https://opensource.com/article/23/4/my-website-compromised by David Both [...] “What I learned Having written many books and articles in which I discuss the necessity to keep systems updated with the latest versions of operating system and application software, I'm frankly embarrassed by this. However, it has been a good learning experience for me and a reminder that I must not become complacent. I almost didn't write this article! I didn't want to admit to being negligent with one of my own systems. And yet, I felt compelled to write about it in the hope that you learn from my experience.

So, as I have learned from painful experience, it is critical to keep our systems updated. It's one of the most vital steps in the continuing battle to prevent the computers under our care from being infected. The specific details of the infection I experienced are less important than the fact that there are always attacks taking place against our systems. Complacency is one of the attack vectors that crackers can count on to aid their efforts.”

Essere troppo sicuri porta sempre a sottovalutare qualcosa in ambito personale, lavorativo, della vita in genere, al punto che qualcuno se ne può approfitare per trovare la falla, il momento di disattenzione. Nella maggior parte dei casi un buon “backup” non solo informatico è di estremo aiuto, alcune volte si prendo delle bastonate significative.

#tech

“Una volta che l’IA generale sarà più intelligente di noi, potrebbe produrre qualcosa di più intelligente di sé stessa, e così via, forse molto rapidamente. Quel momento è noto come la singolarità, un’esplosione di intelligenza che sarebbe probabilmente il più grande evento della storia umana.”

IA GENERALE approccio non specialistico per affrontare problemi imparando dagli errori

Quanto costano gli errori di un ia?! In termini: economici, sociali, ecologici, umani,

#tech

https://www.asahi.com/sp/ajw/articles/14907186

A decade-long data breach in Toyota’s much-touted online service put some information on more than 2 million vehicles at risk, the Japanese automaker said Friday.

Spanning from January 2012 to April 2023, the problem with Toyota’s cloud-based Connected service pertains only to vehicles in Japan, said spokesperson Hideaki Homma.

The Connected service reminds owners to get maintenance checks and links to streaming entertainment and provides help during emergencies. It can call for help after a crash or locate a car that’s been stolen.

No issues arising from the breach have been reported so far.

Although there is no evidence any information was leaked, copied or misused due to the breach, the data at risk includes: the vehicle identification number, which is separate from the license plate; the location of the vehicle and at what time it was there; and video footage taken by the vehicle, known as the “drive recorder” in Japan.

Such information cannot be used to identify individual owners, according to Toyota Motor Corp., which makes the Prius hybrid and Lexus luxury models.

Vehicles belonging to about 2.15 million people have been affected, including those who used net services called G-Link, G-Book and Connected.

Toyota’s Connected service in Japan is operated by a subsidiary. Until recently, no one noticed outside access to such information should have been turned off, Homma said.

“We are so sorry to have caused such trouble to all the people,” he said.

The problem is a major embarrassment for Japan’s top automaker, which has built a reputation for quality and attention to detail.

Automakers worldwide are competing to differentiate model offerings with the latest technology to lure buyers.

The problem with the system has been fixed, Homma said, so it’s safe to continue driving Connect-enabled vehicles as usual, and there is no need to bring them in for repairs.

#databreach #dataprotection #tech

https://mobile.slashdot.org/story/23/05/12/2051201/millions-of-mobile-phones-come-pre-infected-with-malware-say-researchers

That of mobile phones hardware and firmware is a very mature industry that still has many competitors.

What it means is that everybody must keep their prices as low as possible if they want somebody to buy the phones that mount their components. To the point that, for low-end Android phones, chip and firmware manufacturers have basically no profit margins.

So what do you do when you have nearly no profit margins and no way out of it? Simple: you create profit margins out of thin air by pre-installing spyware on the firmware itself. The phone comes out of the box with the spyware already installed.

There's apparently a big market down there with dozens of available plugins. From gathering data from your SMS texts, to sniffing Facebook sessions, to accessing your location data, to shoveling custom ads, up to selling “device time” to criminals for all kind of purposes (just like you can rent an AWS node on the fly for a few hours, criminals can also rent access to somebody's phones for slots of up to 5 minutes to do whatever they want with it).

If a phone (or a smartwatch, or a smart TV) looks too cheap to be true, it's because it is. Devices like the Fairphone or Librem may be a bit more expensive at parity of features, but you're paying the right not to have surveillance pre-installed on those devices.

#tech #soc

https://mobile.slashdot.org/story/23/05/12/2051201/millions-of-mobile-phones-come-pre-infected-with-malware-say-researchers

That of mobile phones hardware and firmware is a very mature industry that still has many competitors.

What it means is that everybody must keep their prices as low as possible if they want somebody to buy the phones that mount their components. To the point that, for low-end Android phones, chip and firmware manufacturers have basically no profit margins.

