Enlarge (credit: Getty Images | Aurich Lawson)

Use of facial recognition software led Detroit police to falsely arrest 32-year-old Porcha Woodruff for robbery and carjacking, reports The New York Times. Eight months pregnant, she was detained for 11 hours, questioned, and had her iPhone seized for evidence before being released. It's the latest in a string of false arrests due to use of facial-recognition technology, which many critics say is not reliable.

The mistake seems particularly notable because the surveillance footage used to falsely identify Woodruff did not show a pregnant woman, and Woodruff was very visibly pregnant at the time of her arrest.

The incident began with an automated facial recognition search by the Detroit Police Department. A man who was robbed reported the crime, and police used DataWorks Plus to run surveillance video footage against a database of criminal mug shots. Woodruff's 2015 mug shot from a previous unrelated arrest was identified as a match. After that, the victim wrongly confirmed her identification from a photo lineup, leading to her arrest.

Enlarge / Some people hate to hear other people's keyboards on video calls, but AI-backed side channel attackers? They say crank that gain. (credit: Getty Images)

By recording keystrokes and training a deep learning model, three researchers claim to have achieved upwards of 90 percent accuracy in interpreting remote keystrokes, based on the sound profiles of individual keys.

In their paper A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards ( full PDF ), UK researchers Joshua Harrison, Ehsan Toreini, and Marhyam Mehrnezhad claim that the trio of ubiquitous machine learning, microphones, and video calls "present a greater threat to keyboards than ever." Laptops, in particular, are more susceptible to having their keyboard recorded in quieter public areas, like coffee shops, libraries, or offices, the paper notes. And most laptops have uniform, non-modular keyboards, with similar acoustic profiles across models.

Previous attempts at keylogging VoIP calls, without physical access to the subject, achieved 91.7 percent top-5 accuracy over Skype in 2017 and 74.3 percent accuracy in VoIP calls in 2018 . Combining the output of the keystroke interpretations with a "hidden Markov model" (HMM), which guesses at more-likely next-letter outcomes and could correct "hrllo" to "hello," saw one prior side channel study's accuracy jump from 72 to 95 percent—though that was an attack on dot-matrix printers . The Cornell researchers believe their paper is the first to make use of the recent sea change in neural network technology, including self-attention layers , to propagate an audio side channel attack.

Enlarge / A Google robot controlled by RT-2. (credit: Google)

On Friday, Google DeepMind announced Robotic Transformer 2 (RT-2), a "first-of-its-kind" vision-language-action (VLA) model that uses data scraped from the Internet to enable better robotic control through plain language commands. The ultimate goal is to create general-purpose robots that can navigate human environments, similar to fictional robots like WALL-E or C-3PO.

When a human wants to learn a task, we often read and observe. In a similar way, RT-2 utilizes a large language model (the tech behind ChatGPT ) that has been trained on text and images found online. RT-2 uses this information to recognize patterns and perform actions even if the robot hasn't been specifically trained to do those tasks—a concept called generalization.

For example, Google says that RT-2 can allow a robot to recognize and throw away trash without having been specifically trained to do so. It uses its understanding of what trash is and how it is usually disposed to guide its actions. RT-2 even sees discarded food packaging or banana peels as trash, despite the potential ambiguity.

Enlarge (credit: Getty Images)

Security researchers have unearthed a rare malware find: malicious Android apps that use optical character recognition to steal credentials displayed on phone screens.

The malware, dubbed CherryBlos by researchers from security firm Trend Micro, has been embedded into at least four Android apps available outside of Google Play, specifically on sites promoting money-making scams. One of the apps was available for close to a month on Google Play but didn’t contain the malicious CherryBlos payload. The researchers also discovered suspicious apps on Google Play that were created by the same developers, but they also didn’t contain the payload.

Advanced techniques

The apps took great care to conceal their malicious functionality. They used a paid version of commercial software known as Jiagubao to encrypt code and code strings to prevent analysis that can detect such functionality. They also featured techniques to ensure the app remained active on phones that had installed it. When users opened legitimate apps for Binance and other cryptocurrency services, CherryBlos overlaid windows that mimicked those of the legitimate apps. During withdrawals, CherryBlos replaced the wallet address the victim selected to receive the funds with an address controlled by the attacker.

Enlarge (credit: Getty Images | NurPhoto)

Meta's new Twitter competitor, Threads, is looking for ways to keep users interested after more than half of the people who signed up for the text-based platform stopped actively using the app, Meta CEO Mark Zuckerberg reportedly told employees in a company town hall yesterday. Threads launched on July 5 and signed up over 100 million users in less than five days, buoyed by user frustration with Elon Musk-owned Twitter.

"Obviously, if you have more than 100 million people sign up, ideally it would be awesome if all of them or even half of them stuck around. We're not there yet," Zuckerberg told employees yesterday, according to Reuters , which listened to audio of the event.

Third-party data suggests that Threads may have lost many more than half of its active users. Daily active users for Threads on Android dropped from 49 million on July 7 to 23.6 million on July 14 , and then to 12.6 million on July 23 , web analytics company SimilarWeb reported.

Enlarge / Several examples of images generated using Stable Diffusion XL 1.0. (credit: Stable Diffusion)

On Wednesday, Stability AI released Stable Diffusion XL 1.0 (SDXL), its next-generation open weights AI image synthesis model. It can generate novel images from text descriptions and produces more detail and higher-resolution imagery than previous versions of Stable Diffusion.

As with Stable Diffusion 1.4, which made waves last August with an open source release, anyone with the proper hardware and technical know-how can download the SDXL files and run the model locally on their own machine for free.

Local operation means that there is no need to pay for access to the SDXL model, there are few censorship concerns, and the weights files (which contain the neutral network data that makes the model function) can be fine-tuned to generate specific types of imagery by hobbyists in the future.

Enlarge (credit: Getty Images)

A US senator is calling on the Justice Department to hold Microsoft responsible for “negligent cybersecurity practices” that enabled Chinese espionage hackers to steal hundreds of thousands of emails from cloud customers, including officials in the US Departments of State and Commerce.

“Holding Microsoft responsible for its negligence will require a whole-of-government effort,” Ron Wyden (D-Ore.) wrote in a letter . It was sent on Thursday to the heads of the Justice Department, Cybersecurity and Infrastructure Security Agency, and the Federal Trade Commission.

Bending over backward

Wyden’s remarks echo those of other critics who say Microsoft is withholding key details about a recent hack. In disclosures involving the incident so far, Microsoft has bent over backwards to avoid saying its infrastructure—including the Azure Active Directory , a supposedly fortified part of Microsoft’s cloud offerings that large organizations use to manage single sign-on and multifactor authentication—was breached. The critics have said that details Microsoft has disclosed so far lead to the inescapable conclusion that vulnerabilities in code for Azure AD and other cloud offerings were exploited to pull off the successful hack.

Enlarge / An AI-generated image of a slot machine in a desert. (credit: Midjourney)

On Thursday, OpenAI quietly pulled its AI Classifier, an experimental tool designed to detect AI-written text. The decommissioning, first noticed by Decrypt, occurred with no major fanfare and was announced through a small note added to OpenAI's official AI Classifier webpage :

As of July 20, 2023, the AI classifier is no longer available due to its low rate of accuracy. We are working to incorporate feedback and are currently researching more effective provenance techniques for text, and have made a commitment to develop and deploy mechanisms that enable users to understand if audio or visual content is AI-generated.

Released on January 31 amid clamor from educators about students potentially using ChatGPT to write essays and schoolwork, OpenAI's AI Classifier always felt like a performative Band-Aid on a deep wound. From the beginning, OpenAI admitted that its AI Classifier was not "fully reliable," correctly identifying only 26 percent of AI-written text as "likely AI-written" and incorrectly labeling human-written works 9 percent of the time.

As we've pointed out on Ars, AI writing detectors such as OpenAI's AI Classifier, Turnitin, and GPTZero simply don't work with enough accuracy to rely on them for trustworthy results. The methodology behind how they work is speculative and unproven, and the tools are currently routinely used to falsely accuse students of cheating.

Enlarge (credit: Getty Images)

It has been a tough year for PC companies and companies that make PC components. Companies like Intel, AMD, and Nvidia have all reported big drops in revenue from the hardware that they sell to consumers (though the hardware they sell to other businesses is often doing better).

Microsoft contributed another data point to that trend today , with fourth-quarter 2023 financial results that showed modest growth (revenue up 8 percent year over year, from $51.9 billion to $56.2 billion), but no thanks to its consumer software and hardware businesses.

Revenue from the company's More Personal Computing division, which encompasses Windows licenses, Surface PCs and other accessories, Xbox hardware and software and services, and ad revenue, was down 4 percent year over year. This decrease was driven mostly by a drop in sales of Windows licenses to PC makers (down 12 percent because of "PC market weakness") and by reduced hardware sales (down 20 percent, though the company didn't say how much of this drop came from its accessory business and how much came from Surface PCs). Microsoft makes its own PCs and PC accessories and sells the software that most other PC makers use on their hardware, so when the entire PC ecosystem is doing poorly, Microsoft gets hit twice.