ZDNet reports that Jim Zemlin, executive director at the Linux Foundation, recently noted rounds of tech-industry layoffs "in the name of cost-cutting." But then Zemlin added that "open source is countercyclical to these trends. The Linux Foundation itself, for instance, had its best first quarter ever."

As Hilary Carter, SVP of research and communications at the Linux Foundation, said in her keynote speech at Open Source Summit North America in Vancouver, Canada: "In spite of what the headlines are saying, the facts are 57% of organizations are adding workers this year." Carter was quoting figures from the Linux Foundation's latest job survey, which was released at the event.

Other research also points to brighter signs in tech employment trends. CompTIA's recent analysis of the latest Bureau of Labor Statistics (BLS) data suggests the tech unemployment rate climbed by just 2.3% in April. In fact, more organizations plan to increase their technical staff levels rather than decrease.

The demand for skilled tech talent remains strong, particularly in fast-developing areas, such as cloud and containers, cybersecurity, and artificial intelligence and machine learning. So, what do these all areas of technology have in common? The answer is they're all heavily dependent on open source and Linux technologies.
While layoffs are happening at Microsoft, Amazon, Google, IBM, and even Red Hat, "the Linux Foundation found senior technical roles are seeing the biggest cuts," the article points out. "New hiring is focused on developers and IT managers." And companies are also spending more on training for existing technical staff, "driven by the fact that there aren't enough experts in hot technologies, such as Kubernetes and generative AI, to go around." Interestingly, a college degree is no longer seen as such a huge benefit. Businesses responding to the Linux Foundation's research felt upskilling (91%) and certifications (77%) are more important than a university education (58%) when it comes to addressing technology needs.

Trend Micro researchers at Black Hat Asia are warning that millions of Android devices worldwide come pre-infected with malicious firmware before the devices leave their factories. "This hardware is mainly cheapo Android mobile devices, though smartwatches, TVs, and other things are caught up in it," reports The Register. From the report: This insertion of malware began as the price of mobile phone firmware dropped, we're told. Competition between firmware distributors became so furious that eventually the providers could not charge money for their product. "But of course there's no free stuff," said [Trend Micro researcher Fyodor Yarochkin], who explained that, as a result of this cut-throat situation, firmware started to come with an undesirable feature -- silent plugins. The team analyzed dozens of firmware images looking for malicious software. They found over 80 different plugins, although many of those were not widely distributed. The plugins that were the most impactful were those that had a business model built around them, were sold on the underground, and marketed in the open on places like Facebook, blogs, and YouTube.

The objective of the malware is to steal info or make money from information collected or delivered. The malware turns the devices into proxies which are used to steal and sell SMS messages, take over social media and online messaging accounts, and used as monetization opportunities via adverts and click fraud. One type of plugin, proxy plugins, allow the criminal to rent out devices for up to around five minutes at a time. For example, those renting the control of the device could acquire data on keystrokes, geographical location, IP address and more. "The user of the proxy will be able to use someone else's phone for a period of 1200 seconds as an exit node," said Yarochkin. He also said the team found a Facebook cookie plugin that was used to harvest activity from the Facebook app.

Through telemetry data, the researchers estimated that at least millions of infected devices exist globally, but are centralized in Southeast Asia and Eastern Europe. A statistic self-reported by the criminals themselves, said the researchers, was around 8.9 million. As for where the threats are coming from, the duo wouldn't say specifically, although the word "China" showed up multiple times in the presentation, including in an origin story related to the development of the dodgy firmware. Yarochkin said the audience should consider where most of the world's OEMs are located and make their own deductions.

The team confirmed the malware was found in the phones of at least 10 vendors, but that there was possibly around 40 more affected. For those seeking to avoid infected mobile phones, they could go some way of protecting themselves by going high end. That is to say, you'll find this sort of bad firmware in the cheaper end of the Android ecosystem, and sticking to bigger brands is a good idea though not necessarily a guarantee of safety. "Big brands like Samsung, like Google took care of their supply chain security relatively well, but for threat actors, this is still a very lucrative market," said Yarochkin.

