An anonymous reader quotes a report from Wired: Jazmin Jones knowswhat she did. "If you're online, there's this idea of trolling," Jones, the director behindSeeking Mavis Beacon, said during a recent panel for her new documentary. "For this project, some things we're taking incredibly seriously ... and other things we're trolling. We're trolling this idea of a detective because we're also, like,ACAB." Her trolling, though, was for a good reason. Jones and fellow filmmaker Olivia Mckayla Ross did it in hopes of finding the woman behind Mavis Beacon Teaches Typing. The popular teaching tool was released in 1987 by The Software Toolworks, a video game and software company based in California that produced educational chess, reading, and math games. Mavis, essentially the "mascot" of the game, is a Black woman donned in professional clothes and a slicked-back bun. Though Mavis Beacon was not an actual person, Jones and Ross say that she is one of the first examples of Black representation they witnessed in tech. Seeking Mavis Beacon, which opened in New York City on August 30 and is rolling out to other cities in September, is their attempt to uncover the story behind the face, which appeared on the tool's packaging and later as part of its interface.

The film shows the duo setting up a detective room, conversing over FaceTime, running up to people on the street, and even tracking down a relative connected to the ever-elusive Mavis. But the journey of their search turned up a different question they didn't initially expect: What are the impacts of sexism, racism, privacy, and exploitation in a world where you can present yourself any way you want to? Using shots from computer screens, deep dives through archival footage, and sit-down interviews, the noir-style documentary reveals that Mavis Beacon is actually Renee L'Esperance, a Black model from Haiti who was paid $500 for her likeness with no royalties, despite the program selling millions of copies. [...]

In a world where anyone can create images of folks of any race, gender, or sexual orientation without having to fully compensate the real people who inspired them, Jones and Ross are working to preserve not only the data behind Mavis Beacon but also the humanity behind the software. On the panel, hosted by Black Girls in Media, Ross stated that the film's social media has a form where users of Mavis Beacon can share what the game has meant to them, for archival purposes. "On some level, Olivia and I are trolling ideas of worlds that we never felt safe in or protected by," Jones said during the panel. "And in other ways, we are honoring this legacy of cyber feminism, historians, and care workers that we are very seriously indebted to." You can watch the trailer for "Seeking Mavis Beacon" on YouTube.

To make America the "crypto capital of the planet," former U.S. President Donald Trump promised crypto-friendly policies, writes Politico, which "could have a new beneficiary: his own family." Trump has vowed to enact an array of pro-crypto policies in a bid to win votes — and campaign cash — from digital asset enthusiasts in recent months. Now, he's weaving the overtures into his pitch for his sons' forthcoming startup... It remains unclear what the Trump sons' crypto venture will look like. They have been teasing their plans to launch it for weeks, in part by positioning it as an alternative to the use of big banks.... ["Be defiant," reads the tagline on their World Liberty Financial home page — with nothing more than its name and the words "Coming soon."]

Trump's sons took over control of their father's business, the Trump Organization, after he became president in 2017, but he retained ownership of the company... It is unclear whether the crypto startup would be launched as part of the Trump Organization or as a separate entity. Either way, ethics experts and watchdogs say the crypto business could create the appearance of a conflict of interest if Trump wins back the White House this fall... From an "optics perspective, it's terrible," said Richard Painter, who served as chief White House ethics lawyer under former President George W. Bush and later ran for Congress as a Democrat. But he said it wouldn't violate any ethics laws.

The family venture is the latest way Trump has embraced the digital asset industry, which is pouring more than $160 million into the 2024 elections as it seeks to help elect allies up and down the ballot. Trump has also marketed his own line of non-fungible tokens, or NFTs, which are digital images of the former president that fans can purchase for $99... Trump's NFT sales could also raise ethics concerns, said Jordan Libowitz, vice president for communications at the Citizens for Responsibility and Ethics in Washington....

"[P]rior conflicts and illegalities took advantage of preexisting loopholes," said Norman Eisen, an ethics lawyer who served in the Obama White House and later helped build the first impeachment case against Trump. "Here, Trump appears to be promising to create the loopholes while his family is simultaneously designing a business venture to exploit them."
The article notes that Trump promoted his son's crypto venture on X this week with audio from Trump's speech at a crypto conference in July. "He first revealed his pro-crypto leanings — after previously deriding digital currency — at a Mar-a-Lago event in May with supporters who bought his crypto-linked digital trading cards..."

