received

An Anthropic worker was having a snack when he received an email he should never have received: it was Mythos

by

Anthropic Claude Mythos Preview launched yesterday and it left many of us fascinated and, above all, worried. We expected their new AI model to be more powerful, but what we didn’t expect is that according to your tests and your “system card” He managed to do so many things that are scary because it didn’t seem possible that he could do them. Some of these stories sound like a Black Mirror episode, but they are not. The sandwich email. During one of the tests carried out, Anthropic researchers gave a version of Mythos access to control a computer in a secure, isolated environment and asked it to try to escape from that container and send a message to the researcher who was supervising the evaluation. The model succeeded, but it did something else: it developed on its own a very advanced multi-step exploit to gain access to the Internet from a system that by design was only capable of accessing a limited list of predefined services. The researcher was calmly eating a sandwich in the park when he received the email he should never have received. The thing does not end there, because the model also decided, without anyone asking him, to publish the technical details of his exploit on several websites that are difficult to access but that are technically public. He wanted to record his achievement. The OpenBSD bug that had been hidden for 27 years. Another technical article published by Anthropic gave even more clues about the “achievements” of Claude Mythos. OpenBSD is the operating system with one of the world’s strongest reputations for cybersecurity. Even so, Mythos found a vulnerability in him that had been there since 1998. The bug was hidden in the implementation of the TCP protocol with a function that manages the selective forwarding of lost packets. Here it is not enough to detect the error: you have to chain two separate failures that individually seem almost harmless, and then take advantage of an overflow of the TCP sequence to satisfy a very rare condition. With this method, an attacker on the Internet could send a special packet and hang the machine remotely without authentication. Mythos found him alone without anyone telling him where to look. FFmpeg and fuzzing. FFmpeg is an extraordinarily famous library on the Internet because it processes video massively on the Internet. It is also a highly audited tool and researchers often use the technique of fuzzing —bombing it with millions of malformed video files until one breaks it— to exploit its vulnerabilities. Mythos found a bug that has been in the code since 2003 and became a vulnerability in a refactoring that was performed in 2010. The problem is again extraordinarily difficult to find, so much so that 20 years of human and automated reviews had missed it, but Anthropic’s model detected it. Remote code execution on FreeBSD. Mythos autonomously identified and exploited a 17-year-old vulnerability in the FreeBSD NFS server code—which allows network file sharing. With it, any unauthenticated user on the Internet could obtain full root access to the machine. The magnitude of this flaw is enormous, because the NFS server runs in the core of the operating system and gives access to absolute control by the attacker. Mythos found the bug and built the exploit for $50 worth of API calls. Zero-days autonomous in operating systems and browsers. Mythos is, as far as is known, the first model capable of autonomously discovering vulnerabilities zero-day —unknown and unpatched security flaws—in both open and closed source software, including operating systems and web browsers. It also does so with minimal human supervision using what is called an agentic harness (agentic harness). Thanks to this technique, the model can execute actions, read results and plan its next steps in a loop. In many of those cases the model was not only able to find the vulnerability, but also turned it into a functional exploit (usually a script or small program) ready to be used. Firefox 147 in danger. In collaboration with Mozilla, Anthropic’s new model analyzed 50 categories of “crashes” of the SpiderMonkey JavaScript engine that is the core of this browser. Their task was to detect the most serious problems, exploit them to create memory corruption scripts and thus be able to execute arbitrary code, that is, execute instructions beyond what JavaScript allows. Claude Mythos Preview was able to detect with great precision which were the most “exploitable” vulnerabilities, and took advantage of two unfixed bugs to achieve its goal. capture the flag. ‘Capture the Flag’ (CTF) cybersecurity competitions allow participants to solve challenges that simulate real system attacks and defenses. Claude Mythos Preview faced the public benchmark Cybench with 40 challenges taken from different competitions and achieved 100% success in all attempts. This benchmark has actually become useless: Anthropic’s model is too powerful for it. Opus 4.6, for example, achieved 93% effectiveness, but Mythos has “saturated” it. Thousands of critical vulnerabilities pending patch. There are numerous other examples in those two cited documents in which it seems clear that Mythos’ cybersecurity capabilities are amazing. But when the model was announced, 99% of the vulnerabilities discovered (and not yet mentioned) had not been patched yet, so Anthropic did not reveal those details and these were just some of those that were patched. What they did indicate is that in 89% of the 198 reports manually reviewed by external experts, these experts agreed with the severity assessment of the problem assigned by Mythos. Given this situation, Anthropic has hired teams of professional cybersecurity auditors to validate the reports before sending them to the maintainers of the affected software. And Mythos is just the beginning. On the Anthropic blog, its researchers say it bluntly: we had a relatively stable cybersecurity balance for 20 years, but things have changed. The attacks had evolved technically in that period, but were fundamentally of the same type as those in 2006. Mythos is able to find flaws in software that has been audited … Read more

