9.8 C
New York
Wednesday, April 2, 2025
Home Blog Page 3796

Is the Google Pixel Watch 3 waterproof?

codesanitize
-
0
Is the Google Pixel Watch 3 waterproof?


Is the Google Pixel Watch 3 waterproof?

Like most smartwatches, the Pixel Watch 3 is waterproof, not waterproof. You may swim in pool or ocean water, and it could stand up to rain, sweat, or regular showerhead stress. However scorching or high-pressure water can bypass its protections; do not use it throughout actions like water snowboarding or a spa day.

As well as, your Pixel Watch 3 band might not be waterproof. Particularly, whereas the default Lively band handles water, the official leather-based and steel bands aren’t rated to deal with water and needs to be dried off instantly after a moist or sweaty exercise.

Holding your Pixel Watch 3 protected against water

Pixel Watch 3 41mm and 45mm with Porcelain bands

(Picture credit score: Andrew Myrick / Android Central)

Formally, the Pixel Watch 3 has water safety rankings of 5ATM and IP68, like many of the finest Android smartwatches right this moment. Which means it is examined to final at depths of fifty meters for as much as 10 minutes or 1.5 meters for as much as half-hour. 

It is also mud resistant, that means salt water or seashore sand should not get contained in the case.



finder – Methods to take away a file named “.”?

codesanitize
-
0
finder – Methods to take away a file named “.”?


Overview

Incorrect specification of an argument in a commandline device (particulars under) has led to the creation of a file actually named “.”. I’ve already discovered that instantly making an attempt to delete in Finder will set off deletion of all content material within the containing folder (fortuitously this can be a short-term folder), however nonetheless not the “.” file itself. Furthermore, no folders containing this file may be efficiently deleted, neither with Finder nor from bash/zsh shell.

Makes an attempt to delete from zsh

For instance:

mytmp % ls -hal
whole 65
drwx------  1 consumer  employees    16K Aug 21 11:20 .
-rwx------  1 consumer  employees     0B Aug 21 09:51 .
drwx------  1 consumer  employees    16K Aug 16 16:30 ..

mytmp % ls -aB
.   .   ..

mytmp % rm -rf '.'                   
rm: "." and ".." will not be eliminated

mytmp % cd ..

scratch % rm -rf mytmp
rm: mytmp: Permission denied

scratch % sudo rm -rf mytmp
rm: mytmp: Permission denied

I’ve additionally tried variations with out -r, since actually it’s the non-directory model that’s to be deleted.

I moreover tried the suggestion of @bmike to use the inode. Whereas we will determine the inode, the deletion doesn’t seem to work:

scratch % ls -ila mytmp
whole 65
8056451580272514705 drwx------  1 consumer  employees  16384 Aug 21 11:20 .
8652239633868421122 -rwx------  1 consumer  employees      0 Aug 21 09:51 .
                  2 drwx------  1 consumer  employees  16384 Aug 21 11:43 ..

scratch % discover mytmp -inum 8652239633868421122 -delete

## no change
scratch % ls -ila mytmp
whole 65
8056451580272514705 drwx------  1 consumer  employees  16384 Aug 21 11:20 .
8652239633868421122 -rwx------  1 consumer  employees      0 Aug 21 09:51 .
                  2 drwx------  1 consumer  employees  16384 Aug 21 11:43 ..

How can one truly delete (or rename) such a file?

Extra Background

The device that resulted on this was haplogrep, a Java-based CLI. One can set up it by means of Conda by way of

conda set up -c conda-forge -c bioconda haplogrep

The subcommand used was haplogrep classify, which has the next choices:

mytmp % haplogrep classify

mtDNA Haplogroup Classifiction v2.4.0
https://github.com/seppinho/haplogrep-cmd
(c) Sebastian Schönherr, Hansi Weissensteiner, Lukas Forer, Dominic Pacher
[email protected]

