Adobe Tries Again To Clarify Their Terms Of Use…. Does This Make You Feel Better About Adobe?

Posted in Commentary with tags on June 7, 2024 by itnerd

Yesterday, a C level executive tried to put out the fire surrounding the firestorm that Adobe created when changes to their terms of use came to light and made it look like Adobe products were basically spyware. And that Adobe were intent on using customer data to train their AI models.

It now Adobe is taking another crack at trying to make this issue go away via this blog post. I encourage you to read it in full. But here’s the part of it that is most relevant to this discussion:

The focus of this update was to be clearer about the improvements to our moderation processes that we have in place. Given the explosion of Generative AI and our commitment to responsible innovation, we have added more human moderation to our content submissions review processes.

And they also say this:

To be clear, Adobe requires a limited license to access content solely for the purpose of operating or improving the services and software and to enforce our terms and comply with law, such as to protect against abusive content.

Finally they say this:

  • Adobe does not train Firefly Gen AI models on customer content. Firefly generative AI models are trained on a dataset of licensed content, such as Adobe Stock, and public domain content where copyright has expired. Read more here: https://helpx.adobe.com/firefly/faq.html#training-data
  • Adobe will never assume ownership of a customer’s work. Adobe hosts content to enable customers to use our applications and services. Customers own their content and Adobe does not assume any ownership of customer work.

Now if this blog post came out at the same time the terms of use were updated, we may not be here talking about it now. And if they didn’t do any of the following, this absolutely would not have been such a huge issue:

  • To request support to clarify the terms of use, you had to agree to these terms
  • To uninstall the apps because you didn’t like these terms of use, you had to agree to these terms of use anyway.

The fact is Adobe to borrow a U.K. phrase, stuffed this whole thing. They really screwed up how they handled it and burned a whole lot of goodwill in the process. I guarantee that because of how this was handled, a lot of creative professionals are now either looking for alternatives to Adobe products, or have already switched. Will Adobe care about that? They might if it hits their bank account hard enough. I guess the central question is does this make you feel better about Adobe, and will you feel comfortable enough to use their products? Sound off in the comments below with your thoughts.

Leave a comment »

So Adobe Responds To Their Terms Of Use Change… And It Isn’t Going Over Well

Posted in Commentary with tags on June 6, 2024 by itnerd

Yesterday, I posted a story about Adobe changing their terms of use and sparking an uproar about it. At the time I said this:

Adobe could really do itself a favour by clarifying this. Because until they do, people are going to have the impression that Adobe products are basically spyware when in reality they’re likely not. Thus I’ve pinged Adobe over this and if I actually get a response, I’ll post it here.

I said that because Adobe really wasn’t saying anything about this to address this issue. But that changed when Adobe Chief Strategy Officer Scott Belsky responded to the Tweet that started this:

 I encourage you to read the entire Tweet. But The fact that Adobe as of the time that this story is written doesn’t train AI models with customer data isn’t something that inspire any confidence as their terms could allow Adobe to do so in the future.

Now if you read the entire Tweet, Belsky does say that this could be clearer. But he also uses the “everyone else does this” excuse. Which again doesn’t inspire confidence in Adobe. And from what I can tell, this isn’t going over really well on Twitter.

The bottom line is this. Even with this response from a C level executive at Adobe, I have shifted my opinion from “let’s give Adobe a chance to respond because this may not be as bad as it seems” to “Adobe is possibly setting the groundwork to do something suspect with your data in the future.” And I am likely not the only person who is thinking that given how many people are now threatening to dump Adobe products because of this. Maybe Adobe should take that into account and come up with a strategy to address these concerns and put this to bed before their reputation gets damaged beyond repair.

1 Comment »

I’ve Found A Free Bartender Replacement and It Is Called Ice

Posted in Commentary with tags on June 6, 2024 by itnerd

Yesterday, I brought you the story of the gong show surrounding the Mac app Bartender. The TL:DR goes something like this. The app who was being written by a guy named Ben Surtees was quietly sold a couple of months ago to a company named Applause who appears to buy apps and finds new and creative ways of monetizing them. It was then discovered that the most up to date version of Bartender has a ton of analytic gathering code in it. That made me and a lot of other people instantly uninstall it. And the responses to this controversy that have been given by Applause have been shifty at best. But the question is what do you replace it with?

