nerd

27 Jul 2024

27 Jul 2024 7:00am GMT

joshuark shares a report from The Verge: NASA researchers have successfully tested laser communications in space by streaming 4K video footage originating from an airplane in the sky to the International Space Station and back. The feat demonstrates that the space agency could provide live coverage of a Moon landing during the Artemis missions and bodes well for the development of optical communications that could connect humans to Mars and beyond. NASA normally uses radio waves to send data and talk between the surface to space but says that laser communications using infrared light can transmit data 10 to 100 times faster than radios. "ISS astronauts, cosmonauts, and unwelcomed commercial space-flight visitors can now watch their favorite porn in real-time, adding some life to a boring zero-G existence," adds joshuark. "Ralph Kramden, when contacted by Ouiji board, simply spelled out 'Bang, zoom, straight to the moon!'"

Hacker News

In the Beginning Was the Command Line

Comments

27 Jul 2024 6:25am GMT

Better Firmware with LLVM/Clang

Comments

27 Jul 2024 3:55am GMT

Slashdot

'Copyright Traps' Could Tell Writers If an AI Has Scraped Their Work

An anonymous reader quotes a report from MIT Technology Review: Since the beginning of the generative AI boom, content creators have argued that their work has been scraped into AI models without their consent. But until now, it has been difficult to know whether specific text has actually been used in a training data set. Now they have a new way to prove it: "copyright traps" developed by a team at Imperial College London, pieces of hidden text that allow writers and publishers to subtly mark their work in order to later detect whether it has been used in AI models or not. The idea is similar to traps that have been used by copyright holders throughout history -- strategies like including fake locations on a map or fake words in a dictionary. [...] The code to generate and detect traps is currently available on GitHub, but the team also intends to build a tool that allows people to generate and insert copyright traps themselves. "There is a complete lack of transparency in terms of which content is used to train models, and we think this is preventing finding the right balance [between AI companies and content creators]," says Yves-Alexandre de Montjoye, an associate professor of applied mathematics and computer science at Imperial College London, who led the research. The traps aren't foolproof and can be removed, but De Montjoye says that increasing the number of traps makes it significantly more challenging and resource-intensive to remove. "Whether they can remove all of them or not is an open question, and that's likely to be a bit of a cat-and-mouse game," he says.

Crooks Bypassed Google's Email Verification To Create Workspace Accounts, Access 3rd-Party Services

Brian Krebs writes via KrebsOnSecurity: Google says it recently fixed an authentication weakness that allowed crooks to circumvent the email verification required to create a Google Workspace account, and leverage that to impersonate a domain holder at third-party services that allow logins through Google's "Sign in with Google" feature. [...] Google Workspace offers a free trial that people can use to access services like Google Docs, but other services such as Gmail are only available to Workspace users who can validate control over the domain name associated with their email address. The weakness Google fixed allowed attackers to bypass this validation process. Google emphasized that none of the affected domains had previously been associated with Workspace accounts or services. "The tactic here was to create a specifically-constructed request by a bad actor to circumvent email verification during the signup process," [said Anu Yamunan, director of abuse and safety protections at Google Workspace]. "The vector here is they would use one email address to try to sign in, and a completely different email address to verify a token. Once they were email verified, in some cases we have seen them access third party services using Google single sign-on." Yamunan said none of the potentially malicious workspace accounts were used to abuse Google services, but rather the attackers sought to impersonate the domain holder to other services online.