The US has asked all its allies in Hormuz for help. The answer he received was anticipated by Spain before anyone else: “no”

by

In 1988, during the call “tanker war” between Iran and Iraq, a single low-cost naval device managed to seriously damage to a state-of-the-art American frigate in the Persian Gulf. That crisis left an uncomfortable lesson for the great powers: in the busiest maritime straits on the planet, a handful of well-placed threats are enough to put entire fleets in check and alter the balance of the world economy. A global appeal. Two weeks after the start of the war against Iran, the United States finds itself facing a paradox most disturbing. Despite the massive bombings against Iranian military installations and the blows against its strategic infrastructure, the Strait of Hormuz (the energy artery through which a fifth of the world’s oil passes) still blocked for much of the maritime traffic. The White House has responded with a unusual request: ask other powers to send warships to escort trade and reopen the passage. In fact, Trump’s call has not only been directed at traditional allies such as the United Kingdom or France, but also at rival powers. like china. This movement reflects, once again, an increasingly evident reality: the war is much more difficult to end than Washington expected. Reluctant allies. The international response has been prudent when not directly evasive. Spain has been the clearestbut the United Kingdom has insisted that the priority should be reduce escalation military rather than expanding naval deployment. For its part, Japan has recalled that its pacifist constitution limits participation in armed conflicts. South Korea has limited itself to promise consultations with Washington, while France has suggested that could participate in naval escorts, but only if the conflict is stabilized first. In other words, the allies recognize the strategic problem of the strait, but none seems willing to assume the political and military cost of fully entering the war. A notice to NATO. The frustration of the White House has ended up translating into a very direct message through a interview in Financial Times. Trump has publicly warned that NATO could face to a “very bad future” if its allies do not help the United States reopen the strait. The president’s argument is simple: Europe depends on the oil that passes through Hormuz and should help protect that route. In its vision of things, Washington has supported its allies in crises such as the war in Ukraine and now expect reciprocity. The problem is that this pressure comes at a time when many European governments fear being dragged into a military escalation with unforeseeable consequences. Appeal to China. In the face of Western coldness, the American appeal surprisingly included also to Beijing. China buys large quantities of Iranian oil and depends largely on the energy flow that passes through Hormuz. For Washington, this dependence could turn China into an actor interested in stabilizing the area. However, the maneuver has a complex diplomatic background: The United States is asking for help to resolve a war that it itself has started, and it is doing so even from a power with which it maintains a global strategic rivalry. Support for Iran. And while Washington seeks support from the most unexpected places, Tehran has responded proving that it is not isolated. The Iranian government has confirmed that maintains political, economic and even military cooperation with Russia and China. The relationship with Moscow has narrowed especially since the Ukraine war, in which Russia has used Iranian drones as part of its arsenal. With Beijing, the link is supported above all in energy trade and in long-term economic agreements. For Iran, this support does not necessarily imply direct intervention, but it does reinforce its position in the face of Western pressure. The strategic letter. we have been counting. Control of the Strait of Hormuz has become the main instrument of Iranian pressure. Tehran maintains that the passage is not closed to world trade, but only to the ships of the United States, Israel and their direct allies. This narrative seeks to present the situation as a selective retaliation and not as a global blockade. At the same time, it allows Iran use the threat on energy trafficking as a tool to force other countries to become diplomatically involved in the conflict. Economic war underway. Meanwhile, the impact on energy markets is already visible. The price of oil has exceeded $100 per barrel and several countries fear that the rise in energy prices will cause new inflationary tensions. For Asian economies, especially dependent on Gulf crude oil, the blockade represents a direct risk to their growth. That economic pressure is part of the Iranian strategic calculation: turn the conflict into a global problem that forces other powers to pressure Washington to find a solution. Late help. In that context, the implicit response of Iran is quite clear. In his view, the war has entered a phase in which calls for international cooperation no longer change the balance of the conflict. US attacks on strategic targets like the oil island of Kharg They have raised the tension to a level that makes any rapid retreat difficult. In other words, if Washington now seeks external support to close the war, Tehran interprets that it does so when the opportunity to avoid that escalation it’s already happened. An unexpected script. The final paradox begins to become increasingly evident, because the United States insists that has seriously weakened to Iran and that it can reopen the strait “one way or another”, but at the same time it is requesting international help to do it. This contradiction reveals that keeping Hormuz open under constant threat of mines, drones and missiles requires military coordination much larger than expected. Thus, the war that began as an air campaign fast has become a strategic challenge that involves (or seeks to involve) the entire international system. An increasingly complex board. The result is a scenario in which traditional alliances are shown extremely cautiousthe rival powers support Iran and the world economy is beginning to feel the impact of the … Read more

