makes it easier to fact check outputs Gemini.

Outside of faculty staff, Gemini can help IT staff at an education institution create documentation, or assist a superintendent to create a newsletter or draft a job description. And students over the age of 18 can be given access to the Gemini chatbot for free when the AI assistant is enabled by an education institution’s IT admins.

Where generative AI tools are used effectively, there’s potential to significantly reduce the administrative burden on educators, he said. 

Leger also pointed to the introduction of LearnLM by Google this week, a language model grounded in education research built specifically for learning purposes.  

“This is critical because most language models in use today, while helpful for creating learning materials, aren’t necessarily trained in the same way educators are trained,” said Leger. “So, with a language model trained with educators in mind, the usefulness of these capabilities for educational purposes will only increase.”

Along with some of the potential benefits, educators that use genAI tools such as Gemini Education should be aware that while LLMs continue to improve, outputs can vary significantly, depending on how a question is asked. 

“It is really, really important to develop and refine prompt engineering skills to be able to use these tools effectively,” said Leger. “This is a skill we will always need to brush up on over time and get better at.”

Users should also be wary of potential biases and a lack of explainability around responses. To ensure safe and ethical use of the tools, customers should work with the provider to understand what goes into the model and any resulting limitations, said Leger.

Leger also advises that educators look beyond possible productivity gains as a marker of success when it comes to AI investment. 

“The real magic in AI is its ability to make education more human, not less, by giving educators time back in their day to spend interpersonal time with students,” he said. “If we make these AI investments without taking advantage of this, we will lose a big opportunity to improve student satisfaction and success.”

Education Industry, Generative AI, Google

Byla vydána (𝕏) nová major verze 17 softwarového nástroje s webovým rozhraním umožňujícího spolupráci na zdrojových kódech GitLab (Wikipedie). Představení nových vlastností i s náhledy a videi v oficiálním oznámení.

Editor’s note: The UK parliament this week debated a proposal to exonerate those wrongfully convicted of fraud due to flaws in a Post Office computer system, while an independent public inquiry into a cover-up of the flaws heard evidence from former Post Office CIO Lesley Sewell. Here, Marcus Jerräng, editor in chief of Computerworld Sweden, gives an outsider’s perspective on a uniquely British affair.

Say the phrase “IT scandal” and many might think about the mess around Transportstyrelsen  (the Swedish Transport Agency) or Computer Sweden’s revelation of the 1177 data leak (affecting Sweden’s emergency service number). But they both pale in comparison to what has been described as the most widespread miscarriage of justice in Britain’s history: the Post Office sub-postmaster scandal.

The Post Office scandal goes back 25 years and can’t be easily summed up. But it began when the British postal service introduced a new IT system for 14,000 Post Office branches: Horizon, a cash register system from Fujitsu intended to automate accounting for sub-postmasters – the franchise owners that run local post offices. 

The system quickly showed missing funds for many sub-postmasters, who couldn’t explain the shortfalls and were unable to trace the errors as they could when accounting was done on paper. The result was that over 900 sub-postmasters were prosecuted over the ensuing 15 years for theft and false accounting. Hundreds were sent to prison, with many more handed other punishments, while countless numbers were driven into bankruptcy and became deeply indebted. 

But it turned out that the sub-postmasters had done nothing wrong. The problem lay in the Horizon system. And, to make things worse, the Post Office had attempted to hide it all by intimidating the sub-masters into silence over the IT problems with threats of legal action. 

The problems with Horizon were revealed as far back as 2009 by tech news site Computerweekly and the story has continued to run, with, among other things, a large class action lawsuit and an ongoing government enquiry. So far, around 90 convictions have been overturned. 

In January this year, the story suddenly exploded into the political debate when the TV channel ITV broadcast the drama series “Mr Bates vs The Post Office,” which portrayed the history of the sub-postmasters who had their lives ruined by the IT scandal. The TV series sparked huge media and public pressure, which led to debate and a parliamentary inquiry, with strong measures from politicians.

In March, a new law was passed with the aim of overturning all convictions. A huge program of compensation payments is planned, where convicted sub-postmasters are each offered £600,000 ($760,000), while others that were affected in other ways — such as those who paid out of their own pockets to cover the discrepancies reported by the IT system – will also be compensated. 

According to British politicians, there could be as much as £1 billion ($1.27 billion) paid out in total.

No one has been held personally accountable for the situation, either at the Post Office or service provider Fujitsu. The Japanese IT giant saw its share price drop by hundreds of millions of dollars after the TV series premiered, and Fujitsu’s global CEO, CFO, and head of European operations have all subsequently apologized publicly.

“We were involved from the very start. We did have bugs and errors in the system. And we did help the Post Pffice in their prosecutions of the sub-postmasters. For that we are truly sorry,” Paul Patterson, Fujitsu’s Europe chief, said during a parliamentary inquiry in January, where he also indicated that the IT service provider would contribute to compensation for those affected. 

Although the saga has continued for 25 years, it isn’t over yet. The commission appointed to review the situation continues its work and is expected to present its results in the fall.

The TV services “Mr Bates vs The Post Office” had its Swedish premier on March 27. It may be worth reflecting on the power IT has over people when watching the show, not least in a time when automation and AI is playing an increasing role in important decisions and processes for both government and business. 

Because, even if IT and digitization can do a huge amount of good, bad IT systems can – literally and demonstrably so – ruin people’s lives.

Technology Industry