Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Dutch Police Disrupt Major Info Stealers RedLine and MetaStealer in Operation Magnus

The Hacker News - 29 Říjen, 2024 - 11:59
The Dutch National Police, along with international partners, have announced the disruption of the infrastructure powering two information stealers tracked as RedLine and MetaStealer. The takedown, which took place on October 28, 2024, is the result of an international law enforcement task force codenamed Operation Magnus that involved authorities from the U.S., the U.K., Belgium, Portugal, and
Kategorie: Hacking & Security

Dutch Police Disrupt Major Info Stealers RedLine and MetaStealer in Operation Magnus

The Hacker News - 29 Říjen, 2024 - 11:59
The Dutch National Police, along with international partners, have announced the disruption of the infrastructure powering two information stealers tracked as RedLine and MetaStealer. The takedown, which took place on October 28, 2024, is the result of an international law enforcement task force codenamed Operation Magnus that involved authorities from the U.S., the U.K., Belgium, Portugal, and Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Leave the Internet Archive alone!

Computerworld.com [Hacking News] - 29 Říjen, 2024 - 11:00

The web has been a mixed blessing for people who care about information. Yes, it’s made it easier than ever to access facts and opinions from around the globe — but it also throws out older data as quickly as it brings in new data. (And let’s not even talk about propaganda!)

One shining beacon for recording truthful and accurate records throughout the web’s history has been the Internet Archive.

The Archive was created by Brewster Kahle, who, beginning in 1980, wanted “to build a library of everything.”  His first step in that direction was creating the Internet’s first distributed search system, the Wide Area Information Server (WAIS)

When he founded the Archives in 1996, his ambitious goal was to provide “universal access to all knowledge.” Kahle and his friends have been remarkably successful. Today, the Archives holds digital copies of 44 million books and texts, 15 million audio recordings, 10.6 million videos, 4.8 million images, a million software programs, and even a copy of Computerworld from 1969. 

To do this, he created the Internet Archive and its associated projects, including the Wayback Machine, which allows users to view archived versions of more than 866 billion saved web pages, and the Open Library project, which aims to create a web page for every published book.

It’s that last project that got the Archives into legal hot water. During the COVID-19 pandemic, Kahle opened the library for free ebook borrowing via the Controlled Digital Lending (CDL) program. Publishing companies were not amused and the Internet Archive lost the resulting lawsuit, Hachette v. Internet Archive. The court rejected the Archive’s fair use defense, finding that its digital lending practices infringed on publishers’ copyrights. 

That’s a huge problem on its own. The Internet Archive is a 501(c)(3) non-profit with a gross revenue in its most recent 990 filing of only $30.5 million. For the size of the job it’s undertaken, it’s grossly underfinanced. 

Recently, though, adding insult to injury, the Archive has been subjected to one cyber-attack after another.The first major incident occurred Oct. 9-10 and involved two simultaneous attacks: First, hackers exploited a GitLab token, compromising the Archive’s source code and stealing user data from 31 million accounts. Concurrently, a pro-Palestinian group called SN BlackMeta launched a Distributed Denial of Service (DDoS) attack, temporarily knocking the site — and the Wayback Machine — offline.

Blackmeta said it hit the site because it belongs to the United States, which supports Israel in the ongoing Palestine-Israel conflict. Uhm, no, no it doesn’t. The only cause the Internet Archive espouses is freedom of information, and it has no connection with the US government. 

Maybe it should. I could argue that the National Archives and Records Administration (NARA) should track the public web, but it doesn’t. 

Then, on Oct. 20, the Internet Archive suffered yet another security breach: This time, hackers exploited unrotated Zendesk, the help desk support program’s application programming interface (API) tokens, to access the Archive’s support platform. 

The results have been one mess after another. Many of the Archive’s services, including the Wayback Machine, have gone dark. In addition, people are worried that some of the data stored by the Archive has been deleted or compromised. 

Operators managed to get the site back up, and a few days ago, Kahle told CBC Radio, “It’s just so sad. It’s great to be back up, and we have millions of people now accessing the site again.” 

That didn’t last. Since then, it’s been hammered yet again!

Enough already — crashing the Internet Archive won’t make a lick of difference to the world’s geopolitical problems. No one will get rich from ripping off the Internet Archive users. There is no point in messing with the Archive. None!

The Archive is a useful library. That’s it. That’s all. And that’s enough.  