Well, I’ve been experimenting with a piece of software called Ice that does some of what Bartender used to do. The key word is some because one thing that Bartender was really good at is automatically making menubar icons that needed attention appear. For example, making the WiFi icon appear if you disconnect from WiFi. Ice doesn’t do that. But what it does is allow you to configure the menubar so that the items that need to always be visible, and less used items are hidden. Let me illustrate that:

What you see here is the stuff that I absolutely care about seeing 100% of the time. Besides iStat Menus which tells me all the stats related to how my Mac is performing, I want to see the WiFi icon, Battery status, Spotlight, Control Center, Siri, and the date and time. You’ll also note that next to the WiFi icon is a VPN connection. It’s there because while typing this article, I was connected to a client’s network to quickly fix something for the client in question. I want to draw your attention to the right of the Spotlight icon. You’ll see a circle which is Ice. Click it and you get this:

Now I get the the stuff that I don’t care about 90% of the time. Starting with Clyde, the G Hub app that controls the key light for my camera, Amphetamine which keeps my Mac awake during things like Power Point presentations, Garmin Connect which I use to upload new maps to my bike computer, Monitor Control which I use to control the brightness of my external display, and Time Machine. If I click on that circle again or just wait a bit, all these items disappear.

Like I said, this isn’t perfect. But it’s free (the developer does take donations) and the developer seems to have a good reputation. So I’m giving this a shot for now. But I’ll be trying a few other options to see if I can find anything better. If I come across anything that’s better, I’ll write an article on it and let you know.

1 Comment »

Adyen Strengthens Commitment to Canadian Market with New Office Opening & Leadership Hire

Posted in Commentary with tags on June 6, 2024 by itnerd

Today, Adyen announced the opening of its own office in Toronto. The new Toronto office will serve as the company’s Canadian headquarters, underscoring Adyen’s commitment to sustained growth in the Canadian market. As part of Adyen’s ongoing commitment to growing in Canada, Adyen is also pleased to welcome Ilona Fagyas to its leadership team as its new Head of Sales later this month.

Since the start of 2020, Adyen has established a strong presence in Canada, expanding its team to 26 employees across various functions to support local and global businesses operating in the region. The company has forged local partnerships, launched new products, and added notable merchants like Moose Knuckles and Mejuri to its Canadian client base next to its already impressive global client base. Leveraging its financial technology platform, Adyen’s team offers innovative solutions that are transforming the way Canada pays.

With over 15 years of sales management experience, Ilona Fagyas is a proven payments leader in the Canadian FinTech industry. Ilona has led enterprise segments at prominent organizations including TD, Chase, and most recently, PayPal. Her dedication to excellence has been recognized through numerous President’s Club designations, highlighting her contributions to year-over-year improvement in top-performing regions. As the Head of Sales for Adyen Canada, Ilona will be focused on expanding Adyen’s footprint in the region and optimizing its growing commerce business.

Adyen has over 20,000 payment terminals in thousands of Canadian stores, with hundreds of Canadian brands interacting with Adyen’s platform daily. Adyen sets itself apart from other fintech platforms by offering all payment and financial products within its one innovative platform. Through Adyen’s platform, businesses can quickly respond to consumer demand for the latest trends in payments and consumer experiences with minimal effort – for example, by utilizing tokenization to inter-connect customer journeys across Pay By Link, mobile POS, buy online and return in-store, with a wealth of customer data captured in the process.

Adyen’s financial technology platform is available to help Canadian enterprises – including those in retail, hospitality, platform services, digital services and subscriptions, and e-commerce – achieve their ambitions faster. For more information, visit https://www.adyen.com.

Leave a comment »

Department of Labor Releases A Set Of AI Guidelines

Posted in Commentary with tags on June 6, 2024 by itnerd

The Department of Labor has announced a set of principles that provide employers and developers that create and deploy artificial intelligence with guidance:

Developed as a result of President Biden’s Executive Order on the Safe, Secure and Trustworthy Development and Use of Artificial Intelligence, this initiative underscores the administration’s commitment to ensuring AI technologies strengthen worker empowerment and well-being while addressing risks to workers.

