TL;DR: This week, our discussions revolve around the potential creative job losses due to AI advancements, discussions on copyright infringements in AI music, and OpenAI's decision to block access to ChatGPT in China. The cybersecurity space reveals the unveiling of a new post-quantum secure consensus protocol. Worrisome malware injections by Chinese companies into eCommerce sites and critical breaches at Rabbit Inc. and AU10TIX. Interesting updates in the Privacy sector include USPS's confession of sharing mail data with law enforcement. Interesting tools launched by Google and Figma for improved experience. In entertainment, significant deletions of MTV's News Archives and Comedy Central's entire clip library from the internet, raising concerns over preserving digital content. Amazing advancements in gaming, the development of an inexpensive device for Raspberry Pi, including Beats reintroducing the Pill speaker with a new design and features for improved sound. Lastly, the introduction of biodegradable 'plastic' made out of barley starch and sugar beet fiber by the researchers.

Artificial Intelligence

AI’s Creative Conundrum: Will Generative Tools Boost Human Ingenuity or Crush Careers? (~2 min.) : OpenAI CTO, Murati, believes that artificial intelligence (AI) will lead to some creative jobs being lost, but suggests that maybe those jobs shouldn’t have existed in the first place. She views AI as a tool that can expand human creativity and make it more accessible to people. However, she also acknowledges that the impact of AI on jobs is still unclear, noting that “we don’t really understand the impact that AI is going to have on jobs yet.” The article highlights concerns about AI’s potential effect on creative industries, with some experts arguing that AI will indeed lead to job losses in these fields.

Battle Beats: Music Industry Sues AI Giant Suno Over Unauthorized Tunes (~4 min.) : The Recording Industry Association of America (RIAA) has taken legal action against AI music generator Suno for using copyrighted music without proper licensing or consent. The RIAA argues that this amounts to copyright infringement and is seeking to establish a precedent requiring AI companies to obtain licensing agreements before using copyrighted music in their training data. Record labels are also working on their own AI deals, including partnerships with YouTube and SoundLabs, to ensure fair compensation for artists and labels. The dispute highlights the need for AI companies to properly license and consent to use copyrighted music in their training data.

OpenAI Cuts Off China: AI Giant to Block Access to ChatGPT, Raising Questions on Tech Tensions Between US and China (~2 min.) : OpenAI, a leading AI research organization, has announced plans to block access to its ChatGPT services in China, where it is not officially available. The move comes as the company has started sending emails to users in China informing them that their access will be cut off starting July 9. This decision may impact several Chinese startups that have built applications using OpenAI’s large language models. While OpenAI’s services are available in over 160 countries, China is not one of them, and this move coincides with Washington’s pressure on American tech companies to limit China’s access to cutting-edge technologies developed in the US.

Cybersecurity

Guarding the Gates: New Threats & Tactics in Large Language Models - Plus, Effective Mitigation Strategies to Keep Your AI Safe (~8 min.) : A vulnerability known as “Skeleton Key” allows attackers to bypass safety guardrails in large language models, requesting harmful or offensive content. This issue affects multiple Microsoft AI models, including those used in Copilot assistants. To mitigate this threat, Microsoft has implemented various security measures, such as input and output filtering, abuse monitoring, and system prompts. Additionally, customers developing their own applications on Azure can utilize tools like Prompt Shields to protect against similar attacks.

Unlocking Untrusted Networks: Asynchronous Consensus Without a Trusted Setup or Public-Keys (~2 min.) : The paper presents an asynchronous Byzantine consensus protocol that does not rely on a trusted setup or public-key cryptography, making it post-quantum secure and practical for implementation. The protocol, called Asynchronous Common Subset (ACS), uses only cryptographic hash functions and achieves $O(\kappa n^3)$ total communication with expected $O(1)$ rounds of execution. Experimental evaluation shows that ACS is more efficient than the existing setup-free consensus protocol implemented to date. The paper also introduces new primitives for asynchronous secret key sharing and cover gathering, which may have independent interest.

Google Ads Blocked: Polyfill.io Malware Injected into 100K+ eCommerce Sites, Users Redirected to Fake Sports Betting Site (~4 min.) : Google has started blocking Google Ads for eCommerce sites that use polyfill.io, an open-source library to support older browsers. However, in February, a Chinese company bought the domain and the GitHub account, injecting malware on mobile devices via any site that embeds cdn.polyfill.io. The malware redirects mobile users to a sports betting site using a fake Google analytics domain. Polyfill’s original author recommends not using it at all, as modern browsers no longer require it. Fastly and Cloudflare have provided trustworthy alternatives.