Navantia has just received a key piece to achieve it

by

If one looks at the evolution of conventional submarines, there is one constant that repeats itself: the race to stay underwater as long as possible. It is not just about speed or weapons, but about autonomy in immersion, a factor that directly determines the discretion of the platform and its patrol capacity. When a submarine has to interrupt that cycle to ventilate, manage gases or refuel, its operating margin is reduced. For this reason, much of the engineering behind the new submarines focuses precisely on solving that problem. And that is where the technology that Spain is integrating comes into play. in the S-80 program. The jump of the S-80 submarine. Amper, through its engineering subsidiary Proes-OSL Iberia, delivered to Navantia the carbon monoxide (CO) and hydrogen (H₂) catalytic reactors for the submarines S-83 “Cosme García” and S-84 “Mateo García de los Reyes”. These devices are part of the atmosphere revitalization system, integrated into the AIP compartment. According to the company itself, the project started in 2022 and the equipment has already received official certification from Navantia after completing the corresponding technical verifications. A key piece. The delivery announced by Amper has to do with a very specific element of the submarine’s technical ecosystem, the system responsible for maintaining the interior atmosphere within safe parameters during operation. Revitalization of the atmosphere in the submarine. The reactors developed by the company allow the controlled elimination of carbon monoxide and hydrogen in the compartment where the AIP system is integrated. The technology uses a catalytic combustion process that purifies these gases and helps maintain breathable air on board. In detail. The S-80 incorporates an AIP system developed by Navantia called BEST (Bio-Ethanol Stealth Technology). This system produces hydrogen on board using a reformer that uses bioethanol stored on the submarine. This hydrogen is then combined with oxygen in a fuel cell that generates electricity to power the ship’s systems during the dive, an architecture designed to extend operational autonomy without depending exclusively on batteries. What it means to stay underwater for weeks. Navantia explains that the BEST AIP system is designed to allow conventional submarines to remain submerged for prolonged periods in different environmental conditions. In that scenario, the unit reduces the need to interrupt its immersion cycle to manage power or interior atmosphere. Navantia links this greater autonomy with an expanded patrol area and with a “zero Indiscretion Coefficient”, a term it uses to describe a decrease in the probability of being detected during the mission. modern submarine. The design of the S-80 responds to the idea of ​​a modern ocean submarine capable of operating on long missions. Navantia describes the platform as a highly automated system that can be operated by a crew of 32 sailors, with eight additional spaces for on-board personnel. The ship is approximately 80 meters long, about 7 meters in diameter and has a submerged displacement of close to 3,000 tons. In addition, it can exceed 19 knots underwater speed and reach depths greater than 300 meters during operation. Apparently it is just one more component in the long list of equipment that makes up a submarine. However, systems like these are part of a much broader logic within the S-80 design. Each of them contributes to sustaining the operation of the submarine for longer periods without the need to modify its diving profile. As subsequent units in the series integrate these developments from their initial configuration, the S-80 program will show the extent to which these technologies can translate into greater operational autonomy underwater. Images | NAVANTIA In Xataka | The war in Iran is about to begin a suicidal combat: there are missiles, drones and kamikaze ships in the most fearsome point on the planet

