An anonymous reader shares a report: In January, artificial intelligence powerhouse OpenAI announced a tool that could save the world -- or at least preserve the sanity of professors and teachers -- by detecting whether a piece of content had been created using generative AI tools like its own ChatGPT. Half a year later, that tool is dead, killed because it couldn't do what it was designed to do.

ChatGPT creator OpenAI quietly unplugged its AI detection tool, AI Classifier, last week because of "its low rate of accuracy," the firm said. The explanation was not in a new announcement, but added in a note added to the blog post that first announced the tool. The link to OpenAI's classifier is no longer available. "We are working to incorporate feedback and are currently researching more effective provenance techniques for text, and have made a commitment to develop and deploy mechanisms that enable users to understand if audio or visual content is AI-generated," OpenAI wrote.

Chainalysis' head of investigations doesn't seem to have a great understanding of whether her company's flagship software even works. From a report: Elizabeth Bisbee, head of investigations at Chainalysis Government Solutions, testified she was "unaware" of scientific evidence for the accuracy of Chainalysis' Reactor software used by law enforcement, an unreleased transcript of a June 23 hearing shared with CoinDesk shows.

The fact that Chainalysis' blockchain demystification tools have become so widespread is a serious threat to the crypto ecosystem. Although industry insiders have raged against Chainalysis since it was founded, often accusing it of violating people's financial privacy, there may be a better argument to make against the company and analysis firms like it: it's within the realm of possibility that these "probabilistic" machines don't work as well as advertised. This is a big deal considering Chainalysis' surveillance tools are used widely across the industry for compliance, and have at times led to unjustified account restrictions and -- even worse -- land unsuspecting individuals on the radar of law enforcement agencies without probable cause.

A group of cybersecurity researchers has uncovered what they believe is an intentional backdoor in encrypted radios used by police, military, and critical infrastructure entities around the world. The backdoor may have existed for decades, potentially exposing a wealth of sensitive information transmitted across them, according to the researchers. From a report: While the researchers frame their discovery as a backdoor, the organization responsible for maintaining the standard pushes back against that specific term, and says the standard was designed for export controls which determine the strength of encryption. The end result, however, are radios with traffic that can be decrypted using consumer hardware like an ordinary laptop in under a minute. "There's no other way in which this can function than that this is an intentional backdoor," Jos Wetzels, one of the researchers from cybersecurity firm Midnight Blue, told Motherboard in a phone call.

The research is the first public and in-depth analysis of the TErrestrial Trunked RAdio (TETRA) standard in the more than 20 years the standard has existed. Not all users of TETRA-powered radios use the specific encryption algorithim called TEA1 which is impacted by the backdoor. TEA1 is part of the TETRA standard approved for export to other countries. But the researchers also found other, multiple vulnerabilities across TETRA that could allow historical decryption of communications and deanonymization. TETRA-radio users in general include national police forces and emergency services in Europe; military organizations in Africa; and train operators in North America and critical infrastructure providers elsewhere.

Twelve Norwegian government ministries have been hit by a cyber attack, the Norwegian government said on Monday, the latest attack to hit the public sector of Europe's largest gas supplier and NATO's northernmost member. From a report: "We identified a weakness in the platform of one of our suppliers. That weakness has now been shut," Erik Hope, head of the government agency in charge of providing services to ministries, told a news conference. The attack was identified due to "unusual" traffic on the supplier's platform, Hope said, declining to provide specifics. It was uncovered on July 12 and was being investigated by police.

Amazon has already cut 27,000 jobs in the past few months. Now the Associated Press reports that Amazon "is asking some corporate workers to relocate to other cities as part of its return-to-office policy, which mandates workers to be in the office three days a week." An Amazon spokesperson confirmed on Friday that relocations are happening but would not comment on reports by several news outlets that the tech giant was requiring some workers in smaller offices to move to main offices located in bigger cities. Amazon didn't provide details on the number of employees that will be required to relocate. Amazon spokesperson Brad Glasser said the company will provide "relocations benefits" to workers who are asked to move and consider requests for exceptions on a case-by-case basis...

Citing internal messages, Business Insider reported earlier Amazon employees who refuse to relocate near main offices of their teams are being told they either have to find a new job internally or leave the company through a "voluntary resignation."
"There's more energy, collaboration, and connections happening since we've been working together at least three days per week," an Amazon spokesperson told the Associated Press, adding "we've heard this from lots of employees and the businesses that surround our offices."