"Trump is also facing new questions about what he would do with his stake in the parent company of the social media service Truth Social," the article adds. (Although this week the stock hit a new low. After losing 50% of its value in six weeks, it's dropped below $20 per share for the first time since it started publicly trading...)

The Washington Post writes that Telegram's "anything-goes approach" to its 950 million users "has also made it one of the internet's largest havens for child predators, experts say...."

"Durov's critics say his public idealism masks an opportunistic business model that allows Telegram to profit from the worst the internet has to offer, including child sexual abuse material, or CSAM... " [Telegram is] an app of choice for political organizing, including by dissidents under repressive regimes. But it is equally appealing for terrorist groups, criminal organizations and sexual predators, who use it as a hub to share and consume nonconsensual pornography, AI "deepfake" nudes, and illegal sexual images and videos of exploited minors, said Alex Stamos, chief information security officer at the cybersecurity firm SentinelOne. "Due to their advertised policy of not cooperating with law enforcement, and the fact that they are known not to scan for CSAM, Telegram has attracted large groups of pedophiles trading and selling child abuse materials," Stamos said.

That reach comes even though many Telegram exchanges don't actually use the strong forms of encryption available on true private messaging apps, he added. Telegram is used for private messaging, public posts and group chats. Only one-to-one conversations can be encrypted in a way that even Telegram can't access them. And that occurs only if users choose the option, meaning the company could turn over everything else to governments if it wanted to... French prosecutors argue that Durov is in fact responsible for Telegram's emergence as a global haven for illegal content, including CSAM, because of his reluctance to moderate it and his refusal to help authorities police it, among other allegations...

David Kaye, a professor at University of California, Irvine School of Law and former U.N. special rapporteur on freedom of expression... said that while Telegram has at times banned groups and taken down [CSAM] content in response to law enforcement, its refusal to share data with investigators sets it apart from most other major tech companies. Unlike U.S.-based platforms, Telegram is not required by U.S. law to report instances of CSAM to the National Center for Missing and Exploited Children, or NCMEC. Many online platforms based overseas do so anyway — but not Telegram. "NCMEC has tried to get them to report, but they have no interest and are known for not wanting to work with [law enforcement agencies] or anyone in this space," a NCMEC spokesperson said.
The Post also writes that Telegram "has repeatedly been revealed to serve as a tool to store, distribute and share child sexual imagery." (They cite several examples, including two different men convicted to minimum sentences of at least 10 years for using the service to purchase CSAM and solicit explicit photos from minors.)

An anonymous reader quotes a report from the Financial Times: Ikea is taking on the likes of eBay, Craigslist, and Gumtree with a peer-to-peer marketplace for customers to sell secondhand furniture to each other. Ikea Preowned will be tested in Madrid and Oslo until the end of the year with the aim of rolling out the buying and selling platform globally, according to Jesper Brodin, chief executive of Ingka, the main operator of Ikea stores. [...] Ikea has had a small offering under which it buys used furniture from customers and resells it in store. But the new platform is more ambitious, aiming to tackle the secondhand market for customers selling directly to each other -- an area where Brodin estimates Ikea has a higher market share than in new furniture sales. Customers enter their product, their own pictures, and a selling price, while Ikea's own artificial intelligence-enabled database brings in its own promotional images and measurements. The buyer collects the furniture directly from the seller, who has the option of receiving money or a voucher from Ikea with a 15 percent bonus.

"Very often there is a monopoly or oligopoly on platforms that operate," said Brodin, talking about eBay or digital classified ad services such as Gumtree in the UK and Finn in Norway. Finn has 8,700 items from Ikea listed in Oslo alone. Early offerings on Ikea Preowned include large items such as sofas for up to $670 (600 euros) and wardrobes for $500 (450 euros) as well as smaller items such as a toilet roll holder for $4.50 (4 euros). Listings are free, but Brodin said Ikea could eventually charge "a symbolic fee, a humble fee." He added: "We're going to verify the full scope including the economics. If a lot of people use the offer to get a discount with Ikea -- it's a good way to reconnect with customers. I am very curious. I think it makes business sense." Ikea has previously tested selling its new furniture on third-party platforms such as Alibaba's Tmall in China, but the Preowned platform marks its first foray into secondhand marketplaces. It also dovetails with the retailer's wish to become "circular and climate positive" by 2030.

