Computerworld.com [Hacking News]

Retrieval-Augmented Generation (RAG) — a method used by genAI tools like Open AI’s ChatGP) to provide more accurate and informed answers — is becoming a cornerstone for generative AI (genAI) tools, “providing implementation flexibility, enhanced explainability and composability with LLMs,” according to a recent study by Gartner Research.

And by 2028, 80% of genAI business apps will be developed on existing data management platforms, with RAG a key part of future deployments.

There’s only one problem: RAG isn’t always effective. In fact, RAG, which assists genAI technologies by looking up information instead of relying only on memory, could actually be making genAI models less safe and reliable, according to recent research.

Alan Nichol, CTO at conversational AI vendor Rasa, called RAG “just a buzzword” that just means “adding a loop around large language models” and data retrieval. The hype is overblown, he said, adding that the use of “while” or “if” statements by RAG is treated like a breakthrough.

(RAG systems typically include logic that might resemble “if” or “while” conditions, such as “if” a query requires external knowledge, retrieve documents from a knowledge base, and “while” an answer might be inaccurate re-query the database or refine the result.) 

“…Top web [RAG] agents still only succeed 25% of the time, which is unacceptable in real software,” Nichol said in an earlier interview with Computerworld. “Instead, developers should focus on writing clear business logic and use LLMs to structure user input and polish search results. It’s not going to solve your problem, but it is going to feel like it is.”

Two studies, one by Bloomberg and another by The Association for Computational Linguistics (ACL) found that using RAG with large language models (LLMs) can reduce their safety, even when both the LLMs and the documents it accesses are sound. The study highlighted the need for safety research and red-teaming designed for RAG settings.

Both studies found that “unsafe” outputs such as misinformation or privacy risks increased under RAG, prompting a closer look at whether retrieved documents were to blame. The key takeaway: RAG needs strong guardrails and researchers who are actively trying to find flaws, vulnerabilities, or weaknesses in a system — often by thinking like an adversary.

How RAG works — and causes security risks

One way to think about RAG and how it works is to compare a typical genAI model to a student answering questions just from memory. The student might sometimes answer the questions from memory — but the information could also be outdated or incomplete.

A RAG system is like a student who says, “Wait, let me check my textbook or notes first,” then gives you an answer based on what they found, plus their own understanding.

Iris Zarecki, CEO of data integration services provider K2view, said most organizations now using RAG augment their genAI models with internal unstructured data such as manuals, knowledge bases, and websites. But enterprises also need to include fragmented structured data, such as customer information, to fully unlock RAG’s potential.

“For example, when customer data like customer statements, payments, and past email and call interactions with the company are retrieved by the RAG framework and fed to the LLM, it can generate a much more personalized and accurate response,” Zarecki said.

Because RAG can increase security risks involving unverified info and prompt injection, Zarecki said, enterprises should vet sources, sanitize documents, enforce retrieval limits, and validate outputs.

RAG can also create a gateway through firewalls, allowing for data leakage, according to Ram Palaniappan, CTO at TEKsystems Global Services, a tech consulting firm. “This opens a huge number of challenges in enabling secure access and ensuring the data doesn’t end up in the public domain,” Palaniappan said. “RAG poses data leakage challenges, model manipulation and poisoning challenges, securing vector DB, etc. Hence, security and data governance become very critical with RAG architecture.”

(Vector databases are commonly used in applications involving RAG, semantic search, AI agents, and recommendation systems.)

Palaniappan expects the RAG space to rapidly evolve, with improvements in security and governance through tools like the Model Context Protocol and Agent-to-Agent Protocol (A2A). “As with any emerging tech, we’ll see ongoing changes in usage, regulation, and standards,” he said. “Key areas advancing include real-time AI monitoring, threat detection, and evolving approaches to ethics and bias.”

Large Reasoning Models are also highly flawed

Apple recently published a research paper evaluating Large Reasoning Models (LRMs) such as Gemini flash thinking, Claude 3.7 Sonnet thinking and OpenAI’s o3-mini using logical puzzles of varying difficulty. Like RAG, LRMs are designed to provide better responses by incorporating a level of step-by-step reasoning in its task.

Apple’s “Illusion of Thinking” study found that as the complexity of tasks increased, both standard LLMs and LRMs saw a significant decline in accuracy — eventually reaching near-zero performance. Notably, LRMs often reduced their reasoning efforts as tasks got more difficult, indicating a tendency to “quit” rather than persist through challenges.

Even when given explicit algorithms, LRMs didn’t improve, indicating they rely on pattern recognition rather than true understanding, challenging assumptions about AI’s path to “true intelligence.”

While LRMs perform well on benchmarks, their actual reasoning abilities and limitations are not well understood. Study results show LRMs break down on complex tasks, sometimes performing worse than standard models. Their reasoning effort increases with complexity only up to a point, then unexpectedly drops.

LRMs also struggle with consistent logical reasoning and exact computation, raising questions about their true reasoning capabilities, the study found. “The fundamental benefits and limitations of LRMs remain insufficiently understood,” Apple said. “Critical questions still persist: Are these models capable of generalizable reasoning or are they leveraging different forms of pattern matching.”

Reverse RAG can improve accuracy

A newer approach, Reverse RAG (RRAG), aims to improve accuracy by adding verification and better document handling, Gartner Senior Director Analyst Prasad Pore said. Unlike typical RAG, which uses a workflow that retrieves data and then generates a response, Reverse RAG flips it to generate an answer, retrieve data to verify that answer and then regenerate that answer to be passed along to the user.

First, the model drafts potential facts or queries, then fetches supporting documents and rigorously checks each claim against those sources. Reverse RAG emphasizes fact-level verification and traceability, making outputs more reliable and auditable.

RRAG represents a significant evolution in how LLMs access, verify and generate information, Pore said. “Although traditional RAG has transformed AI reliability by connecting models to external knowledge sources and making completions contextual, RRAG offers novel approaches of verification and document handling that address challenges in genAI applications related to fact checking and truthfulness of completions.”

The bottom line is that RAG and LRM alone aren’t silver bullets, according to Zarecki. Additional methods to improve genAI output quality must include:

• Structured grounding: Fragmented structured data, such as customer info, in RAG.
• Fine-tuned guardrails: Zero-shot or few-shot prompts with constraints, using control tokens or instruction tuning.
• Human-in-the-loop oversight: Especially important for high-risk domains such as healthcare, finance, or legal.
• Multi-stage reasoning: Breaking tasks into retrieval → reasoning → generation improves factuality and reduces errors, especially when combined with tool use or function calling.

Organizations must also organize enterprise data for GenAI and RAG by ensuring privacy, real-time access, quality, scalability, and instant availability to meet chatbot latency needs.

“This means that data must address requirements like data guardrails for privacy and security, real-time integration and retrieval, data quality, and scalability at controlled costs,” Zarecki said. “Another critical requirement is the freshness of the data, and the ability of the data to be available to the LLM in split seconds, because of the conversational latency required for a chatbot.”

This agent is a robot

Agentic AI and AI agents are hotter than lava-fried chicken right now, and this week CIO defined how the two differ from each other. We reported that the two related technologies can work together, but CIOs should understand the difference to protect against vendor hype and obfuscation.  

And it is vendor hype that is exercising the readers of CIO, who wanted to know from Smart Answers how to spot vendor AI washing. Smart Answers may be an AI-infused chatbot, but it’s fueled by human intelligence, allowing it to know its own limitations. 

It defines AI washing as misrepresentation of basic automation or traditional algorithms as fully autonomous AI agents. Such false agents don’t possess true independent decision-making capabilities and cannot reason through multiple steps and act independently. 

Find out: What is agent washing in AI marketing? 

Windows 10: not dead yet

The imminent demise of support for Windows 10 is causing much consternation in enterprise IT. But is Microsoft really axing Windows 10? This week Computerworld reported the definitive need to know on the subject. This prompted readers to ask many questions of Smart Answers, all related to the end of Windows 10. Most often queried was the future of Microsoft 365 apps on Windows 10 after support ends.  

It’s good news and bad news. While the apps will continue to function and receive security updates until Oct. 10, 2028, users may encounter performance issues and limited support. Microsoft encourages users to upgrade to Windows 11 to avoid these potential problems. (Well, it would.) 

Find out: What happens using Microsoft 365 apps on Windows 10 after 2025?  

You say IT, we say OT

The convergence of IT and operational technology (OT) can improve security, optimize processes, and reduce costs. This week CIO reported on how some how large companies do it. 

Not surprisingly this prompted readers to ask Smart Answers how IT/OT collaboration can drive digital transformation. Within the answer lies one very salient point: some leaders believe that in certain sectors, rapid IT/OT convergence is critical to achieve transformation.  

Find out: How is IT/OT convergence enabling digital transformation in different industries?  

About Smart Answers 

Smart Answers is an AI-based chatbot tool designed to help you discover content, answer questions, and go deep on the topics that matter to you. Each week we send you the three most popular questions asked by our readers, and the answers Smart Answers provides. 

Generative AI (genAI) could help people live longer and healthier lives, transform education, solve climate change, help protect endangered animals, speed up disaster response, and make work more creative, all while making daily life safer and more humane for billions worldwide. 

Or the technology could lead to massive job losses, boost cybercrime, empower rogue states, arm terrorists, enable scams, spread deepfakes and election manipulation, end democracy, and possibly lead to human extinction. 

Well, humanity? What’s it going to be?

California’s dreamin’

Last year, the California State Legislature passed a bill that would have required companies based in the state to perform expensive safety tests for large genAI models and also build in “kill switches” that could stop the technology from going rogue. 

If this kind of thing doesn’t sound like a job for state government, consider that California’s genAI companies include OpenAI, Google, Meta, Apple, Nvidia, Salesforce, Oracle, Anthropic, Anduril, Tesla, and Intel. 

The biggest genAI company outside California is Amazon; it’s based in Washington state, but has its AI division in California.

Anyway, California Gov. Gavin Newsom vetoed the bill. Instead, he asked AI experts, including Fei-Fei Li of Stanford, to recommend a policy less onerous to the industry. The resulting Joint California Policy Working Group on AI Frontier Models released a 52-page report this past week. 

The report focused on transparency, rather than testing mandates, as the solution to preventing genAI harms. The recommendation also included third-party risk assessments, whistleblower protections, and flexible rules based on real-world risk, much of which was also in the original bill. 

It’s unclear whether the legislature will incorporate the recommendations into a new bill. In general, the legislators have reacted favorably to the report, but AI companies have expressed concern about the transparency part, fearing they’ll have to reveal their secrets to competitors. 

Two kinds of risk

There are three fundamental ways that emerging AI systems could create problems and even catastrophes to people: 

1. Misalignment. Some experts fear that misaligned AI, acting creatively and automatically, will operate in its own self-interest and against the interests of people. Research and media reports show that advanced AI systems can lie, cheat, and engage in deceptive behavior. GenAI models have been caught faking compliance, hiding their true intentions, and even strategically misleading their human overseers when it serves their goals; that was seen in experiments with models like Anthropic’s Claude and Meta’s CICERO, which lied and betrayed allies in the game Diplomacy despite being trained for honesty.

2. Misuse. Malicious people, organizations, and governments could use genAI tools to launch highly effective cyberattacks, create convincing deepfakes, manipulate public opinion, automate large-scale surveillance, and control autonomous weapons or vehicles for destructive purposes. These capabilities could enable mass disruption, undermine trust, destabilize societies, and threaten lives on an unprecedented scale.

3. The collective acting on bad incentives. AI risk isn’t a simple story of rogue algorithms or evil hackers. Harms could result from collective self-interest combined with incompetence or regulatory failure. For example, when genAI-driven machines replace human workers, it’s not just the tech companies chasing efficiency. It’s also the policymakers who didn’t adopt labor laws, the business leaders who made the call, and consumers demanding ever-cheaper products. 

What’s interesting about this list of ways AI could cause harm is that all are nearly certain to happen. We know that because it’s already happening at scale, and the only certain change coming in the future is the rapidly growing power of AI. 

So, how shall we proceed? 

We can all agree that genAI is a powerful tool that is becoming more capable all the time. We want to maximize its benefit to people and minimize its threat. 

