An anonymous reader quotes a report from the Washington Post: Artificial intelligence company OpenAI said Friday that an Iranian group had used its ChatGPT chatbot to generate content to be posted on websites and social media (Warning: source is paywalled; alternative source) seemingly aimed at stirring up polarization among American voters in the presidential election. The sites and social media accounts that OpenAI discovered posted articles and opinions made with help from ChatGPT on topics including the conflict in Gaza and the Olympic Games. They also posted material about the U.S. presidential election, spreading misinformation and writing critically about both candidates, a company report said. Some appeared on sites that Microsoft last week said were used by Iran to post fake news articles intended to amp up political division in the United States, OpenAI said.

The AI company banned the ChatGPT accounts associated with the Iranian efforts and said their posts had not gained widespread attention from social media users. OpenAI found "a dozen" accounts on X and one on Instagram that it linked to the Iranian operation and said all appeared to have been taken down after it notified those social media companies. Ben Nimmo, principal investigator on OpenAI's intelligence and investigations team, said the activity was the first case of the company detecting an operation that had the U.S. election as a primary target. "Even though it doesn't seem to have reached people, it's an important reminder, we all need to stay alert but stay calm," he said.

Jimmy Miller, programmer and co-host of the future of coding podcast, writes in a blog: When I started programming as a kid, I didn't know people were paid to program. Even as I graduated high school, I assumed that the world of "professional development" looked quite different from the code I wrote in my spare time. When I lucked my way into my first software job, I quickly learned just how wrong and how right I had been. My first job was a trial by fire, to this day, that codebase remains the worst and the best codebase I ever had the pleasure of working in. While the codebase will forever remain locked by proprietary walls of that particular company, I hope I can share with you some of its most fun and scary stories.

[...] Every morning at 7:15 the employees table was dropped. All the data completely gone. Then a csv from adp was uploaded into the table. During this time you couldn't login to the system. Sometimes this process failed. But this wasn't the end of the process. The data needed to be replicated to headquarters. So an email was sent to a man, who every day would push a button to copy the data.

[...] But what is a database without a codebase. And what a magnificent codebase it was. When I joined everything was in Team Foundation Server. If you aren't familiar, this was a Microsoft-made centralized source control system. The main codebase I worked in was half VB, half C#. It ran on IIS and used session state for everything. What did this mean in practice? If you navigated to a page via Path A or Path B you'd see very different things on that page. But to describe this codebase as merely half VB, half C# would be to do it a disservice. Every javascript framework that existed at the time was checked into this repository. Typically, with some custom changes the author believed needed to be made. Most notably, knockout, backbone, and marionette. But of course, there was a smattering of jquery and jquery plugins.

Microsoft has removed an arbitrary 32GB size limit for FAT32 partitions in the latest Windows 11 Canary build, now allowing for a maximum size of 2TB. The change, implemented in Windows 11 Insider Preview Build 27686, allows users to create larger FAT32 partitions using the command-line format tool. Previously, Windows systems could read larger FAT32 file systems created on other platforms or through alternative methods, but were limited to creating 32GB partitions natively.

Microsoft says it will temporarily cease its contentious Windows 11 upgrade campaign following user backlash. The tech giant had been bombarding Windows 10 users with full-screen popups urging them to switch operating systems. Starting with April's security update, these intrusive notifications will be discontinued. Microsoft says it will unveil a revised upgrade strategy in the coming months, as Windows 10 support nears its October 2025 end date.

Microsoft is notifying folks that its AI services should not be taken too seriously, echoing prior service-specific disclaimers. From a report: In an update to the IT giant's Service Agreement, which takes effect on September 30, 2024, Redmond has declared that its Assistive AI isn't suitable for matters of consequence. "AI services are not designed, intended, or to be used as substitutes for professional advice," Microsoft's revised legalese explains. The changes to Microsoft's rules of engagement cover a few specific services, such as noting that Xbox customers should not expect privacy from platform partners.