[classify]
Lacking required choices: '--input=', '--output=', '--format='
Utilization: haplogrep classify [--chip] [--extend-report] [--rsrs]
                          [--skip-alignment-rules] [--write-fasta]
                          [--write-fasta-msa] --format=
                          [--hetLevel=] [--hits=] --in=
                          [--lineage=] [--metric=] --out=
                          [--phylotree=]
      --chip                VCF information from a genotype chip
                              Default: false
      --extend-report       Add flag for a prolonged closing output
                              Default: false
      --format=     Specify enter file format: vcf, fasta or hsd
      --hetLevel= Add heteroplasmies with a stage > X from the VCF
                              file to the profile (default: 0.9)
      --hits=         Calculate greatest n hits
      --in, --input=    Enter VCF, fasta or hsd file
      --lineage=   Export lineage data as dot file, n0=no
                              tree, 1=with SNPs, 2=solely construction, no SNPs
      --metric=     Specifiy different metrics (hamming or jaccard) than
                              default (kulczynski)
      --out, --output= Output file location
      --phylotree=    Specify phylotree model
      --rsrs                Use RSRS Model
                              Default: false
      --skip-alignment-rules
                            Skip mtDNA nomenclature fixes primarily based on guidelines for
                              FASTA import
                              Default: false
      --write-fasta         Write ends in fasta format
                              Default: false
      --write-fasta-msa     Write a number of sequence alignment (_MSA.fasta)
                              Default: false

I misinterpreted the “Output file location” description of the --out argument as asking for a path, main me to make use of --out . and thus leading to making a file named “.”.

Renaming

The file itself can’t be renamed in Finder or with mv, nevertheless, the containing folder may be renamed.

Deepfakes of Prince William Lure Social Media Customers into an Funding Rip-off

codesanitize
-
0
Deepfakes of Prince William Lure Social Media Customers into an Funding Rip-off


Deepfakes of Prince William and the UK Prime Minister are pushing funding scams on Fb and Instagram.

Uncovered by Fenimore Harper Communications, a media analysis group, the deepfakes take the type of advertisements that result in a phony cryptocurrency platform.[i] In accordance with Fenimore Harper, the equal of $27,000 U.S. {dollars} has been spent on these advertisements and so they have reached greater than 890,000 individuals.

In all, scammers fueled the advertisements with 14 totally different currencies as various as Columbian Pesos, Thai Bahm, Uruguayan Peso, Bangladeshi Taka, and United Arab Emirates Dirham.

In one of many advertisements, a faux Prime Minister Sir Keir Starmer broadcasts a “nationwide make investments platform,” and “to generate profits on this official platform, all you want is a cellphone or pc.” One other advert claims that 45 people have been specifically chosen to earn “life-changing cash” via a mysterious challenge.

One other advert contains a faux Prince William saying, “I’m happy to announce that I, Prince William, and the complete royal household totally assist Prime Minister Keir Starmer’s initiative and his new platform.”

Fenimore Harper says that a few of the advertisements are nonetheless operating. The group mentioned that it recognized these advertisements utilizing Meta’s personal AI mannequin, Llama 3.1 70B.

Prince William and UK Prime Minister deepfakes result in a phony funding website

Fenimore Harper’s report then discovered that a few of the advertisements directed individuals to a bogus cryptocurrency platform known as “Instant Edge.”

As soon as on the location, individuals had been requested to supply fundamental contact information, adopted by encouragement to make investments.

Fenimore Cooper discovered a number of unfavourable opinions for the platform on Trustpilot, “principally from victims complaining they misplaced their cash or had been hounded by scammers over the cellphone.”

Most of the hyperlinks to the bogus platform look like lifeless now, whilst some advertisements nonetheless seem to flow into.

As reported by The Impartial, a spokesperson for Meta mentioned, “Our methods detected and eliminated the overwhelming majority of those adverts earlier than this report was printed. As a part of our advertisements evaluation course of—which might embody each automated and human opinions — we now have a number of layers of research and detection, each earlier than and after an advert goes reside. It’s in opposition to our insurance policies to run advertisements that improperly use pictures of public or political figures for misleading functions, and we take away these advertisements when detected.”[ii]

A complicated rip-off hides behind low-quality deepfakes

A faux advert that includes Prime Minister Sir Keir Starmer in Fenimore Harper’s report reveals that the deepfakes are low-grade. Of their instance, the scammers use beforehand aired footage of the Prime Minister dubbed over with AI voice-cloned audio. As within the case of many cheaper deepfakes, the lip-synching matches poorly.

With that, this rip-off echoes the Taylor Swift cookware deepfake rip-off we reported on earlier this 12 months. It additionally used poorly dubbed AI voice-cloned audio atop clips of beforehand aired footage.

