Technology

37814 readers
20 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
1
 
 

Hey Beeple and visitors to Beehaw: I think we need to have a discussion about !technology@beehaw.org, community culture, and moderation. First, some of the reasons that I think we need to have this conversation.

  1. Technology got big fast and has stayed Beehaw's most active community.
  2. Technology gets more reports (about double in the last month by a rough hand count) than the next highest community that I moderate (Politics, and this is during election season in a month that involved a disastrous debate, an assassination attempt on a candidate, and a major party's presumptive nominee dropping out of the race)
  3. For a long time, I and other mods have felt that Technology at times isn’t living up to the Beehaw ethos. More often than I like I see comments in this community where users are being abusive or insulting toward one another, often without any provocation other than the perception that the other user’s opinion is wrong.

Because of these reasons, we have decided that we may need to be a little more hands-on with our moderation of Technology. Here’s what that might mean:

  1. Mods will be more actively removing comments that are unkind or abusive, that involve personal attacks, or that just have really bad vibes.
    a. We will always try to be fair, but you may not always agree with our moderation decisions. Please try to respect those decisions anyway. We will generally try to moderate in a way that is a) proportional, and b) gradual.
    b. We are more likely to respond to particularly bad behavior from off-instance users with pre-emptive bans. This is not because off-instance users are worse, or less valuable, but simply that we aren't able to vet users from other instances and don't interact with them with the same frequency, and other instances may have less strict sign-up policies than Beehaw, making it more difficult to play whack-a-mole.
  2. We will need you to report early and often. The drawbacks of getting reports for something that doesn't require our intervention are outweighed by the benefits of us being able to get to a situation before it spirals out of control. By all means, if you’re not sure if something has risen to the level of violating our rule, say so in the report reason, but I'd personally rather get reports early than late, when a thread has spiraled into an all out flamewar.
    a. That said, please don't report people for being wrong, unless they are doing so in a way that is actually dangerous to others. It would be better for you to kindly disagree with them in a nice comment.
    b. Please, feel free to try and de-escalate arguments and remind one another of the humanity of the people behind the usernames. Remember to Be(e) Nice even when disagreeing with one another. Yes, even Windows users.
  3. We will try to be more proactive in stepping in when arguments are happening and trying to remind folks to Be(e) Nice.
    a. This isn't always possible. Mods are all volunteers with jobs and lives, and things often get out of hand before we are aware of the problem due to the size of the community and mod team.
    b. This isn't always helpful, but we try to make these kinds of gentle reminders our first resort when we get to things early enough. It’s also usually useful in gauging whether someone is a good fit for Beehaw. If someone responds with abuse to a gentle nudge about their behavior, it’s generally a good indication that they either aren’t aware of or don’t care about the type of community we are trying to maintain.

I know our philosophy posts can be long and sometimes a little meandering (personally that's why I love them) but do take the time to read them if you haven't. If you can't/won't or just need a reminder, though, I'll try to distill the parts that I think are most salient to this particular post:

  1. Be(e) nice. By nice, we don't mean merely being polite, or in the surface-level "oh bless your heart" kind of way; we mean be kind.
  2. Remember the human. The users that you interact with on Beehaw (and most likely other parts of the internet) are people, and people should be treated kindly and in good-faith whenever possible.
  3. Assume good faith. Whenever possible, and until demonstrated otherwise, assume that users don't have a secret, evil agenda. If you think they might be saying or implying something you think is bad, ask them to clarify (kindly) and give them a chance to explain. Most likely, they've communicated themselves poorly, or you've misunderstood. After all of that, it's possible that you may disagree with them still, but we can disagree about Technology and still give one another the respect due to other humans.
2
 
 

In this year's two-part finale, Ed Zitron enumerates the damage being done to billions of people by the growth-at-all-costs Rot Economy - and why you need to have solidarity with your fellow user.

3
 
 

The US Treasury Department notified lawmakers on Monday that a China state-sponsored actor infiltrated Treasury workstations in what officials are describing as a “major incident.”

[...] ATreasury official said it was informed by a third-party software service provider on December 8 that a threat actor used a stolen key to remotely access certain Treasury workstations and unclassified documents.

“Based on available indicators, the incident has been attributed to a Chinese state-sponsored Advanced Persistent Threat (APT) actor,” Aditi Hardikar, assistant secretary for management at the US Treasury, wrote in the letter.

A Treasury spokesperson said in a statement to CNN that the compromised service has been taken offline and officials are working with law enforcement and the Cybersecurity and Infrastructure Security Agency (CISA).

“There is no evidence indicating the threat actor has continued access to Treasury systems or information,” the Treasury spokesperson said.

