• WWW.WIRED.COM
    AI Agents Will Be Manipulation Engines
    Surrendering to algorithmic agents risks putting us under their influence.
    0 Reacties 0 aandelen 21 Views
  • WWW.MACWORLD.COM
    IceWhale Technology ZimaCube Pro review: Fast 10GBe network storage with a local twist
    MacworldAt a glanceExpert's RatingProsSix HDD bays plus four-slot NVMe adapter for high capacityFast Intel Core 5 1235U CPUGood storage and web performanceRuns Docker apps and virtual machines over HTMLConsSparse documentationProblematic NVMe RAIDThunderbolt connection uses an ethernet bridgeOur Verdict We cant think of a more versatile, large-capacity NAS box than the 10Gbe ZimaCube Pro. And it supports Thunderbolt ethernet for even faster performance. But its a tad pricey and we ran into some bugs with the NVMe in RAID.Price When ReviewedThis value will show the geolocated pricing text for product undefinedBest Pricing TodayIf youre looking for a dainty wallflower of a storage box, skip this review. If youre looking for a large-capacity network-attached storage (NAS) box to provide ton of storage space as well as run web apps, read on.The ZimaCube is a cube-shaped (duh!), 6-bay server/storage enclosure that can function both over 10Gbe and Thunderbolt 4 port via an ethernet bridge. The handsome box measures approximately 8.75-inches deep, by 8.75 inches tall, by 9.5-inches wideno, its not a perfect cube. Cubular? Cubist? All six SATA drive bays are 3.5-inch, housing six non-locking, easily-removal trays.The ZimaCube Pros drive bays and 4-slot M.2 adapter are revealed.Note that the 3.5-inch trays dont use quick-change, pop-out rails, you must use the provided screws to install drives. Smaller, finer-threaded screws are also provided for SATA SSDs.There is what appears to be a seventh bay to the right. Technically it is and is referred to in the ZimaCube documentations as the seventh bay. However, it uses a different connector that mates with the provided single 4-slot PCIe M.2/NVMe adapter card. Said adapter is held in place by a captive thumb screw for easy removal.The ZimaCube Pros 4-slot M.2 NVMe adapter tray populated with four different 2TB NVMe SSDs.The bays are covered by a magnetically attached face plate. Directly above it are two Type-A 3.0 USB ports (5Gbps), a 5Gbps Type-C port, 3.5 mm stereo headphone jack, and a quick copy button that immediately copies data from attached thumb drives and the like.The back of the box is home to a single 10Gbps ethernet port, twin 2.5Gbps ethernet ports, two Type-A 2.0 USB ports, two Type-C Thunderbolt 4 ports (without the identifying logo), as well as both DisplayPort 1.4 and HDMI 2.0 ports for attaching displays. To the left of the Thunderbolt 4 ports are the power jack and a pinhole reset button.The back of the ZimaCube Pro with its port array and power jack.As you might guess, a server running a 10-core I5, with up to six HDDs and four NVMe SSDs like the ZimaCube ships with beefy power support: 19-volts and 11.58 amps to be specific. That should handle any drives you throw in the ZimaCube easily.IceWhale didnt provide any instructions on how to visit the interior of the unit. The lack of granular documentation was my least favorite thing about the ZimaCube Pro. Consequently, I simply started removing bolts. Fortunately, my first four choices (IceWhale thoughtfully uses hexagonal types) at the top of the unit allowed me up to pop the top to see the two half-height PCIe slots. You can add just about anything Linux has a driver for.The interior of the ZimaCube Pro. We love the beefy CPU fan. Its difficult to see the M.2 slot, but its just below and to the left of said fan.I was also able to view the populated M.2 slot. Theres another underneath, but its quite difficult to insert an SSD into. So difficult to both see and access that I asked the company if that was indeed what it was before proceeding.ZimaCube Pro: PriceThe ZimaCube Pro is $1,099 with the 16GB of DRAM that we tested, and $1,249 with 64GB of memory. Thats a pretty reasonable upgrade price (unlike a certain famous company that charges far more than upgraded components are worth). If youre going to run virtual machines or Docker apps, go for the 64GB.On the other hand, if youre simply going for lots of storage via NAS, you might be able to get away with the $699 non-Pro version of the ZimaCube with a slower Intel N100 CPU, only 8GB of memory, and no Thunderbolt ethernet. Its also 2.5Gbe only, so expect performance to top out at around 250MBps.ZimaCube Pro: Ease of set upIceWhale provides a utility that makes finding and accessing