In particular, the Archive keeps the only real records of what’s been on the Web. As we put more of our records and news on the Web and nowhere else, that’s vitally important for historians and other people who appreciate knowing who said what to whom and when. 

The Archive needs to be preserved, not vandalized. I’m reminded of the dim-minded protestors whose big idea was to throw pumpkin soup on the Mona Lisa. Quick! What were they protesting?  

You don’t know, do you? 

It was about the right to healthy, sustainable food.

That attack made no difference whatsoever. 

Vandalism, whether on a politically neutral, useful website or on world-famous art, is not helpful; it’s only harmful. And, in the Internet Archive’s case, it’s also pointless. 

More by Steven J. Vaughan-Nichols:

>

>
Kategorie: Hacking & Security

Meta, Apple say the quiet part out loud: The genAI emperor has no clothes

Computerworld.com [Hacking News] - 29 Říjen, 2024 - 11:00

Amidst the mountains of vendor cheerleading for generative AI efforts, often amplified by enterprise board members, skeptical CIOs tend to feel outnumbered. But their cynical worries may now have some company, in the form of a report from Apple and an interview from Meta — both of which raise serious questions about whether genAI can actually do much of what its backers claim.

The debate involves some fairly amorphous terms, at least when spoken in a computing environment context — things like reasoning and logic. When a large language model (LLM), for example, proposes a different and ostensibly better way to do something, is it because its sophisticated algorithm has figured out a better way? Or is it just wildly guessing, and sometimes it gets lucky? Or did it hallucinate something and accidentally say something helpful?

Would a CIO ever trust a human employee with such tendencies? Not likely, but IT leaders are regularly tasked with integrating genAI tools into the enterprise environment by corporate executives expecting miracles.

   

The conclusions drawn by AI experts from Apple and Meta may help CIOs set more realistic expectations about what genAI models can and cannot do, now and in the near future.

GenAI is not that intelligent

The Apple report, which was the more detailed research effort, is also the more damning of the two. Its authors stated:

“Our findings reveal that LLMs exhibit noticeable variance when responding to different instantiations of the same question. Specifically, the performance of all models declines when only the numerical values in the question are altered.

“Furthermore, we investigate the fragility of mathematical reasoning in these models and demonstrate that their performance significantly deteriorates as the number of clauses in a question increases… When we add a single clause that appears relevant to the question, we observe significant performance drops (up to 65%) across all state-of-the-art models, even though the added clause does not contribute to the reasoning chain needed to reach the final answer.”

What does mathematical reasoning have to do with AI-powered business applications? The Apple research team spelled it out:

“Mathematical reasoning is a crucial cognitive skill that supports problem-solving in numerous scientific and practical applications. Consequently, the ability of large language models (LLMs) to effectively perform mathematical reasoning tasks is key to advancing artificial intelligence and its real-world applications.”

What today’s state-of-the-art LLMs do is not logical reasoning, the researchers concluded:

“Current LLMs are not capable of genuine logical reasoning; instead, they attempt to replicate the reasoning steps observed in their training data… It may resemble sophisticated pattern matching more than true logical reasoning.”

Meta’s analysis comes by way of an interview with The Wall Street Journal featuring AI legend Yann LeCun, who today serves as the chief AI scientist at Meta. In the story, LeCun called the notion that AI will soon become advanced enough to pose a threat to humanity “complete B.S.” Like the Apple researchers, he said AI is a powerful tool but not truly intelligent, according to interviewer Christopher Mims:

“When a departing OpenAI researcher in May talked up the need to learn how to control ultra-intelligent AI, LeCun pounced. ‘It seems to me that before “urgently figuring out how to control AI systems much smarter than us,” we need to have the beginning of a hint of a design for a system smarter than a house cat,’ he replied on X.

“He likes the cat metaphor. Felines, after all, have a mental model of the physical world, persistent memory, some reasoning ability and a capacity for planning, he says. None of these qualities are present in today’s ‘frontier’ AIs, including those made by Meta itself.”

Later, the WSJ story lets LeCun make his central point:

“Today’s models are really just predicting the next word in a text, he says. But they’re so good at this that they fool us. And because of their enormous memory capacity, they can seem to be reasoning, when in fact they’re merely regurgitating information they’ve already been trained on.