Nonetheless, regardless of the low-quality deepfake, this rip-off units itself aside with the best way the scammers manipulated Google search outcomes. On condition that many individuals use search to analysis potential investments, the scammers made positive to provide themselves favorable opinions.

In accordance with Fenimore Harper, the scammers used Web optimization-hacking strategies in order that the scammers may “place their very own copy in Google’s ‘featured snippets’ … [making the] high consequence a glowing endorsement for the rip-off.”

Fenimore Harper says that the scammers additional duped Google’s AI overview function, which summarizes search outcomes. Of their instance, individuals should scroll via a number of outcomes that comprise disinformation earlier than they get to a reputable supply for opinions.

In all, it seems the scammers put additional thought and care into their rip-off. They did greater than financial institution on a deepfake and a bogus website to lure in victims. They anticipated the subsequent transfer for a lot of victims, which was to hop on a search engine and see if the chance was legit.

Defending your self from on-line funding scams

Scammers have more and more turned to AI deepfakes of celebrities and different public figures to push their scams. What’s new right here is that we now have a primary minister and a member of the royal household falling sufferer to a deepfake as a part of the rip-off.

Nonetheless, you’ll be able to avoid on-line funding scams like these, whether or not they use AI deepfakes or not. Take into account the next as obvious “alternatives” crop up on-line:

Go together with a professional.

Working with an accredited monetary adviser is all the time a sound step with any funding you select to make, as is just investing funds you’ll be able to afford to lose if the funding falls via.

Be careful for brand spanking new, untried platforms.

Keep away from investments that ask you to contribute cash instantly from one among your individual accounts somewhat than by way of a dependable, verified platform.

Search trusted analysis sources.

As we noticed above, the highest ends in a search won’t be probably the most credible supply of information. When researching monetary alternatives, search for established, reliable sources of evaluation. Seek the advice of a number of sources as effectively.

Be cautious of superstar and popular culture tie-ins.

Regard any funding based mostly on a popular culture reference like films, memes, and reveals with a extremely essential eye. The identical goes for public figures. It would very effectively be a rip-off constructed round buzz somewhat than a legit funding, such because it was with the Squid Recreation cryptocurrency rip-off we noticed in 2021 and the more moderen AI deepfake scams that includes a faux Elon Musk selling bogus investments.

Use on-line safety software program.

AI-powered on-line safety such as you’ll discover in our McAfee+ plans sniffs out hyperlinks to suspicious websites that promote scams and comprise malware. Scams like these take you to shady corners of the web, and our safety will warn you earlier than you faucet or click on — and block these websites in case you faucet or click on by mistake.

[i] https://www.fenimoreharper.com/analysis/starmer-disinformation-meta-deepfakes

[ii] https://www.unbiased.co.uk/information/uk/home-news/starmer-prince-william-ai-deepfake-crypto-scam-b2595554.html

 

Introducing McAfee+

Id theft safety and privateness on your digital life



7 Methods to Prepare LLMs With out Human Intervention

codesanitize
-
0
7 Methods to Prepare LLMs With out Human Intervention


Introduction

Take into consideration a society that is aware of, evolves and works effectively with out human interplay, as kids who don’t want a tutor to cross an examination. Whereas this appears like a scene from a Transformers film, it’s the imaginative and prescient of the way forward for the machine’s studying course of that synthetic intelligence brings to us. Massive language fashions able to self-training. Within the following article, seven new strategies might be launched which assist the LLMs to coach themselves and are extra clever, sooner, and extra versatile than earlier than.

7 Methods to Prepare LLMs With out Human Intervention

Studying Outcomes

  • Perceive the idea of coaching LLMs with out human intervention.
  • Uncover seven completely different strategies used for autonomous coaching of LLMs.
  • Learn the way every methodology contributes to the self-improvement of LLMs.
  • Acquire insights into the potential benefits and challenges of those strategies.
  • Discover real-world functions of autonomously skilled LLMs.
  • Perceive the implications of self-training LLMs on the way forward for AI.
  • Be outfitted with information on the moral concerns surrounding autonomous AI coaching.

7 Methods to Prepare LLMs With out Human Intervention

Allow us to now look into the 7 methods to coach LLMs with out human intervention.

