Microsoft Will Make Recall An Opt-In Feature

Microsoft says it’s making its new Recall feature in Windows 11 that screenshots everything you do on your PC an opt-in feature and addressing various security concerns, The Verge reported.

The software giant first unveiled the Recall feature as part of its upcoming Copilot Plus PCs last month, but since then, privacy advocates and security experts have been warning that Recall could be a “disaster” for cybersecurity without changes.

Thankfully, Microsoft has listened to the complaints and is making a number of changes before Copilot Plus PCs launch on June 18th. Microsoft had originally planned to turn on Recall by default, but the company now says it will offer the ability to disable the controversial AI-powered feature during the setup process of new Copilot Plus PCs.

“If you don’t proactively choose to turn it on, it will be off by default” says Windows chief Pavan Davuluri.

According to The Verge, Microsoft’s changes to the way the database is stored and accessed come after cybersecurity expert Kevin Beaumont discovered that Microsoft’s AI-powered feature currently stores data in a database in plain text. That could have made it easy for malware authors to create tools that extract the database and its contents. Several tools have appeared in recent days, promising to exfiltrate Recall data.

Microsoft posted an “Update on the Recall preview feature for Copilot+ PCs”

Today, we are sharing an update on the Recall (preview) feature for Copilot+ PCs, including more information on the set-up experience, privacy controls, and additional details on our approach to security…

Listening to and acting on customer feedback

Even before making Recall available to customers, we have heard a clear signal that we can make it easier for people to choose to enable Recall on their Copilot+ PC and improve privacy and security safeguards. With that in mind, we are announcing updates that will go into effect before Recall (preview) ships to customers on June 18.

* First, we are updating the set-up experience of Copilot+ PCs to give people a clearer choice to opt-in to saving snapshots using Recall. If you don’t proactively choose to turn it on, it will be off by default.

* Second, Windows Hello enrollment is required to enable Recall. In addition, proof of presence is also required to view your timeline and search in Recall.

* Third, we are adding additional layers of data protection including “just in time” decryption protected by Windows Hello Enhanced Sign-In Security (ESS) so Recall snapshots will only be decrypted and accessible when the user authenticates. In addition, we encrypted the search index database.

CNBC reported Microsoft has been trying to balance competing interests of late as it moves to incorporate new generative AI tools into its products and to keep up with the competition.
Microsoft is adding security protections to Recall in addition to requiring people to manually turn it on once Copilot+ PCs become available on June 18. The search index database will be encrypted, Microsoft said.

In my opinion, I am really happy that I don’t use a PC. Copilot+ appears to be really unpopular with a lot of people, especially when it comes to security.

Adobe Responds To “Terms of Use” Controversy

Adobe released a new blog post explaining in its Terms of Use, when Adobe applications may access a user’s content, and whether a user’s content will be used to train Adobe’s artificial intelligence (AI) models and services, PetaPixel reported.

The need for clarification came after numerous users, including some established creative professionals, received pop-up notifications in Adobe that said, among other things, that Adobe could access users content through automated and manual methods. The resulting anger among the creative community is easy to understand.

The pop-up, which required consent for a person to continue using Adobe software, failed to explain precisely what had been updated in the Terms of Use and how Adobe may access someone’s content. Adobe’s opaqueness left the door open for speculation, confusion, and fear.

9TO5Mac reported: When we requested a comment from Adobe, the company’s initial statement didn’t really help, thanks to a dismissive ‘nothing to see here, move along’ tone. 

“This policy has been in place for many years. As part of our commitment to being transparent with our customers, we added clarifying examples earlier this year to our Terms of Use regarding when Adobe may access user content. Adobe accesses user content for a number of reasons, including the ability to deliver some of our most innovative cloud-based features, such as Photoshop Neural Filters and Remove Background in Adobe Express, as well as to take action against prohibited content. Adobe does not access, view or listen to content that is stored locally on any user’s device.”

Adobe posted “A Clarification on Adobe Terms of Use”:

We recently made an update to our Terms of Use with the goal of providing more clarity on a few specific areas and pushed a routine re-acceptance of those terms to Adobe Creative Cloud and Document Cloud customers. We have received a number of questions resulting from this update and want to provide some clarity.

We remain committed to transparency, protecting the rights of creators and enabling our customers to do their best work.

