Kategorie

Routery, kamery a jiné síťové produkty TP-Link jsou populární nejen u nás. V USA má čínský TP-Link dokonce 65 % trhu routerů pro domácnosti a malé kanceláře. Nyní se, dle informací Wall Street Journal, dostal do hledáčku ministerstev obchodu, obrany a spravedlnosti, které zahájily vyšetřování této ...

A dual Russian and Israeli national has been charged in the United States for allegedly being the developer of the now-defunct LockBit ransomware-as-a-service (RaaS) operation since its inception in or around 2019 through at least February 2024. Rostislav Panev, 51, was arrested in Israel earlier this August and is currently awaiting extradition, the U.S. Department of Justice (DoJ) said in a Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Arm has lost a battle over licensing of its microprocessor designs to Qualcomm, ending doubt over the immediate future of some of the chip maker’s products.

The jury in the US District Court for the District of Delaware spent the week listening to arguments in the protracted and increasingly rancorous licensing dispute between Arm and Qualcomm over whether Qualcomm is properly licensed to use technology acquired when it bought startup Nuvia in 2021.

The verdict, delivered Friday, is hugely significant, not only for the parties involved but for the maze of other companies that have built their product development around their technology, however, the battle is not over yet. Although the jury found that Qualcomm did not breach Nuvia’s license with Arm, and Qualcomm’s chips using Nuvia technology are properly licensed, it could not agree on whether Nuvia had breached the terms of its license with Arm. That means there could potentially be yet another trial.

After the verdict was delivered, each company released a brief statement.

“We are pleased with today’s decision,” Qualcomm said in a press release. “The jury has vindicated Qualcomm’s right to innovate and affirmed that all the Qualcomm products at issue in the case are protected by Qualcomm’s contract with ARM. We will continue to develop performance-leading, world class products that benefit consumers worldwide, with our incredible Oryon ARM-compliant custom CPUs.”

But for Arm, the fight isn’t over.

“We are disappointed that the jury was unable to reach consensus across the claims,” an Arm spokesperson said in an email. “We intend to seek a retrial due to the jury’s deadlock. From the outset, our top priority has been to protect Arm’s IP and the unparalleled ecosystem we have built with our valued partners over more than 30 years. As always, we are committed to fostering innovation in our rapidly evolving market and serving our partners while advancing the future of computing.” 

However, instead of a retrial, Judge Maryellen Noreika, who presided over the case, recommended that the two companies try to resolve their differences through mediation, reportedly noting that she doesn’t see either company having a clear victory if the case is retried.

It’s an extraordinary clash between companies that until as recently as 2021 seemed like firm allies.

The legal case started with Qualcomm’s 2021 acquisition of Nuvia, designer of the Phoenix datacenter chip, which used Arm’s v8.7-A instruction set. Under Qualcomm, the Phoenix was reinvented as the Oryon chip, the CPU core of a more general microprocessor used inside the company’s Snapdragon system-on-a-chip (SoC).

Importantly, the royalty that Qualcomm agreed to pay under its Architecture License Agreement (ALA) with Arm was lower than that of Nuvia. Qualcomm believed this more favorable deal should apply to Nuvia development going forward because most of its subsequent Snapdragon development was done after the acquisition.

Arm disagreed, and argued that Qualcomm should pay the rate agreed with Nuvia. According to court testimony by Arm CEO Rene Haas this week, the lower royalty would cause a drop in revenue of $50 million. Failing to reach an agreement with Qualcomm, the company decided to sue, the first time it has taken such action against a customer since its founding in 1990.

This is where things became a bit muddy. Why did Arm decide to sue over a relatively small sum, and why did Qualcomm refuse to concede? This week in court, a wide range of arguments and counter arguments were laid out, mostly saying that each company believed the other was trying to sabotage its business.

Make Qualcomm great again

As it attempts to diversify away from relying on mobile chips, Qualcomm’s Snapdragon SoC platform is seen as critical for its future. This, it hopes, will allow it to take on Intel and AMD in the general microprocessor market while integrating the new-fangled AI capabilities important to the PC sector.

In October, Arm cancelled Qualcomm’s license to the Nuvia ALA. It also demanded the destruction of Nuvia designs developed prior to the merger. Clearly, a verdict in favor of Arm would put Qualcomm in a tight corner, and also a who’s who of tech companies — Microsoft, Acer, Asus, Dell, HP, Lenovo, and Samsung — currently using Qualcomm’s Snapdragon designs.

This week, Qualcomm put forward an alternative view to explain Arm’s motivations. According to Qualcomm’s lawyers, Arm harbors ambitions to develop competing chips of its own, making it a direct competitor to Qualcomm. Evidence for this remains circumstantial, but to back this up Qualcomm claimed that Arm at one point misled it into disbanding its development team.

Stop being cheap

A difficulty for outsiders is untangling exactly what is really at issue and whether there’s more to this than meets the eye. According to Arm, it’s about licensing agreements and the fees that arise from them. It believes Qualcomm used its IP in Nuvia-originated IP and should pay what Nuvia agreed and stop being cheap.

Qualcomm’s argument seems to be that this is a shakedown. And yet there seem to be deeper currents. Perhaps they see each as competitors in the longer term, and the battle is competitive jockeying.

