BadBox malware has been menacing low-cost Android devices for nearly a decade.

Email authentication protocols like SPF, DKIM, and DMARC play a critical role in protecting domains from spoofing and phishing. However, when SEGs are introduced into the email path, the interaction with these protocols becomes more complex. Security gateways(SEGs) are a core part of many organizations’ email infrastructure. They act as intermediaries between the public internet and internal mail systems, inspecting, filtering, and routing messages. This blog examines how security gateways handle SPF, DKIM, and DMARC, with real-world examples from popular gateways such as Proofpoint, Mimecast, and Avanan. We’ll also cover best practices for maintaining authentication integrity and avoiding misconfigurations that can compromise email authentication or lead to false DMARC failures. Security gateways often sit at the boundary between your organization and the internet, managing both inbound and outbound email traffic. Their role affects how email authentication protocols behave. An inbound SEG examines emails coming into your organization. It checks SPF, DKIM, and DMARC to determine if the message is authentic and safe before passing it to your internal mail servers. An outbound SEG handles emails sent from your domain. It may modify headers, rewrite envelope addresses, or even apply DKIM signing. All of these can impact SPF,  DKIM, or DMARC validation on the recipient’s side. Understanding how SEGs influence these flows is crucial to maintaining proper authentication and avoiding unexpected DMARC failures. Inbound Handling of SPF, DKIM, and DMARC by Common Security Gateways When an email comes into your organization, your security gateway is the first to inspect it. It checks whether the message is real, trustworthy, and properly authenticated. Let’s look at how different SEGs handle these checks. Avanan (by Check Point) SPF: Avanan verifies whether the sending server is authorized to send emails for the domain by checking the SPF record. DKIM: It verifies if the message was signed by the sending domain and if that signature is valid. DMARC: It uses the results of the SPF and DKIM check to evaluate DMARC. However, final enforcement usually depends on how DMARC is handled by Microsoft 365 or Gmail, as Avanan integrates directly with them. Avanan offers two methods of integration:1. API integration: Avanan connects via APIs, no change in MX, usually Monitor or Detect modes.2. Inline integration: Avanan is placed inline in the mail flow (MX records changed), actively blocking or remediating threats. Proofpoint Email Protection SPF: Proofpoint checks SPF to confirm the sender’s IP is authorized to send on behalf of the domain. You can set custom rules (e.g. treat “softfail” as “fail”). DKIM: It verifies DKIM signatures and shows clear pass/fail results in logs. DMARC: It fully evaluates DMARC by combining SPF and DKIM results with alignment checks. Administrators can configure how to handle messages that fail DMARC, such as rejecting, quarantining, or delivering them. Additionally, Proofpoint allows whitelisting specific senders you trust, even if their emails fail authentication checks. Integration Methods Inline Mode: In this traditional deployment, Proofpoint is positioned directly in the email flow by modifying MX records. Emails are routed through Proofpoint’s infrastructure, allowing it to inspect and filter messages before they reach the recipient’s inbox. This mode provides pre-delivery protection and is commonly used in on-premises or hybrid environments. API-Based (Integrated Cloud Email Security – ICES) Mode: Proofpoint offers API-based integration, particularly with cloud email platforms like Microsoft 365 and Google Workspace. In this mode, Proofpoint connects to the email platform via APIs, enabling it to monitor and remediate threats post-delivery without altering the email flow. This approach allows for rapid deployment and seamless integration with existing cloud email services. Mimecast SPF: Mimecast performs SPF checks to verify whether the sending server is authorized by the domain’s SPF record. Administrators can configure actions for SPF failures, including block, quarantine, permit, or tag with a warning. This gives flexibility in balancing security with business needs. DKIM: It validates DKIM signatures by checking that the message was correctly signed by the sending domain and that the content hasn’t been tampered with. If the signature fails, Mimecast can take actions based on your configured policies. DMARC: It fully evaluates DMARC by combining the results of SPF and DKIM with domain alignment checks. You can choose to honor the sending domain’s DMARC policy (none, quarantine, reject) or apply custom rules, for example, quarantining or tagging messages that fail DMARC regardless of the published policy. This allows more granular control for businesses that want to override external domain policies based on specific contexts. Integration Methods Inline Deployment: Mimecast is typically deployed as a cloud-based secure email gateway. Organizations update their domain’s MX records to point to Mimecast, so all inbound (and optionally outbound) emails pass through it first. This allows Mimecast to inspect, filter, and process emails before delivery, providing robust protection. API Integrations: Mimecast also offers API-based services through its Mimecast API platform, primarily for management, archival, continuity, and threat intelligence purposes. However, API-only email protection is not Mimecast’s core model. Instead, the APIs are used to enhance the inline deployment, not replace it. Barracuda Email Security Gateway SPF: Barracuda checks the sender’s IP against the domain’s published SPF record. If the check fails, you can configure the system to block, quarantine, tag, or allow the message, depending on your policy preferences. DKIM: It validates whether the incoming message includes a valid DKIM signature. The outcome is logged and used to inform further policy decisions or DMARC evaluations. DMARC: It combines SPF and DKIM results, checks for domain alignment, and applies the DMARC policy defined by the sender. Administrators can also choose to override the DMARC policy, allowing messages to pass or be treated differently based on organizational needs (e.g., trusted senders or internal exceptions). Integration Methods Inline mode (more common and straightforward): Barracuda Email Security Gateway is commonly deployed inline by updating your domain’s MX records to point to Barracuda’s cloud or on-premises gateway. This ensures that all inbound emails pass through Barracuda first for filtering and SPF, DKIM, and DMARC validation before being delivered to your mail servers. Deployment Behind the Corporate Firewall: Alternatively, Barracuda can be deployed in transparent or bridge mode without modifying MX records. In this setup, the gateway is placed inline at the network level, such as behind a firewall, and intercepts mail traffic transparently. This method is typically used in complex on-premises environments where changing DNS records is not feasible. Cisco Secure Email (formerly IronPort) Cisco Secure Email acts as an inline gateway for inbound email, usually requiring your domain’s MX records to point to the Cisco Email Security Appliance or cloud service. SPF: Cisco Secure Email verifies whether the sending server is authorized in the sender domain’s SPF record. Administrators can set detailed policies on how to handle SPF failures. DKIM: It validates the DKIM signature on incoming emails and logs whether the signature is valid or has failed. DMARC: It evaluates DMARC by combining SPF and DKIM results along with domain alignment checks. Admins can configure specific actions, such as quarantine, reject, or tag, based on different failure scenarios or trusted sender exceptions. Integration methods On-premises Email Security Appliance (ESA): You deploy Cisco’s hardware or virtual appliance inline, updating MX records to route mail through it for filtering. Cisco Cloud Email Security: Cisco offers a cloud-based email security service where MX records are pointed to Cisco’s cloud infrastructure, which filters and processes inbound mail. Cisco Secure Email also offers advanced, rule-based filtering capabilities and integrates with Cisco’s broader threat protection ecosystem, enabling comprehensive inbound email security. Outbound Handling of SPF, DKIM, and DMARC by Common Security Gateways When your organization sends emails, security gateways can play an active role in processing and authenticating those messages. Depending on the configuration, a gateway might rewrite headers, re-sign messages, or route them through different IPs – all actions that can help or hurt the authentication process. Let’s look at how major SEGs handle outbound email flow. Avanan – Outbound Handling and Integration Methods Outbound Logic Avanan analyzes outbound emails primarily to detect data loss, malware, and policy violations. In API-based integration, emails are sent directly by the original mail server (e.g., Microsoft 365 or Google Workspace), so SPF and DKIM signatures remain intact. Avanan does not alter the message or reroute traffic, which helps maintain full DMARC alignment and domain reputation. Integration Methods 1. API Integration: Connects to Microsoft 365 or Google Workspace via API. No MX changes are needed. Emails are scanned after they are sent, with no modification to SPF, DKIM, or the delivery path.  How it works: Microsoft Graph API or Google Workspace APIs are used to monitor and intervene in outbound emails. Protection level: Despite no MX changes, it can offer inline-like protection, meaning it can block, quarantine, or encrypt emails before they are delivered externally. SPF/DKIM/DMARC impact: Preserves original headers and signatures since mail is sent directly from Microsoft/Google servers. 