Discord has informed users of a data breach that occurred after a third-party support agent's account was compromised, exposing user email addresses, messages exchanged with Discord support, and any attachments sent as part of the tickets. Discord immediately disabled the account and worked with the customer service partner to prevent similar incidents in the future, but users are advised to stay vigilant for any suspicious activity. BleepingComputer reports: "Due to the nature of the incident, it is possible that your email address, the contents of customer service messages and any attachments sent between you and Discord may have been exposed to a third party," Discord said in letters sent to affected users. "As soon as Discord was made aware of the issue, we deactivated the compromised account and completed malware checks on the affected machine."

They also worked with the customer service partner to implement effective measures to prevent similar incidents in the future. "While we believe the risk is limited, it is recommended that you be vigilant for any suspicious messages or activity, such as fraud or phishing attempts," the company said.

An anonymous reader quotes a report from Ars Technica: Earlier this week, Microsoft released a patch to fix a Secure Boot bypass bug used by the BlackLotus bootkit we reported on in March. The original vulnerability, CVE-2022-21894, was patched in January, but the new patch for CVE-2023-24932 addresses another actively exploited workaround for systems running Windows 10 and 11 and Windows Server versions going back to Windows Server 2008. The BlackLotus bootkit is the first-known real-world malware that can bypass Secure Boot protections, allowing for the execution of malicious code before your PC begins loading Windows and its many security protections. Secure Boot has been enabled by default for over a decade on most Windows PCs sold by companies like Dell, Lenovo, HP, Acer, and others. PCs running Windows 11 must have it enabled to meet the software's system requirements.

Microsoft says that the vulnerability can be exploited by an attacker with either physical access to a system or administrator rights on a system. It can affect physical PCs and virtual machines with Secure Boot enabled. We highlight the new fix partly because, unlike many high-priority Windows fixes, the update will be disabled by default for at least a few months after it's installed and partly because it will eventually render current Windows boot media unbootable. The fix requires changes to the Windows boot manager that can't be reversed once they've been enabled. Additionally, once the fixes have been enabled, your PC will no longer be able to boot from older bootable media that doesn't include the fixes. On the lengthy list of affected media: Windows install media like DVDs and USB drives created from Microsoft's ISO files; custom Windows install images maintained by IT departments; full system backups; network boot drives including those used by IT departments to troubleshoot machines and deploy new Windows images; stripped-down boot drives that use Windows PE; and the recovery media sold with OEM PCs.

Not wanting to suddenly render any users' systems unbootable, Microsoft will be rolling the update out in phases over the next few months. The initial version of the patch requires substantial user intervention to enable -- you first need to install May's security updates, then use a five-step process to manually apply and verify a pair of "revocation files" that update your system's hidden EFI boot partition and your registry. These will make it so that older, vulnerable versions of the bootloader will no longer be trusted by PCs. A second update will follow in July that won't enable the patch by default but will make it easier to enable. A third update in "first quarter 2024" will enable the fix by default and render older boot media unbootable on all patched Windows PCs. Microsoft says it is "looking for opportunities to accelerate this schedule," though it's unclear what that would entail.

Fifteen years after launching Google Docs and Sheets with file sharing, Google is adding what sounds like adequate safety controls to the feature. From a report: Google Drive (the file repository interface that contains your Docs, Sheets, and Slides files) is finally getting a spam folder and algorithmic spam filters, just like Gmail has. It sounds like the update will provide a way to limit Drive's unbelievably insecure behavior of allowing random people to add files to your Drive account without your consent or control. Because Google essentially turned Drive file-sharing into email, Google Drive needs every spam control that Gmail has. Anyone with your email address can "share" a file with you, and a ton of spammers already have your email address. Previously, Drive assumed that all shared files were legitimate and wanted, with the only "control" being "security by obscurity" and hoping no one else knew your email address.

Drive shows any shared files in your shared documents folder, notifies you of the share on your phone, highlights the "new recent file" at the top of the Drive interface, lists the file in searches, and sends you an email about it, all without any indication that you know the file sharer at all. For years, some people in my life have been inundated with shared Google Drive files containing porn, ads, dating site scams, and malware. For a long time, there was nothing you could do to support affected users other than disabling Drive notifications, telling them to ignore the highlighted porn ads at the top of their Drive account, and warning them to never click on the "shared files" folder.

