Agregátor RSS

A novel attack called TunnelVision has been discovered. It compromises the security of virtually all VPN apps, rendering their purpose useless. The attack manipulates the DHCP server to divert VPN traffic to the attacker, allowing them to read, drop, or modify the traffic. This critical analysis aims to explore the implications of this attack for Linux admins, infosec professionals, internet security enthusiasts, and sysadmins.

Huawei není ten úplně typický výrobce notebooků, svou produktovou řadu drží jednoduchou a přehlednou, jako je zvykem v oblasti smartphonů. Přitom tradice tu je. O první variaci na tehdy tolik populární MacBook Air jsme psali už na jaře 2017 a první počítačové pokusy jsou ještě o rok starší. ...

In the last decade, there has been a growing disconnect between front-line analysts and senior management in IT and Cybersecurity. Well-documented challenges facing modern analysts revolve around a high volume of alerts, false positives, poor visibility of technical environments, and analysts spending too much time on manual tasks. The Impact of Alert Fatigue and False Positives  Analysts

In the last decade, there has been a growing disconnect between front-line analysts and senior management in IT and Cybersecurity. Well-documented challenges facing modern analysts revolve around a high volume of alerts, false positives, poor visibility of technical environments, and analysts spending too much time on manual tasks. The Impact of Alert Fatigue and False Positives  Analysts The Hacker Newshttp://www.blogger.com/profile/[email protected]

Cybersecurity researchers have disclosed multiple security flaws in Cinterion cellular modems that could be potentially exploited by threat actors to access sensitive information and achieve code execution. "These vulnerabilities include critical flaws that permit remote code execution and unauthorized privilege escalation, posing substantial risks to integral communication networks and IoT

Cybersecurity researchers have disclosed multiple security flaws in Cinterion cellular modems that could be potentially exploited by threat actors to access sensitive information and achieve code execution. "These vulnerabilities include critical flaws that permit remote code execution and unauthorized privilege escalation, posing substantial risks to integral communication networks and IoT Newsroomhttp://www.blogger.com/profile/[email protected]

San Francisco-based Perplexity AI is currently the biggest threat to both Open AI and Google. The startup, founded in 2022, is a unicorn with a $1 billion valuation founded by former Google and Open AI employees. 

The reason: it’s an extremely well-designed hybrid of ChatGPT and Google Search, while being superior to both for most common information chores. 

You can use Perplexity AI as a multi-modal search engine. For example, you can feed it a long list of URLs, upload photos and PDFs, and add snippets of code. The uploads can be in any language, and it will return results in English unless you direct it otherwise. (The free version of Perplexity AI is fine for most users, but some of the more advanced features here are available only in the Pro version, which costs $20 per month or $200 per year. The free version includes five Pro searches per day; the Pro version 600.) 

The results are selected and prioritized based on an improved version of Google’s PageRank, which favors more authoritative and reliable sources and uses heuristics and data-driven learning from past queries to improve accuracy and relevance. 

You can accept its default mode of searching the entire internet, or tell it specifically to search only academic papers, Wolfram Alpha, YouTube or Reddit — or use only the content you type, paste or upload. It then reads the top results and provides a genAI-produced summary using models like GPT-4, Claude, and Mistral Large, with links to the pages where it got its facts. 

A new query starts a “Thread,” so you can ask follow-up questions without repeating the details. You can even say vague things like, “Can you elaborate?” and it will. The site presents follow-up questions, which you can trigger with a simple click; invites dialog and further investigation; and you can save the threads for later. 

It can also generate images, and in an interesting way. After any query, you can just click a “generate image” button, and it will produce one. 

Why Perplexity AI is the future of search 

Perplexity AI is not unique. It’s simply the most popular and probably best in the category of tools that combine search with large language model (LLM) chatbots. (I previously recommended another in this space, is phind.com.)

