Agregátor RSS

Uncle Sam will 'no longer blindly dole out money,' State Dept says

US Secretary of State Marco Rubio has frozen nearly all foreign aid cash for a full-on government review, including funds to defend America's allies from cyberattacks as well as steer international computer security policies.…

Chinese AI platform DeepSeek has disabled registrations on its DeepSeek-V3 chat platform due to an ongoing "large-scale" cyberattack targeting its services. [...]

Open-source password manager Bitwarden is adding an extra layer of security for accounts that are not protected by two-factor authentication, requiring email verification before allowing access to accounts. [...]

​Microsoft has confirmed that the January 2025 Windows security updates are breaking audio playback on some systems with external DACs (digital-to-analog converters). [...]

​Apple has released security updates to fix this year's first zero-day vulnerability, tagged as actively exploited in attacks targeting iPhone users. [...]

S chytrým zámkem už nemusíte nosit klíče. Odemknete si pinem, aplikací v mobilu či hodinkách, čtečkou otisků, pomocí NFC apod. Zároveň budete vždy i na dálku vědět, jestli jste při odchodu zamkli. V noci si nastavíte automatické zamykání. Zkrátka těch možností automatizací je díky integrovanému ...

The European Union sanctioned three hackers, part of Unit 29155 of Russia's military intelligence service (GRU), for their involvement in cyberattacks targeting Estonia's government agencies in 2020. [...]

** Apple se pochlubil statistikami aktualizací iOS a iPadOS ** Nejnovější iOS 18 má 76 % novějších iPhonů ** U iPadů je to trochu horší, ale co by za to Androidy daly

Windows 11 taskbar is testing a new feature that helps you understand the current power state of your laptop's battery, including showing the battery percentage directly on the taskbar. [...]

Two years ago, OpenAI’s ChatGPT launched a new wave of AI disruption that left the tech industry reassessing its future. Now within the space of a week a small Chinese startup called DeepSeek appears to have pulled off a similar coup, this time at OpenAI’s expense.

Nevertheless, DeepSeek’s sudden success — the company’s free chatbot mobile app quickly surpassed even ChatGPT for downloads on Apple’s App Store — has prompted questions. Is the DeepSeek story too good to be true? And should businesses in the US and allied countries allow employees to use an app when the company’s Chinese background and operation are so opaque?

What happened

The DeepSeek storm hit on January 20 when DeepSeek launched its R1 LLM model to the public, complete with big claims around performance.

Using smaller “distilled” LLM models, which require significantly less processing power while replicating the capability of larger models, DeepSeek’s R1 matched or exceeded OpenAI’s equivalent, o1-mini, in important math and reasoning tests.

That performance generated a surge of interest. By Monday the DeepSeek app had overtaken ChatGPT and Temu to become the iPhone App Store’s top free download — and DeepSeek was reporting delays in new registrations to use the app due to what it described as “large-scale malicious attacks” on its services.

Nobody saw this coming. Somehow, R1 was doing this with less hardware. Moreover, DeepSeek-R1 is available through an open-source MIT license, which allows for unrestricted commercial use, including modification and distribution.

With AI sector share prices unsettled by all of this, the implication is that perhaps usable models don’t need the huge chip clusters deployed by the established players and organizations shouldn’t be paying high prices to access them.

Furthermore, if a tiny startup can get by on more limited hardware while training LLMs for a fraction of the cost, perhaps strenuous US attempts to limit the export of the most powerful AI chips to most of the world including China, are already obsolete before they’ve been fully implemented.

Zero day AI

The speed of DeepSeek’s rise is a case of ‘zero-day disruption.’ Organizations have no time to react, and not just because developers across the world have piled in to test DeepSeek-R1 via its API by the thousand. Releasing a free app gives this capability to everyone, including employees who might enter sensitive data into it. By now, DeepSeek is everywhere, which makes it difficult to control.

“The app has raced to the top of the app charts, but I would advise anyone considering installing it and using it to exercise some caution,” warned tech commentator, Graham Cluley, who also hosts the AI Fix podcast.

That said, organizations should already be used to coping with this issue. “Human nature being what it is, there will surely be just as much sensitive data entered into DeepSeek as we’ve seen entered into every other AI out there,” said Cluley. Organizations should probably hold back until it has been more thoroughly audited in the same way they would with any new app.

Or perhaps focusing on the risks is too negative. DeepSeek will ignite more competition in the sector, potentially turning powerful LLMs from an expensive service for the deep pocketed into a cheap utility anyone can access. Rather than dumping existing AI services, organizations should demand a better deal while avoiding becoming too locked into one LLM as new innovations appear.