the ZimaCube a piece of cake, though it involves some guess work. Again, the lack of granular documentation meant no reference to a default username and password. I recommend installing the utility and have it open the web interface, then follow the prompts to create a new username and password with which to log on.After youre fully logged on via the web interface, you can define any RAID arrays or single volumes you want using the storage utility. It worked well in my hands-on but sometimes required a reboot before array deletions would register. Most users wont make as many changes as I did during testing.Beyond that, accessing the ZimaCube locally is just like mounting any other network resource, whether via 10Gbe or Thunderbolt ethernet bridge. Create shared folders via the web interface using the Files app, locate the ZimaCube in network locations, log on, and open said shared folders.ZimaCube Pro: Network-attached storage interfaceNAS boxes, at least those with display ports, can be used as the computer they actually are, if you attach a keyboard and monitor. However, as mentioned, they are typically configured and employed remotely via an HTML interface and accessed using a web browser. Its much like using Teamviewer, RustDesk, etc. to control another computer remotely. The image of the Zima interface below is from my browser.The main page of the ZimaCube Pros HTML interface.Modern NAS is capable of much more than their original purpose of simply serving up files. IceWhale implements a rather large array of browser-based apps that cover a wide spectrum of utility. Theyre all available from an app store, though I missed a search function to browse them by function.Media servers include Plex, Emby, Swingmusic, and Jellyfin. Theres the Handbrake video encoder and Calibre-Web for reading ebooks. Bittorrent/download clients include Transmission, qBittorrent, and Gospeed. Backup is represented by Duplicati, and Resilio Sync. Ive only mentioned the better-known applications; there are others. I was most enticed by the ZVM app which allows you to run virtual machines and comes with a demo of Windows 10 you can run.The ZimaCube Pros VM app starts up with Windows 10 installing itself. This comes pre-loaded.Docker is nicely integrated into the system with an option in the app store to add containerized applications, though theres not a lot of hand-holding in the process. As with much of the ZimaCube, a fairly high geek IQ or a zeal for learning Linux and Linux apps is helpful. Linux? Yup. Nearly every NAS box out there these days is running a version of Linux, which as you may or may not know, is nearly as app-rich these days as the pay competition and in some areas such as Docker, superior.ZimaCube Pro: PerformanceGiven its 10Gbe and Thunderbolt 4 support, and the ability to combine drives in RAID the ZimaCube Pro is fast, though not as fast as you might think when you first hear Thunderbolt. Thats because, as mentioned, the ZimaCube Pro connects via a Thunderbolt connection using an ethernet bridge and network transport protocols (SMB in this case). The fastest we saw over Thunderbolt ethernet was about 2GBps reading.For media, I tested the ZimaCube Pro with two fast (290MBps sequential transfers) 24TB hard drives in a striped RAID 0, four SATA SSDs striped in RAID 0, as well as four 2TB NVMe SSDs striped in RAID 0 using the adapter card. Both over the 10Gbe port, as well as the Thunderbolt port on a Mac Studio M1 Max. The results, while all relatively fast, were occasionally puzzling, and I ran into an issue.The puzzler was the two HDDs logging well over 800MBps over both Thunderbolt and 10Gbe, significantly faster than the roughly 600MBps theyre natively capable of. Obviously theres some caching going. Overall, it made it somewhat difficult to directly compare the ZimaCubes results with other DAS or NAS boxes.This issue was that at various times, under stress of the AmorphousDiskMark (64GiB) testing, the NVMe RAID 0 array would go belly up with one of the drives disappearing from the array.ZimaCube Pro pointed to one NVMe SSD as damaged, but rebooting cleared the error and the array would again be available for use. I even changed the drive that disappeared and the error repeated itself. In normal copy operations, I didnt see any errors. Only under the benchmark stress.Tested individually, there was also no problem with any of the four SSDs. The issue is still under investigation by IceWhale at the time of this writing. Note also, that theres no real reason to run all four NVMe SSDs in RAID 0 as theres no way to utilize