[...]

4
 
 

Archived version

Weak-kneed responses to attacks on Baltic cables risk allowing the Russia-China axis to conduct free target practice against NATO critical infrastructure, promoting the two countries’ proficiency, interoperability and lethality.

Thanks to this opportunity, Russian crews and their masters ashore will become much better at crippling critical infrastructure connecting NATO states just as Europe is preparing for a defensive war against Moscow’s aggression. And Chinese planners and crews will similarly become more adept at waging this form of hybrid warfare in the Indo-Pacific.

The presence of China-flagged vessels near disruptions to undersea cable infrastructure in Europe in 2024 raises questions about whether Beijing’s involvement was accidental, surveillance-related or part of a coordinated effort. That Beijing calls itself Moscow’s ‘no-limits’ partner suggest its involvement in the suspected sabotage was plausible, if not probable. Even if China wasn’t involved, it will be eager and able to learn from Russia’s experience.

5
 
 

We analyzed every instance of AI use in elections collected by the WIRED AI Elections Project (source for our analysis), which tracked known uses of AI for creating political content during elections taking place in 2024 worldwide. In each case, we identified what AI was used for and estimated the cost of creating similar content without AI.

We find that (1) half of AI use isn't deceptive, (2) deceptive content produced using AI is nevertheless cheap to replicate without AI, and (3) focusing on the demand for misinformation rather than the supply is a much more effective way to diagnose problems and identify interventions.

6
7
8
 
 

From skin-wearing mechanical faces to poop-collecting quadcopters.

9
10
 
 

Archived version

A ninth U.S. telecoms firm has been confirmed to have been hacked as part of a sprawling Chinese espionage campaign that gave officials in Beijing access to private texts and phone conversations of an unknown number of Americans, a top White House official said Friday.

Biden administration officials said this month that at least eight telecommunications companies, as well as dozens of nations, had been affected by the Chinese hacking blitz known as Salt Typhoon.

But deputy national security adviser Anne Neuberger told reporters Friday that a ninth victim had been identified after the administration released guidance to companies about how to hunt for Chinese culprits in their networks.

...]

The hackers compromised the networks of telecommunications companies to obtain customer call records and gain access to the private communications of what officials have said is a a limited number of individuals. Though the FBI has not publicly identified any of the victims, officials believe senior U.S. government officials and prominent political figures are among those whose whose communications were accessed.

11
 
 

Ask any group of working programmers what their least favorite programming language is, and there’s a pretty good chance things are going to get heated real fast. Why? What is it about programming that makes us feel so strongly that we are right and others are wrong, even when our experiences contradict those of tens or hundreds of thousands of others?

12
 
 

Archived version

Boox recently switched its AI assistant from Microsoft Azure GPT-3 to a language model created by ByteDance, TikTok's parent company.

[...]

Testing shows the new AI assistant heavily censors certain topics. It refuses to criticize China or its allies, including Russia, Syria's Assad regime, and North Korea. The system even blocks references to "Winnie the Pooh" - a term that's banned in China because it's used to mock President Xi Jinping.

When asked about sensitive topics, the assistant either dodges questions or promotes state narratives. For example, when discussing Russia's role in Ukraine, it frames the conflict as a "complex geopolitical situation" triggered by NATO expansion concerns. The system also spreads Chinese state messaging about Tiananmen Square instead of addressing historical facts.

When users tried to bring attention to the censorship on Boox's Reddit forum, their posts were removed. The company hasn't made any official statement about the situation, but users are reporting that the AI assistant is currently unavailable.

[...]

In China, every AI model has to pass a government review to make sure it follows "socialist values" before it can launch. These systems aren't allowed to create any content that goes against official government positions.

We've already seen what this means in practice: Baidu's ERNIE-ViLG image AI won't process any requests about Tiananmen Square, and while Kling's video generator refuses to show Tiananmen Square protests, it has no problem creating videos of a burning White House.

Some countries are already taking steps to address these concerns. Taiwan, for example, is developing its own language model called "Taide" to give companies and government agencies an AI option that's free from Chinese influence.

[...]

13
 
 
14
 
 

Archived version

The Russian disinformation network “Matryoshka” has launched a new campaign on the Bluesky social network. Eliot Higgins, founder of the investigative journalism group Bellingcat, has been one of the first researchers to detect its activity. So far, four Russian-made fake videos have been identified on the platform.

Each disinformation video begins with a real person — a professor, a student from a top university, or a recognized expert — introducing themselves and beginning to speak on a topic unrelated to Russia’s war in Ukraine. The footage then transitions to segments that do not show the speaker on screen — while what sounds like their voice continues narrating. In these moments, the speaker seems to promote claims that the West should end its support for Ukraine, that Europe should align its future with Russia, and that Volodymyr Zelensky is a dictator — or even a vampire.