1. Self-Supervised Studying

Self-supervised studying is the cornerstone of autonomous LLM coaching. On this methodology, fashions generate their very own labels from enter knowledge, eradicating the necessity for manually labeled datasets. As an example, by predicting lacking phrases in a sentence, an LLM can study language patterns and context with out express steerage. This system permits LLMs to coach on huge quantities of unstructured knowledge, resulting in extra generalized and strong fashions.

Instance: A mannequin would possibly take the sentence “The cat sat on the _” and predict the lacking phrase, “mat.” By constantly refining its predictions, the mannequin improves its understanding of language nuances.

2. Unsupervised Studying

Unsupervised studying takes self-supervised studying a step additional by coaching fashions on knowledge with none labels in any respect. LLMs determine patterns, clusters, and buildings throughout the knowledge on their very own. This methodology is especially helpful for locating latent buildings in massive datasets, enabling LLMs to study complicated representations of language.

Instance: An LLM would possibly analyze a big corpus of textual content and categorize phrases and phrases primarily based on their semantic similarity, with none human-defined classes.

3. Reinforcement Studying with Self-Play

Reinforcement studying (RL) in its rudimentary sense is a course of the place an agent is enabled to make selections with respect to an surroundings through which it operates and acquires rewards or punishments. In self-play, an LLM can train itself video games in opposition to necron variations or different components of itself. Accomplishments in each one in every of these topic areas might be doable with this method since fashions can modify its methods in duties similar to language technology, translation in addition to conversational AI each day.

Instance: An LLM may simulate a dialog with itself, adjusting its responses to maximise coherence and relevance, resulting in a extra polished conversational skill.

4. Curriculum Studying

Curriculum studying mimics the tutorial course of, the place an LLM is skilled progressively on duties of accelerating problem. By beginning with easier duties and steadily introducing extra complicated ones, the mannequin can construct a powerful basis earlier than tackling superior issues. This methodology reduces the necessity for human intervention by structuring the training course of in a manner that the mannequin can observe autonomously.

Instance: An LLM would possibly first study primary grammar and vocabulary earlier than progressing to complicated sentence buildings and idiomatic expressions.

5. Automated Knowledge Augmentation

Knowledge improvement entails creating new coaching fashions from present knowledge, a course of that may be automated to assist LLMs practice with out human involvement. Methods similar to paraphrasing, synonymous substitution, and sentence inversion can generate a wide range of coaching contexts, permitting LLMs to study actively from restricted contexts in

Instance: As an example, a sentence like “The canine barked loudly” may very well be written as “The canine barked loudly” and as such, present the LLM with inputs that will assist the training course of.

6. Zero-Shot and Few-Shot Studying

Zero-shot and short-shot programs allow LLMs to use their present expertise, and carry out the duties for which they’ve been explicitly skilled. These strategies cut back the necessity for big quantities of human-supervised coaching knowledge. In a zero-shot research, the mannequin produces a simulation with no prior pattern, whereas in a brief research, it learns from a minimal variety of samples.

Instance: An LLM skilled in English writing might be able to translate easy Spanish sentences into English with little or no prior publicity to Spanish, due to his or her understanding of language patterns so.

Additionally Learn: Find out about Zero Shot, One Shot and Few Shot Studying

7. Generative Adversarial Networks (GANs)

GANs encompass two fashions: a generator and a discriminator. The generator creates knowledge samples, whereas the discriminator evaluates them in opposition to actual knowledge. Over time, the generator improves its skill to create life like knowledge, which can be utilized to coach LLMs. This adversarial course of requires minimal human oversight, because the fashions study from one another.

Instance: A GAN may generate artificial textual content that’s indistinguishable from human-written textual content, offering further coaching materials for an LLM.

Conclusion

The course in the direction of acquired LLM coaching is a step progress for the AI particular discipline. With the usage of strategies similar to self-supervised studying, reinforcement studying with self-play and GANs, LLMs can self-train themselves to a sure extent. All these developments not solely enhance the practicality of large-scale AI fashions and supply new instructions for improvement. Thus, it’s essential to show our consideration to the ethical results and be sure that these applied sciences are rising up as moral as doable.

For a deeper dive into generative AI and associated strategies, you possibly can study extra by enrolling within the Pinnacle Program by Analytics Vidhya. This program affords complete coaching and insights that may equip you with the talents wanted to grasp the most recent AI developments.