The major gaming platform Roblox has suffered a major data breach, leading to the release of personal information including addresses from those who attended the Roblox Developer Conference between 2017-2020. PCGamer reports: The leak contains almost 4,000 names, phone numbers, email addresses, dates of birth, and physical addresses. Such identifying information is gold dust for bad actors, and raises serious questions about the data security of one of the largest gaming platforms around. The website haveibeenpwned says the original breach date was 18 December 2020, with the information becoming available on 18 July 2023, with a total of 3,943 compromised accounts. The site notes that as well as all the above information, the leak even includes each individual's t-shirt size.

The implications of this for those affected are identity theft and scams, with the quantity of data especially worrying: this is basically all you need to effectively impersonate someone. Beyond the above statement, Roblox has made no further comment, and it's likely that the ramifications of this will continue to unfold for some time, especially if anyone on the list is indeed targeted. Anyone concerned should search on haveibeenpwned and enable two-factor authentication on all accounts (as well as keeping an especially close eye on bank transactions for a while). Troy Hunt, the engineer behind haveibeenpwned, said the leak was posted in 2021 but according to an unnamed source didn't spread outside of niche Roblox communities, while at the time the company did not publicly disclose the leak or alert anyone affected. The leak then appeared on a public forum a few days ago. "Roblox is aware of a third-party security issue where there were indications of unauthorized access to limited personal information of a subset of our creator community," said a Roblox spokesperson to PC Gamer. "We engaged independent experts to support the investigation led by our information security team. Those who are impacted will receive an email communicating the next steps we are taking to support them. We will continue to be vigilant in monitoring and vetting the cyber security posture of Roblox and our third-party vendors."

The hack of Microsoft's cloud that resulted in the compromise of government emails was an example of a traditional espionage threat, a senior National Security Agency official said. From a report: Speaking at the Aspen Security Forum, Rob Joyce, the director of cybersecurity at the N.S.A., said the United States needed to protect its networks from such espionage, but that adversaries would continue to try to secretly extract information from each other. "It is China doing espionage," Mr. Joyce said. "It is what nation-states do. We have to defend against it, we need to push back against it. But that is something that happens."

The hackers took emails from senior State Department officials including Nicholas Burns, the U.S. ambassador to China. The theft of Mr. Burns's emails was earlier reported by The Wall Street Journal and confirmed by a person familiar with the matter. Daniel J. Kritenbrink, the assistant secretary of state for East Asia, also had his email hacked, a U.S. official said. The emails of Commerce Secretary Gina Raimondo were also obtained in the hack, which was discovered in June by State Department cybersecurity experts scouring user logs for unusual activity. Microsoft later determined that Chinese hackers had obtained access to email accounts a month earlier.

The Cyber Police Department of the National Police of Ukraine dismantled another massive bot farm, seizing computer equipment, mobile phones, and roughly 150,000 SIM cards of multiple mobile operators. BleepingComputer reports: The bots were used to push Russian propaganda justifying Russia's war in Ukraine, to disseminate illegal content and personal information, and in various other fraudulent activities. In a joint operation, the cyber police and units of the Ukrainian National Police executed 21 search operations in Vinnytsia, Zaporizhzhia, and Lvivand.

"The cyber police established that the attackers used special equipment and software to register thousands of bot accounts in various social networks and subsequently launch advertisements that violated the norms and legislation of Ukraine," a cyber police press release reads [machine translation]. "In addition to spreading hostile propaganda, the accounts were also used for unauthorized distribution of personal data of Ukrainian citizens on the Internet, in Internet fraud schemes, and for sending known false messages about threats to citizens' safety, destruction or damage to property." Cyber police in Ukraine have busted several pro-Russian bot farms in the last year, including one last month called "Botoferma" and another one late last year that was working for the Russian secret services. Ukraine also traced a Russian propaganda operation to a bot farm that was secretly operating in the country's own capital of Kyiv last August. "The farm operated more than 1 million bot accounts, which helped the propaganda operation build an audience of over 400,000 users on social media," reports PCMag.