the speed over ethernet.Below youll see the best results I got from each array on each bus. As AmorphousDiskMark overly stressed the ZimaCubes NVMe, I switched to Atto for this article.Atto shows faster speeds than Disk Speed Test and AmorphousDiskMark, but for the most part, I ran it using the far smaller 256MiB (Mebibyte) data set on a couple of tests. Note that when I tried the 32GiB (Gibibyte) data set (the second image below) on the NVMe RAID 0 array, it did not cause the same error as AmorphousDiskMark, However, both read and write speeds started bouncing all over the map. Again, caching.All the Atto tests are over Thunderbolt 4 ethernet. First up are the SATA RAID 0 results which turned out much as expected.Again, you can below that upping the data set to 32GiB delivered extremely mixed results.With the NVMe RAID 0 array, results were wildly inconsistent even using the much smaller 256MiB data set. Theres no way writes should be this much faster (from 512Kib to 24MiB)than reads without caching involved.The HDD RAID 0 array results were very consistent, but far faster than they have any right to be. As stated, even combined the total throughput shouldnt exceed 600MBps. Again, though not confirmed by IceWhale this is likely caching.Next is Disk Speed Test for the NVMe RAID 0 array over 10Gbe (left) and Thunderbolt 4 ethernet (right). Pretty darn close and these results make sense.ZimaCube Pro with four NVMe SSDs in RAID 0. 10Gbe to the left and T4 Ethernet to the right.Next up are SATA SSDs which perform on par with the NVMe according to BlackMagicDesigns Disk Speed Text. This is four of them in RAID 0. Note that ethernet is a major limiting factor in long transfers.ZimaCube Pro with four SATA SSDs in RAID 0. 10Gbe to the left and T4 Ethernet to the right.Below are the RAID 0 HDD results which again, make zero sense unless the ZimaCube Pro is using some sort of caching. Normally, a twin HDD array such as this is capable of 580MBps maximum. The ZimaCube Pro is obviously caching as a two-HDD RAID 0 array should top out at 600MBps.I sound like a broken record, but its likely some sort of caching or software wizardry skewed the results. That said, its difficult to complain about anything thats faster than you expect. So I wont.The basic story is this: Youll get between 600MBps and 1000MBps using its 10Gbe port, depending on media, and anywhere from 800MBps to 1.9GBps (read) using the Thunderbolt 4 port as an ethernet bridge will be the norm.Should you buy the ZimaCube Pro?If youre looking for fast, capacious NAS with the possibility of a faster direct Thunderbolt connection, then the ZimaCube is an attractive solution. Especially for virtual computing and media streaming. Overall, despite the issues (again, theres really no need for NVMe RAID 0 over ethernet), I enjoyed both looking at the ZimaCubes handsome countenance and using it. Note that IceWhale also makes one of our favorite modular build-it-yourself NAS solutions which you can find reviewed on sister publication TechHive.
    0 Reacties 0 aandelen 6 Views
  • GAMINGBOLT.COM
    Assassins Creed Shadows Naoe is The Fastest Assassin Yet, Says Creative Director
    Ubisoft has divulged many new details about Naoe and Yasuke, the protagonists of the upcoming Assassins Creed Shadows. Each feels unique, from differences in mobility and survivability to their dodges. However, for those who favor speed and the rush of the older games, Naoe is touted as the fastest Assassin yet.Speaking to Entertainment Weekly, creative director Jonathan Dumont said, Naoes the fastest Assassin we ever made. She runs super fast. She has a lot of gadgets to keep her stealthy so that she doesnt have to fight often. We wanted to satisfy that for players that come in for that ninja-Assassin game.Interestingly, Naoe also has a sprint that pays homage to the Naruto run, which characters in the manga/anime assumed when traveling at high speeds. We do have a run on top of buildings that has a little bit of a wink-wink to it, said Dumont.Naoes sneaky playstyle is a boon for night-time infiltration, but youre not beholden to playing as her throughout. If a more action-heavy experience is what youre after, you can focus on Yasuke about as much. Best of all, you acquire gear for both characters throughout the story, which means minimal grinding when switching back and forth.Assassins Creed Shadows launches on February 14th, 2025, for Xbox Series X/S, PS5, and PC. Dumont recently said its main journey is comparable to Origins/Odyssey and Valhalla, which could mean anywhere between 30 to 60 hours.