"In the Xbox section, we clarified that non-Xbox third-party platforms may require users to share their content and data in order to play Xbox Game Studio titles and these third-party platforms may track and share your data, subject to their terms," the latest Service Agreement says. There are also some clarifications regarding the handling of Microsoft Cashback and Microsoft Rewards. But the most substantive revision is the addition of an AI Services section, just below a passage that says Copilot AI Experiences are governed by Bing's Terms of Use. Those using Microsoft Copilot with commercial data protection get a separate set of terms. The tweaked consumer-oriented rules won't come as much of a surprise to anyone who has bothered to read the contractual conditions governing Microsoft's Bing and associated AI stuff. For example, there's now a Services Agreement prohibition on using AI Services for "Extracting Data."

An anonymous reader shares a report: Since last month's blue-screen deluge, CrowdStrike has published analyses of what went wrong and said it hired third-party security companies to review its product. Now, Germany's powerful cybersecurity agency is seizing the moment and hoping to rattle tech and cyber companies into altering their products to head off another mega-meltdown. In particular, the Bonn-based Federal Office for Information Security is taking aim at the access Microsoft gives security providers to its Windows kernel, a core part of its operating system. As well, the German agency is looking for fundamental changes in the way CrowdStrike and other cyber firms design their tools, in hopes of curbing that access.

"The most important thing is to prevent [that] this can happen again," said Thomas Caspers, director general for technology strategy at the BSI, as the agency is known. Leveraging the dread that filled Silicon Valley following the July outage, the BSI is planning to organize a conference this year gathering major tech firms, where it hopes they will commit to restricting access to the kernel, a change Caspers says is crucial to stopping similar failures. "We expect each company to be very specific about what they will do based on what we agreed on," he said.

Microsoft is making BitLocker device encryption a default feature in its next major update to Windows 11. From a report: If you clean install the 24H2 version that's rolling out in the coming months, device encryption will be enabled by default when you first sign in or set up a device with a Microsoft account or work / school account.

Device encryption is designed to improve the security of Windows machines by automatically enabling BitLocker encryption on the Windows install drive and backing up the recovery key to a Microsoft account or Entra ID. In Windows 11 version 24H2, Microsoft is reducing the hardware requirements for automatic device encryption, opening it up to many more devices -- including ones running the Home version of Windows 11. Device encryption no longer requires Hardware Security Test Interface (HSTI) or Modern Standby, and encryption will also be enabled even if untrusted direct memory access (DMA) buses / interfaces are detected.

Valve designer Lawrence Yang confirmed to The Verge that the company plans to support SteamOS on the rival Asus ROG Ally gaming handheld. From the report: A few days ago, some spotted an intriguing line in Valve's latest SteamOS release notes: "Added support for extra ROG Ally keys." We didn't know Valve was supporting any ROG Ally keys at all, let alone extras! Maybe Valve was just supporting those keys in the Steam desktop client on a Windows, where it offers a Steam Deck-like Big Picture Mode interface for any PC, and the line mistakenly made it into these patch notes? I asked to be safe. But no: this is indeed about Valve eventually supporting the ROG Ally and other rival handhelds!

"The note about ROG Ally keys is related to third-party device support for SteamOS. The team is continuing to work on adding support for additional handhelds on SteamOS," Yang tells me. That doesn't mean Asus will officially bless Valve's installer or sell the Ally with SteamOS, of course. (Asus has told me there are many reasons why it ships with Windows; a big one is that Microsoft has dedicated validation teams that ensure its operating system works across many different hardware configurations and chips.) And it's not like Valve is suggesting it'll offer SteamOS for rival handhelds anytime soon, either. Valve is "making steady progress," Yang tells me, but it "isn't ready to run out of the box yet." Valve has announced plans for a general release of SteamOS 3 that can be installed on non-handheld PCs; however, Yang says it's not quite ready yet. As for turning Steam Decks into dual-booting Windows machines, here's what Yang said: "As for Windows, we're preparing to make the remaining Windows drivers for Steam Deck OLED available (you might have seen that we are prepping firmware for the Bluetooth driver). There's no update on the timing for dual boot support -- it's still a priority, but we haven't been able to get to it just yet."