Researchers have warned that leaked information from a ransomware attack on hardware-maker Gigabyte two years ago may contain critical zero-day vulnerabilities that pose a significant risk to the computing world. The vulnerabilities were found in firmware made by AMI for BMCs (baseboard management controllers), which are small computers integrated into server motherboards allowing remote management of multiple computers. These vulnerabilities, which can be exploited by local or remote attackers with access to Redfish remote management interfaces, could lead to unauthorized access, remote code execution, and potential physical damage to servers. Ars Technica reports: Until the vulnerabilities are patched using an update AMI published on Thursday, they provide a means for malicious hackers -- both financially motivated or nation-state sponsored -- to gain superuser status inside some of the most sensitive cloud environments in the world. From there, the attackers could install ransomware and espionage malware that runs at some of the lowest levels inside infected machines. Successful attackers could also cause physical damage to servers or indefinite reboot loops that a victim organization can't interrupt. Eclypsium warned such events could lead to "lights out forever" scenarios.

The researchers went on to note that if they could locate the vulnerabilities and write exploits after analyzing the publicly available source code, there's nothing stopping malicious actors from doing the same. And even without access to the source code, the vulnerabilities could still be identified by decompiling BMC firmware images. There's no indication malicious parties have done so, but there's also no way to know they haven't. The researchers privately notified AMI of the vulnerabilities, and the company created firmware patches, which are available to customers through a restricted support page. AMI has also published an advisory here.

Google today announced its support for interoperable end-to-end encrypted communication between large messaging platforms, with plans to integrate the MLS protocol into Google Messages and Android. 9to5Google reports: Google says it is "strongly supportive of regulatory efforts that require interoperability for large end-to-end messaging platforms," which is presumably in reference to the European Union's Digital Markets Act. That regulation would require iMessage to be interoperable with other messaging platforms. To achieve this, Google says this interoperability requires "open, industry-vetted standards, particularly in the area of privacy, security, and end-to-end encryption." If not, end-to-end encrypted group messaging and other advanced features would be "impossible in practice." Specifically, "group messages would have to be encrypted and delivered multiple times to cater for every different protocol." [...]

Google says MLS would make possible "practical interoperability across services and platforms, scaling to groups of thousands of multi-device users." This could "unleash a huge field of new opportunities for the users and developers of interoperable messaging services that adopt it."; It is also flexible enough to allow providers to address emerging threats to user privacy and security, such as quantum computing. Google plans to build MLS into its Messages app, which offers E2EE 1:1 and group RCS chats today, and "support its wide deployment across the industry by open sourcing our implementation in the Android codebase." How RCS factors into this remains to be seen.

Apple says it will remove services such as FaceTime and iMessage from the UK rather than weaken security if new proposals are made law and acted upon. From a report: The government is seeking to update the Investigatory Powers Act (IPA) 2016. It wants messaging services to clear security features with the Home Office before releasing them to customers. The act lets the Home Office demand security features are disabled, without telling the public.

Under the update, this would have to be immediate. Currently, there has to be a review, there can also be an independent oversight process and a technology company can appeal before taking any action. Because of the secrecy surrounding these demands, little is known about how many have been issued and whether they have been complied with. But many messaging services currently offer end-to-end encryption - so messages can be unscrambled by only the devices sending and receiving them.

You now have a new way to connect your Windows PC to an Android device to share files: Nearby Share, an app Google released Wednesday and which will be bundled with upcoming PCs. From a report: As the name suggests, Nearby Share allows you to share files back and forth between Android devices and PCs. It's similar to Apple's AirDrop, with the key difference being that Nearby Share connects devices from two different companies, rather than iPhones and Macs. Google released the beta version of Nearby Share earlier this year.

Nearby Share connects your phone to your PC, but it can also be used for you to send files and photos to nearby Android phones that you don't use, as well as to nearby PCs. That makes it handy for simply sharing a photo at a concert, or dropping a file onto a friend's PC without hassle. You'll just need to be within about 16 feet to do so, Google says. Why use Nearby Share? Google's unspoken argument is that it's simpler to do so. There are already numerous ways to view and transfer files and photos from Android phones to PCs, from the tried-and-true sneakerware to uploading and downloading from the cloud, to more modern approaches like Microsoft's Your Phone, now called Phone Link. Device makers like Samsung also have released their own specific versions for Galaxy devices. Google, though, made its mark with Gmail and search, both functions that worked more simply and effectively than other solutions.

Microsoft is expanding its suite of free security tools for customers, the software company said on Wednesday, following criticism that it was charging clients to protect themselves against Microsoft's mistakes. From a report: The move follows a high-level hack that allowed allegedly Chinese spies to steal emails from senior U.S. officials - and complaints from security specialists and lawmakers against paying for tools In a blog post published on Wednesday, Microsoft said the advanced features in Microsoft's auditing suite - which it calls Microsoft Purview - would be available to all customers "over the coming months." Although not enough to prevent hacks on their own, digital auditing tools are critical for helping organizations figure out whether intruders are in their network, how they got in and how to get them out.

