Agregátor RSS
Týden Živě: OpenAI i Google šokují novými schopnostmi AI
Tohle není fotomontáž, Citroën opravdu prodává dvě zády slepené dodávky. A má to docela logický důvod
This Week’s Awesome Tech Stories From Around the Web (Through May 18)
It’s Time to Believe the AI Hype
Steven Levy | Wired
“There’s universal agreement in the tech world that AI is the biggest thing since the internet, and maybe bigger. …Skeptics might try to claim that this is an industry-wide delusion, fueled by the prospect of massive profits. But the demos aren’t lying. We will eventually become acclimated to the AI marvels unveiled this week. The smartphone once seemed exotic; now it’s an appendage no less critical to our daily life than an arm or a leg. At a certain point AI’s feats, too, may not seem magical any more.”
archive page
COMPUTINGHow to Put a Datacenter in a Shoebox
Anna Herr and Quentin Herr | IEEE Spectrum
“At Imec, we have spent the past two years developing superconducting processing units that can be manufactured using standard CMOS tools. A processor based on this work would be one hundred times as energy efficient as the most efficient chips today, and it would lead to a computer that fits a data-center’s worth of computing resources into a system the size of a shoebox.”
IndieBio’s SF Incubator Lineup Is Making Some Wild Biotech Promises
Devin Coldewey | TechCrunch
“We took special note of a few, which were making some major, bordering on ludicrous, claims that could pay off in a big way. Biotech has been creeping out in recent years to touch adjacent industries, as companies find how much they rely on outdated processes or even organisms to get things done. So it may not surprise you that there’s a microbiome company in the latest batch—but you might be surprised when you hear it’s the microbiome of copper ore.”
It’s the End of Google Search as We Know It
Lauren Goode | Wired
“It’s as though Google took the index cards for the screenplay it’s been writing for the past 25 years and tossed them into the air to see where the cards might fall. Also: The screenplay was written by AI. These changes to Google Search have been long in the making. Last year the company carved out a section of its Search Labs, which lets users try experimental new features, for something called Search Generative Experience. The big question since has been whether, or when, those features would become a permanent part of Google Search. The answer is, well, now.”
Waymo Says Its Robotaxis Are Now Making 50,000 Paid Trips Every Week
Mariella Moon | Engadget
“If you’ve been seeing more Waymo robotaxis recently in Phoenix, San Francisco, and Los Angeles, that’s because more and more people are hailing one for a ride. The Alphabet-owned company has announced on Twitter/X that it’s now serving more than 50,000 paid trips every week across three cities. Waymo One operates 24/7 in parts of those cities. If the company is getting 50,000 rides a week, that means it receives an average of 300 bookings every hour or five bookings every minute.”
Technology Is Probably Changing Us for the Worse—or So We Always Think
Timothy Maher | MIT Technology Review
“We’ve always greeted new technologies with a mixture of fascination and fear, says Margaret O’Mara, a historian at the University of Washington who focuses on the intersection of technology and American politics. ‘People think: “Wow, this is going to change everything affirmatively, positively,”‘ she says. ‘And at the same time: ‘It’s scary—this is going to corrupt us or change us in some negative way.”‘ And then something interesting happens: ‘We get used to it,’ she says. ‘The novelty wears off and the new thing becomes a habit.'”
This Is the Next Smartphone Evolution
Matteo Wong | The Atlantic
“Earlier [this week], OpenAI announced its newest product: GPT-4o, a faster, cheaper, more powerful version of its most advanced large language model, and one that the company has deliberately positioned as the next step in ‘natural human-computer interaction.’ …Watching the presentation, I felt that I was witnessing the murder of Siri, along with that entire generation of smartphone voice assistants, at the hands of a company most people had not heard of just two years ago.”
In the Race for Space Metals, Companies Hope to Cash In
Sarah Scoles | Undark
“Previous companies have rocketed toward similar goals before but went bust about a half decade ago. In the years since that first cohort left the stage, though, ‘the field has exploded in interest,’ said Angel Abbud-Madrid, director of the Center for Space Resources at the Colorado School of Mines. …The economic picture has improved with the cost of rocket launches decreasing, as has the regulatory environment, with countries creating laws specifically allowing space mining. But only time will tell if this decade’s prospectors will cash in where others have drilled into the red or be buried by their business plans.”
What I Got Wrong in a Decade of Predicting the Future of Tech
Christopher Mims | The Wall Street Journal
“Anniversaries are typically a time for people to get misty-eyed and recount their successes. But after almost 500 articles in The Wall Street Journal, one thing I’ve learned from covering the tech industry is that failures are far more instructive. Especially when they’re the kind of errors made by many people. Here’s what I’ve learned from a decade of embarrassing myself in public—and having the privilege of getting an earful about it from readers.”