Toyota Japan has apologized after admitting to leaving millions of customers' vehicle details on the public internet for a decade. From a report: The car maker said in a notice that it will notify about 2.15 million customers whose personal and vehicle information were left exposed to the internet after a "cloud misconfiguration" was discovered recently in April. Toyota said that the exposed data includes: registered email addresses; vehicle-unique chassis and navigation terminal numbers; the location of vehicles and what time they were there; and videos from the vehicle's "drive recorder" which records footage from the car. Toyota said the data spilling from its Connected Cloud (TC) was initially exposed in November 2013, but pertains only to vehicles in Japan, according to the company. The company's connected service provides Toyota customers with information about their vehicle, provides in-car entertainment services, and helps to notify authorities in the event of an accident or breakdown.

An anonymous reader shares a report: In the latest blast of the HDD vs SSD culture wars, a Pure Storage exec is predicting that no more hard disk drives will be sold after 2028 because of electricity costs and availability, as well as NAND $/TB declines. Shawn Rosemarin, VP R&D within the Customer Engineering unit at Pure, told B&F: "The ultimate trigger here is power. It's just fundamentally coming down to the cost of electricity." Not the declining cost of SSDs and Pure's DFMs dropping below the cost of disks, although that plays a part. In his view: "Hard drive technology is 67 years old. We need to herald this technology that went from five megabytes the size of this room to where we are today. And even the latest HAMR technology, putting a laser on the top of the head in order to heat up the platters, is pretty remarkable ... But we're at the end of that era."

HDD vendors sing a different tune, of course. Back in 2021, HDD vendor Seagate said the SSD most certainly would not kill disk drives. There's a VAST vs Infinidat angle to it as well, with the former also stating disk drive IO limitations would cripple the use of larger disk drives in petabyte-scale data stores, with Infidat blasting back that it "must be joking." Gartner has had a look in too, claiming that enterprise SSDs will hit 35 percent of HDD/SSD exabytes shipped by 2026 - though that would make Rosemarin's 2028 cutoff unlikely. Pure recently stated SSDs would kill HDDs in a crossover event that would happen "soon." Rosemarin, meanwhile, continued his argument: "Our CEO in many recent events has quoted that 3 percent of the world's power is in datacenters. Roughly a third of that is storage. Almost all of that is spinning disk.

So if I can eliminate the spinning disk, and I can move to flash, and I can in essence reduce the power consumption by 80 or 90 percent while moving density by orders of magnitude in an environment where NAND pricing continues to fall, it's all becoming evident that hard drives go away." Are high electricity prices set to continue? "I think the UK's power has gone up almost 5x recently. And here's the thing ... when they go up, they very seldom if ever come down ... I've been asked many times do I think the cost of electricity will drop over time. And, frankly, while I wish it would and I do think there are technologies like nuclear that could help us over time. I think it'll take us several years to get there. We're already seeing countries putting quotas on electricity, and this is a really important one -- we've already seen major hyperscalers such as one last summer who tried to enter Ireland [and] was told you can't come here, we don't have enough power for you. The next logical step from that is OK, so now if you're a company and I start to say, well, we only have so much power, so I'm gonna give you X amount of kilowatts per X amount of employees, or I'm gonna give you X amount of kilowatts for X amount of revenue that you contribute to the GDP of the country or whatever metric is acceptable."

At Google I/O on Wednesday, Google said that all Gmail users in the U.S. will soon be able to discover if their email address has been found on the dark web. The dark web report security feature will roll out over the coming weeks, and will be expanded to select international markets. BleepingComputer reports: Once enabled, it will allow Gmail users to scan the dark web for their email addresses and take action to protect their data based on guidance provided by Google. For instance, they'll be advised to turn on two-step authentication to protect their Google accounts from hijacking attempts. Google will also regularly notify Gmail users to check if their email has been linked to any data breaches that ended up on underground cybercrime forums.

"Dark web report started rolling out in March 2023 to members across all Google One plans in the United States, providing a simple way to get notified when their personal information was discovered on the dark web. "Google One's dark web report helps you scan the dark web for your personal info -- like your name, address, email, phone number and Social Security number -- and will notify you if it's found," said Google One Director of Product Management Esteban Kozak in March when the feature was first announced. The company says all the personal info added to the profile can be deleted from the monitoring profile or by removing the profile in the dark web report settings.