“‘We are used to the idea that people or entities that can express themselves, or manipulate language, are smart — but that’s not true,’ says LeCun. ‘You can manipulate language and not be smart, and that’s basically what LLMs are demonstrating.’”

That is the key issue. Enterprises are putting far too much faith in genAI systems, says Francesco Perticarari, general partner at technology investment house Silicon Roundabout Ventures in London, England.

It’s easy to assume that the rare correct answers given by these tools are flashes of brilliance, rather than the genAI having gotten a lucky guess. But “the output is not based at all on reasoning. It is merely based on extremely powerful computing,” Perticarari said. 

Putting genAI in the driver’s seat

One frequently cited selling point for genAI is that some models have proven quite effective at passing various state bar exams. But those bar exams are ideal environments for genAI, because the answers are all published. Memorizations and regurgitation are ideal uses for genAI, but that doesn’t mean genAI tools have the skills, understanding, and intuition to practice law.

“The logic is that if genAI can pass the bar exam, it can handle my business, build systems that are robust and that work now,” said Alan Nichol, co-founder and CTO of AI vendor Rasa. “[Business leaders] are taking this dangerous, naive approach and just letting the LLM figure it out,” he said.

Nichol pointed to Apple’s analysis that the more complex and multilayered math problems got, the more the LLMs got lost and confused. 

“It’s supposed to understand this math, but something is definitely fishy. The medium through which they are doing [these calculations] is natural language. It’s fuzzy and imprecise,” he said. “Language models were never supposed to do a lot of these things. There are vanishingly few situations where you want your software to guess what it should be doing, what the next few steps should be.”

Nichol stressed that these systems, left to their own devices, are reckless. “Four out of five times, genAI doesn’t follow its own instructions,” he said. “You want it to guess business logic? It just doesn’t work and is extremely slow and consumes a tremendous amount of tokens.”

Perticarari from Silicon Roundabout Ventures is especially concerned about hallucinations coupled with the lack of meaningful guardrails. GenAI seems to easily overcome — or be tricked by a user into overcoming — many of the safeguards organizations attempt to place around it.

“If you have a one-year-old, you wouldn’t give her a loaded gun and then try and explain to her why she shouldn’t shoot you,” Perticarari said. “[GenAI is] not sentient. Humans are sentient and they assume the system is intelligent, too. Letting genAI run on autopilot to me is crazy. Don’t give anything to a black box.”

Fighting FOMO

Perticarari blames enterprise executives and board members for falling victim to countless AI sales pitches. He says that CIOs have to be the voice of sanity.

“It is always easy during a gold rush to sell hype. [Sales execs] just keep delivering endless layers of selling without really understanding,” Perticarari said. “CIOs need to ask, ‘How fundamental and vital is the task that [we] are outsourcing to genAI?’”

Jake Reynolds, the CTO at cybersecurity vendor Wirespeed, agrees. He maintains that a lot of the rush to genAI has been pushed by board members, and “the CIO had to tag along.”

Executives are giving in to FOMO (fear of missing out), thinking that “their largest competitor is doing it, so we are going to do it,” he said. “But it doesn’t deliver. Even with the more objective mathematics, it starts falling apart. Try to get consistency out of it. You can’t. The words it predicts changes every time you tweak a little knob… Are you really OK with your product only working 80% of the time?”

Reynolds encourages CIOs to slow down and be as minimalistic as practical. “We’re not laggards. We’re just realists about what the technology can really do,” he said. 

Judicious use of genAI tools can mitigate disappointment or worse, agrees Nichol. “We should just let the LLMs do what the LLMs are amazing at. Don’t let the LLM do everything.”

Kategorie: Hacking & Security

US finalizes curbs on investment in AI and critical technology in China

Computerworld.com [Hacking News] - 29 Říjen, 2024 - 10:45

The US government has announced new rules restricting investments in China’s AI and other tech sectors deemed threats to national security, expanding the existing restrictions that were so far limited to exports.

First introduced by the US Treasury in June, the rules are based on an executive order signed by President Joe Biden in August 2023.

They focus on three critical areas: semiconductors and microelectronics, quantum information technologies, and certain AI systems.

“This narrow set of technologies is core to the next generation of military, cybersecurity, surveillance, and intelligence applications,” the Treasury said in a statement.

The US already restricts or bans the export of many technologies covered by the new rules to certain countries. The new program complements existing export controls and inbound screening measures by blocking US investments from aiding the development of sensitive technologies in countries of concern, the Treasury added.