 Kevin Surace, Chair, Token had this comment:

The DOL guidelines released today put human workers at the forefront of protection from AI including privacy, security, quality of life and ethics. This will force companies to engage HR as well as the CIO in all things AI going forward. Additional guidance is coming from all agencies. But for now this DOL guidance is very clear that worker empowerment is the north star. Meaning HR is also leading the way in all AI decisions across an organization.

DOL doesn’t make law, but does provide guiding principals for labor. These are their first AI principles and are squarely centered on the human aspects of and impact from AI. This will fly in the face of productivity gains which are often measured by reduction in headcount. How a company balances that reduction with the ethics of AI and the guiding principals here of worker empowerment are a quandary not easily resolved.

This guidance is very much focused on worker privacy and empowerment. Data security is already front and center with CIOs and CISO’s and that has less to do with employees and more to do with corporate IP.

This is another one of these good moves by the Biden administration. Hopefully this bears fruit and protects workers. That would be a great thing.

Leave a comment »

OVHcloud Continues Making AI Simple With New NVIDIA Tensor Core GPUs and Top-of-the-Line AI Models

Posted in Commentary with tags on June 6, 2024 by itnerd

OVHcloud, a global player and the European cloud leader, has taken the stage at Adopt AI, France’s new AI-focused event, to renew its commitment to democratize AI within organizations, an effort aligned with its core values for an open, transparent and trusted Cloud. In a booming AI market, OVHcloud aims to offer businesses the optimal capacity for their every AI needs through a wide range of solutions positioned at every price point. The Group’s unique value proposition aims to bring simplicity to every level of the AI pipeline while addressing the growing concerns for security, data privacy and costs that could further delay AI adoption according to recent studies. 

To propel AI into new territories, OVHcloud now offers a broad portfolio of NVIDIA Tensor Core GPUs and the latest open-source LLMs (like Mixtral 8x22B or Llama 3) available on the shelf with unmatched simplicity in a private environment. The Group relentlessly executes on its strategy focusing on the four key items that organizations need to be successful with AI: powerful yet efficient compute resources, streamlined datasets, software tooling and cutting-edge skillsets. 

Offering NVIDIA accelerated computing for every AI workload

Strategically designed to meet the needs of AI engineers today and tomorrow, OVHcloud solutions turbocharge projects from the creation of AI models to inferencing the very latest Large Language Models. As such, the Group now offers a broad portfolio of state-of-the-art NVIDIA GPUs in its Public Cloud universe, available on demand in ecofriendly datacenters, including the NVIDIA H100 Tensor Core GPU, NVIDIA L4 Tensor Core GPU and NVIDIA L40S GPU. Regardless of whether they need to provision and manage GPU instances themselves or leverage them within OVHcloud Managed Kubernetes Services, MLOps Engineers can benefit from the full range of OVHcloud PaaS offerings, including Managed Databases (such as Vector DB like pgvector or Qdrant), Kafka, as well as high-performance Object Storage.

Further delivering on its ambitious AI roadmap, OVHcloud has introduced NVIDIA L40S GPUs on its Public Cloud in addition to the NVIDIA H100 and L4 GPUs which are already available. NVIDIA L40S GPUs combine powerful AI compute with best-in-class graphics and media acceleration to power a wide range of workloads from LLM inference and training to 3D graphics, rendering and video.

Dedicated Bare Metal servers now with NVIDIA L40S GPUs

Addressing the need for powerful dedicated AI servers, OVHcloud has also introduced new Bare Metal dedicated servers powered by NVIDIA L40S GPUs. Sitting in the High Grade range, the new HGR-AI-2 server targets use cases such as deep learning, machine learning and high performance computing. The range is equipped with AMD EPYC 9354 in a dual processor configuration, thus featuring 64 cores and 128 threads with 384 GB of DDR5 memory (up to 2.3 TB). To tackle serious AI workloads, new HGR-AI-2 features 2x NVIDIA L40S 48 GB GPUs with the ability to configure up to 4x NVIDIA L40S 48 GB GPUs per server.

Easy to use tools to gets hands on with AI workloads

To further simplify AI and democratize the way businesses use AI, OVHcloud AI solutions sit at every step of the AI value chain from ideation to production. The easy-to-use, AI Notebooks, AI Training and AI Deploy services act as a complete set of serverless tools designed to experiment with data, train models and put them into production. The high-level software solutions leverage industry standard technologies and are designed to assist data scientists and machine learning engineers without the need to manage complex infrastructure scaling, and with minute-by-minute billing.

