Enlarge / Please use the sharing tools found via the share button at the top or side of Baidu chief Robin Li introduces the functions of the company’s AI chatbot Ernie in Beijing on Thursday. Li said there was high market demand as Chinese companies raced to develop an equivalent to Microsoft-backed ChatGPT. (credit: Ng Han Guan/AP)

Shares of Baidu fell as much as 10 percent on Thursday after the web search company showed only a pre-recorded video of its AI chatbot Ernie in the first public release of China’s answer to ChatGPT.

The Beijing-based tech company has claimed Ernie will remake its business and for weeks talked up plans to incorporate generative artificial intelligence into its search engine and other products.

But on Thursday, millions of people tuning in to the event were left with little idea of whether Baidu’s chatbot could compete with ChatGPT.

Enlarge (credit: Ars Technica)

As part of pre-release safety testing for its new GPT-4 AI model , launched Tuesday, OpenAI allowed an AI testing group to assess the potential risks of the model's emergent capabilities—including "power-seeking behavior," self-replication, and self-improvement.

While the testing group found that GPT-4 was "ineffective at the autonomous replication task," the nature of the experiments raises eye-opening questions about the safety of future AI systems.

Raising alarms

"Novel capabilities often emerge in more powerful models," writes OpenAI in a GPT-4 safety document published yesterday. "Some that are particularly concerning are the ability to create and act on long-term plans, to accrue power and resources (“power-seeking”), and to exhibit behavior that is increasingly 'agentic.'" In this case, OpenAI clarifies that "agentic" isn't necessarily meant to humanize the models or declare sentience but simply to denote the ability to accomplish independent goals.

Enlarge (credit: Getty Images)

Rubrik, the Silicon Valley data security company, said that it experienced a network intrusion made possible by a zero-day vulnerability in a product it used called GoAnywhere.

In an advisory posted on Tuesday, Rubrik CISO Michael Mestrovich said an investigation into the breach found that the intruders gained access to mainly internal sales information, including company names and contact information, and a limited number of purchase orders from Rubrik distributors. The investigation, which was aided by an unnamed third-party company, concluded there was no exposure of sensitive information such as Social Security numbers, financial account numbers, or payment card data.

Tight-lipped

“We detected unauthorized access to a limited amount of information in one of our non-production IT testing environments as a result of the GoAnywhere vulnerability,” Mestrovich wrote. “Importantly, based on our current investigation, being conducted with the assistance of third-party forensics experts, the unauthorized access did NOT include any data we secure on behalf of our customers via any Rubrik products.”

Enlarge / Hug it out, boys.

As every Roman historian and Shakespeare fan knows, a soothsayer once told Caesar to beware the Ides of March , for on that day, dark and terrible things would happen. I like to think the message was intended for me, too, because today, my beloved low-cost wireless carrier, Mint Mobile, packed up its ironic communications style, its celebrity ownership, and its $15/month plans... and agreed to sell them all to T-Mobile for $1.35 billion .

Good for actor Ryan Reynolds, part-owner of Mint Mobile. As Reynolds said in a statement , "We are so happy T-Mobile beat out an aggressive last-minute bid from my mom Tammy Reynolds as we believe the excellence of their 5G network will provide a better strategic fit than my mom’s slightly-above-average mahjong skills." (Ha-ha!) Reynolds also released the funniest acquisition video I have ever seen.

Still, the news is depressing. Mint felt fresh; it was a wireless carrier with a slick website and app that worked (at least for me) simply and seamlessly, an irreverent and straight-talking style (Reynolds sent out temp tattoos of his face to subscribers for Christmas; they said, "No Ragrets"), and great prices. It all Just Worked . Now, I love a good value, but not at the cost of janky service, constant hiccups, and 2000-era websites like I saw at other cheap mobile providers. And it wasn't just me; Mint racked up many recommendations, including the "best budget" wireless option from Wirecutter .

Enlarge (credit: Getty Images)

Microsoft on Tuesday profiled software for sale in online forums that makes it easy for criminals to deploy phishing campaigns that successfully compromise accounts, even when they’re protected by the most common form of multi-factor authentication.

The phishing kit is the engine that’s powering more than 1 million malicious emails each day, researchers with the Microsoft Threat Intelligence team said . The software, which sells for $300 for a standard version and $1,000 for VIP users, offers a variety of advanced features for streamlining the deployment of phishing campaigns and increasing their chances of bypassing anti-phishing defenses.