    0 Reacties 0 aandelen 4 Views
  • GAMINGBOLT.COM
    The Witcher 4s Open World Will be Deeper and More Immersive
    CD Projekt RED has expressed on multiple occasions that it intends to ensureThe Witcher 4is at least as big of a game asThe Witcher 3was, if not even more so, but in the aftermath of the action RPGs official announcement, the developer has also spoken about wanting to improve on the seminal 2015 titles in other ways.More specifically, speaking in a recent interview with VGC, narrative director Phillipp Weber talk about how CD Projekt RED is prioritizing crafting a deeper and more immersive open world rather than one that is bigger thanThe Witcher 3smap.The open world doesnt necessarily need to be bigger and bigger and bigger, but the open world can be deeper and more immersive, more systematic, he said. I think thats something thats really exciting to look at.Executive producer Magorzata Mitrga added that thoughThe Witcher 4will of course be a sizable experience, the focus for the studio is more on ambition and immersion.I would say making a feature for the game is not about making the best feature ever, its about making the best feature in the time you have, she said. Its more about the ambition of having really complex and immersive things going on and not necessarily the actual size. Of course, its a single-player, open-world action RPG; its going to be big.Weber concluded by saying that ensuring the game delivers consistently meaningful and interesting content without feeling repetitive will be how it ensures that it doesnt feel too big.We always say that whatever we do we want to have it be meaningful and it means it can be only so much that is actually meaningful and interesting, he said. Once we would have to start repeating stuff I think thats when its too big.For more details onThe Witcher 4, head on over here.
    0 Reacties 0 aandelen 4 Views
  • GAMINGBOLT.COM
    More Indiana Jones Games Are in the Works Rumour
    Xbox has ended the year strong with the launch of theIndiana Jones and the Great Circle, and amidst all the widespread acclaim for the MachineGames-developed first-person action-adventure title, it seems like there might be yet more Indy on the horizon.Thats as per prominent leaker Daniel Richtman and Windows Central journalist Jez Corden, with the former taking to Twitter and writing, Looks like were getting moreIndy games, and the latter responding with a gif saying, Its true.Whether that means Microsoft, Bethesda, and MachineGames are moving forward with sequels toIndiana Jones and the Great Circle or if its other Indiana Jones projects that have entered production at some other studio is unclear, but in either case, Lucasfilm Games clearly wants to keep investing in the IP, at least in the video gaming space. Earlier this month, Lucasfilm Games vice president and general manager Douglas Reilly also spoke about the possibility of more games based on the IP. Read more on that through here.Indiana Jones and the Great Circle is available on Xbox Series X/S and PC, and launches for PS5 in spring 2025. Read our review of the game through here.Looks like were getting more Indy games Daniel Richtman (@DanielRPK) December 22, 2024pic.twitter.com/5ftOEx3emo Jez (@JezCorden) December 22, 2024
    0 Reacties 0 aandelen 4 Views
  • BLOG.MEDIUM.COM
    The most-highlighted sentences of 2024
    The most-highlighted sentences of 2024Published inThe Medium BlogSent as aNewsletter4 min readJust now-- The highlight of my year? Working on this newsletter. Thank you to the hundreds of thousands of you who open and read this each week!Issue #234: highlights, year-end book lists, and deliberate distractionAs the calendar year wraps up, were doing the same here at the Medium Newsletter. This week, well be taking a look back at the year on Medium, pulling out the top highlighted passages (today), calling out some of the most-read responses, flagging notable new publications, writers new to Medium, and (Friday) sharing the most-read and most-shared stories of the year. Then were taking a break for the last week of 2024 we hope you will as well, we all need rest and will be back in 2025 to help you better understand your world in the new year.Reading through the most-highlighted passages from the year, a few