New open-source Llama and Mistral models available through AI Endpoints

OVHcloud AI Endpoints is another serverless solution that enables access to a diverse set of AI models through API endpoints thus requiring little to no knowledge on the user side. Before placing their API calls, developers can benefit from a playground to test their Endpoints. Just like critically acclaimed OVHcloud AI Notebooks, AI Training and AI Deploy, AI Endpoints leverages the Group’s infrastructure, fully respecting data privacy (in/out). The Group has added highly sought-after open-source LLMs like Mixtral 8x22b and Llama 3 that can be deployed through the OVHcloud AI Endpoints service.

Pricing and availability

New NVIDIA GPUs options including NVIDIA H100, L4 and L40S are available now in the Public Cloud universe to execute AI driven projects.

New HGR-AI-2 servers with the NVIDIA L40S GPU are available now in France and Canada, starting at 2969,99 euros/month.

New models including Mixtral 8x22b and Llama 3 are available now through OVHcloud AI Endpoints.

Resources

Leave a comment »

Australian Mining Company Pwned By BianLian

Posted in Commentary with tags on June 6, 2024 by itnerd

Recently, Australian mining company, Northern Minerals, disclosed a breach after BianLian leaked data. Exfiltrated data includes corporate, operational, shareholder and financial information, along with detailed related to current and former personnel. The company noted that the incident did not affect mining or business operations. 

Darren Williams, CEO and Founder, BlackFog:

“The attack on Northern Minerals is an example of how ransomware gangs will proceed once their demands are not met. While this is an unfortunate reality for the shareholders and the organization itself, it reflects a common trend among ransomware gangs that are focused specifically on data exfiltration rather than encryption.  Today’s gangs are about extortion and the many ways data can be leveraged for financial gain, so the focus must revolve around data security and preventing data exfiltration to protect organizations from these ongoing threats.”

The best way to make the activities of these gangs less profitable is to make sure that they can’t get into your environment. Because you can’t be extorted if they can’t get in.

Leave a comment »

TikTok Pwned… Big Name Accounts Hacked

Posted in Commentary with tags on June 6, 2024 by itnerd

TikTok has been pwned via a zero day related to opening direct messages. That’s bad. But it gets worse:

According to the report, the bad actors behind these attacks are transmitting malware through DMs on the popular social media app. Distressingly, the malware does not require the victim to download any software or click on a malicious link. Apparently, all you have to do to potentially infect your device is open a DM with the malware present.

This is seemingly connected to a separate report from Semafor, which noted on Sunday that a hacker broke into CNN’s TikTok account last week, prompting the news organization to take the account down. While some CNN staffers told Semafor that the team had been lax with its digital safety practices, one network source added that the breach came from outside of the company. It’s entirely possible that a staffer opened one of the malicious DMs.

A CNN spokesperson told Semafor that the company is “working with TikTok on the backend on additional cybersecurity measures” to ensure that their account is secure during the presidential debates and other noteworthy events in the coming weeks. At the time of writing, the main CNN TikTok account is still unavailable on the platform.

Apparently other TikTok accounts have been pwned as well. What makes this worse is that anyone can be a victim of this attack. That’s not good. Ted Miracco, CEO of Approov had this to say:

   “The TikTok security issue serves as a crucial wake-up call about the vulnerabilities present in apps from official stores. It highlights the need for greater transparency, cooperation, and the adoption of advanced security measures to protect users. Many users believe that apps available on official app stores are inherently safe. This perception is perpetuated by the rigorous app review processes that Google and Apple claim to implement. However, the reality is that even apps from these stores are not immune to zero-day vulnerabilities and sophisticated attacks. 

   “Zero-day vulnerabilities, by definition, are previously unknown flaws that can be exploited before the developer has a chance to address them. The presence of such vulnerabilities in popular apps like TikTok is alarming. It indicates that even the most widely used and scrutinized apps can have hidden security flaws, putting millions of users at risk.

   “To build a more secure app ecosystem, transparency is key, and independence from Google and Apple controlling the release process. Developers need to control the process, and users need to be informed about the security measures taken by app developers and the potential risks associated with using certain apps. Furthermore, the industry must move towards open standards and greater cooperation among stakeholders. By addressing these challenges, we can work towards a safer and more secure app ecosystem.”