An anonymous reader quotes a report from TorrentFreak: Just before the weekend, dozens of record labels including UMG, Warner, and Sony, filed a massive copyright infringement lawsuit against Verizon at a New York federal court. In common with previous lawsuits that accused rivals of similar inaction, Verizon Communications Inc., Verizon Services Corp., and Cellco Partnership (dba Verizon Wireless), stand accused of assisting subscribers to download and share pirated music, by not doing enough to stop them. The labels' complaint introduces Verizon as one of the largest ISPs in the country, one that "knowingly provides its high-speed service to a massive community of online pirates."

Knowledge of infringement, the labels say, was established at Verizon over a period of several years during which it received "hundreds of thousands" of copyright notices, referencing instances of infringement allegedly carried out by its subscribers. The complaint cites Verizon subscribers' persistent use of BitTorrent networks to download and share pirated music, with Verizon allegedly failing to curtail their activity. "While Verizon is famous for its 'Can you hear me now?' advertising campaign, it has intentionally chosen not to listen to complaints from copyright owners. Instead of taking action in response to those infringement notices as the law requires, Verizon ignored Plaintiffs' notices and buried its head in the sand," the labels write.

"Undeterred, infringing subscribers identified in Plaintiffs' notices continued to use Verizon's services to infringe Plaintiffs' copyrights with impunity. Meanwhile, Verizon continued to provide its high-speed service to thousands of known repeat infringers so it could continue to collect millions of dollars from them." Through this lawsuit, which references piracy of songs recorded by artists including The Rolling Stones, Ariana Grande, Bob Dylan, Bruno Mars, Elvis Presley, Dua Lipa, Drake, and others, the labels suggest that Verizon will have no choice but to hear them now. [...]

Attached to the complaint, Exhibit A contains a non-exhaustive list of the plaintiffs' copyright works allegedly infringed by Verizon's subscribers. The document is over 400 pages long, with each track listed representing potential liability for Verizon as a willful, intentional, and purposeful contributory infringer, the complaint notes. This inevitably leads to claims based on maximum statutory damages of $150,000 per copyrighted work infringed on Count I (contributory infringement). The statutory maximum of $150,000 per infringed work is also applied to Count II (vicarious infringement), based on the labels' claim that Verizon derived a direct financial benefit from the direct infringements of its subscribers. The labels' complaint can be found here (PDF).

Digital audio broadcasting (DAB+) and internet radio have largely replaced traditional FM radio in Switzerland, with digital radio holding an 81% share of use in spring 2023. Due to the high costs of maintaining FM transmitters and declining financial resources, Switzerland plans to fully transition to digital radio by the end of 2026, phasing out FM broadcasting completely. From a report: DAB+ and the internet offer better quality and a larger program selection, are more energy and cost efficient, and can provide additional information in text and images, it said. To receive DAB+ requires a corresponding device or adapter, and new cars have been equipped with digital technology as standard for several years. In addition, the Federal Roads Office (FEDRO) will upgrade all tunnels on the national road network for digital radio reception by the end of the year and switch off FM transmitters.

FM was originally expected to be switched off throughout Switzerland by the end of 2024. The government extended FM licenses for the radio industry for the last time in October 2023 to the end of 2026, after which radio stations in Switzerland will no longer be able to broadcast via FM, only digitally. OFCOM announced at the time that the final extension would give the radio industry the flexibility to complete the transition process from analogue to digital radio.

The European Union is getting closer to passing new rules that would mandate the bulk scanning of digital messages -- including encrypted ones. On Thursday, EU governments will adopt a position on the proposed legislation, which is aimed at detecting child sexual abuse material (CSAM). The vote will determine whether the proposal has enough support to move forward in the EU's law-making process. From a report: The law, first introduced in 2022, would implement an "upload moderation" system that scans all your digital messages, including shared images, videos, and links. Each service required to install this "vetted" monitoring technology must also ask permission to scan your messages. If you don't agree, you won't be able to share images or URLs.

As if this doesn't seem wild enough, the proposed legislation appears to endorse and reject end-to-end encryption at the same time. At first, it highlights how end-to-end encryption "is a necessary means of protecting fundamental rights" but then goes on to say that encrypted messaging services could "inadvertently become secure zones where child sexual abuse material can be shared or disseminated."