So, here’s what I believe is the question of the decade: What do we do to promote this outcome? By “we,” I mean the technology professionals, buyers, leaders, and thought leaders reading this column. 

What should we be doing, advocating, supporting, or opposing? 

I asked Andrew Rogoyski, director of Innovation and Partnerships at the UK’s Surrey Institute for People-Centred Artificial Intelligence, that question. Rogoyski works full-time to maximize AI’s benefits and minimize its harms. 

One concern with genAI systems, according to Rogoyski, is that we’re entering a realm where nobody knows how they work — even when they benefit people. As AI gets more capable, “new products appear, new materials, new medicines, we cure cancer. But actually, we won’t have any idea how it’s done,” he said. 

“One of the challenges is these decisions are being made by a few companies and a few individuals within those companies,” he said. Decisions made by a few people “will have enormous impact on…global society as a whole. And that doesn’t feel right.” He pointed out that companies like Amazon, OpenAI, and Google have far more money to devote to AI than entire governments. 

Rogoyski pointed out the conundrum exposed by solutions like the one California is trying to arrive at. At the core of the California Policy Working Group’s proposal is transparency, treating AI functionality as a kind of open-source project. On the one hand, outside experts can help flag dangers. On the other, transparency opens the technology to malicious actors. He gave the example of AI designed for biotech, something designed to engineer life-saving drugs. In the wrong hands, that same tool might be used to engineer a catastrophic bio-weapon.

According to Rogoyski, the solution won’t be found solely in some grand legislation or the spontaneous emergence of ethics in the hearts of Silicon Valley billionaires. The solution will involve broad-scale collective action by just about everyone.

It’s up to us

At the grass-roots level, we need to advocate the practice of basing our purchasing, use, and investment in AI systems that are serious about and capable with ethical practices, strong safety policies, and deep concern about alignment. 

We all need to favor companies that “do the right thing in the sense of sharing information about how they trained [their AI], what measures they put in place to stop it misbehaving and so on,” said Rogoyski.

Beyond that, we need stronger regulation based more on expert input and less on Silicon Valley businesses’ trillion-dollar aspirations. We need broad cooperation between companies and universities. 

We also need to support, in any way we can, the application of AI to our most pressing problems, including medicine, energy, climate change, income inequality, and others.

Rogoyski offers general advice for anyone worried about losing their job to AI: Look to the young. 

While older professionals might look at AI and feel threatened by it, younger people often see opportunity. “If you talk to some young creative who’s just gone to college [and] come out with a [degree in] photography, graphics, whatever it is,” he said, “They’re tremendously excited about these tools because they’re now able to do things that might have taken a $10 million budget.”

In other words, look for opportunities in AI to accelerate, enhance, and empower your own work.

And that’s generally the mindset we should all embrace: We are not powerless. We are powerful. AI is here to stay, and it’s up to all of us to make it work better for ourselves, our communities, our nations, and our world. 

Contactless payments such as Apple Pay and sustainability in inventory control are going to get much easier with an upcoming update to the Near Field Communications (NFC) standard that will make devices connect more swiftly and support the Digital Product Passport (NDPP) specification.

The first problems the new standard solves are range and reliability. At present, standard NFC supports a range of up to 0.2 inches and the connections aren’t always robust. What that means to most of us is the need to wriggle your iPhone or Apple Watch around a little to gain connection to the payment terminal. The improved NFC increases that range to to about 3/4 of an inch for all devices and makes the connection a little more resilient; the standard is also a little faster, which means once you authorize a payment it will take place faster than it already does.

Faster connections, easier payments, and more

That range and reliability improvements aren’t just for mobile payments, of course. If you use your iPhone as a car key or have mobile transit cards in your Apple Wallet, you should get a much better experience when opening doors or catching public transit. The NFC update also comes as Apple prepares to introduce expanded support for digital IDs and in-store payments with iOS 16. The latter is interesting because while the NFC Forum didn’t say anything about it, the update does support more complex transactions over NFC — that should make it easier to use supermarket loyalty cards at the same time as Apple Pay in a single tap. The Forum calls these, “multi-purpose tap use cases where a single tap unlocks multiple functions.”

NFC Release 15 is also expected to advance new and exciting use cases, such as using your mobile phone as a payment terminal, championing sustainability and optimizing NFC use across a variety of sectors, including automotive, transit and access control. There is also support for a new feature that has been designed to meet emerging sustainability regulations: NFC Digital Product Passport (NDPP)

What is NDPP and is it safe?

Aimed at manufacturers, NDPP is a framework to allow a single NFC tag embedded in a product to store and transmit both standard and extended Digital Product Passport (DPP) data using NFC. That data includes information such as a product’s composition, origin, environmental, lifestyle, and recycling details. Most hardware manufacturers will need to begin capturing this kind of information under an incoming EU law known as the Ecodesign for Sustainable Products Regulation (ESPR). The information is meant to be made available to customers, business users and recyclers and designed to boost transparency and sustainability. It will be interesting, for example, to use DPP inside future iPhones to determine where the device and its components originate – and it might be fun to explore refurbished devices to see whether components installed to return them to use have been used in different devices previously. 

That said, this kind of unique device information does sound like the kind of data that could be abused for device fingerprinting and user tracking; is there a risk of this?

Age of consent

I contacted Mike McCamon, the organization’s executive director, for more background on NDPP. I was particularly curious about the NDPP specification — could it be abused for digital device fingerprinting? That’s unlikely, said McCarmon, in part because of the nature of NFC design, which has been developed from day one to require active consent from the user.

“Security and privacy are foundational aspects of our work at the NFC Forum,” he said. “The NFC Digital Product Passport (NDPP) Specification can be thought more of a container of content than being fully descriptive of what content is included.” The support should extend use of NFC in different ways, such as in supply chain management, inventory control, or effective recycling strategies, all of which may benefit from the kind of information NDPP provides.

“And of course, even with our new extended range…, NFC Forum-capable products must be in the closest of proximity to be read. This is in addition to most NFC functionality today on mobile devices and wearables, which is only accessible following a direct user action – like a double-tap for instance. For these and the reasons above, we believe NFC Forum standards will provide the most capable, intuitive, and secure data carrier of DPP data for the market.”

For the rest of us

Millions of people use NFC every day for payments, car and hotel rooms, or even travel. That means the new NFC standard will deliver measurable benefits to consumers because it should work better than it does now. And for enterprises, the extended support for Multi-Purpose Taps should make for a variety of product and service development possibilities, particularly as Apple opens up access to NFC on its devices.

The NFC Release 15 is currently available to high-level NFC Forum member companies, including Apple, Google, Sony, and Huawei, who can now implement the improvements in their own products in advance of a public release as new iPhones appear in fall.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

In a move that could redefine the boundaries between generative AI (genAI) and intellectual property, Disney and Universal have joined forces to file a lawsuit against Midjourney, one of the world’s most popular AI image generators. 

You may think you’ve heard this story before — The New York Times‘ 2023 lawsuit against OpenAI and Microsoft and News Corp. vs. Perplexity — but this case is different. For one thing, this is the first time major Hollywood studios with far more cash to prosecute the case have directly targeted a genAI company for copyright infringement. For another, Disney and Universal are both big AI users.

Disney and Universal allege that Midjourney’s platform is a “bottomless pit of plagiarism.” With Midjourney, all a subscriber need do to create unauthorized images of iconic characters such as Darth Vader, Elsa, the Minions, Shrek, and many others is to type in a prompt.

Original ‘Iron Man’ image is on the left; genAI-created image is on the right. 

Disney/Universal lawsuit

Original image is on the left; genAI image is on the right. 

Disney/Univeral lawsuit

There’s no question anyone can do it. If you don’t feel like trying it yourself, just look at some of the images in the Disney/Universal lawsuit complaint (shown above).

Can you tell which ones are the original from Avengers: Infinity War and which were generated by Midjourney? I can’t, and I have a good eye for this kind of thing. GenAI image creation has come a long way since all you had to do was count the number of fingers. (The originals are on the left.)

This didn’t require some kind of fancy prompt. As researchers have found, all you had to do to generate them was name the character and use the keyword “screencap,” and you quickly received your fake image. Or you could simply ask for “master super villain” or “armored superhero.” 

“This is not a ‘close call’ under well-settled copyright law,” the lawsuit claims. 

Correct. It’s not close at all.

In the company’s defense — if you can call it that — Midjourney CEO David Holz is on record as saying his AI has been trained on  “just a big scrape of the Internet.” What about copyrights on these images? 

“There isn’t really a way to get a hundred million images and know where they’re coming from. It would be cool if images had metadata embedded in them about the copyright owner or something. But that’s not a thing; there’s not a registry. There’s no way to find a picture on the Internet, and then automatically trace it to an owner and then have any way of doing anything to authenticate it.”

I think when it comes to Disney, it’s pretty darn obvious who owns the images. I mean, this is Disney, the big bad wolf of copyright. After Walt Disney lost the copyright to his earlier character, Oswald the Lucky Rabbit, he made darn sure that, starting with Mickey Mouse in 1928, he’d lock down its intellectual property for as close to forever as he could.

Indeed, over the decades, Disney has been behind laws to increase copyright coverage from a maximum of 56 years in 1928 to 75 years with the Copyright Act of 1976, and then 95 years with the Sonny Bono Copyright Term Extension Act (CTEA) of 1998, better known as the “Mickey Mouse Protection Act.” 

Disney has also never been shy about suing anyone who’d dare come close to their copyrighted images.  For example, in 1989, Disney threatened legal action against three daycare centers in Hallandale, FL., for painting murals of Disney characters such as Mickey Mouse, Donald Duck, and Goofy on their walls. 

Why? Because it’s all about the Benjamins. 

Disney, and to a lesser extent Universal, live and die from monetizing their intellectual property (IP). Mind you, much of that IP is generated from the public domain. As the Center for the Study of the Public Domain noted: “The public domain is Disney’s bread and butter. Frozen was inspired by Hans Christian Andersen’s The Snow Queen. … Alice in Wonderland, Snow White, The Hunchback of Notre Dame, Sleeping Beauty, Cinderella, The Little Mermaid, and Pinocchio came from stories by Lewis Carroll, The Brothers Grimm, Victor Hugo, Charles Perrault, Hans Christian Anderson, and Carlo Collodi.”

What Disney did with the public domain, MidJourney, and the rest of the AI companies want to do with pretty much everything on the Internet. OpenAI CEO Sam Altman, for instance,  has consistently argued that training genAI on copyrighted data should be considered “fair use.” He’s not alone.

On the other side of the fence, Disney and Universal’s lawsuit is not just about damages, which the pair puts at $150,000 per infringed work, but about setting a precedent. They want to stop Midjourney’s image and soon-to-be-launched video generation services in their tracks.

At the same time, the film studios freely admit they’re already using genAI themselves. Disney CEO Bob Iger has said the technology is already making Disney’s operations more efficient and enhancing creativity. “AI might indeed be the most potent technology our company has ever encountered, particularly in its capacity to enhance and allow consumers to access, experience, and appreciate our entertainment.” He also, of course, stressed that, “Given the speed that it is developing, we’re taking precautions to make sure of three things: One, that our IP is being protected. That’s incredibly important.”

This lawsuit is more than a Hollywood squabble; it’s a watershed moment in the ongoing debate over genAI, copyright, and the future of creative work. Previous cases have challenged the boundaries of fair use and data scraping, but none have involved the entertainment industry’s biggest players.

It might seem like a slam dunk for the Hollywood powerhouses. The images speak for themselves. But, if there’s one thing I’ve learned in covering IP cases, it’s that you never know what a court will decide.

Besides, there’s a real wild card. Donald Trump’s AI Action Plan is still a work in progress. The AI companies are arguing that it should give them permission to use pretty much anything as grist for their large language models (LLMs), while the media companies want all the copyright protection they can get. 

Which way will Trump’s officials jump? We don’t know. But I have a bad feeling about where they’ll go.

You see, what we do know is that after the Copyright Office released a pre-publication version of its 108-page copyright and AI report, which strived to strike a middle ground  “by supporting both of these world-class industries that contribute so much to our economic and cultural advancement.” However, it added that while some generative AI probably constitutes a “transformative” use, the mass scraping of all data did not qualify as fair use.