[...]

The videos circulating on Bluesky had previously appeared on X, according to the Bot Blocker project (@antibot4navalny), which first uncovered and detailed the workings of the Matryoshka network in early 2024.

[...]

15
 
 

I just set up my Loops account in order to beta test the iOS app.

Uploaded my first video here: https://loops.video/v/5s_wUUCHsZ

So far so good.

16
 
 

spoilerIt seems the Honey Coupon extension wasn't just making money by tracking purchases from users, but also by taking credit for the sales for PayPal (since they are owned by it) by changing your local cookies. Pretty shady if you ask me.

17
18
 
 

Archived link

Opinionated article by Alexander Hanff, a computer scientist and privacy technologist who helped develop Europe's GDPR (General Data Protection Regulation) and ePrivacy rules.

We cannot allow Big Tech to continue to ignore our fundamental human rights. Had such an approach been taken 25 years ago in relation to privacy and data protection, arguably we would not have the situation we have to today, where some platforms routinely ignore their legal obligations at the detriment of society.

Legislators did not understand the impact of weak laws or weak enforcement 25 years ago, but we have enough hindsight now to ensure we don’t make the same mistakes moving forward. The time to regulate unlawful AI training is now, and we must learn from mistakes past to ensure that we provide effective deterrents and consequences to such ubiquitous law breaking in the future.

19
 
 

Albania's prime minister has announced the government intends to block access to TikTok for one year after the killing of a schoolboy last month raised fears about the influence of social media on children.

Speaking on Saturday Edi Rama declared the proposed ban would start in January.

[...]

The blocking of TikTok comes less than a month after the 14-year-old student was killed and another injured in a fight near a school in southern Tirana which had its roots in a confrontation on social media.

The killing sparked a debate in Albania among parents, psychologists and educational institutions about the impact of social networks on young people.

"In China, TikTok promotes how students can take courses, how to protect nature, how to keep traditions, but on the TikTok outside China we see only scum and mud. Why do we need this?", Rama said.

TikTok is already banned in India, which was one of the app's largest markets before it was outlawed in June 2020. It is also blocked in Iran, Nepal, Afghanistan and Somalia.

TikTok is also fighting against a law passed by the US Congress which would ban the app from 19 January unless it is sold by ByteDance - its Chinese parent

company.

20
 
 

Archived version

Download study (pdf)

GitHub, the de-facto platform for open-source software development, provides a set of social-media-like features to signal high-quality repositories. Among them, the star count is the most widely used popularity signal, but it is also at risk of being artificially inflated (i.e., faked), decreasing its value as a decision-making signal and posing a security risk to all GitHub users.

A recent paper by Cornell University published on Arxiv, the researchers present a systematic, global, and longitudinal measurement study of fake stars in GitHub: StarScout, a scalable tool able to detect anomalous starring behaviors (i.e., low activity and lockstep) across the entire GitHub metadata.

Analyzing the data collected using StarScout, they find that:

(1) fake-star-related activities have rapidly surged since 2024

(2) the user profile characteristics of fake stargazers are not distinct from average GitHub users, but many of them have highly abnormal activity patterns

(3) the majority of fake stars are used to promote short-lived malware repositories masquerading as pirating software, game cheats, or cryptocurrency bots

(4) some repositories may have acquired fake stars for growth hacking, but fake stars only have a promotion effect in the short term (i.e., less than two months) and become a burden in the long term.

The study has implications for platform moderators, open-source practitioners, and supply chain security researchers.

21
 
 

Brian Merchant and Paris Marx are back with the very first guest of System Crash: Molly White! With Molly’s help, we walk through the biggest stories in the crypto world. We explore the resurgence of crypto, how its backers influenced the election and won Trump’s favor, what the crypto industry wants from the incoming administration—and how it plans to wield power.

22
23
24
25
 
 

Archived

Here is the report (pdf) -- (archived)

Oasis Security's research team uncovered a critical vulnerability in Microsoft's Multi-Factor Authentication (MFA) implementation, allowing attackers to bypass it and gain unauthorized access to the user’s account, including Outlook emails, OneDrive files, Teams chats, Azure Cloud, and more. Microsoft has more than 400 million paid Office 365 seats, making the consequences of this vulnerability far-reaching.

The bypass was simple: it took around an hour to execute, required no user interaction and did not generate any notification or provide the account holder with any indication of trouble.

[Edit to insert the original link to the Oasis site.]

view more: next ›