An anonymous reader shares an excerpt from a collaborative investigation between Motherboard, lavialibera, and IrpiMedia: Mafioso Bartolo Bruzzaniti needed everyone to do their job just right. First, the Colombian suppliers would hide a massive amount of cocaine inside bananas at the port city of Turbo, Colombia. That shipping container would then be transported across the ocean to Catania, in Sicily, Italy. A corrupt port worker on the mafia's payroll would wave the shipment through and had advised the group how to package the drugs. This was so the cocaine could remain undetected even if the worker was forced to scan the shipment. Another group of on-the-ground mafiosos would then unload the cocaine outside of the port.

In March 2021, Bruzzaniti, an alleged member of the infamous 'Ndrangheta mafia group and who says Milan belongs to him "by right," asked his brother Antonio to go fetch something else crucial to the traffickers' success. "Go right now," Bruzzaniti wrote in a text message later produced in court records. "It's needed urgently." Investigators know what Bruzzaniti said because European authorities had penetrated an encrypted phone network called Sky and harvested around a billion of the users' messages. These phones are the technological backbone of organized crime around the world.

The thing Antonio needed to urgently fetch was a phone from a different encrypted phone network, one that the authorities appear to have not compromised and which the mafia have been using as part of their operations. To that phone, a contact sent one half of the shipping container's serial number. A reporting collaboration between Motherboard, lavialibera, and IrpiMedia has identified that encrypted phone as being run by a company called No. 1 Business Communication (No. 1 BC). The investigation has found members of the mafia and other organized crime groups turning to No. 1 BC as authorities cracked down on other platforms. The collaboration has identified multiple key players in No. 1 BC's development, sales, and legal structure. "Take the bc1 right away," Bruzzaniti wrote in another text, referring to the No. 1 BC phone.

A ransomware intrusion on hardware manufacturer Micro-Star International, better known as MSI, is stoking concerns of devastating supply chain attacks that could inject malicious updates that have been signed with company signing keys that are trusted by a huge base of end-user devices, a researcher said. From a report: "It's kind of like a doomsday scenario where it's very hard to update the devices simultaneously, and they stay for a while not up to date and will use the old key for authentication," Alex Matrosov, CEO, head of research, and founder of security firm Binarly, said in an interview. "It's very hard to solve, and I don't think MSI has any backup solution to actually block the leaked keys."

The intrusion came to light in April when, as first reported by Bleeping Computer, the extortion portal of the Money Message ransomware group listed MSI as a new victim and published screenshots purporting to show folders containing private encryption keys, source code, and other data. A day later, MSI issued a terse advisory saying that it had "suffered a cyberattack on part of its information systems." The advisory urged customers to get updates from the MSI website only. It made no mention of leaked keys. Since then, Matrosov has analyzed data that was released on the Money Message site on the dark web. To his alarm, included in the trove were two private encryption keys. The first is the signing key that digitally signs MSI firmware updates to cryptographically prove that they are legitimate ones from MSI rather than a malicious impostor from a threat actor. This raises the possibility that the leaked key could push out updates that would infect a computer's most nether regions without triggering a warning. To make matters worse, Matrosov said, MSI doesn't have an automated patching process the way Dell, HP, and many larger hardware makers do. Consequently, MSI doesn't provide the same kind of key revocation capabilities.

An anonymous reader shares a report: YouTube Premium subscribership grew to a record 80 million users in 2022, and Google responded by announcing it would be investing more into its subscription offerings in 2023. What we didn't realize at the time was how that could mean handicapping its free offerings to get more people to pay for its services. When watching videos yesterday, one Redditor encountered a popup informing them that "Ad blockers are not allowed on YouTube." The message offered a button to "Allow YouTube ads" in the person's ad blocking software and went on to explain that ads make the service free for billions of users and that YouTube Premium offers an ad-free experience. It even provided a button to easily sign up for a YouTube Premium membership.

Amazon CTO Werner Vogels, writes in a blog post: Software architectures are not like the architectures of bridges and houses. After a bridge is constructed, it is hard, if not impossible, to change the way it was built. Software is quite different, once we are running our software, we may get insights about our workloads that we did not have when it was designed. And, if we had realized this at the start, and we chose an evolvable architecture, we could change components without impacting the customer experience. My rule of thumb has been that with every order of magnitude of growth you should revisit your architecture, and determine whether it can still support the next order level of growth.