The result? The Trump administration, while not commenting on the report, fired Shira Perlmutter, the head of the Copyright Office, the next day. She’s been replaced by an attorney with no IP experience. 

Oh, also, hidden away in Trump’s “One Big Beautiful Bill” is a statement that imposes a 10-year ban on the enforcement of any state or local laws or regulations that “limit, restrict, or otherwise regulate” AI  models, AI systems, or automated decision systems. If that becomes law, whatever is in Trump’s AI Action Plan is what we’ll have to live with for the next few years.

As an author, I can’t tell you how unhappy that prospect makes me. I expect Trump to side with the AI companies, which means I can look forward to competing with my own repurposed work from here on out. 

Further reading:

• AI vs. copyright
• Court tosses hallucinated citation from Anthropic’s defense in copyright infringement case
• Eleuther AI releases 8TB collection of licensed and open training data
  

>

Microsoft (Nasdaq:MSFT) has announced the preview of a new service, Windows 365 Reserve, which aims to provide enterprises with backups for PCs that are lost, stolen, or simply fail.

It offers a temporary pre-configured Cloud PC, accessible through a browser, that, Microsoft said, “looks and feels like a physical PC, and is accessible from any device, anywhere.”

The Reserve Cloud PC is managed through Microsoft Intune, and includes corporate applications, settings, and security policies, as well as Microsoft 365 apps (assuming the organization subscribes to M365) and OneDrive data sync.

The free preview will begin “soon”, the announcement said, and will run for up to 12 weeks.

There are restrictions, however. Preview participants must have a Windows E3 license, an Intune license, and Microsoft Entra ID P1 (formerly Azure Active Directory Premium Plan 1, or AADP1). Sovereign cloud customers are not supported, and participants must perform a few chores, including completing what the sign-up form calls “a set of admin and end user validation scenarios,” and then provide feedback on the experience.

Andrew Sharp, research director at Info-Tech Research Group, is impressed with the concept.

“In preview, the service claims it will allow an administrator to pre-stage a cloud PC, already loaded with the company’s policies, apps and security controls, so it can be handed to a stranded user in minutes,” he said. “Imagine your laptop dies at a client site. Helpdesk fires off a link, you open it in a browser or the Windows app, and you’re back at a familiar, compliant desktop before your coffee gets cold. At least that’s what they’re promising.” 

He likes the idea that Intune manages the virtual devices, so there’s no new control plane to learn, and he also sees potential for other use cases besides providing backups for PCs.

“Reserve could also be a low-friction way to dabble with virtual desktops with minimal commitment,” he noted. However, he does have reservations. “Microsoft’s value proposition is clear: quicker, safer recovery for lost, stolen, or broken devices,” he said. “At the end of the day, IT will still need an operational playbook. How does a user reach support when the primary device fails? Is a physical replacement shipped, or is Reserve the stopgap? Which applications and policies belong in the Reserve image? IT teams will need to sort out those workflows to make Windows 365 Reserve a practical resilience tool and not just another SKU.”

More Microsoft news and insights:

• Microsoft to cut thousands more jobs, mainly in sales
• Global Microsoft 365 outage disrupts Teams and Exchange services
• Microsoft is finally fixing app updates on Windows
• Microsoft adds enterprise search and ‘digital labor’ tools to M365 Copilot
• First-ever zero-click attack targets Microsoft 365 Copilot
  

>

>

Scale AI has been attempting to quell fears about its company sovereignty and data security after its ‘acqui-hiring’ by Meta, but customers appear to be defecting anyhow, and competitors are being rewarded with a slice of the limelight.

Meta is investing $14.3 billion in the data labeling and model evaluation startup, which gives the social media giant a 49% stake in the company, and is bringing Scale’s founder and former CEO Alexandr Wang onboard to work on AI “superintelligence.”

Within days of the news of the deal, OpenAI said it would be phasing out its work with Scale, although not explicitly because of the Meta deal. For the last several months, the AI leader has been backing away from the relationship and opting for competitors like Mercor, reportedly because Scale doesn’t have the expertise it needs for its increasingly advanced models.

Others are also purportedly hitting the brakes on their relations with Scale, including xAI and Google, the latter over concerns that Meta could access information about its AI developments.

Scale’s interim CEO Jason Droege has pushed back, emphasizing in a blog post that the company will remain “unequivocally an independent company” and will not provide Meta with access to its internal systems.

Despite this assurance, an analyst understands industry concerns.

“Meta’s move signals a trend toward vertical integration and supplier lock: Owning the data annotation pipeline to secure control over the quality, provenance, and scalability of training data,” said Thomas Randall, AI lead at Info-Tech Research Group. “Moreover, OpenAI’s pullback shows how quickly partnerships in this space can shift based on alignment, data strategy, or concerns about competition.”

Rivals in the data labeling game

Data labeling is a critical step in AI development, as it involves tagging raw data to provide context for models so they can continue to learn and iterate.

The Meta-Scale deal underscores the importance of the capability, and, perhaps counterintuitively, has drawn much more attention to rival, potentially superior data labeling companies. This includes five-year-old startup Surge, which reportedly had more than $1 billion in revenues last year. Others in the growing space include Turing, Snorkel, Invisible, Toloka, CloudFactory, and Label Your Data.

However, Droege asserted that Scale is “one of the only providers capable of serving customers at volume” with the “largest network of experts training AI.” Going forward, the company will focus on building out its applications business units and will continue to be model-agnostic and human-driven, he said.

“The spike in competition from players like Surge, Turing, and Invisible gives enterprises more leverage, but also more responsibility,” said Info-Tech’s Randall. These vendors differ significantly when it comes to workforce models, automation levels, and quality controls, he noted. Enterprise leaders should evaluate providers not just on price or throughput, he advised, but on whether they offer robust annotation auditability, support for domain-specific edge cases, and alignment with ethical AI practices.

“The quality of labeled data is a leading indicator of model performance and a lagging indicator of strategic oversight,” said Randall. “The enterprises that succeed in AI won’t just be the ones with the best models, but the ones with the most intentional, resilient data ecosystems.”

Not just about selecting a labeling company

But the ultimate conversation around data labeling is a little more nuanced and complex, analysts note.

Hyoun Park, CEO and chief analyst with Amalgam Insights, pointed out that Scale has built its reputation on text and image labeling, and its ability to identify global talent. This is a “powerful fit” for Meta, as Facebook, Instagram, and its other applications and services have massive amounts of data that can be further tagged and indexed to support large language models (LLMs) and AI, based on Meta’s ownership of accounts and digital assets.

“Scale works well with social networks and other media-based websites with self-refreshing and original media creation that can be labeled and used to train models on an ongoing basis,” he noted.

For OpenAI, Google, Anthropic, and other LLM providers selling directly to businesses and large organizations, however, the competitive landscape is quickly shifting. It is no longer enough to simply take in and process general data; providers must be able to automate code and conduct higher-level tasks, said Park. When digging deeper into programming, healthcare, legal services, and other specialized fields, they need subject-matter expert data.

Enterprises must be able to contextualize their own internal data and jargon, and have the ability to trust their AI enough to allow it to take action, he said. This means that the AI needs to be trained well enough to understand the common sense ramifications of the requests it receives, and the data that it accesses.

“This training and contextualization ultimately requires specific expertise that is often coming from veteran employees and highly trained professionals, not just from outsourcing firms that can provide scale-up capabilities for specific areas of AI training,” said Park.

Randall agreed that enterprise leaders must treat their data labeling decisions as part of a broader AI governance and operational strategy, not just a technical outsourcing choice. He said his firm’s research on vendor management indicates that organizations should treat labeling vendors as they would treat cloud providers.

That is: “diversify, insist on explicit contractual firewalls around staff mobility and data reuse, and build contingency plans so an acquisition doesn’t strand your model pipeline or expose proprietary data,” he said.

More Scale AI news:

After AI setbacks, Meta turns to Scale AI and ‘superintelligence’ research

OpenAI has ended its long-standing partnership with Scale AI, the company that powered some of the most complex data-labeling tasks behind frontier models such as GPT-4.

The split, confirmed by an OpenAI spokesperson to Bloomberg, comes on the heels of Meta’s $14.3 billion investment for a 49% stake in Scale, a move that industry analysts warn could redraw battle lines in the AI arms race.

It also secured Scale founder Alexandr Wang to lead Meta’s AI division, accelerating what Deepika Giri, AVP for BDA & AI Research, IDC Asia/Pacific described as a profound challenge to data neutrality in foundational AI layers. “The world is shifting toward vendor-neutral ecosystems,” Giri cautioned, where data security and open platforms are paramount. But with hyperscalers now commanding the core pipelines, that neutrality faces unprecedented pressure.

The high stakes of AI data and talent wars

Meta’s $29 billion valuation of Scale highlights its two-front war for both data infrastructure and elite talent. While the investment aims to shore up Llama 4’s competitiveness, the social giant is also offering unprecedented “seven-to-nine-figure” packages to lure top employees, including OpenAI staff reportedly targeted with $100 million offers, as CEO Sam Altman disclosed on the Uncapped podcast. Yet not all are swayed. A Menlo Ventures VC posted on X that many still choose OpenAI or Anthropic.

The fallout from OpenAI’s exit and Meta’s investment is poised to disrupt the data-labeling industry, projected to reach $29.2 billion by 2032. Jason Droege, Interim CEO, Scale, in a blog post, maintained that its data governance remains independent, stating, “nothing has changed about our commitment to protecting customer data.”

Those reassurances may already be falling short. OpenAI, Bloomberg reported, had already been quietly scaling back its use of Scale’s services for months, citing a need for more specialized data.

OpenAI’s exit redraws the AI data landscape

Scale, which began as a data-labeling pioneer built on a global contractor base in countries like India and Venezuela, reported $870 million in revenue for 2024. But with major clients like Google, which spent $150 million last year, its future is uncertain.

The CEO of Handshake, a Scale competitor, told Time that demand for his company’s services “tripled overnight” in the wake of the Meta deal. The exodus reflects a fear among Meta’s rivals that proprietary data and research roadmaps could leak to a competitor through Scale’s services.

This realignment also exposed blind spots in enterprise AI contracts. Most lack robust “change-of-control” clauses or vendor conflict safeguards, leaving companies exposed when partners align with rivals. As Ipsita Chakrabarty, an analyst at QKS Group, noted, many contracts still rely on static accuracy metrics that crumble against real-world data drift. The result, she warned, is that companies may end up “outsourcing intelligence but retaining liability for failures.”

Yet Scale’s value remains in its elite trainer network (historians, scientists, PhDs) handling specialized tasks costing reportedly “tens to hundreds of dollars” per unit. While Meta’s non-voting stake avoided automatic antitrust review, regulators may still investigate the blurred line between influence and control. For now, the full implications will take months to unfold, as regulatory reviews, vendor transitions, and internal audits continue to reshape the AI data supply chain.

The new realities of AI development

As companies such as Google rush to build in-house data labeling capabilities, the industry faces a choice to repeat the mistakes of the cloud consolidation era of 2010-2015 or take a more open route.

“The AI race is causing vendor fragmentation in the short term, but I expect consolidation in the long term,” said Anushree Verma, senior director analyst at Gartner. “Vendors will struggle to scale their implementations if they continue with a fragmented approach. As a result, the need for interoperable ecosystems—supported by hybrid cloud collaboration and integration—will drive consolidation in this space.”

This resonates with IDC’s suggestion for “vendor-neutral ecosystems where data security, regulatory compliance, and open platforms take center stage,” a philosophy now clashing with the industry’s walled-garden reality.

For CIOs, this moment demands more than procurement checklists. Successful AI adoption requires baking in “change management, decision traceability, and human-AI interaction design” from day one, QKS’ Chakrabarty.

The challenge now goes beyond compliance. It requires stress-testing AI ecosystems with the same urgency as applied to cloud and chip vulnerabilities. “The best approach,” according to IDC’s Giri, “is to evaluate capabilities independently and avoid deep integration across the stack, because a monolithic system may lack the flexibility to keep up with tomorrow’s needs.”