clear themes stood out. By far the biggest one and not a surprise if youre a regular reader of this newsletter, as we highlighted a number of these in past issues are ideas related to deepening your understanding of yourself:When it comes to writing online, how I beats how to. Brendan Charles, Why I shifted from pure writing to documenting insteadPeople with high levels of trait self-control are good at avoiding temptation not resisting it. Riikka Iivanainen, The secret life of people with high self-control (its easier than you think)Showing up. Showing up with your whole self, showing up with your values and beliefs, showing up with what makes you unique, but above all showing up with consistency. JA Westenberg, Just show upTheres a fine line between taking on a worthwhile challenge, and taking on unnecessary stress. John Gorman, Stop wasting your timeThe problem with good habits, in other words, is that they sacrifice intentionality for efficiency. Stephan Joppich, Goodbye, Atomic HabitsEdison did not look for problems in need of solutions; he looked for solutions in need of modification.Of course, the flip side of this showed up here, too there was also a lot of wisdom about better understanding other people:If a persons behavior doesnt make sense to you, it is because you are missing a part of their context. Devon Price, Laziness does not existThe value of research doesnt come from elevating people who are already shouting. It comes from finding the people who are not being heard, and adding their voices to the conversation. Pavel Samsonov, Nikes $25B blunder shows us the limits of data-drivenHonesty is direct, whereas dishonesty tends to be indirect. Joshua Mason, Im an (actual) detective: Here are 7 signs that someone is lying to youLastly: While were avowedly pro-human-writing here at Medium, we also know AI tools can serve many purposes, like helping you learn new skills. And two of the most-highlighted passages this year were AI prompts that will raise your skill level in using chat-based AI tools like ChatGPT. We think youll find them useful:Before you start, please ask me any questions you have about this so I can give you more context. Be extremely comprehensive. Jordan Gibbs, The most important ChatGPT promptCreate a curated list of use cases for ChatGPT, each thoughtfully designed to align with my occupation. This list will serve as my personalized guide, enabling me to leverage ChatGPTs capabilities in various aspects of my occupation. Organize this list into 10 distinct sections sorted by their relevance to my occupation. In each section, construct a table with columns for Use Case and Example Request. Each section will contain 5 use cases examples. The Example Request will be written in the form of a direct request to ChatGPT. Begin by asking me about my occupation, and based on it fill in the interests, goals, challenges Im facing. Its imperative that you follow the request for 10 sections and 5 use case examples in each section. Bernard Builds, This one prompt will teach you how to use ChatGPTWhat else were readingIve never thought of it this way, but year-end book lists tend to be misleading for very mechanical reasons: Unlike music, TV, and movies, books take a long time to read, meaning critics can only read a tiny fraction of what gets published every year. (Janice Harayda)The best thing I learned from this story about a chefs time working at a Michelin-starred restaurant was how the culinary team the folks making the food are also the servers, hosts, and dishwashers. They see the whole experience, so they know how to make it better. (Fox Britten)The deputy campaign manager for Kamala Harris sees her loss as a symptom of a larger issue for Democrats: The institutions theyre used to influencing traditional media and Hollywood are no longer the dominant cultural forces. You dont get a national eight-point shift to the right without losing hold of culture. (Semafor) Your daily dose of practical wisdom about inspirationTo find creative inspiration, practice deliberate distraction. Put yourself in the path of serendipity with an aimless diversion, like flipping through old encyclopedias or browsing the shelves of a bookstore without a goal in mind, and see what unexpected connections your mind starts to make.