Notably, Qualcomm was a major opponent to Nvidia’s proposed 2021 takeover of Arm, abandoned in the face of regulatory hurdles, and even suggested investing in the UK company. For its part, Arm upset Qualcomm by contacting dozens of its customers to inform them of the termination of the Nuvia license. Each round of conflict deepened the antipathy.

It’s the sort of dispute that happens all the time in the tech industry, a sector built on patents and cross-licensing of IP. But what was highly unusual about this dispute is that it wasn’t resolved without going to court, a hugely risky situation for both parties should they lose.

On the surface, it has never been a battle of equals: Qualcomm’s annual revenue is 10 to 15 times that of Arm’s. That said, since Arm listed on the New York Stock Exchange, its value has soared, bringing its market capitalization much closer to that of the US company.

Arm is important for its size and Qualcomm is large and ambitious. Each would like the other’s crown. Both are angry. What’s not yet clear is whether the verdict of a Delaware courthouse, including outright victory, will deliver what either company wants.

Google is using artificial intelligence to power a new Chrome scam protection feature that analyzes brands and the intent of pages as you browse the web. [...]

Google is planning to use "AI" in Chrome to detect scams when you browse random web pages. [...]

Automattic CEO Matt Mullenweg on Friday announced a shutdown of almost all services on WordPress.org, the open source project site that’s the home of the software, plugins, and the WordPress community, but was unclear on when the shutdown would end. 

This move sharply increases the uncertainty surrounding WordPress, IDC said.

“My sense is that many enterprise WordPress administrators will think twice about continuing to use the software under these circumstances,” said IDC Research Manager Michele Rosen. “It’s such a shame to watch a leader in the open source community repeatedly sabotage his own project.”

“At this point, I have real concerns about the impact of Matt Mullenweg’s words and actions on the overall image of open source software,” she added. “Even if he feels that WP Engine’s actions are unethical and the court is wrong, his actions are clearly having an impact on the WordPress ecosystem, including his own business. It seems self-destructive.”

To put this move into context, the shutdown only directly impacts WordPress.org, whereas most enterprises using Automattic’s WordPress are leveraging WordPress.com, the commercial hosting site. But given the ripple effects across all of WordPress, it is likely that enterprise users would also be impacted.

“The WordPress CMS is licensed under the GPL, so it is permanently available for free. However, a lot of WP’s value comes from themes and plugins,” Rosen said. “My understanding is that in some cases, the wordpress.org URL is hardcoded into WordPress, which can make it difficult or impossible to update your themes and plugins if they haven’t been added to the directory. It really depends on the particular website’s configuration.”

Hopes to restart ‘sometime in the new year’

The Mullenweg statement started off innocuously enough, saying that the WordPress.org team will take some time off for the holidays at the end of the year. But it turned unsettling when it raised the possibility that they may not reopen at all in 2025.

“In order to give myself and the many tired volunteers around WordPress.org a break for the holidays, we’re going to be pausing a few of the free services currently offered. New account registrations on WordPress.org — clarifying so press doesn’t confuse this: people can still make their own WordPress installs and accounts,” the statement said, adding that service pauses will also include “new plugin directory submissions, new plugin reviews, new theme directory submissions and new photo directory submissions. We’re going to leave things like localization and the forums open because these don’t require much moderation.”

But after mentioning his ongoing legal struggles with WP Engine, Mullenweg said “I hope to find the time, energy, and money to reopen all of this sometime in the new year. Right now, much of the time I would spend making WordPress better is being taken up defending against WP Engine’s legal attacks.”

Shutdown may hurt WordPress

Peter Zeitsev, the founder of Percona, an open source database software vendor, said that if the shutdown continues through all of 2025, “this will stifle the development of WordPress — no new user accounts, no new plugins published, etc. This could also spark the creation of an alternative hub to wordpress.org, one that would be truly operated in the interest of the [open source] community.”

Zeitsev said that he fears that there will be meaningful enterprise impacts if the shutdown continues. “Many WordPress users do not really interact with WordPress.org at all, but some commercial enterprise users can also rely on WordPress.org functionality, and they can be impacted,” he said.

Asked how this move will help WordPress.org, Zeitsev thinks it likely won’t, and that it might end up hurting them. 

“It might be that [Mullenweg] thinks there will be public/community pressure on WP Engine and the court to take his side, but I feel it will be seen as the opposite. Matt has been a wonderful steward of the WordPress community for so long, so governance and ownership of WordPress.org were not thought about,” Zeitsev said.

“Now things have changed, and commercial and community players in the WordPress space will be thinking about how much authority Matt personally has, and whether or not they can trust him to operate the ecosystem they invested so much in, in a way that reflects its interest.”

Arm is waiting to see if it has won a battle over licensing of its microprocessor designs to Qualcomm that has cast doubt over the immediate future of some of the chip maker’s products.

The jury in the US District Court for the District of Delaware spent the week listening to arguments in the protracted and increasingly rancorous licensing dispute between Arm and Qualcomm and all that’s left is to hear their verdict.

The verdict, expected on Friday, could be hugely significant, not only for the parties involved but for the maze of other companies that have built their product development around their technology.

It’s an extraordinary clash between companies that until as recently as 2021 seemed like firm allies.

