Agregátor RSS

Imagine a world of the near future where Android and Apple iOS users can message one another with the certainty that their communication is secured against eavesdropping by end-to-end encryption (E2EE).

And it would not only be for one-to-one chats, but across large groups of employees and users, something that is impossible to guarantee today without resorting to standalone apps such as WhatsApp.

These capabilities might soon be a reality, thanks to a technical specification released this week, the GSM Association’s RCS Universal Profile version 3.0.

In development since 2007 as a replacement for SMS, Rich Communication Services (RCS) already allows a range of features including read receipts, typing indicators, and media sharing. But E2EE security, a much more complex technical feat, has always proved elusive.

Thanks to some IETF-backed magic inside RCS 3.0 called the Messaging Layer Security (MLS) protocol, that is about to change. Specifications may come and go, but history suggests that the addition of security to a spec is always a significant moment when people start to feel more positive about its adoption; at least that’s what the GSMA is hoping.

This is especially true for businesses, which value two features above all: absolute certainty about messaging security, and the ability for employees to communicate in large groups. RCS 3.0 with MLS delivers on both fronts, said GSMA technical director, Tom Van Pelt.

“[This ensures] that messages and other content such as files remain confidential and secure as they travel between clients,” he said.

“RCS will be the first large-scale messaging service to support interoperable E2EE between client implementations from different providers. Together with other unique security features such as SIM-based authentication, E2EE will provide RCS users with the highest level of privacy and security for stronger protection from scams, fraud, and other security and privacy threats,” said Van Pelt.

RCS fragmentation

RCS 3.0’s big feature is interoperability, which makes it easier for different apps to implement the same features consistently.  Today, while RCS is widely implemented by OS platforms, mobile networks, and device makers, each does it in their own way. This has led to fragmentation, hindering uptake. 

The result is that if you want to send a secure RCS message between Android devices, you need to use Google’s own Messages app at both ends; it implements E2EE using the well-worn Signal protocol. Similarly, Apple adopted RCS in iMessage last year, but with a proprietary implementation of E2EE.

In short, it’s a confusing jumble. This is one reason why alternatives such as WhatsApp and Signal, both of which also use the Signal protocol, have become so popular; you get E2EE out of the box without compatibility worries, and they allow groups of up to 1,024 members.

Having a single protocol, MLS, covering E2EE changes the story. Now RCS with MLS can offer a range of advanced features including large groups, which are critical for businesses which need many-to-many communication. Right now, if even one user in a group is using an RCS app without compatible E2EE, the security of the whole group chat can be compromised. MLS gives every app maker one IETF standard to aim for.

The WhatsApp effect

Google has said it plans to adopt MLS inside Messages, which means replacing the proven Signal protocol that struggles to handle larger groups. That will take time, during which it will probably support one with a fallback to the other. Apple, too, said it is committed to MLS.

“We will add support for end-to-end encrypted RCS messages to iOS, iPadOS, macOS, and watchOS in future software updates,” said Apple spokesperson Shane Bauer, in support of the GSMA.

As the two biggest platform apps, these names are important. However, one that’s not on the RCS list yet is WhatsApp, an app for both Android and Apple that, with three billion users, operates in a parallel world to RCS-enabled apps.

WhatsApp is in no hurry to adopt MLS. For parent Meta, the real prize is to turn WhatsApp into a secure business communications platform that dominates the messaging space across multiple types of engagement. Despite that, it will eventually have to adopt MLS in some form, not least to comply with the EU’s Digital Markets Act, which mandates greater app interoperability.

“It’s questionable if and when WhatsApp and Signal are going to support this protocol, as both have already implemented end-to-end encryption within each respective ecosystem,” commented Arne Möhle, CEO of secure email provider Tuta Mail.

“As an encrypted email service, we can also say that interoperability is a challenge,” he added. “It comes with complications such as spam and phishing attempts, an issue that WhatsApp has had to fight hard against. This will get even worse once the app starts allowing people to chat with their friends on other platforms as well.”