More OpenAI news:

• OpenAI’s new models can ‘think with pictures’
• OpenAI-Microsoft tensions escalate over control and contracts
• New tools from OpenAI help companies create their own AI agents
  

>

Microsoft is set to cut thousands of jobs, mainly in sales, amid growing fears that AI advances are accelerating the replacement of human roles across the industry, Bloomberg reports.

The cuts follow a previous round in May, which saw approximately 6,000 roles eliminated.

Microsoft has been ramping up its AI investments to strengthen its position as enterprises across industries rush to integrate the technology into their operations.

Earlier this year, the company announced plans to spend around $80 billion in fiscal 2025, largely on building data centers to support AI training and cloud-based applications.

Adding to industry unease, Amazon CEO Andy Jassy said this week that generative AI and AI agents are expected to shrink the company’s corporate workforce over time.

AI or other factors?

AI is being used as an excuse for layoffs this year, but there may be more to it than what meets the eye.  

“One, we are still rebalancing employee counts from the over-hiring of the past decade,” said Hyoun Park, CEO and chief analyst of Amalgam Insights. “Tech companies were hiring with the assumption that they would grow at ridiculous rates that have not come to pass. Also, some tech companies think they can simply get rid of salespeople, especially in cash-cow industries where renewals seem to come in with little to no effort. Whether that is actually true or not, we are about to find out.”

The job cuts may also signal concerns about the near-term revenue potential of AI, Park said. While Microsoft is under pressure to invest heavily in AI to sustain its stock valuation, it may be turning to short-term operating expense reductions to support its financial performance.

“The planned $80 billion investment in AI infrastructure is especially interesting because those numbers assume a massive number of people will adopt Microsoft-related AI products,” Park said. “Are 50 million+ people willing to pay an additional amount on Microsoft products to support AI? That is a massive bet that has been completely unjustified by the current AI market today.”

Others point out that the company is betting on a long-term inflection in enterprise workload patterns driven by GenAI, but current adoption patterns remain volatile.

“Reports of Microsoft pausing or renegotiating data center leases reflect a prudent but necessary response to these uncertainties,” said Sanchit Vir Gogia, chief analyst and CEO at Greyhound Research. “If workloads fail to scale or regulatory barriers increase, Microsoft, and by extension, other hyperscalers, could face underutilized infrastructure, prompting pricing recalibrations or service tier stratification.”

Changing sales environment

The focus on sales roles in the planned cuts is notable, with analysts saying it reflects a broader shift in how enterprise sales functions are evolving.

“The rise of AI copilots, telemetry-rich self-service portals, and data-driven journey mapping is reducing the need for large in-region sales teams,” Gogia said. “Microsoft’s realignment is part of a broader pattern also visible in Amazon, Google, and Salesforce.” However, while AI can personalize interactions at scale, it lacks the relational depth required in strategic deal-making, compliance negotiation, and multi-stakeholder orchestration, Gogia added.

More Microsoft news and insights:

• Global Microsoft 365 outage disrupts Teams and Exchange services
• Microsoft is finally fixing app updates on Windows
• Microsoft urges Office users to upgrade to 365 — or face doom
• Microsoft announces Windows 365 Reserve: Backup cloud PCs for the enterprise
• Is Microsoft really axing Windows 10? Here’s what you need to know
  

>

>

The “black screen” phenomenon in Windows 10 and Windows 11 shows poignantly how nothing sometimes matters quite a lot. Seeing nothing except a black screen where the desktop and its applications normally appear is disconcerting for users, because they literally can’t see what the PC is — or isn’t — doing.

When experienced Windows users encounter a black screen, they know at least two things immediately. First, they know that something is wrong with their PC. And second, because nothing (or nothing much) is visible, they can surmise that the graphics subsystem is likely involved, based on the absence of information on display.

That’s a good start, but what users really want is to get their desktop back. In this story I’ll guide you through the different types of black screen in Windows 10 and 11, and the surest methods I’ve found to fix them.

[ Dealing with a Windows blue screen instead of a black screen? See “What to do when Windows won’t boot.” ]

Two kinds of black screen, one subtle difference

Windows cognoscenti recognize two different types of black screen for both Windows 10 and 11. The first is a black screen, plain and simple. This means the screen is completely dark with nothing at all showing. Zip, zero, nada.

If you see a completely black screen, it’s worth checking to see if the PC is actually powered on. Sometimes when Windows shuts down, it kills the power, too — in which case the fix could be as simple as powering and booting up the device. (Or not.)

The second type is what’s called a “black screen with cursor.” Just as it sounds, this means that the display is completely black, except that the mouse cursor is shown on that black background. Often, the cursor will track mouse movement even though it’s mousing over a completely black screen. The image at the top of the story shows this second kind of black screen.

In my personal experience, the black screen with cursor occurs far more frequently than a black screen by itself (no cursor). I’ve found that two causes are the most likely culprits when a black screen with cursor appears.

First is a failure of the graphics subsystem to interact with the display upon waking from sleep. Second is symptomatic of a problem with the graphics driver, the special software that interacts with the display on behalf of the graphics subsystem inside the OS to render pixels on the screen, itself.

The presence of a cursor that responds to mouse movement — as it often will — is actually a good sign. It indicates that the OS is still working (at least to some extent) behind the scenes. It also shows that the mouse driver can still track cursor position onscreen. This means that there’s a very good chance that the desktop can be restored to normal operation using a few well-known key combinations.

Two keyboard combos can (often) restore normal operations

Even if there’s no cursor present, it’s worth trying these key combinations as a first and second step. Both combos involve pressing multiple keys simultaneously. This usually means using one finger to depress the first key and holding it down, using a second finger to depress the second key and doing likewise, then more of the same for a third key, and so on.

Combo 1: Restart the graphics driver

This four-key combination tells Windows to stop, then restart any and all graphics drivers that happen to be running. Most Windows systems use only a single graphics driver, but those with multiple graphics cards (or perhaps a graphics card plus the CPU’s graphic chipset) and multiple displays may have multiple drivers running.

This keyboard combo reads: Windows key + Ctrl + Shift + B. I usually do the first three keys with my left hand, then press the B key with my right forefinger while the others remain depressed.

If you see immediate disk activity (from a disk activity indicator), that’s a good sign. Sometimes the screen will return to normal operation a few seconds later, showing that the driver has reloaded and is now running successfully. Sometimes, nothing else will happen after the disk activity light ceases flashing. That signals it’s time to try the second combo.

Combo 2: The three-fingered salute

This is a familiar key combo to longtime Windows (and even DOS) users. It reads: Ctrl + Alt + Delete.

It’s notorious to those who’ve been using Microsoft OSes for a long time (since the mid-’90s or earlier), because it used to forcibly reboot the OS when struck. Starting with Windows 95 (and Windows NT version 3.5), this key combination now invokes the secure sign-in screen shown in Figure 1 below.

srcset="https://b2b-contenthub.com/wp-content/uploads/2025/06/windows-black-screen-01-ctrl-alt-del.png?quality=50&strip=all 566w, https://b2b-contenthub.com/wp-content/uploads/2025/06/windows-black-screen-01-ctrl-alt-del.png?resize=300%2C292&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2025/06/windows-black-screen-01-ctrl-alt-del.png?resize=173%2C168&quality=50&strip=all 173w, https://b2b-contenthub.com/wp-content/uploads/2025/06/windows-black-screen-01-ctrl-alt-del.png?resize=86%2C84&quality=50&strip=all 86w, https://b2b-contenthub.com/wp-content/uploads/2025/06/windows-black-screen-01-ctrl-alt-del.png?resize=494%2C480&quality=50&strip=all 494w, https://b2b-contenthub.com/wp-content/uploads/2025/06/windows-black-screen-01-ctrl-alt-del.png?resize=370%2C360&quality=50&strip=all 370w, https://b2b-contenthub.com/wp-content/uploads/2025/06/windows-black-screen-01-ctrl-alt-del.png?resize=257%2C250&quality=50&strip=all 257w" width="566" height="550" sizes="(max-width: 566px) 100vw, 566px">

Figure 1: Ctrl-Alt-Del invokes the Windows secure sign-in screen on both Windows 10 and 11.

Ed Tittel / Foundry

Even when the preceding combo gets the graphics driver going, it sometimes still won’t light up the screen. And sometimes when that’s the case, this key sequence will repaint the screen to show you the secure log-in options.

What this screen capture doesn’t show is the power buttons at the lower right, with networking, ease of access, and power controls (shut down, restart, and so forth) from left to right. If this screen does appear, click Cancel, and your desktop may reappear in working order.

What if the screen stays black?

If the cursor is absent, these key combos often won’t help — and sometimes they don’t help even when the cursor is present. In such cases, there’s really only one thing to do next: forcibly power off the affected PC. For most devices, this means holding down the power button until the PC shuts down. On desktop PCs with a discrete power supply (aka PSU), you may have to power that PSU off, wait 30 seconds, then power it back on to get the same effect.

A minority of devices may have the power button action redefined so that the PC keeps running despite this action. In that case, it may be necessary to disconnect the PC from its power source. For laptops, this may also mean waiting until the battery runs completely down (or disconnecting the battery, on PCs that permit this).

For most PCs, a subsequent restart will return the device to normal operation — including a working graphics subsystem with no black screen. If the screen remains black despite all these efforts, additional troubleshooting is needed.

I will now briefly describe additional troubleshooting techniques that may or may not lead to a working system. The further you must go down this list of options, the more likely it is that a hardware failure of some kind is involved.

For desktops, this may mean you need to replace an external graphics card (or the CPU or motherboard if a built-in CPU graphics chipset is in use). For laptops, it may mean replacing the motherboard or making a trip to a repair depot, assuming that the problem device is still covered under some kind of service or repair contract.

The troubleshooting sequence for persistent black screens

1. Try a different display. Perhaps the graphics circuitry is indeed working. (This is possible if the disk activity light runs for a while after restart, but the screen remains black.) Plugging in an alternate display may work, in which case troubleshooting has just identified the display rather than the GPU or graphics chipset, and associated drivers, as the culprit.

2. Boot into Safe Mode for various checks. This requires access to bootable Windows 10 or 11 recovery media. (I describe how to build such media near the end of another Computerworld story: “How to repair Windows 10 or 11 in 4 steps.”) If the PC will boot to recovery media and the display works, congratulations! You’ve just established that something is wrong with the normal boot image for Windows on the affected PC.

You can try a boot repair utility (I like the “Fix Windows Boot Problems” tool on Macrium Reflect Free’s Rescue Media) or get some repair ideas from the afore-cited “How to repair…” article. If the PC retains its black screen, it’s pretty conclusive that something is wrong with the GPU or built-in graphics circuitry. Proceed to Step 3.

3. Try different graphics circuitry. Though this troubleshooting technique can also serve as a repair, it depends on a USB 3 external GPU to see if the internal GPU or graphics circuitry isn’t working. If you can plug such a USB device into the affected PC, and then graphics work when a display is hooked up to the device, you’ve just demonstrated where the problem lies. That problem must now be addressed. Proceed to step 4.

(Don’t have a USB 3 external GPU for testing/troubleshooting? See this Newegg search for some good potential USB 3-based candidates, many of which are available in the $60 to $100 range for HDMI, DisplayPort, and DVI displays.)

4. Replace the graphics hardware. It’s up to you (and prevailing service contract arrangements) whether this is a DIY exercise or if it involves turning the PC over to a repair shop or a designated, official repair outlet for an OEM or maker. But some way, somehow the graphics hardware must be replaced. For some laptops, especially older ones, this may mean that outright device replacement, rather than repair, is the best option.

Nobody wants to see a black screen on Windows

If you (or one of your users) does encounter this particular phenomenon, you should now have a pretty good idea of how to address it. In most cases, reloading the graphics driver or restarting the PC will do the trick. In other cases, there’s no choice except to work through the standard troubleshooting sequence as outlined above.

If you’re really, really lucky, a quick dive into the Windows Reliability Monitor can reveal the same kind of error details shown in Figure 2 below, which started appearing in Windows 10 with version 2004. Prior to that release, black-screen errors went mostly unacknowledged in Windows error reporting.