Google is starting a new pilot program where some employees will be restricted to internet-free desktop PCs. From a report: The company originally selected more than 2,500 employees to participate, but after receiving feedback, the company revised the pilot to allow employees to opt out, as well as opening it up to volunteers. The company will disable internet access on the select desktops, with the exception of internal web-based tools and Google-owned websites like Google Drive and Gmail. Some workers who need the internet to do their job will get exceptions, the company stated in materials.

In addition, some employees will have no root access, meaning they won't be able to run administrative commands or do things like install software. Google is running the program to reduce the risk of cyberattacks, according to internal materials. "Googlers are frequent targets of attacks," one internal description viewed by CNBC stated. If a Google employee's device is compromised, the attackers may have access to user data and infrastructure code, which could result in a major incident and undermine user trust, the description added. Turning off most internet access ensures attackers cannot easily run arbitrary code remotely or grab data, the description explained.

An anonymous reader quotes a report from TechCrunch: The Biden administration has launched its long-awaited Internet of Things (IoT) cybersecurity labeling program that aims to protect Americans against the myriad of security risks associated with internet-connected devices. The program, officially named the "U.S. Cyber Trust Mark," aims to help Americans ensure they are buying internet-connected devices that include strong cybersecurity protections against cyberattacks. The Internet of Things, a term encompassing everything from fitness trackers and routers to baby monitors and smart refrigerators, has long been considered a weak cybersecurity link. Many devices ship with easy-to-guess default passwords and offer a lack of security regular updates, putting consumers at risk of being hacked.

The Biden administration says its voluntary Energy Star-influenced labeling system will "raise the bar" for IoT security by enabling Americans to make informed decisions about the security credentials of the internet-connected devices they buy. The U.S. Cyber Trust Mark will take the form of a distinct shield logo, which will appear on products that meet established cybersecurity criteria. This criterion, established by the National Institute of Standards and Technology (NIST), will require, for example, that devices require unique and strong default passwords, protect both stored and transmitted data, offer regular security updates, and ship with incident detection capabilities.

The full list of standards is not yet finalized. The White House said that NIST will immediately start work on defining cybersecurity standards for "higher-risk" consumer-grade routers, devices that attackers frequently target to steal passwords and create botnets that can be used to launch distributed denial-of-service (DDoS) attacks. This work will be completed by the end of 2023, with the aim that the initiative will cover these devices when it launches in 2024. In a call with reporters, the White House confirmed that the Cyber Trust Mark will also include a QR code that will link to a national registry of certified devices and provide up-to-date security information, such as software updating policies, data encryption standards and vulnerability remediation. Amazon and Best Buy are some of the first major U.S. retailers to have signed up for the initiative. Others include Cisco, Google, LG, Qualcomm and Samsung.

The U.S. Department of Energy also said it is working with industry partners to develop cybersecurity labeling requirements for smart meters and power inverters.

An anonymous reader quotes a report from Ars Technica: JumpCloud, a cloud-based IT management service that lists Cars.com, GoFundMe, and Foursquare among its 5,000 paying customers, experienced a security breach carried out by hackers working for a nation-state, the company said last week. The attack began on June 22 as a spear-phishing campaign, the company revealed last Wednesday. As part of that incident, JumpCloud said, the "sophisticated nation-state sponsored threat actor" gained access to an unspecified part of the JumpCloud internal network. Although investigators at the time found no evidence any customers were affected, the company said it rotated account credentials, rebuilt its systems, and took other defensive measures.

On July 5, investigators discovered the breach involved "unusual activity in the commands framework for a small set of customers." In response, the company's security team performed a forced-rotation of all admin API keys and notified affected customers. As investigators continued their analysis, they found that the breach also involved a "data injection into the commands framework," which the disclosure described as the "attack vector." The disclosure didn't explain the connection between the data injection and the access gained by the spear-phishing attack on June 22. Ars asked JumpCloud PR for details, and employees responded by sending the same disclosure post that omits such details. Investigators also found that the attack was extremely targeted and limited to specific customers, which the company didn't name.

JumpCloud says on its website that it has a global user base of more than 200,000 organizations, with more than 5,000 paying customers. They include Cars.com, GoFundMe, Grab, ClassPass, Uplight, Beyond Finance, and Foursquare. JumpCloud has raised over $400 million from investors, including Sapphire Ventures, General Atlantic, Sands Capital, Atlassian, and CrowdStrike. The company has also published a list of IP addresses, domain names, and cryptographic hashes used by the attacker that other organizations can use to indicate if they were targeted by the same attackers. JumpCloud has yet to name the country of origin or other details about the threat group responsible.