One of the most salient features is the built-in ability to bypass some forms of multi-factor authentication. Also known as MFA, two-factor authentication, or 2FA, this protection requires account holders to prove their identity not only with a password but also by using something only they own (such as a security key or authenticator app) or something only they are (such as a fingerprint or facial scan). MFA has become a major defense against account takeovers because the theft of a password alone isn’t sufficient for an attacker to gain control.

Enlarge / Customizing a Mesh for Teams avatar. Like many people on real-life video calls, the avatars only feature business attire from the waist up. (credit: Microsoft)

There are plenty of reasons to turn your camera off during a Zoom or Teams meeting—maybe you're cleaning your office and you don't want to look like you're not paying attention, or your kid is climbing all over you, or you just haven't managed to shower yet and you don't want to show your coworkers how disheveled you are.

For people who want to split the difference between appearing on camera and switching it off, Microsoft will be adding animated 3D avatars to Microsoft Teams in May, according to Microsoft's product roadmap . The 3D avatars are a component of " Mesh ," an initiative Microsoft announced back in late 2021 when the "metaverse" hype had reached a fever pitch. As originally envisioned, Mesh will include not just 3D Teams avatars, but virtual workspaces accessible via VR, so that people working remotely can experience the joy of sitting in a meeting room while someone drones on in front of a PowerPoint deck.

The roadmap update doesn't include a complete list of features, but previous announcements about Mesh for Teams have shown avatars with customizable body types, skin tones, hair colors and hairstyles, clothes, and facial features. Microsoft said in late 2021 that the initial versions of these avatars would only animate when users were speaking, but eventually the company wants them to be able to mimic users' real-world facial expressions and movements as captured by their webcams.

Enlarge / Satellite broadband user terminals designed by Amazon's Project Kuiper. (credit: Amazon)

Amazon has designed three satellite broadband user terminals and will start offering Internet service in 2024, the company announced today . The standard terminal, designed for residential and small business customers, is expected to cost Amazon less than $400 to make; Amazon did not say what it will charge customers for the terminals or for monthly service plans.

The "standard customer terminal measures less than 11 inches square and 1 inch thick," Amazon said. "It weighs less than five pounds without its mounting bracket. Despite this modest footprint, the device will be one of the most powerful commercially available customer terminals of its size, delivering speeds up to 400 megabits per second (Mbps). Amazon expects to produce these terminals for less than $400 each."

• 

  Amazon's standard terminal for residential and small-business customers. [credit: Amazon ]

Whether customers actually get those speeds in practice will depend on the satellites and how congested the network is in each region, as the experience of SpaceX Starlink customers shows. Amazon didn't differentiate between download and upload speeds in its announcement, but upload speeds are likely to be slower than downloads.

Enlarge (credit: Ars Technica)

On Tuesday, OpenAI announced GPT-4 , a large multimodal model that can accept text and image inputs while returning text output that "exhibits human-level performance on various professional and academic benchmarks," according to OpenAI. Also on Tuesday, Microsoft announced that Bing Chat has been running on GPT-4 all along.

If it performs as claimed, GPT-4 potentially represents the opening of a new era in artificial intelligence. "It passes a simulated bar exam with a score around the top 10% of test takers," writes OpenAI in its announcement. "In contrast, GPT-3.5’s score was around the bottom 10%."

OpenAI plans to release GPT-4's text capability through ChatGPT and its commercial API, but with a waitlist at first. Also, the firm is testing GPT-4's image input capability with a single partner, Be My Eyes , an upcoming smartphone app that can recognize a scene and describe it.

Enlarge (credit: Don Farrall/Getty Images)

In February, attackers from the Russia-based BlackCat ransomware group hit a physician practice in Lackawanna County, Pennsylvania, that's part of the Lehigh Valley Health Network (LVHN). At the time, LVHN said that the attack “involved” a patient photo system related to radiation oncology treatment. The health care group said that BlackCat had issued a ransom demand, “but LVHN refused to pay this criminal enterprise.”

After a couple of weeks, BlackCat threatened to publish data stolen from the system. “Our blog is followed by a lot of world media, the case will be widely publicized and will cause significant damage to your business,” BlackCat wrote on their dark-web extortion site. “Your time is running out. We are ready to unleash our full power on you!” The attackers then released three screenshots of cancer patients receiving radiation treatment and seven documents that included patient information.