Figure 2: Note the black screen mention in the Bucket ID info at bottom of the error detail.

Ed Tittel / Foundry

This particular image comes from Windows 11 22H2 (as you can see from the beginning of the build number, 10.0.22621). The Bucket ID includes the string “CreateBlackScreenLiveDump” — that’s your indicator that the OS snagged a black screen error on your behalf.

This story was originally published in November 2020 and updated in June 2025.

After reports suggested Meta has tried to poach employees from OpenAI and Google Deepmind by offering huge compensation packages, OpenAI CEO Sam Altman weighed in, saying those reports are true. He confirmed them during a podcast with his brother Jack Altman.

“There have been huge offers to a lot of our team,” said Sam Altman, “like $100 million in sign-on bonuses, more than that in annual compensation.”

According to Altman, the recruitment attempts have largely failed. “I’m really glad that, at least so far, none of our best people have chosen to take it.

Sam Altman says he thinks it’s because employees have decided that OpenAI has a better chance of achieving artificial general intelligence, AGI, than Meta. It could also be because they believe that OpenAI could one day be a higher-valued company than Meta.

More OpenAI news:

• OpenAI’s new models can ‘think with pictures’
• OpenAI-Microsoft tensions escalate over control and contracts
• OpenAI’s Skynet moment: Models defy human commands, actively resist orders to shut down
  

>

Every Mac, iPhone, or iPad user should do everything they can to protect themselves against social engineering-based phishing attacks, a new report from Jamf warns. In a time of deep international tension, the digital threat environment reflects the zeitgeist, with hackers and attackers seeking out security weaknesses on a scale that continues to grow. 

Based on extensive research, the latest edition of Jamf’s annual Security 360 report looks at security trends on Apple’s mobile devices and on Macs. It notes that we’ve seen more than 500 CVE security warnings on macOS 15 since its launch, and more than 10 million phishing attacks in the last year. The report should be on the reading list of anyone concerned with managing Apple’s products at scale (or even at home).

Security begins at home

With phishing and social engineering, protecting personal devices is as important as protecting your business machines. According to Jamf, more than 90% of cyberattacks originate from social engineering attacks, many of which begin by targeting people where they live. Not only that, but up to 2% of all the 10 million phishing attacks the company identified are also classified as zero-day attacks — which means attacks are becoming dangerously sophisticated. 

This has become such a pervasive problem that Apple in 2024 actually published a support document explaining what you should look for to avoid social engineering attacks. Attackers are increasingly creative, pose as trusted entities, and will use a combination of personal information and AI to create convincing attacks. They recognize, after all, that it is not the attack you spot that gets you, it’s the one you miss.

Within this environment, it is important to note that 25% of organizations have been affected by a social engineering attack — even as 55% of mobile devices used at work run a vulnerable operating system and 32% of organizations still have at least one device with critical vulnerabilities in use across their stack. (The latter is a slight improvement on last year, but not much.)

The nature of what attackers want also seems to be changing. Jamf noticed that attempts to steal information are surging, accounting for 28% of all Mac malware, which suggests some degree of the surveillance taking place. These info-stealing attacks are replacing trojans as the biggest threat to Mac security. The environment is similar on iPhones and iPads, all of which are seeing a similar spike in exploit attempts, zero-day attacks, and convincing social-engineering-driven moves to weaponize digital trust.

The bottom line? While Apple’s platforms are secure by design, the applications you run or the people you interact with remain the biggest security weaknesses the platform has. Security on any platform is only as strong as the weakest link in the chain, even while attack attempts increase and become more convincing and complex. 

Defense is the best form of defense

Arnold Schwarzenegger allegedly believes that one should not complain about a situation unless you are prepared to try to do something to make it better. “If you see a problem and you don’t come to the table with apotential solution, I don’t want to hear your whining about how bad it is,” he says.

With that in mind, what can you as a reader do today to help address the growing scourge of Apple-focused malware? Here are some suggestions from Jamf:

• Update devices to the latest software.
• Protect devices with a passcode.
• Use two-factor authentication and strong passwords to protect Apple accounts.
• Install apps only from the App Store.
• Use strong and unique passwords online.
• Don’t click on links or attachments from unknown senders.

And, of course, don’t use older, unprotected operating systems or devices — certainly not when handling critical or confidential data.

Layer up, winter is coming

Organizations can build on these personal protections, of course. Apple devices need Apple-specific security solutions, including endpoint management solutions; enterprises should adopt device management; and they should prepare for the inevitable attacks by fostering a positive, blame-free culture for incident reporting and by eliminating inter-departmental siloes. Investment in staff training is important, too. 

It is also important to understand that in a hybrid, multi-platform, ultra mobile world there is no such thing as strict perimeter security anymore. That’s why it is essential to secure endpoints and implement zero-trust. It’s also why it is important to adopt a new posture toward security — there is no single form of effective security protection. At best, your business security relies on layers of protection that together form an effective and flexible security defense.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

The ongoing protests in Los Angeles have pushed a national issue further into the spotlight: recent actions by the US Immigration and Customs Enforcement agency (ICE), including the detention of immigrants and, in some cases, the revocation of visas.

Naturally, immigration is a hot-button topic. But for companies with diverse workforces — particularly those employing foreign-born workers on H-1B visas — the priority is not to take a political stand, but to provide appropriate counsel and protection for affected employees.

Rajeev Madhavan, cofounder and general partner at Clear Ventures in Silicon Valley, notes that while these issues have not yet directly impacted the computer science and AI sectors where he invests, work visa approvals are taking longer than usual.

“The H-1B visa is a very impractical — or at the very least, unpredictable — process. As a result, when you hire someone on an H-1B visa, it may take much longer than you realize to get it,” he says.

This poses a challenge for the US startup and technology ecosystem, Madhavan says, pointing out that many tech founders are immigrants.

“They went to do some good work at places like Google, Meta, or any of these companies, and spend three, four years getting experience — getting their green card in the process — and then they turn to becoming an entrepreneur on some idea that they originate,” Madhavan says.

Of the 42 US-based companies appearing on Forbes’ 2025 list of the top 50 startups developing promising AI applications, for example, 60% were founded by people born outside the United States, according to the Institute for Progress. And new research from Stanford’s Venture Capital Initiative found that 44% of America’s billion-dollar startups were founded by immigrant entrepreneurs.

Because of the uncertainty around immigrants’ place in the US workforce under the Trump administration, Madhavan is seeing more talent either working remotely or launching ventures in other markets, such as Canada, China, and India. He’s concerned about the long-term implications of this shift.

“You will certainly have a lot more stringent rules that will be enforced, which is actually very sad — our leadership and technical background may get eroded in that process,” he says.

What Madhavan sees potentially happening on a national scale can also unfold within individual companies. We spoke with business leaders and legal experts about how to best support foreign-born talent, sustain a strong culture during turbulent times, and reinforce an employer brand that genuinely welcomes diversity.

Three rules: compliance, compliance, and compliance

Jean-Noël BenHamou, a licensed US and Canadian attorney and executive managing partner of BHLG, which specializes in global immigration law, explains that much of the online fear surrounding visa revocation and deportation stems from misinformation.

“The US immigration system is far from being perfect, but it is nevertheless based on the rule of law. And it does not just revoke visas without serious cause,” he says.

Because of this legal foundation, BenHamou believes maintaining immigration status is straightforward — if approached with diligence.

“When it comes to immigration, we have the same three rules: Compliance, compliance, and compliance. This is the name of the game,” he says.

Compliance can be a heavy burden for individual employees. “It’s hard to do your job and know foreign countries’ law at the same time,” says Thomas Sykstus, an attorney from Bond, Botes, Sykstus & Tanner.

To ease that burden, Sykstus recommends that companies offer proactive legal support, beginning with clear organization. For H-1B professionals, that means keeping thorough records — including approval letters, I-94 records, job offer letters, and pay stubs — readily accessible.

H-1B workers should be provided with copies of all such records, and companies should also be able to quickly produce these documents on behalf of their employees.

BenHamou stresses the importance of promptly reporting any changes in work status.

“If your role changes — whether it’s a promotion, whether it is a shift in responsibilities, whether it is a change in location, whether it’s a change from full-time to part-time — these changes must be reported,” he says.

While this might seem like a routine task, he notes, many workers fail to recognize the significance of such changes.

“If it is a material change, it needs to be reported. And if it is not clear whether or not it would be considered a material change, then in an abundance of caution, just disclose it,” he advises.

Another common misstep is violating visa terms through actions that may seem harmless. Moonlighting, for example, is common in the tech industry but is off-limits for H-1B holders.

“It technically is a violation of your visa conditions: You’re hired by the petitioning employer for that specific role, for that specific location. Anything outside of that, they haven’t sponsored you. That’s where the issue is,” says Sykstus.

While H-1B professionals should strive to stay in good standing with the law, BenHamou reassures them that not every minor infraction poses a risk to their visa.

“A regular parking violation is not going to get you in trouble. I think that any crime that would involve moral turpitude would definitely put you in big problems: for instance, DUI or reckless driving, causing death or severe injuries. These are the types of crimes that you want to stay away from, period,” says BenHamou.

ICE at the door

Despite following best practices, H-1B holders may still face visits from immigration authorities. BenHamou warns that site inspections by ICE or US Citizenship and Immigration Services (USCIS) may become more common.

“So employees should always have access to their original visa documents. Bring your passport to work. Bring your approval notice. Be prepared for any type of encounter,” he says.

Under intense pressure from the White House, ICE is significantly ramping up efforts to find and deport undocumented immigrants. That makes it more likely for people who are in the country legally to be mistakenly targeted, according to former ICE director Sarah Saldaña.

“You’re going to have [ICE agents] who are being pushed to the limit, who in a rush may not get things right, including information on a person’s status,” she told the New York Times.

Sykstus notes that while ICE visits are more common in blue-collar industries such as construction, they are still possible in tech settings.

In such encounters, he emphasizes, H-1B professionals should protect their rights. “Don’t speak with them. Don’t sign anything. Call an attorney first. Talk your options out,” he says.

Companies that employ H-1B workers should also be prepared, with HR and legal teams ready to quickly step in with documentation and legal counsel.

Employer responsibility beyond compliance

While legal compliance is critical, BenHamou emphasizes that immigration support shouldn’t stop at the letter of the law. For companies, the responsibility goes deeper. “It’s cultural, it’s ethical, and it’s strategic,” he says.

After an employee has fulfilled their I-9 requirements and completed onboarding, BenHamou believes their immigration status should be kept strictly confidential — limited to HR, senior leadership, and possibly their direct manager. He sees this discretion as a standard that should be embedded in the company’s culture.

He also stresses the importance of transparency with potential hires around what it takes to achieve permanent residency in the US. “Those individuals are putting their life on hold for 5 to 10 years before seeing the end of the tunnel,” he says, referring to current USCIS processing times for green cards.

Providing this clarity early on helps foster a healthier team dynamic.

“As an employer, by being transparent and open about what it takes to get there from the first minute you join the company, you’re facilitating their integration with their team and vice versa. You’re bringing cohesion within the team,” he says. 

Sykstus agrees that transparency is key. He recommends holding company-wide information sessions to explain how work visas like the H-1B function — not just under current law, but in anticipation of future policy changes.

“If you know something’s coming down the pipe, sitting on the president’s desk, who is likely going to sign it, and it will affect your [employee’s] immigration status, it’s probably important to get ahead of the ball there,” he says.

In light of recent instances in which visa holders who had traveled abroad were denied re-entry to the US, at least two major tech firms in Silicon Valley have advised H-1B holders to limit international travel, Sykstus says.

“Sudden policy changes and heightened border security could bar re-entry. So if you leave, you might have trouble coming back, [even] if you’ve already been here and have had no problems whatsoever,” he says.

This climate of uncertainty can understandably cause anxiety, not just for foreign workers, but also for teammates who rely on them and have formed friendships with them. Sykstus encourages companies to provide access to employee assistance programs or counseling services — whether in-house or through third-party providers — that include support for immigration-related stress.

Angelina Gennis, a principal analyst at Forrester, adds that companies must also be prepared for situations where, despite best efforts, an employee has to leave the US due to circumstances beyond the company’s control.

“However, what we can control is ensuring that our people are okay, even if they need to leave us — so what sort of resources we can offer legally if they do have to leave us to make sure that they get home safely,” she says.

Supporting diversity in turbulent times

Building a culture that supports global talent requires more than behind-the-scenes policy work — it must also be reflected in the company’s outward messaging. And that messaging must align with employees’ lived experiences, says Shahar Silbershatz, CEO of Caliber, a brand reputation analytics company.

“If international hires feel uncertain, unsupported, or in the dark about immigration processes, that story travels quickly and can undermine even the most well-intentioned DEI messaging,” he says.

According to Silbershatz, the solution lies in proactive and empathetic communication with employees. “That means explaining policy shifts in plain language, providing real support to impacted employees, and making your long-term commitment to diverse talent visible,” he says.

Gennis believes businesses should first zoom out and anchor the conversation in their brand values. “That way, the company is being consistent in the messaging,” she says.

Gennis also emphasizes the importance of equipping managers to lead these conversations with care. She advises training managers to engage employees thoughtfully, using intentional language, checking in personally, and ensuring team members understand both the process and where to seek support.

This alignment between managers and the company’s employer brand is especially critical for organizations recruiting globally for highly specialized roles, such as in artificial intelligence. Just like these workers’ skills, the employer messaging must be targeted and intentional.

Employers should be aware that internal communications around immigration policy may be leaked publicly, Silbershatz cautions. Leaders should “approach how they communicate any new policies with clarity and conviction, keeping employee well-being central to any messaging,” he says.

That emphasis on clarity and care feeds into a broader organizational responsibility — one that BenHamou believes must be embedded in the company’s culture and long-term vision.

“The goal is to build a workplace that does not just hire global talent — it’s to build a workplace that protects it, supports it, and thrives because of it,” he says.

Chinese AI startup MiniMax has thrown down the gauntlet to established AI giants, releasing what it boldly claims is the world’s first open-source, large-scale hybrid-attention reasoning model that could fundamentally change the economics of advanced AI development.

MiniMax defines “hybrid-attention” as a combination of its Lightning Attention mechanism and Mixture-of-Experts architecture, which activates only the relevant parts of the model for each task.

The Shanghai-based company said its new MiniMax-M1 model delivers a knockout punch to computational inefficiency, requiring just 30% of the computing power needed by rival DeepSeek’s R1 model when performing deep reasoning tasks — a breakthrough that could democratize access to sophisticated AI capabilities.

“In complex, productivity-oriented scenarios, M1’s capabilities are top-tier among open-source models, surpassing domestic closed-source models and approaching the leading overseas models, all while offering the industry’s best cost-effectiveness,” the company said, announcing the hybrid-attention reasoning model.

A David vs. Goliath moment in AI

What makes MiniMax-M1 particularly intriguing isn’t just its performance — it’s how the company achieved it. While tech titans have been throwing hundreds of millions of dollars at AI development, MiniMax managed to train its model for a mere $534,700.

To put that in perspective, DeepSeek spent $5-$6 million on its R1 model, while OpenAI’s GPT-4 reportedly cost over $100 million to develop.

“The entire reinforcement learning phase used only 512 H800s for three weeks, with a rental cost of just $534,700,” the company explained. “This is an order of magnitude less than initially anticipated.”

However, industry analysts urge caution. “MiniMax’s debut reasoning model, M1, has generated justified excitement with its claim of reducing computational demands by up to 70% compared to peers like DeepSeek-R1,” said Sanchit Vir Gogia, chief analyst and CEO at Greyhound Research. “However, amid growing scrutiny of AI benchmarking practices, enterprises must independently replicate such claims across practical workloads.”

Extended context capabilities

M1’s most impressive feature might be its ability to handle massive amounts of information simultaneously. With a context window supporting one million input tokens and up to 80,000 output tokens, the model can essentially read and understand multiple novel tasks at once while maintaining coherence across the entire conversation.

“A significant advantage of M1 is its support for an industry-leading 1 million token context window, matching the closed-source Google Gemini 2.5 Pro,” MiniMax noted in the post. “This is 8 times that of DeepSeek R1 and includes an industry-leading 80,000 token reasoning output.”

For context, OpenAI’s GPT-4o can handle only 128,000 tokens — enough for about one novel task. M1’s expanded capacity opens doors for applications that were previously impractical, from analyzing entire legal documents to debugging massive code repositories.

Real-world performance that matters

Beyond impressive technical specifications, M1 demonstrates strong real-world capabilities across multiple benchmarks. The model comes in two variants — M1-40k and M1-80k, referring to their “thinking budgets” — with the larger version consistently outperforming its smaller sibling across most tests.

In software engineering tasks, both versions scored 55.6% and 56.0%, respectively, on the challenging SWE-bench validation benchmark. While slightly trailing DeepSeek-R1-0528’s 57.6%, they significantly outpaced other open-weight models in this critical area of productivity.

“MiniMax-M1-80k consistently outperforms MiniMax-M1-40k across most benchmarks, which fully validates the effectiveness of extended computational resources during testing,” the company added.

Breaking down barriers to AI access

Perhaps most significantly, MiniMax is releasing M1 under a true Apache 2.0 open-source license — unlike Meta’s Llama models, which use restrictive community licenses, or DeepSeek’s partially open approach. This decision could accelerate innovation by giving researchers and developers unprecedented access to cutting-edge reasoning capabilities.

Gogia sees this as particularly significant for mid-market companies. “MiniMax’s M1 represents more than just architectural efficiency — it symbolizes the new accessibility of advanced reasoning AI for mid-market enterprises,” he noted. “With open-source licensing, reduced inference costs, and support for 1 M-token context windows, M1 aligns squarely with the evolving needs of midsize firms that seek capability parity with larger players but lack hyperscaler budgets.”

The company is backing up its open-source commitment with competitive pricing for those who prefer API access. Input processing costs just $0.4 per million tokens for contexts up to 200,000 tokens, rising to $1.3 per million tokens for the full 1-million-token capability.

“Due to its relatively efficient use of training and inference computing power, we are offering unlimited free use on the MiniMax APP and Web, and providing APIs on our official website at the industry’s lowest prices,” the company announced.

What this means for the industry

M1’s release comes at a pivotal moment in AI development, as the industry grapples with the massive computational costs of training and running advanced models.

The timing is particularly noteworthy, coming just weeks after fellow Chinese company DeepSeek shook the industry with its own cost-effective approach to AI development. This pattern suggests Chinese companies are finding innovative ways to compete with better-funded Western rivals through superior engineering rather than just throwing money at problems.

Yet challenges remain for Chinese AI models in Western markets. Despite technical achievements, Gogia notes that “Chinese LLMs remain under-adopted in North America and Western Europe” due to concerns around governance and regulatory compliance in industries with strict procurement frameworks.

A company on the rise

MiniMax isn’t exactly a household name yet, but it’s rapidly becoming one of China’s most-watched AI companies. Founded in 2021 by former SenseTime executives, the startup has raised $850 million from heavyweight investors including Alibaba, Tencent, and IDG Capital, achieving a $2.5 billion valuation.

This M1 announcement kicks off what MiniMax is calling “MiniMaxWeek,” with additional product releases planned for the coming days. For enterprise users and developers, M1 represents something potentially transformative: enterprise-grade AI reasoning capabilities without enterprise-grade infrastructure requirements. However, as Gogia cautioned, “The real test will lie in how quickly CIOs can extract operational savings at scale, without compromising accuracy or governance.”

There’s no denying it: When it comes to Windows and AI chatbots, ChatGPT leads the pack.

Microsoft invested more than $13 billion in OpenAI, after all. And while the company has pinned Copilot to the taskbar on Windows PCs and placed a Copilot key on new laptops, its Copilot system is still built atop the same large language model (LLM) technology at ChatGPT’s core. That means the system will always be similar to ChatGPT until Microsoft releases its own AI models.

But there’s finally a reason to use Copilot instead of ChatGPT on your PC. It’s a feature Microsoft announced a while ago and is finally making available natively within Windows: You can now share any app on your PC with the Copilot AI chatbot and then have a conversation about it. And Copilot can draw highlights on your screen while you chat.

It’s called Copilot Vision, it’s really interesting — but it has more limits than you might think.

Want more tips for your Windows PC? Sign up for my free Windows Intelligence newsletter. I’ll send you free in-depth Windows Field Guides as a special welcome bonus!

The ChatGPT-Copilot Windows matchup

Traditionally, Copilot has lagged behind ChatGPT in many ways. While OpenAI has confidently stuck with the same ChatGPT interface for a long time, Microsoft has repeatedly hemmed and hawed and changed its mind on what Copilot even should be.

For example, after turning Copilot into something more like the personal companion from Her, Microsoft recently got rid of that more companion-focused app and pivoted Copilot back to more of a standard chatbot interface — for now.

My biggest problem with Copilot, though, is the lack of a crisp model selection tool. ChatGPT lets you get into the weeds and select exactly which AI model you’re using. Microsoft’s Copilot has a simple dropdown box where you select “Quick Response,” “Think Deeper,” or “Deep Research.” If you select Quick Response, you’re not sure what model you’re using: Are you using GPT-4o, or did Copilot just route your query to a less expensive model to save money? There’s no predictability.

Copilot has other limits that aren’t surprising, considering Microsoft has spent the last few years repeatedly reinventing the wheel by constantly creating new Copilot apps. For example, the ChatGPT app lets you search your entire history to find conversations if you want to pull something up. It lets you organize conversations into folders. It gives you the ability to customize your experience. It feels more like a mature app — again, no surprise considering Microsoft has been repeatedly starting from scratch rather than improving a single app over time.

Microsoft’s secret weapon

Despite all those weak points, Copilot has one compelling advantage over ChatGPT — its integration with other Microsoft platforms and services. For example, if you use Microsoft 365 apps like Word and Excel (once called Office apps), you’ll need a $20 per month Copilot Pro subscription rather than a $20 per month ChatGPT Plus subscription. And organizations will need to get AI features for Microsoft 365 through Copilot.

But, while Microsoft quickly added deep Copilot integration to M365, the company lagged when it comes to adding integration to Windows. That’s now changed with Copilot Vision, which arrived first for browsing web pages in Microsoft Edge and officially became available on both Windows 11 and Windows 10 in the US this month. (It will likely launch in additional countries in the future.)

For the moment, the feature works only in real-time voice mode. If you want to have a conversation in text mode, you’ll need to provide screenshots of your screen to Copilot along with text prompts — just as you would with ChatGPT.

How to use Copilot Vision on Windows

To get started with Copilot Vision in its new Windows-native form, just launch the Copilot app from your taskbar or Start menu. (If you have a laptop with a Copilot key, you can just press that, too.)

At the bottom right corner of the Copilot app — at the right side of the text input box — you’ll see a glasses-shaped icon for “Share screen with Copilot.” Click that to get started.

You’ll then be prompted to choose the window you want to share. Copilot doesn’t get access to your PC’s entire display — just the specific app you choose. And it can’t actually control anything in that app: Copilot will be able to see what’s on your screen in that app, and it will be able to draw highlights to call your attention to things. But that’s it.

Copilot will show you a list of all your open windows, and you can share any one you want with the AI model — but just one window at once.

Chris Hoffman, Foundry

Once you’ve shared whatever app you want, you can have a conversation and ask questions about it. You might ask “How exactly do I accomplish this task in Photoshop?” or “What do you think of this hotel I’m about to reserve online? Are there better options?” and keep the conversation going for as long as you like.

While you’re sharing an app and having a voice conversation, you’ll see a floating box at the bottom of your screen. Click “Stop” to stop sharing.

A floating box will appear just above your taskbar icons while you’re sharing a window and having a voice conversation.

Chris Hoffman, Foundry

You can ask it to point out things on the screen, and it can highlight different areas to draw your attention to them. This is a simplistic feature at launch, as it can point out only one thing. Let’s say you need to find an option five menus deep: The system would highlight the individual icon or menu option visible on your screen, and that’s it. The highlights aren’t great for quickly guiding you through complex interfaces on the fly.

Copilot Vision can highlight things on your screen to draw your attention to them.