The legal case started with Qualcomm’s 2021 acquisition of Nuvia, designer of the Phoenix datacenter chip, which used Arm’s v8.7-A instruction set. Under Qualcomm, the Phoenix was reinvented as the Oryon chip, the CPU core of a more general microprocessor used inside the company’s Snapdragon system-on-a-chip (SoC).

Importantly, the royalty that Qualcomm agreed to pay under its Architecture License Agreement (ALA) with Arm was lower than that of Nuvia. Qualcomm believed this more favorable deal should apply to Nuvia development going forward because most of its subsequent Snapdragon development was done after the acquisition.

Arm disagreed and argued that Qualcomm should pay the rate agreed with Nuvia. According to court testimony by Arm CEO Rene Haas this week, the lower royalty would cause a drop in revenue of $50 million. Failing to reach an agreement with Qualcomm, the company decided to sue, the first time it has taken such action against a customer since its founding in 1990.

This is where things became a bit muddy. Why did Arm decide to sue over a relatively small sum, and why did Qualcomm refuse to concede? This week in court a wide range of arguments and counter arguments were laid out, mostly that each company believed the other was trying to sabotage its business.

Make Qualcomm great again

As it attempts to diversify away from relying on mobile chips, Qualcomm’s Snapdragon SoC platform is seen as critical for its future. This, it hopes, will allow it to take on Intel and AMD in the general microprocessor market while integrating the new-fangled AI capabilities important to the PC sector.

In October, Arm cancelled Qualcomm’s license to the Nuvia ALA. It also demanded the destruction of Nuvia designs developed prior to the merger. Clearly, a verdict in favor of Arm would put Qualcomm in a tight corner, and also a who’s who of tech companies — Microsoft, Acer, Asus, Dell, HP, Lenovo, and Samsung — currently using Qualcomm’s Snapdragon designs.

This week, Qualcomm put forward an alternative view to explain Arm’s motivations. According to Qualcomm’s lawyers, Arm harbors ambitions to develop competing chips of its own, making it a direct competitor to Qualcomm. Evidence for this remains circumstantial, but to back this up Qualcomm claimed that Arm at one point misled it into disbanding its development team.

Stop being cheap

A difficulty for outsiders is untangling exactly what is really at issue and whether there’s more to this than meets the eye. According to Arm it’s about licensing agreements and the fees that arise from them. It believes Qualcomm used its IP in Nuvia-originated IP and should pay what Nuvia agreed and stop being cheap.

Qualcomm’s argument seems to be that this is a shakedown. And yet there seem to be deeper currents. Perhaps they see each as competitors in the longer term, and the battle is competitive jockeying.

Notably, Qualcomm was a major opponent to Nvidia’s proposed 2021 takeover of Arm, abandoned in the face of regulatory hurdles, and even suggested investing in the UK company. For its part, Arm upset Qualcomm by contacting dozens of its customers to inform them of the termination of the Nuvia license. Each round of conflict deepened the antipathy.

It’s the sort of dispute that happens all the time in the tech industry, a sector built on patents and cross-licensing of IP. But what was highly unusual about this dispute is that it wasn’t resolved without going to court, a hugely risky situation for both parties should they lose.

On the surface, it has never been a battle of equals: Qualcomm’s annual revenue is 10 to 15 times that of Arm’s. That said, since Arm listed on the New York Stock Exchange, its value has soared, bringing its market capitalization much closer to that of the US company.

Arm is important for its size and Qualcomm is large and ambitious. Each would like the other’s crown. Both are angry. What’s not yet clear is whether the verdict of a Delaware courthouse, including outright victory, will deliver what either company wants.

Three popular npm packages, @rspack/core, @rspack/cli, and Vant, were compromised through stolen npm account tokens, allowing threat actors to publish malicious versions that installed cryptominers. [...]

Apple has had a busy year in enterprise tech. Apple Intelligence, spatial computing, the war to protect the user experience against excessive regulation, security, privacy and continued improvements to Apple Silicon and valuable OS improvements for enterprise deployment have occupied much of its time. With this in mind, it’s a good time to speak with Apple device management and security leaders from Jamf, Kandji, Jumpcloud, and Fleet to find out what mattered most in 2024, and what they expect in 2025.

Fleet: Crowdstrike was important — to Apple

I spoke with Fleet CEO Mike McNeil. Fleet is an open-source MDM provider that now supports iPhones, iPads, Macs, Windows, and Linux devices.

In 2024, what were the three most important Apple-related moments for enterprise users?

1. “One of the most significant Apple-related events occurred despite not directly affecting Apple itself. This was the CrowdStrike out(r)age.”
2. “Apple’s ongoing innovation with VisionOS not only challenges businesses to think creatively and find innovative ways to work but also enhances accessibility in the workforce.
3. “Apple’s first release of AI capabilities, allowing users to access them without privacy violations or security issues, is a pretty significant milestone. It’s like the promise of Siri is finally coming true.”

Looking ahead to 2025, what do you expect will be the biggest concern(s)/challenge(s) for Apple in the enterprise?  “As more organizations enroll more personal devices and BYOD programs, the attack surface for adversaries expands significantly — meaning, if you manage to pop one employee’s phone, you can now access whatever they could on their phone,” McNeil said. “Consequently, people who manage devices need to invest more in preventing both traditional malware-based attacks and sophisticated social engineering tactics.”