ZDNet published a new article this week with their own tips for new Linux users. It begins by arguing that switching to the Linux desktop "is easier than you think" and "you'll find help everywhere". (And also that "You won't want for apps.") That doesn't mean it has everything. For example, there is no version of Adobe Photoshop. There is GIMP (which is just as powerful as Photoshop) but for those of you accustomed to Adobe's de facto standard, you're out of luck. The worst-case scenario is you have to learn a new piece of software to meet your graphic needs. At the same time, you might have to turn to proprietary software. For open-source purists, that's a no-go. But for those who just need to get things done, you'll find a mixture of open-source and proprietary software will give you everything you need to be productive and entertained.
Their article also recommends new users should "weed out Arch-based distributions," while warning that "Linux is more secure, but..." The truth is, any time you have a computer connected to a network, it's vulnerable and it doesn't matter what operating system you use. To that end, it's crucial that you keep your operating system (and the installed applications) up to date. Fortunately, most Linux operating systems make this very easy...

You're probably used to the slow trickle of updates and improvements found in the likes of Windows or MacOS. On Linux, you can count on that process being considerably faster. This is especially important with updates. When a vulnerability is found in an application that affects Linux, it is fixed far faster than it would be on competing platforms. The reason for this is that most Linux software is created and maintained by developers who don't have to answer to boards or committees or have a painfully slow bug resolution process. It might be announced that a vulnerability has been discovered in an application and the fix is officially released the next day. I've seen that very thing happen more times than I can count.

But it's not just about vulnerabilities. Developers add new features to software all the time and even listen to users. You could contact a developer of an open-source application with an idea and find it implemented in the next update. Linux is always evolving and it does so much faster than other operating systems.
And there's one final caveat. "Not all hardware will work (but most will)." I'll say this (and I stand by it): Ubuntu Linux probably has the best hardware detection and support of any operating system on the market. But that doesn't mean it works with everything. Certain peripherals you own could have trouble working with Linux. Two of the more problematic pieces of hardware are scanners and wireless chips. When I find a piece of hardware that isn't supported, here's one thing I've often done: I try a different Linux distribution... (Fedora often ships with a newer kernel than Ubuntu Linux, and therefore supports more modern hardware.)

Keep in mind that most Linux distributions are offered as Live images, which means you can test-drive them without making any changes to your hard drive. This is a great way to tell if a distribution will support all the hardware you need to use.
Agree? Disagree? Share your reactions in the comments...

And what advice would you give to a first-time Linux user?

An anonymous reader quotes a report from Ars Technica: On Wednesday, Stability AI released weights for Stable Diffusion 3 Medium, an AI image-synthesis model that turns text prompts into AI-generated images. Its arrival has been ridiculed online, however, because it generate images of humans in a way that seems like a step backward from other state-of-the-art image-synthesis models like Midjourney or DALL-E 3. As a result, it can churn out wild anatomically incorrect visual abominations with ease. A thread on Reddit, titled, "Is this release supposed to be a joke? [SD3-2B]" details the spectacular failures of SD3 Medium at rendering humans, especially human limbs like hands and feet. Another thread titled, "Why is SD3 so bad at generating girls lying on the grass?" shows similar issues, but for entire human bodies.

AI image fans are so far blaming the Stable Diffusion 3's anatomy fails on Stability's insistence on filtering out adult content (often called "NSFW" content) from the SD3 training data that teaches the model how to generate images. "Believe it or not, heavily censoring a model also gets rid of human anatomy, so... that's what happened," wrote one Reddit user in the thread. The release of Stable Diffusion 2.0 in 2023 suffered from similar problems in depicting humans accurately, and AI researchers soon discovered that censoring adult content that contains nudity also severely hampers an AI model's ability to generate accurate human anatomy. At the time, Stability AI reversed course with SD 2.1 and SD XL, regaining some abilities lost by excluding NSFW content. "It works fine as long as there are no humans in the picture, I think their improved nsfw filter for filtering training data decided anything humanoid is nsfw," wrote another Redditor.

Basically, any time a prompt hones in on a concept that isn't represented well in its training dataset, the image model will confabulate its best interpretation of what the user is asking for. And sometimes that can be completely terrifying. Using a free online demo of SD3 on Hugging Face, we ran prompts and saw similar results to those being reported by others. For example, the prompt "a man showing his hands" returned an image of a man holding up two giant-sized backward hands, although each hand at least had five fingers.

This week Red Hat announced one of America's leading pediatric hospitals is using AI to analyze X-rays, "to improve image quality and the speed and accuracy of image interpretation."

Red Hat's CTO said the move exemplifies "the positive impact AI can have in the healthcare field". Before Boston Children's Hospital began piloting AI in radiology, quantitative measurements had to be done manually, which was a time-consuming task. Other, more complex image analyses were performed completely offline and outside of the clinical workflow. In a field where time is of the essence, the hospital is piloting Red Hat OpenShift via the ChRIS Research Integration Service, a web-based medical image platform. The AI application running in ChRIS on the Red Hat OpenShift foundation has the potential to automatically examine x-rays, identify the most valuable diagnostic images among the thousands taken and flag any discrepancies for the radiologist. This decreases the interpretation time for radiologists.
But it also seems to be a big win for openness: Innovation developed internally is immediately transferable to public research clouds such as the Massachusetts Open Cloud, where large-scale data sharing and additional innovation can be fostered. Boston Children's Hospital aims to extend the reach of advanced healthcare solutions globally through this approach, amplifying their impact on patient well-being worldwide.
"Red Hat believes open unlocks the world's potential," the announcement concludes, "including the potential to share knowledge and build upon each other's discoveries. Additionally, Red Hat believes innovation — including AI — should be available everywhere, making any application, anywhere a reality.

"With open source, enabling AI-fueled innovation across hybrid IT environments that can lead to faster clinical breakthroughs and better patient outcomes is a reality."

WhatsApp users in the U.S. will soon see support for real-time AI image generation. The Verge reports: As soon as you start typing a text-to-image prompt in a chat with Meta AI, you'll see how the image changes as you add more detail about what you want to create. In the example shared by Meta, a user types in the prompt, "Imagine a soccer game on mars." The generated image quickly changes from a typical soccer player to showing an entire soccer field on a Martian landscape. If you have access to the beta, you can try out the feature for yourself by opening a chat with Meta AI and then start a prompt with the word "Imagine."

Additionally, Meta says its Meta Llama 3 model can now produce "sharper and higher quality" images and is better at showing text. You can also ask Meta AI to animate any images you provide, allowing you to turn them into a GIF to share with friends. Along with availability on WhatsApp, real-time image generation is also available to US users through Meta AI for the web. Further reading: Meta Releases Llama 3 AI Models, Claiming Top Performance

Creating a sexually explicit "deepfake" image is to be made an offence under a new law in the UK, the Ministry of Justice has announced. The Guardian: Under the legislation, anyone who creates such an image without consent will face a criminal record and an unlimited fine. They could also face jail if the image is shared more widely. The creation of a deepfake image will be an offence regardless of whether the creator intended to share it, the department said. The Online Safety Act, introduced last year, has already criminalised the sharing of deepfake intimate images, whose creation is being facilitated by advances in artificial intelligence.

The offence will be introduced through an amendment to the criminal justice bill, which is making its way through parliament. Laura Farris, the minister for victims and safeguarding, said the creation of deepfake sexual images was "unacceptable irrespective of whether the image is shared."

An anonymous reader quotes a report from TorrentFreak: Today, more than two decades have passed and most of the files shared on The Pirate Bay in the early years are no longer available. BitTorrent requires at least one person to share a full file copy, which is hard to keep up for decades. Surprisingly, however, several torrents have managed to stand the test of time and remain available today. A few days ago the site's longest surviving torrent turned 20 years old. While a few candidates have shown up over the years, we believe that an episode of "High Chaparral" has the honor of being the oldest Pirate Bay torrent that's still active today. The file was originally uploaded on March 25, 2004, and several people continue to share it today. The screenshot [here] only lists one seeder but according to information passed on by OpenTrackr.org, there are four seeders with a full copy. This is quite a remarkable achievement, especially since people complained about a lack of seeders shortly after it was uploaded.

Over the years, the "High Chaparral" torrent achieved cult status among a small group of people who likely keep sharing it, simply because it's the oldest surviving torrent. This became evident in the Pirate Bay comment section several years ago, when TPB still had comments. Record or not, other old torrents on The Pirate Bay also continue to thrive. On March 31, 2004, someone uploaded a pirated copy of the documentary "Revolution OS" to the site which is alive and kicking today.

