Slashdot.com

An anonymous reader quotes a report from 404 Media: Instagram is flooded with hundreds of AI-generated influencers who are stealing videos from real models and adult content creators, giving them AI-generated faces, and monetizing their bodies with links to dating sites, Patreon, OnlyFans competitors, and various AI apps. The practice, first reported by 404 Media in April, has since exploded in popularity, showing that Instagram is unable or unwilling to stop the flood of AI-generated content on its platform and protect the human creators on Instagram who say they are now competing with AI content in a way that is impacting their ability to make a living. According to our review of more than 1,000 AI-generated Instagram accounts, Discord channels where the people who make this content share tips and discuss strategy, and several guides that explain how to make money by "AI pimping," it is now trivially easy to make these accounts and monetize them using an assortment of off-the-shelf

Five local privilege escalation (LPE) vulnerabilities in the Linux utility "needrestart" -- widely used on Ubuntu to manage service updates -- allow attackers with local access to escalate privileges to root. The flaws were discovered by Qualys in needrestart version 0.8, and fixed in version 3.8. BleepingComputer reports: Complete information about the flaws was made available in a separate text file, but a summary can be found below: - CVE-2024-48990: Needrestart executes the Python interpreter with a PYTHONPATH environment variable extracted from running processes. If a local attacker controls this variable, they can execute arbitrary code as root during Python initialization by planting a malicious shared library. - CVE-2024-48992: The Ruby interpreter used by needrestart is vulnerable when processing an attacker-controlled RUBYLIB environment variable. This allows local attackers to execute arbitrary Ruby code as root by injecting malicious libraries into the process. - CVE-2024

A new study reveals that many users, particularly students and Redditors, view Z-Library as a vital resource for overcoming economic barriers to education, reflecting a "Robin Hood" mentality that prioritizes access to knowledge over copyright concerns. TorrentFreak reports: The research looks at the motivations of two groups; Reddit users and Chinese postgraduate students. Despite the vast differences between these groups, their views on Z-Library are quite similar. The 134 Reddit responses were sampled from the Zlibrary subreddit, which is obviously biased in favor of the site. However, the reasoning goes well beyond a simple "I want free stuff" arguments. Many commenters highlighted that they were drawn to the site out of poverty, for example, or they highlighted that Z-Library was an essential tool to fulfill their academic goals. "Living in a 3rd world country, 1 book would cost like 50%- 80% already of my daily wage," one Redditor wrote. The idea that Z-Library is a 'necessary

An anonymous reader quotes a report from Ars Technica: Who up missing Musi?" a Reddit user posted in a community shocked by the free music streaming app's sudden removal from Apple's App Store in September. Apple kicked Musi out of the App Store after receiving several copyright complaints. Musi works by streaming music from YouTube -- seemingly avoiding paying to license songs -- and YouTube was unsurprisingly chief among those urging Apple to stop allowing the alleged infringement. Musi was previously only available through the App Store. Once Musi was removed from the App Store, anyone who downloaded Musi could continue using the app uninterrupted. But if the app was ever off-loaded during an update or if the user got a new phone, there would be no way to regain access to their Musi app or their playlists. Some Musi fans only learned that Apple booted Musi after they updated their phones, and the app got offloaded with no option to re-download. Panicked, these users turned to the

Comcast plans to spin off several of its cable TV networks into a standalone company as it shifts focus to streaming and other profitable ventures like Peacock, theme parks, and broadband services. The Associated Press reports: Those one-time stars for Comcast's NBCUniversal cable television networks include USA, Oxygen, E!, SYFY and Golf Channel, as well as CNBC and MSNBC. Movie ticketing platform Fandango and the Rotten Tomatoes movie rating site would also become part of the new company. Peacock will remain with Comcast, as will Bravo, which provides significant content for the Peacock streaming service. Comcast telegraphed the potential shift last month as it released quarterly earnings before confirming Wednesday that it will spin off assets that generated about $7 billion in revenue over he past 12 months ending September 30. That's about 5.5% of Comcast's total revenue during that period, according to the company. But there is a shrinking pool of cable subscribers as millions