What do you think enterprise users most need from Apple that it does not yet provide? “A comprehensive and robust declarative management framework that enables devices to maintain a known good state irrespective of their network connectivity or environmental conditions.

“Apple would be very well served by investing more in getting people to adopt existing features rather than adding more product managers and names for slight variations of the same things.”

How do you see the future of Apple in business across the next 12 months? “Apple is such an amazing company. We are only going to see more and more Macs in the enterprise this year, as user choice programs and Bring Your Own Device (BYOD) programs evolve and become the standard practice rather than an exception. With Managed Apple IDs catching on, we’ll see more secondary computing devices like Apple Watch and Apple Vision Pro in enterprise environments.

Jumpcloud: Identity, security, and AI

I got the following thoughts from Joel Rennich, senior vice president for product management at Jumpcloud. The company earlier this year published survey data that shows a big switch in favor of using Apple devices in the enterprise. They expect this to continue.

In 2024, what were the three most important Apple-related moments for enterprise users? 

1. “The introduction of Apple Intelligence — not so much in the sense that it will change the world, although it might, but more so in how it’s challenging Enterprise IT departments on how to respond to a new way of doing AI. With Apple’s use of on-device and Private Cloud Compute processing, a new dimension has been added to thinking about how to engage with AI with sensitive data.
2. “Changes to how Managed Apple Accounts, formerly known as Managed Apple IDs, are created and used. Beyond a name change, MAAs have become a lot more functional to the point where most enterprises should be able to start using them. With the introduction of OpenID Connect Federation (OIDC) and System for Cross-Domain Identity Management (SCIM) flows to Apple Business Manager — and giving organizations a lot more control over how MAAs are created in the first place — I expect adoption of Apple accounts to go up significantly. There’s still more work to be done, and organizations will still get annoyed by some of Apple’s insistence on being Apple, but most IT departments will be able to make good use of the changes today.
3. “While this one isn’t entirely of Apple’s making, they are certainly championing the use of passkeys across the board. The speed at which passkeys have taken over OTP and push as MFA or as full on authentication has been astonishing. If you’ve never used a passkey on your iPhone to sign in to a website on your PC, you should run, not walk, to experience that. It’s a simple thing, using a QR code with some Bluetooth help, but the security underlying all of this and the general ease of use of the process is astounding.”

Looking ahead to 2025, what do you expect will be the biggest concern(s)/challenge(s) for Apple in the enterprise?  “While there are a number of global threats and other issues that impact Apple as much as other vendors, the biggest challenge for Apple in the enterprise is Apple itself. This is the same as it has been since Apple started making inroads into enterprise with the original iPhone. The aspects that make Apple great in the consumer space are many times inherently at odds with what enterprises are looking for, and in most cases Apple refuses to compromise on aspects like user privacy and experience.

“I don’t expect Apple to change much here. As it continues to expand its enterprise offering, customers will consistently ask for…even more controls and abilities to take away from the experience end users expect from Apple products.”

What do you think enterprise users most need from Apple that it does not yet provide? “Apple has made real strides with their Platform SSO functionality. However, it still doesn’t do the most basic function that enterprises are asking for, which is the automatic creation of the first new user on the system. Instead, customers still have to cobble together a combination of a number solutions to achieve this. It’s clear that Apple was intending PSSO for a different set of problems — the establishment of a SSO session from a user login — but customers still need this functionality.”

“[Users also need] a consistent method to enforce system updates. Apple keeps almost getting this right, but then missing something important. While Declarative Device Management can help, there’s still a lot of consistency in the process that’s lacking. This is a serious miss for Apple as they control the entire chain here.”

How do you see the future of Apple in business across the next 12 months? “Apple will do fine. With the recent refresh of almost their entire hardware lineup to the M4 and consistent improvements to the software, Apple will continue to grow incrementally in the enterprise space. Mobile will still be the biggest reason that enterprises need to ensure they understand what Apple is doing, but solving for mobile pretty much ensures a good experience for any Mac users.

“Apple devices will continue to be at the upper end of the hardware quality spectrum and the MacBook Air will become even more attractive with the M4 chip and the price points staying low. The Apple Vision Pro won’t break out into the mainstream in 2025, but Apple will continue to refine, and some developers will continue to work with it as they look for a compelling reason to make VR/AR more commonplace.”

Kandji: Device management, spatial computing, and AI

Weldon Dodd, senior vice president of global partnerships at Kandji made four substantial predictions for the coming year, supplementing his expectations around enterprise deployment of Apple-supporting AI from earlier in 2024. 

Hybrid work will drive innovation in device management: “The hybrid work model will hit a tipping point, as employers push for more in-office presence while employees increasingly demand flexibility. This growing divide will catalyze innovation in device management. Many companies have already invested in streamlining onboarding and remote support, but now the challenge will be adapting those systems to also serve in-office environments. The key will be prioritizing automation and efficiency, which reduces the need for manual fixes and enhances the user experience across all work settings. As businesses navigate this tension, the future of device management will focus on creating seamless and flexible solutions that balance both employee autonomy and the need for in-person collaboration.”

Spatial computing becomes (more) mainstream: “Apple Vision Pro will continue to evolve in 2025, becoming the more accessible productivity-focused tool that Apple has always wanted. Apple is expected to make the device more affordable, widening its appeal to consumers, while also maintaining its strength in workspaces — especially with the recent software updates that allow for ultra-wide displays and seamless Mac integration.