Fueling the trade war

This marks the latest development in the ongoing trade war between the US and China, which has already witnessed numerous restrictions.

Analysts are skeptical of the policy’s impact, cautioning that it may further intensify tensions and stifle innovation and growth.

“The scope of restrictions is now expanding beyond the sale of technology IP or chips to include investments in the Chinese tech sector,” said Neil Shah, VP of research and partner at Counterpoint Research. “This move aims to stifle Chinese tech companies on both fronts — limiting financial and technology inflows. Unfortunately, this will make it difficult for Chinese companies to innovate quickly and will further intensify the geopolitical tech cold war.”

This also means that if China retaliates — while protecting its own manufacturing ecosystem — it could affect large and small tech companies that still rely on China as a key market.

In a related move earlier this month, a Chinese industry body called for a security review of Intel’s products, signaling heightened scrutiny of US tech firms operating in the country.

Reports indicate, however, that trade restrictions have had a limited effect on slowing Chinese chip manufacturing as China continues to stockpile chipmaking equipment. There are also loopholes in the restrictions that Chinese companies are able to take advantage of.  

Impact on enterprises

Restrictions could stifle collaboration and knowledge exchange between nations, potentially slowing innovation by reducing opportunities to work on advanced projects.

“Companies might also need to reassess their strategic priorities, which may lead to an unnecessary increase in innovation costs,” said Charlie Dai, VP and principal analyst at Forrester. “On the other hand, regulatory concerns will force enterprises outside the US to further prioritize localization strategies to achieve self-sufficiency in critical areas, potentially leading to increasingly isolated innovation ecosystems.”

The new rules may also require US enterprises to closely monitor both domestic and international regulatory shifts and establish agile compliance programs to adapt swiftly to evolving requirements.

“These constraints can also diminish R&D investments and have profound long-term economic effects, stifling advancement in pivotal sectors like semiconductors, quantum computing, and AI, ultimately hampering overall technological progress,” said Thomas George, president of Cybermedia Research.

Opportunity for emerging markets

For other emerging markets, however, the tightened US restrictions could present new opportunities by attracting redirected foreign investments from US firms.

“As trade tensions rise and new regulations emerge, US companies increasingly move away from Chinese manufacturing,” said George. “Instead, they want to collaborate with countries such as India, Mexico, and Vietnam. This shift is crucial as it enhances companies’ resilience and allows them to navigate new US export controls more effectively.”

Companies should reduce dependency on any single country by diversifying supply chains to mitigate risks associated with regulatory changes in specific regions, according to Dai.

“Engaging with research and advisory firms can help them better understand the potential impact of various regulatory changes, prepare contingency plans, and develop strategies to assess and mitigate risks,” Dai said.

Kategorie: Hacking & Security

U.S. Government Issues New TLP Guidance for Cross-Sector Threat Intelligence Sharing

The Hacker News - 29 Říjen, 2024 - 08:36
The U.S. government (USG) has issued new guidance governing the use of the Traffic Light Protocol (TLP) to handle threat intelligence information shared between the private sector, individual researchers, and Federal Departments and Agencies. "The USG follows TLP markings on cybersecurity information voluntarily shared by an individual, company, or other any organization, when not in conflict
Kategorie: Hacking & Security

U.S. Government Issues New TLP Guidance for Cross-Sector Threat Intelligence Sharing

The Hacker News - 29 Říjen, 2024 - 08:36
The U.S. government (USG) has issued new guidance governing the use of the Traffic Light Protocol (TLP) to handle threat intelligence information shared between the private sector, individual researchers, and Federal Departments and Agencies. "The USG follows TLP markings on cybersecurity information voluntarily shared by an individual, company, or other any organization, when not in conflict Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors

The Hacker News - 29 Říjen, 2024 - 06:53
More than six years after the Spectre security flaw impacting modern CPU processors came to light, new research has found that the latest AMD and Intel processors are still susceptible to speculative execution attacks. The attack, disclosed by ETH Zürich researchers Johannes Wikner and Kaveh Razavi, aims to undermine the Indirect Branch Predictor Barrier (IBPB) on x86 chips, a crucial mitigation
Kategorie: Hacking & Security