The leading brands will soon converge on Perplexity’s space. OpenAI is rumored to be building a search engine. Apple’s Siri is thought to be getting the addition of AI. Bing already uses ChatGPT. And Perplexity-like startups abound — for example, Subtl.ai explicitly positions its tools as a kind of “enterprise Perplexity AI” that keeps corporate data private (Perplexity has its own enterprise offering, called Perplexity Enterprise). 

It’s likely that within a year, the AI chatbots will have search, the search engines will have AI and the voice assistants will have both search and AI. 

This strikes me as an improvement all around.

Where does Perplexity go from here? 

Perplexity is currently beta testing a new feature called “Perplexity Pages,” which is a pretty amazing idea that combines search, AI and crowdsourcing. 

Pages is a text editor, where Perplexity produces a draft article on a topic chosen by the user. The user then edits and enhances the article by removing passages, doing additional queries on key points, adding pictures and other interventions. Once satisfied, the user then “posts” the article for other users to see in a social network context (users will get a feed of completed Pages articles). 

Perplexity Pages sounds like a kind of AI-fueled cross between Reddit, Wikipedia and Twitter.

Perplexity AI currently offers a “Discover” tab, where AI-generated articles are curated. Presumably, the company wants to replace or augment this feed with user-modified articles. With enough contributors, Perplexity AI may be inspired to allow users to follow other users, like a social network, blogging platform or newsletter service.

Something like this could replace social networks for people who care about learning and better information. 

Where Perplexity should go from here

If Perplexity AI really wanted to stay ahead of the curve, they’d launch smart glasses that give audio and visual access (via a camera) to the service, all controlled by the mobile app. 

At present, this is possible but not desirable. Brilliant Labs’ Frame smart glasses use Perplexity, among other services. The problem is that Brilliant Labs is an underfunded and undercapitalized startup offering unacceptably dorky glasses that don’t work as well as they could. Frame glasses make you look like a cartoon character like Dexter from “Dexter’s Laboratory.”

The other problem is Perplexity’s AI computer voice feature, which is available in the mobile app to Pro users. The company offers four voices — two male and two female — and they’re all pretty good, but not quite good enough. 

Pi.ai, which has a voice interface via the web and mobile versions alike, offers far more life-like voices. 

By combining socially acceptable glasses, the option for user prescriptions, high-quality microphones, speakers and sensors (like Ray-Ban Meta glasses) and great computer voices like Pi.ai, Perplexity could own the immediate future of AI glasses, which is growing into a killer category. 

Another area Perplexity AI could dominate is fact-checking. Because its version of PageRank is so good, Perplexity AI is already a great place to do everyday fact checking. By simply adding a link to a story and asking Perplexity AI if the information in the article is true — or just asking if a claim is true — the site does an outstanding job most of the time debunking disinformation and setting the context for the information. 

For example, I asked Perplexity AI: “Are chemtrails real?”

It replied: “Chemtrails, as described by conspiracy theories, are not real. The term “chemtrails” is often used by conspiracy theorists to suggest that the visible trails left by aircraft in the sky are composed of chemical or biological agents deliberately sprayed for nefarious purposes. However, extensive scientific research and expert analysis have debunked these claims.”

It then went on to describe what contrails are, offered up some of the most reputable studies on the issue (with links to the papers), then a little context about the false conspiracy theories and where they come from.

This kind of instant quality fact-checking is what the world needs right now. 

Perplexity AI should create a browser — or at minimum, a browser extension — that automatically debunks all information displayed in that browser. (Perplexity does offer a browser extension, but it doesn’t debunk every false thing you’re looking at.) I’d also like to see this deployed on social networks and other sources of disinformation.

Right now, Perplexity AI is the state of the art for AI based search. It’s likely that such tools might one day become a banality. In the meantime, there’s no better or more useful AI-based chatbot for most business people.

‘One True Answer’ vs. reality

Years ago, with voice assistants and appliances like the Amazon Echo coming into use, we thought we’d be forced kicking and screaming out of the Search Engine era and into the One True Answer era (where queries would take a stab at a single definitive answer, and thereby hand over to search engine companies like Google the power to determine what’s true and what’s false (whether its answers were true or not). 

