AI hallucinates software packages and devs download them – even if potentially poisoned with malware [Fri Mar 29 2024]

Hi {NAME}, Daily Headlines - 29 March 2024 ***************************************************************** AI hallucinates software packages and devs download them – even if potentially poisoned with malware Simply look out for libraries imagined by ML and make them real, with actual malicious code. No wait, don't do that ***************************************************************** Off-Prem * Cloud server host Vultr rips user data ownership clause from ToS after web outrage We know the average customer doesn't have a law degree, CEO tells us On-Prem * HPE bakes LLMs into Aruba as AI inches closer to network takeover But don't worry, the models are here to help summarize technical docs and answer your questions ... for now * Pressuring allies not to fulfill chip kit service contracts with China now official US policy Xi Jinping warns 'no force' can stop country's science and tech progress * Intel's green dream is chips without any dips in Mother Nature's health Sustainability Summit pushes industry partners to reduce their environmental impact, including harmful chemicals * Singapore improves the AI it uses to detect smokers Past versions struggled to spot a lungbuster – this time authorities think they've reduced false positives Security * JetBrains keeps mum on 26 'security problems' fixed after Rapid7 spat Vendor takes hardline approach to patch disclosure to new levels * FTX crypto-crook Sam Bankman-Fried gets 25 years in prison Could have been worse: Prosecutors wanted decades more * Nvidia's newborn ChatRTX bot patched for security bugs Flaws enable privilege escalation and remote code execution * US critical infrastructure cyberattack reporting rules inch closer to reality After all, it's only about keeping the essentials on – no rush * Canonical cracks down on crypto cons following Snap Store scam spree In happier news, Ubuntu Pro extended support now goes up to 12 years * INC Ransom claims responsibility for attack on NHS Scotland Sensitive documents dumped on leak site amid claims of 3 TB of data stolen in total * These 17,000 unpatched Microsoft Exchange servers are a ticking time bomb One might say this is a wurst case scenario * AI hallucinates software packages and devs download them – even if potentially poisoned with malware Simply look out for libraries imagined by ML and make them real, with actual malicious code. No wait, don't do that * Execs in Japan busted for winning dev bids then outsourcing to North Koreans Government issues stern warning over despot money-making scheme * China encouraged armed offensive against Myanmar government to protest proliferation of online scams Report claims Beijing is most displaced by junta's failure to address slave labor scam settlements Software * Hillary Clinton: 2024 will be 'ground zero' for AI election manipulation 2016 meddling was 'primitive' compared to what's ahead * University of Washington's Workday woes leave research grants in limbo $340M finance upgrade still working out the kinks * Progress outbids private equity in offer for MariaDB plc MySQL sibling saga continues as 40-year-old infrastructure software firm enters the fray * PostgreSQL pioneer's latest brainchild promises time travel to dodge ransomware Michael Stonbraker on the neat side effects of putting an operating system on top of a database * Databricks claims its open source foundational LLM outsmarts GPT-3.5 In the AI gold rush, analytics outfit wants to provide the shovels Offbeat * How a single buck bought bragging rights in the battle to port Windows 95 to NT It reached the desktop and then ... ------------------------------------------------------------------------ This email was sent to {EMAIL} You can update your preferences here: or unsubscribe from this list: Situation Publishing Ltd, 315 Montgomery Street, 9th & 10th Floors, San Francisco, CA 94104, USA The Register and its contents are Copyright © 2024 Situation Publishing. All rights reserved. Find our Privacy Policy here: