Feed-aggregator

Enlarge / They look like normal notifications, but opening an iPhone with one or more of these stacked up, you won't be able to do much of anything until you tap "Allow" or "Don't Allow." And they're right next to each other. (credit: Kevin Purdy)

Human weaknesses are a rich target for phishing attacks. Making humans click "Don't Allow" over and over again in a phone prompt that can't be skipped is an angle some iCloud attackers are taking—and likely having some success.

Brian Krebs' at Krebs on Security detailed the attacks in a recent post, noting that "MFA Fatigue Attacks" are a known attack strategy. By repeatedly hitting a potential victim's device with multifactor authentication requests, the attack fills a device's screen with prompts that typically have yes/no options, often very close together. Apple's devices are just the latest rich target for this technique.

Both the Kremlin-backed Fancy Bear advanced persistent threat group and a rag-tag bunch of teenagers known as Lapsus$ have been known to use the technique, also known as MFA prompt bombing, successfully.

Read 11 remaining paragraphs | Comments

https://www.deutsche-digitale-bibliothek.de/content/blog/einigung-zwischen-der-deutschen-digitalen-bibliothek-und-der-vg-bild-kunst-testphase-zur-lizenzierung-ohne-framing-schutz

“Im Ergebnis haben sich die Parteien nun auf eine fünfjährige Testphase geeinigt, in der die Deutsche Digitale Bibliothek Abbildungen von Werken der Bildenden Kunst aus dem Repertoire der VG Bild-Kunst in ihrem Portal zeigen darf. Gleichzeitig verpflichtet sich die Deutsche Digitale Bibliothek zu einem Monitoring-Verfahren, mit dem potenzielle Framing-Fälle aufgedeckt und der VG Bild-Kunst mitgeteilt werden. Auf Aufforderung der VG Bild-Kunst muss die Deutsche Digitale Bibliothek das Framing in diesen Fällen verhindern. Das Verfahren dient dazu, zum Ende des Testzeitraums beurteilen zu können, ob die Umsetzung von wirksamen technischen Schutzmaßnahmen erforderlich oder das Monitoring-Verfahren fortzuführen ist. ”

Update zu: https://archivalia.hypotheses.org/134556

https://www.lib.cua.edu/wordpress/newsevents/22303/

Vollmundig wird das angeblich innovative Projekt angepriesen, aber die Orientierung auf der Website ist schlecht und die Transkriptionen sind für meinen Geschmack zu stark modernisiert.

https://royalporcelaincollection.skd.museum/inventory/10/book/12104?object=258844663&single=left (Vorhauses statt richtig Vorhaußes usw.)

Enlarge / The steel frame of the Francis Scott Key Bridge sits on top of a container ship after the bridge collapsed in Baltimore on March 26. (credit: Jim Watson/AFP via Getty Images))

Just shy of half past 1 in the morning, the MV Dali, a giant container ship, was sailing gently out of the port of Baltimore when something went terribly wrong. Suddenly, lights all over the 300-meter-long vessel went out. They flicked on again a moment later, but the ship then began to veer to the right, toward one of the massive pylon-like supports on the Francis Scott Key truss bridge—a huge mass of steel and concrete that spans the Patapsco River.

The Dali’s lights went out a second time. Then the impact came. The ship plowed into the support, with large sections of the bridge’s main truss section instantly snapping apart and falling into the river. It took just 20 seconds or so for the structure to come down.

Read 20 remaining paragraphs | Comments

Enlarge / The Polestar 4 went on sale in China late last year, then in Europe and Australia in January. Now it's North America's turn. (credit: Jonathan Gitlin)

NEW YORK—On Wednesday, Polestar formally launched its next electric vehicle in the North American market at the New York International Auto Show. Until now, Polestar's range has been a little limited—there was the Polestar 1, a handsome if a little eccentric plug-in hybrid GT that went out of production after just 1,500 examples. And there's the Polestar 2 sedan, now available as a more efficient, more fun rear-wheel drive variant. But the brand has lacked that most popular of body styles, the SUV—until now.