A rare bid to break up Alphabet's Google is one of the options being considered by the Justice Department after a landmark court ruling found that the company monopolized the online search market, Bloomberg News reported Tuesday, citing sources familiar with the matter. From the report: The move would be Washington's first push to dismantle a company for illegal monopolization since unsuccessful efforts to break up Microsoft two decades ago.

Less severe options include forcing Google to share more data with competitors and measures to prevent it from gaining an unfair advantage in AI products, said the people, who asked not to be identified discussing private conversations. Regardless, the government will likely seek a ban on the type of exclusive contracts that were at the center of its case against Google. If the Justice Department pushes ahead with a breakup plan, the most likely units for divestment are the Android operating system and Google's web browser Chrome, said the people. Officials are also looking at trying to force a possible sale of AdWords, the platform the company uses to sell text advertising, one of the people said.

An anonymous reader shares a report: Google has announced Pixel Screenshots, a new AI-powered app for its Pixel 9 lineup that lets you save, organize, and surface information from screenshots. Pixel Screenshot uses Google's private, on-device Gemini Nano AI model to analyze the content of an image and make it searchable.

During a demo at its Pixel launch event, Google showed how you can take a screenshot and then save it to a collection, like "gift ideas." You can also search through all your other screenshots by typing in a keyword, like "bikes" or "shoes." Pixel Screenshots will then pull up all relevant results. Additionally, Pixel Screenshots can give you information about what's inside an image. Further reading: Microsoft Postpones Windows Recall After Major Backlash.

AI PCs accounted for 14% of all PC shipped in the second quarter with Apple leading the way, research firm Canalys said on Tuesday, as added AI capabilities help reinvigorate demand. From a report: PC providers and chipmakers have pinned high hopes on devices that can perform AI tasks directly on the system, bypassing the cloud, as the industry slowly emerges from its worst slump in years. These devices typically feature neural processing units dedicated to performing AI tasks.

Apple commands about 60% of the AI PC market, the research firm said in the report, pointing to its Mac portfolio incorporating M-series chips with a neural engine. Within Microsoft's Windows, AI PC shipments grew 127% sequentially in the quarter. The tech giant debuted its "Copilot+" AI PCs in May, with Qualcomm's Snapdragon PC chips based on Arm Holdings' architecture.

An anonymous reader shares a report: Microsoft Paint isn't one of Windows' best photo editing apps, but in the recent past, the software giant introduced some exciting features, such as layer support, to make the app more viable for Windows users. While Microsoft was pouring the Paint app with new features, the Paint 3D app was dying a slow death. The app will finally be delisted from the Microsoft Store in November this year.

Mozilla's interim CEO Laura Chambers "says the company is reinvesting in Firefox after letting it languish in recent years," reports Fast Company, "hoping to reestablish the browser as independent alternative to the likes of Google's Chrome and Apple's Safari.

"But some of those investments, which also include forays into generative AI, may further upset the community that's been sticking with Firefox all these years..." Chambers acknowledges that Mozilla lost sight of Firefox in recent years as it chased opportunities outside the browser, such as VPN service and email masking. When she replaced Mitchell Baker as CEO in February, the company scaled back those other efforts and made Firefox a priority again. "Yes, Mozilla is refocusing on Firefox," she says. "Obviously, it's our core product, so it's an important piece of the business for us, but we think it's also really an important part of the internet."

Some of that focus involves adding features that have become table-stakes in other browsers. In June, Mozilla added vertical tab support in Firefox's experimental branch, echoing a feature that Microsoft's Edge browser helped popularize three years ago. It's also working on tab grouping features and an easier way to switch between user profiles. Mozilla is even revisiting the concept of web apps, in which users can install websites as freestanding desktop applications. Mozilla abandoned work on Progressive Web Apps in Firefox a few years ago to the dismay of many power users, but now it's talking with community members about a potential path forward.