    0 Reacties 0 aandelen 5 Views
  • WWW.GAMESINDUSTRY.BIZ
    Hothead Games shuts down
    Hothead Games shuts downStudio filed for bankruptcy following breakdown of a projectImage credit: Hothead Games News by Sophie McEvoy Staff Writer Published on Dec. 23, 2024 Vancouver-based studio Hothead Games has closed its doors.Hothead CEO and president Ian Wilkinson shared the news on LinkedIn last Friday, revealing that the studio shut down on December 13 after filing for bankruptcy."We had an amazing playable for an AAA property and had hoped to secure a contract to develop both mobile and console/PC versions of this game with different publishers," wrote Wilkinson. "Unfortunately, it took far longer than expected to secure contracts for these versions of the game."They were both read to close two weeks ago and then the mobile publisher pulled out due to a change in strategy. Two weeks later, the console publisher also pulled out. At that point, our only remaining option was bankruptcy."He added: "Hopefully, this won't be the last time you hear from us. We still believe we are destined to work together again and continue great things."Hothead was founded in 2006 by former Radical Entertainment employees Steve Bocska, James Ceraldi, and Joel DeYoung.The developer was known for its PC and console games, but also developed and published premium then free-to-play mobile titles for a time.
    0 Reacties 0 aandelen 5 Views
  • WWW.MARKTECHPOST.COM
    Meet LLMSA: A Compositional Neuro-Symbolic Approach for Compilation-Free, Customizable Static Analysis with Reduced Hallucinations
    Static analysis is an inherent part of the software development process since it enables such activities as bug finding, program optimization, and debugging. The traditional approaches have two major drawbacks: methods based on code compilation are bound to fail in any development scenario where the code is incomplete or rapidly changing, and the need for tailoring calls for intimate knowledge of compiler internals and IRs inaccessible to many developers. These issues prevent static analysis tools from being widely used in real-world scenarios.The existing static analysis tools, such as FlowDroid and Infer, use IRs to detect issues in programs. However, they rely on compilation, which limits their usability in dynamic and incomplete codebases. Furthermore, they do not have enough support for tailoring analysis tasks to the needs of specific users; rather, customization requires deep knowledge of compiler infrastructures. Query-based systems such as CodeQL, which seek to mitigate these constraints, nevertheless present significant learning challenges stemming from intricate domain-specific languages and comprehensive application programming interfaces. These deficiencies limit their efficiency and uptake in various programming contexts.Researchers from Purdue University, Hong Kong University of Science and Technology, and Nanjing University have designed LLMSA. This neuro-symbolic framework aims to break the bottlenecks associated with traditional static analysis by enabling compilation-free functionality and full customization. The LLMSA framework uses datalog-oriented policy language to decompose complex analytical tasks into smaller, more tractable sub-problems. The methodology successfully addresses the hallucination errors in language models by combining deterministic parsing focused on syntactic attributes with neural reasoning targeted toward semantic elements. Furthermore, its implementation of complex techniques such as lazy evaluation wherein neural calculations are postponed until needed and incremental and parallel processing that optimize the utilization of computational resources while minimizing redundancy significantly improve its efficacy. This architectural framework places LLMSA as a versatile and resilient substitute for conventional static analysis techniques.The proposed framework combines the symbolic and neural elements to satisfy its objectives. Symbolic constructors determine abstract syntax trees (ASTs) in a deterministic fashion to obtain syntactic characteristics, while neural components apply large language models (LLMs) for reasoning about semantic relationships. The limited Datalog-style policy language allows the user to intuitively sketch tasks, breaking them up into exact rules for inspection. Lazy evaluation saves the computational cost since it performs the neural operations only when necessary, whereas incremental processing saves redundant calculations in iterative processes. Concurrent execution makes independent rules execute concurrently and greatly improves performance. The framework has been tested with Java programs on tasks such as alias analysis, program slicing, and bug detection, hence demonstrating its versatility and scalability.LLMSA performed well in a variety of static analysis tasks. It achieved 72.37% precision and 85.94% recall for alias analysis and 91.50% precision and 84.61% recall