"We have been obviously waiting for this year so much in order to really accelerate now. So the two cars coming are SUVs, [which] is, for us, key to really get into the dimension that we want to be," said Thomas Ingenlath, CEO of Polestar. "We have invested so much into the brand. We have so much invested into being in 25 countries. Of course we need now that kind of scale, a minimum of a three-car company to justify all of that," he said.

The latest addition is called the Polestar 4, which slightly confusingly slots between the smaller Polestar 2 sedan and larger, more expensive Polestar 3—the other SUV that joins the range this year. It has a clear family resemblance to its siblings, with similar front styling to the Polestar 3 and a fastback rear that calls back to the Polestar 2. The decision to ditch the rear windshield will no doubt be controversial—instead, the Polestar 4 uses a camera-based mirror that provides a wider-angle view of things behind the car than a normal passive mirror.

Read 5 remaining paragraphs | Comments

https://www.deutscherkarikaturenpreis.de/galerie

https://www.hathitrust.org/press-post/introducing-hathitrusts-new-strategic-vision/

Danke an FN.

https://gghhev.de/OFB.html

https://www.bavarikon.de/object/bav:BSB-CMS-0000000000008738

Enlarge (credit: Getty Images / Benj Edwards)

On Tuesday, Anthropic's Claude 3 Opus large language model (LLM) surpassed OpenAI's GPT-4 (which powers ChatGPT) for the first time on Chatbot Arena, a popular crowdsourced leaderboard used by AI researchers to gauge the relative capabilities of AI language models. "The king is dead," tweeted software developer Nick Dobos in a post comparing GPT-4 Turbo and Claude 3 Opus that has been making the rounds on social media. "RIP GPT-4."

Since GPT-4 was included in Chatbot Arena around May 10, 2023 (the leaderboard launched May 3 of that year), variations of GPT-4 have consistently been on the top of the chart until now, so its defeat in the Arena is a notable moment in the relatively short history of AI language models. One of Anthropic's smaller models, Haiku, has also been turning heads with its performance on the leaderboard.

"For the first time, the best available models—Opus for advanced tasks, Haiku for cost and efficiency—are from a vendor that isn't OpenAI," independent AI researcher Simon Willison told Ars Technica. "That's reassuring—we all benefit from a diversity of top vendors in this space. But GPT-4 is over a year old at this point, and it took that year for anyone else to catch up."

Read 8 remaining paragraphs | Comments

Enlarge / Will the fragile Xbox balloon pop if that cage is opened? (credit: Aurich Lawson / Getty Images)

Since the days of the NES, the one unshakable distinction between the PC and console gaming markets was the latter's "walled garden" approach to game distribution. For decades now, console makers have completely controlled the licensing and sales methods available for games on their own hardware.

So when Microsoft Xbox chief Phil Spencer says that he's open to breaking down that walled garden for his consoles, it's a big deal.

Speaking to Polygon in an interview at last week's Game Developers Conference, Spencer said he could foresee a future in which competing game marketplaces like the Epic Games Store or indie clearinghouse itch.io were available directly on Xbox hardware. “[Consider] our history as the Windows company," Spencer told Polygon. "Nobody would blink twice if I said, 'Hey, when you’re using a PC, you get to decide the type of experience you have [by picking where to buy games].' There’s real value in that."

Read 10 remaining paragraphs | Comments

Enlarge (credit: Aurich Lawson | Getty Images)

This week, Florida made headlines after passing HB 3, a law banning children under 14 from accessing social media without parental consent.

Much less attention was given to another requirement under the law obligating "pornographic or sexually explicit websites" to "use age verification to prevent minors from accessing sites that are inappropriate for children," as Republican Florida Governor Ron DeSantis explained the law in a statement.

But Pornhub's parent company, Aylo, has taken notice, with a spokesperson confirming to Ars that "we are aware of the passage into law of HB 3 in Florida, which unfortunately fails to protect minors online."

Read 16 remaining paragraphs | Comments