“This shift could change how consumers interact with their devices, bringing spatial computing closer to the mainstream. In addition, rumors of a new Siri-powered ‘kitchen device’ suggest Apple aspires to make daily life even more convenient with smart, hands-free solutions that leverage the growing capabilities of Apple Intelligence. Together, these innovations will drive deeper integration of Apple’s ecosystem across both personal and professional spaces.”

Businesses will use proprietary LLMs and RAG to unlock their own data: “We are going to see a big shift as businesses start using Retrieval-Augmented Generation (RAG) and LLMs with their corporate data. Rather than relying solely on third-party models like OpenAI, companies will begin asking these models more specific questions about their business, such as, ‘Is there anomalous behavior happening on this device we manage,’ or ‘What does this data tell me about our device management security?’

“By connecting LLMs with internal data, businesses will be able to get answers that aren’t just based on general world knowledge, but are much more tailored to their needs. As companies make this move, they’ll also need to pay close attention to data governance and privacy, especially as regulations like GDPR implement stricter guidelines regarding the handling of customer data. If done right, this approach could unlock valuable insights, but businesses must balance the power of AI with well-established data practices to keep afloat.”

Apple’s M4 Chip will enable on-device AI: “Apple’s M4 chip will make on-device AI the new standard, enabling more AI processing to happen directly on devices rather than relying on the cloud. For consumers, this shift means faster, more personalized experiences with greater privacy. This is because less data will need to be shared or stored remotely. For businesses, the impact could be substantial, particularly related to Apple-managed accounts, making it easier to deliver tailored services.

“And for the business user that requires top level speed and performance — think video editing, software deployment or AI development using LLMs — the M4 is going to be untouchable by the competition.”

What Jamf sees coming…

A veteran of the Apple device management space, Jamf also focused on AI and the part it will play in the coming year. The company recently introduced a host of new tools for Apple device management and deployment.

“With generative AI quickly becoming a pervasive fixture in the technology landscape, businesses are reacting with catch-all policies to restrict usage and control how sensitive information and intellectual property flows outside the organization’s data protection boundary,” said Michael Covington, vice president of portfolio strategy. “For many, this means blanket policies forbidding the use of AI until reviewed by an oversight board.

“While oversight is good, it can significantly delay the adoption of useful tools if the process is not streamlined to allow for timely decision-making. The recent release of Apple Intelligence serves as a good case study on how ‘AI’ keywords can trigger restrictive business policies, despite an implementation that keeps private data on-device and includes controls to govern the use of third-party AI models.

“In order to enable business leaders to more effectively cope with the onslaught of ‘AI-enabled’ tools — and to minimize an oversight bottleneck — the industry will need to develop a set of foundational rubrics to guide in more timely assessments of AI technologies. As a result, I predict we will see a renewed focus on data classification labels, a better understanding of AI processing locations, and a demand for confidentiality assertions from vendors as private data traverses their infrastructure.

“As the industry transitions to an application-driven phase of AI, it is imperative that organizations be equipped to make thoughtful and timely decisions about how the technology can be used responsibly to drive business objectives.”

“As genAI becomes demystified, the true effectiveness and value of solutions for enterprises will become clearer,” said Jamf CIO Linh Lam. “(Many) companies quickly entered the genAI market over the past year or two. It’s a crowded space that can easily overwhelm even leaders of technology companies who are looking to select the right genAI solution for their businesses. In 2025, while the hype cycle will continue to evolve, we’ll see the more effective solutions surface and more customers focusing on solutions that bring the most real value to their businesses.

“As with any ‘hot new tech’ on the block, the buzz around this latest emerging technology will start to calm, and we’ll start to see genAI mature. We’ll start to see what value these tools can provide for businesses, and which perform better than the others. It’s going to be a year of cutting through the noise, and those who can break through that will be the companies that stick around for years to come.”

You can follow me on social media! Join me on BlueSky,  LinkedIn, Mastodon, and MeWe. 

The US Department of Justice has charged a Russian-Israeli dual-national for his suspected role in developing malware and managing the infrastructure for the notorious LockBit ransomware group. [...]

Sophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL injection, remote code execution, and gain privileged SSH access to devices. [...]

Sophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL injection, remote code execution, and gain privileged SSH access to devices. [...]

Behind the responses from genAI models are testers who evaluate those answers for accuracy, but a report released this week casts doubt on the process.

According to a story published on Wednesday, contractors working on Google Gemini are now being directed to evaluate AI prompts and responses in areas in which they have no background, rather than being allowed to skip them as before.

This flies in the face of the “Building responsibly” section of the Gemini 2.0 announcement, which said, “As we develop these new technologies, we recognize the responsibility it entails, and the many questions AI agents open up for safety and security. That is why we are taking an exploratory and gradual approach to development, conducting research on multiple prototypes, iteratively implementing safety training, working with trusted testers and external experts and performing extensive risk assessments and safety and assurance evaluations.”

Mismatch raises questions

According to TechCrunch, “a new internal guideline passed down from Google to contractors working on Gemini has led to concerns that Gemini could be more prone to spouting out inaccurate information on highly sensitive topics, like healthcare, to regular people.”