Ceaselessly Requested Questions

Q1. What’s the important benefit of coaching LLMs with out human intervention?

A. The first benefit is scalability, as fashions can study from huge quantities of information with out the necessity for time-consuming and costly human labeling.

Q2. How does self-supervised studying differ from unsupervised studying?

A. Self-supervised studying generates labels from the info itself, whereas unsupervised studying doesn’t use any labels and focuses on discovering patterns and buildings throughout the knowledge.

Q3. Can LLMs skilled with out human intervention outperform historically skilled fashions?

A. Sure, in lots of circumstances, LLMs skilled with strategies like self-play or GANs can obtain superior efficiency by constantly refining their information with out human bias.

Q4. What are the moral issues with autonomous AI coaching?

A. Key issues embrace the potential for unintended biases, lack of transparency within the studying course of, and the necessity for accountable deployment to keep away from misuse.

Q5. How does curriculum studying profit LLMs?

A. Curriculum studying helps fashions construct foundational information earlier than tackling extra complicated duties, resulting in more practical and environment friendly studying.

The Barrier to Profitable Provide Chain Assaults is Dropping

codesanitize
-
0
The Barrier to Profitable Provide Chain Assaults is Dropping


Software program provide chain assaults stay a significant risk to enterprise software program consumers and producers, and proof means that the risk is rising. Actually, Gartner predicts that by 2025, 45% of organizations worldwide may have skilled assaults on their software program provide chains—a threefold improve from 2021. 

What’s extra, Cybersecurity Ventures expects that the worldwide annual value of software program provide chain assaults to companies will attain a staggering $138 billion by 2031, up from $60 billion in 2025 and $46 billion in 2023, primarily based on 15 p.c year-over-year development. 

Behind these numbers lies a stark actuality: software program growth groups face stress to ship new options and functions to the market whereas the safety of that software program is a decrease precedence. That dynamic, mixed with the complexity of recent software program provide chains, creates simple targets for a brand new breed of attackers who’re focusing on software program growth infrastructure to ship most impression.

A New Breed of Attacker Units Sights on the Software program Provide Chain 

It wasn’t so way back that assaults corresponding to these on SolarWinds or 3CX had been the only purview of nation-state-backed hacking crews. Teams corresponding to Nobelium, Lazarus, and others had been united by a complicated ability set, ample sources, deep expertise, and, after all, the harm that was left of their wake. 

However over the previous few years, the ranks of provide chain attackers have grown, with perpetrators saddling up alongside these nation-state actors. I’m referring to low-skilled cybercriminals who might lack the subtle ability set of their extra skilled cohort however are equally motivated to wreak havoc on the software program provide chain and exploit enterprises.

Their efforts start by figuring out open lanes resulting in IT environments the place they will steal delicate information, deploy backdoors and different malware, or trigger disruptions. Open-source repositories ceaselessly provide such a possibility. 

These repositories are usually platforms or on-line areas used to retailer and handle the supply code, documentation, and different associated sources of open-source software program initiatives. Because the identify would point out, openness is essential. Anybody can entry these repositories to review, contribute, modify, and collaborate on initiatives. This openness is a part of what’s driving the rising use of open-source repositories like GitHub, which have now grow to be a typical instrument for good-willed builders who’re in a time crunch. 

In response to its 2022 Octoverse report, greater than 85 million new open-source initiatives had been began globally on GitHub in 2022, and 20.5 million new builders joined GitHub in that very same 12 months. However the success of those repositories comes at a value, particularly:  it creates alternatives for low-skilled attackers to disseminate dangerous malware on these platforms through a wide range of rudimentary strategies. 

This 12 months’s Verizon Knowledge Breach Investigations Report factors out this value to software program growth: “A really actual threat with this strategy is that you simply’re taking it on religion that the libraries you’re downloading are free from malware.” 

Whereas many of those rudimentary efforts are finally ineffective, the variety of assaults on repositories is exploding. Even GitHub bought “bought” this 12 months. Add all of it up, and it is clear that these assaults pose a rising safety threat for software program producers. Earlier this 12 months, we launched our State of Software program Provide Chain Safety 2024 report, which examines a number of the hottest open-source repositories, together with npm, the Python Package deal Index (PyPI), and NuGet. 