While these torrents are quite old, they're not the oldest active torrents available on the Internet. That honor goes to "The Fanimatrix", which was created in September 2003 and, after being previously resurrected, continues to be available today with more than 100 people seeding. Ten years ago, we were surprised to see that any of the mentioned torrents were still active. By now, however, we wouldn't be shocked to see these torrents survive for decades. Whether The Pirate Bay will still be around then is another question.

Outdoor Voices, an athletic apparel company, is closing all its stores on Sunday, The New York Times reported this week, citing four employees at four different stores. From the report: In an internal Slack message reviewed by The New York Times, some employees were notified on Wednesday that "Outdoor Voices is embarking on a new chapter as we transition to an exclusively online business." Products in stores are going to be discounted 50 percent, according to the Slack message. The news came as a surprise, two of the employees said, adding that they were not offered severance.

Outdoor Voices, which lists 16 retail locations on its website, did not immediately respond to a request for comment. Founded in 2014 by Ty Haney, the brand became popular for its muted tones and highly Instagrammable aesthetics. Think matching crop tops and leggings in pale shades of earthy tones. Its hashtag and company mantra, #DoingThings, became popular on social media, where brand loyalists would regularly share images of themselves participating in athletic activities like running or hiking or spinning. The company often hosted events, like group exercise classes, and even built an editorial platform called The Recreationalist. Many Outdoor Voices customers weren't just shoppers; they were devotees. The company was a chic athleisure brand perfectly positioned to attract millennials, but it was also selling a lifestyle. A lifestyle that helped the brand raise millions in funding.

"It never occurred to me that having no visual imagery was unusual..." writes a science journalist at the Guardian.

"It's not that I forget what I look like, but I am sometimes a little surprised, and don't feel connected to my outward appearance as a matter of identity." There's been a surge of research on how aphantasia affects our lives... [F]or some it affects images alone; some can't imagine other sensory information, like sounds. Some people with aphantasia have visualizations when they dream (I do), and others don't. There's evidence that it can make it harder for people to recall visual details, though other studies show that aphants perform better on some memory tests unrelated to imagery... But overall, people with aphantasia don't seem to have serious problems navigating their day-to-day lives, unlike those with more severe memory conditions like episodic amnesia...

Some people consider aphantasia to be a deficit and wish they could reverse it. People have claimed they can train their way out of aphantasia, or use psychedelics to regain some sense of mental imagery (the jury is out on whether that works). I have no desire for this — my mind is plenty busy without a stream of imagery. If I was born with imagery, it would be commonplace for me, and I'm sure I'd enjoy it. But I already can find myself overwhelmed with thoughts and feelings that have no visual aspects to them.
Long-time Slashdot reader whoever57 writes that "Personally, I never realized before reading this article that people could create mental images." (And they also wonder if people with the condition tend to go into STEM fields.) There's what's known as the "red apple test," where you rate your own ability to visualize an apple on a scale of 1 to 5.

Any Slashdot readers want to share their own experiences in the comments?

An anonymous reader quotes a report from Ars Technica: Video doorbell cameras have been commoditized to the point where they're available for $30-$40 on marketplaces like Amazon, Walmart, Temu, and Shein. The true cost of owning one might be much greater, however. Consumer Reports (CR) has released the findings of a security investigation into two budget-minded doorbell brands, Eken and Tuck, which are largely the same hardware produced by the Eken Group in China, according to CR. The cameras are further resold under at least 10 more brands. The cameras are set up through a common mobile app, Aiwit. And the cameras share something else, CR claims: "troubling security vulnerabilities."

Among the camera's vulnerabilities cited by CR:
- Sending public IP addresses and Wi-Fi SSIDs (names) over the Internet without encryption
- Takeover of the cameras by putting them into pairing mode (which you can do from a front-facing button on some models) and connecting through the Aiwit app
- Access to still images from the video feed and other information by knowing the camera's serial number.

