Technology

PDF.

Trump Media and Technology Group Corp. (Nasdaq, NYSE Texas: DJT) ("Trump Media" or the "Company"), operator of the social media platform Truth Social, the streaming platform Truth+, and the FinTech brand Truth.Fi, announced today that the company has begun public Beta testing its new AI search feature, Truth Search AI, on the Truth Social platform.

Powered by Perplexity, a software and AI company dedicated to providing direct, contextually accurate answers with transparent citations, Truth Search AI is intended to enhance the Truth Social platform and exponentially increase the amount of information available to its users.

The advertising industry’s anticipated shift away from third-party cookies led to the proliferation and normalisation of first-party identification architectures online. Marketed as ‘privacy-friendly,’ the new technologies promise to deliver the efficiencies that advertisers have become accustomed to, while addressing privacy concerns from third-party cookies. Such tension calls for a better understanding of the privacy implications from first-party online identification architectures. We evaluate first-party user identification mechanisms by (1) surveying the literature to create a typology that synthesises existing privacy concerns in third-party cookie-based identification, and (2) applying our typology to evaluate the privacy of prime examples in what we frame as three distinct types of first-party ID architectures — Universal IDs, Onboarding ID, and Walled Garden ID. We analyse technical documentation and code repositories from each architecture type and show how first-party ID solutions still enable cross-site tracking over longer periods of time and encourage sensitive user targeting. First-party ID solutions do create mechanisms to ease opting out from tracking, but the implementation of those mechanisms is questionable. Our findings demonstrate how the advertising industry is trying to maintain its existing structure and replicate the tracking functionalities on which it has grown reliant.

Hackernews.

The board determined the primary contributing factors were OceanGate’s inadequate design, certification, maintenance and inspection process for the Titan. Other factors cited in the report include a toxic workplace culture at OceanGate, an inadequate domestic and international regulatory framework for submersible operations and vessels of novel design, and an ineffective whistleblower process under the Seaman’s Protection Act.

The board also found OceanGate failed to properly investigate and address known hull anomalies following its 2022 Titanic expedition. Investigators determined the Titan’s real-time monitoring system generated data that should have been analyzed and acted on during the 2022 Titanic expedition. However, OceanGate did not take any action related to the data, conduct any preventative maintenance or properly store the Titan during the extended off season before its 2023 Titanic expedition.

• HTML.
• PDF

Online content creators spend significant time and effort building their user base through a long, often arduous process, which requires finding the right niche'' to cater to. So, what incentive is there for an established content creator known for cat memes to completely reinvent their page channel and start promoting cryptocurrency services or cover electoral news events? And, if they do, do their existing subscribers not notice? We explore this problem of \textit{repurposed channels}, whereby a channel changes its identity and contents. We first characterize a market for second-hand'' social media accounts, which recorded sales exceeding USD~1M during our 6-month observation period. By observing YouTube channels (re)sold over these 6~months, we find that a substantial number (37%) are used to disseminate potentially harmful content, often without facing any penalty. Even more surprisingly, these channels seem to gain rather than lose subscribers. To estimate the prevalence of channel repurposing ``in the wild,'' we also collect two snapshots of 1.4M quasi-randomly sampled YouTube accounts. In a 3-month period, we estimate that $\sim$0.25% channels -- collectively holding $\sim$44M subscribers -- were repurposed. We confirm that these repurposed channels share several characteristics with sold channels -- mainly, the fact that they had a significantly high presence of potentially problematic content. Across repurposed channels, we find channels that became disinformation channels, as well as channels that link to web pages with financial scams. We reason that abusing the residual trust placed on these channels is advantageous to financially- and ideologically-motivated adversaries. This phenomenon is not exclusive to YouTube and we posit that the market for cultivating organic audiences is set to grow, particularly if it remains unchallenged by mitigations, technical or otherwise.

Hackernews.

The database — the first of its kind in the nation — will vastly expand public access to internal affairs records that disclose how law enforcement agencies throughout the state handle misconduct allegations as well as uses of police force that result in death or serious injury. The database, funded by the State of California, currently has records from nearly 12,000 cases, including thousands involving police shootings. Every record in the database was released by a law enforcement agency after being redacted in compliance with California’s public records laws. As a result, journalists and members of the public will now be able to search statewide for particular types of misconduct and use-of-force. Police chiefs will be able to use the data to aid in hiring decisions. Researchers will be able to identify trends and patterns.

Perplexity blog.

Paper.

You used to believe that adversarial attacks against AI-powered systems are complex, impractical, and too academic. In reality, an indirect prompt injection in a Google invitation is all you need to exploit Gemini for Workspace's agentic architecture to trigger the following outcomes:

• Toxic content generation
• Spamming
• Deleting events from the user's calendar
• Opening the windows in a victim's apartment
• Activating the boiler in a victim's apartment
• Turning the light off in a victim's apartment
• Video streaming a user via Zoom
• Exfiltrating a user's emails via the browser
• Geolocating the user via the browser

Desktop Archive.

Note: I usually don't share Techdirt articles, due to their bad Cloudflare configuration. But I see a good value in this article.

California lawmakers want to ban companies from using data about consumers’ devices like battery life, model and geolocation to set fluctuating prices. Proponents say such “surveillance pricing” is discriminatory.

Article in Hebrew

The tech giant developed a customized version of its cloud platform for Israel’s Unit 8200, which is housing audio files of millions of calls by Palestinians in Gaza and the West Bank, a joint investigation reveals.

The Israeli army’s elite cyber warfare unit is using Microsoft’s cloud servers to store masses of intelligence on Palestinians in the West Bank and Gaza — information that has been used to plan deadly airstrikes and shape military operations, an investigation by +972 Magazine, Local Call, and the Guardian can reveal.

Unit 8200, roughly equivalent in function to the U.S. National Security Agency (NSA), has transferred audio files of millions of calls by Palestinians in the occupied territories onto Microsoft’s cloud computing platform, Azure, operationalizing what is likely one of the world’s largest and most intrusive collections of surveillance data over a single population group. This is according to interviews with 11 Microsoft and Israeli intelligence sources in addition to a cache of leaked internal Microsoft documents obtained by the Guardian.

In a meeting at Microsoft’s headquarters in Seattle in late 2021, the then-head of Unit 8200, Yossi Sariel, won the support of the tech giant’s CEO, Satya Nadella, to develop a customized and segregated area within Azure that has facilitated the army’s mass surveillance project. According to the sources, Sariel approached Microsoft because the scope of Israel’s intelligence on millions of Palestinians in the West Bank and Gaza is so vast that it cannot be stored on military servers alone.

Microsoft’s immense storage and computing power capabilities enabled what multiple Israeli sources described as the project’s ambitious goal: to store “a million calls an hour.”

Following the 2021 meeting, a dedicated team of Microsoft engineers began working directly with Unit 8200 to build a model that would allow the intelligence unit to use the American company’s cloud services from within its own bases. According to one intelligence source, some of these Microsoft employees were themselves alumni of Unit 8200, which made the collaboration “much easier.”

According to the Guardian’s reporting, the leaked documents suggest that 11,500 terabytes of Israeli military data — equivalent to roughly 200 million hours of audio — were being stored on Microsoft’s servers in the Netherlands by July of this year, while smaller portions were being stored in Ireland and Israel. It is not possible to tell how much of this data belongs specifically to Unit 8200; as a previous investigation by +972, Local Call, and the Guardian revealed earlier this year, dozens of Israeli army units have purchased cloud computing services from Microsoft, and the company has a footprint in all major military infrastructures in Israel.