Chris Hoffman, Foundry

The Copilot Vision cons

Beyond that, Microsoft’s Copilot Vision AI experience has some of the same limits as any AI chatbot at the moment. It wants to validate you, the user. It may nod along, even if you get something wrong. For example, here’s a quick interaction I had:

“How do I draw something in Word?”

“To draw in Word, you’d go to the ‘Draw’ tab on the Ribbon…”

“Okay, so it’s under the Layout tab, right?”

“That’s correct!”

“Nope, it was under the Draw tab.”

“Mm-hm.”

This isn’t an attack on AI chatbots in general, the underlying GPT model from OpenAI, or Copilot itself. It’s just a limitation of the technology — at least at the moment. When interacting with Copilot, ChatGPT, or any other LLM, you need to stay on your toes and question what you’re hearing.

The real limitations with AI voice modes

While voice modes might feel more “futuristic” than text-based LLM interactions, text-based interactions are simply better and richer at the moment. First of all, this voice-based experience is just relying on text. Under the hood, the things you’re saying are getting converted to text, and the LLM is outputting text that is being spoken aloud by a different process. This is crucial to understand: The LLM cannot hear any emotional tone you have in your voice. Additionally, while the Copilot voice you hear may appear to have an emotional tone, that is being inserted by the text-to-speech process after the LLM outputs its text.

This results in a rather uncanny valley experience. The LLM can’t receive any of your vocal cues or tone. It will respond in a voice that appears to have an emotional tone, but the emotional tone isn’t provided by the LLM at all. And, again, it isn’t responsive to your emotional tone.

Beyond that, voice-based interactions are naturally quicker and more surface-level than text-based interactions, where deeper and more analytical responses are possible. So, for lots of tasks, a deeper text-based interaction might be much better than a quick voice-based interaction. If you think it’s not being “smart” enough, try dropping back to text mode and following the tips in my guide to the secret to using generative AI.

There’s no real-time sharing of your screen in text mode, though: You’ll need to take screenshots and provide them along with your text prompts. In Copilot, you can click the “+” button at the right side of the message box and select “Take Screenshot” to quickly add a screenshot. That’s one way to get something like “Vision” along with a text conversation.

Then again, you could always provide screenshots to ChatGPT, too. Now, though, at least, Microsoft has some reason to hope you might be inspired to stick with Copilot instead and think of it as your go-to Windows companion.

Looking for more thoughtful Windows analysis and useful PC tips? Sign up for my free Windows Intelligence newsletter today. I’ll send you three new things to try each Friday.

Right now, Gemini’s getting a bit of a bad rap — at least, among certain circles of savvy users who are closely tuned into the technology.

It’s easy to see why: Google rushed Gemini out of the gates way before it was ready. It increasingly crippled the perfectly fine Google Assistant experience in the meantime, and still today, Gemini can’t do everything Assistant did in terms of day-to-day device basics (while Assistant no longer handles those same tasks consistently anymore, either).

Gemini’s also overly complicated and confusing, with its many models and cryptically coded options. It’s being shoved in our faces at every possible opportunity in a move reminiscent of a certain other much-maligned Google service. And, most troubling of all, it’s being positioned as an all-purpose answer machine when it gets answers wildly wrong anywhere from 5 to 20% of the time.

Just like all the other generative AI chatbots of the moment, in other words, it’s a steaming hot mess — even if most of the the mainstream tech-tappin’ masses may not fully realize it yet.

But the problem with Gemini (and other similar systems) is less the technology itself and more the way the tech industry for some reason insists on framing it. These large-language model mechanisms just aren’t good at understanding context or offering factual answers. They shouldn’t be set up to serve as replacements for search. They get stuff wrong shockingly often, for cryin’ out loud, and they always will. It’s par for the course, and it’s just plain silly. (Seriously: The hits keep comin’ — and comin’, and comin’, and…well, you get the idea.)

They are, however, useful in other ways — namely when it comes to lower-level, more mundane sorts of tasks where context, judgment, and a lack of flat-out fabricating aren’t required.

Here, specifically, are 21 simple ways Gemini can actually be useful and worth using on Android — with minimal “AI” (in the current sense of the term), no “brainstorming” ballyhoo, and absolutely no error-filled info-seeking involved.

Note that Gemini is not available in all countries, due to differing regulations in different parts of the world. If you’re in a place where the service is supported and you don’t yet have it on your device, you can download the official Google Gemini app and open it up to get started — then either long-press your device’s power button or say Hey Google to summon it from there, depending on the specifics of your setup.

Part I: Notes and memory with Gemini on Android 

1. In a reminder that the simplest features are often the most practical of all, Gemini can remind you of anything, anytime — just like Google Assistant could before it. Simply fire it up and say Remind me [whatever] at [whenever — day and/or time], and the deed will be done.

Gemini can set a reminder for you without even interrupting what you’re doing.

JR Raphael, Foundry

It may not be flashy, but I’d be willing to wager you’ll rely on that much more often than the on-demand image generation or “creative thought partner” poppycock Google and every other AI-obsessed company is pushing with these things these days.

2. Basic reminders aside, Gemini is great at remembering specific info and then recalling it for you later. Try telling the service something like Remember that the door code is 90210, Remember that my rental car license plate is WIGGLES77, or Remember that Jed’s wife is named Tallulah — then, whenever you need to recall the related nugget, just ask: What’s the door code, What’s my rental car license plate, or What’s Jed’s wife’s name (or whatever question is appropriate for what it remembered).

3. The next time you need to make a more extensive note to yourself, pull out the classic old Assistant trick of telling Gemini to Create a note that says whatever you’ve got on your mind. It’ll save it into the Google Keep Android app for easy future finding.

[Psst: Love shortcuts? My free Android Shortcut Supercourse will teach you tons of time-saving tricks. Start now for free!]

Part II: Places and events with Gemini on Android 

4. If you’re ever feeling lost — or maybe you’re out on a Very Important Business Call and at a location you want to track down again in the future — fire up Gemini on your phone and ask the soul-searching question Where am I? Gemini will give you the nearest address in return. And then…

5. After you’ve asked Gemini for your current location, try saying Remember that location as…, followed by some sort of description you might use in the future — the best place to park, the home of the seven-foot egg roll, the place where I lost my mind (after eating a seven-foot egg roll), or whatever the case may be. You can then later ask Gemini where that place is, and it should serve back up the very same spot for your rediscovering pleasure.

6. Gemini can help you get from point A to point B, too. In addition to asking it to Start a navigation to some particular place, you can ask it questions like How long would it take me to get In ‘N’ Out Burger right now and other equally important inquiries.

7. Just like Assistant before it, Gemini is great at helping you check in on your calendar. Ask it What’s on my agenda for today, When’s my first meeting tomorrow, or When’s my next haircut — or any other variations on those same concepts you can come up with — for a quick ‘n’ easy way to see what you’ve got ahead.

8. You don’t have to stop with calendar check-ins: Gemini can also make new appointments for you in some especially useful ways. In addition to simply asking it to Create a new calendar appointment for [whatever] on [whatever day and time], you can summon Gemini anytime you’ve got info about an event on your screen — in an email, on a website, within a text or Slack thread, or whatever — then tap the button that says “Ask about screen” and say Create a calendar appointment for this. Gemini will interpret the visible info and format it into a full event on your calendar in a single swift step.

Creating calendar events is especially easy with Gemini’s assistance.

JR Raphael, Foundry

Part III: Intelligent interactions with Gemini on Android 

9. When you’re looking at a web page, a document, or any other type of text on your Android device and you aren’t in a position to read it with your own two eyes — if, for instance, you’re walking, driving, or climbing high atop a towering tree in Narnia — get Gemini, tap that same “Ask about screen” button we went over a second ago, and say Read this out loud. Just please, for the sake of our collective sanity, put in your frickin’ earbuds first.

10. If, on the other hand, you want a summarized version of something on your screen, follow those same steps from the previous tip but this time say Summarize this. Gemini will start to speak a simple summary of the info aloud to you (provided you spoke aloud to it), or you can press the pause button and read its streamlined overview yourself if you’d rather.

11. Speaking of summarizing, Gemini’s (non-milk-related) condensing powers also extend to the domain of YouTube — where a quick ‘n’ simple summarization can sometimes really be useful. Use that same “Ask about screen” button again while you’ve got a video in front of ye and say Summarize this video. 

Get a simple text summary of any long video in seconds with Gemini by your side.

JR Raphael, Foundry

In advance: You’re welcome.

12. One more slice of summarizing sorcery worth noting: No matter what you’re doing on your device, you can call up Gemini and ask it to Summarize my most recent incoming emails. As long as you’ve got the Gemini Gmail/Google Workspace integration active, El Gembo will give you a bird’s eye view of what’s awaiting in your inbox at that very moment.

13. Trying to identify something you see on your screen — a landmark, a plant or flower, or even a person named Joe Pesci? Caress that Gemini “Ask about screen” button while it’s visible and ask exactly what you want to know: What building is this? What type of flower is this? Who is this? Gemini will tap into the same smarts seen in the superb Google Lens Android setup and give you an answer in the blink of an eye.

Part IV: Basic device functions with Gemini on Android 

14. Check up on your phone’s power in a jiff by asking Gemini What’s my battery level? (You can also try asking it What’s the frequency, Kenneth? — but I wouldn’t necessarily expect any real results in return.)

15. Save yourself the sometimes-awkward finger-stretching and snap a screenshot of anything on your screen simply by asking Gemini to Take a screenshot. Easy!

16. On a related note, you can review your captured screenshots without lifting a finger by giving Gemini the very logical command of Show my screenshots.

17. It may seem obvious, but Gemini can send text messages on your behalf. Just say — brace yourself… — Send a text message to followed by the name of the person you’ve got in mind (and, optionally, the entire message, too, if you want to save yourself a second step).

18. Similarly, your Android Gemini assistant can place a call via the command Call followed by the name of the contact or number you’re needing.

19. Set your sound volume in a split second by asking Gemini to Set the media volume — or call volume, ring volume, notification volume, or alarm volume — either on a one to 10 scale or to a specific percent value.

Adjusting any system volume level is never more than a spoken command away.

JR Raphael, Foundry

20. You can also rely on Gemini to adjust all sorts of system settings — for instance, asking it to Turn Do Not Disturb on (or off), Turn the flashlight on (or off), Turn Bluetooth on (or off), and Turn airplane mode on (or off).

21. And last but not least, Gemini can get you where you need to be within your Android system settings without any of the usual hunting. Tell it to Open up the Accessibility settings — or any other area or specific option — and watch it fly you over precisely where you need to be.

Keep the advanced Android knowledge coming with my free Android Shortcut Supercourse. Tons of time-saving tricks await!

Look, it’s not just about Siri and ChatGPT; artificial intelligence will drive future tech experiences and should be seen as a utility. That’s the strategic imperative driving Apple’s WWDC introduction of the Foundation Models Framework for its operating systems. It represents a series of tools that will let developers exploit Apple’s own on-device AI large language models (LLMs) in their apps. This was one of a host of developer-focused improvements the company talked about last week. 

The idea is that developers will be able to use the models with as little as three lines of code. So, if you want to build a universal CMS editor for iPad, you can add Writing Tools and translation services to your app to help writers generate better copy for use across an international network of language sites.

Better yet, when you build that app, or any other app, Apple won’t charge you for access to its core Apple Intelligence models – which themselves operate on the device. That’s great, as it means developers for no charge can deliver what will over time become an extensive suite of AI features within their apps while also securing user privacy.

What are Foundation Models?

In a note on its developer website, Apple tells us the models it made available in Foundational Models Framework are particularly good at text-generation tasks such as summarization, “entity extraction,” text understanding, refinement, dialogue for games, creative content generation, and more.

You get:

• Apple Intelligence tools as a service for use in apps.
• Privacy, as all data stays on the device.
• The ability to work offline because processing takes place on the device.
• Small apps, since the LLM is built into the OS.

Apple has also made solid decisions in the manner in which it has built Foundational Models. Guided Generation, for example, works to ensure the LLM provides consistently structured responses for use within the apps you build, rather than the messy code many LLMs generate; Apple’s framework is also able to provide complex responses in a more usable format. 