CR also noted that Eken cameras lacked an FCC registration code. More than 4,200 were sold in January 2024, according to CR, and often held an Amazon "Overall Pick" label (as one model did when an Ars writer looked on Wednesday). CR issued vulnerability disclosures to Eken and Tuck regarding its findings. The disclosures note the amount of data that is sent over the network without authentication, including JPEG files, the local SSID, and external IP address. It notes that after a malicious user has re-paired a doorbell with a QR code generated by the Aiwit app, they have complete control over the device until a user sees an email from Eken and reclaims the doorbell. "These video doorbells from little known manufacturers have serious security and privacy vulnerabilities, and now they've found their way onto major digital marketplaces such as Amazon and Walmart," said Justin Brookman, director of tech policy at Consumer Reports, in a statement. "Both the manufacturers and platforms that sell the doorbells have a responsibility to ensure that these products are not putting consumers in harm's way."

Emanuel Maiberg reports via 404 Media: Dozens of Ghost kitchens, restaurants that serve food exclusively by delivery on apps like DoorDash and Grubhub, are selling food that they promote to customers with AI-generated images. It's common for advertisements to stage or edit pictures of food to make it look more enticing, but in these cases the ghost kitchens are showing people pictures of food that literally doesn't exist, and looks nothing like the actual items they're selling, sometimes because the faulty AI is producing physically impossible food items. [...] Some ghost kitchens exist as unmarked commercial kitchens with no actual restaurant you can visit that simply fulfill orders for a variety of brands that only exist on the food delivery services. Other ghost kitchens piggyback on existing, real restaurant kitchens to fulfill orders for those brands that exist only on food delivery apps.

[The food from a business on DoorDash called Pasta Lovers] actually comes from Tony's Pizzeria in North Brooklyn, which also fulfills orders for a cheesesteak brand called Philly Cheez, a hero sandwich brand called Hero Mania, and a wrap brand called That's A Wrap. All of these brands deliver food from different ghost kitchens across the country, and all of them feature the same type of AI-generated images to promote their food, some of which looks ridiculous. [...]

"We don't allow the use of AI-generated images and if we find a merchant is using any, we will remove those images from their menu," Grubhub, which also operates Seamless, told me in an email. However, at the time of writing the AI-generated images on Seamless I sent the company are still live on its site. "We know how important it is for diners to have realistic expectations of what they are ordering and should expect to receive, which is why we share image guidelines with our partners and our system reviews image submissions before they're allowed on our platform." "DoorDash is committed to showcasing realistic representations of meals that customers would receive when ordering online," DoorDash told me in an email. "Showcasing high-quality, accurate, and realistic menu images is crucial for maintaining customer trust and generating sales through DoorDash Marketplace." "This is all incredibly depressing," concludes Maiberg. "A local pizzeria can't get by unless it makes sandwiches for ghost kitchen brands, the people who make a living taking photographs of food are being displaced by AI tools, and gigantic food delivery apps are still making money by taking a cut from restaurants and screwing over gig delivery drivers."

"AI-generated images of food that people can order and eat finally brings us to a shockingly literal manifestation of Jean Baudrillard's Simulacra. Baudrillard would say the Spicy Philly Cheese from Philly Cheez is "never that which conceals the truth -- it is the truth which conceals that there is none."

At least six major tech companies, including Adobe, Google, Meta, Microsoft, OpenAI and TikTok, plan to sign an agreement this week that details how they'll attempt to stop the use of AI-generated election misinformation and deepfakes. ABC News reports: "In a critical year for global elections, technology companies are working on an accord to combat the deceptive use of AI targeted at voters," said a joint statement from several companies Tuesday. "Adobe, Google, Meta, Microsoft, OpenAI, TikTok and others are working jointly toward progress on this shared objective and we hope to finalize and present details on Friday at the Munich Security Conference."

The companies declined to share details of what's in the agreement. Many have already said they're putting safeguards on their own generative AI tools that can manipulate images and sound, while also working to identify and label AI-generated content so that social media users know if what they're seeing is real.

"My goal is to have a firewall that I trust," writes Slashdot reader eggegick, "not a firewall that comes from the manufacture that might have back doors." I'm looking for a cheap mini PC I can turn into a headless Linux-based wireless and Ethernet router. The setup would be a cable modem on the Comcast side, Ethernet out from the modem to the router and Ethernet, and WiFi out to the home network.
Two long-time Slashdot readers had suggestions. johnnys believes "any old desktop or even a laptop will work.... as long as you have a way to get a couple of (fast or Gigabit) Ethernet ports and a good WiFi adapter... " Cable or any consumer-grade broadband doesn't need exotic levels of throughput: Gigabit Ethernet will not be saturated by any such connection...