But E2EE was only today’s privacy issue. Soon, he predicted, messaging platforms will need to evolve to counter the ability of quantum computers to undermine the security of public key encryption.

“The GSMA protocol needs to be updated with quantum-resistant encryption keys,” said Möhle.

Ironically, a major uncertainty is E2EE itself. This is now being probed by the UK government, which has decided to use Apple as its test case in a campaign to introduce backdoors into the encryption used in iCloud services. So far, Apple is resisting, choosing to disable security rather than allow surveillance. Talks are reportedly ongoing.

E2EE, which stores keys on devices rather than centrally, isn’t part of this effort, but might come under fire if the UK government reheats its controversial idea of client-side scanning (scanning messages before they are encrypted on-device).

Microsoft says it partially mitigated a week-long Exchange Online outage causing delays or failures when sending or receiving email messages. [...]

Long before Taco Tuesday became part of the pop-culture vernacular, Tuesdays were synonymous with security — and for anyone in the tech world, they still are.  Patch Tuesday, as you most likely know, refers to the day each month when Microsoft releases security updates and patches for its software products — everything from Windows to Office to SQL Server, developer tools to browsers.

The practice, which happens on the second Tuesday of the month, was initiated to streamline the patch distribution process and make it easier for users and IT system administrators to manage updates.  Like tacos, Patch Tuesday is here to stay.

In a blog post celebrating the 20th anniversary of Patch Tuesday, the Microsoft Security Response Center wrote: “The concept of Patch Tuesday was conceived and implemented in 2003. Before this unified approach, our security updates were sporadic, posing significant challenges for IT professionals and organizations in deploying critical patches in a timely manner.”

Patch Tuesday will continue to be an “important part of our strategy to keep users secure,” Microsoft said, adding that it’s now an important part of the cybersecurity industry.  As a case in point, Adobe, among others, follows a similar patch cadence.

Patch Tuesday coverage has also long been a staple of Computerworld’s commitment to provide critical information to the IT industry. That’s why we’ve gathered together this collection of recent patches, a rolling list we’ll keep updated each month.

In case you missed a recent Patch Tuesday announcement, here are the latest six months of updates.

For March’s Patch Tuesday, 57 fixes — and 7 zero-days

For so few patches from Microsoft this month (57), we have seven zero-days to manage (with a “Patch Now” recommendation for Windows) and standard release schedules for Microsoft Office, Microsoft browsers (Edge) and Visual Studio.  Adobe is back with a critical update for Reader, too — but it’s not been paired (at least for now) with a Microsoft patch. More info on Microsoft Security updates for March 2025.

For February’s Patch Tuesday, Microsoft rolls out 63 updates

Microsoft released 63 patches for Windows, Microsoft Office, and developer platforms in this week’s Patch Tuesday update. The February release was a relatively light update, but it comes with significant testing requirements for networking and remote desktop environments. Two zero-day Windows patches (CVE-2025-21391 and CVE-2025-21418) have been reported as exploited and another Windows update (CVE-2025-21377) has been publicly disclosed — meaning IT admins get a “Patch Now” recommendation for this month’s Windows updates. More info on Microsoft Security updates for February 2025.

2025’s first Patch Tuesday: 159 patches, including several zero-day fixes

Microsoft began the new year with a hefty patch release for January, addressing eight zero-days with 159 patches for Windows, Microsoft Office and Visual Studio. Both Windows and Microsoft Office have “Patch Now” recommendations (with no browser or Exchange patches) for January. Microsoft also released a significant servicing stack update (SSU) that changes how desktop and server platforms are updated, requiring additional testing on how MSI Installer, MSIX and AppX packages are installed, updated, and uninstalled. More info on Microsoft Security updates for January 2025.