What is different in the Terms of Use

The focus of this update was to be clearer about the improvements to our moderation processes that we have in place. Given the explosion of Generative AI and our commitment to responsible innovation, we have added more human moderation to our content submissions review processes.

To be clear, Adobe requires a limited license to access content solely for the purpose of operating or improving the services and software to enforce our terms and comply with law, such as to protect against abusive content.

When Adobe applications and services may access content

Access is needed for Adobe applications and services to preform the functions they are designed and used for (such as opening and editing files for the user or creating thumbnails or a preview for sharing).

Access is needed to deliver some of our most innovative cloud-based feature such as Photoshop Neural Filters, Liquid Mode, or Remove Background. You can read more information, including how users can control how their content will be used.

In my opinion, it looks like Adobe has gotten the message that artists do not want Adobe to be tracking them or using their artwork to feed to a generative AI. That said, I think a lot artists with their work on Adobe will start searching for better alternatives.

Adobe Responds To Uproar Over Terms of Service Language

Adobe has been one of the leading legacy enterprise software companies to embrace generative AI and make it accessible to users through the likes of its proprietary (and enterprise-safe) Firefly AI image generational model, Generative Fill and other gen AI features in Photoshop, and, just today, an AI Assistant for its customer experience — plus much more, VentureBeat reported.

But the company has also taken backlash among some of its users and Adobe Stock contributors for this pro-gen AI stance. And lately, as gen AI tech overall faces an increasing number of critics and doubters, Adobe has found itself in hot water over new “Terms of Service” (ToS) language that is requiring users to agree to before continuing to use its apps.

According to VentureBeat, the ToS doesn’t actually mention AI, apart from a reference to “machine learning,” which can be used to train gen AI models, but also many other programs, and a clause stating that AI models cannot be trained on Adobe software.

It’s section 2.2 in the updated Adobe ToS that has really inflamed a handful of users on social media, namely X. This section states:

2.2 Our Access to Your Content. We may access, view, or listen to your Content (defined in section 4.1) (Content) below) through both automated and manual methods, but only in limited ways, and only as permitted by law. For example, in order to provide the Services and Software, we may need to access, view, or listen to your content to:

(A) respond to Feedback or support requests;
(B) detect, prevent or otherwise address fraud, security, legal, or technical requests;
(C) enforce the Terms, as further set forth in Section 4.1 below.

Our automated systems may analyze your Content and Creative Cloud Customer Fonts (defined in section 3.10 (Creative Cloud Customer Fonts) below) using techniques such as machine learning in order to improve our Services and Software and the user experience.

PetaPixel reported a pop-up notice being served to some Adobe users — none at PetaPixel as of yet — says that Adobe has updated the Adobe General Terms of Use regarding the use of its Software and Services, including clarifications concerning content access (sections 2.2 and 4.1), the right to delete content for inactive accounts (section 5.3), and reduced the period to informally resolve disputes from 60 to 30 days (Section 14.1).

If users want to continue using the Adobe app in question, they must accept the revised terms of use, which is standard practice. They cannot continue using Adobe apps and services if they close the window without accepting.

Mashable reported: On a separate page that breaks down how Adobe uses machine learning, Adobe says it doesn’t use content stored locally on your device, so only content that’s stored in the Creative Cloud.

Otherwise, content that users make public, such as contributions to Adobe Stock, submissions to be featured on Adobe Express to be used as tutorials in Lightroom, are used to “train [Adobe’s] algorithms and those improve [it’s] products and services.”

In my opinion, Adobe’s decisions to feed the art of its users into an AI – without compensating the artists – is going to cause Adobe’s stock to drop like a brick.

SpaceX Starship Achieves Major Milestone! #1745

SpaceX’s Starship rocket completed its first successful full test flight, returning to Earth without exploding. Standing nearly 400 feet tall, this marked the fourth launch and the longest flight of the world’s largest and most powerful rocket. Despite some damage and the loss of tiles, the spacecraft managed a controlled splashdown in the Indian Ocean after a flight reaching 130 miles in altitude and speeds of 16,000 mph. This milestone is crucial for SpaceX’s plans to reuse the rocket for missions to the moon and Mars.