2. Inline Integration: Requires changing MX records to route email through Avanan. In this mode, Avanan can intercept and inspect outbound emails before delivery. Depending on the configuration, this may affect SPF or DKIM if not properly handled. How it works: Requires adding Avanan’s Protection level: Traditional inline security with full visibility and control, including encryption, DLP, policy enforcement, and advanced threat protection. SPF/DKIM/DMARC impact: SPF configuration is needed by adding Avanan’s include mechanism to the sending domain’s SPF record. The DKIM record of the original sending source is preserved. For configurations, you can refer to the steps in this blog. Proofpoint – Outbound Handling and Integration Methods Outbound Logic Proofpoint analyzes outbound emails to detect and prevent data loss (DLP), to identify advanced threats (malware, phishing, BEC) originating from compromised internal accounts, and to ensure compliance. Their API integration provides crucial visibility and powerful remediation capabilities, while their traditional gateway (MX record) deployment delivers true inline, pre-delivery blocking for outbound traffic. Integration methods 1. API Integration: No MX record changes are required for this deployment method. Integration is done with Microsoft 365 or Google Workspace. How it works: Through its API integration, Proofpoint gains deep visibility into outbound emails and provides layered security and response features, including: Detect and alert: Identifies sensitive content (Data Loss Prevention violations), malicious attachments, or suspicious links in outbound emails. Post-delivery remediation (TRAP): A key capability of the API model is Threat Response Auto-Pull (TRAP), which enables Proofpoint to automatically recall, quarantine, or delete emails after delivery. This is particularly useful for internally sent messages or those forwarded to other users. Enhanced visibility: Aggregates message metadata and logs into Proofpoint’s threat intelligence platform, giving security teams a centralized view of outbound risks and user behavior. Protection level: API-based integration provides strong post-delivery detection and response, as well as visibility into DLP incidents and suspicious behavior.  SPF/DKIM/DMARC impact: Proofpoint does not alter SPF, DKIM, or DMARC because emails are sent directly through Microsoft or Google servers. Since Proofpoint’s servers are not involved in the actual sending process, the original authentication headers remain intact. 2. Gateway Integration (MX Record/Smart Host): This method requires updating MX records or routing outbound mail through Proofpoint via a smart host. How it works: Proofpoint acts as an inline gateway, inspecting emails before delivery. Inbound mail is filtered via MX changes; outbound mail is relayed through Proofpoint’s servers. Threat and DLP filtering: Scans outbound messages for sensitive content, malware, and policy violations. Real-time enforcement: Blocks, encrypts, or quarantines emails before they’re delivered. Policy controls: Applies rules based on content, recipient, or behavior. Protection level: Provides strong, real-time protection for outbound traffic with pre-delivery enforcement, DLP, and encryption. SPF/DKIM/DMARC impact: Proofpoint becomes the sending server: SPF: You need to configure ProofPoint’s SPF. DKIM: Can sign messages; requires DKIM setup. DMARC: DMARC passes if SPF and DKIM are set up properly. Please refer to this article to configure SPF and DKIM for ProofPoint. Mimecast – Outbound Handling and Integration Methods Outbound Logic Mimecast inspects outbound emails to prevent data loss (DLP), detect internal threats such as malware and impersonation, and ensure regulatory compliance. It primarily functions as a Secure Email Gateway (SEG), meaning it sits directly in the outbound email flow. While Mimecast offers APIs, its core outbound protection is built around this inline gateway model. Integration Methods 1. Gateway Integration (MX Record change required) This is Mimecast’s primary method for outbound email protection. Organizations route their outbound traffic through Mimecast by configuring their email server (e.g., Microsoft 365, Google Workspace, etc.) to use Mimecast as a smart host. This enables Mimecast to inspect and enforce policies on all outgoing emails in real time. How it works: Updating outbound routing in your email system (smart host settings), or Using Mimecast SMTP relay to direct messages through their infrastructure. Mimecast then scans, filters, and applies policies before the email reaches the final recipient. Protection level: Advanced DLP: Identifies and prevents sensitive data leaks. Impersonation and Threat Protection: Blocks malware, phishing, and abuse from compromised internal accounts. Email Encryption and Secure Messaging: Applies encryption policies or routes messages via secure portals. Regulatory Compliance: Enforces outbound compliance rules based on content, recipient, or metadata. SPF/DKIM/DMARC impact: SPF: Your SPF record must include Mimecast’s SPF mechanism based on your region to avoid SPF failures. DKIM: A new DKIM record should be configured to make sure your emails are DKIM signed when routing through Mimecast. DMARC: With correct SPF and DKIM setup, Mimecast ensures DMARC alignment, maintaining your domain’s sending reputation. Please refer to the steps in this detailed article to set up SPF and DKIM for Mimecast. 2. API Integration (Complementary to Gateway) Mimecast’s APIs complement the main gateway by providing automation, reporting, and management tools rather than handling live outbound mail flow. They allow you to manage policies, export logs, search archived emails, and sync users. APIs enhance visibility and operational tasks but do not provide real-time filtering or blocking of outbound messages. Since APIs don’t process live mail, they have no direct effect on SPF, DKIM, or DMARC; those depend on your gateway (smart host) setup. Barracuda – Outbound Handling and Integration Methods Outbound Logic Barracuda analyzes outbound emails to prevent data loss (DLP), block malware, stop phishing/impersonation attempts from compromised internal accounts, and ensure compliance. Barracuda offers flexible deployment options, including both traditional gateway (MX record) and API-based integrations. While both contribute to outbound security, their roles are distinct. Integration Methods 1. Gateway Integration (MX Record / Smart Host) — Primary Inline Security How it works: All outbound emails pass through Barracuda’s security stack for real-time inspection, threat blocking, and policy enforcement before delivery. Protection level: Comprehensive DLP (blocking, encrypting, or quarantining sensitive content)  Outbound spam and virus filtering  Enforcement of compliance and content policies This approach offers a high level of control and immediate threat mitigation on outbound mail flow. SPF/DKIM/DMARC impact: SPF: Update SPF records to include Barracuda’s sending IPs or SPF include mechanism. DKIM: Currently, no explicit setup is needed; DKIM of the main sending source is preserved. Refer to this article for more comprehensive guidance on Barracuda SEG configuration. 2. API Integration (Complementary & Advanced Threat Focus) How it works: The API accesses cloud email environments to analyze historical and real-time data, learning normal communication patterns to detect anomalies in outbound emails. It also supports post-delivery remediation, enabling the removal of malicious emails from internal mailboxes after sending. Protection level: Advanced AI-driven detection and near real-time blocking of outbound threats, plus strong post-delivery cleanup capabilities. SPF/DKIM/DMARC impact: Since mail is sent directly by the original mail server (e.g., Microsoft 365), SPF and DKIM signatures remain intact, preserving DMARC alignment and domain reputation. Cisco Secure Email (formerly IronPort) – Outbound Handling and Integration Methods Outbound Logic Cisco Secure Email protects outbound email by preventing data loss (DLP), blocking spam and malware from internal accounts, stopping business email compromise (BEC) and impersonation attacks, and ensuring compliance. Cisco provides both traditional gateway appliances/cloud gateways and modern API-based solutions for layered outbound security. Integration Methods 1. Gateway Integration (MX Record / Smart Host) – Cisco Secure Email Gateway (ESA) How it works: Organizations update MX records to route mail through the Cisco Secure Email Gateway or configure their mail server (e.g., Microsoft 365, Exchange) to smart host outbound email via the gateway. All outbound mail is inspected and policies enforced before delivery. Protection level: Granular DLP (blocking, encrypting, quarantining sensitive content) Outbound spam and malware filtering to protect IP reputation Email encryption for sensitive outbound messages Comprehensive content and attachment policy enforcement SPF: Check this article for comprehensive guidance on Cisco SPF settings. DKIM: Refer to this article for detailed guidance on Cisco DKIM settings. 2. API Integration – Cisco Secure Email Threat Defense How it works: Integrates directly via API with Microsoft 365 (and potentially Google Workspace), continuously monitoring email metadata, content, and user behavior across inbound, outbound, and internal messages. Leverages Cisco’s threat intelligence and AI to detect anomalous outbound activity linked to BEC, account takeover, and phishing. Post-Delivery Remediation: Automates the removal or quarantine of malicious or policy-violating emails from mailboxes even after sending. Protection level: Advanced, AI-driven detection of sophisticated outbound threats with real-time monitoring and automated remediation. Complements gateway filtering by adding cloud-native visibility and swift post-send action. SPF/DKIM/DMARC impact: Since emails are sent directly by the original mail server, SPF and DKIM signatures remain intact, preserving DMARC alignment and domain reputation. If you have any questions or need assistance, feel free to reach out to EasyDMARC technical support.

