Jess Asato was portrayed wearing a bikini in Grok-generated images after she criticised creation of such non-consensual pictures
A Labour MP has taken legal action against Elon Musk’s xAI company after saying its Grok tool helped a user produce fake sexualised pictures of her, part of a wave of such images that flooded the social media platform X earlier this year.
Jess Asato, the MP for Lowestoft, said in January that seeing herself portrayed by the AI tool as wearing a bikini without her consent was “violating”.
Continue reading...
© Photograph: PA Images/Alamy
© Photograph: PA Images/Alamy
© Photograph: PA Images/Alamy
Researchers show a browser attack that can infer open sites and apps.
In March, Mark Zuckerberg’s Meta announced a new Meta AI support assistant feature on both Facebook and Instagram, providing users with a way to “resolve account problems” and help in taking down any offending impersonator accounts or scams.
Besides highlighting the tech industry’s seemingly insatiable appetite for automating customer service-level jobs with AI, the new feature appears to have backfired spectacularly. As 404 Media reports, the chatbot happily obliged when hackers asked it for access to high-profile Instagram profiles.
The ruse is shockingly simple: after matching the account owner’s geographic region using a VPN, the hackers asked the support chatbot to change the email address associated with the profile, thereby allowing them to successfully complete two-factor authentication. Worse yet, the vulnerability has been around for several months already, according to Telegram group messages reviewed by 404 Media.
“t’s either the new Meta Accounts Center glitching out or my Instagram account is being targeted in a hacking attempt,” former Meta researcher and self-proclaimed hacker Jane Wong wrote in a Threads post. “It appears that my password has been changed without my knowledge / I was not able to log in using my password.”
The exploit highlights glaring cybersecurity issues that continue to plague AI-powered chatbots. We’ve seen countless instances of large language model based tools being jailbroken, tricked into telling lies, or even hallucinate made-up company policies leading to plenty of confusion and even lawsuits.
Experts have also long warned against handing AI chatbots personal information, citing the risk of data leaks. Meta, in particular, has garnered a reputation for continuously treating user data with little care. In March, for instance, The Information reported that an in-house AI agent had caused a critical security incident at Meta, exposing sensitive user data to people without proper authorization.
While it’s unclear whether they were connected to the latest exploit, the news comes after several high profile Instagram accounts, including former president Barack Obama’s and Space Force chief master John Bentivegna’s, were hacked.
Hackers have been offering access to high-profile accounts in exchange for small amounts of money by using the vulnerability, per 404 Media.
Fortunately, Meta appears to have patched the issue, but considering the exploit was discovered months ago, the damage could be extensive.
More on Meta: Meta Workers Say They’re Seeing Disturbing Things Through Users’ Smart Glasses
The post Meta’s AI Support Bot Is Giving Hackers Access to Other People’s Instagram Accounts Just by Asking appeared first on Futurism.
Read more of this story at Slashdot.
If you were paranoid about digital tracking before, you might want to think twice about reading any further.
New research out of Germany’s Karlsruhe Institute of Technology found that the types of Wi-Fi routers we all have in our homes come with a major privacy vulnerability that can be used to identify any human body that comes within their range.
The study, flagged by Gizmodo, used machine learning systems to identify individuals with an accuracy rate of 99.5 percent. To do so, the researchers exploited a vulnerability in a process known as beamforming feedback information (BFI), which was introduced to allow routers to focus Wi-Fi signals on connected devices, as opposed to the older approach, which is to blanket an entire area in coverage.
While BFI is great for network connectivity, it has a major downsides for privacy. For starters, devices connected to a router using beamforming need to send constant feedback in order to be found. As routers send out and receive network feedback, the signal is inevitably impacted by real world factors like pets, walls, and people.
That gap, between the signals routers expect to receive and the distorted feedback they actually get, allowed researchers to extrapolate the identities of 161 individual participants based on BFI data which inadvertently mapped their physical characteristics. Even when individuals changed their gait or carried objects like backpacks and crates, the system registered an accuracy rate between 50 to 60 percent, the KIT team wrote.
“This works similar to a normal camera, the difference being that in our case, radio waves instead of light waves are used for the recognition,” study coauthors Thorsten Strufe said in a press release.
Making matters worse is the fact that this data is basically wide open for anyone to grab — not only is that feedback data unencrypted, it can also be accessed without ever connecting directly to the router.
“We have shown robust identity inference with common-of-the-shelf hardware which is already in widespread adoption in many homes and public areas,” the team wrote in their paper. “With this hardware making its way into millions of homes, the privacy concerns are severe.”
The KIT findings contrast to other Wi-Fi tracking systems, like one developed by researchers at the Sapienza University of Rome. That method, called “WhoFi,” uses channel state information, which is much harder to access on consumer hardware, but can still identify people through walls with an alarmingly high accuracy rate.
That WhoFi study made a point to highlight the anonymity factor: the idea that the sensing system can detect people’s presence, but not identify them. The KIT team refutes that framing outright, arguing that Wi-Fi-sensing technology poses major privacy risks regardless.