New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors

The Hacker News - 29 Říjen, 2024 - 06:53
More than six years after the Spectre security flaw impacting modern CPU processors came to light, new research has found that the latest AMD and Intel processors are still susceptible to speculative execution attacks. The attack, disclosed by ETH Zürich researchers Johannes Wikner and Kaveh Razavi, aims to undermine the Indirect Branch Predictor Barrier (IBPB) on x86 chips, a crucial mitigationRavie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New tool bypasses Google Chrome’s new cookie encryption system

Bleeping Computer - 28 Říjen, 2024 - 21:59
A researcher has released a tool to bypass Google's new App-Bound encryption cookie-theft defenses and extract saved credentials from the Chrome web browser. [...]
Kategorie: Hacking & Security

Exchange Online adds Inbound DANE with DNSSEC for everyone

Bleeping Computer - 28 Říjen, 2024 - 20:21
Microsoft announced today that inbound SMTP DANE with DNSSEC for Exchange Online, a new capability to boost email security and integrity, is now generally available. [...]
Kategorie: Hacking & Security

Russia targets Ukrainian conscripts with Windows, Android malware

Bleeping Computer - 28 Říjen, 2024 - 19:36
A hybrid espionage/influence campaign conducted by the Russian threat group 'UNC5812' has been uncovered, targeting Ukrainian military recruits with Windows and Android malware. [...]
Kategorie: Hacking & Security

Free, France’s second largest ISP, confirms data breach after leak

Bleeping Computer - 28 Říjen, 2024 - 18:45
Free, a major internet service provider (ISP) in France, confirmed over the weekend that hackers breached its systems and stole customer personal information. [...]
Kategorie: Hacking & Security

Čtrnáctiletý hoch se zamiloval do chatbota. Poté, co spáchal sebevraždu, žaluje jeho matka Character.AI

Zive.cz - bezpečnost - 28 Říjen, 2024 - 18:45
Generativní AI proniká do našich životů a někdy se může stát náhražkou za mezilidské vztahy. Bohužel to v některých případech může skončit špatně, jak ukazuje příběh čtrnáctiletého Sewella Setzera, který si vzal život poté, co navázal blízký vztah s chatbotem na platformě Character.AI . Chatbot se ...
Kategorie: Hacking & Security

TSMC: US facility outperforms Taiwan in chip production efficiency

Computerworld.com [Hacking News] - 28 Říjen, 2024 - 18:27

The Phoenix fabrication facility of the world’s largest semiconductor chip maker is yielding more usable chips than similar plants in Taiwan, according to the Taipei Times.

Rick Cassidy, president of TSMC’s US division, said during a webinar last week that the share of usable chips from the company’s Phoenix plant exceeds that of similar Taiwanese plants by 4%. If true, the superior performance at the Phoenix fab is notable because the US government has been working to spur a return of the semiconductor manufacturing industry to US shores, where manufacturing tends to be more costly.

Better yields would help offset those higher costs.

“Four percent higher yield is certainly good news,” said Harry Moser, president of the Reshoring Initiative, a non-profit that offers companies assessments on offshoring costs. “To be competitive, we need a higher yield. It is agreed that US factory capital cost and operating cost will be 10% to 20% higher than in most other countries. The 4% will offset some of that difference.”

The COVID-19 pandemic highlighted critical gaps in the semiconductor supply chain as imports to the US and other nations ground to a halt, affecting the production of everything with electronics, from smart phones to cars. The CHIPS and Science Act, passed in 2022, earmarked more than $52 billion in funding and tax incentives for use by the US semiconductor industry to create new or expand existing manufacturing and R&D facilities.

The CHIPS Act was created to address both future possible supply chain catastrophes and to re-establish the US as a major chips manufacturer.

To date, the CHIPS Act has allocated more than $32 billion in proposed funding across 18 companies, 16 states, and 26 projects. However, no CHIPS funding has yet been disbursed to any companies, according to the US Department of Commerce.

TSMC is the main supplier of chips for both Nvidia and Apple. The CHIPS Act allocated $6.6 billion in grants and $5 billion in loans, along with a 25% tax credit, to incentivize the company to build three fabs in Arizona. TSMC’s first facility was scheduled to open this year, but the company pushed that back to next year after labor shortages surfaced.

The US reshoring efforts come at a time when the industry doesn’t have anywhere near the workforce — including technicians, computer scientists, and engineers — required to support future needs. By some estimates, the US semiconductor industry will face a worker shortfall of between 59,000 and 146,000 workers by 2029. A minimum of 50,000 trained semiconductor engineers will be needed over the next several years in the US to meet the overwhelming and rapidly growing demand, according to a study by Purdue University.

