Skip to main content

How Millions of Digital Home Devices Are Secretly Powering Cyberattacks

2 weeks 3 days ago
The Wall Street Journal reports on internet-connected devices — and how every year millions of them "can contain a secret digital backdoor that opens up access to your home internet, so that anyone... can surf the web as if they were you." (And this is especially true for "knockoffs that you buy online"...) In a video report this week they tested two digital picture frames from Amazon and three streaming devices from Walmart "because we heard that they often ship with backdoor software used in cyberattacks. Security experts believe manufacturers are being paid to add this malware, but many people also get tricked into downloading the software onto their phones or computers... Within minutes of turning the devices on, there was a surge of internet traffic... Visits to gambling, porn, cryptocurrency and loads of other sketchy web sites started pouring in from users around the world." (And remote visitors also tried to access Outlook and Gmail accounts...) Residential proxy companies even rent out access to "tens of millions of home networks around the world," according to the report. "But the problem is actually worse than that. Hackers figured out a way to seize control of these backdoors, and they started taking over these residential networks. Last month authorities arrested a 23-year-old Ottawa man, saying he'd taken control of more than a million devices to launch some of the largest cyberattacks anyone had ever seen.." After a couple months the Journal's reporter collected logs of all the traffic, and sent it to an investigator at Comcast, who said both were conducting DDoS attacks. But estimate for the number of infected devices are as low as tens of millions or as high 500 million-plus. "We've seen nation state attacks launched through these kind of endpoints, which means your device sitting in your house is part of a nation state attack against another nation state... We've seen ad fraud, we've seen ticket scalping, we've seen financial fraud." But more importantly, "We have seen some of the largest computer attacks — meaning computers attacking other computers at human request — ever recorded in our digital history in the last several months." At cybersecurity conferences, some are warning "there are much larger ones on the horizon if we don't get a hold of this problem." The company making the picture frame "couldn't be reached for comment," while Amazon said it's been out of stock since last year. Both Amazon and Walmart said they take action when they confirm malware on a third-party product.

Read more of this story at Slashdot.

EditorDavid

OpenAI Announces Benchmarks for AI Life Sciences Research. Its Best Model Failed 63.9% of the Test

2 weeks 3 days ago
This week OpenAI announced a 750-task test to to measure "whether AI systems can support realistic life science research tasks, not just answer biology questions." But while OpenAI's top-performing GPT-Rosalind model led the rankings, Slashdot reader BrianFagioli notes that "it achieved a pass rate of just 36.1 percent, failing nearly two-thirds of benchmark tasks." Nerds.xyz points out that means "the best-performing model failed nearly two-thirds of the benchmark's tasks." The benchmark also revealed a familiar weakness. AI systems generally perform better when everything is presented as text. Once they are forced to work with supporting documents, figures, or complex datasets, performance drops noticeably. GPT-Rosalind's pass rate fell from 45.1 percent on text-only tasks to 28.1 percent on tasks involving artifacts or URLs. To be fair, the benchmark is not intended to suggest AI is useless in research. Quite the opposite. OpenAI found that models are becoming increasingly capable of scientific communication, evidence synthesis, and translating research findings into practical explanations. Those are valuable skills, particularly for researchers drowning in information. But LifeSciBench serves as a useful reminder that today's AI systems are still far from autonomous scientists. They can help. They can assist. They can sometimes provide surprisingly useful insights. What they cannot reliably do, however, is replace the expertise, judgment, and skepticism that real scientific research requires.

Read more of this story at Slashdot.

EditorDavid