Home Blog Page 77

Security implications of exposed credentials in AI training datasets

Naushad K. Cherrayil
-
0
Security implications of exposed credentials in AI training datasets
  • Researchers uncover nearly 12,000 live secret credentials that were inadvertently exposed, including API keys and passwords.
  • Developers urged to prioritise secure coding practices and remain vigilant against the risks associated with credential exposure.
  • Truffle Security identified a staggering 11,908 live secrets across three million websites, indicating a troubling trend of credential reuse among developers.

Recent findings by Truffle Security, an open-source security software company, have raised significant concerns regarding the security practices in the development of artificial intelligence (AI) models.

Through an analysis of the Common Crawl archive—a vast dataset containing website snapshots from over 47 million hosts—researchers uncovered nearly 12,000 live secret credentials, including API keys and passwords, that were inadvertently exposed.

This alarming discovery not only highlights the vulnerabilities inherent in web development but also underscores the potential risks posed by AI models trained on such insecure data.

The term “live secrets” refers to credentials that can successfully authenticate with their respective services. In this instance, Truffle Security identified a staggering 11,908 live secrets across three million websites, indicating a troubling trend of credential reuse among developers.

Notably, a single WalkScore API key appeared an astonishing 57,029 times across 1,871 subdomains, illustrating the pervasive nature of this issue. Such practices are often the result of developers hardcoding secrets directly into front-end HTML and JavaScript, which can be easily accessed by crawlers and researchers alike.

The implications of these findings extend beyond mere data exposure. As AI models, including popular large language models (LLMs) like DeepSeek, are trained on datasets that contain these live secrets, there is a tangible risk that they may inadvertently perpetuate insecure coding practices.

Inexperienced developers

Truffle Security’s research indicates that many of these models tend to recommend hardcoding credentials, a practice that can introduce significant security flaws, particularly for inexperienced developers who may follow such advice without critical scrutiny.

Moreover, the study revealed that among the 219 distinct types of exposed secrets, MailChimp API keys were the most frequently leaked, potentially facilitating phishing attacks and brand impersonation.

Other critical exposures included AWS root keys and numerous Slack webhooks, which could be exploited by malicious actors to compromise organizations.

In response to these vulnerabilities, Truffle Security has proactively engaged with affected vendors to revoke exposed keys, resulting in the rotation of several thousand credentials. However, this reactive approach underscores the need for a more proactive stance in the development and deployment of AI technologies.

Researchers recommend that developers incorporate strict guidelines in their AI prompts to prevent the suggestion of hardcoded credentials and other insecure coding patterns. Additionally, regular scanning of code and public-facing websites for exposed keys is essential to mitigate the risk of credential leakage.

Lenovo wins UK ruling with Ericsson on patent license

Ana Mary Joseph
-
0
Lenovo wins UK ruling with Ericsson on patent license
  • Ruling not only provides Lenovo temporary access to essential patents but also pressures Ericsson to engage in a more collaborative licensing discussion.
  • Ruling may pave the way for more equitable and constructive licensing practices, essential for driving technological innovation and collaboration in a highly competitive landscape.

Lenovo achieved a significant legal victory in its ongoing licensing dispute with Ericsson at London’s High Court.

The Court of Appeal granted Lenovo an interim license to utilise Ericsson’s patents, a ruling that underscores the complexities and contentious nature of global intellectual property rights in the telecommunications industry, particularly concerning 5G wireless technology.

Lenovo’s lawsuit against Ericsson is emblematic of a broader series of legal actions that have unfolded in various jurisdictions, including Brazil, Colombia, and the United States. Central to this dispute is the concept of fair, reasonable, and non-discriminatory (FRAND) licensing terms.

Such terms are crucial in the telecom sector, where the rapid advancement of technology necessitates collaboration and licensing agreements among companies. However, disagreements about what constitutes fair and reasonable terms frequently result in protracted legal battles, as seen in this case.

FRAND licensing

The High Court’s initial refusal of Lenovo’s request for a declaration regarding an interim license seemed to hinge on the presumption of Ericsson’s unwillingness to negotiate.

However, the Court of Appeal, led by Judge Richard Arnold, overturned this decision, asserting that “a willing licensor in the position of Ericsson would enter into an interim licence with Lenovo.”