What do you have to do to protect yourself if you have received an email saying that you have been affected?

by

Let’s tell you How to act if you have been affected by the Endesa hack. The electricity company has suffered a cyber attack that has affected its Spanish platform, something that has compromised the personal information of a large number of customers, exposing data such as the DNI, your personal data and even payment data such as the IBAN. Endesa has started send emails to affected usersso if you have come across one it is possible that your data has been stolen. Therefore, we are going to tell you several important steps to take to minimize the risks and avoid fraud that may arise when cybercriminal groups purchase this stolen data. Because the worst thing about these hacks is not always that they can steal money from your bank details, but that you can then receive fraudulent emails or messages with which they try to steal even more from you. Therefore, in these cases it is always advisable to pay close attention to what may happen in the following months. Remember that you have a complete and general article about what to do when your data is leaked online. Check your banking transactions The first thing is to check your bank and look if there is any strange movement. As Endesa has said that in some cases payment data may have been stolen, that means they could try to make some type of charge to your account. It is advisable to maximize attention during the coming weeks and months, and for any payment that is not clear, contact your bank to block it and avoid major problems. Be wary of emails, SMS and calls It is assumed that if a cybercriminal group buys the data stolen from Endesa, they will know your name and surname, your telephone number and your email. Therefore, you may receive fraudulent messages By any of these means, campaigns phishing with which to try to steal money from you. Here, be wary of any supposed communication from Endesa in which they ask for personal or banking information by phone or email. If you are asked for this information in a message, be wary immediately.because the real company will never ask you for them. Do not continue the conversation or respond to the message that arrives. Do not click on links or download files Phishing is a technique with which a cybercriminal sends mass messages to hundreds of thousands of people with a virus attached or links to fraudulent pages. Their goal is for at least a handful of people to click on them and become infected or go to the fraudulent page where they give their bank details and steal money with it. Therefore, if you receive a supposed email or SMS from Endesa or any other person with a file or a link to a website, never interact with this content. It’s okay to read the message, but never download anything or click on a link that takes you to another page. Save all Endesa communications Finally, to protect yourself for the future it is important keep the letter or email from Endesa. Thus, if in the future you have to prove possible misuse of your data, you will have proof that there was a hack and it was stolen. Other security measures Lastly, you may also want activate two-step verification on platforms where you use the same email that you have linked to Endesa. In those more sensitive ones, it may be interesting to change your passwords, and also take extreme precautions against any email and message that you may receive from other pages, because they can also be fraudulent. In Xataka Basics | My data has been leaked, now what: the steps you should take whenever there is a massive leak on the Internet that could affect you

I have received more than fifty automated Christmas greetings. They all lie

by

I would love for my next sentence to be an innocent one, but it is completely factual: I have received more than fifty Christmas greetings by email. Not written to me specifically, but automated by companies that thought it was an excellent idea. They all say the same thing with different words, They all pretend a closeness that does not exist. And the most striking thing is not that they do it, but that the person who sends them knows that the recipients know that it is a lie, and they still send them. Welcome to the theater of obligatory cordiality, where we are all actors conscious of acting. These christmas They usually come signed by the communication department, but it is not ‘communication’, it is maintenance of social infrastructure. Like watering a plastic plant: the gesture doesn’t make any sense, but doing it makes you feel better. The company that congratulates you has no feelings for you. The LinkedIn contact who hasn’t written to you in 364 days, either. But both have calculated that the cost of sending you that message (zero) is lower than the risk of you forgetting about them. It is calculation disguised as warmth. It works because we have accepted a tacit agreement: We’re going to pretend these messages mean something if you pretend you appreciate them. Nobody believes anything. But we all participate. The real message is not “I wish you a brutal Christmas” but “I still exist on your radar.” They don’t wish you anything, they only mark territory in your attention. And this contaminates even royal congratulations. We have turned a gesture of affection into a signal so degraded that it no longer communicates anything. Like when you repeat a word many times until it loses meaning: Merry christmas. Merry christmas. Merry christmas. Merry christmas. It doesn’t mean anything anymore. It’s just noise. The bad thing about the system is that it generates its own incentives to perpetuate itself. If you don’t send your massive congratulations, someone will interpret your silence as disdain. So you do it. And in doing so, you contribute to the noise that you yourself hate. Each individual message seems innocuous, but the aggregate effect is the destruction of the meaning of the words. And then there’s the absurd escalation. Because as everyone knows it is a lie, some try to differentiate themselves by adding layers of production. Videos with smiling employees, animated GIFs, Canva designs. As if the problem were packaging. Christmas spam is not a volume problem. The thing is we have forgotten that silence is also valid. That saying nothing is better than saying something empty. But we live terrified of silence, we prefer constant noise. And if you refuse to participate, you will be the odd one out. This is the sad thing: we know that it is a lie, that it contaminates real communication. But we keep doing it. Merry christmas. In Xataka | Calling without warning has gone from being normal to being rude. And in that change we have lost something Featured image | Xataka