LLMs have shown impressive capabilities across various programming tasks, yet their potential for program optimization has not been fully explored. While some recent efforts have used LLMs to enhance performance in languages like C++ and Python, the broader application of LLMs to optimize code, especially in low-level programming contexts, remains limited. Existing LLM benchmarks largely focus on code generation from natural language or solving GitHub issues, as seen in HumanEval, MBPP, APPS, SWE-bench, and SWE-agent. Moreover, models such as Codex, AlphaCode, and Code Llama primarily aim to improve code generation quality rather than performance. However, select research has begun addressing optimization, including parallelization and code efficiency improvements, though many of these approaches are constrained by the need for formal verification, limiting scalability. In contrast, some newer methods embrace test-based validation, allowing optimization of more complex programs with loops. Learning-based strategies in compiler optimization—like AutoPhase, which uses reinforcement learning for pass sequencing, and Coreset, which applies graph neural networks—have shown promise in improving performance. Superoptimization techniques aim to find the most efficient version of a program but are typically restricted to small-scale problems. Additionally, frameworks like AutoTVM and Ansor have focused on optimizing GPU kernel code through statistical modeling and search. Recently, LLM-driven optimization has gained attention, with reinforcement learning approaches guiding LLMs using feedback from test cases. Techniques like CodeRL and PPOCoder leverage policy optimization methods to fine-tune models for better performance, even across resource-constrained programming languages like Verilog.  Stanford, UIUC, CMU, and Visa Research researchers explore using LLMs to optimize assembly code performance—an area traditionally handled by compilers like GCC. They introduce a reinforcement learning framework using Proximal Policy Optimization (PPO), guided by a reward balancing correctness and speedup over the gcc -O3 baseline. Using a dataset of 8,072 real-world programs, their model, Qwen2.5-Coder-7B-PPO, achieves a 96.0% test pass rate and a 1.47× average speedup, outperforming 20 other models, including Claude-3.7-sonnet. Their results show that with RL training, LLMs can effectively outperform conventional compiler optimizations.  The methodology involves optimizing compiled C programs for performance using an RL approach. Given a C program C, it is compiled to assembly P using gcc -O3. The goal is to generate a new assembly program P’ that is functionally equivalent but faster. Correctness is verified using a test set, and speedup is measured by execution time improvement. Using CodeNet as the dataset, the authors apply PPO to train a language model that generates improved code. Two reward functions—Correctness-Guided Speedup and Speedup-Only—are used to guide training based on program validity, correctness, and performance gains.  The study evaluates various language models on optimizing assembly code, revealing that most models struggle with low test pass rates and minimal speedups. However, Qwen2.5-Coder-7B-PPO, trained with reinforcement learning, significantly outperforms others, achieving 96% accuracy and a 1.47× average speedup. Ablation studies show that using gcc -O3 as a reference aids performance, while removing it leads to sharp declines. Notably, models like Claude-3.7-sonnet can surpass compilers by identifying hardware-specific optimizations, such as replacing loops with a single popcnt instruction, demonstrating their ability to perform semantic-level code transformations beyond traditional compiler capabilities.  In conclusion, the study explores using LLMs to optimize assembly code, a domain where traditional compilers struggle due to the complexity of low-level performance tuning. The authors fine-tune Qwen2.5-Coder-7B using PPO, rewarding both correctness (via test cases) and speedup over gcc -O3. They introduce a benchmark of 8,072 real-world C programs to evaluate performance. The model achieves a 96.0% test pass rate and a 1.47× average speedup, outperforming 20 other models, including Claude-3.7-sonnet. While effective, limitations include a lack of formal correctness guarantees and variability in hardware performance across systems.  Check out the Paper. All credit for this research goes to the researchers of this project. Also, feel free to follow us on Twitter and don’t forget to join our 95k+ ML SubReddit and Subscribe to our Newsletter. Sana HassanSana Hassan, a consulting intern at Marktechpost and dual-degree student at IIT Madras, is passionate about applying technology and AI to address real-world challenges. With a keen interest in solving practical problems, he brings a fresh perspective to the intersection of AI and real-life solutions.Sana Hassanhttps://www.marktechpost.com/author/sana-hassan/Evaluating Enterprise-Grade AI Assistants: A Benchmark for Complex, Voice-Driven WorkflowsSana Hassanhttps://www.marktechpost.com/author/sana-hassan/Beyond Aha Moments: Structuring Reasoning in Large Language ModelsSana Hassanhttps://www.marktechpost.com/author/sana-hassan/RXTX: A Machine Learning-Guided Algorithm for Efficient Structured Matrix MultiplicationSana Hassanhttps://www.marktechpost.com/author/sana-hassan/From Protocol to Production: How Model Context Protocol (MCP) Gateways Enable Secure, Scalable, and Seamless AI Integrations Across Enterprises

As businesses increasingly integrate AI assistants, assessing how effectively these systems perform real-world tasks, particularly through voice-based interactions, is essential. Existing evaluation methods concentrate on broad conversational skills or limited, task-specific tool usage. However, these benchmarks fall short when measuring an AI agent’s ability to manage complex, specialized workflows across various domains. This gap highlights the need for more comprehensive evaluation frameworks that reflect the challenges AI assistants face in practical enterprise settings, ensuring they can truly support intricate, voice-driven operations in real-world environments.  To address the limitations of existing benchmarks, Salesforce AI Research & Engineering developed a robust evaluation system tailored to assess AI agents in complex enterprise tasks across both text and voice interfaces. This internal tool supports the development of products like Agentforce. It offers a standardized framework to evaluate AI assistant performance in four key business areas: managing healthcare appointments, handling financial transactions, processing inbound sales, and fulfilling e-commerce orders. Using carefully curated, human-verified test cases, the benchmark requires agents to complete multi-step operations, use domain-specific tools, and adhere to strict security protocols across both communication modes.  Traditional AI benchmarks often focus on general knowledge or basic instructions, but enterprise settings require more advanced capabilities. AI agents in these contexts must integrate with multiple tools and systems, follow strict security and compliance procedures, and understand specialized terms and workflows. Voice-based interactions add another layer of complexity due to potential speech recognition and synthesis errors, especially in multi-step tasks. Addressing these needs, the benchmark guides AI development toward more dependable and effective assistants tailored for enterprise use. Salesforce’s benchmark uses a modular framework with four key components: domain-specific environments, predefined tasks with clear goals, simulated interactions that reflect real-world conversations, and measurable performance metrics. It evaluates AI across four enterprise domains: healthcare appointment management, financial services, sales, and e-commerce. Tasks range from simple requests to complex operations involving conditional logic and multiple system calls. With human-verified test cases, the benchmark ensures realistic challenges that test an agent’s reasoning, precision, and tool handling in both text and voice interfaces.  The evaluation framework measures AI agent performance based on two main criteria: accuracy, how correctly the agent completes the task, and efficiency, which are evaluated through conversational length and token usage. Both text and voice interactions are assessed, with the option to add audio noise to test system resilience. Implemented in Python, the modular benchmark supports realistic client-agent dialogues, multiple AI model providers, and configurable voice processing using built-in speech-to-text and text-to-speech components. An open-source release is planned, enabling developers to extend the framework to new use cases and communication formats. Initial testing across top models like GPT-4 variants and Llama showed that financial tasks were the most error-prone due to strict verification requirements. Voice-based tasks also saw a 5–8% drop in performance compared to text. Accuracy declined further on multi-step tasks, especially those requiring conditional logic. These findings highlight ongoing challenges in tool-use chaining, protocol compliance, and speech processing. While robust, the benchmark lacks personalization, real-world user behavior diversity, and multilingual capabilities. Future work will address these gaps by expanding domains, introducing user modeling, and incorporating more subjective and cross-lingual evaluations.  Check out the Technical details. All credit for this research goes to the researchers of this project. Also, feel free to follow us on Twitter and don’t forget to join our 95k+ ML SubReddit and Subscribe to our Newsletter. Sana HassanSana Hassan, a consulting intern at Marktechpost and dual-degree student at IIT Madras, is passionate about applying technology and AI to address real-world challenges. With a keen interest in solving practical problems, he brings a fresh perspective to the intersection of AI and real-life solutions.Sana Hassanhttps://www.marktechpost.com/author/sana-hassan/Beyond Aha Moments: Structuring Reasoning in Large Language ModelsSana Hassanhttps://www.marktechpost.com/author/sana-hassan/RXTX: A Machine Learning-Guided Algorithm for Efficient Structured Matrix MultiplicationSana Hassanhttps://www.marktechpost.com/author/sana-hassan/From Protocol to Production: How Model Context Protocol (MCP) Gateways Enable Secure, Scalable, and Seamless AI Integrations Across EnterprisesSana Hassanhttps://www.marktechpost.com/author/sana-hassan/Researchers from Renmin University and Huawei Propose MemEngine: A Unified Modular AI Library for Customizing Memory in LLM-Based Agents

Scene at UKREiiF 2025 outside the Canary bar UKREiiF is getting bigger by the year, with more than 16,000 professionals attending the 2025 construction conference in Leeds this week during three days of sunny weather, networking, panel discussions and robust amounts of booze. It has grown so big over the past few years that it seems almost to have outgrown the city of Leeds itself. A running joke among attendees was the varying quality of accommodation people had managed to secure. All of the budget hotels in the city were fully booked months in advance of the conference, with many - including at least one member of Parliament - reduced to kipping in bed and breakfasts of a questionable nature. Many were forced to stay in nearby towns including York, Wakefield and Bradford and catch the train to the conference each morning. But these snags served as ice breakers for more important conversations at an event which has come at a key pivot point for the industry. With the government on the brink of launching its 10-year industrial strategy and its new towns programme, opportunity was in the air. Networking events between government departments and potential suppliers of all sectors were well attended, although many discussion panels focused on the question of how all of this work would be paid for. And hanging over the conference like a storm cloud were the mounting issues at the Building Safety Regulator which are continuing to cause expensive delays to high rise schemes across the country. While many attendees eyed a huge amount of potential work to fill up pipelines, it was clear the industry is still facing some systemic challenges which could threaten a much-needed recovery following a long period of turmoil. How will the issues at the Building Safety Regulator be fixed? You did not even have to go inside an event titled “Gateways and Growing Pains: Tackling the Building Safety Act” to see how much this issue is affecting construction at the moment. The packed out tent was overflowing into the space outside, with those inside stood like sardines to watch a panel discussion about what has been happening in the high rise residential sector over the past year.  Audience members shared their horror stories of schemes which have been waiting for the best part of a year to get gateway 2 approval from the regulator, which is needed to start construction. There was a palpable sense of anger in the crowd, one professional describing the hold-ups which had affected his scheme as a “disgrace”. Others highlighted the apparent inconsistency of the regulator’s work. One attendee told how two identical buildings had been submitted to the regulator in separate gateway 2 applications and assigned to two separate technical teams for approval. One application had received no follow up questions, while the other had been extensively interrogated. “The industry should hold its head in shame with regard to what happened at Grenfell, but post that, it’s just complete disarray,” he said. More than 16,000 professionals attended the 2025 event While many are currently focusing on delays at pre-construction, others raised the looming gateway 3 approvals which are needed before occupation. Pareto Projects director Kuli Bajwa said: “Gateway 2 is an issue, but when we get to gateway 3, we’re committed to this project, money’s been spent, debt’s been taken out and week on week it’s costing money. It just keeps wracking up, so we need to resolve that with the regulator asap.” >> See also: Homes England boss calls on government to fix ‘unacceptably slow’ gateway 2 approvals Caddick Construction managing director for Yorkshire and the North East Steve Ford added: “I think where it will probably get interesting and quite heated I guess is at the point where some of these schemes get rejected at gateway 3, and the finger pointing starts as to why it’s not got through gateway 3.” Simon Latson, head of living for the UK and Ireland at JLL, offered a potential solution. “We will be dealing with the regulator all the way through the construction process, and you would like to think that there is a collaborative process where you get early engagement and you can say ‘I’m 12 weeks out from completion, I’m going to start sending you all of my completion documents, my fire alarm certificate’, and say ‘thanks very much that’s the last thing on my list’. That’s probably wishful thinking but that’s got to be a practical solution, as early engagement as possible.” How is the government going to pay for its infrastructure strategy? Ministers are expected to outline the government’s ten-year infrastructure strategy next month, outlining ambitions not only for transport but social infrastructure including schools and healthcare. At an event titled “A Decade of National Renewal: What Will This Mean for our Regions, Towns and Cities?”, a panel of experts including London deputy mayor Jules Pipe highlighted how much of this new infrastructure is needed to enable the government to achieve its housing targets. But how will it be funded? Tom Wagner, cofounder of investment firm Knighthead Capital, which operates largely in the West Midlands with assets including Birmingham City FC, gave a frank assessment of the government’s policies on attracting private sector investment. “There have been a lot of policies in the UK that have forced capital allocators to go elsewhere,” he said, calling for lower taxes and less restrictions on private finance in order to stop investors fleeing to more amenable destinations overseas.  “What we’ve found in the UK is, as we’re seeking to tax those who can most afford it, that’s fine, but unless they’re chained here, they’ll just go somewhere else. That creates a bad dynamic because those people are the capital providers, and right now what we need is capital infusion to foster growth.” The main square at the centre of the conference Pipe offered a counterpoint, suggesting low taxes were not the only reason which determines where wealthy people live and highlighted the appeal of cities which had been made livable by good infrastructure. “There are people living in some very expensive cities but they live there because of the cosmopolitan culture and the parks and the general vibe, and that’s what we have to get right. And the key thing that leads to that is good transport, making it livable.” Pipe also criticised the penny-pinching tendencies of past governments on infrastructure investment, including on major transports schemes like Crossrail 2 which were mothballed due to a lack of funds and a perceived lack of value added. “All these things were fought in the trenches with the Treasury about ‘oh well there’s no cost benefit to this’. And where is the major transport like that where after ten years people are saying ‘no one’s using it, that was a really bad idea, it’s never opened up any new businesses or new homes’? It’s absolute nonsense. But that seems to be how we judge it,” he said. One solution could be funding through business rates, an approach used on the Northern Line Extension to Battersea Power Station. But the benefits of this have been largely overlooked, Pipe said. “One scheme every ten or twenty years is not good enough. We need to do this more frequently”. What is the latest on the government’s new towns programme? Where are the new towns going to be built? It was a question which everybody was asking during the conference, with rumours circulating around potential sites in Cambridge of Plymouth. The government is set to reveal the first 12 locations of 10,000 homes each in July, an announcement which will inevitably unleash an onslaught of NIMBY outcries from affected communities. A large crowd gathered for an “exclusive update” on the programme from Michael Lyons, chair of the New Towns Taskforce appointed by the government to recommend suitable sites, with many in attendance hoping for a big reveal on the first sites. They were disappointed, but Lyons did provide some interesting insights into the taskforce’s work. Despite a “rather hairbrained” timescale given to the team, which was only established last September, Lyons said it was at a “very advanced stage” in its deliberations after spending the past few months touring the country speaking to developers, landowners and residents in search of potential sites. >> See also: Don’t scrimp on quality standards for new towns, taskforce chair tells housebuilders “We stand at a crucial moment in the history of home building in this country,” he said. The government’s commitment to so many large-scale developments could herald a return to ambitious spatial planning, he said, with communities strategically located close to the most practical locations for the supply of new infrastructure needed for people to move in. A line of tents at the docks site, including the London Pavilion “Infrastructure constraints, whether it’s water or power, sewage or transport, must no longer be allowed to hold back growth, and we’ve been shocked as we looked around the country at the extent to which plans ready to be advanced are held back by those infrastructure problems,” he said. The first sites will be in places where much of this infrastructure is already in place, he said, allowing work to start immediately.  An emphasis on “identity and legibility” is also part of the criteria for the initial locations, with the government’s design and construction partners to be required to put placemaking at the heart of their schemes. “ We need to be confident that these can be distinctive places, and that the title of new town, whether it’s an urban extension or whether it’s even a reshaping of an existing urban area or a genuine greenfield site, that it genuinely can be seen and will be seen by its residents as a distinct community.” How do you manage a working public-private partnership? Successful public partnerships between the public sector and private housebuilders will be essential for the government to achieve its target to build 1.5 million homes by the end of this parliament in 2029. At an event hosted by Muse, a panel discussed where past partnerships have gone wrong and what lessons have been learned. Mark Bradbury, Thurrock council’s chief officer for strategic growth partnerships and special projects, spoke of the series of events which led to L&Q pulling out of the 2,800-home Purfleet-on-Thames scheme in Essex and its replacement by housing association Swan. “I think it was partly the complex nature of the procurement process that led to market conditions being quite different at the end of the process to the start,” he said. “Some of the original partners pulled out halfway through because their business model changed. I think the early conversations at Purfleet on Thames around the masterplan devised by Will Alsop, the potential for L&Q to be one of the partners, the potential for a development manager, the potential for some overseas investment, ended up with L&Q deciding it wasn’t for their business model going forwards. The money from the far east never materialised, so we ended up with somebody who didn’t have the track record, and there was nobody who had working capital.  “By then it was clear that the former partnership wasn’t right, so trying to persuade someone to join a partnership which wasn’t working was really difficult. So you’ve got to be really clear at the outset that this is a partnership which is going to work, you know where the working capital is coming from, and everybody’s got a track record.” Muse development director for residential Duncan Cumberland outlined a three-part “accelerated procurement process” which the developer has been looking at in order to avoid some of the setbacks which can hit large public private partnerships on housing schemes. The first part is developing a masterplan vision which has the support of community stakeholders, the second is outlining a “realistic and honest” business plan which accommodates viability challenges, and the third is working closely with public sector officials on a strong business case. A good partnership is almost like being in a marriage, Avison Young’s London co-managing director Kat Hanna added. “It’s hard to just walk away. We’re in it now, so we need to make it work, and perhaps being in a partnership can often be more revealing in tough times.”