“While there maybe legitimate use-cases, we explicitly consider identity inference via Wi-Fi sensing a privacy attack,” they write. “This view reflects the serious risks associated with the ubiquity of Wi-Fi networks, their ability to sense through walls and in non-line-of-sight scenarios, and the fact that this would likely happen without explicit consent.”
While more research will be needed, the researchers don’t mince words about the implications of their initial findings. In their conclusion, the KIT team writes that regulators and companies moving to standardize Wi-Fi sensing should “strongly consider adding effective privacy protection,” or else “abandon beamforming entirely.”
More on surveillance: Town Councilmember Goes Berzerk at Surveillance Camera Ban, Threatens to Outlaw Virtually All Modern Technology
The post Random Standard Wi-Fi Routers Can Scan Your Body to Identify Exactly Who You Are, Alarming New Research Finds appeared first on Futurism.
These days, it’s nearly impossible to traverse the web without leaving some trace of your activity. That’s thanks to a panopticon of cookies, keystroke loggers, fingerprinting, tracking pixels, and probably some other horrors that haven’t even come to light. Maybe that sounds paranoid, but it’s exactly what researchers in Austria uncovered in bombshell new cybersecurity research.
According to the recently released paper, first spotted by Ars Technica, researchers have uncovered a type of no-interaction attack that websites can easily run to access data stored in your computer.
It’s called FROST, which stands for “fingerprinting remotely using OPFS-based SSD timing.” It’s a mouthful for sure, but it basically allows malicious websites to spy on your computer activity, all without installing any software or tricking you into clicking sketchy email links.
Per the researchers, it works by taking advantage of your computer’s solid state drive (SSD), the internal storage devices which have largely taken over from magnetic hard drives on the consumer market. Whenever you visit a site, your computer’s SSD starts buzzing with activity, allowing webpages to store temporary files for your browsing pleasure.
FROST attacks take advantage of this by creating a massive file — we’re talking several gigabytes — which functionally blocks your computer from moving what it sees as temporary web data out of the SSD. While that mammoth file is being processed, however, the malicious website is able to probe the timing of incoming data from other sites, generating data which can then be analyzed through a machine learning model to predict what else you’re doing online.
While “predict” suggests the attacker is guessing, the FROST method is scary good at identifying what a victim’s doing on their computer. Researchers write that by using this technique, their machine learning model was able to predict which sites a user would access with an accuracy rate of 88.95 percent, and could accurately predict accessed applications 95.83 percent of the time.
Worse, the whole thing works regardless of what browser you use — because it works through your SSD, an attacker can theoretically track your web browsing on Firefox based on a website accessed via Google Chrome. Researchers only experimented with the technique on Mac and Linux devices, but caveated that Windows devices are not immune.
“In principle, it would be possible to train a model on any system activity that reliably generates SSD accesses,” the study’s lead author, Hannes Weissteiner, told Ars.
While FROST represents the kind of vulnerability that probably needs to be patched by web developers, Ars notes that you can mitigate the risks by closing website tabs as soon as you’re done with them. It isn’t much, but it could prevent you from becoming the next victim of a scary new kind of cyberattack.
More on web development: New Website Detects Apocalypse If Billionaire Jets Start Fleeing en Masse
The post Websites Are Spying on Your Solid State Drive appeared first on Futurism.
Imagine this scenario: your algorithm has pulled up a background YouTube video, or maybe a podcast. Unbeknownst to you, hackers have embedded inaudible sounds in it, designed to hijack your smart speaker or phone’s AI assistant — meaning the cybercriminals can now access your private photos, bank accounts, or any other personal information you’ve hooked up to your AI system.
It sounds like an also-ran episode of “Black Mirror,” but it’s exactly what researchers have shown is possible in new research being presented this week at the IEEE Symposium on Security and Privacy.
Basically, a team of researchers in China and Singapore found that they can construct “adversarial audio,” completely undetectable to the human ear, that tricks voice AI models into doing things they shouldn’t. Then it’s a breeze to hide it in innocent-sounding audio — a song, a movie, or anything else that unsuspecting targets might play in the background — and lay in wait for users to accidentally compromise their digital lives.
“It takes just half an hour to train this signal, and then, because this signal is context-agnostic, you can use it to attack the target model whenever you want, no matter what the user says,” lead author Meng Chen, a PhD candidate at China’s Zhejiang University, told IEEE Spectrum of the work. “These single-point defenses struggle to resist our attack because we found it’s very hard for these models to distinguish the normal user intent and our adversary attack.”
One catch, at least for now: the technique required the hackers to have access to the full weights of the AI model they’re targeting, meaning they were only able to attack open source models. But because many commercial AI systems are built on open source models, that meant that their exploit was effective against mainstream products by Microsoft and Mistral.
Mistral didn’t respond to IEEE‘s request for comment, but Microsoft issued a statement that should probably give anyone pause before connecting any important information whatsoever to one of the company’s voice AI models.