Censored language model

A lurking possibility is that DeepSeek isn’t as good as it seems, with some skepticism already appearing around its price-performance claims. Stacy Rasgon, a senior analyst at Bernstein Research, questioned DeepSeek’s underlying costs.

“Did DeepSeek really build OpenAI for $5M? Of course not,” he wrote in a client note. “The oft quoted $5M number is calculated by assuming a $2/GPU-hour rental price for this infrastructure, which is fine, but not really what they did, and does not include all the other costs associated with prior research and experiments on architectures, algorithms, or data.”

In use, DeepSeek makes elementary errors, not dissimilar to the ones that afflicted ChatGPT in its early days. Some of its responses also underline that the app imposes guard rails when run from a Chinese host. A good example is this report of its refusal to acknowledge the Tiananmen Square massacre, something the Chinese Government goes to extreme lengths to hide.

In the short term, DeepSeek’s appearance underlines the unstable nature of AI itself. Tech is used to periodic disruptions. AI suggests that these might become more routine, including of its own capabilities. It is unlikely to be the last such breakthrough in a sector that will prove harder to dominate than has been assumed.

Investors and government regulators trying to control AI development won’t like this but if it offers cheaper and earlier AI access across the economy it could still work as a net positive. According to Cluley, DeepSeek should be something for Silicon Valley to worry about.

“If it’s accurate that the Chinese have been able to develop a competitive AI that massively undercuts the US-based giants in terms of development cost and with a fraction of the hardware commitment then that is clearly going to upset the applecart and have a tech billionaire or two crying into their Cheerios this morning,” he said.

The Phemex crypto exchange suffered a massive security breach on Thursday where threat actors stole over $85 million worth of cryptocurrency. [...]

Microsoft reminded Microsoft 365 admins that its new brand impersonation protection feature for Teams Chat will be available for all customers by mid-February 2025. [...]

Chinese AI startup grapples with consequences of sudden popularity

Updated  China's DeepSeek, which shook up American AI makers with the debut of its V3 and reasoning-capable R1 LLM families, has limited new signups to its web-based interface to its models due to what's said to be an ongoing cyberattack.…

Latest trope is tricky enough to fool even the technical crowd… almost

Google says it's now hardening defenses against a sophisticated account takeover scam documented by a programmer last week.…

Though there are a variety of cool extensions for the Chrome browser, there are also malicious extensions that pose a security threat. To increase security, Google has now launched the Chrome Web Store for Enterprises, a new store specifically designed for business users.

For example, businesses can create a list of approved extensions to ensure employees do not install malicious extensions on their own. Companies can also add their own logos and images to the store if they wish, making it clear to users what applies.

And, according to Bleeping Computer, it will soon also be possible for IT administrators to remotely remove add-ons, if necessary.

As if from nowhere, OpenAI competitor DeepSeek has somersaulted to the top of the iPhone App Store chart, overtaking ChatGPT’s OpenAI. It’s the latest in a growing line of generative AI (genAI) services and seems to offer some significant advantages, not least its relatively lower development and production costs. You can also ask it how many R’s the word “strawberry” contains and expect an accurate response.

Now on iPhones

Released last week, the DeepSeek app raced to the top of Apple’s App Store charts in multiple countries, including the US. People using the app have noted that the genAI tool can match or beat other similar models in performance.

It also does so at a fraction of the development and deployment costs. It’s also free to use on the web and on the iPhone. In other words, for the price of nothing, you get all the genAI utility you can expect from ChatGPT.

What the industry says

Nvidia’s senior research scientist, Jim Fan, calls DeepSeek “the biggest dark horse” in the open-source LLM field, praising the extent to which the developers have managed to deliver such power with such scant resources.

“We are living in a timeline where a non-US company is keeping the original mission of OpenAI alive — truly open, frontier research that empowers all. It makes no sense. The most entertaining outcome is the most likely,” he wrote on social media.

What’s the market model?

DeepSeek was introduced as open-source models the Chinese developer believes can compete with OpenAI’s and Meta’s best systems. That means the models are available under an MIT license from the popular Hugging Face platform, which itself means these models can be used commercially and without restrictions. Theoretically, even Apple could use it — and many developers are already trying it on relatively modest hardware.

The full package of DeepSeek’s R1 models is available and costs almost 95% less than OpenAI wants for its o1 models. There’s more information available on Github, including an in-depth 30-page technical report.

How good is it?