The broader US economy is set to have a gap of 1.4 million such workers, according to a 2023 study from the Semiconductor Industry Association. So the competition will be fierce over those skilled workers. Compounding the problem is an ongoing exodus of existing talent as older workers retire. A study from Deloitte found that nearly 90% of tech leaders interviewed cited recruiting as their biggest challenge.

A TSMC spokesperson shared statements regarding the Phoenix fab with Computerworld from a third quarter earnings call by CEO C.C. Wei, but declined to comment on Cassidy’s claim directly.

“Our first fab entered engineering wafer production in April with 4-nanometer process technology, and the result is a highly satisfactory, with a very good yield,” Wei said. “This is an important operational milestone for TSMC and our customers, demonstrating TSMC’s strong manufacturing capability and execution.”

Wei said he expects volume production of the company’s first Arizona fab to start in early 2025, and he is “confident” it will deliver “the same level of manufacturing quality and reliability” from our fabs in Taiwan.

TSMC is also building two other fabs in the Phoenix area that will use more advanced technologies based on its customer needs, Wei said. The second fab is scheduled to begin volume production in 2028 and the third fab will begin production by the end of the decade.

“Thus, TSMC will continue to play a critical and integral role in enabling our customers’ success, while remaining a key partner and enabler of the US semiconductor industry,” Wei said.

Reshore Now’s Moser said it would be good to know whether the Phoenix fab uses identical equipment as in Taiwan, speculating that the US plant could have been more modern. “Was it accomplished solely by US workers or significantly by Taiwanese brought over to aid the start-up?” he said.

Kategorie: Hacking & Security

Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services

The Hacker News - 28 Říjen, 2024 - 18:26
A government entity and a religious organization in Taiwan were the target of a China-linked threat actor known as Evasive Panda that infected them with a previously undocumented post-compromise toolset codenamed CloudScout. "The CloudScout toolset is capable of retrieving data from various cloud services by leveraging stolen web session cookies," ESET security researcher Anh Ho said. "Through
Kategorie: Hacking & Security

Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services

The Hacker News - 28 Říjen, 2024 - 18:26
A government entity and a religious organization in Taiwan were the target of a China-linked threat actor known as Evasive Panda that infected them with a previously undocumented post-compromise toolset codenamed CloudScout. "The CloudScout toolset is capable of retrieving data from various cloud services by leveraging stolen web session cookies," ESET security researcher Anh Ho said. "Through Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Apple’s new M4 iMac: Faster, smarter, and made for AI

Computerworld.com [Hacking News] - 28 Říjen, 2024 - 17:45

Apple’s week of Mac began today with a newly announced iMac, now beefed up with an M4 chip and more internal memory. Apple says the iMac is up to 4.5 times faster than an equivalent all-in-one Intel Core 7 Windows PC — and promises the machine will deliver up to six times the performance of the most popular Intel-based iMac.

The inference is obvious: if you use your iMac professionally, you might want to think about an upgrade. Reinforcing the point, Apple says the iMac is up to 1.7 times faster for most tasks and 2.1 times faster for more advanced tasks when compared to the M1 model.

Apple sets the scene for its AI

Part of the reason for this improved performance is the big boost to 16GB of unified onboard memory (configurable to 24GB). That memory boost is to support Apple Intelligence, which is also available for Macs running macOS Sequoia 15.1 or above. The Neural Engine in M4 chips is 3x faster than the M1. (Apple Intelligence is also now available for iPhones and iPads running iOS/iPad OS 18.1.)

Be warned, the entry-level $1,299 iMac might not reach these performance heights as it ships with an 8-core CPU; the rest of the range offers 10 cores. You do get hardware-accelerated ray tracing, which is going to make a big difference when you use the Mac.

Apple’s AI platform play means all its current devices will now support Apple Intelligence, meaning the company now offers the world’s biggest AI ecosystem.

What else is new?

The iMac display continues to be the same 24-in. 4.5K Retina display we all know and love, with a new nano-texture glass option available if color fidelity and anti-reflection matters to you.