Finally, Apple said it is possible to give the Apple Intelligence LLM access to tools other than your own. Dev magazine explains that “tool calling” means you can instruct the LLM when it needs to work with an external tool to bring in information, such as up-to-the-minute weather reporting. That can also extend to actions, such as booking trips.

This kind of access to real information helps keep the LLM sober, preventing it from using fake data to resolve its task. Finally, the company has also figured out how to make apps remember the AI conversations, which means you can engage in inclusive sessions of requests, rather than single-use requests. To stimulate development using Foundation Models, Apple has built in support for doing so inside Xcode Playgrounds.

Walking toward the horizon

Unless you’ve spent the last 12 months locked away from all communications on some form of religious retreat to promote world peace (in which case, I think you should have prayed harder), you’ll know Apple Intelligence has its critics. Most of that criticism is based on the idea that Apple Intelligence needs to be a smart chatbot like ChatGPT (and it isn’t at all unfair to castigate Siri for being a shadow of what it was intended to be). 

But that focus on Siri skips the more substantial value released when using LLMs for specific tasks, such as those Writing Tools I mentioned. Yes, Siri sucks a little (but will improve) and Apple Intelligence development has been an embarrassment to the company. But that doesn’t mean everything about Apple’s AI is poor, nor does it mean it won’t get better over time.

What Apple understands is that by making those AI models accessible to developers and third-party apps, it is empowering those who can’t afford fee-based LLMs to get creative with AI. That’s quite a big deal, one that could be considered an “iPhone moment,” or at least an “App Store moment,” in its own right, and it should enable a lot of experimentation.

“We think this will ignite a whole new wave of intelligent experiences in the apps users rely on every day,” Craig Federighi, Apple senior vice president for software engineering, said at WWDC. “We can’t wait to see what developers create.”

What we need

We need that experimentation. For good or ill, we know AI is going to be everywhere, and whether you are comfortable with that truth is less important than figuring out how to best position yourself to be resilient to that reality.

Enabling developers to build AI inside their apps easily and at no cost means they will be able to experiment, and hopefully forge their own path. It also means Apple has dramatically lowered the barrier to entry for AI development on its platforms, even while it is urgently engaged in expanding what AI models it provides within Apple Intelligence. As it introduces new foundation models, developers will be able to use them, empowering more experimenting.

With the cost to privacy and cost of entry set to zero, Foundation Models change the argument around AI on Apple’s platforms. It’s not just about a smarter Siri, it is about a smarter ecosystem — one that Apple hopes developers will help it build, one AI-enabled app at a time.

The Foundation Models Framework is available for beta testing by developers already with public betas to ship with the operating systems in July.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

Microsoft experienced a significant service disruption across its Microsoft 365 services on Monday, affecting core applications including Microsoft Teams and Exchange Online. The outage left users globally unable to access collaboration and communication tools critical to consumers as well as enterprise workflows.

In a series of updates posted on X through the official account of Microsoft 365 Status, Microsoft acknowledged the incident and confirmed that it was actively investigating user reports of service impact. The incident was tracked under the identifier MO1096211 in the Microsoft 365 Admin Center.

Minutes after initial acknowledgement, Microsoft initiated mitigation steps and reported that all services were in the process of recovering. “We’ve confirmed that all services are recovering following our mitigation actions. We’re continuing to monitor recovery,” the company said in an update.

Roughly an hour later, Microsoft posted another update, saying, “Our telemetry indicates that all of our services have recovered and that the impact is resolved.”

“The Microsoft outage that disrupted Teams, Exchange Online, and related services was ultimately caused by an overly aggressive traffic management update that unintentionally rerouted and choked legitimate service traffic. According to Microsoft’s official post-incident report, the faulty code was rolled back swiftly, but not before triggering global access failures, authentication timeouts, and mass user logouts,” said Sanchit Vir Gogia, chief analyst and CEO at Greyhound Research.

Microsoft did not immediately respond to a request for comment.

Not an isolated incident

This incident adds to a growing number of high-profile cloud service disruptions across the industry, raising questions about the resilience of hyperscale infrastructure and the impact on cloud-dependent enterprises. In the last 30 days, IBM Cloud services were disrupted thrice, and a Google Cloud outage just last week impacted over 50 services globally for over seven hours.

Microsoft, in particular, has experienced a steady stream of service disruptions in recent months, exposing persistent fault lines in its cloud infrastructure.

In March this year, the outage disrupted Outlook, Teams, Excel, and more, impacting over 37,000 users. In May, Outlook suffered another outage, which was attributed to a change that caused the problem.

According to Gogia, this sustained pattern reveals architectural brittleness in Microsoft’s control-plane infrastructure — especially in identity, traffic orchestration, and rollback governance — and reinforces the urgent need for structural mitigation.

Costly outages call for contingency planning

Given the complexity and global scale of hyperscale cloud infrastructures, outages remain an ongoing risk for leading SaaS platforms, including Microsoft 365. More so for enterprises that operate in hybrid and remote work environments, threatening business continuity.

Such outages can lead to loss of productivity and disrupted communications, depending on the applications they affect as well as the extent of the outage. This could mean a loss of thousands of dollars to potentially millions of dollars for some, explained Neil Shah, vice president of research, Counterpoint.

Manish Rawat, analyst, TechInsights, said industry estimates suggest that IT downtime can cost mid- to large-sized enterprises between $100,000 and $500,000 per hour, depending on their sector and the criticality of operations. “For large organizations, even a brief 2–3 hour outage could result in millions in lost productivity, reputational harm, and serious operational setbacks, especially in high-stakes sectors like finance, healthcare, and manufacturing,” he said.

Given the recent incidents involving Microsoft 365 services alone, experts believe that enterprises must reduce their overdependence on Microsoft 365. “Organizations should adopt robust contingency plans that include alternative communication tools, offline access to critical documents, and a comprehensive incident response framework,” said Prabhu Ram, VP for industry research group at CMR.

Grammarly is reinventing itself as a platform of generative AI (genAI) agents that go beyond grammar recommendations.

The company is building always-on AI technologies that follow users across work applications and can coordinate projects, write documents and automate workflows.  The growth is partially fueled by a cash infusion of $1 billion from General Catalyst last month.

Users will be able to have deeper conversations with, and get recommendations from, a variety of AI tools that draw context from documents and action. The company hopes the tools will attract power users who want more than automatic recommendations.

“We’re going to be able to give you much more feedback than, ‘Here are correct words,’” Noam Lovinsky, chief product officer at Grammarly, told Computerworld. “We’ll be able to give you feedback from experts that you care about. We’ll be able to help you right from start to finish.”

For example, an agent could access Zoom transcripts from candidate interviews and create draft scorecards.

“Maybe at the end of that process, Grammarly says, ‘Actually, I have this agent. And if you want, I can like create a draft for you of every single score card the minute you get off of the Zoom,’” Lovinsky said.

Grammarly can take that further in its Coda team workspace tool. It can automate that post-Zoom workflow by generating a table of all interviews, linking transcripts, and generating draft responses. Users can review and refine the drafts before sending the data to hiring systems such as Greenhouse.

“That is almost like the common interface layer by which all the agents are going to get to show up. They’ll come to your applications the same way that Grammarly does today,” Lovinsky said.

Lovinsky offered another example of how Grammarly tools will work with popular collaboration tools from Slack and Atlassian. “If you’re writing a status update for a project, we’ll actually know the latest things that have been said in Slack about that project and the latest Jira tickets that have been filed, so we can help you coalesce those things and create a good update.”

Grammarly claims 40 million users and supports 500,000-plus applications and websites. Its tools typically slip into the user interface without disturbing the flow of work, which is what the company wants to continue.

“You just install it and it just works, and you just go do your thing and we show up in the right ways and in the right moments,” Lovinsky said.

The genAI technologies will include a companion that can go deeper into context, which could appeal to power users. “If you want more than just what shows up in the underlines, if you want deeper work with more back and forth, we’ll have a companion that opens up and works with every application,” Lovinsky said.

Grammarly appears to have thought about what technology it has that it could build on to offer a differentiated genAI tool, said Nancy Gohring, senior research director for AI at IDC. “What it landed on was the platform it had already created that allowed the original Grammarly application to work across third-party applications,” she said.  

Grammarly’s advantage comes from leveraging its existing platform as a way to offer a range of agents that work across the third-party apps already deployed in the enterprise, Gohring said.

But it will also compete with numerous companies delivering similar tools. Microsoft and Google already provide document drafting and automation AI agents. Users rely on large-language models (LLMs) for grammar and error correction.

But with LLMs, users must cut, paste, and prompt to get answers. Grammarly wants to ease that burden by working within the user interface and automatically understanding the right context.

“What I want to do is create an interface that doesn’t require you to prompt and re-prompt until you get your output,” Lovinsky said. “It just works.”

Grammarly builds its own LLMs, but also uses commercial AI providers. Users cannot explicitly choose their model, but that limitation could change.

“I think we’re going to change that because there are more sophisticated users,” Lovinsky said. “What they really like is that we bring it inline.”

The company plans to focus on tools for knowledge workers in the wider market and not target specific domains. “You’re not going to see us do a lot in coding, data analysis, or design work,” Lovinsky said.

There are already many rivals on the market that aim to allow for agent development, management and collaboration, IDC’s Gohring said.

“Grammarly will need to clearly articulate how it’s different and how it fits adjacent to the others,” she said.

The relationship between OpenAI and Microsoft is under growing strain amid extended talks over OpenAI’s restructuring, with OpenAI reportedly considering antitrust action over Microsoft’s influence in the partnership.

OpenAI leaders have considered alleging that Microsoft engaged in anticompetitive practices during their collaboration, a move that could prompt a federal investigation, WSJ reported.

The ChatGPT maker is reportedly exploring the option of urging regulators to examine its contractual relationship with Microsoft, along with a public campaign.

Meanwhile, The Information reported that OpenAI is seeking to give Microsoft a roughly 33% stake in its reorganized for-profit unit in exchange for relinquishing rights to future profits.

OpenAI also wants to revise existing contract clauses that grant Microsoft exclusive cloud hosting rights and to exclude its planned $3 billion acquisition of AI startup Windsurf from terms that give Microsoft access to OpenAI’s intellectual property, the report added.

These developments threaten to disrupt one of the most closely watched alliances in the AI sector.

A potential antitrust complaint by OpenAI could heighten regulatory scrutiny of major AI-cloud partnerships and lead enterprise customers to reevaluate risks tied to vendor lock-in and control over core infrastructure.

Microsoft, a major investor since 2019, supports OpenAI through Azure and powers tools like Microsoft 365 Copilot with its models.

However, tensions between OpenAI and Microsoft have been simmering in recent months, with occasional public clashes.

OpenAI has also been trying to reduce its dependence on Microsoft by turning to Google Cloud for additional computing power, while Microsoft has been working to lessen its own reliance on OpenAI by integrating alternative AI models into its Copilot platform, according to Reuters.

Impact on enterprises

A potential regulatory review may weaken enterprise confidence in adopting or expanding the use of Copilot and related tools, particularly in heavily regulated sectors such as healthcare and financial services.

“Over the short to long term, enterprises could face service disruptions, compatibility issues, or increased costs as vendors adjust their business models in response to changes in the partnership or service offerings,” said Prabhu Ram, VP of the industry research group at CyberMedia Research.

OpenAI models currently power Microsoft Copilot. But with growing innovation from rivals like DeepSeek, both firms appear to be preparing for a more independent path.

“The rate at which AI is advancing, especially given what DeepSeek has demonstrated, suggests that being locked into a single model is no longer a prudent strategy for Microsoft,” said Neil Shah, VP of research and partner at Counterpoint Research. “Enterprises will need to prepare for AI tools and platforms that are diverse in capability, modular, and scalable.”

For OpenAI, partnerships with Oracle Cloud and potentially Google Cloud will help scale its models further in enterprise deployments, particularly in the public sector, where Google is working to expand its presence.

“In the end, most cloud and AI providers will need to support multiple models and adopt modular integration to give enterprises more choice,” Shah said. “This way, they avoid becoming a one-trick pony and can select models based on their strengths, future development roadmaps, and alignment with specific use cases.”