Snippings

xxx

A new draft of the US National Institute of Standards and Technology’s “Digital Identity Guidelines” finally takes steps to eliminate reviled password management practices that have been shown to do more harm than good. The recommendations, which will be mandatory for US federal government entities and serve as guidelines for everyone else, ban the practice of requiring users to periodically change their account passwords, often every 90 days.

The policy of regularly changing passwords evolved out of a desire to ensure that people weren’t choosing easily guessable or reused passwords; but in practice, it causes people to choose simple or formulaic passwords so they will be easier to keep track of. The new recommendations also ban “composition rules,” like requiring a certain number or mix of capital letters, numbers, and punctuation marks in each password.

From: The US Could Finally Ban Inane Forced Password Changes | WIRED.

xxx

xxx

Finally, we examined how intensely respondents employed generative AI on days that they reported using it. This allowed us to estimate a lower and upper bound for the share of total work hours that involve generative AI for the U.S. economy as a whole. We estimated that between 0.5% and 3.5% of all work hours in the U.S. are currently assisted by generative AI. Combining these estimates with a median increase of 25% in task productivity from the adoption of generative AI, an increase consistent with that observed in several studies,3 we estimated that generative AI could plausibly grow labor productivity by between 0.1% and 0.9% at current levels of usage.

From: The Rapid Adoption of Generative AI | St. Louis Fed.

xxx

xxx

In our working paper on this topic, we show that generative AI use is more common among individuals who are male, younger and more educated and who work in computer, math and management occupations. However, perhaps the most important finding is that generative AI use is widespread across gender, age, education, industries and occupations.

From: The Rapid Adoption of Generative AI | St. Louis Fed.

xxx

Leaked documents obtained by the Center for Advanced Defense Studies (C4ADS), a Washington-based think-tank, show that in 2017 a Sudanese company controlled by Prigozhin made purchases of industrial equipment from China that passed through JPMorgan Chase and HSBC.

xxx

“We have been testing this feature in a handful of cities across the U.S.,” says Khosrowshahi, as he emphasizes that early testing shows verified riders not only receive higher ratings and tip more, but also generate fewer complaints from drivers.

From: Prove launches user verification tool | Biometric Update.

xxx

xxx

To help combat the fraudsters, Starling Bank has launched the Safe Phrases campaign, in support of the government’s Stop! Think Fraud campaign, encouraging the public to agree a ‘Safe Phrase’ with their close friends and family that no one else knows, to allow them to verify that they are really speaking to them.

From: Starling warns of rise in voice cloning scams.

My safe phrase is “I’ll keep them talking while you send in the drones”.

xxx

The extraordinary number of vulnerabilities in carmakers’ websites that allow remote control of vehicles is a direct result of companies’ push to appeal to consumers—particularly young ones—with smartphone-enabled features,

From: Millions of Vehicles Could Be Hacked and Tracked Thanks to a Simple Website Bug | WIRED.

xxx

This is a may be, but it does leave me puzzled as to why carmarkers who spend gazillions of dollars

xxx

Today, a group of independent security researchers revealed that they’d found a flaw in a web portal operated by the carmaker Kia that let the researchers reassign control of the internet-connected features of most modern Kia vehicles—dozens of models representing millions of cars on the road—from the smartphone of a car’s owner to the hackers’ own phone or computer. By exploiting that vulnerability and building their own custom app to send commands to target cars, they were able to scan virtually any internet-connected Kia vehicle’s license plate and within seconds gain the ability to track that car’s location, unlock the car, honk its horn, or start its ignition at will.

From: Millions of Vehicles Could Be Hacked and Tracked Thanks to a Simple Website Bug | WIRED.

xxx

xxx

Half of UK fraud victims surveyed received at least a partial refund for their losses, compared with an average of 34 per cent across 15 countries including the US, Japan, Australia and France.

From: UK banks more likely to pay out fraud compensation than overseas rivals.

xxx

xxx

With a device like Orion, you can see how we might soon access always-on computing discreetly, without the distracting wrist turns to look at a smartwatch, or palm turns to view a phone screen. It’s potentially disconcerting that the glasses might detach us even further from being present in real life.

From: Hands On With Meta’s New Orion Augmented Reality Glasses.

xxx