The ruling not only provides Lenovo temporary access to essential patents but also pressures Ericsson to engage in a more collaborative licensing discussion.

Laura Quatela, Lenovo’s Chief Legal Officer, articulated the significance of this ruling by emphasising Lenovo’s willingness to negotiate and advocate for transparency in FRAND licensing.

The statement reflects a broader industry sentiment advocating for clearer and fairer practices in patent licensing, particularly as the stakes rise with the rollout of 5G technology.

Ola sells over 25,000 EV scooters in February

TCN Bureau
-
0
Ola sells over 25,000 EV scooters in February
  • Maintains its position at the forefront of India’s electric two-wheeler landscape for the second consecutive month.

Ola Electric, a prominent player in the Indian electric vehicle (EV) industry, announced the impressive achievement of selling over 25,000 electric two-wheelers in February alone.

The notable sales figure underscores the robust demand for its S1 portfolio and reflects the efficacy of its extensive sales and service network, which boasts 4,000 stores across the country.

The company revealed that it has successfully carved out a market share exceeding 28 per cent within the Indian EV 2-wheeler segment, solidifying its status as a leader in this rapidly growing market.

The achievement marks the second consecutive month in which Ola Electric has maintained its position at the forefront of India’s electric two-wheeler landscape, following a 25 per cent market share in January.

The spokesperson for Ola Electric Mobility provided insights into the mechanisms driving this remarkable performance. They highlighted the company’s strong sales momentum, which is buoyed by a diverse scooter portfolio that caters to both mass and premium segments.

Focus on rural markets

Additionally, the expansion of Ola’s network into rural markets—specifically Tier 3 and Tier 4 towns—has resulted in an uptick in demand that extends beyond traditional urban centres. Such strategic positioning not only amplifies the company’s reach but also facilitates the broader adoption of electric mobility across various demographic segments.

Moreover, with the anticipated deliveries of the Roadster X model scheduled for March, Ola Electric is poised to further boost the adoption of EVs in the motorcycle segment, thereby enhancing its overarching commitment to advancing electric mobility in India.

However, it is important to note that Ola Electric is navigating certain challenges as well. The recent renegotiation of contracts with vehicle registration agencies has temporarily affected registration numbers on the VAHAN portal, a crucial platform for vehicle registration in India.

Streamlining operations

The strategic move, while potentially disruptive in the short term, aims to create a more efficient and cost-effective registration process. The company’s proactive approach demonstrates its commitment to streamlining operations and enhancing customer experience, which is vital for sustaining long-term growth.

In the capacity of innovation, Ola Electric unveiled its new S1 Gen 3 portfolio on January 31, 2025, featuring models that cater to a range of consumer preferences and budgets.

Electric two-wheelers within this portfolio are competitively priced, commencing at an introductory rate of Rs79,999 for the S1 X (2kWh) model and ascending to Rs1,69,999 for the flagship S1 Pro+ (5.3 kWh).

This strategic pricing, coupled with the recent announcement of the company’s entry into the electric motorcycle segment through the Roadster X series, further exemplifies Ola Electric’s efforts to diversify its offerings and attract a broader customer base.

\Prices for the Roadster X series start at Rs89,999 and extend to Rs1,09,999 for the top variant, indicating the company’s aim to penetrate both entry-level and premium motorcycle markets.

Amazon’s Ocelot chip and the race for supremacy

Mohammed Fahad
-
0
Amazon’s Ocelot chip and the race for supremacy
  • Ocelot chip addresses a critical challenge in quantum computing: error correction, specifically through a method known as bosonic error correction.
  • Emphasis on frugal scaling through hardware efficiency underscores the company’s commitment to developing an error-corrected quantum computer that not only advances technological capabilities but also delivers societal benefits.

Amazon made a significant stride in the realm of quantum computing by unveiling its inaugural quantum computing chip, aptly named Ocelot. This development positions Amazon alongside other prominent technology giants, such as Microsoft and Google, who have also ventured into the quantum chip domain.

The introduction of Ocelot is not merely a technological advancement; it signifies a pivotal moment in the race for supremacy in quantum computing, a field poised to revolutionise various industries and redefine computational capabilities.