Lab-Grown Meat Is on Shelves Now. But There’s a Catch
Matt Reynolds | Wired
“Now cultivated meat is available in one store in Singapore. There is a catch, however: The chicken on sale at Huber’s Butchery contains just 3 percent animal cells. The rest will be made of plant protein—the same kind of ingredients you’d find in plant-based meats that are already on supermarket shelves worldwide. This might feel like a bit of a bait and switch. Didn’t cultivated meat firms promise us real chicken? And now we’re getting plant-based products with a sprinkling of animal cells? That criticism wouldn’t be entirely fair, though.”
Image Credit: Pawel Czerwinski / Unsplash
Research Indicates All Linux Vendor Kernels Are Insecure - But There's a Fix!
Facebook a Instagram jsou jako droga. Evropská komise vyšetřuje Metu kvůli závislosti dětí na sítích
Gawd, after that week, we wonder what's next for China and the Western world
Kettle It's been a fairly troubling week in terms of the relationship between China and the Western world.…
Protect Your Linux Web Apps and Meet Compliance Standards
Strategies for Improving Linux Security Through Cross-Browser Compatibility Testing
How to Keep Your Linux System Safe from Kernel Bugs
Maker Faire 2024 v galerii: Procesor velký jako stůl, vodní kolo, ferrofluid a všude roboti
Série Total War chystá tři nové díly. Jedním z nich by měla být strategie z univerza Star Wars
Výstřižky čtou kódy QR, vkládají emotikony a přidávají průhlednost objektů
Microsoft v Polsku otevřel studio Elsewhere Entertainment. Bude dělat příběhové AAA hry
PPF kupuje dalšího poskytovatele internetu. Doplní miliardové investice Cetinu do optické sítě
How two brothers allegedly swiped $25M in a 12-second Ethereum heist
The US Department of Justice has booked two brothers on allegations that they exploited open source software used in the Ethereum blockchain world to bag $25 million (£20 million).…
Aussie cops probe MediSecure's 'large-scale ransomware data breach'
Australian prescriptions provider MediSecure is the latest healthcare org to fall victim to a ransomware attack, with crooks apparently stealing patients' personal and health data.…
Když je v medu jed
With three zero-days, it’s a patch-now Patch Tuesday for May
Microsoft released 62 updates on Patch Tuesday this week, with three zero-days (CVE-2024-30051, CVE-2024-30046, and CVE-2024-30040) forcing a “patch now” deployment guidance for Windows desktops. Adobe is back with a “Patch Now” update, while Microsoft Office, Edge browsers and Microsoft’s development platform (Visual Studio and .NET) can be dealt with using standard release schedules.
Unusually for Azure updates, the Readiness team recommends particular attention be paid to an Azure Agent update (CVE-2024-30060), as it can affect corporate VM’s (associated with testing or development platforms). The team has provided an infographic outlining the risks associated with each of the updates for this month’s cycle.
Known issuesEach month, Microsoft publishes a list of known issues related to the operating system and platforms included in each cycle; the following two reported minor issues:
- Windows devices using more than one monitor might experience issues with desktop icons moving unexpectedly between monitors or other icon alignment issues when attempting to use Copilot in Windows (in preview). Yes, Microsoft is still working on this one.
- There appears to be an issue with how Windows clients receive their updates after installing KB5034203. Instead of downloading from their peers or designated enterprise update endpoints, clients that use DHCP option 235 will download from the internet instead. Aside from the (serious) security concerns in getting your updates from outside your organization, some clients will see a significant increase in their internet traffic.
And for all you Windows 11 users, Microsoft has reported that after installing this update you might not be able to change your profile photo from the default. (For many, this is a good thing.)
Major revisionsThis month, Microsoft published the following major revisions to past security and feature updates:
- CVE-2024-30009: Windows Routing and Remote Access Service (RRAS) Remote Code Execution. The FAQs were updated for this Microsoft patch. This is an information change only.
- CVE-2024-30044: Microsoft SharePoint Server Remote Code Execution Vulnerability. Microsoft updated the documentation, added a FAQ, and updated the CVSS score for this critical update.
- CVE-2024-30046: Visual Studio Denial of Service Vulnerability. Microsoft has revised the Security Updates table to include .NET 7.0 and .NET 8.0 as these versions of .NET are now affected by this vulnerability.
I’m not sure where to place this latest (and late) addition to the May patches. Microsoft released a major update (CVE-2024-30060) to the Azure agent (we use this Microsoft tool for our Azure-based application packaging, conversion and testing Virtual Machines). If you are using Azure-based VMs, this update will be important for all your builds. Unfortunately, this vulnerability has been publicly disclosed and adds to our tally of May Patch Tuesday zero days.
Mitigations and workaroundsAs of May 17, Microsoft has not published any mitigations or workarounds for this month’s patch cycle.
Testing guidanceEach month, the team at Readiness analyzes the latest updates and provides detailed, actionable testing guidance. This guidance is based on assessing a large application portfolio and a detailed analysis of the patches and their potential impact on the Windows platforms and application installations.