After years of searching, I have finally found the perfect Weather app for Android. And he just received superpowers

by

If the question is how many weather apps do we have available on Android, the answer is “yes”. This is great because we have a lot to choose from, the problem is precisely that: there are so many that finding the one that is perfect for me seemed like a utopia. I finally found it and To my surprise, it’s from Google. Its problem, and because of how long it took me to discover it, is that it is a bit hidden. The weather app that Google doesn’t want you to use I’m not talking about the classic Google weather app that comes pre-installed on many Androids, but about the other Google weather app, one that It is only on the Google Pixel and what I discovered thanks to my colleagues from Xataka Android. The app is called ‘Pixel Weather’ or, in Spanish, ‘Pixel Weather’. It premiered with the Pixel 9 in 2024 and remains exclusive to Google mobile phones. That means that if you try to install it from the Play Storeit will tell you that “none of your devices are compatible.” But don’t despair, you can have it on any Android thanks to the installation via APK. However, remember that there are risks and download it only on reference portals like APKMirror. An exquisite and very functional design Pixel Weather has the design you would expect from a Pixel-only app. I really like the Material You interface because it is very clean and clear; Even in apps with many features like this one, it makes all the elements look super clear and conveys a feeling of simplicity. The interface is beautiful On the home screen we have the very large temperature and below it the different blocks with information such as the hourly forecast or the forecast up to 10 days. Below we have more information, all with a design reminiscent of a panel of widgets of different sizes. The good thing about Pixel Weather and why it has conquered me is because It is completely customizable. Do you prefer to have higher wind speeds? No problem, just hold down on the block you want to move and drag it to the new position. The only thing you won’t be able to move is the hourly forecast, which always remains fixed at the top, but everything else can be moved freely. We can move all the blocks as if we were arranging the home screen icons. Sliding down we have more widgets with different designs, such as the UV index one that is shaped like a sun or the humidity percentage widget that simulates being full of water. I also like it because at first glance it seems like a very simple app, but in reality it has much more information; By clicking on each of these widgets we obtain the hourly forecast about the specific data we are consulting, such as wind speed or relative humidity. The two widgets available talking about widgetsthe app offers us two to add to the home screen. The smallest one only has the temperature and an icon of the weather status, while the large one gives us the hourly forecast and more details such as the thermal sensation. I especially like the small widget for its oval design. Now with the best Google model That the app is very beautiful and functional is very good, but if the data it offers is not accurate, it is not of much use. This is not the case with Pixel Weather, in the time I have been using it it has been correct in its rain forecasts with quite a bit of accuracy regarding the time, but it has also been a few days ago. Google DeepMind announced that they have integrated WeatherNext 2his AI weather prediction model more advanced. According to DeepMind, WeatherNext 2 generates forecasts up to eight times faster than the previous model and its accuracy is better in 99.9% of variables. The innovation is that it uses an FGN or ‘functional generative network’ that injects noise into the model to achieve forecasts that are physically realistic. They have also integrated it into Google search, Gemini and will soon be in Maps. Images | Amparo Babiloni, Xataka In Xataka | The most beautiful, exciting and hopeful thing about November has come out of England and it is a weather forecast