For December’s Patch Tuesday, 74 updates and a zero-day fix for Windows

Microsoft released 74 updates with this Patch Tuesday update, patching Windows, Office and Edge — but none for Microsoft Exchange Server or SQL server. One zero-day (CVE-2024-49138) affecting how Windows desktops handle error logs requires a “Patch Now” warning, but the Office, Visual Studio and Edge patches can be added to your standard release schedule. There are also several revisions this month that require attention before deployment. More info on Microsoft Security updates for December 2024.

November: This Patch Tuesday release includes 3 Windows zero-day fixes

Microsoft’s November Patch Tuesday update addresses 89 vulnerabilities in Windows, SQL Server, .NET and Microsoft Office — and three zero-day vulnerabilities in Windows that mean a patch now recommendation for Windows platforms. Unusually, there are a significant number of patch “re-releases” that might also require IT admin attention. More info on Microsoft Security updates for November 2024.

October: A haunting Patch Tuesday: 117 updates (and 5 zero-day flaws)

This month’s Patch Tuesday delivers a large set of patches from Microsoft that fix 117 flaws, including five zero-day vulnerabilities. Though there are patches affecting Windows, SQL Server, Microsoft Excel and Visual Studio, only the Windows updates require a “Patch Now” schedule — and they’ll need a significant amount of testing because they cover a lot of features: networking, kernel and core GDI components and Microsoft Hyper-V. Printing should be a core focus for enterprise testing and the SQL Server updates will require a focus on internally developed applications. More info on Microsoft Security updates for October 2024

For so few patches from Microsoft this month (57), we have seven zero-days to manage (with a “Patch Now” recommendation for Windows) and standard release schedules for Microsoft Office, Microsoft browsers (Edge) and Visual Studio. 

Adobe is back with a critical update for Reader, but it’s not been paired (at least for now) with a Microsoft patch.

To navigate what’s changed, the team from Readiness has crafted this useful infographic detailing the risks of deploying these updates to each platform. (And here’s a look at the last six months of Patch Tuesday releases.)

Known issues 

Microsoft is still dealing with reported gaming issues (Roblox) and has two new known issues for this release cycle, including:

• Windows 11: After installing the March update, USB-connected dual-mode printers supporting both USB Print and IPP Over USB may print random text, network commands, and unusual characters, often starting with “POST /ipp/print HTTP/1.1.” This issue can be mitigated using Known Issue Rollback (KIR).

• Windows 10: After installing Windows updates from Jan. 14, 2025 or later, the Windows Event Viewer might log an error related to SgrmBroker.exe as Event 7023, though this does not trigger any visible notifications. This error occurs because the System Guard Runtime Monitor Broker Service, originally part of Microsoft Defender and no longer in use, conflicts with the update during initialization. According to Microsoft, this reported issue does not impact system performance, functionality, or security, as the service is already disabled in other supported Windows versions.

Following previous reports of Citrix-related update issues, devices with Citrix Session Recording Agent (SRA) version 2411 could (still) be unable to complete the installation of the January 2025 Windows security update, causing the system to revert to previous updates after a restart. Affected devices might initially download and apply the update, but an error message stating “Something didn’t go as planned” appears during installation. This issue is expected to affect  only a limited number of organizations, as version 2411 of SRA is newly released, and home users are not affected. Don’t count on this issue being fixed soon, folks.

Major revisions and mitigations

Microsoft has not released or documented any mitigations or workarounds for the current set of updates. As of now, the following Chromium patches have been revised and re-released:

• CVE-2025-1920: Type Confusion in V8 (Chromium)
• CVE-2025-2135: Type Confusion in V8 (Chromium)
• CVE-2025-2136: Use After Free in Inspector (Chromium)
• CVE-2025-2137: Out of Bounds Read in V8 (Chromium)
• CVE-2025-24201: Out of Bounds Write in GPU on Mac (Chromium)

Windows lifecycle and enforcement updates

Microsoft is retiring several products this month:

• Microsoft SQL Server 2019, which ended mainstream support on Feb. 28. 
• Microsoft Skype, which will be terminated (with prejudice) in May.
• Windows Remote Desktop , which will be replaced next month with the Windows App. (Note: there are still some missing features and several known issues reported in this release.)

