Biz & IT – Page 4

Researcher uncovers dozens of sketchy Chrome extensions with 4 million installs

Biz & IT, chrome, Chrome Web Store, extensions, Google, Security / Kris Guyer / April 13, 2025

The extensions share other dubious or suspicious similarities. Much of the code in each one is highly obfuscated, a design choice that provides no benefit other than complicating the process for analyzing and understanding how it behaves.

All but one of them are unlisted in the Chrome Web Store. This designation makes an extension visible only to users with the long pseudorandom string in the extension URL, and thus, they don’t appear in the Web Store or search engine search results. It’s unclear how these 35 unlisted extensions could have fetched 4 million installs collectively, or on average roughly 114,000 installs per extension, when they were so hard to find.

Additionally, 10 of them are stamped with the “Featured” designation, which Google reserves for developers whose identities have been verified and “follow our technical best practices and meet a high standard of user experience and design.”

One example is the extension Fire Shield Extension Protection, which, ironically enough, purports to check Chrome installations for the presence of any suspicious or malicious extensions. One of the key JavaScript files it runs references several questionable domains, where they can upload data and download instructions and code:

URLs that Fire Shield Extension Protection references in its code. Credit: Secure Annex

One domain in particular—unknow.com—is listed in the remaining 34 apps.

Tuckner tried analyzing what extensions did on this site but was largely thwarted by the obfuscated code and other steps the developer took to conceal their behavior. When the researcher, for instance, ran the Fire Shield extension on a lab device, it opened a blank webpage. Clicking on the icon of an installed extension usually provides an option menu, but Fire Shield displayed nothing when he did it. Tuckner then fired up a background service worker in the Chrome developer tools to seek clues about what was happening. He soon realized that the extension connected to a URL at fireshieldit.com and performed some action under the generic category “browser_action_clicked.” He tried to trigger additional events but came up empty-handed.

Researcher uncovers dozens of sketchy Chrome extensions with 4 million installs Read More »

That groan you hear is users’ reaction to Recall going back into Windows

AI, Biz & IT, microsoft, privacy, recall, Security, Windows / Rejus Almole / April 12, 2025

Security and privacy advocates are girding themselves for another uphill battle against Recall, the AI tool rolling out in Windows 11 that will screenshot, index, and store everything a user does every three seconds.

When Recall was first introduced in May 2024, security practitioners roundly castigated it for creating a gold mine for malicious insiders, criminals, or nation-state spies if they managed to gain even brief administrative access to a Windows device. Privacy advocates warned that Recall was ripe for abuse in intimate partner violence settings. They also noted that there was nothing stopping Recall from preserving sensitive disappearing content sent through privacy-protecting messengers such as Signal.

Enshittification at a new scale

Following months of backlash, Microsoft later suspended Recall. On Thursday, the company said it was reintroducing Recall. It currently is available only to insiders with access to the Windows 11 Build 26100.3902 preview version. Over time, the feature will be rolled out more broadly. Microsoft officials wrote:

Recall (preview)saves you time by offering an entirely new way to search for things you’ve seen or done on your PC securely. With the AI capabilities of Copilot+ PCs, it’s now possible to quickly find and get back to any app, website, image, or document just by describing its content. To use Recall, you will need to opt-in to saving snapshots, which are images of your activity, and enroll in Windows Hello to confirm your presence so only you can access your snapshots. You are always in control of what snapshots are saved and can pause saving snapshots at any time. As you use your Copilot+ PC throughout the day working on documents or presentations, taking video calls, and context switching across activities, Recall will take regular snapshots and help you find things faster and easier. When you need to find or get back to something you’ve done previously, open Recall and authenticate with Windows Hello. When you’ve found what you were looking for, you can reopen the application, website, or document, or use Click to Do to act on any image or text in the snapshot you found.

Microsoft is hoping that the concessions requiring opt-in and the ability to pause Recall will help quell the collective revolt that broke out last year. It likely won’t for various reasons.

