Proprietary/Artificial Intelligence (AI) and Microsoft/Windows TCO

posted by Roy Schestowitz on Oct 11, 2023

• Microsoft reportedly runs GitHub's AI Copilot at a loss

  Analysis Microsoft is reportedly losing up to $80 a month per user on its GitHub Copilot services.

• Those who adopt AI will disrupt those who do not, CIA cyber policy adviser says

  One thing that “is pretty clear is those entities that augment their activities with AI applications will likely disrupt those entities that do not. So I think it’s imperative that we find a way to tap into this technology to support the activities that we are entrusted with,” Dan Richard, chief cyber policy adviser for the CIA, said during a Billington Cybersecurity event last week.

• Polynomial Time Cryptanalytic Extraction of Neural Network Models [PDF]

  Billions of dollars and countless GPU hours are currently spent on training Deep Neural Networks (DNNs) for a variety of tasks. Thus, it is essential to determine the difficulty of extracting all the parameters of such neural networks when given access to their black-box implementations. Many versions of this problem have been studied over the last 30 years, and the best current attack on ReLU-based deep neural networks was presented at Crypto’20 by Carlini, Jagielski, and Mironov. It resembles a differential chosen plaintext attack on a cryptosystem, which has a secret key embedded in its black-box implementation and requires a polynomial number of queries but an exponential amount of time (as a function of the number of neurons).

• Microsoft, Tens of Thousands of Layoffs Later, Can’t Afford to Maintain Windows. Out Go the “Legacy” Components.

  Microsoft is unable to tend to Windows anymore after the layoffs and lots of failed acquisitions of unprofitable albatross companies and products, so it starts dropping more “Legacy” components that are the sole reason why anyone is still using this disaster in 2023.

• So Far, AI Is a Money Pit That Isn't Paying Off

  Silicon Valley has bet big on generative AI but it’s not totally clear whether that bet will pay off. A new report from the Wall Street Journal claims that, despite the endless hype around large language models and the automated platforms they power, tech companies are struggling to turn a profit when it comes to AI.

• Amnesia hides names of individuals behind Post Office’s ‘head on a spike’ strategy

  In an inquiry hearing last week, one question stood out, with repeated attempts by inquiry barristers and those representing victims of the scandal to find the answer: Who came up with the strategy to crush Castleton in court to set an example to others who might dare to challenge the Post Office’s false claim that the Horizon system was reliable at all times?

• First subpostmaster Horizon conviction overturned in Scotland

  A Scottish Criminal Cases Review Commission investigation referred to the appeal court in Edinburgh on the grounds that she had suffered a miscarriage of justice. The court agreed and quashed her conviction.

  Law firm Livingstone Brown, which represented Sinclair, said: “She should never have been accused of any wrongdoing, far less convicted.

  “Lessons must be learnt from this national scandal to ensure that these events never happen again. But the question remains as to why it has taken so long to get to this point, four years after the High Court in England issued a damning verdict on the Horizon computer system.”

• Windows TCO

  • Ransomware attacks register record speeds thanks to success of infosec industry

    In nearly two-thirds of cases analysed by Secureworks' researchers, cybercriminals were deploying ransomware within a day, and in more than 10 percent of incidents it was deployed within five hours.

    This average dwell time has dropped significantly in 2023, down from 4.5 days in 2022 and 5.5 days the year before that.

  • Largest-ever DDoS leverages zero-day vulnerability

    The attack is efficient. Only 20,000 botnets were used in the campaign, which is a far cry from the typical number of infected machines used in a DDoS attack, Cloudflare wrote.

    “There are botnets today that are made up of hundreds of thousands or millions of machines,” Cloudflare said. “Given that the entire web typically sees only between 1–3 billion requests per second, it’s not inconceivable that using this method could focus an entire web’s worth of requests on a small number of targets.”