A great example can be found in two insightful blog posts written by Prime Video's engineering teams. The first describes how Thursday Night Football live streaming is built around a distributed workflow architecture. The second is a recent post that dives into the architecture of their stream monitoring tool, and how their experience and analysis drove them to implement it as a monolithic architecture. There is no one-size-fits-all. We always urge our engineers to find the best solution, and no particular architectural style is mandated. If you hire the best engineers, you should trust them to make the best decisions.

I always urge builders to consider the evolution of their systems over time and make sure the foundation is such that you can change and expand them with the minimum number of dependencies. Event-driven architectures (EDA) and microservices are a good match for that. However, if there are a set of services that always contribute to the response, have the exact same scaling and performance requirements, same security vectors, and most importantly, are managed by a single team, it is a worthwhile effort to see if combining them simplifies your architecture.

Evolvable architectures are something that we've taken to heart at Amazon from the very start. Re-evaluating and re-architecting our systems to meet the ever-increasing demands of our customers. You can go all the way back to 1998, when a group of senior engineers penned the Distributed Computing Manifesto, which put the wheels in motion to move Amazon from a monolith to a service-oriented architecture. In the decades since, things have continued to evolve, as we moved to microservices, then microservices on shared infrastructure, and as I spoke about at re:Invent, EDA.

An anonymous reader quotes a report from Ars Technica: The US Justice Department has seized the domains of 13 DDoS-for hire services as part of an ongoing initiative for combatting the Internet menace. The providers of these illicit services platforms describe them as "booter" or "stressor" services that allow site admins to test the robustness and stability of their infrastructure. Almost, if not all, are patronized by people out to exact revenge on sites they don't like or to further extortion, bribes, or other forms of graft. The international law enforcement initiative is known as Operation PowerOFF. In December, federal authorities seized another 48 domains. Ten of them returned with new domains, many that closely resembled their previous names.

"Ten of the 13 domains seized today are reincarnations of services that were seized during a prior sweep in December, which targeted 48 top booter services," the Justice Department said. "For example, one of the domains seized this week -- cyberstress.org -- appears to be the same service operated under the domain cyberstress.us, which was seized in December. While many of the previously disrupted booter services have not returned, today's action reflects law enforcement's commitment to targeting those operators who have chosen to continue their criminal activities." According to a seizure warrant (PDF) filed in federal court, the FBI used live accounts available through the services to take down sites with high-capacity bandwidth that were under FBI control. "The FBI tested each of services associated with the SUBJECT DOMAINS, meaning that agents or other personnel visited each of the websites and either used previous login information or registered a new account on the service to conduct attacks," FBI Special Agent Elliott Peterson wrote in the affidavit. "I believe that each of the SUBJECT DOMAINS is being used to facilitate the commission of attacks against unwitting victims to prevent the victims from accessing the Internet, to disconnect the victim from or degrade communication with established Internet connections, or to cause other similar damage."

A vulnerability in the "Advanced Custom Fields" plugin for WordPress is putting more than two million users at risk of cyberattacks, warns Patchstack researcher Rafie Muhammad. The Register reports: A warning from Patchstack about the flaw claimed there are more than two million active installs of the Advanced Custom Fields and Advanced Custom Fields Pro versions of the plugins, which are used to give site operators greater control of their content and data, such as edit screens and custom field data. Patchstack researcher Rafie Muhammad uncovered the vulnerability on February 5, and reported it to Advanced Custom Fields' vendor Delicious Brains, which took over the software last year from developer Elliot Condon. On May 5, a month after a patched version of the plugins was released by Delicious Brains, Patchstack published details of the flaw. It's recommended users update their plugin to at least version 6.1.6.

The flaw, tracked as CVE-2023-30777 and with a CVSS score of 6.1 out of 10 in severity, leaves sites vulnerable to reflected XSS attacks, which involve miscreants injecting malicious code into webpages. The code is then "reflected" back and executed within the browser of a visitor. Essentially, it allows someone to run JavaScript within another person's view of a page, allowing the attacker to do things like steal information from the page, perform actions as the user, and so on. That's a big problem if the visitor is a logged-in administrative user, as their account could be hijacked to take over the website.

"This vulnerability allows any unauthenticated user [to steal] sensitive information to, in this case, privilege escalation on the WordPress site by tricking the privileged user to visit the crafted URL path," Patchstack wrote in its report. The outfit added that "this vulnerability could be triggered on a default installation or configuration of Advanced Custom Fields plugin. The XSS also could only be triggered from logged-in users that have access to the Advanced Custom Fields plugin."