Listener Links:
Your Data, Your Devices, and You: Easy-to-Follow Instructions to Reduce Your Risk of Data Loss, Device Infection, and Identity Theft
DJI Hit Piece

Subscribe to the Newsletter.
Join the Chat @ GeekNews.Chat
Email Todd or follow him on Facebook.
Like and Follow Geek News Central’s Facebook Page.
Download the Audio Show File
New YouTube Channel – Beyond the Office

Support my Show Sponsor: Best Godaddy Promo Codes
$11.99 – For a New Domain Name cjcfs3geek
$6.99 a month Economy Hosting (Free domain, professional email, and SSL certificate for the 1st year.) Promo Code: cjcgeek1h
$12.99 a month Managed WordPress Hosting (Free domain, professional email, and SSL certificate for the 1st year.) Promo Code: cjcgeek1w
Support the show by becoming a Geek News Central Insider

Continue reading SpaceX Starship Achieves Major Milestone! #1745

Forced to Vacate Studio #1744

After operating Geek News Central for the past five years from the current studio, I was forced to vacate the space I’d called home for so long.

About 18 months ago, The Mint, a weed shop, moved in next door, and while it wasn’t without its quirks—like the morning aroma of weed in my kitchen area—they’ve been good neighbors. For the past six months, I’ve been on a month-to-month lease after the building was acquired more than a year ago by the owners of said weed shop, and I never thought about renewing it. The landlord seemed content having me there, especially since the place had been vacant for years before I moved in back in 2019. But, that was my mistake.

On Sunday, May 28th, I received a termination notice of my lease from the owners of the building based out of Arizona. My lease termination date was set for June 28th, and as you know, I had a trip planned that extended beyond that date. With no time to lose and not wanting a legal battle, I spent two days vacating the studio, thanks to a miraculous 48-hour effort over Monday on Memorial Day and Tuesday.

So here I am, with no place to operate from when I return. My studio was never open to the public, as you know, but served as the backbone of my podcast,

Finding a new location will be challenging and may even require moving to a community that understands and supports this type of creative work. It reminds me of my mantra: never build your brand on rented land. While my .com is safe, my creative space isn’t, and this reality has been a soul-crushing experience.

I have no idea who will move into my old space—perhaps no one, in this challenging commercial market. My rent was always paid on time, but maybe weed sales are doing so well that they need a bigger store.

Subscribe to the Newsletter.
Join the Chat @ GeekNews.Chat
Email Todd or follow him on Facebook.
Like and Follow Geek News Central’s Facebook Page.
Download the Audio Show File
New YouTube Channel – Beyond the Office

Support my Show Sponsor: Best Godaddy Promo Codes
$11.99 – For a New Domain Name cjcfs3geek
$6.99 a month Economy Hosting (Free domain, professional email, and SSL certificate for the 1st year.) Promo Code: cjcgeek1h
$12.99 a month Managed WordPress Hosting (Free domain, professional email, and SSL certificate for the 1st year.) Promo Code: cjcgeek1w
Support the show by becoming a Geek News Central Insider

US Dismantles Botnet Used For Cyberattacks

The U.S. Justice Department and international partners dismantled the 911 S5 proxy botnet and arrested 35-year-old Chinese national YunHe Wang, its administrator, in Singapore, Bleeping Computer reported.

“Working with our international partners, the FBI conducted a joint, sequenced cyber operation to dismantle the 911 S5 Botnet – likely the world’s largest botnet every,” said FBI Director Christopher Wray.

“We arrested its administrator, Yunhe Wang, seized infrastructure and assets, and levied sanctions against Wang and his co-conspirators.”

As early as 2011, Wang and his conspirators pushed malware onto victims’ devices using multiple malicious VPN applications bundling proxy backdoors. The VPN apps that added compromised devices to the 911 S5 residential proxy service include MaskVPN, DewVPN, PaladinVPN, ProxyGate, ShieldVPN, and ShineVPN.

The U.S. Department of Justice posted a press release:

A court-authorized international law enforcement operation led by the U.S. Justice Department disrupted a botnet used to commit cyber attacks, large-scale fraud, child exploitation, harassment, bomb threats, and export violations.

As part of this operation, YunHe Wang, 35, a People’s Republic of China national and St. Kitts and Nevis citizen-by-investment, was arrested on May 24 on criminal charges arising from his deployment of malware and the creation and operation of a residential proxy service known as “911 S5.”