Quantum computing distinguishes itself from classical computing through its utilization of qubits, which can embody both 1s and 0s simultaneously, a phenomenon that allows for the processing of vast amounts of data at unprecedented speeds.

Error correction

While classical computers operate on binary bits, quantum computers harness the unique properties of quantum mechanics to tackle complex problems that would otherwise require eons for classical systems to solve.

In this context, Amazon’s Ocelot chip addresses a critical challenge in quantum computing: error correction, specifically through a method known as bosonic error correction.

This approach is essential for enhancing the reliability of quantum systems, thereby accelerating the journey towards practical and scalable quantum computers.

The significance of Ocelot’s architecture lies in its hardware-efficient design, which aims to streamline the error correction process.

Fernando Brandao, Amazon’s head of quantum software applications, and Oskar Painter, head of quantum hardware, assert that this innovative approach positions Amazon favourably for the next phase of quantum computing.

Their emphasis on frugal scaling through hardware efficiency underscores the company’s commitment to developing an error-corrected quantum computer that not only advances technological capabilities but also delivers societal benefits.

Holds potential

Amazon’s announcement follows closely on the heels of Microsoft’s introduction of the Majorana 1 chip, which employs a novel material known as a topoconductor. This material is said to exploit a unique topological state of matter, although its efficacy remains a topic of debate among experts.

Similarly, Google’s Willow chip is designed to mitigate errors in quantum systems, further highlighting the competitive landscape in which these tech giants operate.

As they race to create functional quantum computers, their advancements have implications far beyond the realm of technology; they hold the potential to transform industries ranging from healthcare to materials science.

Despite the excitement surrounding these developments, industry leaders remain divided on the timeline for practical quantum computing. Nvidia CEO Jensen Huang has suggested that it may take up to 20 years for usable quantum computers to materialise, while Google CEO Sundar Pichai is more optimistic, predicting a timeframe of five to ten years.

This disparity in projections reflects the inherent complexities and challenges associated with quantum computing, including the need for systems to operate at near absolute zero temperatures and within vacuum environments, rendering them unsuitable for everyday use.

HP to cut over 1,000 jobs on weaker profit outlook

Ana Mary Joseph
-
0
HP to cut over 1,000 jobs on weaker profit outlook
  • Reports a 2.4% increase in revenue, reaching $13.5b, driven by a notable 10% growth in business computer sales, surpassing analysts’ expectations.
  • Projects free cash flow of up to $3.6b and an annual adjusted profit of as much as $3.75 per share for 2025.

HP has issued a profit outlook for the current quarter that has fallen short of market expectations, primarily due to the adverse effects of escalating component costs and tariffs imposed on goods imported from China.

The company’s projected earnings, excluding certain items, to be between 75 cents and 85 cents per share for the period ending in April, whereas analysts had anticipated an average of 85 cents per share.

Chief Executive Officer Enrique Lores highlighted the significant challenges posed by rising component costs and US tariffs on imports from China, which are exerting pressure on the company’s profitability.

Investor sentiment

However, Lores emphasised that HP’s diverse supply chain is effectively mitigating much of this impact, with projections indicating that by the end of the fiscal year, less than 10 per cent of goods sold in North America will originate from China.

Investor sentiment has been increasingly wary regarding the implications of President Donald Trump’s proposed tariffs on the computer industry, which heavily depends on overseas manufacturing.

Despite these concerns, HP has maintained its strategic position, contributing to Trump’s inauguration fund earlier this year, indicating a complex relationship with the current administration.

In response to the tariffs, Lores mentioned that HP will implement “specific adjustments” in product pricing, reflecting the company’s proactive approach to navigating these economic challenges.

Additionally, HP plans to reduce its workforce by 1,000 to 2,000 employees by the end of the fiscal year, a move expected to generate approximately $300 million in annual savings.

In the fiscal first quarter ending January 31, HP reported a 2.4 per cent increase in revenue, reaching $13.5 billion, driven by a notable 10 per cent growth in business computer sales, surpassing analysts’ expectations.