Over the next few weeks, several Microsoft products are scheduled to reach their end-of-life (EOL), and will no longer receive security updates, non-security updates, or technical support including:

• April 2, 2025: Dynamics 365 Business Central on-premises (2023 release wave 2, version 23.x).
• April 8, 2025: Dynamics GP 2015/Dynamics GP 2015 R2.
• April 9, 2025: Microsoft Configuration Manager, Version 2309.

Each month, the Readiness team analyzes the latest Patch Tuesday updates and provides detailed, actionable testing guidance based on a large application portfolio and a comprehensive analysis of the patches and their potential impact on Windows and application deployments.

For this release cycle, there are no reported functional changes. However, feature level testing will still be required, especially for system drivers and core libraries. Due to these low-level system (kernel) changes, a full reboot/restart test will be required for all Windows UI elements including Explorer, desktop shell and Internet Explorer.

We have grouped the critical updates and required testing efforts into different functional areas, including:

File System components

• Common Log File System: Test by creating a BLF and multiple container files, appending logs using `ReserveAndAppendLog,` and then deleting the containers.
• Core System drivers (ntfs.sys, exfat.sys & fastfat.sys): Test mounting, dismounting, and performing file operations on ExFAT volumes.

 Networking and remote services

• If using a Routing and Remote Access Service  (RRAS) server, test `netsh` scenarios to confirm commands work as expected.
• FAX: Validate TAPI initialization, shutdown, and key functions like `lineInitialize` and `lineMakeCall.` Stress test for stability and error handling.

 Storage and device interaction

• Focus on storage subsystem tests, including operations on virtual/physical disks and storage enclosures.
• Test how Search Connector files interact with various network paths (UNC, SMB, and file system paths).
• Validate all camera-related scenarios.

 Audio, video and UI components

• Verify audio/video recording with internal and external devices.
• Test apps like Teams and Camera that use virtual features (for example, Phone Link, Windows Studio Effects).

Affected Versions for this update cycle include the following Windows desktop and server builds:

• Windows 11 24H2, 23H2, 22H2, Windows 10 1607, Windows 10 RTM.
• Windows Server 23H2, Azure Stack OS 22H2, Windows Server 2022 

Each month, we break down the update cycle into product families (as defined by Microsoft) with the following basic groupings: 

• Browsers (Microsoft IE and Edge) 
• Microsoft Windows (both desktop and server) 
• Microsoft Office
• Microsoft Exchange and SQL Server 
• Microsoft Developer Tools (Visual Studio and .NET)
• Adobe (if you get this far) 

Browsers

Microsoft released 10 low-profile (no rating) updates to its Chromium-based Edge browser. These changes can be added to your standard release calendar.

Microsoft Windows

The following  Windows product areas have been updated with five critical patches and 32 others rated important for this month’s cycle:

• CVE-2025-24035: Windows Remote Desktop Services Remote Code Execution Vulnerability
• CVE-2025-24064: Windows Domain Name Service Remote Code Execution Vulnerability
• CVE-2025-24084: Windows Subsystem for Linux (WSL2) Kernel Remote Code Execution Vulnerability
• CVE-2025-26645: Remote Desktop Client Remote Code Execution Vulnerability

Unfortunately, three of these updates (CVE-2025-24984, CVE-2025-24984 and CVE-2025-24984) have been reported as exploited. Add these Windows updates to your “Patch Now” schedule.

Microsoft Office

Microsoft released a single critical update (CVE-2025-24057) and 10 patches rated important for the Office platform. All of the important updates affect Microsoft Word, Excel and Access with no reports of disclosures or exploitation. Add these Microsoft Office updates to your standard release calendar.