According to an indictment unsealed on May 24, from 2014 through July 2022, Wang and others are alleged to have created and disseminated malware to compromise and amass a network of millions of residential Windows computers worldwide. These devices were associated with more than 19 million unique IP addresses, including 613,841 IP addresses located in the United States. Wang then generated millions of dollars by offering cybercriminals access to these infected IP addresses for a fee.

“The Justice Department-led operation brought together law enforcement partners from around the globe to disrupt 911-S5, a botnet that facilitated cyber-attacks,” said Attorney General Merck B. Garland. “As a result of this operation, YunHe Wang was arrested on charges that he created and operated the botnet and deployed malware. This case makes clear that the long arm of the law stretches across borders and into the deepest shadows of the dark web, and the Justice Department will never stop fighting to hold cybercriminals to account.”…

ArsTechnica reported the U.S Treasury Department has sanctioned three Chines nationals for their involvement with a VPN-powered botnet with more than 19 million residential IP addresses they rented out to cybercriminals to obfuscate their illegal activities, including COVID-19 scares and bomb threats.

The criminal enterprise, the Treasury Department said Tuesday, was a residential proxy known as 911 S5. Such services provide a bank of IP addresses belonging to everyday home users for customers to route Internet connections through. When accessing a website or other Internet service, the connection appears to originate with the home user.

In my opinion, it is good that the U.S. Department of Justice took action against YunHe Wang and others, and prevented them from engaging in these kinds of shenanigans. 

OpenAI Has A New Safety Team Led By Sam Altman

OpenAI is forming a new safety team, and it’s led by CEO Sam Altman, along with board member Adam D’Angelo and Nicole Seligman. The committee will make recommendations on critical safety and security decisions for OpenAI projects and operations” — a concern several key AI researchers shard when leaving the company this month, The Verge reported.

For its first task, the new team will “evaluate and further develop OpenAI’s processes and safeguards.” It will then present its findings to OpenAI’s board, which all three of the safety team’s leaders have a seat on. The board will then decide how to implement the safety team’s recommendations.

It’s formation follows the departure of OpenAI co-founder and chief scientist Ilya Sutskever, who supported the board’s attempted coup to dethrone Altman last year. He also co-led OpenAI’s Superalignment team, which was created to “steer and control AI systems much smarter than us.”

The OpenAI Board posted the following:

Today, the OpenAI Board formed a Safety and Security Committee led by director Bret Taylor (Chair), Adam D’Angelo, Nicole Selgiman, and Sam Altman (CEO). This committee will be responsible for making recommendations to the full Board on critical safety and security and security decisions for OpenAI projects and operations.

OpenAI has recently begun training its next frontier model and we anticipate the resulting systems to bring us to the next level of capabilities on our path to AGI. While we are proud to build and release models that are industry-leading on both capabilities and safety, we welcome a robust debate at this important moment.

A first task of the Safety and Security Committee will be to evaluate and further develop OpenAI’s processes and safeguards over the next 90 days. At the conclusion of the 90 days, the Safety and Security Committee will share their recommendations wit hotel full board. Following the Board’s review, OpenAI will publicly share an update on adopted recommendations in a manner that is consistent with safety and security….

OpenAI says it’s training the next frontier model, according to a press release on Tuesday, and anticipates it will bring the startup one step closer to artificial intelligence systems that are generally smarter than humans. The company also announced a new Safety and Security Committee to guide critical safety and security decisions, led by CEO Sam Altman and other OpenAI board members, Gizmodo reported.

“While we are proud to build and release models that are industry-leading on both capabilities and safety,” OpenAI said in a press release. “We welcome a robust debate at this important moment.”

The announcement follows a tumultuous month for OpenAI, where a group led by Ilya Sutskever and Jan Leake that researched AI risks existential to humanity was disbanded. Former OpenAI board members Helen Toner and Tasha McCauley wrote in The Economist on Sunday these developments and others following the return of Altman “bode ill for the OpenAI experiment in self-governance.” 

In my opinion, companies like OpenAI appear to be pushing boundaries to see what their AI can do. This, unfortunately, includes the company taking Scarlett Johansen’s voice without her permission.