So what do you do when you have nearly no profit margins and no way out of it? Simple: you create profit margins out of thin air by pre-installing spyware on the firmware itself. The phone comes out of the box with the spyware already installed.

There's apparently a big market down there with dozens of available plugins. From gathering data from your SMS texts, to sniffing Facebook sessions, to accessing your location data, to shoveling custom ads, up to selling “device time” to criminals for all kind of purposes (just like you can rent an AWS node on the fly for a few hours, criminals can also rent access to somebody's phones for slots of up to 5 minutes to do whatever they want with it).

If a phone (or a smartwatch, or a smart TV) looks too cheap to be true, it's because it is. Devices like the Fairphone or Librem may be a bit more expensive at parity of features, but you're paying the right not to have surveillance pre-installed on those devices.

Quando una cosa è gratuita sei tu il prodotto.

#tech #soc

E parlavano di questo shorts il cui audio sono estratti da standup commedy e in video ci sono ragazze che, facendo delle cose normali in casa o fuori, ridono alle battutte dell'audio in sincro.

In sintesi dicevano i conduttori: guardi un video di qualcuno che ride alle battute di qualcun altro che però non vedi

Un audiovideo del NULLA

Nessuna conoscenza prodotta, trasmessa, ideata... cioè prendi qualcosa di altri (comici) lo estrapoli e lo riproponi con una traccia videoaudio di niente.

Vedere ridere qualcun altro può essere contagioso, ma a distanza, vedendo una sconosciuta che ride a delle battute fuori contesto, che cosa può rappresentare?!

I conduttori ipotizzavano la ricerca di click in un filone sociale che in quel momento va e che poi boh, cioè segui il flusso dei più e prendi la tua fetta fino a quando ce n'è... A di là che una bella ragazza attira gli spettatori solo per l'estetica.

#tech #soc

Gli influencer producono conoscenza?!

Alcuni video amatoriali producono conoscenze più di quelli professionali perché hanno l obiettivo di trasmettere quello che l'autore sa piuttosto di quello che il protagonista vuole vendere.

Mi ricordo di due ragazzi che hanno fatto un video su come si cambiano pastiglie e dischi dei freni per cui la conoscenza e la sua trasmissione erano evidenti.

Più del canale autoxyz che fa il tutorial per vendere onestamente il proprio brand o sottobanco il prodotto di qualche “finanziatore”...

#tech

Nuova campagna per il turismo in italia nel 2023.

Al di là delle polemiche e delle news, sentendo questo “titolo”, qualcosa non mi tornava. Ho dovuto pensarci per una settimana, a farlo sedimentare perché non girava... E finalmente ho capito quello che non torna leggendolo: è l'abbinamento inglese italiano, quello stile tutto italiano di fare gli internazionali, di fare i finti colti, che però usano i traduttori online per la tesi in inglese.

Ricordiamoci ai tempi di expo c'era “very bello”... storia simile

E poi c'è il capitolo traduzioni dei testi del sito ad esempio: “Camerino”, la città, diventa “guardrobe”

Senza poi dimenticare i video girati in slovenia per la pubblicità del turismo italiano.

#tech

Autonomous agents are programs, powered by AI, that when given an objective are able to create tasks for themselves, complete tasks, create new tasks, reprioritize their task list, complete the new top task, and loop until their objective is reached.

https://www.mattprd.com/p/the-complete-beginners-guide-to-autonomous-agents

Sistemi autonomi. Compiti e obiettivi. Al di là del trend su AI e affini, che va tanto di moda nel 2023 dopo chatgpt etc, non sembra nulla di nuovo. Se vediamo alcune ricerche su agenti automomi del 1991 o 1995

Wikipedia “Autonomous agent”:

There are various definitions of autonomous agent. According to Brustoloni (1991)

“Humans and some animals are at the high end of being an agent, with multiple, conflicting drives, multiples senses, multiple possible actions, and complex sophisticated control structures. At the low end, with one or two senses, a single action, and an absurdly simple control structure we find a thermostat.”

Reference 1 Brustoloni, Jose C. (1991). Autonomous Agents: Characterization and Requirements, Carnegie Mellon Technical Report CMU-CS-91-204. Carnegie Mellon University.

2 Maes, Pattie (1995). “Artificial life meets entertainment”. Communications of the ACM. Association for Computing Machinery (ACM). 38 (11): 108–114. doi:10.1145/219717.219808. ISSN 0001-0782. S2CID 8122852.

3 Franklin, Stan; Graesser, Art (1997). “Is It an agent, or just a program?: A taxonomy for autonomous agents”. Intelligent Agents III Agent Theories, Architectures, and Languages. Berlin, Heidelberg: Springer Berlin Heidelberg. pp. 21–35. doi:10.1007/bfb0013570. ISBN 978-3-540-62507-0. ISSN 0302-9743. #tech