"We haven't always prioritized those features as highly as we should have," Chambers says. "That's been a real shift that's been very felt in the community, that the things they're asking for . . . are really being prioritized and brought to life."
Firefox was criticized for testing a more private alternative to tracking cookies which could make summaries of aggregated data available to advertisers. (Though it was only tested on a few sites, "Privacy-Preserving Attribution" was enabled by default.) But EFF staff technologist Lena Cohen tells Fast Company that approach was "much more privacy-preserving" than Google's proposal for a "Privacy Sandbox." And according to the article, "Mozilla's system only measures the success rate of ads — it doesn't help companies target those ads in the first place — and it's less susceptible to abuse due to limits on how much data is stored and which parties are allowed to access it." In June, Mozilla also announced its acquisition of Anonym, a startup led by former Meta executives that has its own privacy-focused ad measurement system. While Mozilla has no plans to integrate Anonym's tech in Firefox, the move led to even more anxiety about the kind of company Mozilla was becoming. The tension around Firefox stems in part from Mozilla's precarious financial position, which is heavily dependent on royalty payments from Google. In 2022, nearly 86% of Mozilla's revenue came from Google, which paid $510 million to be Firefox's default search engine. Its attempts to diversify, through VPN service and other subscriptions, haven't gained much traction.

Chambers says that becoming less dependent on Google is "absolutely a priority," and acknowledges that building an ad-tech business is one way of doing that. Mozilla is hoping that emerging privacy regulations and wider adoption of anti-tracking tools in web browsers will increase demand for services like Anonym and for systems like Firefox's privacy-preserving ad measurements. Other revenue-generating ideas are forthcoming. Chambers says Mozilla plans to launch new products outside of Firefox under a "design sprint" model, aimed at quickly figuring out what works and what doesn't. It's also making forays into generative AI in Firefox, starting with a chatbot sidebar in the browser's experimental branch.
Chambers "says to expect a bigger marketing push for Firefox in the United States soon, echoing a 'Challenge the default' ad campaign that was successful in Germany last summer. Mozilla's nonprofit ownership structure, and the idea that it's not beholden to corporate interests, figures heavily into those plans."

Fortune reports that Crowdstrike "is enjoying a moment of strange cultural cachet at the annual Black Hat security conference, as throngs of visitors flock to its booth to snap selfies and load up on branded company shirts and other swag." (Some attendees "collectively shrugged at the idea that Crowdstrike could be blamed for a problem with a routine update that could happen to any of the security companies deeply intertwined with Microsoft Windows.") Others pointed out that Microsoft should take their fair share of the blame for the outage, which many say was caused by the design of Windows in its core architecture that leads to malware, spyware and driver instability. "Microsoft should not be giving any third party that level of access," said Eric O'Neill, a cybersecurity expert, attorney and former FBI operative. "Microsoft will complain, well, it's just the way that the technology works, or licensing works, but that's bullshit, because this same problem didn't affect Linux or Mac. And Crowdstrike caught it super-early."
Their article notes that Crowdstrike is one of this year's top sponsors of the conference. Despite its recent missteps, Crowdstrike had one of the biggest booths, notes TechCrunch, and "As soon as the doors opened, dozens of attendees started lining up." They were not all there to ask tough questions, but to pick up T-shirts and action figures made by the company to represent some of the nation-state and cybercriminal grups it tracks, such as Scattered Spider, an extortion racket allegedly behind last year's MGM Resorts and Okta cyberattacks; and Aquatic Panda, a China-linked espionage group.

"We're here to give you free stuff," a CrowdStrike employee told people gathered around a big screen where employees would later give demos. A conference attendee looked visibly surprised. "I just thought it would be dead, honestly. I thought it would be slower over there. But obviously, people are still fans, right?"

For CrowdStrike at Black Hat, there was an element of business as usual, despite its global IT outage that caused widespread disruption and delays for days — and even weeks for some customers. The conference came at the same time as CrowdStrike released its root cause analysis that explained what happened the day of the outage. In short, CrowdStrike conceded that it messed up but said it's taken steps to prevent the same incident happening again. And some cybersecurity professionals attending Black Hat appeared ready to give the company a second chance....