Microsoft Exchange and SQL Server

There were no updates for either Microsoft Exchange or SQL Server this March update cycle.

Developer tools

Microsoft released five patches, all rated important, that affect Microsoft Visual studio and ASP.NET. Add these updates to your standard developer release schedule.

Adobe (and third-party updates)

This month, Adobe released a security update (APSB25-14) for Acrobat and Reader for Windows and macOS that addresses six critical and three important vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Adobe is not aware of any exploits in the wild for any of the issues. For some reason this update was not included in this Microsoft patch cycle. Maybe that’s as it should be.

Premiér Petr Fiala (ODS) dnes na síti X vyloučil, že by za jeho vlády mohla začít platit vyhláška, podle níž by poskytovatelé internetového připojení měli uchovávat adresy internetových stránek, na které se lidé připojují.

Popular AI services are not very good at locating the correct original source, according to a new study from Columbia Journalism Review’s Tow Center for Digital Journalism.

In the study, researchers selected 10 articles from 20 different publishers and then manually selected quotes from them to use in their queries. After each chatbot got the quotes, it was asked to identify the corresponding article’s title, original publisher, and publication date.

The researchers deliberately chose quotes that would give the correct original source if typed into the Google search engine.

In total, eight different AI chatbots were tested and, on average, they produced the wrong source 60% of the time. Perplexity performed best — and still got the citation wrong 37% of the time. The worst performer was Grok 3, which was wrong 94% of the time.

The researchers note that while most of the AI tools produced incorrect answers, they still presented them with great confidence. This was particularly true for paid versions of the AI chatbots. The researchers also found evidence that the AI chatbots’ web spiders often ignored publishers’ paywalls they were supposed to respect.

Knihovny neustrnuly v čase a kromě papírových knih půjčují také e-knihy a audioknihy. Jen zatím ne všechny. Digitální vstupní branou je portál Knihovny.cz , do kterého se tuzemské knihovny postupně integrují. Podporuje plnotextové vyhledávání v obsazích e-knih a zprostředkovává na trhu nedostupné ...

The Black Basta ransomware operation created an automated brute-forcing framework dubbed 'BRUTED' to breach edge networking devices like firewalls and VPNs. [...]

Cisco has patched a denial of service (DoS) vulnerability that lets attackers crash the Border Gateway Protocol (BGP) process on IOS XR routers with a single BGP update message. [...]

The hand can gently pick up anything from plastic cups to pineapples.

Our hands are works of art. A rigid skeleton provides structure. Muscles adjust to different weights. Our skin, embedded with touch, pressure, and temperature sensors, provides immediate feedback on what we’re touching. Flexible joints make it possible to type on a keyboard or use a video game controller without a thought.

Now, a team at Johns Hopkins University has recreated these perks in a life-like prosthetic robot hand. At its core is a 3D-printed skeleton. Each finger has three independently controlled joints made of silicone that are moved around with air pressure. A three-layer electronic skin covering the hand’s fingertips helps it gauge grip strength on the fly. The hand is controlled using electrical signals from muscles in the forearm alone.

In tests, able-bodied volunteers used the hand to pick up stuffed toys and dish sponges without excessive squeezing. It adjusted its grip when challenged with heavy metal water bottles and prickly pineapples—picking up items without dropping them or damaging the hand.

“The goal from the beginning has been to create a prosthetic hand that we model based on the human hand’s physical and sensing capabilities—a more natural prosthetic that functions and feels like a lost limb,” study author Sriramana Sankar said in a press release.

Softening Up

Prosthetic hands have come a long way. One of the first, crafted out of metal in the Middle Ages, had joints that could be moved passively using another hand.

Today, soft robotics have changed the game. Unlike rigid, unforgiving material, spongy hands can handle delicate objects without distorting or crushing them. Integrated sensors for pressure or temperature make them more life-like by providing sensory feedback.