The Verge's Richard Lawler reports: Strava recently informed its users and partners that new terms for its API restrict the data that third-party apps can show, refrain from replicating Strava's look, and place a ban on using data "for any model training related to artificial intelligence, machine learning or similar applications." The policy is effective as of November 11th, even though Strava's own post about the change is dated November 15th. There are plenty of posts on social media complaining about the sudden shift, but one place where dissent won't be tolerated is Strava's own forums. The company says, "...posts requesting or attempting to have Strava revert business decisions will not be permitted." Brian Bell, Strava's VP of Communications and Social Impact, said in a statement: "We anticipate that these changes will affect only a small fraction (less than .1 percent) of the applications on the Strava platform -- the overwhelming majority of existing use cases are still all

An anonymous reader quotes a report from VentureBeat: DeepSeek, an AI offshoot of Chinese quantitative hedge fund High-Flyer Capital Management focused on releasing high performance open source tech, has unveiled the R1-Lite-Preview, its latest reasoning-focused large language model, available for now exclusively through DeepSeek Chat, its web-based AI chatbot. Known for its innovative contributions to the open-source AI ecosystem, DeepSeek's new release aims to bring high-level reasoning capabilities to the public while maintaining its commitment to accessible and transparent AI. And the R1-Lite-Preview, despite only being available through the chat application for now, is already turning heads by offering performance nearing and in some cases exceeding OpenAI's vaunted o1-preview model. Like that model released in September 2024, DeepSeek-R1-Lite-Preview exhibits "chain-of-thought" reasoning, showing the user the different chains or trains of "thought" it goes down to respond to th

Workers in the U.S. are running in place -- feeling stuck in jobs with dimmed prospects of advancement and seeing fewer opportunities to jump ship for something better. From a report: It's a sharp contrast to the heady days of 2022 -- when employees were quitting their jobs at record high rates, open roles proliferated and the possibility of a higher paycheck always seemed just around the corner. Employers are sitting tight, says Daniel Zhao, lead economist at job site Glassdoor. Companies aren't making big changes to hiring strategy. That means "fewer opportunities for workers to climb the career ladder," he says. They're still plugging away at the same role they've had for years without the opportunity to move up internally or at a new company. 65% of the 3,400 professionals surveyed by Glassdoor last month said they feel stuck in their current role. "As workers feel stuck, pent-up resentment boils under the surface," Zhao writes in a report out yesterday.

Sony has announced the a1 II flagship mirrorless camera, retaining its predecessor's 50.1-megapixel stacked sensor while adding AI capabilities and improved stabilization. The camera features a new dedicated AI processor, enhancing autofocus performance with claimed improvements of 50% for bird eye detection and 30% for both animal and human subjects. Its in-body stabilization system now offers 8.5 stops of correction. The a1 II maintains the original's 30 frames-per-second shooting speed and 759-point autofocus system. New features include pre-capture shooting with a one-second buffer and a multi-angle LCD screen borrowed from the a9 III. Connectivity upgrades include a 2.5Gbps Ethernet port, while dual card slots support both CFexpress Type A and UHS-II SD cards. The Sony a1 II will be available mid-December for $6,499.

Owners of older models of D-Link VPN routers are being told to retire and replace their devices following the disclosure of a serious remote code execution (RCE) vulnerability. From a report: Most of the details about the bug are being kept under wraps given the potential for wide exploitation. The vendor hasn't assigned it a CVE identifier or really said much about it at all other than that it's a buffer overflow bug that leads to unauthenticated RCE. Unauthenticated RCE issues are essentially as bad as vulnerabilities get, and D-Link warned that if customers continued to use the affected products, the devices connected to them would also be put at risk. Previous bugs in similar products from other vendors have carried warnings that attackers could exploit them to install rootkits and use that persistent access to surveil an organization's web traffic, potentially stealing data such as credentials. Further reading: D-Link Won't Fix Critical Flaw Affecting 60,000 Older NAS Devices.