This is likely the last thing that TikTok needs. Hopefully they are completely transparent about what’s going on here and how they plan on addressing this. Otherwise this will add to their problems.

Leave a comment »

A Follow Up To London Hospitals Being Pwned In A Ransomware Attack

Posted in Commentary with tags on June 5, 2024 by itnerd

Following up on this story about London hospitals getting pwned by a ransomware attack, I have more details on this. On the surface, this appears to be yet another third party attack.

The attack targeted Synnovis, a third-party provider responsible for pathology services such as blood tests, swabs, and bowel tests for the affected hospitals. As a result, crucial services like blood transfusions and test results have been disrupted.

In response to the attack, both Guy’s and St Thomas’ and King’s College Hospital have declared a “critical incident.” The Independent reports that general practitioners have been instructed to cancel all non-emergency pathology appointments, and hospital staff have been directed to request emergency blood samples only for patients requiring transfusions. 

A spokesperson for NHS England’s London region stated, “This is having a significant impact on the delivery of services at Guy’s and St Thomas’, King’s College Hospital NHS Foundation Trusts and primary care services in southeast London, and we apologize for the inconvenience this is causing to patients and their families.” Despite the disruption, emergency care remains available, and patients are advised to continue accessing services as usual, including dialing 999 in emergencies.

According the The Record, the NHS suffered 138 ransomware attacks in just 2022 and 2023.

Experts with Cyware and Horizon3.ai offer perspective:

Emily Phelps, Director, Cyware had this to say:

   “These ransomware attacks targeting healthcare and critical infrastructure reinforce the urgent need for a collective defense security approach. This incident, which has  disrupted critical healthcare services, highlights the vulnerabilities inherent in siloed systems that slow down response times. 

   “A unified defense strategy and modernized security operations not only mitigate risks but also ensure a quicker and more efficient response, safeguarding essential services and protecting patient care.

Stephen Gates, Principal Security SME, Horizon3.ai follows with this:

   “What all organizations must come to terms with is that their exploitable attack surface is no longer just their own – it now encompasses their suppliers’ attack surfaces as well. A successful attack against a smaller supplier, who is part of a larger supply chain, can in fact cause disruption to their upstream buyer community. Therefore, it is critical for organizations to not only continuously assess their own security postures, but the security postures of their suppliers as well.

   “The challenge here is how do you continuously assess yourself – and your suppliers? Traditionally, organizations relied on two assessment approaches: Checkbox assessment exercises or manual penetration tests. The first does not always guarantee better security and the latter is nearly impossible to perform in a continuous fashion.

   “However, there are autonomous assessment solutions and approaches readily available that can continuously (and preemptively) discover exploitable vulnerabilities and other weaknesses so organizations can resolve them before attackers discover them. It’s time for both public and private sector organizations to adopt these solutions and approaches before this sort of event becomes the norm

Third party attacks are the new problem of the moment. Which means that you need to ensure that you take into account the security practices of your suppliers and partners if you want to stay secure. Otherwise you get situations like this.

Leave a comment »

Does The Updated Adobe Photoshop Terms Of Use Gives Them The Right To Access All Your Work?

Posted in Commentary with tags on June 5, 2024 by itnerd

From the “this seems a bit suspect” comes this discovery by Sam Santala about the terms of use for Adobe Photoshop:

Of course this set off a bit of a tizzy on the Internet. And it sounds pretty bad on the surface. But there’s another view to this.

The way this is written, it sounds like it only refers to content that you upload to Adobe. Meaning that stuff that is local is stuff that they don’t have access to. That’s fine. Sort of. There’s also references to looking for things like CSAM and adult material. Now I am a computer nerd and not a lawyer, but that sounds like a cover your a$$ sort of thing to me. There’s also verbiage about using machine learning to improve their products. That’s something that I can see people having issues with as there are people out there who don’t want AI models trained using their stuff.

Adobe could really do itself a favour by clarifying this. Because until they do, people are going to have the impression that Adobe products are basically spyware when in reality they’re likely not. Thus I’ve pinged Adobe over this and if I actually get a response, I’ll post it here.

5 Comments »

« Older Entries
Newer Entries »