An anonymous reader quotes a report from TechCrunch: NextGen Healthcare, a U.S.-based provider of electronic health record software, admitted that hackers breached its systems and stole the personal data of more than 1 million patients. In a data breach notification filed with the Maine attorney general's office, NextGen Healthcare confirmed that hackers accessed the personal data of 1.05 million patients, including approximately 4,000 Maine residents. In a letter sent to those affected, NextGen Healthcare said that hackers stole patients' names, dates of birth, addresses and Social Security numbers. "Importantly, our investigation has revealed no evidence of any access or impact to any of your health or medical records or any health or medical data," the company added. TechCrunch asked NextGen Healthcare whether it has the means, such as logs, to determine what data was exfiltrated, but company spokesperson Tami Andrade declined to answer.

In its filing with Maine's AG, NextGen Healthcare said it was alerted to suspicious activity on March 30, and later determined that hackers had access to its systems between March 29 and April 14, 2023. The notification says that the attackers gained access to its NextGen Office system -- a cloud-based EHR and practice management solution -- using client credentials that "appear to have been stolen from other sources or incidents unrelated to NextGen." "When we learned of the incident, we took steps to investigate and remediate, including working together with leading outside cybersecurity experts and notifying law enforcement," Andrade told TechCrunch in a statement. "The individuals known to be impacted by this incident were notified on April 28, 2023, and we have offered them 24 months of free fraud detection and identity theft protection." NextGen was also the victim of a ransomware attack in January this year, adds TechCrunch. The stolen data, including employee names, addresses, phone numbers and passport scans, appears to be available on the dark web.

An anonymous reader quotes a report from The Register: This year's DEF CON AI Village has invited hackers to show up, dive in, and find bugs and biases in large language models (LLMs) built by OpenAI, Google, Anthropic, and others. The collaborative event, which AI Village organizers describe as "the largest red teaming exercise ever for any group of AI models," will host "thousands" of people, including "hundreds of students from overlooked institutions and communities," all of whom will be tasked with finding flaws in LLMs that power today's chat bots and generative AI. Think: traditional bugs in code, but also problems more specific to machine learning, such as bias, hallucinations, and jailbreaks -- all of which ethical and security professionals are now having to grapple with as these technologies scale. DEF CON is set to run from August 10 to 13 this year in Las Vegas, USA.

For those participating in the red teaming this summer, the AI Village will provide laptops and timed access to LLMs from various vendors. Currently this includes models from Anthropic, Google, Hugging Face, Nvidia, OpenAI, and Stability. The village people's announcement also mentions this is "with participation from Microsoft," so perhaps hackers will get a go at Bing. We're asked for clarification about this. Red teams will also have access to an evaluation platform developed by Scale AI. There will be a capture-the-flag-style point system to promote the testing of "a wide range of harms," according to the AI Village. Whoever gets the most points wins a high-end Nvidia GPU. The event is also supported by the White House Office of Science, Technology, and Policy; America's National Science Foundation's Computer and Information Science and Engineering (CISE) Directorate; and the Congressional AI Caucus.

Apple failed to revive a long-running copyright lawsuit against cybersecurity firm Corellium over its software that simulates the iPhone's iOS operating systems, letting security researchers to identify flaws in the software. From a report: The US Court of Appeals for the Eleventh Circuit on Monday ruled that Corellium's CORSEC simulator is protected by copyright law's fair use doctrine, which allows the duplication of copyrighted work under certain circumstances. Apple argued that Corellium's software was "wholesale copying and reproduction" of iOS and served as a market substitute for its own security research products. Corellium countered that its copying of Apple's computer code and app icons was only for the purposes of security research and was sufficiently "transformative" under the fair use standard. The three-judge panel largely agreed with Corellium, finding that CORSEC "furthers scientific progress by allowing security research into important operating systems" and that iOS "is functional operating software that falls outside copyright's core."

An anonymous reader shared this report from NBC News: Alexej Savreux, a 34-year-old in Kansas City, says he's done all kinds of work over the years. He's made fast-food sandwiches. He's been a custodian and a junk-hauler. And he's done technical sound work for live theater.