As unprecedented weather leads to increasing climate anxiety, there's a raft of different apps catering for every kind of forecast. From a report: Preoccupation with weather apps is commonplace in our current unsettled atmosphere. On social media there is almost as much chat about weather apps as there is about the weather: much of it is ire about inaccurate forecasts; some of it is from users who admit checking weather apps more than seems logical. There is still palpable grief, in the wake of the closure of the short-term weather prediction app Dark Sky, late last year, after its acquisition by Apple. In April, when Apple's weather app went down, there was such outrage that the temporary glitch became an international news story.

Fifty per cent of US smartphone users regularly use weather apps; according to Statista, weather apps will make approximately $1.5bn in revenue in 2023, a leap from $530m in 2017. Jeremiah Lasquety-Reyes, a senior analyst for Statista, says this new weather app ecosystem is only going to grow, owing to the climate crisis, as well as a general trend towards "digitizing one's life and schedule." There are certainly plenty out there, catering to a variety of needs: more than 10,000 apps have the word "weather" in the title in Android and iPhone app stores.

Wix, a longtime fixture of the web building space, is betting that today's customers don't particularly care to spend time customizing every aspect of their site's appearance. TechCrunch: The company's new AI Site Generator tool, announced today, will let Wix users describe their intent and generate a website complete with a homepage, inner pages and text and images -- as well as business-specific sections for events, bookings and more. Avishai Abrahami, Wix's co-founder and CEO, says that the goal was to provide customers with "real value" as they build their sites and grow their businesses. [...] AI Site Generator takes several prompts -- any descriptions of sites -- and uses a combination of in-house and third-party AI systems to create the envisioned site. In a chatbot-like interface, the tool asks a series of questions about the nature of the site and business, attempting to translate this into a custom web template. ChatGPT generates the text for the website while Wix's AI creates the site design and images.

A bill requiring social media companies, encrypted communications providers and other online services to report drug activity on their platforms to the U.S. Drug Enforcement Administration (DEA) advanced to the Senate floor Thursday, alarming privacy advocates who say the legislation turns the companies into de facto drug enforcement agents and exposes many of them to liability for providing end-to-end encryption. From a report: The bipartisan Cooper Davis Act -- named for a Kansas teenager who died after unknowingly taking a fentanyl-laced pill he bought on Snapchat -- requires social media companies and other web communication providers to give the DEA users' names and other information when the companies have "actual knowledge" that illicit drugs are being distributed on their platforms.

Many privacy advocates caution that, if passed in its current form, the bill could be a death blow to end-to-end encryption services because it includes particularly controversial language holding companies accountable for conduct they don't report if they "deliberately blind" themselves to the violations. Officials from the DEA have spent several months honing the bill with key senators, Judiciary Committee Chairman Dick Durbin (D-IL) said Thursday. Providers of encrypted services would face a difficult choice should the bill pass, said Greg Nojeim, Senior Counsel & Director of Security and Surveillance Project at the Center for Democracy and Technology. "They could maintain end-to-end encryption and risk liability that they had willfully blinded themselves to illegal content on their service and face the music later," Nojeim said. "Or they could opt to remove end-to-end encryption and subject all of their users who used to be protected by one of the best cybersecurity tools available to new threats and new privacy violations."

Everyone seems to be buying a mechanical keyboard company these days. Corsair has one-upped them all by buying its own mechanical keyboard company. From a report: The Fremont, California-based peripheral maker today announced that it's acquiring "certain assets" from Drop for an undisclosed, all-cash deal. "Drop has been acquired by Corsair," Drop CEO Jef Holove wrote in a blog post confirming the news. "I am sure front-of-mind for you is what this will mean for Drop and our focus on our discerning, engaged enthusiast community -- especially at a time when we've been watching other players in the community struggle or outright fold. Obviously, we are convinced this move is good for us, for you and for the hobby, and I'll give you a sense of why here."

The executive called the Portland-based company "small but mighty," relative to a product portfolio that includes several keyboards, keycaps and audio accessories. Mechanical keyboards are the company's bread and butter, and it makes fine hardware. I've been using the Drop Shift keyboard now for several months. The firm is also notable for high-profile branding exercises that include keycaps featuring Lord of the Rings and Marvel IP.