for program slicing. For the tasks of bug detection, it had an average precision of 82.77% and recall of 85.00%, thereby outperforming dedicated tools like NS-Slicer and Pinpoint by a fair margin of F1 score. In addition, the methodology could identify 55 out of 70 taint vulnerabilities in the TaintBench dataset, with a recall rate that exceeded an industrial-grade tool by 37.66% and a significant improvement in the F1 score. LLMSA achieved up to a 3.79 improvement compared with other designs in terms of computational efficiency, thus demonstrating its potential to perform various analytical tasks efficiently and proficiently.This research presents LLMSA as a transformative approach to static analysis, overcoming challenges related to compilation dependency and limited customization. Strong performance, scalability, as well as flexibility across applications in the context of different tasks in analysis, have been gained using the neuro-symbolic framework along with a correctly defined policy language. Effectiveness and versatility ensure LLMSA is an essential resource, bringing about ease to the advanced methods of static analysis for software development.Check out the Paper. All credit for this research goes to the researchers of this project. Also,dont forget to follow us onTwitter and join ourTelegram Channel andLinkedIn Group. Dont Forget to join our60k+ ML SubReddit. Aswin Ak+ postsAswin AK is a consulting intern at MarkTechPost. He is pursuing his Dual Degree at the Indian Institute of Technology, Kharagpur. He is passionate about data science and machine learning, bringing a strong academic background and hands-on experience in solving real-life cross-domain challenges. [Download] Evaluation of Large Language Model Vulnerabilities Report (Promoted)
    0 Reacties 0 aandelen 4 Views
  • THEHACKERNEWS.COM
    U.S. Judge Rules Against NSO Group in WhatsApp Pegasus Spyware Case
    Dec 23, 2024Ravie LakshmananSpyware / Mobile SecurityMeta Platforms-owned WhatsApp scored a major legal victory in its fight against Israeli commercial spyware vendor NSO Group after a federal judge in the U.S. state of California ruled in favor of the messaging giant for exploiting a security vulnerability to deliver Pegasus."The limited evidentiary record before the court does show that defendants' Pegasus code was sent through plaintiffs' California-based servers 43 times during the relevant time period in May 2019," United States District Judge Phyllis J. Hamilton said.The order further lambasted NSO Group, stating it "repeatedly failed to produce relevant discovery and failed to obey court orders regarding such discovery," referring to the company's failure to produce the Pegasus source code and for limiting the access to Israeli citizens while in Israel.This information, per WhatsApp, included code only pertaining to an Amazon Web Services (AWS) server, and not the entire codebase that would reveal the full scope of its functionality."NSO's lack of compliance with discovery orders raises serious concerns about their transparency and willingness to cooperate with the judicial process," Judge Hamilton said.The court also held NSO Group liable for breach of contract, concluding that the company had infringed on WhatsApp's terms of service, which prohibit the use of the messaging platform for malicious purposes or reverse engineering or decompiling the software."This ruling is a huge win for privacy," Will Cathcart, head of WhatsApp at Meta, said in a statement on X. "We spent five years presenting our case because we firmly believe that spyware companies could not hide behind immunity or avoid accountability for their unlawful actions."The case is expected to now proceed to a trial only on the issue of damages, Hamilton added.WhatsApp originally filed the complaint against NSO Group in late 2019, accusing it of accessing its servers without permission to install the Pegasus tool on 1,400 devices in May of that year. The attacks leveraged a then zero-day vulnerability in the app's voice calling feature (CVE-2019-3568, CVSS score: 9.8) to trigger the deployment of the spyware.Then last month, court documents revealed as part of the lawsuit revealed that NSO Group continued to weaponize WhatsApp to disseminate the spyware until May 2020.NSO Group has repeatedly said that its offerings are exclusively designed to be used by government and law enforcement agencies to tackle serious crimes like terrorism, child pornography, and money laundering, as well as to rescue kidnapped children and assist with emergency search and rescue operations."The world's most dangerous offenders communicate using technology designed to shield their communications, while government intelligence and law-enforcement agencies struggle to collect evidence and intelligence on their activities," the company says on its website, emphasizing that its mission is to "create a better, safer world."However, evidence to the contrary has established that