These days, though, his work is less hands-on: He's an artificial intelligence trainer.

Savreux is part of a hidden army of contract workers who have been doing the behind-the-scenes labor of teaching AI systems how to analyze data so they can generate the kinds of text and images that have wowed the people using newly popular products like ChatGPT. To improve the accuracy of AI, he has labeled photos and made predictions about what text the apps should generate next.

The pay: $15 an hour and up, with no benefits... He credits the AI gig work — along with a previous job at the sandwich chain Jimmy John's — with helping to pull him out of homelessness.
"Their feedback fills an urgent and endless need for the company and its AI competitors: providing streams of sentences, labels and other information that serve as training data," the article explains: "A lot of the discourse around AI is very congratulatory," said Sonam Jindal, the program lead for AI, labor and the economy at the Partnership on AI, a nonprofit based in San Francisco that promotes research and education around artificial intelligence. "But we're missing a big part of the story: that this is still hugely reliant on a large human workforce," she said...

A spike in demand has arrived, and some AI contract workers are asking for more. In Nairobi, Kenya, more than 150 people who've worked on AI for Facebook, TikTok and ChatGPT voted Monday to form a union, citing low pay and the mental toll of the work, Time magazine reported... Time magazine reported in January that OpenAI relied on low-wage Kenyan laborers to label text that included hate speech or sexually abusive language so that its apps could do better at recognizing toxic content on their own. OpenAI has hired about 1,000 remote contractors in places such as Eastern Europe and Latin America to label data or train company software on computer engineering tasks, the online news outlet Semafor reported in January...

A spokesperson for OpenAI said no one was available to answer questions about its use of AI contractors.

ChatGPT creator OpenAI is now valued at nearly $30 billion, reports Fortune — adding that CEO Sam Altman "still thinks startups are most effective when employees work together in an office." The idea of fully remote work becoming the norm has come and gone, he said this week at a fireside chat in San Francisco organized by the fintech company Stripe. "I think definitely one of the tech industry's worst mistakes in a long time was that everybody could go full remote forever, and startups didn't need to be together in person and, you know, there was going to be no loss of creativity," he told attendees. "I would say that the experiment on that is over, and the technology is not yet good enough that people can be full remote forever, particularly on startups."

He isn't alone in his assessment. Many CEOs have been demanding that remote employees spend more time in the office, among them Bob Iger at Disney, Howard Schultz at Starbucks, and Robert Thomson at News Corp. During the pandemic, remote work or a hybrid work schedule was the only option for many office workers — and many grew to prefer it to being in the office every workday.

"I do not believe in remote work for startups," Keith Rabois, a general partner at venture capital firm Founders Fund, told The Logan Bartlett Show last week, adding that neither he nor his firm would invest in a venture based on it. Younger workers, he noted, "learn by osmosis" in a way that requires in-person interaction, and supervisors discover hidden talent by watching them...

Altman said, "I feel pretty strongly that startups need a lot of in-person time, and the more fragile and nuanced and uncertain a set of ideas are, the more time you need together in person."

An anonymous reader shared this report from Fortune: For eight years now, as millennials have entered their thirties and forties, also known as "homebuying age," Bank of America has surveyed over 1,000 members of the generation once a year for its Home Work series. And for 2023's edition... older millennials (age 31-41) are almost three times as likely to move into a house than an apartment, the survey found...

Migration patterns during the pandemic have clearly established that most homebuyers have wanted to flee big cities, with some "zoomtowns" such as Boise benefiting in particular. But the survey reveals something even more drastic. In a section called "suburban nation," BofA reveals that 43% to 45% of millennials — of every age — expect to buy a house in the suburbs. "We expect the ability to work from home to remain an incentive for young families to seek out more remote suburban and rural markets where housing may be more affordable," wrote the BofA team led by research analyst Elizabeth Suzuki. And remote work is still robust, they added.

Millennials are also looking toward the suburbs for wealth-building. A majority (two-thirds) of them believe that they'll buy a home in the next two years, citing a return on investment as the number one reason for purchasing. The interest is pervasive across the generation, and maybe means that the suburb is in for a new and better revival. And a 2021 study from Pew Research Center found that one in five adults preferred city life, compared to one quarter of adults in 2018...

Millennials reported to BoA that the pandemic increased their likelihood of buying a home...