It said that the new guideline reads: “You should not skip prompts that require specialized domain knowledge.” Contractors are instead instructed to rate the parts they understand and add a note that they lack the necessary domain knowledge for the rest.

And a blog that appeared on Artificial Intelligence+ on Thursday noted that, while “contractors hired by Google to support Gemini are key players in the evaluation process … one of the challenges is that [they] are often required to evaluate responses that might lie outside their own areas of expertise. For instance, while some may come from technical backgrounds, the AI can produce outputs related to literature, finance, healthcare, or even scientific research.”

It said, “this mismatch raises questions about how effectively human oversight can serve in validating AI-generated content across diverse fields.”

However, Google pointed out in a later statement to TechCrunch that the “raters” don’t only review content, they “provide valuable feedback on style, format, and other factors.”

‘Hidden component’ of genAI

When organizations are looking to leverage an AI model, it is important to reflect on responsible AI principles, Thomas Randall, research lead at Info-Tech Research Group said Thursday.

He said that there is “a hidden component to the generative AI market landscape: companies that fall under the guise of ‘reinforcement learning from human feedback (RLHF)’. These companies, such as Appen, Scale AI, and Clickworker, rely on a gig economy of millions of crowd workers for data production and training the AI algorithms that we find with OpenAI, Anthropic, Google, and others. RLHF companies pose issues for fair labor practices, and are scored poorly by Fairwork.”

Last year, Fairwork, which defines itself as an “action-research project that aims to shed light on how technological changes affect working conditions around the world,” released a set of AI principles that, it said, “assess the working conditions behind the development and deployment of AI systems in the context of an employment relation.”

There is, it stated at the time, “nothing ‘artificial’ about the immense amount of human labor that builds, supports, and maintains AI products and services. Many workers interact with AI systems in the workplace, and many others perform the critical data work that underpins the development of AI systems.”

Questions to ask

The executive branch of an organization looking to leverage an AI model, said Randall, needs to ask itself an assortment of questions such as “does the AI model you’re using rely on or use an RLHF company? If so, was the crowd worker pool diverse enough and provided sufficient expertise? How opaque was the training process for the models you are using? Can you trace data production? If the AI vendor does not know the answers to these questions, the organization needs to be prepared to take on accountability for any outputs the AI models provide.”

Paul Smith-Goodson, VP and principal analyst at Moor Insights & Strategy, added that it is vitally important that Retrieval Augmented Generation (RAG) be implemented, “because AI models do hallucinate and it is one way to make sure that language models are putting out the right information.”

He echoed Rick Villars, IDC group vice president of worldwide research, who earlier this year said, “more and more the solutions around RAG — and enabling people to use that more effectively — are going to focus on tying into the right data that has business value, as opposed to just the raw productivity improvements.”

A ‘corrosive effect’ on workers

Ryan Clarkson, managing partner at the Clarkson Law Firm, based in Malibu, California, said that the rapid growth of generative AI as a business has had corrosive effects on tech workers around the world.

For example, last week, workers filed a class action lawsuit through his firm against AI data processing company Scale AI, whose services include providing the human labor to label the data used in training AI models and in shaping their responses to queries.

The Scale AI lawsuit alleges poor working conditions and exploitive behavior by Scale, also saying that workers responsible for generating much of its product were mischaracterized by the company as independent contractors instead of employees.

The Play ransomware gang has claimed responsibility for a cyberattack that impacted the business operations of the U.S. doughnut chain Krispy Kreme in November. [...]

​Ascension, one of the largest private U.S. healthcare systems, is notifying nearly 5.6 million patients and employees that their personal and health data was stolen in a May cyberattack linked to the Black Basta ransomware operation. [...]

​The Alliance for Creativity and Entertainment (ACE) has taken down one of the world's largest live sports streaming piracy rings, with over 821 million visits last year. [...]

One key technique in the Windows repair playbook involves wiping out everything on the storage device (typically C:\) from which Windows boots and on which that OS resides. Prosaically enough, this device is often called the boot/system drive or disk.

After doing away with the existing disk layout and contents, one basically starts over with an entirely new disk layout and Windows installation into which nothing from a preceding install can carry over. Windows professionals call this a “clean install” because it wipes the disk before setting up a new disk layout, and installing a fresh, new copy of the Windows operating system and various other important supporting elements.

Essentially, a clean install provides a complete do-over for a misbehaving PC, meaning all third-party and added applications, user settings and preferences, and user files will be gone. That dictates a full backup of an old installation before a clean install, should anything from the old installation be needed after that clean install completes. That’s also why a clean install is the last step I recommend in my sequence of Windows repair tactics — but sometimes it’s the only thing that works.

Clean install via Reset this PC

Both Windows 10 and Windows 11 offer a “Reset this PC” option as part of Settings’ built-in recovery tools. Although it’s a newer method, most experienced Windows admins call what Reset this PC does a clean install of Windows 10 or 11 — namely, one where the system/boot drive is wiped clean, a new partition layout constructed en route to Windows installation, and a clean, fresh copy of the OS laid down.

Here’s how to get there in each OS:

• Windows 11: Settings > System > Recovery > Reset this PC
• Windows 10: Settings > Update & Security > Recovery > Reset this PC

Both approaches show a window like the one in Figure 1, which provides options to “Keep my files” (above) or “Remove everything” (below). Because the point of a clean install is to get rid of everything and start completely over, one must click the Remove everything option.