ID Verification Service Leaves Administrative Credentials Exposed for Over a Year, Leaving TikTok and Uber Users at Risk (~3 min.) : AU10TIX, an ID verification company that works with TikTok, Uber, and X among others, left its administrative credentials exposed for over a year. The exposed credentials potentially allowed hackers to access customer data, including names, dates of birth, nationalities, ID numbers, and images of uploaded documents. AU10TIX has issued a statement claiming no evidence of exploitation, but the company is decommissioning its current operating system in favor of a new one that prioritizes security. The incident raises concerns about the potential misuse of sensitive customer data by hackers.

Rabbit Hole of Risk: Data Breach Exposes API Keys, User Data and Email Hijacking Potential (~3 min.) : A security breach has been discovered at Rabbit Inc., exposing critical API keys and user data through their ElevenLabs TTS API key, which was hardcoded into their code. The breach allows unauthorized access to personal data, control over R1 devices, and alteration of responses. Despite Rabbit’s claims that no compromise occurred, some keys were revoked, but a crucial SendGrid key was missed, putting email data and user privacy at risk. The incident highlights the importance of secure coding practices, regular credential rotation, and robust access controls to prevent such breaches from occurring in the future.

GitLab Alert: Pipelines Hijacked! Critical Flaw Exposes Users to Unhinged Automation Chaos (~1 min.) : A high-severity vulnerability has been discovered in certain versions of GitLab Community and Enterprise Edition products, allowing attackers to run arbitrary pipelines as any user. The flaw, which affects specific versions of the software, can be exploited by authenticated users, giving attackers unauthorized access to sensitive data and systems. To mitigate the risk, affected users are advised to upgrade their GitLab instances to patched versions or apply interim workarounds.

Breach Alert: TeamViewer’s Internal Security System Hacked; No Customer Data Compromised (~1 min.) : On June 26, 2024, TeamViewer detected an unusual activity in its internal corporate IT environment and quickly activated its response team to investigate and remediate the issue. The incident is separate from the company’s product environment and customer data, with no evidence suggesting any impact on these areas. Investigations are ongoing, and TeamViewer will provide regular updates as more information becomes available.

Privacy

Surveillance in Plain Sight: USPS Reveals Decade-Long Practice of Sharing Mail Data with Law Enforcement (~4 min.) : The US Postal Service has been sharing information from thousands of Americans’ letters and packages with law enforcement agencies every year since 2015, without requiring a court order. According to records obtained by The Washington Post, the agency received over 60,000 requests for mail data between 2015 and 2023, with only 3% of those requests denied. The surveillance technique, known as the “mail covers program,” allows postal inspectors to share names, addresses, and other details from the outside of envelopes and packages. While the practice is legal, critics argue that it raises concerns about privacy and warrants for such monitoring.

Tools

Google Search Gets Old-School: Continuous Scroll Comes to an End, Paginated Results Return! (~3 min.) : Google Search will discontinue its continuous scroll feature on both desktop and mobile platforms, reverting back to the classic pagination bar at the footer of search results. The change aims to improve search performance by loading fewer results initially, rather than automatically loading more. This shift is expected to impact website traffic and Search Console data, potentially leading to changes in user behavior and analytics insights.

Design Revolution: Figma Unleashes AI Power to Supercharge Your Creative Flow! (~11 min.) : Figma has introduced AI-powered design features to revolutionize your workflow. These features include realistic copy generation, quick-click prototyping, automatic layer renaming, and Make Designs, which use AI models to generate text, images, and design concepts. The new features aim to help designers create engaging mockups faster and bring their ideas to life without having to switch tools. Additionally, Figma has introduced team-level settings for AI model training and usage data tracking to ensure the integrity of your creative work.

Entertainment

Chug Along: Free ‘Sunless Skies’ Adventure Awaits! (~5 min.) : Grab “Sunless Skies: Sovereign Edition” for free from the Epic Games Store. In this game, you captain a steam locomotive through a hostile universe inspired by Victorian-era steampunk and cosmic horror. Explore four regions, battle monsters and rival ships, manage your crew’s morale and supplies, and uncover the secrets of the Fallen London Universe. With over 800,000 words of interconnected stories, hand-drawn art, and real-time combat, this game offers a rich and immersive experience.

The End of an Era: MTV’s 20+ Years of News Archives Erased from the Internet Forever (~4 min.) : MTV.com has been shut down, wiping out over 20 years of news archives, including music and political reporting. The decision to delete all articles and replace them with TV show schedules has sparked outrage among former writers and journalists who had contributed to the site. This move is seen as a demonstration of Paramount’s lack of respect for journalism and its focus on profit over preserving historical content. The loss of these archives is not only a blow to those involved but also a warning about the importance of preserving digital information in a rapidly changing online landscape.

Goodnight, Comedy Central: The Daily Show’s Entire Clip Library Vanishes from the Internet (~2 min.) : ComedyCentral.com, a hub for late-night TV clips, has been shut down by Paramount. The site had hosted full episodes and clips from shows like “The Daily Show” since 1999 and “The Colbert Report”. Unfortunately, this purge also takes down other short-lived late-night programs, including “The Opposition”, “@midnight”, and “Lights Out”. While some clips may still be found on YouTube, the complete collection is no longer available online.