DeepSeek says its R1 model surpasses OpenAI o1 on the AIME, MATH-500, and SWE-bench Verified benchmarks.  It contains 671 billion parameters, a massive number that means the model can perform very well.

Of course, most on-device AI can’t possibly handle that many parameters, so DeepSeek has made smaller versions of the same model available, the smallest of which should run on an old Mac.

DeepSeek R1 is also built as a self-checking reasoning model, which helps it avoid some of the stupid mistakes other models make. While that reasoning means responses can be a little slower to arrive, they tend to be more reliable. 

Toward an open-source AI

“It shows that open-source AI is catching up,” and in the future we’ll have a multiplicity of such models, rather than just the big commercial models, The Atlantic CEO Nicholas Thompson points out.

One estimate suggests the models might have been trained on a budget as small as $6 million. In comparison, while Meta’s most recent Lama used an estimated 30.8 million GPU-hours to train, DeepSeek required just 2.8 million GPU-hours, according to Andrej Karpathy at EurekaLabs.

In other words, rather than throwing money at a problem, the Chinese researchers are figuring out how to get more from less.

It is impressive that DeepSeek seems to have succeeded in matching OpenAI and Meta’s AI at approximately 10% of the resources, cost, and parameters.

DeepSeek’s researchers said DeepSeek-V3 used Nvidia’s H800 chips for training. (Not everyone accepts the explanation. Scale AI CEO Alexandr Wang expressed doubts about this claim, but still calls the introduction of DeepSeek “earth-shattering”.)

To achieve this, the developers achieved significant technological breakthroughs, such as the capacity to predict consecutive words in a sequence, rather than just the next word. They also figured out to make the system answer questions more efficiently. This is explained well by Thompson.

Good for everyone?

China has figured out how to deliver powerful AI while using fewer resources — and (perhaps most significantly on a planet equipped with finite resources) far less energy.

Is this a bad thing for US interests? Almost certainly not. The fact that China achieved this on such limited resources should be a wake-up call to the US government and investor communities that it’s possible to deliver this technology at much lower costs.

“If there truly has been a breakthrough in the cost to train models from $ 100 million+ to this alleged $6 million number, this is actually very positive for productivity and AI end users, as cost is obviously much lower meaning lower cost of access,” Jon Withaar, a senior portfolio manager at Pictet Asset Management, told Reuters.

That’s a good thing, assuming AI is a good thing in the first place. But it’s a less good option for the big developers in the space. AI stocks are taking a battering today as investors evaluate the achievement. They want value for money, and if DeepSeek can get for $1 what other companies spend a sawbuck on, they’ll want to invest in that.

Ideological AI

It is worth mentioning one other limitation of the system. As it is a Chinese model, it is benchmarked by the Chinese Internet regulator who ensures the genAI responses “embody core socialist values.”

What’s interesting about that is the extent to which this shows how AI models — from China, or from anywhere else — can be built to bake in sets of values that may do more than just reflect their society. No wonder OpenAI wants the US government to invest in US AI.

Getting more for less

If it is indeed correct that DeepSeek has been able to achieve this degree of performance at such low costs using lower-specified tech, it suggests:

1. That while cash is required to enable the tech, the biggest currency is creative innovation, which flourishes most in open environments. 
2. That the social and environmental costs in terms of energy, water, and technology we expect AI to require can be dramatically reduced. 
3. It’s good business to do so.
4. These reduced costs make AI more accessible to a wider number of developers.

Some of the implications of this are explained in more depth here. But if you’re searching for an iPhone app that manages to capture the technology story while reflecting the evolving global geo-political tension and conversation around environment and industry, you can download it at the App Store today.

You can follow me on social media! Join me on BlueSky,  LinkedIn, Mastodon, and MeWe. 

Intel zveřejnil nový návrh, podle něhož by se do notebooků a minipočítačů měla vrátit modularita a s ní vyplývající snadné opravy nebo upgrady. Za dokumentem stojí tři lidé ze středního a vyššího managementu Intelu, kteří mají na starost právě divizi vývoje a prodeje počítačů. Jejich plán má ...

A set of three distinct but related attacks, dubbed 'Clone2Leak,' can leak credentials by exploiting how Git and its credential helpers handle authentication requests. [...]

Výsledky třídenní hackerské soutěže Pwn2Own Automotive 2025. Celkově bylo soutěžním týmům vyplaceno 886 250 dolarů za 49 zranitelností nultého dne (0-day). První Sina Kheirkhah si odnesl 222 250 dolarů. Krátká videa na YouTube.