You can also look at putting FOSS firewall software like DD-WRT or OpenWrt on consumer-grade "routers". Such hardware is usually set up with the right hardware and capabilities you are looking for. Note however that newer hardware may not work with such firmwares as the FCC rules about controlling RF have caused many manufacturers to lock down firmware images.

And you don't necessarily need to roll your own with iptables: There are several BSD or Linux-based FOSS distributions that do good firewall functionality. PFSense is very good and user-friendly, and there are others. OpenBSD provides an exceptionally capable enterprise-level firewall on a secure platform, but it's not designed to be user-friendly.
Long-time Slashdot reader Spazmania agrees the "best bet" is "one of those generic home wifi routers that are supported by DD-WRT or OpenWrt." It's not uncommon to find something used for $10-$20. And then install one or the other, giving a Linux box with full control. Add a USB stick so you have enough space for all the utilities.

I just went through the search for mini-PCs for a project at work. The main problem is that almost all of them cool poorly, and that significantly impairs their life span.I finally found a few at the $100 price point that cooled acceptably... and they disappeared from the market shortly after I bought the test units, replaced with newer models in the $250 ballpark.
Share your own thoughts and experiences in the comments.

Can you roll your own home router?

Todd Bishop reports via GeekWire: A Microsoft AI engineering leader says he discovered vulnerabilities in OpenAI's DALL-E 3 image generator in early December allowing users to bypass safety guardrails to create violent and explicit images, and that the company impeded his previous attempt to bring public attention to the issue. The emergence of explicit deepfake images of Taylor Swift last week "is an example of the type of abuse I was concerned about and the reason why I urged OpenAI to remove DALL-E 3 from public use and reported my concerns to Microsoft," writes Shane Jones, a Microsoft principal software engineering lead, in a letter Tuesday to Washington state's attorney general and Congressional representatives.

404 Media reported last week that the fake explicit images of Swift originated in a "specific Telegram group dedicated to abusive images of women," noting that at least one of the AI tools commonly used by the group is Microsoft Designer, which is based in part on technology from OpenAI's DALL-E 3. "The vulnerabilities in DALL-E 3, and products like Microsoft Designer that use DALL-E 3, makes it easier for people to abuse AI in generating harmful images," Jones writes in the letter to U.S. Sens. Patty Murray and Maria Cantwell, Rep. Adam Smith, and Attorney General Bob Ferguson, which was obtained by GeekWire. He adds, "Microsoft was aware of these vulnerabilities and the potential for abuse."

Jones writes that he discovered the vulnerability independently in early December. He reported the vulnerability to Microsoft, according to the letter, and was instructed to report the issue to OpenAI, the Redmond company's close partner, whose technology powers products including Microsoft Designer. He writes that he did report it to OpenAI. "As I continued to research the risks associated with this specific vulnerability, I became aware of the capacity DALL-E 3 has to generate violent and disturbing harmful images," he writes. "Based on my understanding of how the model was trained, and the security vulnerabilities I discovered, I reached the conclusion that DALL-E 3 posed a public safety risk and should be removed from public use until OpenAI could address the risks associated with this model."

On Dec. 14, he writes, he posted publicly on LinkedIn urging OpenAI's non-profit board to withdraw DALL-E 3 from the market. He informed his Microsoft leadership team of the post, according to the letter, and was quickly contacted by his manager, saying that Microsoft's legal department was demanding that he delete the post immediately, and would follow up with an explanation or justification. He agreed to delete the post on that basis but never heard from Microsoft legal, he writes. "Over the following month, I repeatedly requested an explanation for why I was told to delete my letter," he writes. "I also offered to share information that could assist with fixing the specific vulnerability I had discovered and provide ideas for making AI image generation technology safer. Microsoft's legal department has still not responded or communicated directly with me." "Artificial intelligence is advancing at an unprecedented pace. I understand it will take time for legislation to be enacted to ensure AI public safety," he adds. "At the same time, we need to hold companies accountable for the safety of their products and their responsibility to disclose known risks to the public. Concerned employees, like myself, should not be intimidated into staying silent." The full text of Jones' letter can be read here (PDF).