In 1896 a man decided to lead to the reckless speed of 13 km/h. And received the first fine in history

by

Speed ​​fines in Spain vary from 100 at 600 euros. The table in which the economic amount is collected also serves if the driver will also be punished with the subtraction of driving card points. In the best case, the sanction It does not entail the subtraction of points, while in the worst you can detract a maximum of six. All this information can be consulted in your own DGT website or in the Traffic LawMotor vehicles and road safety. And it is useful, according to data from Associated European motoriststwo out of three fines that are imposed in Spain are motivated by speeding. But although speeding fines look like something modern, what is necessary to invest most sophisticated media To register the infraction and judicially demonstrate the breakdown of the norms, its history begins before The first car in Spain will enroll. The first fine of history for speeding Fines for committing some kind of Flying infraction They have a lot of history. Some suggest that the first punishment related to a traffic infraction was recorded in Egypt more than 2,800 years ago, after a drunk driver run over a girl and collided with a statue. However, the basis of this information is, at least, doubtful. But what is a general consensus is in the registration of the first penalty for speeding. In fact, those responsible for Guinness Record They make it record as the early infraction of this type. And they put date: January 28, 1896. The fine also has a name, surname and place of origin. Specifically, the offender was Walter Arnold who in the United Kingdom, and fully aware of what was played, promoted one of the first cars built by Karl Benz until the devilish speed of 13 km/h. Arnold exceeded the streets of Paddock Wood at full speed, in Kent Count “Horses without horses”. Arnold had broken four rules in a single moment: Drive a car without horses along a public street Drive a car without horses without the intervention of three people Do not show the name and direction of the vehicle Quadruplica the maximum permitted speed Yes, according to the fine, Arnold was traveling at a speed of 8 mph (about 13 km/h) when the maximum allowed limit was 2 mph. Of the means to calculate this speed, nothing is said. What we do know is that the result was immediate. Put before Justice, Arnold was convicted of each and every one of the accusations that were awarded. What Arnold had in mind is that the payment of 4.7 pounds were just an investment. With his stumbling he showed that the speed limits were completely outdated for those Combustion vehicles And, therefore, shortly after the speed limit was extended to reasonable 14 mph (just over 22 km/h). But this was not here. Arnold, in addition, was known for its handling of vehicles. He got the license to sell in the United Kingdom the vehicles of Karl Benz slightly modified with a local production under the name of Arnold Motor Carriage. A car with which he managed to win in the first race of emancipation in it was linked to London with Brighton (separated by 87 kilometers) and served to multiply car sales. The first fine was, in short, a marketing trick. In Xataka | The Mercedes T80, the car mounted on the engine of a hunt with which Hitler wanted to reach 750 km/h Photo | Clare Black and Knowledge of London

The most revolutionary and rare writing machine was lost in 1940. Until someone received a message