That groan you hear is users’ reaction to Recall going back into Windows Read More »

Researchers concerned to find AI models hiding their true “reasoning” processes

AI, AI alignment, AI research, AI safety, Anthropic, Biz & IT, chatgpt, Claude, large language models, machine learning, simulated reasoning, SR models / Kris Guyer / April 11, 2025

Remember when teachers demanded that you “show your work” in school? Some fancy new AI models promise to do exactly that, but new research suggests that they sometimes hide their actual methods while fabricating elaborate explanations instead.

New research from Anthropic—creator of the ChatGPT-like Claude AI assistant—examines simulated reasoning (SR) models like DeepSeek’s R1, and its own Claude series. In a research paper posted last week, Anthropic’s Alignment Science team demonstrated that these SR models frequently fail to disclose when they’ve used external help or taken shortcuts, despite features designed to show their “reasoning” process.

(It’s worth noting that OpenAI’s o1 and o3 series SR models deliberately obscure the accuracy of their “thought” process, so this study does not apply to them.)

To understand SR models, you need to understand a concept called “chain-of-thought” (or CoT). CoT works as a running commentary of an AI model’s simulated thinking process as it solves a problem. When you ask one of these AI models a complex question, the CoT process displays each step the model takes on its way to a conclusion—similar to how a human might reason through a puzzle by talking through each consideration, piece by piece.

Having an AI model generate these steps has reportedly proven valuable not just for producing more accurate outputs for complex tasks but also for “AI safety” researchers monitoring the systems’ internal operations. And ideally, this readout of “thoughts” should be both legible (understandable to humans) and faithful (accurately reflecting the model’s actual reasoning process).

“In a perfect world, everything in the chain-of-thought would be both understandable to the reader, and it would be faithful—it would be a true description of exactly what the model was thinking as it reached its answer,” writes Anthropic’s research team. However, their experiments focusing on faithfulness suggest we’re far from that ideal scenario.

Specifically, the research showed that even when models such as Anthropic’s Claude 3.7 Sonnet generated an answer using experimentally provided information—like hints about the correct choice (whether accurate or deliberately misleading) or instructions suggesting an “unauthorized” shortcut—their publicly displayed thoughts often omitted any mention of these external factors.

Researchers concerned to find AI models hiding their true “reasoning” processes Read More »

OpenAI helps spammers plaster 80,000 sites with messages that bypassed filters

AI, Biz & IT, large language models, LLMs, openai, Security, spam / Rejus Almole / April 10, 2025

“AkiraBot’s use of LLM-generated spam message content demonstrates the emerging challenges that AI poses to defending websites against spam attacks,” SentinelLabs researchers Alex Delamotte and Jim Walter wrote. “The easiest indicators to block are the rotating set of domains used to sell the Akira and ServiceWrap SEO offerings, as there is no longer a consistent approach in the spam message contents as there were with previous campaigns selling the services of these firms.”

AkiraBot worked by assigning the following role to OpenAI’s chat API using the model gpt-4o-mini: “You are a helpful assistant that generates marketing messages.” A prompt instructed the LLM to replace the variables with the site name provided at runtime. As a result, the body of each message named the recipient website by name and included a brief description of the service provided by it.

An AI Chat prompt used by AkiraBot Credit: SentinelLabs

“The resulting message includes a brief description of the targeted website, making the message seem curated,” the researchers wrote. “The benefit of generating each message using an LLM is that the message content is unique and filtering against spam becomes more difficult compared to using a consistent message template which can trivially be filtered.”

SentinelLabs obtained log files AkiraBot left on a server to measure success and failure rates. One file showed that unique messages had been successfully delivered to more than 80,000 websites from September 2024 to January of this year. By comparison, messages targeting roughly 11,000 domains failed. OpenAI thanked the researchers and reiterated that such use of its chatbots runs afoul of its terms of service.

Story updated to modify headline.

OpenAI helps spammers plaster 80,000 sites with messages that bypassed filters Read More »

After months of user complaints, Anthropic debuts new $200/month AI plan

AI, AI assistants, Anthropic, Biz & IT, chatgpt, ChatGPT Pro, chatgtp, Claude, Claude Max, Claude Pro, large language models, machine learning, openai / Kris Guyer / April 10, 2025

Pricing Hierarchical tree structure with central stem, single tier of branches, and three circular nodes with larger circle at top Free Try Claude $0 Free for everyone Try Claude Chat on web, iOS, and Android Generate code and visualize data Write, edit, and create content Analyze text and images Hierarchical tree structure with central stem, two tiers of branches, and five circular nodes with larger circle at top Pro For everyday productivity $18 Per month with annual subscription discount; $216 billed up front. $20 if billed monthly. Try Claude Everything in Free, plus: More usage Access to Projects to organize chats and documents Ability to use more Claude models Extended thinking for complex work Hierarchical tree structure with central stem, three tiers of branches, and seven circular nodes with larger circle at top Max 5x–20x more usage than Pro From $100 Per person billed monthly Try Claude Everything in Pro, plus: Substantially more usage to work with Claude Scale usage based on specific needs Higher output limits for better and richer responses and Artifacts Be among the first to try the most advanced Claude capabilities Priority access during high traffic periods — A screenshot of various Claude pricing plans captured on April 9, 2025. Credit: Benj Edwards

Probably not coincidentally, the highest Max plan matches the price point of OpenAI’s $200 “Pro” plan for ChatGPT, which promises “unlimited” access to OpenAI’s models, including more advanced models like “o1-pro.” OpenAI introduced this plan in December as a higher tier above its $20 “ChatGPT Plus” subscription, first introduced in February 2023.

The pricing war between Anthropic and OpenAI reflects the resource-intensive nature of running state-of-the-art AI models. While consumer expectations push for unlimited access, the computing costs for running these models—especially with longer contexts and more complex reasoning—remain high. Both companies face the challenge of satisfying power users while keeping their services financially sustainable.

Other features of Claude Max

Beyond higher usage limits, Claude Max subscribers will also reportedly receive priority access to unspecified new features and models as they roll out. Max subscribers will also get higher output limits for “better and richer responses and Artifacts,” referring to Claude’s capability to create document-style outputs of varying lengths and complexity.

Users who subscribe to Max will also receive “priority access during high traffic periods,” suggesting Anthropic has implemented a tiered queue system that prioritizes its highest-paying customers during server congestion.

Anthropic’s full subscription lineup includes a free tier for basic access, the $18–$20 “Pro” tier for everyday use (depending on annual or monthly payment plans), and the $100–$200 “Max” tier for intensive usage. This somewhat mirrors OpenAI’s ChatGPT subscription structure, which offers free access, a $20 “Plus” plan, and a $200 “Pro” plan.

Anthropic says the new Max plan is available immediately in all regions where Claude operates.

After months of user complaints, Anthropic debuts new $200/month AI plan Read More »

“The girl should be calling men.” Leak exposes Black Basta’s influence tactics.

Biz & IT, exploits, ransomware, Security, social engineering / Paul Patrick / April 9, 2025

A leak of 190,000 chat messages traded among members of the Black Basta ransomware group shows that it’s a highly structured and mostly efficient organization staffed by personnel with expertise in various specialities, including exploit development, infrastructure optimization, social engineering, and more.

The trove of records was first posted to file-sharing site MEGA. The messages, which were sent from September 2023 to September 2024, were later posted to Telegram in February 2025. ExploitWhispers, the online persona who took credit for the leak, also provided commentary and context for understanding the communications. The identity of the person or persons behind ExploitWhispers remains unknown. Last month’s leak coincided with the unexplained outage of the Black Basta site on the dark web, which has remained down ever since.

“We need to exploit as soon as possible”

Researchers from security firm Trustwave’s SpiderLabs pored through the messages, which were written in Russian, and published a brief blog summary and a more detailed review of the messages on Tuesday.

“The dataset sheds light on Black Basta’s internal workflows, decision-making processes, and team dynamics, offering an unfiltered perspective on how one of the most active ransomware groups operates behind the scenes, drawing parallels to the infamous Conti leaks,” the researchers wrote. They were referring to a separate leak of ransomware group Conti that exposed workers grumbling about low pay, long hours, and grievances about support from leaders for their support of Russia in its invasion of Ukraine. “While the immediate impact of the leak remains uncertain, the exposure of Black Basta’s inner workings represents a rare opportunity for cybersecurity professionals to adapt and respond.”

Some of the TTPs—short for tactics, techniques, and procedures—Black Basta employed were directed at methods for social engineering employees working for prospective victims by posing as IT administrators attempting to troubleshoot problems or respond to fake breaches.

“The girl should be calling men.” Leak exposes Black Basta’s influence tactics. Read More »

Carmack defends AI tools after Quake fan calls Microsoft AI demo “disgusting”

AI, AI criticism, AI development tools, Biz & IT, game development, game synthesis, gaming, id Software, john carmack, machine learning, microsoft, quake, quake ii, Tim Sweeney, X / Paul Patrick / April 9, 2025

The current generative Quake II demo represents a slight advancement from Microsoft’s previous generative AI gaming model (confusingly titled “WHAM” with only one “M”) we covered in February. That earlier model, while showing progress in generating interactive gameplay footage, operated at 300×180 resolution at 10 frames per second—far below practical modern gaming standards. The new WHAMM demonstration doubles the resolution to 640×360. However, both remain well below what gamers expect from a functional video game in almost every conceivable way. It truly is an AI tech demo.

A Microsoft diagram of the WHAMM system. — A Microsoft diagram of the WHAM system. Credit: Microsoft

For example, the technology faces substantial challenges beyond just performance metrics. Microsoft acknowledges several limitations, including poor enemy interactions, a short context length of just 0.9 seconds (meaning the system forgets objects outside its view), and unreliable numerical tracking for game elements like health values.

Which brings us to another point: A significant gap persists between the technology’s marketing portrayal and its practical applications. While industry veterans like Carmack and Sweeney view AI as another tool in the development arsenal, demonstrations like the Quake II instance may create inflated expectations about AI’s current capabilities for complete game generation.

The most realistic near-term application of generative AI technology remains as coding assistants and perhaps rapid prototyping tools for developers, rather than a drop-in replacement for traditional game development pipelines. The technology’s current limitations suggest that human developers will remain essential for creating compelling, polished game experiences for now. But given the general pace of progress, that might be small comfort for those who worry about losing jobs to AI in the near-term.

Ultimately, Sweeney says not to worry: “There’s always a fear that automation will lead companies to make the same old products while employing fewer people to do it,” Sweeney wrote in a follow-up post on X. “But competition will ultimately lead to companies producing the best work they’re capable of given the new tools, and that tends to mean more jobs.”

And Carmack closed with this: “Will there be more or less game developer jobs? That is an open question. It could go the way of farming, where labor-saving technology allow a tiny fraction of the previous workforce to satisfy everyone, or it could be like social media, where creative entrepreneurship has flourished at many different scales. Regardless, “don’t use power tools because they take people’s jobs” is not a winning strategy.”

Carmack defends AI tools after Quake fan calls Microsoft AI demo “disgusting” Read More »

Meta’s surprise Llama 4 drop exposes the gap between AI ambition and reality

AI, Biz & IT, LLaMA, Llama 3, Llama 4, machine learning, Meta, Simon Willison / Rejus Almole / April 8, 2025

Meta constructed the Llama 4 models using a mixture-of-experts (MoE) architecture, which is one way around the limitations of running huge AI models. Think of MoE like having a large team of specialized workers; instead of everyone working on every task, only the relevant specialists activate for a specific job.

For example, Llama 4 Maverick features a 400 billion parameter size, but only 17 billion of those parameters are active at once across one of 128 experts. Likewise, Scout features 109 billion total parameters, but only 17 billion are active at once across one of 16 experts. This design can reduce the computation needed to run the model, since smaller portions of neural network weights are active simultaneously.

Llama’s reality check arrives quickly

Current AI models have a relatively limited short-term memory. In AI, a context window acts somewhat in that fashion, determining how much information it can process simultaneously. AI language models like Llama typically process that memory as chunks of data called tokens, which can be whole words or fragments of longer words. Large context windows allow AI models to process longer documents, larger code bases, and longer conversations.

Despite Meta’s promotion of Llama 4 Scout’s 10 million token context window, developers have so far discovered that using even a fraction of that amount has proven challenging due to memory limitations. Willison reported on his blog that third-party services providing access, like Groq and Fireworks, limited Scout’s context to just 128,000 tokens. Another provider, Together AI, offered 328,000 tokens.

Evidence suggests accessing larger contexts requires immense resources. Willison pointed to Meta’s own example notebook (“build_with_llama_4“), which states that running a 1.4 million token context needs eight high-end Nvidia H100 GPUs.

Willison documented his own testing troubles. When he asked Llama 4 Scout via the OpenRouter service to summarize a long online discussion (around 20,000 tokens), the result wasn’t useful. He described the output as “complete junk output,” which devolved into repetitive loops.

Meta’s surprise Llama 4 drop exposes the gap between AI ambition and reality Read More »

NSA warns “fast flux” threatens national security. What is fast flux anyway?

Biz & IT, fast flux, Security / Paul Patrick / April 5, 2025

A technique that hostile nation-states and financially motivated ransomware groups are using to hide their operations poses a threat to critical infrastructure and national security, the National Security Agency has warned.

The technique is known as fast flux. It allows decentralized networks operated by threat actors to hide their infrastructure and survive takedown attempts that would otherwise succeed. Fast flux works by cycling through a range of IP addresses and domain names that these botnets use to connect to the Internet. In some cases, IPs and domain names change every day or two; in other cases, they change almost hourly. The constant flux complicates the task of isolating the true origin of the infrastructure. It also provides redundancy. By the time defenders block one address or domain, new ones have already been assigned.

A significant threat

“This technique poses a significant threat to national security, enabling malicious cyber actors to consistently evade detection,” the NSA, FBI, and their counterparts from Canada, Australia, and New Zealand warned Thursday. “Malicious cyber actors, including cybercriminals and nation-state actors, use fast flux to obfuscate the locations of malicious servers by rapidly changing Domain Name System (DNS) records. Additionally, they can create resilient, highly available command and control (C2) infrastructure, concealing their subsequent malicious operations.”

A key means for achieving this is the use of Wildcard DNS records. These records define zones within the Domain Name System, which map domains to IP addresses. The wildcards cause DNS lookups for subdomains that do not exist, specifically by tying MX (mail exchange) records used to designate mail servers. The result is the assignment of an attacker IP to a subdomain such as malicious.example.com, even though it doesn’t exist.

NSA warns “fast flux” threatens national security. What is fast flux anyway? Read More »

Gmail unveils end-to-end encrypted messages. Only thing is: It’s not true E2EE.

Biz & IT, Encryption, Gmail, Google, Security / Paul Patrick / April 4, 2025

“The idea is that no matter what, at no time and in no way does Gmail ever have the real key. Never,” Julien Duplant, a Google Workspace product manager, told Ars. “And we never have the decrypted content. It’s only happening on that user’s device.”

Now, as to whether this constitutes true E2EE, it likely doesn’t, at least under stricter definitions that are commonly used. To purists, E2EE means that only the sender and the recipient have the means necessary to encrypt and decrypt the message. That’s not the case here, since the people inside Bob’s organization who deployed and manage the KACL have true custody of the key.

In other words, the actual encryption and decryption process occurs on the end-user devices, not on the organization’s server or anywhere else in between. That’s the part that Google says is E2EE. The keys, however, are managed by Bob’s organization. Admins with full access can snoop on the communications at any time.

The mechanism making all of this possible is what Google calls CSE, short for client-side encryption. It provides a simple programming interface that streamlines the process. Until now, CSE worked only with S/MIME. What’s new here is a mechanism for securely sharing a symmetric key between Bob’s organization and Alice or anyone else Bob wants to email.

The new feature is of potential value to organizations that must comply with onerous regulations mandating end-to-end encryption. It most definitely isn’t suitable for consumers or anyone who wants sole control over the messages they send. Privacy advocates, take note.

Gmail unveils end-to-end encrypted messages. Only thing is: It’s not true E2EE. Read More »

AI bots strain Wikimedia as bandwidth surges 50%

AI, Biz & IT, machine learning, Wikimedia Foundation, wikipedia / Tim Belzer / April 3, 2025

Crawlers that evade detection

Making the situation more difficult, many AI-focused crawlers do not play by established rules. Some ignore robots.txt directives. Others spoof browser user agents to disguise themselves as human visitors. Some even rotate through residential IP addresses to avoid blocking, tactics that have become common enough to force individual developers like Xe Iaso to adopt drastic protective measures for their code repositories.

This leaves Wikimedia’s Site Reliability team in a perpetual state of defense. Every hour spent rate-limiting bots or mitigating traffic surges is time not spent supporting Wikimedia’s contributors, users, or technical improvements. And it’s not just content platforms under strain. Developer infrastructure, like Wikimedia’s code review tools and bug trackers, is also frequently hit by scrapers, further diverting attention and resources.

These problems mirror others in the AI scraping ecosystem over time. Curl developer Daniel Stenberg has previously detailed how fake, AI-generated bug reports are wasting human time. On his blog, SourceHut’s Drew DeVault highlight how bots hammer endpoints like git logs, far beyond what human developers would ever need.

Across the Internet, open platforms are experimenting with technical solutions: proof-of-work challenges, slow-response tarpits (like Nepenthes), collaborative crawler blocklists (like “ai.robots.txt“), and commercial tools like Cloudflare’s AI Labyrinth. These approaches address the technical mismatch between infrastructure designed for human readers and the industrial-scale demands of AI training.

Open commons at risk

Wikimedia acknowledges the importance of providing “knowledge as a service,” and its content is indeed freely licensed. But as the Foundation states plainly, “Our content is free, our infrastructure is not.”

The organization is now focusing on systemic approaches to this issue under a new initiative: WE5: Responsible Use of Infrastructure. It raises critical questions about guiding developers toward less resource-intensive access methods and establishing sustainable boundaries while preserving openness.

The challenge lies in bridging two worlds: open knowledge repositories and commercial AI development. Many companies rely on open knowledge to train commercial models but don’t contribute to the infrastructure making that knowledge accessible. This creates a technical imbalance that threatens the sustainability of community-run platforms.

Better coordination between AI developers and resource providers could potentially resolve these issues through dedicated APIs, shared infrastructure funding, or more efficient access patterns. Without such practical collaboration, the platforms that have enabled AI advancement may struggle to maintain reliable service. Wikimedia’s warning is clear: Freedom of access does not mean freedom from consequences.

AI bots strain Wikimedia as bandwidth surges 50% Read More »

What could possibly go wrong? DOGE to rapidly rebuild Social Security codebase.

Biz & IT, cobol, doge, elon musk, Java, Policy, syndication / Paul Patrick / March 30, 2025

Like many legacy government IT systems, SSA systems contain code written in COBOL, a programming language created in part in the 1950s by computing pioneer Grace Hopper. The Defense Department essentially pressured private industry to use COBOL soon after its creation, spurring widespread adoption and making it one of the most widely used languages for mainframes, or computer systems that process and store large amounts of data quickly, by the 1970s. (At least one DOD-related website praising Hopper’s accomplishments is no longer active, likely following the Trump administration’s DEI purge of military acknowledgements.)

As recently as 2016, SSA’s infrastructure contained more than 60 million lines of code written in COBOL, with millions more written in other legacy coding languages, the agency’s Office of the Inspector General found. In fact, SSA’s core programmatic systems and architecture haven’t been “substantially” updated since the 1980s when the agency developed its own database system called MADAM, or the Master Data Access Method, which was written in COBOL and Assembler, according to SSA’s 2017 modernization plan.

SSA’s core “logic” is also written largely in COBOL. This is the code that issues social security numbers, manages payments, and even calculates the total amount beneficiaries should receive for different services, a former senior SSA technologist who worked in the office of the chief information officer says. Even minor changes could result in cascading failures across programs.

“If you weren’t worried about a whole bunch of people not getting benefits or getting the wrong benefits, or getting the wrong entitlements, or having to wait ages, then sure go ahead,” says Dan Hon, principal of Very Little Gravitas, a technology strategy consultancy that helps government modernize services, about completing such a migration in a short timeframe.

It’s unclear when exactly the code migration would start. A recent document circulated amongst SSA staff laying out the agency’s priorities through May does not mention it, instead naming other priorities like terminating “non-essential contracts” and adopting artificial intelligence to “augment” administrative and technical writing.

What could possibly go wrong? DOGE to rapidly rebuild Social Security codebase. Read More »