Large Reasoning Models (LRMs) like OpenAI’s o1 and o3, DeepSeek-R1, Grok 3.5, and Gemini 2.5 Pro have shown strong capabilities in long CoT reasoning, often displaying advanced behaviors such as self-correction, backtracking, and verification—collectively known as “aha moments.” These behaviors have been observed to emerge through outcome-driven RL without the need for supervised fine-tuning. Models like DeepSeek-R1 and its open-source replications (e.g., TinyZero and Logic-RL) have demonstrated that carefully designed RL pipelines—using rule-based rewards, curriculum learning, and structured training—can induce such reflective reasoning abilities. However, these emergent behaviors tend to be unpredictable and inconsistent, limiting their practical reliability and scalability. To address this, researchers have explored structured RL frameworks that target specific reasoning types, such as deduction, abduction, and induction. These approaches involve aligning specialist models, merging them in parameter space, and applying domain-specific continual RL. Tools like Logic-RL use rule-conditioned RL to solve logic puzzles, improving transferability to tasks like math reasoning. Meanwhile, other works propose mechanisms to enhance reasoning robustness, such as training models to reason both forwards and backwards, or iteratively self-critiquing their outputs. Studies analyzing “aha moments” suggest that these behaviors stem from internal shifts in uncertainty, latent representation, and self-assessment, offering new insights into engineering more reliable reasoning models.  Researchers from the National University of Singapore, Tsinghua University, and Salesforce AI Research address the limitations of relying on spontaneous “aha moments” in large language models by explicitly aligning them with three core reasoning abilities: deduction, induction, and abduction. They introduce a three-stage pipeline—individual meta-ability alignment, parameter-space merging, and domain-specific reinforcement learning—significantly enhancing model performance. Using a programmatically generated, self-verifiable task suite, their approach boosts accuracy over instruction-tuned baselines by over 10%, with further gains from domain-specific RL. This structured alignment framework offers a scalable, generalizable method for improving reasoning across math, coding, and science domains.  The researchers designed tasks aligned with deduction, induction, and abduction by using a structured “given two, infer the third” format based on hypothesis (H), rule (R), and observation (O). Deduction is framed as satisfiability checking, induction as masked-sequence prediction, and abduction as reverse rule-graph inference. These tasks are synthetically generated and automatically verified. The training pipeline includes three stages: (A) independently training models for each reasoning type using REINFORCE++ with structured rewards, (B) merging models through weighted parameter interpolation, and (C) fine-tuning the unified model on domain-specific data via reinforcement learning, isolating the benefit of meta-ability alignment.  The study evaluates models aligned with meta-abilities—deduction, induction, and abduction—using a curriculum learning setup across difficulty levels. Models trained on synthetic tasks strongly generalize to seven unseen math, code, and science benchmarks. At both 7B and 32B scales, meta-ability–aligned and merged models consistently outperform instruction-tuned baselines, with the merged model offering the highest gains. Continued domain-specific RL from these merged checkpoints (Domain-RL-Meta) leads to further improvements over standard RL finetuning (Domain-RL-Ins), especially in math benchmarks. Overall, the alignment strategy enhances reasoning abilities, and its benefits scale with model size, significantly boosting performance ceilings across tasks.  In conclusion, the study shows that large reasoning models can develop advanced problem-solving skills without depending on unpredictable “aha moments.” By aligning models with three core reasoning abilities—deduction, induction, and abduction—using self-verifiable tasks, the authors create specialist agents that can be effectively combined into a single model. This merged model outperforms instruction-tuned baselines by over 10% on diagnostic tasks and up to 2% on real-world benchmarks. When used as a starting point for domain-specific reinforcement learning, it raises performance by another 4%. This modular, systematic training approach offers a scalable and controllable foundation for building reliable, interpretable reasoning systems.  Check out the Paper and GitHub Page. All credit for this research goes to the researchers of this project. Also, feel free to follow us on Twitter and don’t forget to join our 95k+ ML SubReddit and Subscribe to our Newsletter. Sana HassanSana Hassan, a consulting intern at Marktechpost and dual-degree student at IIT Madras, is passionate about applying technology and AI to address real-world challenges. With a keen interest in solving practical problems, he brings a fresh perspective to the intersection of AI and real-life solutions.Sana Hassanhttps://www.marktechpost.com/author/sana-hassan/RXTX: A Machine Learning-Guided Algorithm for Efficient Structured Matrix MultiplicationSana Hassanhttps://www.marktechpost.com/author/sana-hassan/From Protocol to Production: How Model Context Protocol (MCP) Gateways Enable Secure, Scalable, and Seamless AI Integrations Across EnterprisesSana Hassanhttps://www.marktechpost.com/author/sana-hassan/Researchers from Renmin University and Huawei Propose MemEngine: A Unified Modular AI Library for Customizing Memory in LLM-Based AgentsSana Hassanhttps://www.marktechpost.com/author/sana-hassan/Meta Introduces KernelLLM: An 8B LLM that Translates PyTorch Modules into Efficient Triton GPU Kernels

In an era dominated by artificial intelligence and smartphones, one of the most overlooked engines of economic growth sits quietly at the heart of every neighborhood: the public library.  Gone are the days when libraries were sanctuaries reserved for only reading and research. Today, they are being reimagined as dynamic hubs for workforce development, creative sector support, and cultural exchange. Across the country, these reservoirs of knowledge are evolving into digital and physical beacons of community resilience.  Local access, global reach: A case study in artist empowerment  In Huntsville, where I serve as the city’s first music officer, we’ve partnered with our public library system to develop a multifunctional creative hub—with music at its core. A primary pillar of our collaboration is Blast Music, a digital streaming platform designed to showcase local talent. It’s a model other cities can and should replicate.  Through the Blast program, artists are paid, promoted, and added to a curated library collection—offering not only exposure, but bona fide industry credentials. Over 100 local artists are currently featured on the platform, and we will welcome up to 50 additional artists into the program annually.  The ripple effect of Blast is real. The free service empowers local listeners to discover homegrown talent while giving musicians tools to grow their fan base and attract industry attention. Perhaps most importantly, Blast provides emerging artists with resume-worthy recognition—essential for building sustainable careers in a tough industry.  But Blast isn’t just about digital reach—it’s embedded in Huntsville’s cultural DNA. From artist showcases like the Ladies of Blast event at the Orion Amphitheater, to community events like Hear to Be Seen (a portrait exhibition of Blast musicians), to stages designated exclusively for Blast artist performances at Camp to Amp, PorchFest, and more, Blast is bringing music into public spaces and cultivating civic pride. That’s the kind of community infrastructure that libraries are uniquely equipped to deliver.  There’s no such thing as too much visibility, and even artists with international acclaim see value in the platform. Huntsville native Kim Tibbs, a vocalist, songwriter, Alabama Music Hall of Fame honoree and UK chart-topper, submitted her album The Science of Completion Volume I to Blast—not only for more exposure, but to mentor and support the next generation of artists in her hometown.   Libraries as talent incubators  Huntsville is part of a broader national trend. In cities like Chicago, Nashville, and Austin, libraries are integrating creative labs, media production studios, and music education into their core services—functioning as public-sector incubators for the creative economy.  As technology continues to reshape traditional jobs, libraries are well-positioned to bridge skill gaps and fuel the rise of creative economies, including the vital but often overlooked non-performance roles in the music industry.  Huntsville is doubling down on this approach. We’re investing millions into programs that bring interactive music technology workshops to teens at the local library—focusing on hands-on training in production, recording, and audio engineering. With professional equipment, studio spaces, and expert instruction, we’re preparing the next generation for careers both onstage and behind the scenes.  Local industry is stepping up too. Hear Technologies, a global leader in sound and AV production, has been designing cutting-edge audio devices for years. They’re now part of a dynamic team collaborating with city leaders to help develop the library’s music maker space, nurture new talent and accelerate our region’s creative growth.  This matters now, more than ever  Libraries have always been entry points for education, employment, and exploration. But today, they’re more than just information access points—they are gateways to opportunity and launchpads for industries that define the future. By utilizing public space and collaborating with local talent, libraries can become platforms for economic mobility and cultural innovation. This investment isn’t a feel-good gesture. It’s a smart, strategic move for any city building a future that works—for everyone.  The playlist is simple: Invest in creative ecosystems, embed them in trusted community institutions like public libraries, and treat music as critical infrastructure.   Matt Mandrella is music officer for the City of Huntsville, Alabama. 