Assassin’s Creed Revival: Modern Reimaginings of Beloved Classics on the Horizon! (~2 min.) : Ubisoft CEO Yves Guillemot has confirmed that the company is working on remaking older Assassin’s Creed titles, likely with improved graphics and gameplay for modern consoles and PCs. The goal is to revisit and modernize classic worlds, according to Guillemot. While no specific titles have been announced, a remake of Assassin’s Creed 4: Black Flag has previously been rumored.

Gadgets

Retro Revival: Raspberry Pi-Powered Pocket Z Brings Back the Ultra-Mobile PC for Under $100! (~2 min.) : A software engineer, known as Icepat on Hackaday, is developing a Raspberry Pi-powered Ultra-Mobile PC (UMPC) called Pocket Z, aiming to create an affordable device for under $100. The prototype features a 7-inch capacitive touchscreen display, silicone membrane keyboard, and runs Linux with XFCE Desktop Environment and Conky. To keep costs down, the display connects directly to the Raspberry Pi Zero 2 W’s GPIO headers, limiting its potential for sensors or accessories. The UPMC also includes a USB-C power management system, Li-Po battery, and single USB-A port for connecting accessories.

Beats Pill Revived: New Design, Improved Sound, and 24 Hours of Battery Life! (~3 min.) : Beats has reintroduced its Pill speaker with a new design and features. The redesigned Pill boasts improved sound projection, more powerful bass, and reduced distortion, thanks to an updated woofer and tweeter combo. The speaker also comes with a removable lanyard for carrying and is IP67 rated for dust and water resistance. It’s available for pre-order in black, red, and gold color options for $150, with shipments starting on June 27.

GE-Force: TP-Link’s Archer GE800 Wi-Fi 7 Router Unleashes Blazing Fast Gaming Speeds for $599.99 (~2 min.) : TP-Link has finally released its Archer GE800 Wi-Fi 7 tri-band gaming router, available for $599.99 with a limited-time launch promotion offering a $100 discount. This router takes advantage of the new Wi-Fi 7 standard, which doubles maximum channel bandwidth and allows for simultaneous connections across multiple bands. With speeds reaching up to 19Gbps, it’s ideal for gamers who want fast and reliable connectivity. However, users will need a Wi-Fi 7-compatible device like a recent smartphone or laptop to fully utilize these speeds.

Science

Fabric Frenzy: Meet the Miraculous Material That Can Cool You Down by a Chilling 16 Degrees! (~1 min.) : Researchers have developed an ultra-thin fabric that can cool the body by up to 16 degrees Celsius, providing relief from heat stress. The innovative material, called “Phase Change Material (PCM) fabric,” uses a special type of polymer that changes phase from solid to liquid as it absorbs and releases heat. When applied to clothing or bedding, this technology could potentially revolutionize personal cooling systems. Early testing has shown promising results, with the fabric capable of reducing body temperature by an impressive 16 degrees Celsius in just 30 minutes.

Barley’s Breakthrough: Biodegradable ‘Plastic’ that Turns into Compost in Just 2 Months! (~6 min.) : Researchers at the University of Copenhagen have invented a new type of bioplastic made from barley starch and sugar beet fiber that can completely decompose in nature within two months. This “barley plastic” is stronger than current bioplastics, yet still biodegradable and compostable. The team hopes this invention will help reduce plastic pollution and mitigate the climate impact of plastic production. The material has the potential to be used for food packaging, shopping bags, and other applications.

Misc

LLMs: The AI-Driven Code Conundrum - Can You Keep Up? (~21 min.) : The rise of Large Language Models (LLMs) in software engineering may displace junior developers, leaving them less marketable. Senior developers, who possess high-level understanding of systems and can detect AI-generated code issues, will remain valuable. To survive this transition, junior and aspiring software engineers should focus on developing strong skills in algorithms, data structures, and system design, while also gaining hands-on experience with various technologies.

BATTLE FOR KNOWLEDGE: Internet Archive Fights to Reclaim Stolen eBooks, Preserve Access to Information (~4 min.) : The Internet Archive (IA), an online library, has removed over 500,000 titles from its collection due to publishers’ successful lawsuits against IA’s digital lending practices. IA is now appealing the decision, arguing that its controlled digital lending is fair use under copyright law and does not harm the e-book market. The organization hopes to reverse the court’s decision and restore access to the removed books, which are crucial for readers, academics, students, and educators worldwide.

Thank you for joining me in this week’s exploration of the tech universe. Amidst the endless stream of information, I strive to bring you news that is not only relevant but also thought-provoking. Your thoughts and feedback are always welcome. Don’t forget to spread the word about the Friday Tech Focus Newsletter and stay tuned for more curated insights next week!