Enlarge (credit: Ars Technica)

Things are moving at lighting speed in AI Land. On Friday, a software developer named Georgi Gerganov created a tool called "llama.cpp" that can run Meta's new GPT-3-class AI large language model, LLaMA , locally on a Mac laptop. Soon thereafter, people worked out how to run LLaMA on Windows as well. Then someone showed in running on a Pixel 6 phone. Next came a Raspberry Pi (albeit very slowly).

If this keeps up, we may be looking at a pocket-sized ChatGPT competitor before we know it.

But let's back up a minute, because we're not quite there yet. (At least not today—as in literally today, March 13, 2023.) But what will arrive next week, no one knows.

Enlarge (credit: Getty Images)

Widely regarded as one of the Internet’s top threats , the Emotet botnet has returned after a months-long hiatus—and it has some new tricks.

Last week, Emotet appeared for the first time this year after a four-month hiatus. It returned with its trademark activity—a wave of malicious spam messages that appear to come from a known contact, address the recipient by name, and seem to be replying to an existing email thread. When Emotet has returned from previous breaks, it brought new techniques designed to evade endpoint security products and to trick users into clicking on links or enabling dangerous macros in attached Microsoft Office documents. Last week’s resumption of activity was no different.

A malicious email sent last Tuesday, for instance, attached a Word document that had a massive amount of extraneous data added to the end. As a result, the file was more than 500MB in size, big enough to prevent some security products from being able to scan the contents. This technique, known as binary padding or file pumping, works by adding zeros to the end of the document. In the event someone is tricked into enabling the macro, the malicious Windows DLL file that’s delivered is also pumped, causing it to mushroom from 616kB to 548.1MB, researchers from security firm Trend Micro said on Monday .

Enlarge / The 1982 TV series Knight Rider featured a car called KITT that a character played by David Hasselhoff (pictured) could talk to. (credit: Getty Images)

In the 1982 TV series Knight Rider , the main character can have a full conversation with his futuristic car. Once science fiction, this type of language interface may soon be one step closer to reality because General Motors is working on bringing a ChatGPT-style AI assistant to its automobiles, according to Semafor and Reuters .

While GM won't be adding Knight Rider -style turbojet engines or crime-fighting weaponry to its vehicles, its cars may eventually talk back to you in an intelligent-sounding way, thanks to a collaboration with Microsoft.

Microsoft has invested heavily in OpenAI, the company that created ChatGPT. Now, they're looking for ways to apply chatbot technology to many different fields.

Enlarge (credit: Edward Olive/Getty Images)

ChatGPT might well be the most famous, and potentially valuable , algorithm of the moment, but the artificial intelligence techniques used by OpenAI to provide its smarts are neither unique nor secret. Competing projects and open source clones may soon make ChatGPT-style bots available for anyone to copy and reuse.

Stability AI , a startup that has already developed and open-sourced advanced image-generation technology, is working on an open competitor to ChatGPT. “We are a few months from release,” says Emad Mostaque, Stability’s CEO. A number of competing startups, including Anthropic , Cohere , and AI21 , are working on proprietary chatbots similar to OpenAI’s bot.

Enlarge / A view of Brian Green's home computer lab, full of vintage treasures. (credit: Brian Green )

In a world where millions of people carry a 1990s-grade supercomputer in their pockets , it's fun to revisit tech from a time when a 1 megahertz machine on a desktop represented a significant leap forward. Recently, a collector named Brian Green showed off his vintage computer collection on Twitter, and we thought it would be fun to ask him about why and how he set up his at-home computer lab.

By day, Green works as a senior systems engineer based in Arkansas. But in his off hours, "Ice Breaker" (as he's often known online) focuses his passion on a vintage computer collection that he has been building for decades—and a bulletin board system ( BBS ) called "Particles" he has been running since 1992.

Green's interest in computers dates back to 1980, when he first used an Apple II+ at elementary school. "My older sister brought home a printout from a BASIC program she was working on, and I was fascinated that you could tell a computer what to do using something that resembled English," recalls Green. "Once I realized you could code games, I was hooked."

Enlarge (credit: Getty Images)

Threat actors connected to the North Korean government have been targeting security researchers in a hacking campaign that uses new techniques and malware in hopes of gaining a foothold inside the companies the targets work for, researchers said.

Researchers from security firm Mandiant said on Thursday that they first spotted the campaign last June while tracking a phishing campaign targeting a US-based customer in the technology industry. The hackers in this campaign attempted to infect targets with three new malware families, dubbed by Mandiant as Touchmove, Sideshow, and Touchshift. The hackers in these attacks also demonstrated new capabilities to counter endpoint detection tools while operating inside targets’ cloud environments.

“Mandiant suspects UNC2970 specifically targeted security researchers in this operation,” Mandiant researchers wrote.

Enlarge / Curling, like the cURL project, requires precision and is underappreciated.

When you first start messing with the command line, it can feel like there's an impermeable wall between the local space you're messing around in and the greater Internet. On your side, you've got your commands and files, and beyond the wall, there are servers, images, APIs, webpages, and more bits of useful, ever-changing data. One of the most popular ways through that wall has been cURL, or "client URL," which turns 25 this month.

The cURL tool started as a way for programmer Daniel Stenberg to let Internet Chat Relay users quickly fetch currency exchange rates while still inside their chat window. As detailed in an archived history of the project , it was originally built off an existing command-line tool, httpget, built by Rafael Sagula. A 1.0 version was released in 1997, then changed names to urlget by 2.0, as it had added in GOPHER, FTP, and other protocols. By 1998, the tool could upload as well as download, and so version 4.0 was named cURL.

Over the next few years, cURL grew to encompass nearly every Internet protocol, work with certificates and encryption, offer bindings for more than 50 languages, and be included in most Linux distributions and other systems. The cURL project now encompasses both the command-line command itself and the libcurl library. In 2020, the project's history estimated the command and library had been installed in more than 10 billion instances worldwide.

Enlarge (credit: Getty Images )

Threat actors with a connection to the Chinese government are infecting a widely used security appliance from SonicWall with malware that remains active even after the device receives firmware updates, researchers said.

SonicWall’s Secure Mobile Access 100 is a secure remote access appliance that helps organizations securely deploy remote workforces. Customers use it to grant granular access controls to remote users, provide VPN connections to organization networks, and set unique profiles for each employee. The access the SMA 100 has to customer networks makes it an attractive target for threat actors.

In 2021, the device came under attack by sophisticated hackers who exploited what was then a zero-day vulnerability. Security appliances from Fortinet and Pulse Secure have come under similar attacks in recent years.

Enlarge (credit: Discord)

Joining a recent parade of companies adopting generative AI technology, Discord announced on Thursday that it is rolling out a suite of AI-powered features, such as a ChatGPT-style chatbot, an upgrade to its moderation tool, an open source avatar remixer, and AI-powered conversation summaries.

Discord's new features come courtesy of technology from OpenAI, the maker of ChatGPT . Earlier this month, OpenAI announced a new API interface for its popular large language model (LLM) and preferential commercial access called " Foundry ." The ChatGPT API allows companies to easily build AI-powered generative text into their apps, and companies like Snapchat and DuckDuckGo are already getting on the bandwagon with their own implementations of OpenAI's tools.

In this case, Discord is using OpenAI's tech to upgrade its existing robot, called "Clyde." The update, coming next week, will allow Clyde to answer questions, engage in conversations, and recommend playlists. Users will be able to chat with Clyde in any channel by typing "@Clyde" in a server, and the bot will reportedly also be able to start a thread for group chats.