Friend requests Meta hypes AI friends as social media’s future, but users want real connections Two visions for social media’s future pit real connections against AI friends. Ashley Belanger – May 21, 2025 9:38 am | 1 Credit: Aurich Lawson | Getty Images Credit: Aurich Lawson | Getty Images Story text Size Small Standard Large Width * Standard Wide Links Standard Orange * Subscribers only   Learn more If you ask the man who has largely shaped how friends and family connect on social media over the past two decades about the future of social media, you may not get a straight answer. At the Federal Trade Commission's monopoly trial, Meta CEO Mark Zuckerberg attempted what seemed like an artful dodge to avoid criticism that his company allegedly bought out rivals Instagram and WhatsApp to lock users into Meta's family of apps so they would never post about their personal lives anywhere else. He testified that people actually engage with social media less often these days to connect with loved ones, preferring instead to discover entertaining content on platforms to share in private messages with friends and family. As Zuckerberg spins it, Meta no longer perceives much advantage in dominating the so-called personal social networking market where Facebook made its name and cemented what the FTC alleged is an illegal monopoly. "Mark Zuckerberg says social media is over," a New Yorker headline said about this testimony in a report noting a Meta chart that seemed to back up Zuckerberg's words. That chart, shared at the trial, showed the "percent of time spent viewing content posted by 'friends'" had declined over the past two years, from 22 to 17 percent on Facebook and from 11 to 7 percent on Instagram. Supposedly because of this trend, Zuckerberg testified that "it doesn't matter much" if someone's friends are on their preferred platform. Every platform has its own value as a discovery engine, Zuckerberg suggested. And Meta platforms increasingly compete on this new playing field against rivals like TikTok, Meta argued, while insisting that it's not so much focused on beating the FTC's flagged rivals in the connecting-friends-and-family business, Snap and MeWe. But while Zuckerberg claims that hosting that kind of content doesn't move the needle much anymore, owning the biggest platforms that people use daily to connect with friends and family obviously still matters to Meta, MeWe founder Mark Weinstein told Ars. And Meta's own press releases seem to back that up. Weeks ahead of Zuckerberg's testimony, Meta announced that it would bring back the "magic of friends," introducing a "friends" tab to Facebook to make user experiences more like the original Facebook. The company intentionally diluted feeds with creator content and ads for the past two years, but it now appears intent on trying to spark more real conversations between friends and family, at least partly to fuel its newly launched AI chatbots. Those chatbots mine personal information shared on Facebook and Instagram, and Meta wants to use that data to connect more personally with users—but "in a very creepy way," The Washington Post wrote. In interviews, Zuckerberg has suggested these AI friends could "meaningfully" fill the void of real friendship online, as the average person has only three friends but "has demand" for up to 15. To critics seeking to undo Meta's alleged monopoly, this latest move could signal a contradiction in Zuckerberg's testimony, showing that the company is so invested in keeping users on its platforms that it's now creating AI friends (wh0 can never leave its platform) to bait the loneliest among us into more engagement. "The average person wants more connectivity, connection, than they have," Zuckerberg said, hyping AI friends. For the Facebook founder, it must be hard to envision a future where his platforms aren't the answer to providing that basic social need. All this comes more than a decade after he sought $5 billion in Facebook's 2012 initial public offering so that he could keep building tools that he told investors would expand "people's capacity to build and maintain relationships." At the trial, Zuckerberg testified that AI and augmented reality will be key fixtures of Meta's platforms in the future, predicting that "several years from now, you are going to be scrolling through your feed, and not only is it going to be sort of animated, but it will be interactive." Meta declined to comment further on the company's vision for social media's future. In a statement, a Meta spokesperson told Ars that "the FTC’s lawsuit against Meta defies reality," claiming that it threatens US leadership in AI and insisting that evidence at trial would establish that platforms like TikTok, YouTube, and X are Meta's true rivals. "More than 10 years after the FTC reviewed and cleared our acquisitions, the Commission’s action in this case sends the message that no deal is ever truly final," Meta's spokesperson said. "Regulators should be supporting American innovation rather than seeking to break up a great American company and further advantaging China on critical issues like AI.” Meta faces calls to open up its platforms Weinstein, the MeWe founder, told Ars that back in the 1990s when the original social media founders were planning the first community portals, "it was so beautiful because we didn't think about bots and trolls. We didn't think about data mining and surveillance capitalism. We thought about making the world a more connected and holistic place." But those who became social media overlords found more money in walled gardens and increasingly cut off attempts by outside developers to improve the biggest platforms' functionality or leverage their platforms to compete for their users' attention. Born of this era, Weinstein expects that Zuckerberg, and therefore Meta, will always cling to its friends-and-family roots, no matter which way Zuckerberg says the wind is blowing. Meta "is still entirely based on personal social networking," Weinstein told Ars. In a Newsweek op-ed, Weinstein explained that he left MeWe in 2021 after "competition became impossible" with Meta. It was a time when MeWe faced backlash over lax content moderation, drawing comparisons between its service and right-wing apps like Gab or Parler. Weinstein rejected those comparisons, seeing his platform as an ideal Facebook rival and remaining a board member through the app's more recent shift to decentralization. Still defending MeWe's failed efforts to beat Facebook, he submitted hundreds of documents and was deposed in the monopoly trial, alleging that Meta retaliated against MeWe as a privacy-focused rival that sought to woo users away by branding itself the "anti-Facebook." Among his complaints, Weinstein accused Meta of thwarting MeWe's attempts to introduce interoperability between the two platforms, which he thinks stems from a fear that users might leave Facebook if they discover a more appealing platform. That’s why he's urged the FTC—if it wins its monopoly case—to go beyond simply ordering a potential breakup of Facebook, Instagram, and WhatsApp to also require interoperability between Meta's platforms and all rivals. That may be the only way to force Meta to release its clutch on personal data collection, Weinstein suggested, and allow for more competition broadly in the social media industry. "The glue that holds it all together is Facebook’s monopoly over data," Weinstein wrote in a Wall Street Journal op-ed, recalling the moment he realized that Meta seemed to have an unbeatable monopoly. "Its ownership and control of the personal information of Facebook users and non-users alike is unmatched." Cory Doctorow, a special advisor to the Electronic Frontier Foundation, told Ars that his vision of a better social media future goes even further than requiring interoperability between all platforms. Social networks like Meta's should also be made to allow reverse engineering so that outside developers can modify their apps with third-party tools without risking legal attacks, he said. Doctorow said that solution would create "an equilibrium where companies are more incentivized to behave themselves than they are to cheat" by, say, retaliating against, killing off, or buying out rivals. And "if they fail to respond to that incentive and they cheat anyways, then the rest of the world still has a remedy," Doctorow said, by having the choice to modify or ditch any platform deemed toxic, invasive, manipulative, or otherwise offensive. Doctorow summed up the frustration that some users have faced through the ongoing "enshittification" of platforms (a term he coined) ever since platforms took over the Internet. "I'm 55 now, and I've gotten a lot less interested in how things work because I've had too many experiences with how things fail," Doctorow told Ars. "And I just want to make sure that if I'm on a service and it goes horribly wrong, I can leave." Social media haters wish OG platforms were doomed Weinstein pointed out that Meta's alleged monopoly impacts a group often left out of social media debates: non-users. And if you ask someone who hates social media what the future of social media should look like, they will not mince words: They want a way to opt out of all of it. As Meta's monopoly trial got underway, a personal blog post titled "No Instagram, no privacy" rose to the front page of Hacker News, prompting a discussion about social media norms and reasonable expectations for privacy in 2025. In the post, Wouter-Jan Leys, a privacy advocate, explained that he felt "blessed" to have "somehow escaped having an Instagram account," feeling no pressure to "update the abstract audience of everyone I ever connected with online on where I am, what I am doing, or who I am hanging out with." But despite never having an account, he's found that "you don’t have to be on Instagram to be on Instagram," complaining that "it bugs me" when friends seem to know "more about my life than I tell them" because of various friends' posts that mention or show images of him. In his blog, he defined privacy as "being in control of what other people know about you" and suggested that because of platforms like Instagram, he currently lacked this control. There should be some way to "fix or regulate this," Leys suggested, or maybe some universal "etiquette where it’s frowned upon to post about social gatherings to any audience beyond who already was at that gathering." On Hacker News, his post spurred a debate over one of the longest-running privacy questions swirling on social media: Is it OK to post about someone who abstains from social media? Some seeming social media fans scolded Leys for being so old-fashioned about social media, suggesting, "just live your life without being so bothered about offending other people" or saying that "the entire world doesn't have to be sanitized to meet individual people's preferences." Others seemed to better understand Leys' point of view, with one agreeing that "the problem is that our modern norms (and tech) lead to everyone sharing everything with a large social network." Surveying the lively thread, another social media hater joked, "I feel vindicated for my decision to entirely stay off of this drama machine." Leys told Ars that he would "absolutely" be in favor of personal social networks like Meta's platforms dying off or losing steam, as Zuckerberg suggested they already are. He thinks that the decline in personal post engagement that Meta is seeing is likely due to a combination of factors, where some users may prefer more privacy now after years of broadcasting their lives, and others may be tired of the pressure of building a personal brand or experiencing other "odd social dynamics." Setting user sentiments aside, Meta is also responsible for people engaging with fewer of their friends' posts. Meta announced that it would double the amount of force-fed filler in people's feeds on Instagram and Facebook starting in 2023. That's when the two-year span begins that Zuckerberg measured in testifying about the sudden drop-off in friends' content engagement. So while it's easy to say the market changed, Meta may be obscuring how much it shaped that shift. Degrading the newsfeed and changing Instagram's default post shape from square to rectangle seemingly significantly shifted Instagram social norms, for example, creating an environment where Gen Z users felt less comfortable posting as prolifically as millennials did when Instagram debuted, The New Yorker explained last year. Where once millennials painstakingly designed immaculate grids of individual eye-catching photos to seem cool online, Gen Z users told The New Yorker that posting a single photo now feels "humiliating" and like a "social risk." But rather than eliminate the impulse to post, this cultural shift has popularized a different form of personal posting: staggered photo dumps, where users wait to post a variety of photos together to sum up a month of events or curate a vibe, the trend piece explained. And Meta is clearly intent on fueling that momentum, doubling the maximum number of photos that users can feature in a single post to encourage even more social posting, The New Yorker noted. Brendan Benedict, an attorney for Benedict Law Group PLLC who has helped litigate big tech antitrust cases, is monitoring the FTC monopoly trial on a Substack called Big Tech on Trial. He told Ars that the evidence at the trial has shown that "consumers want more friends and family content, and Meta is belatedly trying to address this" with features like the "friends" tab, while claiming there's less interest in this content. Leys doesn't think social media—at least the way that Facebook defined it in the mid-2000s—will ever die, because people will never stop wanting social networks like Facebook or Instagram to stay connected with all their friends and family. But he could see a world where, if people ever started truly caring about privacy or "indeed [got] tired of the social dynamics and personal brand-building... the kind of social media like Facebook and Instagram will have been a generational phenomenon, and they may not immediately bounce back," especially if it's easy to switch to other platforms that respond better to user preferences. He also agreed that requiring interoperability would likely lead to better social media products, but he maintained that "it would still not get me on Instagram." Interoperability shakes up social media Meta thought it may have already beaten the FTC's monopoly case, filing for a motion for summary judgment after the FTC rested its case in a bid to end the trial early. That dream was quickly dashed when the judge denied the motion days later. But no matter the outcome of the trial, Meta's influence over the social media world may be waning just as it's facing increasing pressure to open up its platforms more than ever. The FTC has alleged that Meta weaponized platform access early on, only allowing certain companies to interoperate and denying access to anyone perceived as a threat to its alleged monopoly power. That includes limiting promotions of Instagram to keep users engaged with Facebook Blue. A primary concern for Meta (then Facebook), the FTC claimed, was avoiding "training users to check multiple feeds," which might allow other apps to "cannibalize" its users. "Facebook has used this power to deter and suppress competitive threats to its personal social networking monopoly. In order to protect its monopoly, Facebook adopted and required developers to agree to conditional dealing policies that limited third-party apps’ ability to engage with Facebook rivals or to develop into rivals themselves," the FTC alleged. By 2011, the FTC alleged, then-Facebook had begun terminating API access to any developers that made it easier to export user data into a competing social network without Facebook's permission. That practice only ended when the UK parliament started calling out Facebook’s anticompetitive conduct toward app developers in 2018, the FTC alleged. According to the FTC, Meta continues "to this day" to "screen developers and can weaponize API access in ways that cement its dominance," and if scrutiny ever subsides, Meta is expected to return to such anticompetitive practices as the AI race heats up. One potential hurdle for Meta could be that the push for interoperability is not just coming from the FTC or lawmakers who recently reintroduced bipartisan legislation to end walled gardens. Doctorow told Ars that "huge public groundswells of mistrust and anger about excessive corporate power" that "cross political lines" are prompting global antitrust probes into big tech companies and are perhaps finally forcing a reckoning after years of degrading popular products to chase higher and higher revenues. For social media companies, mounting concerns about privacy and suspicions about content manipulation or censorship are driving public distrust, Doctorow said, as well as fears of surveillance capitalism. The latter includes theories that Doctorow is skeptical of. Weinstein embraced them, though, warning that platforms seem to be profiting off data without consent while brainwashing users. Allowing users to leave the platform without losing access to their friends, their social posts, and their messages might be the best way to incentivize Meta to either genuinely compete for billions of users or lose them forever as better options pop up that can plug into their networks. In his Newsweek op-ed, Weinstein suggested that web inventor Tim Berners-Lee has already invented a working protocol "to enable people to own, upload, download, and relocate their social graphs," which maps users' connections across platforms. That could be used to mitigate "the network effect" that locks users into platforms like Meta's "while interrupting unwanted data collection." At the same time, Doctorow told Ars that increasingly popular decentralized platforms like Bluesky and Mastodon already provide interoperability and are next looking into "building interoperable gateways" between their services. Doctorow said that communicating with other users across platforms may feel "awkward" at first, but ultimately, it may be like "having to find the diesel pump at the gas station" instead of the unleaded gas pump. "You'll still be going to the same gas station," Doctorow suggested. Opening up gateways into all platforms could be useful in the future, Doctorow suggested. Imagine if one platform goes down—it would no longer disrupt communications as drastically, as users could just pivot to communicate on another platform and reach the same audience. The same goes for platforms that users grow to distrust. The EFF supports regulators' attempts to pass well-crafted interoperability mandates, Doctorow said, noting that "if you have to worry about your users leaving, you generally have to treat them better." But would interoperability fix social media? The FTC has alleged that "Facebook’s dominant position in the US personal social networking market is durable due to significant entry barriers, including direct network effects and high switching costs." Meta disputes the FTC's complaint as outdated, arguing that its platform could be substituted by pretty much any social network. However, Guy Aridor, a co-author of a recent article called "The Economics of Social Media" in