there have been several instances of Pegasus being misused by authoritarian regimes and other governments across the world to target activists, politicians, and journalists.Apple, which filed a similar lawsuit against NSO Group in November 2021, has since sought to voluntarily dismiss the case on grounds that the market for commercial spyware has exploded since then and that various countermeasures are being added to deter and better flag such attacks.These include the Lockdown Mode and the threat notifications the iPhone maker began sending to warn victims it suspects have been targeted by state-sponsored actors, the latter of which has been hailed as a "game changer for spyware accountability research" by the Citizen Lab's John Scott-Railton.Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE
    0 Reacties 0 aandelen 5 Views
  • WWW.ARCHITECTSJOURNAL.CO.UK
    The Secret Architect: Tis the season to serve just deserts
    Source:&nbsp ShutterstockWell, deck the halls and cover me in tinsel. If it isnt the end of another project stage... Joy to the world, as we deliver our deliverables, festooning the place with clay renders, barely resolved plans and co-authored spreadsheets. My patience currently dangles like a big glass bauble on the end of a spindly little branch. Brush too close and I may lose it, launching my laptop across the office collaboration space and into the ornate seasonal planting.When one stage ends, so another begins, and we were supposed to have a project kick-off workshop on Monday. But it never happened. Now its Thursday and the clients project manager is trying to funnel us through a bend in the space-time continuum, insisting that the past date both happened, and still exists in our collective future. We have therefore not started the project yet and are four days late. He seems a bit smug for a man whose Dubai work visa relies on a project that hes torpedoed in under a week.I just want to get this thing moving; I have a forest of sub-consultants twirling in their office chairs and lamenting not going skiing before the break. The problem is on the client side we cant kick off without all 35 stakeholders in one room, backbiting and scoring points amongst themselves. Not only is our smug little PM refusing to corral his client, hes twigged that my director is a people-pleaser who will do anything to keep the project alive, so is now delegating this to me.AdvertisementApparently, its for the wider project benefit that I contact his client while hes away from desk. It would just be so much better for him? Sure, maybe I can walk your dog and take your bin out while Im at it? I ignore his increasingly arse-y emails, so he escalates to calling me on Teams, at 4am UK time.When I dont answer, I get a terse call me asap thx, which I only see when I get to the office the next morning. Now its 8:54am and Im furious. He calls again, barking orders while clearly inside an airport, off on his early winter break. My director is perched on my desk like Elf on a Shelf, frantically signalling that I should just say yes and get off the line. I sigh and hang up.I consider my options. I could say the line broke up. I could throw the Scope of Works at him (we actually have one! And he signed it!). Or I could give him enough rope to hang himself. Option 3 it is.Silent merriment abounds until, at 17:46, I receive an email. Hes copied the client, his boss, my boss, and attached my own programme to help me out. We should have contacted the Clients PM to organise the kick-off meeting, like, weeks ago? He seems unaware that he is the Clients PM.Im gearing up to a spicy put-down, when his pre-emptive out of office notes hell be away for the next two weeks blissfully offline. I walk home through sleet with fists clenched. Theres a knot of indignation in my stomach. Its so unfair. I wake up with a stiff neck and resolve to defeat him with my own competence.AdvertisementNext day at the office, I launch a phone-a-thon offensive like a deranged charity caller. I speak to the client. Theyre baffled Dont we pay our PM to do this? I video-call the chief engineer, who just scowls. Yes, I know, but what are we going to do, take the blame for the project failing?Im starting to feel righteous, and foolish. Then my phone rings. Its the PMs boss.Seems she inherited him from another team, and, well. A bit out of his depth, isnt he? The client is furious and wants their money back, which is all very embarrassing. Shes so sorry for the misunderstanding. I raise a silent eyebrow. Wont happen again. Shes going to let him know that he doesnt need to come back from holiday. Howre things otherwise ?I stutter a reply, thank her for the call, and sit up in my chair. Im stunned. Discombobulated. Feeling kind of festive. Is this a MERRY-tocracy?! Throw another log on the fire and give the cat a kipper; Ill see you all in January.The Secret Architect working overseas 2024-12-23Alan Gordoncomment and share
    0 Reacties 0 aandelen 5 Views