Figure 1: Select Remove everything and proceed to the next step.

Ed Tittel / IDG

The Reset this PC tool advances to the next set of options, which allow you to grab files from Windows Update in the cloud (“Cloud download”) or reuse local Windows OS files on the current system (“Local reinstall”), as shown in Figure 2.

Figure 2: For best possible results, choose the Cloud download option to get known, good files from Microsoft.

Ed Tittel / IDG

The Cloud download option grabs fresh, new files from Microsoft servers, from which the reinstall proceeds. This is recommended, because problems with local files may affect the local recovery partition or folder that a reset is supposed to address. Cloud download takes a little longer but is more likely to fix what ails your PC. That said, Local reinstall, which grabs files from the local Windows Recovery Environment (WinRE), may make sense for those with slow or expensive internet connections.

Once the files are all available, the Windows installer (setup.exe) takes over and starts a routine Windows 10 or 11 installation. March through the screens it presents, agree to the license, and answer its questions. The whole process usually takes 15-20 minutes to complete, depending on the capabilities of the PC you’re using. (For more details on the installation steps, see the Windows TenForums or Windows ElevenForum tutorials on clean installs; they’re both detailed and profusely illustrated.)

Alternate clean install methods should Reset this PC fail

Reset this PC is convenient and requires no supplementary media, but it doesn’t always work. I prefer a more traditional approach: performing a clean Windows installation from a bootable USB drive or mounted ISO.

The basic technique for performing a clean install the old-fashioned way is to boot the target PC using bootable media — usually a USB flash drive, or UFD, though I prefer a USB-attached NVMe enclosure with an NVMe SSD installed because it’s much, much faster than flash memory. Such a setup includes the desired Windows installation files.

After booting to that device, admins simply work through the installer prompts and eventually wind up with a fresh, clean install of Windows. There are many ways to get there from here, but I describe two favorites.

Method 1: Visit the appropriate Download Windows page, use the MCT

This approach relies on bootable media that includes an image file (ISO) for some particular version of Windows. Indeed, there are three such pages currently available from Microsoft, depending on which version (and kind) of Windows you want to install:

• Download Windows 10: Provides access to Home and Pro versions of Windows 10 in various forms, languages, and so forth. Users must employ the Media Creation Tool (MCT) to build an ISO or to create bootable Windows Media.
• Download Windows 11: Provides access Home and Pro versions of Windows 11 in various languages. Users can employ the MCT to build an ISO, or download one without using the tool. It’s recommended for building bootable media.
• Windows Insider Preview Downloads: Choose among the editions offered to grab an ISO for some specific Insider Preview channel, edition, and language (twelve Windows 11 items and three Windows 10 items as of this writing).
• Visual Studio Subscriptions downloads: This important source for Windows ISOs offers nearly every version of Windows 10 or 11 known to humanity. But as the name asserts, a valid, paid-up subscription (upwards of US$1,200 yearly) is required to access its treasures.

Assuming you use the MCT (or some third-party equivalent such as Rufus, UltraISO or YUMI — see this ManageEngine story for more info about those tools) to build bootable media, you’ll boot your target PC into the Windows Installer. Working the with MCT, you’ll walk through the following steps (identical for all Windows 10 and 11 versions, editions, and so forth):

• Accept the Microsoft Software License Terms.
• Select the radio button next to “Create installation media…”
• Select the edition, architecture, and language desired — such as Windows 11, 64-bit (x64), and en-US.
• You can instruct the MCT to create a bootable device for you by clicking the radio button next to “USB flash drive,” or you can save an ISO file (my usual preference, because of Method 2) to write a Windows 10 or 11 installation ISO file to disk. Let’s assume you take the USB option for one run, and the ISO option for another run.

Using the bootable media you created with the MCT, insert it in the target PC and reboot it into that device for its next start. Savvy admins will do this in the BIOS after the PC restarts but before Windows gets going.

Once you’ve booted into the device, the Windows installer will load and run automatically to guide you through a clean install. Remember to delete all existing partitions on an already-used drive, if you really, truly want that installation clean and pristine. That’s key!

Method 2: Download Windows, use Ventoy

Ventoy is a GitHub project that offers an amazing capability: it creates a tiny 32MB EFI boot partition and allocates the rest of the USB medium to an exFAT partition. When you download the software, you point it at a USB device and it creates the setup described. Then, you can copy as many bootable ISO files to the Ventoy partition as you like.

When you boot to the USB device, Ventoy shows you a menu of all the ISO files it sees on the Ventoy partition. You can choose any one of them to boot into. Ventoy will mount that ISO file, then turn runtime control over to the chosen environment.

I’ve gotten in the habit of keeping numerous ISO images in Ventoy, including multiple versions of Windows 10 and 11s and the Microsoft Diagnostics and Recovery Toolset (a.k.a. DaRT). Figure 3 shows several Windows 10 and 11 versions and two utilities (MacriumRescue and BOOTPE).