The rise of tools like Perplexity AI and an industry seeking to copy or compete with them on their terms brings optimism that, instead of the One True Answer dystopia we feared, our information appliances and services can instead give us a balanced answer from multiple reputable sources specified in links and invite us into a back-and-forth conversation about the information. 

This is better than a single answer, better than a search result full of links and better than a ChatGPT-like chatbot, prone to confidently asserted hallucinations.

While OpenAI’s ChatGPT kickstarted the LLM-based generative AI revolution, Perplexity AI may be the company that leads the way into the future we really need. 

Emerging Technology, Generative AI, Technology Industry, Web Search

The Black Basta ransomware-as-a-service (RaaS) operation has targeted more than 500 private industry and critical infrastructure entities in North America, Europe, and Australia since its emergence in April 2022. In a joint advisory published by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS

The Black Basta ransomware-as-a-service (RaaS) operation has targeted more than 500 private industry and critical infrastructure entities in North America, Europe, and Australia since its emergence in April 2022. In a joint advisory published by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHSNewsroomhttp://www.blogger.com/profile/[email protected]

Sonda Advanced Composite Solar Sail System (ACS3), která odstartovala 23. dubna z Nového Zélandu, se poprvé spojila s operátory na Zemi. Počátkem května o tom na svém blogu informovala NASA. Po jednom nebo dvou měsících příprav ACS3 rozvine podél čtyř ramen vyrobených z uhlíkových vláken a ...

The Register’s Tim Philips gets down and dirty on cyber security in this interview with Rubrik CISO Richard Cassidy

Sponsored Post  There were hard words about the state of Britain's cyber security in parliament recently, but it's not just the country's critical national infrastructure which may be underprepared to tackle the army of hackers and nation state-backed cyber criminals intent on causing it disruption.…

But breaking E2EE and blanket bans aren't thinking at all

Opinion  If your cranky uncle was this fixated about anything, you'd always be somewhere else at Christmas. Yet here we are again. Europol has been sounding off at Meta for harming children. Not for the way it's actually harming children, but because – repeat after me – end-to-end encryption is hiding child sexual abuse material from the eyes of the law. "E2EE = CSAM" is the new slogan of fear.…

GHC (Glasgow Haskell Compiler, Wikipedie), tj. překladač funkcionálního programovacího jazyka Haskell (Wikipedie), byl vydán ve verzi 9.10.1. Přehled novinek v poznámkách k vydání.

Roztavené 16pin napájecí konektory hlásí uživatelé od října 2022. Doposud však výrobci řešili reklamace ku spokojenosti zákazníků. To se nyní změnilo…

Ještě, než přijde plnohodnotný ROG Ally 2, chystá Asus mezigenerační upgrade nazvaný ROG Ally X. Oficiálně jej představí až 2. června, ale sám výrobce už pár detailů naznačil a další podrobnosti zjistil magazín The Verge. ROG Ally X bude mít přepracovaný design. Nově bude v černém provedení ...

Po 9 týdnech vývoje od vydání Linuxu 6.8 oznámil Linus Torvalds vydání Linuxu 6.9. Přehled novinek a vylepšení na LWN.net: první a druhá polovina začleňovacího okna. Později také na Linux Kernel Newbies.

OpenAI patří k hlavním hráčům na poli velkých jazykových modelů, a tak pro ještě větší transparentnost jeho chatbotů zveřejnilo, jakým způsobem je tvaruje do finální podoby. Model Spec je kodex dobrého chování pro GPT Výsledkem je dokument Model Spec, tedy specifikace (chování) modelu. Autoři v ...

Cybersecurity researchers have identified a malicious Python package that purports to be an offshoot of the popular requests library and has been found concealing a Golang-version of the Sliver command-and-control (C2) framework within a PNG image of the project's logo.  The package employing this steganographic trickery is requests-darwin-lite, which has been