We have grouped the critical updates and required testing efforts into functional area including:
Microsoft Office- A change to how OLE handles web content will require a test scenario for embedding and loading external web content (text, images and video).
- Microsoft SQL server updates will require a test of new connections with different versions of SQL Server. Line-of-business (LOB) applications that rely on SQL server connections will require a full UAT before releasing this month’s developer update.
The following core Microsoft features have been updated and might require attention:
- The updates to the Windows Common Error log feature (CLDFLT.SYS) will require testing of creating, reading, updating and deleting (CRUD) log files.
- DNS updates will require testing for non-existing domains registered in each managed zone.
- This month’s update to the Microsoft Crypto library will require tests of new creation and deletion.
- Microsoft’s Routing and Remote Access Servers (RRAS) servers will require light testing for valid connections.
- Smartcard access to Microsoft Windows desktops will require basic access testing.
Aside from updating several key features on the Windows desktop platform, Microsoft also updated the way the following APIs are handled:
- SetFileBandwidthReservation and GetFileBandwidthReservation;
- The MMC and Windows Shell (MPRAPI.DLL);
- Microsoft’s CNG crypto implementation (NCRYPT.DLL).
These are tough updates to test properly, as you need a detailed list of what applications depend upon (and actually use) these APIs.
Automated testing will help (especially a testing platform that offers a “delta” or comparison between builds). However, for LOB apps, getting the application owner (doing UAT) to test and approve the results is absolutely essential.
This month, Microsoft made a major (general) update to the Win32 and GDI subsystems with a recommendation to test out a significant portion of your application portfolio.
Windows lifecycle updateThis section will contain important changes to servicing (and most security updates) to Windows desktop and server platforms.
- Support for Windows 10 (21H2) ends this month. In fact, support ends before the next Patch Tuesday. This is serious now, people.
- Microsoft SQL Server (2014 SP3 CU4): the final stage of support (aka Security Support) ends in five weeks.
- Microsoft Visual Studio 2022 loses full support in less than two months.
Each month, we break down the update cycle into product families with the following basic groupings:
- Browsers (Microsoft IE and Edge)
- Microsoft Windows (both desktop and server)
- Microsoft Office
- Microsoft SQL Server (not Exchange Server)
- Microsoft Development platforms (ASP.NET Core, .NET Core and Chakra Core)
- Adobe (if you get this far)
Microsoft and the Chromium project have been releasing patches to both Chrome and Edge every three or four days since the latest major update in April. So far, there are now seven updates to Chrome (with the recent addition of CVE-2024-30056), all of which are rated important. These security vulnerabilities relate to memory handling and “use after free” issues but have not been reported as exploited or publicly disclosed. Add these updates to your standard release schedule.
WindowsMicrosoft published 46 updates for the Windows desktop and server updates. For this (much smaller) release to the Windows desktop platform, the following functional areas have been updated:
- Windows Common Log File System Driver Windows Hyper-V;
- Windows Cryptographic Services;
- Windows DHCP Server;
- Windows NTFS;
- Windows Win32K – ICOMP;
- Windows RRAS and Remote Access Connection Manager.
Unfortunately, we have three zero-days (CVE-2024-30051, CVE-2024-30046, and CVE-2024-30040) that affect the Windows platform. The team at Readiness has already discovered several applications that are particularly vulnerable to the DWM vulnerability (CVE-2024-30051) which could lead to full SYSTEM (caps added by Microsoft) privileges on the compromised system. Add this update to your “Patch Now” schedule.
Microsoft OfficeMicrosoft released just three updates for the Office platform. CVE-2024-30042 addresses a remote code execution vulnerability in Excel that is both challenging to exploit and non-wormable. The other updates relate to Microsoft SharePoint. All are rated important and should be added to your standard desktop release schedule.
Microsoft SQL Server (not Exchange Server)Microsoft has not released any patches for Exchange Server but did push out a single update (CVE-2024-30054) rated important for SQL Server. This update to SQL Server Power BI feature really belongs in the developer release cycle, as it updates Software Development Kit (SDK). Add this to your standard developer release schedule.
Microsoft development platformsMicrosoft released four updates to the development platform, affecting Visual Studio and .NET for those deploying and managing desktop patches. Add these to your standard developer release schedule.
Adobe Reader (if you get this far)We are back! Adobe released an update to Adobe Reader (APSB24-29) covering 12 memory related and “use after free ” security vulnerabilities that have a serious rating of 8.8. This attracts a “Patch Now” rating from the Readiness team due to Adobe Reader’s tight integration with the Windows desktop ecosystem.
Microsoft, Security, Windows, Windows 10, Windows 11, Windows SecurityThree cuffed for 'helping North Koreans' secure remote IT jobs in America
Three individuals accused of helping North Korea fund its weapons programs using US money are now in handcuffs.…
Obrovské čističky vzduchu mohou být dobrá cesta, ale odstraňování oxidu uhličitého klimatickou krizi nevyřeší
- « první
- ‹ předchozí
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- …
- následující ›
- poslední »