TechCrunch spoke to more than a dozen conference attendees who visited the CrowdStrike booth. More than half of attendees we spoke with expressed a positive view of the company following the outage. "Does it lower my opinion of their ability to be a leading-edge security company? I don't think so," said a U.S. government employee, who said he uses CrowdStrike every day.
Although TechCrunch does note that one engineer told his parent company they might consider Crowdstrike competitor Sophos...

CNN reports: Former President Donald Trump's campaign said Saturday in a statement that it had been hacked.

Politico reported earlier Saturday that it had received emails from an anonymous account with documents from inside Trump's campaign operation. "These documents were obtained illegally from foreign sources hostile to the United States, intended to interfere with the 2024 election and sow chaos throughout our Democratic process," Trump campaign spokesperson Steven Cheung said in a statement to CNN.

Cheung pointed to a recent report published by Microsoft that said Iranian operatives had ramped up their attempts to influence and monitor the US presidential election by creating fake news outlets targeting liberal and conservative voters and by trying to hack an unnamed presidential campaign... Still, it's not clear whether Iran was responsible for the hack. CNN has reached out to the Iranian mission to the United Nations for comment...

Politico reported it had received emails that contained internal communications from a senior Trump campaign official and a [271-page] research dossier the campaign had put together on Trump's running mate, Ohio Sen. JD Vance. The dossier included what the Trump campaign identified as Vance's potential vulnerabilities...

In 2016, days before the Democratic National Convention, WikiLeaks published nearly 20,000 emails from the Democratic National Committee server.

Microsoft researchers said on Friday that Iran government-tied hackers tried breaking into the account of a "high ranking official" on the U.S. presidential campaign in June, weeks after breaching the account of a county-level U.S. official. From a report: The breaches were part of Iranian groups' increasing attempts to influence the U.S. presidential election in November, the researchers said in a report that did not provide any further detail on the "official" in question.

The report follows recent statements by senior U.S. Intelligence officials that they'd seen Iran ramp up use of clandestine social media accounts with the aim to use them to try to sow political discord in the United States. Iran's mission to the United Nations in New York told Reuters in a statement that its cyber capabilities were "defensive and proportionate to the threats it faces" and that it had no plans to launch cyber attacks.

Dan Robinson writes via The Register: Hyperscalers are forecast to account for more than 60 percent of datacenter space by 2029, a stark reversal on just seven years ago when the majority of capacity was made up of on-premises facilities. This trend is the result of demand for cloud services and consumer-oriented digital services such as social networking, e-commerce and online gaming pushing growth in hyperscale bit barns, those operated by megacorps including Amazon, Microsoft and Meta. The figures were published by Synergy Research Group, which says they are drawn from several detailed quarterly tracking research services to build an analysis of datacenter volume and trends.

As of last year's data, those hyperscale companies accounted for 41 percent of the entire global data dormitory capacity, but their share is growing fast. Just over half of the hyperscaler capacity is comprised of own-build facilities, with the rest made up of leased server farms, operated by providers such as Digital Realty or Equinix. On-premises datacenters run by enterprises themselves now account for 37 percent of the total, a drop from when they made up 60 percent a few years ago. The remainder (22 percent) is accounted for by non-hyperscale colocation datacenters.

What the figures appear to show is that hyperscale volume is growing faster than colocation or on-prem capacity -- by an average of 22 percent each year. Hence Synergy believes that while colocation's share of the total will slowly decrease over time, actual colo capacity will continue to rise steadily. Likewise, the proportion of overall bit barn space represented by on-premise facilities is forecast by Synergy to decline by almost three percentage points each year, although the analyst thinks the actual total capacity represented by on-premises datacenters is set to remain relatively stable. It's a case of on-prem essentially standing still in an expanding market.