“We appreciate the researchers’ work to advance understanding of this type of technique,” it read. “This study evaluates model resilience through controlled, direct interactions with the model itself, which helps inform our approach to building model resiliency. In practice, AI models are often integrated into user applications, and we offer developers tools and guidance they can use to implement additional layers of protection that help safeguard users.”
More on AI: Researchers Alarmed by AI That Can Self-Replicate Into Another Machine
The post Hackers Find That Inaudible Sounds Hidden in Podcasts or Random Videos Can Hijack Your AI Voice Chatbot appeared first on Futurism.
If you’ve been running headfirst into verification prompts seemingly everywhere you go online, you aren’t alone.
Whether you’re jumping through hoops to satisfy a CAPTCHA or checking boxes to verify your identity, these brief interruptions are becoming hard to ignore. The reason behind it? Look no further than AI. As Swinburne University of Technology computer science professor Yang Xiang writes for The Conversation, the sheer number of AI bots on the internet is now reason enough for some websites to require verification. On top of this, the public has become acutely aware of developers using their data to train their bots, and that fear is growing.
Previous research has already found that AI bots shouldn’t be trained with any old data. In fact, using brain rot material — think of the last low-effort meme you saw — can decrease an AI model’s contextual understanding and reasoning skills. For this reason, developers are deploying more AI crawlers to gather the realistic information they need for training purposes, inundating innocent sites with non-human traffic.
Compounding the problem, AI is rapidly becoming clever enough to outsmart traditional CAPTCHAs. Alarming footage recently captured a ChatGPT Agent casually clicking a “I am not a robot” button. That’s why you’re seeing so many grueling image CAPTCHAs that ask you to identify buses and handbags, but AI is increasingly able to solve those too. Fingerprint recognition and voice patterns are tempting, but they raise a slew of questions about privacy and biometrics; in an era when flawed facial recognition software is still resulting in false convictions, it may be hard to convince skeptics that the tech is the key to future user verification.
In other words, the whole thing is a festering mess — and if there’s one core takeaway, it’s that the internet doesn’t belong exclusively to humans anymore.
More on AI training: Companies Just Learned a Brutal Lesson About Training AI to Do Human Jobs
The post Why Are So Many Websites Suddenly Demanding Evidence You’re Not a Robot? appeared first on Futurism.
Like data centers, automatic license plate readers (ALPRs) are incredibly unpopular with voters around the US. Plenty of local politicians are taking the hint, choosing to cancel controversial surveillance contracts with the granddad of ALPR companies, Flock Safety.
In the tiny town of Bandera, Texas, however, one petty tyrant on the city council took personal offense after his fellow politicians voted 3-2 to immediately end their contract with Flock earlier this month. After voting, the dissenting councilmember, identified by 404 Media as Jeff Flowers, immediately went on the offensive, threatening to outlaw virtually all forms of modern technology and take the town “back to 1880.”
In a statement shared by the town newspaper the Bandera Bulletin, Flowers addressed the roughly 900 residents who call the town home.
“For months, I have listened to the outcry regarding [ALPR] technology,” he scathed. “I have seen the eyerolls, and I’ve even been met with ‘Nazi rhetoric,’ the dangerous claim that believing in accountability and community safety is somehow equivalent to totalitarianism. Comparing a neighbor’s desire for a safe street to a dark chapter of history is a classic case of comparing apples to oranges; it is a distraction used to avoid the reality of the threats our town faces today.”
“Since the Council has decided we are the ‘Free State of Bandera,’ a place where the ‘rights’ of a car thief or human trafficker to remain anonymous apparently outweigh the right of a resident to protect their property and the safety of their family, then we must go all the way,” Flowers continued his rant.
“To ensure our historic County Seat becomes the most ‘traditional’ sanctuary in Texas, I have requested… a total ban on all cellular and GPS-capable devices for all operations within city limits,” the councilman raged. “If we are to be truly ‘private,’ we must leave our smartphones at the city line.”
Continuing his childish crashout, Flowers also proposed a ban on all commercial and residential security cameras, as well as a “total total termination of all internet services and electronic record-keeping.”
“We are going back to 1880, paper ledgers and cash only,” he seethed.
Back in February, Flowers moderated a town hall meeting exclusively meant to discuss the Flock contract, which brought eight ALPRs into the one-horse town. During another February meeting, Flowers accused opponents of the private surveillance company of having something to hide, saying “I believe personally that guilty people act defensively.”
“If you don’t have anything to hide, then it shouldn’t be a problem,” he carried on. “I also believe when you are in a public space, your privacy kind of goes out the window because you are in essence in a public place.”
More on surveillance: Man Trapped in Dystopian Nightmare Thanks to AI Surveillance Cameras Flagging His Every Move
The post Town Councilmember Goes Berzerk at Surveillance Camera Ban, Threatens to Outlaw Virtually All Modern Technology appeared first on Futurism.
Researchers show a browser attack that can infer open sites and apps.
Login