the Journal of Economic Literature, told Ars that dominant platforms are probably threatened by shifting social media trends and are likely to remain "resistant to interoperability" because "it’s in the interest of the platform to make switching and coordination costs high so that users are less likely to migrate away." For Meta, research shows its platforms' network effects have appeared to weaken somewhat but "clearly still exist" despite social media users increasingly seeking content on platforms rather than just socialization, Aridor said. Interoperability advocates believe it will make it easier for startups to compete with giants like Meta, which fight hard and sometimes seemingly dirty to keep users on their apps. Reintroducing the ACCESS Act, which requires platform compatibility to enable service switching, Senator Mark R. Warner (D-Va.) said that "interoperability and portability are powerful tools to promote innovative new companies and limit anti-competitive behaviors." He's hoping that passing these "long-overdue requirements" will "boost competition and give consumers more power." Aridor told Ars it's obvious that "interoperability would clearly increase competition," but he still has questions about whether users would benefit from that competition "since one consistent theme is that these platforms are optimized to maximize engagement, and there’s numerous empirical evidence we have by now that engagement isn’t necessarily correlated with utility." Consider, Aridor suggested, how toxic content often leads to high engagement but lower user satisfaction, as MeWe experienced during its 2021 backlash. Aridor said there is currently "very little empirical evidence on the effects of interoperability," but theoretically, if it increased competition in the current climate, it would likely "push the market more toward supplying engaging entertainment-related content as opposed to friends and family type of content." Benedict told Ars that a remedy like interoperability would likely only be useful to combat Meta's alleged monopoly following a breakup, which he views as the "natural remedy" following a potential win in the FTC's lawsuit. Without the breakup and other meaningful reforms, a Meta win could preserve the status quo and see the company never open up its platforms, perhaps perpetuating Meta's influence over social media well into the future. And if Zuckerberg's vision comes to pass, instead of seeing what your friends are posting on interoperating platforms across the Internet, you may have a dozen AI friends trained on your real friends' behaviors sending you regular dopamine hits to keep you scrolling on Facebook or Instagram. Aridor's team's article suggested that, regardless of user preferences, social media remains a permanent fixture of society. If that's true, users could get stuck forever using whichever platforms connect them with the widest range of contacts. "While social media has continued to evolve, one thing that has not changed is that social media remains a central part of people’s lives," his team's article concluded. Ashley Belanger Senior Policy Reporter Ashley Belanger Senior Policy Reporter Ashley is a senior policy reporter for Ars Technica, dedicated to tracking social impacts of emerging policies and new technologies. She is a Chicago-based journalist with 20 years of experience. 1 Comments

High-profile ransomware incidents affecting leading UK retailers continue to grab headlines, but in the background, total ransomware attack volumes appear to have eased off over the past few weeks, according to NCC Group’s latest monthly Threat Pulse report. NCC’s extensive telemetry observed 416 ransomware attacks in April 2025, down 31% month on month, with 78% occurring in Europe and North America, the industrials category remaining the most prominent sector, and the Akira cyber crime crew the most active group on the scene, accounting for 16% of these. However, although the statistics tell one story, the impact of ransomware was felt much more keenly in general, with incidents affecting the consumer discretionary category – that is to say, retail – and in particular the ongoing attack on Marks and Spencer (M&S), Co-op and Harrods putting ransomware at the forefront of Britain’s national discourse. These incidents, and a fourth developing attack at Peter Green Chilled – a supplier of cold-chain transit and stock management services to the supermarket sector – has spotlighted threats to the retail sector, which is already of interest to cyber criminals for several reasons, such as its high-profile nature and high-impact potential for disruption, said Matt Hull, NCC threat intelligence head. “While the number of reported ransomware victims declined further in April, it would be a mistake to assume that this is a sign that the threat is fading,” said Hull. “The recent attacks on the UK retail sector have laid bare just how disruptive and far-reaching these incidents can be. The reality is that this is only a glimpse of the broader threat landscape. Globally, many ransomware cases still fly under the radar, are under-reported or deliberately kept quiet,” he added. The recent attacks on the UK retail sector have laid bare just how disruptive and far-reaching these [ransomware] incidents can be Matt Hull, NCC Group “Geopolitical and economic uncertainty is also adding fuel to the fire, providing more lucrative targets and opportunities for attackers to strike.” April saw the anime-referencing Akira ransomware gang scoop the dubious accolade for highest volume of attacks, accounting for 65 of those recorded by NCC’s systems. This was followed by Qilin with 49, Play with 42 and Lynx with 27. Meanwhile, Babuk 2.0, which raised questions earlier in the year as to whether or not it was conducting new attacks or merely recycling data from old ones, dropped away, with just 16 hits to its name. NCC said it had found that Babuk 2.0 was indeed likely falsifying its data, which is not in and of itself a new strategy. Other gangs have tried this in the past, in general those looking to inflate their notoriety, and this may have been the case here. The researchers explained that Babuk 2.0’s ransomware claims of attacks on prominent government institutions, and even the likes of Amazon and Chinese shopping platform Taobao, were bold ones, but likely nonsense given none of those “affected” confirmed any breaches and have significant security resources of their own. It would also be difficult for any ransomware gang to breach multiple large organisations in this way in such a short space of time. Read more about ransomware Forescout researchers report on a new ransomware gang that appears to be keeping the legacy of the notorious LockBit crew alive. Administration interface instance for LockBit 3.0 affiliates has been attacked and data from its SQL database extracted and disclosed. Perimeter security appliances and devices, particularly VPNs, prove to be the most popular entry points into victim networks for financially motivated ransomware gangs, according to reports. “Babuk 2.0’s lack of credibility makes such attacks questionable. Upon further investigation by NCC, 119 out of 145 claims made by Babuk 2.0 in Q1 2025 were associated with another ransomware group or could be linked to a previous large-scale breach,” said the researchers. Actions like this exemplify how ransomware gangs change up their tactics in the hope of scoring a payout, leveraging public relations techniques to attract media attention, placing their alleged victims in the spotlight and damaging their public image. When these tactics work, said NCC’s researchers, it is more often than not because the victim is embarrassed into handing over money to make the problem go away. This month’s report also highlighted an emerging danger in the ransomware infection chain – the use of weaponised PDF files, which are beginning to be used at scale to exploit software vulnerabilities, fool users and spread malware. According to Check Point statistics, 22% of malicious email attachments now arrive in the form of a PDF. It’s more important than ever for organisations to maintain a strong security culture, respond quickly to emerging threats, and adapt to shifting tactics – all the while staying ahead of adversaries that never stop evolving Matt Hull, NCC Group NCC said such documents are becoming more deceptive and technically advanced, with the help of generative artificial intelligence (GenAI). Many threat actors are now embedding malicious PDFs tailored to individual recipients into their phishing campaigns. Unfortunately, this trend looks set to go mainstream, said NCC, because users seem willing to trust PDFs more than other documents, such as Microsoft Office files. Security teams should consider adapting their policies and educating users on the potential dangers of PDF files, and consider deploying tools such as email gateways with sandboxing and behavioural analysis features, using endpoint detection and response (EDR) to monitor PDF readers, disabling unneeded Javascript functions, and patching Adobe vulnerabilities as they arise – a sequence of three flaws in Acrobat Reader discovered in March likely contributed to the problem. “It’s only getting harder for individuals and organisations, who need to be forever alert,” said Hull. “In this climate, a strong and embedded security culture is no longer optional; it is a critical enabler of organisational resilience. It’s more important than ever for organisations to maintain a strong security culture, respond quickly to emerging threats and adapt to shifting tactics – all the while staying ahead of adversaries that never stop evolving.”