Security researchers from SafeBreach have found what they say is a Windows downgrade attack that's invisible, persistent, irreversible and maybe even more dangerous than last year's BlackLotus UEFI bootkit. From a report: After seeing the damage that UEFI bootkit could do by bypassing secure boot processes in Windows, SafeBreach's Alon Leviev became curious whether there were any other fundamental Windows components that could be abused in a similar manner. He hit the jackpot in one of the most unlikely places: The Windows update process.

"I found a way to take over Windows updates to update the system, but with control over all of the actual update contents," Leviev told us in an interview ahead of his Black Hat USA conference presentation today detailing his findings. Using his technique, having compromised a machine so that he could get in as a normal user, Leviev was able to control which files get updated, which registry keys are changed, which installers get used, and the like. And he was able to do all of it while side-stepping every single integrity verification implemented in the Windows update process. After that, "I was able to downgrade the OS kernel, DLLs, drivers ... basically everything that I wanted." To make matters worse, Leviev said that poking and prodding around the vulnerabilities he found enabled him to attack the entire Windows virtualization stack, including virtualization-based security (VBS) features that are supposed to isolate the kernel and make attacker access less valuable.

Facebook's AI-generated content problem is being fueled by its own creator bonus program, according to an investigation by 404 Media. The program incentivizes users, particularly from developing countries, to flood the platform with AI-generated images for financial gain. The outlet found that influencers in India and Southeast Asia are teaching followers how to exploit Facebook's algorithms and content moderation systems to go viral with AI-generated images. Many use Microsoft's Bing Image Creator to produce bizarre, often emotive content that garners high engagement.

"The post you are seeing now is of a poor man that is being used to generate revenue," said Indian YouTuber Gyan Abhishek in a video, pointing to an AI image of an emaciated elderly man. He claimed users could earn "$100 for 1,000 likes" through Facebook's bonus program. While exact payment rates vary, 404 Media verified that consistent viral posting can lead to significant earnings for users in countries like India. Meta has defended the program to 404 Media, stating it works as intended if content meets community standards and engagement is authentic.

theodp writes: After issuing mea culpas over diversity and compensation equity issues, tech companies began to promote their K-12 CS education philanthropy initiatives as corrective measures as they sought to deflect criticism and defeat shareholder calls for greater transparency into hiring and compensation practices. In 2016, for instance, Amazon argued it was already working with tech-backed nonprofits such as Code.org, the Anita Borg Institute, and Girls Who Code to increase women's and minorities' involvement in tech as it sought the SEC's permission to block a shareholder vote on a proposal on gender pay equality. As such, it wasn't terribly surprising to see the nation's tech giants again remind the public of their K-12 CS philanthropy efforts as they recently announced quarterly earnings.

In the Addressing Racial Injustice and Inequity section of its most recent 10-K Annual Report SEC filing, Microsoft boasted, "We also expanded our Technology Education and Learning Support ("TEALS") program to reach nearly 550 high schools across 21 racial equity expansion regions with the support of nearly 1,500 volunteers, 12% of whom identify as Black or African American."

An Amazon press release claimed the company is inspiring Girl Scouts to explore the future of STEM by awarding girls aged 7-and-up a co-branded Girl Scouts and Amazon patch for attending in-person or virtual Amazon warehouse tours. "As humanity looks to science, technology, engineering, and math (STEM) for new ideas and discoveries," Amazon explained, "it is more important than ever to harness the unique insights, skills, and potential of girls. [..] That's why Amazon partnered with Girl Scouts of the USA (GSUSA) to host exclusive tours [of Amazon fulfillment centers] for troops around the nation to showcase the importance and diversity of careers in STEM."

Most recently, a press release celebrated the move of Google's Code Next high school program into a lab located in the newly-rehabbed Michigan Central Station, which has thus far enrolled approximately 100 students. "Google has called Michigan home for over 15 years with offices in Detroit and Ann Arbor. We're dedicated to investing in the city and providing its students with the resources and inspiration they need to excel," said Shanika Hope, Director, Google Education and Social Impact. "We're excited to bring our Code Next program to Michigan Central, empowering Detroit's youth with computer science education to help them reach their full potential in the classroom and beyond."