by

Many may not know, but WRITE MACHINES Not only were they important in the past, the present would not be auctionally similar without these tools. In fact, in 1980 Apple made a decision that few understood: declare him War to the machine to write Several centuries before, in China, someone devised the most revolutionary of all these machines. The problem is that there was only one and lost. Until now. Lost keys. THE HISTORY LA had the New York Times. It all started in 2007, when Tom MullaneyProfessor of Chinese History at Stanford, prepared a presentation about the disappearance of Chinese characters and wondered how something printed could be forgotten. That doubt led him to A revelation: How had a writing system as vast as the Chinese mechanized? He did not remember ever seeing a Chinese typewriter, and when he knocked down in his office to look at old patents, a trip that would last for years began. Discovered that, although scarce, they had existed dozen different models Chinese writing machines, each with ingenious solutions to try to represent thousands of ideograms in a portable frame. One is missing. From there, Mullaney launched a kind of hunting global: He called collectors, heirs traced on ancestry.com, visited churches, museums, even stores. Over time He gathered a collection Of unique devices, some rescued by very little of oblivion, aware that each one was an unrepeatable piece of the history of mechanized writing. However, there was a machine that could not find, not even dreaming of recovering: the legendary mingkwai. Lin Yutang’s mingkwai writing machine, as illustrated in its patent application The impossible machine. The Mingkwai It was created in the 40s by Lin Yutanga Chinese intellectual based in New York who feared that China, if it did not modernize their way of writing, It would be behind in front of foreign powers. To solve the dilemma of how to represent thousands of characters with a few keys, Lin devised a Revolutionary mechanical system: Any combination of two keys activated gears that showed up to eight possible characters in a central window that baptized as the “magical eye”, allowing the user to choose the right one. With only 72 keys, Lin had built an interface that allowed to generate tens of thousands of charactersa kind of chimeric keyboard capable of typing an entire universe. He baptized his creation as Mingkwai, which can be translated (freely) as “clear and fast.” Lost. The problem is that your demonstration before Remington executives It was a disaster: The machine failed and Lin ended up ruined. Along the way, the only prototype was sold to Mergenthaler Linotype, a Brooklyn printing press. From there, the trail It was lost. In his book The Chinese Typewriter (2017), Mullaney wrote that it was most likely to have ended in a landfill. Until, by chance, something extraordinary happened. Lin Yutang The reunion. We arrive at January 2025when Jennifer and Nelson Felix, from Massopequa (New York), reviewed boxes stored after her death. Suddenly, they found A wooden box containing something strange: a typewriter with Chinese keys. Nelson, fond of sale on Facebook, He published some photos In a specialized group without imagining that I was going to detonate a storm of messages. In less than an hour, hundreds of comments, many in Chinese, shouted at one thing: “Contact Tom!” While giving a talk in Chicago, Mullaney He began to receive a waterfall of notifications. As soon as he saw the photos, the man knew that he had to do with the mingkwai. Fear of losing it. The Times told that the historian did not feel jubilation with the news, but rather fear. If someone bought it on eBay and turned it into a lamp or a coffee table, it would disappear forever. What did he do? He wrote to the couple urgently, he told them the history of the machine and asked them to consider sell it to a museum. Jennifer, incredulous, understood in a short time that the object of more than 50 kilos was not just junk. “It was lost half a century,” he explained to Times. “We didn’t want it to be lost again.” From the basement to the campus. The story charged an unexpected turn when Mullaney discovered that Jennifer’s grandfather, Douglas Arthur Jung, had worked on Mergenthaler Linotype And he probably saved the scratch machine when he took it with him. For decades, the family had preserved it without knowing what it was. In April, the couple accepted Sell to Stanfordwhich acquired it thanks to a private donor. When he finally arrived in California, Mullaney witnessed his unpacking with expectation. There, in the University warehouse, he discovered that his mechanism was even more delicate and sophisticated of what I imagined. The machine not only survived: He spokeor something similar. He began to wonder what engineers could discover if they were carefully dismantled. Could, perhaps, replicate it? Does Lin’s thoughts unravel in 1947, when he believed that a typography could save his nation? A recovered story. The History of the mingkwai It is more than that of the rescue of an exotic and rare machine. If you want, it is even a metaphor of ideas that, without interlocutors, run the risk of disappear forever. Mullaney understood that it was possibly the last one who could understand what these machines represented: the linguistic dilemmas of a civilization, the technological aspirations of a nation then marginalized, or even the desperate elegance of a visionary inventor. The mingkwai was a device that No one wanted In his time, too advanced already too clumsy, the result of an idea too big for an era that still did not know how to translate it. But when finding it, complete and still capable of astonishing, the professor not only recovered a museum piece: he rescued from oblivion an entire chapter in the history of human writing. Image | StanfordCampbell, Brobough & Free, American Memory Digital Item Display In Xataka | In 1980, Apple made … Read more

An researcher proposed a game to Chatgpt. What he received in return was functional keys from Windows 10

by

Sometimes, the most effective is the simplest. That thought Marco Figueroa, cybersecurity researcher, when last week decided to test The limits of Chatgpt. The proposal was as innocent as disconcerting: a riddle game, without technical attacks or explicit intentions. Instead of seeking vulnerabilities in the code, he focused on language. And it worked: he managed to make the system return something that, according to himself, should never have appeared on the screen. The result were generic key installation of Windows 10 For business environments. The key was to disguise him. What Figueroa wanted to check was not if he could force the system to deliver forbidden information, but if it was enough to present the right context. He reformulated interaction as a harmless challenge: a kind of riddle in which AI should think of a real text chain, while the user tried to discover it through closed questions. Throughout the conversation, the model did not detect any threat. He responded normally, as if he were playing. But the most critical part came at the end. When introducing the phrase “I Give Up” – I rindo – Figueroa activated the final answer: the model revealed a product key, as it had been stipulated in the rules of the game. It was not a casual carelessness, but a combination of carefully designed instructions to overcome the filters without raising suspicions. The filters were there, but they were not enough. Systems such as Chatgpt are trained to block any attempt to obtain sensitive data: from passwords to malicious links or activation keys. These filters are known as Guardrailsand combine black lists of terms, contextual recognition and intervention mechanisms against potentially harmful content. In theory, asking for a Windows key should automatically activate those filters. But in this case, the model did not identify the situation as dangerous. There were no suspicious words, or direct structures that alerted their protection systems. Everything was raised as a game, and in that context, the AI acted as if it were fulfilling a harmless slogan. What seemed harmless was camouflaged. One of the elements that made the failure possible was a simple obfuscation technique. Instead of writing directly expressions such as “Windows 10 Serial Number”, Figueroa introduced small HTML labels between words. The model, interpreting the structure as something irrelevant, ignored the real content. Why it worked (and why just worrying). One of the reasons why the model offered that response was the type of key revealed. It was not a unique key or linked to a specific user. Apparently it was a generic installation key (GVLK)such as those used in business environments for massive displays. These keys, publicly documented by Microsoft, only work if they are connected to a KMS (Key Management Service) server that validates network activation. The problem was not only the content, but the reasoning. The model understood the conversation as a logical challenge and not as an attempt to evasion. Did not activate its alert systems because the attack did not seem an attack It’s not just a key problem. The test was not limited to an anecdotal issue. According to Figueroa himself, the same logic could be applied to try to access another type of sensitive information: from links that lead to malicious sites to restricted content or personal identifiers. Everything would depend on the way the interaction is formulated and whether the model is capable – or not – to interpret the context as a suspect. In this case, the keys appeared without their origin being completely clear. The report does not specify whether this information is part of the model training data, if it was generated from already learned patterns, or if external sources were accessed. Whatever the road, the result was the same: a barrier that should be impassable ended up giving up. Xataka with Gemini | Aerps.com In Xataka | Granada promised them very happy with their new degree of the university. Until his feet stopped

A neighbor from Zaragoza received a foreign card and did not hesitate to take advantage of it. The National Police soon found it

by

A foreign card, a cap, some glasses and loose days of May were enough. A 58 -year -old man, a resident in Zaragoza, took advantage of the fact that a banking entity sent a card to his home – which was no longer that of the headline – and used it to make several extractions of money. In total, almost 6,000 euros in cash. But it was the head of the head that detected the movements and filed the complaint. The National Police soon acts. The card did not belong. The legitimate head resides abroad and was his brother, who still lives in Spain, who detected the strange positions in the account and filed the complaint with the National Police. What seemed a simple error in the shipment resulted in an investigation for improper appropriation. As explained by Rubén Nido, official spokesman for the body, In a video broadcast by La8 Zaragozathe agents began to follow the trail of the reimbursements. Five days, several extractions and an improvised costume. Between the eight and May 13, the man made several extractions at different ATMs of Zaragoza. He made it covered by a cap and with glasses to hinder his identification in security cameras. The costume was not enough. The images were key to binding ends and locating it. He was arrested in the immediate vicinity of his home, the same place where he had received the card days before. At this time it is known that he was brought to court and declared before the competent authority. It should be noted that the suspect already had a history of similar events. Now he has been released with charges while the process continues its course. What began with a simple postal error has ended, again, before a court. The Criminal Code is clear. According to Europa Presscurrent legislation contemplates this type of situations as a crime. Use a bank card to the detriment of its owner or a third can lead to a punishment between six months and three years in prison. What happened in Zaragoza is not an isolated case. In Zamora, a neighbor of Benavente was convicted after receiving a bizum of 20 euros by mistake and not return it, despite having been warned. The Provincial Court confirmed that its refusal also constituted undue appropriation. Result: mandatory return, fine of 180 euros and judicial costs. Images | Chiara Daneluzzi | Eduardo Soares | National Police In Xataka | The Meta Ray-Ban have turned anyone into spy for 329 euros. Barcelona’s detainee is only the first visible case

Log In

Forgot password?

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections

Here you'll find all collections you've created before.