The personal computer market, which has faced prolonged challenges, is beginning to show signs of recovery, with a reported 1.8 per cent increase in PC shipments in the fourth quarter of 2024, according to IDC.

In line with its commitment to innovation, HP announced earlier this month its acquisition of assets from Humane Inc., the developer of the wearable Ai Pin, for $116 million. This strategic move aligns with HP’s objective to enhance its portfolio with generative AI features, particularly through AI-optimized PCs.

Despite the current challenges, HP has reaffirmed its guidance for 2025, projecting free cash flow of up to $3.6 billion and an annual adjusted profit of as much as $3.75 per share.

Disrupt to invest $100m to fuel next generation of AI startups

TCN Bureau
-
0
Disrupt to invest $100m to fuel next generation of AI startups
  • Targets pre-seed to Series A stage startups that demonstrate strong organic growth potential and clear paths to profitability, rather than pursuing growth at all costs.

In a year marked by a contraction in global venture capital funding, the founders of UAE-based Disrupt.com—Aaqib Gadit, Uzair Gadit, and Umair Gadit—are taking a bold contrarian stance. Announcing a $100 million commitment to create and support AI-first technology ventures worldwide, this UAE-based venture builder is poised to redefine the landscape of startup funding.

The trio, who previously achieved a landmark $350 million exit with their cloud hosting platform, Cloudways, is reinvesting their expertise and capital into the burgeoning tech ecosystem.

Disrupt.com’s innovative approach diverges significantly from traditional venture capital practices. While many firms retreat amidst economic uncertainty, Disrupt.com embraces the challenges of the current environment, emphasising the importance of strategic investment in sectors poised for growth.

Making targeted investments

Their commitment to fostering startups is underscored by a three-pronged strategy: building proprietary startups from the ground up, co-developing ventures with external entrepreneurs, and making targeted investments in early-stage companies.

This model allows Disrupt.com to function as fractional co-founders, providing startups not only with financial backing but also with essential technical and operational support.

The firm’s $100 million initiative focuses on five strategic sectors: artificial intelligence, cybersecurity, Web3.0, automotive technology, and retail innovation.

By prioritising pre-seed to Series A startups that exhibit strong organic growth potential and clear paths to profitability, Disrupt.com aims to cultivate a sustainable entrepreneurial ecosystem that values long-term success over short-term gains.

This philosophy is particularly relevant in the current climate, where funding in the MENA region has seen a significant decline, with venture capital investment dropping by 29 per cent in 2024.

Potential for innovation

Disrupt.com’s existing portfolio illustrates the effectiveness of their model. Notable successes include ZigChain, a Web3.0 platform that has rapidly scaled to over 500,000 users and manages hundreds of millions in assets, as well as PureSquare, a cybersecurity venture. Such achievements highlight the potential for innovation and growth even in a challenging funding landscape.

 “Now is the time to be doubling down on our experience, financial investment, and commitment required to help build the next wave of startups,” founding partner Aaqib Gadit said.

“With Web 3.0 in its infancy and AI storming into our lives, the opportunity to problem solving and creating businesses that will fit the needs of how people live and work is up for the taking. Our region can not only keep up, but lead the way. We are excited to see where this journey will take us.”

Unlike traditional venture capital firms, Disrupt.com employs a three-pronged approach to creating value: building their own startups from scratch, co-building ventures alongside external founders, and making strategic investments in early-stage startups and VC funds.

Through their unique ‘CoBuild’ model, they function as fractional co-founders, providing dedicated engineering, go-to-market, and operations teams to drive early adoption in a capital-efficient way.

Growth potential

The firm’s $100 million commitment targets five strategic sectors: artificial intelligence as a cross-cutting theme, plus cybersecurity, Web3.0, automotive technology, and retail innovation.

Disrupt.com primarily targets pre-seed to Series A stage startups that demonstrate strong organic growth potential and clear paths to profitability, rather than pursuing growth at all costs.

The announcement comes as regional funding has declined sharply, with MENA venture capital investment down 29 per cent to just under $2 billion in 2024, according to Magnitt. Saudi startups saw a 44 per cent funding drop to $750 million, while UAE funding decreased 8 per cent to $613 million, creating a challenging environment for early-stage ventures.

1...767778...273Page 77 of 273