But soft materials have a problem. They can’t consistently generate the same force to pick up heavy objects. Even with multiple joints and a dynamic palm, squishy robotic hands have a harder time detecting different textures compared to their rigid counterparts, wrote the team. They’re also weak. Existing soft robotic hands can only lift around 2.8 pounds.

In contrast, our hands have both a rigid skeleton and soft tissues—muscles and tendons—that stretch, twist, and contract. Pressure sensors in our skin provide instant feedback: Am I squeezing a plush toy, holding a slippery coffee mug, or manipulating my phone?

That why recent prosthetic designs incorporate both artificial skeletons and muscles.

For example, the commercially available LUKE arm has a metal and plastic skeleton for strength and stability. Its fingertips have soft materials for better dexterity. The prosthetic can grab objects using different inputs—for example, electrical signals from muscles or a foot peddle to switch between grasp strengths. But the hand is still mostly rigid and has limited mobility. The thumb and index finger can flex individually. All the other fingers move together.

Then there’s the problem of feedback. Our fingers use touch to calibrate our grip. Each of the skin’s three layers encodes slightly different sensations with a variety of receptors, or biological sensors. The outer layer feels light touch and slow vibration, like when hair lightly brushes your hand. Deeper layers detect pressure: the texture and weight of a heavy dumbbell, for example.

In 2018, the team behind the new study developed electronic skin inspired by human skin. The material, or E-dermis, sensed textures and transmitted them to surviving nerves in an amputee’s arm with small zaps of electricity. The skin used piezoresistive sensors, such that pressure would change how the sensors conducted electricity. Prosthetic fingertips coated in the sensors allowed an upper-limb amputee to detect a range of sensations, including pressure.

“If you’re holding a cup of coffee, how do you know you’re about to drop it? Your palm and fingertips send signals to your brain that the cup is slipping,” study author Nitish Thakor said in the recent study’s press release. “Our system is neurally inspired—it models the hand’s touch receptors to produce nerve-like messages so the prosthetics’ ‘brain,’ or its computer, understands if something is hot or cold, soft or hard, or slipping from the grip.”

Hands On

The new design incorporated E-dermis into a hybrid hand designed to mimic a human hand.

The thumb has two joints made of silicone and the fingers have three. Each joint can flex independently. These connect to a rigid 3D-printed skeleton and are moved about by air.

Compared to prosthetics with only soft components, the skeleton adds force and can support heavier weights. The prosthetic hand’s fingertips are covered in a patch of E-dermis the size of a fingernail. Each finger bends naturally, curling into the palm or stretching apart.

Electrical signals from a user’s forearm muscles control the hand. Such devices, dubbed myoelectric prostheses, tap into living nerve endings above the amputation site. When a person thinks of moving the hand, a microprocessor translates the nerve signals into motor commands.

Several studies with able-bodied volunteers showcased the hand’s dexterity. Participants wore a  sheath over their forearms to capture the electrical signals in their upper arms—mimicking those used for amputees—and to send them along to the robotic hand.

With minimal training, the volunteers could grab a variety of objects of different sizes, weights, and textures. The hand gently picked up a sponge, without squishing it into oblivion, and a variety of produce—apple, orange, clementine—without bruising it. The prosthetic showed it could also lift heavier items, such as a small stone statue and a metal water bottle.

But the best example, according to the authors, was when it held a fragile plastic cup filled with water using only three fingers. The hand didn’t dent the cup or spill any water.

Overall, it had an impressive 99.7 percent accuracy rate handling 15 everyday items, rapidly adjusting its grip to avoid drops, spills, and other potential mishaps.

To be clear, the device hasn’t been tested on people who’ve lost a hand. And there’s more to improve. Adding a tendon of sorts between the artificial fingers could make them more stable. Mimicking how the palm moves could further boost flexibility. And adding sensors, such as those for temperature, could push the engineered hand even closer to a human’s.