Right here’s what our crew discovered:

  • Incidents of malicious packages corresponding to infostealersbackdoors, and protestware on open-source repositories elevated by 1,300% over the previous three years. 

  • There was a 400% annual improve in threats on the PyPI platform, with greater than 7,000 situations of malicious PyPI packages found within the first three quarters of 2023. The overwhelming majority of those had been labeled as “infostealers.”

Under are a number of the strategies that these low-skilled risk actors are utilizing to compromise software program producing organizations reliant upon these repositories to conduct their enterprise.

Typosquatting Ways

An awesome instance of low-level actors exploiting these repositories is typosquatting, the place the objective is straightforward: idiot builders into downloading and utilizing malicious open-source packages. A standard tactic used to deceive builders is to provide the malicious bundle a reputation just like a reputable piece of software program, hoping {that a} handful of builders mistakenly obtain the lookalike bundle. Typically, any such assault includes social engineering, which targets members of the cryptocurrency group.

One instance our analysis crew recognized in 2023 was aabquerys, a malicious npm bundle with a reputation intently resembling a reputable bundle, abqueryaabquerys downloaded second- and third-stage malware payloads to programs that had downloaded and run the npm bundle. Whereas finally, this explicit incident had little impression, it efficiently demonstrated how simple it may be for low-skilled attackers to get pores and skin within the sport.

Repojacking Ruckus

Just like typosquatting, repojacking is one other low-skilled method that performs the identify sport however with a barely completely different strategy. With repojacking, an attacker targets reputable open-source repositories which are publicly hosted on locations like GitHub. For instance, upon retirement of an open supply venture the attacker can hijack a trusted software program repository via the rename function. As soon as full, visitors to the previous identify is redirected to the renamed repository, which may lead customers to malicious locations the place they receive code that places 1000’s of software program packages in danger.

Turnkey Targets

One other tactic these attackers are utilizing to boost widespread, low-level campaigns is phishing assaults. Our analysis crew recognized an instance we dubbed Operation Brainleeches. Whereas this incident additionally leveraged an open-source repository, what made it distinctive was that criminals uploaded malicious packages to the npm repository however did so to help turnkey electronic mail phishing campaigns geared toward one other goal. The last word marks had been customers of Microsoft 365, in addition to the extra typical goal of such efforts–npm repository builders.

The massive takeaway from Operation Brainleeches is that, like software program provide chain assaults touched on earlier, campaigns corresponding to this have gotten simpler to tug off and tougher for safety groups to handle. If that wasn’t sufficient, we’ve seen firsthand that this exercise is constant, which signifies that growth groups should use excessive warning and be hyper-vigilant when working with any open-source software program, exhausting all efforts to establish doable pink flags.  

Figuring out the Blind Spots

Nonetheless, exercising warning alone won’t be sufficient, whether or not the risk comes from a low-level legal or a complicated nation-state cyber skilled. Most significantly, neither will be noticed by conventional AppSec testing options. That features software program composition evaluation (SCA), which isn’t designed to establish malware, code tampering, or uncommon utility behaviors. Conventional AppSec instruments can’t analyze a whole software program binary delivered for deployment. This lack of appropriate choices is why I wish to say that software program is the most important under-addressed assault floor on this planet.

To detect all types of software program provide chain assaults, software-producing and consuming organizations must have entry to a set of mature malware intelligence, along with complicated binary evaluation and reproducible builds. Using this expertise is what allowed our crew to pinpoint a plethora of low-skilled open-source threats, along with discovering the basis explanation for extra difficult incidents such because the provide chain compromise of VOIP answer 3CX. 

By way of these applied sciences, the blind spots within the software program provide chain are minimized, making it simpler for safety groups to seek out malware, malicious code, unauthorized adjustments in software program behaviors, signature tampering, uncovered secrets and techniques, and different provide chain threats of their merchandise. That’s why–no matter who was behind the risk–groups can take knowledgeable motion and, in flip, acquire the belief and assurance they want earlier than delivery or deploying software program. 



1...3,7953,7963,797...3,946Page 3,796 of 3,946

ABOUT US

Welcome to CodeSanitize, your number one source for all things coding and technology. We’re dedicated to providing you the very best of software development tutorials, tips, and resources, with a focus on clarity, practical examples, and up-to-date content.

© Copyright 2024 - codesanitize.com. All rights reserved