Starting at $1,299, the new iMacs are available in a “parade” of colors, including green, yellow, orange, pink, purple, blue, and silver. Buyers get: a 12-megapixel Center Stage camera with support for Desk View; a brilliant microphone and speaker system; and four USB-C ports, all of which support Thunderbolt 4. You can even run two external displays. Wrapping it up, you’ll find Wi-Fi 6E and Bluetooth 5.1 along with TouchID support, thanks to a button on the keyboard.

Overall, this is a solid and update, but it has to be said that it doesn’t seem to be the main attraction — that honor this week is likely to be all about a smaller machine….

We’re still waiting for the Mac mini

I can’t help but feel the iMac is being seen through a lens of pre-announcement speculation for the Mac mini. That product is already attracting lots of interest — just look at the pre-release headlines:

  • “This is the Mac Mini’s big moment” (The Verge).
  • “A tiny Mac mini could be the ultimate travel companion and I can’t wait for it” (TechRadar).
  • “Apple Mac mini with M4 chip could be a game-changer for creatives, here’s why” (Hindustan Times).

Talk about setting the scene.

Even Bloomberg’s Mark Gurman has put his well-connected assessment out there; he obliquely tells us that even if you are quite happy with your M1 Mac mini, the move to M4 processors “could feel as significant as that first shift from Intel machines to Apple chips.” 

That’s borne out by Apple’s iMac claims above. What we can piece together from the iMac introduction is that the new Mac mini will also deliver huge performance boosts in contrast to the M1 or M2 models already in use.

That’s an upgrade productivity benefits are built on in some industries, and it suggests that if your business has M1 (or older) Mac minis in its fleet, the new M4 models seem to be a tempting upgrade. After all, you don’t even need to replace the display….

Will a M4 Mac mini be the new Mac for business?

This introduction is expected to be about more than the silicon inside these Macs — it’s also the new design around them. If reports are correct, the new mini may be significantly smaller as Apple’s designers draw yet another benefit out of the energy and heat dissipation advantages of the company’s Arm-based chips.

Expect it to be a small aluminium box that’s taller but otherwise similar in size to the current Apple TV. I visualize this as being a box about half the size of a regular paperback book and perhaps as thick as three average length novels stacked atop each other. That’s really small. And it should now come with 16GB of base memory and support for Apple Intelligence.

Speaking just last year, MacStadium CTO Chris Chapman told me his existing server farms full of Mac minis used so much less power that his data center providers were, “always calling us up to tell us we’re not using enough power for the space.”

If the smaller size means lower energy consumption (and given what we know of Apple’s silicon evolution so far, it probably does), then for enterprises handling hundreds of these machines — or any other Mac, come to that — the M4 upgrade promises significant reductions in energy costs. 

A good start to a week of Mac

Combined with the faster chip, these tiny desktop Mac minis or larger iMacs are going to run just about anything you want as effectively as a hot knife through butter.

That’s why the upcoming Mac mini has generated so much interest, even before its introduction. Combined with the impressive iMac rollout today and anticipation around the expected powerful MacBook Pro improvements, Apple’s big week of Mac news is off to a strong start. But will it distract or focus interest on the company’s end of year results announcement Thursday?

Please follow me on LinkedInMastodon, or join me in the AppleHolic’s bar & grill group on MeWe.

Kategorie: Hacking & Security

OpenAI set to release its next big AI model in December

Computerworld.com [Hacking News] - 28 Říjen, 2024 - 17:14

OpenAI plans to release its next major flagship model, Orion, by December, according to The Verge — and Microsoft, which has invested heavily in Open AI, is said to be ready to launch Orion on Azure as early as November.

Orion is intended to be the successor to GPT-4 and is said to be up to 100 times stronger. However, unlike Open AI’s last two models, GPT-4o and o1, it will not be released first through the AI assistant Chat GPT. Instead, OpenAI plans to first give a collection of companies access to the AI model so they can use it to build their own products.

It’s unclear whether the new model will be called GPT-5 or something else. Both Open AI and Microsoft declined to comment on the report, though OpenAI spokesperson Niko Felix told The Verge the company doesn’t “have plans to release a model code-named Orion this year.”

Kategorie: Hacking & Security

US says Chinese hackers breached multiple telecom providers

Bleeping Computer - 28 Říjen, 2024 - 17:05
The FBI and the U.S. Cybersecurity & Infrastructure Security Agency (CISA) have disclosed that Chinese hackers breached commercial telecommunication service providers in the United States. [...]
Kategorie: Hacking & Security
Syndikovat obsah