Improving the dexterity of the hands isn’t only “essential for next-generation prostheses,” said Thakor. Future robotic hands will have to seamlessly integrate into everyday living, dealing with all the variety we do. “That’s why a hybrid robot, designed like the human hand, is so valuable—it combines soft and rigid structures, just like our skin, tissue, and bones.”

The post This Robotic Hand’s Electronic Skin Senses Exactly How Hard It Needs to Squeeze appeared first on SingularityHub.

Oživeno 14. 3. | Včerejší zpráva o upravě vyhlášky týkající se data retention vyvolala na veřejnosti takový rozruch, že od ní vládní špičky dávají ruce pryč. Ministr vnitra Vít Rakušan, jehož resort se na novelizaci podílel, na X řekl, že šmírování nepodporuje a taková vyhláška přes něj neprojde. ...

AI PCs could solve key issues organizations face when using cloud and data center AI instances, including cost, security, and privacy concerns, according to a new study by IDC Research.

Nearly all organizations are already using or planning to use cloud-based AI platforms. At the same time, many of those projects have been stunted for various reasons, according to the according to the study, which was sponsored AMD.

The percentage of AI PCs in use is expected to grow from just 5% in 2023 to 94% by 2028, IDC said. The research firm surveyed 670 IT decision-makers from large companies in the US, UK, France, Germany, and Japan to explore their views on AI PCs. The November survey found that 97% of respondents plan to deploy AI to more employees in the future.

“This reflects a broader trend toward democratizing AI capabilities, ensuring that teams across functions and levels can benefit from its transformative potential,” Tom Mainelli, IDC’s group vice president for device and consumer research, said in the report. “As AI tools become more accessible and tailored to specific job functions, they will further enhance productivity, collaboration, and innovation across industries.”

The report builds off the AMD 2023 Commercial Survey and shows that IT decision-makers remain bullish on AI’s benefits for their organizations, even as they face key challenges impacting wide-spread adoption.  

When looking at the IDC report compared to the AMD 2023 Commercial Survey, the new data found that:  

• Security risks (32%) remain a top barrier for decision makers adopting cloud-based AI tools and platforms, down from 67% two years ago. 
• IT decision makers are more optimistic about AI PCs boosting productivity (76%) than AI in general; 67% felt that way in 2023. 
• Most of those surveyed (82%) see AI PCs as a positive for employees and expect to invest in new hardware before the end of the year

Cost has been a major drag on AI projects. For smaller organizations, rolling out a single in-house instance of generative AI (genAI) can cost from $50,000 to $500,000. For larger enterprises, the costs quickly soar into the millions of dollars. At the same time, using a cloud provider brings privacy and security risks, as organizations have to rely on third-party providers.

By 2030, companies are expected to spend $42 billion a year on genAI projects such as chatbots, research, marketing, and summarization tools. And while the technology has been heralded as a boon to productivity, nailing down a return on investment (ROI) in genAI is elusive.

Because of those ROI challenges, nearly one-in-three genAI projects will be scrapped, according to research.

IDC

Seventy-four percent of those surveyed by IDC expect AI PCs to improve total cost of ownership, as they will natively offer the technology’s efficiencies. Companies are also confident they’ll also soon measure the benefits of AI PC deployment, with 87% saying they’re ready to track ROI — and over half are willing to pay a 10% premium for PCs with NPUs offering more than 40 tera operations per second (TOPS).

AI PCs are modern systems with specialized NPUs that accelerate AI processing at the edge, combining powerful CPUs and GPUs for low latency, enhanced privacy, and reduced cloud costs. Though still emerging, the category is quickly gaining traction across various price points. Microsoft and partners market the higher-end systems as Copilot+ PCs, featuring AI-driven OS tools such as live captions, improved search, and Windows Studio Effects.

Organizations are turning to genAI tools on endpoint devices because security remains a top concern for IT leaders.