Figure 3: On the G: Ventoy partition, this snippet shows six Windows 11 ISOs, eight Windows 10 ISOs, and two utilities

Ed Tittel / IDG

Ventoy has the advantage of being able to accommodate ISOs of arbitrary size, so that admins need not be constrained by the 4GB limit imposed for FAT32 formats. You can even use the DISM command to capture a Windows image file (.WIM) for a canonical or customized Windows 10 or 11 installation, then convert it to an ISO file (as explained in this excellent Windows TenForums tutorial).

After the installation

After you’ve performed a clean install using any method, you’ll be starting over from scratch. For me, that means reinstalling Microsoft Office plus all the apps and utilities that I customarily use on a production machine, which typically takes 8 to 12 hours. To speed the process along, I recommend using either the PatchMyPC Home Updater or Ninite utility, or using the winget command to import an already-exported configuration file.

Thankfully, Reset this PC usually works

For those using supported Windows 10 and 11 versions, the Reset this PC option in the proper Settings…Recovery context should make it simple and straightforward to clean-install Windows.

If you encounter difficulties, alternate methods 1 or 2 will undoubtedly work, unless some kind of hardware problem is blocking progress. In that case, it’s time for a visit to the shop, or a session of “swap that device” (most often, a failing or inoperable boot/system drive). Cheers!

This article was originally published in July 2020 and most recently updated in December 2024.

We talk about tons of tips for making the most of Android and tapping into all the operating system’s easily overlooked options, features, and shortcuts.

But when it comes to real-world productivity, Google’s actual operating system is really only half the story.

With Android in particular, lots of core OS-level elements exist as their own standalone apps — technically separate pieces of the puzzle that live in the Play Store and are updated numerous times a year in a way that reaches all of us at the same time. It’s a sharp contrast to the all-in-one strategy on the other side of the mobile-tech divide, and it offers up some pretty interesting (if also largely unappreciated) advantages for those of us here in the land o’ Googley matters.

Over the past year, I’ve shared some splendid suggestions for digging in deeper to those apps and uncovering all sorts of buried treasures — genuinely useful options and adjustments that’ll help you work faster and more efficiently and generally just have a better all-around Android experience.

It’s a lot to take in, and it’s all too easy to miss (or maybe just forget!) something worthwhile along the way. So here, as the end of the year approaches, are 12 of my favorite collections of Google Android app wisdom from the past 12 months — with a whopping 124 top-notch tricks within ’em.

Use the quiet holiday weeks ahead of us to take ’em all in and grant yourself some new spectacular new superpowers for 2025 — and if you aren’t already receiving my Android Intelligence newsletter, by golly, make it your first order of business to fix that now. I send out three new things to try every Friday, and the best tip I can offer for the coming year is to make sure you don’t miss out.

Now, where were we? Oh — right…

The best Google Android app advice from 2024 20 handy hidden tricks for Google Calendar on Android

Upgrade your agenda with these tucked-away time-savers in the Android Calendar app.

5 advanced Gboard tricks for smarter Android typing

Google’s Gboard Android keyboard has some smart systems for improving your text input experience. Ready to become a total typing pro?

8 out-of-sight superpowers for Google Contacts on Android

Google Contacts might not be Android’s flashiest app, but it has some surprisingly useful tricks lurking in its corners.

6 secret settings for a smarter Chrome Android setup

Supercharge your smartphone browsing experience with these powerful yet completely concealed options for Google’s Chrome Android app.

13 tricks for more efficient Android messaging

These easy-to-miss advanced options for Google’s Android Messages app will help you save time and communicate more effectively.

16 handy hidden tricks for Google Maps on Android

Take advantage of all Maps has to offer by tapping into these easily overlooked features and options.

26 note-perfecting tips for Google Keep on Android

Time to tap into all of Keep’s potential and turn Google’s note-taking app into a powerful mobile productivity tool.

A powerful Android dark mode enhancement

One quick switch within the Android Chrome app can take your web-wide dark mode adventures to a whole new level.

5 nifty new gestures for the YouTube Android mini-player

Google’s YouTube mini-player has some noteworthy new tricks up its sleeves — and it’s up to you to find ’em.

20 smart search terms for Google Photos on Android

Find what you need fast with these advanced search commands for your Android Photos app.

A simple new way to set a custom ringtone on Android

At last, an easy shortcut for setting, finding, and managing custom ringtones for contacts on Android. Hip, hip, hoorah!

3 buzzworthy Android alarm enhancements

Give your next alarm some extra pizazz with these hard to find but delightful to use options.

Bonus: Goodbye, Gemini — a sanity-saving Google Search switch

Take a step back in time to a simpler, less bloated form of search without all the unreliable AI poppycock.

2025, here we come!

Your mission for the new year, should you choose to accept it: Get yourself set with my Android Intelligence newsletter and get my Android Notification Power-Pack — six powerful enhancements for any device — as a special instant bonus.

The Lazarus Group, an infamous threat actor linked to the Democratic People's Republic of Korea (DPRK), has been observed leveraging a "complex infection chain" targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024. The attacks, which culminated in the deployment of a new modular backdoor referred to as CookiePlus, are Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

DJI se na svém blogu pochlubila odkladem rozhodnutí, zda prodej čínských dronů představuje ve Spojených státech bezpečnostní hrozbu. Do finální podoby amerického rozpočtu na obranu se nedostal bod s bojem proti čínským dronům. DJI tedy stále může prodávat drony na americkém trhu. Rozhodnutí o ...