The top three features of AI PCs that survey respondents found most compelling are personalized employee experiences (77%), improved data privacy (75%), and enhanced security risk prevention (74%).

IDC

AI PCs address privacy and compliance challenges by running AI workloads locally, reducing the need for cloud connectivity and lowering the risk of data breaches. In sectors such as finance and healthcare, they process sensitive data on-site, ensuring compliance with regulations like HIPAA.

As independent software vendors (ISVs) integrate local AI features and companies upgrade to Windows 11, AI PCs are becoming more common, with 60% of companies planning to replace Windows 10 systems and 73% speeding up PC refresh plans.

AI PCs can also streamline IT troubleshooting, boost security, and automate tasks. In marketing, for example, they handle data-driven campaigns and optimize engagement. In operations, they predict demand and adjust inventory for better efficiency, according to IDC.

For more than year, smaller, more adept genAI models have been migrating to endpoint devices such as smartphones, laptops, and IoT hardware. Notably, Apple, Samsung, and other smartphone and silicone manufacturers have been rolling out AI capabilities on their hardware, fundamentally changing the way users interact with edge devices.

Thought AI PCs can boost productivity, organizations should collaborate with hardware and silicon vendors to understand how the technology aligns with business goals. “This helps identify AI PC solutions that address specific challenges and deliver value,” IDC said.

There are two key opportunities, the research firm said. First, companies should engage with ISVs to stay informed about AI-driven software features, enabling strategic AI PC deployments. Second, working with hardware partners to understand roadmaps helps optimize deployment across datacenters and edge environments, balancing performance, cost, and scalability, IDC said.

“By aligning strategies with technology roadmaps, businesses can unlock AI PCs’ full potential and ensure long-term success,” IDC said.

A 51-year-old dual Russian and Israeli national who is alleged to be a developer of the LockBit ransomware group has been extradited to the United States, nearly three months after he was formally charged in connection with the e-crime scheme. Rostislav Panev was previously arrested in Israel in August 2024. He is said to have been working as a developer for the ransomware gang from 2019

A 51-year-old dual Russian and Israeli national who is alleged to be a developer of the LockBit ransomware group has been extradited to the United States, nearly three months after he was formally charged in connection with the e-crime scheme. Rostislav Panev was previously arrested in Israel in August 2024. He is said to have been working as a developer for the ransomware gang from 2019 Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

The GSM Association (GSMA) has formally announced support for end-to-end encryption (E2EE) for securing messages sent via the Rich Communications Services (RCS) protocol, bringing much-needed security protections to cross-platform messages shared between Android and iOS platforms. To that end, the new GSMA specifications for RCS include E2EE based on the Messaging Layer Security (MLS) protocol

The GSM Association (GSMA) has formally announced support for end-to-end encryption (E2EE) for securing messages sent via the Rich Communications Services (RCS) protocol, bringing much-needed security protections to cross-platform messages shared between Android and iOS platforms. To that end, the new GSMA specifications for RCS include E2EE based on the Messaging Layer Security (MLS) protocol Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Od počátku ruské invaze v roce 2022 žádala Ukrajina spojence o bojové letouny, které potřebovala mimo jiné k obraně proti ruským dronům a raketám. Prakticky po celou tu dobu jsme byli svědky velmi opatrného přístupu USA. Sice disponují ohromnou zásobou letadel různých typů a tisíce z nich pomalu ...

A dual Russian-Israeli national, suspected of being a key developer for the LockBit ransomware operation, has been extradited to the United States to face charges. [...]

Přibližně tři a půl měsíce byl největší výrobce procesorů bez stabilního ředitele. Firmu po odchodu Pata Gelsingera společně vedli finanční šéf David Zinsner a vedoucí počítačové divize Michelle Johnston Holthaus. Představenstvo Intelu ale nakonec našlo člověka, který by měl dokončit ...